package net.sf.jsignpdf;

import com.lowagie.text.Font;
import com.lowagie.text.Image;
import com.lowagie.text.Rectangle;
import com.lowagie.text.pdf.AcroFields;
import com.lowagie.text.pdf.OcspClientBouncyCastle;
import com.lowagie.text.pdf.PdfDate;
import com.lowagie.text.pdf.PdfDictionary;
import com.lowagie.text.pdf.PdfName;
import com.lowagie.text.pdf.PdfPKCS7;
import com.lowagie.text.pdf.PdfReader;
import com.lowagie.text.pdf.PdfSignature;
import com.lowagie.text.pdf.PdfSignatureAppearance;
import com.lowagie.text.pdf.PdfStamper;
import com.lowagie.text.pdf.PdfString;
import com.lowagie.text.pdf.TSAClientBouncyCastle;
import java.io.File;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.net.Proxy;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.cert.CRL;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.HashMap;
import java.util.Iterator;
import net.sf.jsignpdf.crl.CRLInfo;
import net.sf.jsignpdf.extcsp.CloudFoxy;
import net.sf.jsignpdf.ssl.SSLInitializer;
import net.sf.jsignpdf.types.HashAlgorithm;
import net.sf.jsignpdf.types.PDFEncryption;
import net.sf.jsignpdf.types.RenderMode;
import net.sf.jsignpdf.types.ServerAuthentication;
import net.sf.jsignpdf.utils.FontUtils;
import net.sf.jsignpdf.utils.KeyStoreUtils;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.text.StrSubstitutor;
import org.apache.log4j.Logger;

/* loaded from: input_file:net/sf/jsignpdf/SignerLogic.class */
public class SignerLogic implements Runnable {
    private static final Logger LOGGER = Logger.getLogger(SignerLogic.class);
    private final BasicSignerOptions options;

    public SignerLogic(BasicSignerOptions basicSignerOptions) {
        if (basicSignerOptions == null) {
            throw new NullPointerException("Options has to be filled.");
        }
        this.options = basicSignerOptions;
    }

    @Override // java.lang.Runnable
    public void run() {
        signFile();
    }

    public boolean signFile() {
        PrivateKey key;
        Certificate[] chain;
        PdfReader pdfReader;
        String outFileX = this.options.getOutFileX();
        if (!validateInOutFiles(this.options.getInFile(), outFileX)) {
            LOGGER.info(Constants.RES.get("console.skippingSigning"));
            return false;
        }
        boolean z = false;
        FileOutputStream fileOutputStream = null;
        try {
            try {
                SSLInitializer.init(this.options);
                if (StringUtils.equalsIgnoreCase(this.options.getKsType(), Constants.KEYSTORE_TYPE_CLOUDFOXY)) {
                    key = null;
                    chain = CloudFoxy.getInstance().getChain(this.options);
                    if (chain == null) {
                        if (0 != 0) {
                            try {
                                fileOutputStream.close();
                            } catch (Exception e) {
                                e.printStackTrace();
                            }
                        }
                        LOGGER.info(Constants.RES.get("console.finished." + (0 != 0 ? "ok" : "error")));
                        this.options.fireSignerFinishedEvent(null);
                        return false;
                    }
                } else {
                    PrivateKeyInfo pkInfo = KeyStoreUtils.getPkInfo(this.options);
                    key = pkInfo.getKey();
                    chain = pkInfo.getChain();
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        fileOutputStream.close();
                    } catch (Exception e2) {
                        e2.printStackTrace();
                    }
                }
                LOGGER.info(Constants.RES.get("console.finished." + (0 != 0 ? "ok" : "error")));
                this.options.fireSignerFinishedEvent(null);
                throw th;
            }
        } catch (Exception e3) {
            LOGGER.error(Constants.RES.get("console.exception"), e3);
            if (0 != 0) {
                try {
                    fileOutputStream.close();
                } catch (Exception e4) {
                    e4.printStackTrace();
                }
            }
            LOGGER.info(Constants.RES.get("console.finished." + (0 != 0 ? "ok" : "error")));
            this.options.fireSignerFinishedEvent(null);
        } catch (OutOfMemoryError e5) {
            LOGGER.fatal(Constants.RES.get("console.memoryError"), e5);
            if (0 != 0) {
                try {
                    fileOutputStream.close();
                } catch (Exception e6) {
                    e6.printStackTrace();
                }
            }
            LOGGER.info(Constants.RES.get("console.finished." + (0 != 0 ? "ok" : "error")));
            this.options.fireSignerFinishedEvent(null);
        }
        if (ArrayUtils.isEmpty(chain)) {
            LOGGER.info(Constants.RES.get("console.certificateChainEmpty"));
            if (0 != 0) {
                try {
                    fileOutputStream.close();
                } catch (Exception e7) {
                    e7.printStackTrace();
                }
            }
            LOGGER.info(Constants.RES.get("console.finished." + (0 != 0 ? "ok" : "error")));
            this.options.fireSignerFinishedEvent(null);
            return false;
        }
        LOGGER.info(Constants.RES.get("console.createPdfReader", this.options.getInFile()));
        try {
            pdfReader = new PdfReader(this.options.getInFile(), this.options.getPdfOwnerPwdStrX().getBytes());
        } catch (Exception e8) {
            try {
                pdfReader = new PdfReader(this.options.getInFile(), new byte[0]);
            } catch (Exception e9) {
                pdfReader = new PdfReader(this.options.getInFile());
            }
        }
        LOGGER.info(Constants.RES.get("console.createOutPdf", outFileX));
        FileOutputStream fileOutputStream2 = new FileOutputStream(outFileX);
        HashAlgorithm hashAlgorithmX = this.options.getHashAlgorithmX();
        LOGGER.info(Constants.RES.get("console.createSignature"));
        char c = 0;
        if (pdfReader.getPdfVersion() < hashAlgorithmX.getPdfVersion()) {
            if (this.options.isAppendX()) {
                LOGGER.info(Constants.RES.get("console.updateVersionNotPossibleInAppendMode"));
                if (fileOutputStream2 != null) {
                    try {
                        fileOutputStream2.close();
                    } catch (Exception e10) {
                        e10.printStackTrace();
                    }
                }
                LOGGER.info(Constants.RES.get("console.finished." + (0 != 0 ? "ok" : "error")));
                this.options.fireSignerFinishedEvent(null);
                return false;
            }
            c = hashAlgorithmX.getPdfVersion();
            LOGGER.info(Constants.RES.get("console.updateVersion", String.valueOf(pdfReader.getPdfVersion()), String.valueOf(c)));
        }
        PdfStamper createSignature = PdfStamper.createSignature(pdfReader, fileOutputStream2, c, (File) null, this.options.isAppendX());
        if (!this.options.isAppendX()) {
            AcroFields acroFields = createSignature.getAcroFields();
            Iterator it = acroFields.getSignatureNames().iterator();
            while (it.hasNext()) {
                acroFields.removeField((String) it.next());
            }
        }
        if (this.options.isAdvanced() && this.options.getPdfEncryption() != PDFEncryption.NONE) {
            LOGGER.info(Constants.RES.get("console.setEncryption"));
            int right = this.options.getRightPrinting().getRight() | (this.options.isRightCopy() ? 16 : 0) | (this.options.isRightAssembly() ? 1024 : 0) | (this.options.isRightFillIn() ? 256 : 0) | (this.options.isRightScreanReaders() ? 512 : 0) | (this.options.isRightModifyAnnotations() ? 32 : 0) | (this.options.isRightModifyContents() ? 8 : 0);
            switch (this.options.getPdfEncryption()) {
                case PASSWORD:
                    createSignature.setEncryption(true, this.options.getPdfUserPwdStr(), this.options.getPdfOwnerPwdStrX(), right);
                    break;
                case CERTIFICATE:
                    X509Certificate loadCertificate = KeyStoreUtils.loadCertificate(this.options.getPdfEncryptionCertFile());
                    if (loadCertificate != null) {
                        if (!KeyStoreUtils.isEncryptionSupported(loadCertificate)) {
                            LOGGER.error(Constants.RES.get("console.pdfEncError.cantUseCertificate", loadCertificate.getSubjectDN().getName()));
                            if (fileOutputStream2 != null) {
                                try {
                                    fileOutputStream2.close();
                                } catch (Exception e11) {
                                    e11.printStackTrace();
                                }
                            }
                            LOGGER.info(Constants.RES.get("console.finished." + (0 != 0 ? "ok" : "error")));
                            this.options.fireSignerFinishedEvent(null);
                            return false;
                        }
                        createSignature.setEncryption(new Certificate[]{loadCertificate}, new int[]{right}, 2);
                        break;
                    } else {
                        LOGGER.error(Constants.RES.get("console.pdfEncError.wrongCertificateFile", StringUtils.defaultString(this.options.getPdfEncryptionCertFile())));
                        if (fileOutputStream2 != null) {
                            try {
                                fileOutputStream2.close();
                            } catch (Exception e12) {
                                e12.printStackTrace();
                            }
                        }
                        LOGGER.info(Constants.RES.get("console.finished." + (0 != 0 ? "ok" : "error")));
                        this.options.fireSignerFinishedEvent(null);
                        return false;
                    }
                default:
                    LOGGER.error(Constants.RES.get("console.unsupportedEncryptionType"));
                    if (fileOutputStream2 != null) {
                        try {
                            fileOutputStream2.close();
                        } catch (Exception e13) {
                            e13.printStackTrace();
                        }
                    }
                    LOGGER.info(Constants.RES.get("console.finished." + (0 != 0 ? "ok" : "error")));
                    this.options.fireSignerFinishedEvent(null);
                    return false;
            }
        }
        PdfSignatureAppearance signatureAppearance = createSignature.getSignatureAppearance();
        signatureAppearance.setCrypto(key, chain, (CRL[]) null, PdfSignatureAppearance.WINCER_SIGNED);
        String reason = this.options.getReason();
        if (StringUtils.isNotEmpty(reason)) {
            LOGGER.info(Constants.RES.get("console.setReason", reason));
            signatureAppearance.setReason(reason);
        }
        String location = this.options.getLocation();
        if (StringUtils.isNotEmpty(location)) {
            LOGGER.info(Constants.RES.get("console.setLocation", location));
            signatureAppearance.setLocation(location);
        }
        String contact = this.options.getContact();
        if (StringUtils.isNotEmpty(contact)) {
            LOGGER.info(Constants.RES.get("console.setContact", contact));
            signatureAppearance.setContact(contact);
        }
        LOGGER.info(Constants.RES.get("console.setCertificationLevel"));
        signatureAppearance.setCertificationLevel(this.options.getCertLevelX().getLevel());
        if (this.options.isVisible()) {
            LOGGER.info(Constants.RES.get("console.configureVisible"));
            LOGGER.info(Constants.RES.get("console.setAcro6Layers", Boolean.toString(this.options.isAcro6Layers())));
            signatureAppearance.setAcro6Layers(this.options.isAcro6Layers());
            String imgPath = this.options.getImgPath();
            if (imgPath != null) {
                LOGGER.info(Constants.RES.get("console.createImage", imgPath));
                Image image = Image.getInstance(imgPath);
                LOGGER.info(Constants.RES.get("console.setSignatureGraphic"));
                signatureAppearance.setSignatureGraphic(image);
            }
            String bgImgPath = this.options.getBgImgPath();
            if (bgImgPath != null) {
                LOGGER.info(Constants.RES.get("console.createImage", bgImgPath));
                Image image2 = Image.getInstance(bgImgPath);
                LOGGER.info(Constants.RES.get("console.setImage"));
                signatureAppearance.setImage(image2);
            }
            LOGGER.info(Constants.RES.get("console.setImageScale"));
            signatureAppearance.setImageScale(this.options.getBgImgScale());
            LOGGER.info(Constants.RES.get("console.setL2Text"));
            String field = PdfPKCS7.getSubjectFields((X509Certificate) chain[0]).getField("CN");
            String format = new SimpleDateFormat("yyyy.MM.dd HH:mm:ss z").format(signatureAppearance.getSignDate().getTime());
            if (this.options.getL2Text() != null) {
                HashMap hashMap = new HashMap();
                hashMap.put(Constants.L2TEXT_PLACEHOLDER_SIGNER, StringUtils.defaultString(field));
                hashMap.put(Constants.L2TEXT_PLACEHOLDER_TIMESTAMP, format);
                hashMap.put("location", StringUtils.defaultString(location));
                hashMap.put("reason", StringUtils.defaultString(reason));
                hashMap.put("contact", StringUtils.defaultString(contact));
                signatureAppearance.setLayer2Text(StrSubstitutor.replace(this.options.getL2Text(), hashMap));
            } else {
                StringBuilder sb = new StringBuilder();
                sb.append(Constants.RES.get("default.l2text.signedBy")).append(" ").append(field).append('\n');
                sb.append(Constants.RES.get("default.l2text.date")).append(" ").append(format);
                if (StringUtils.isNotEmpty(reason)) {
                    sb.append('\n').append(Constants.RES.get("default.l2text.reason")).append(" ").append(reason);
                }
                if (StringUtils.isNotEmpty(location)) {
                    sb.append('\n').append(Constants.RES.get("default.l2text.location")).append(" ").append(location);
                }
                signatureAppearance.setLayer2Text(sb.toString());
            }
            if (FontUtils.getL2BaseFont() != null) {
                signatureAppearance.setLayer2Font(new Font(FontUtils.getL2BaseFont(), this.options.getL2TextFontSize()));
            }
            LOGGER.info(Constants.RES.get("console.setL4Text"));
            signatureAppearance.setLayer4Text(this.options.getL4Text());
            LOGGER.info(Constants.RES.get("console.setRender"));
            RenderMode renderMode = this.options.getRenderMode();
            if (renderMode == RenderMode.GRAPHIC_AND_DESCRIPTION && signatureAppearance.getSignatureGraphic() == null) {
                LOGGER.warn("Render mode of visible signature is set to GRAPHIC_AND_DESCRIPTION, but no image is loaded. Fallback to DESCRIPTION_ONLY.");
                LOGGER.info(Constants.RES.get("console.renderModeFallback"));
                renderMode = RenderMode.DESCRIPTION_ONLY;
            }
            signatureAppearance.setRender(renderMode.getRender());
            LOGGER.info(Constants.RES.get("console.setVisibleSignature"));
            int page = this.options.getPage();
            if (page < 1 || page > pdfReader.getNumberOfPages()) {
                page = pdfReader.getNumberOfPages();
            }
            signatureAppearance.setVisibleSignature(new Rectangle(this.options.getPositionLLX(), this.options.getPositionLLY(), this.options.getPositionURX(), this.options.getPositionURY()), page, (String) null);
        }
        LOGGER.info(Constants.RES.get("console.processing"));
        PdfSignature pdfSignature = new PdfSignature(PdfName.ADOBE_PPKLITE, new PdfName("adbe.pkcs7.detached"));
        if (!StringUtils.isEmpty(reason)) {
            pdfSignature.setReason(signatureAppearance.getReason());
        }
        if (!StringUtils.isEmpty(location)) {
            pdfSignature.setLocation(signatureAppearance.getLocation());
        }
        if (!StringUtils.isEmpty(contact)) {
            pdfSignature.setContact(signatureAppearance.getContact());
        }
        pdfSignature.setDate(new PdfDate(signatureAppearance.getSignDate()));
        signatureAppearance.setCryptoDictionary(pdfSignature);
        Proxy createProxy = this.options.createProxy();
        CRLInfo cRLInfo = new CRLInfo(this.options, chain);
        int byteCount = (int) (Constants.DEFVAL_SIG_SIZE + (2 * cRLInfo.getByteCount()));
        HashMap hashMap2 = new HashMap();
        hashMap2.put(PdfName.CONTENTS, new Integer((byteCount * 2) + 2));
        signatureAppearance.preClose(hashMap2);
        PdfPKCS7 pdfPKCS7 = new PdfPKCS7(key, chain, cRLInfo.getCrls(), hashAlgorithmX.getAlgorithmName(), (String) null, false);
        InputStream rangeStream = signatureAppearance.getRangeStream();
        MessageDigest messageDigest = MessageDigest.getInstance(hashAlgorithmX.getAlgorithmName());
        byte[] bArr = new byte[8192];
        while (true) {
            int read = rangeStream.read(bArr);
            if (read <= 0) {
                byte[] digest = messageDigest.digest();
                Calendar calendar = Calendar.getInstance();
                byte[] bArr2 = null;
                if (this.options.isOcspEnabledX() && chain.length >= 2) {
                    LOGGER.info(Constants.RES.get("console.getOCSPURL"));
                    String ocspurl = PdfPKCS7.getOCSPURL((X509Certificate) chain[0]);
                    if (StringUtils.isEmpty(ocspurl)) {
                        LOGGER.info(Constants.RES.get("console.noOCSPURL"));
                        ocspurl = this.options.getOcspServerUrl();
                    }
                    if (!StringUtils.isEmpty(ocspurl)) {
                        LOGGER.info(Constants.RES.get("console.readingOCSP", ocspurl));
                        OcspClientBouncyCastle ocspClientBouncyCastle = new OcspClientBouncyCastle((X509Certificate) chain[0], (X509Certificate) chain[1], ocspurl);
                        ocspClientBouncyCastle.setProxy(createProxy);
                        bArr2 = ocspClientBouncyCastle.getEncoded();
                    }
                }
                byte[] authenticatedAttributeBytes = pdfPKCS7.getAuthenticatedAttributeBytes(digest, calendar, bArr2);
                if (StringUtils.equalsIgnoreCase(this.options.getKsType(), Constants.KEYSTORE_TYPE_CLOUDFOXY)) {
                    byte[] signature = CloudFoxy.getInstance().getSignature(this.options, authenticatedAttributeBytes);
                    if (signature == null) {
                        if (fileOutputStream2 != null) {
                            try {
                                fileOutputStream2.close();
                            } catch (Exception e14) {
                                e14.printStackTrace();
                            }
                        }
                        LOGGER.info(Constants.RES.get("console.finished." + (0 != 0 ? "ok" : "error")));
                        this.options.fireSignerFinishedEvent(null);
                        return false;
                    }
                    pdfPKCS7.setExternalDigest(signature, (byte[]) null, "RSA");
                } else {
                    pdfPKCS7.update(authenticatedAttributeBytes, 0, authenticatedAttributeBytes.length);
                }
                TSAClientBouncyCastle tSAClientBouncyCastle = null;
                if (this.options.isTimestampX() && !StringUtils.isEmpty(this.options.getTsaUrl())) {
                    LOGGER.info(Constants.RES.get("console.creatingTsaClient"));
                    tSAClientBouncyCastle = this.options.getTsaServerAuthn() == ServerAuthentication.PASSWORD ? new TSAClientBouncyCastle(this.options.getTsaUrl(), StringUtils.defaultString(this.options.getTsaUser()), StringUtils.defaultString(this.options.getTsaPasswd())) : new TSAClientBouncyCastle(this.options.getTsaUrl());
                    String tsaHashAlgWithFallback = this.options.getTsaHashAlgWithFallback();
                    LOGGER.info(Constants.RES.get("console.settingTsaHashAlg", tsaHashAlgWithFallback));
                    tSAClientBouncyCastle.setHashAlgorithm(tsaHashAlgWithFallback);
                    tSAClientBouncyCastle.setProxy(createProxy);
                    String tsaPolicy = this.options.getTsaPolicy();
                    if (StringUtils.isNotEmpty(tsaPolicy)) {
                        LOGGER.info(Constants.RES.get("console.settingTsaPolicy", tsaPolicy));
                        tSAClientBouncyCastle.setPolicy(tsaPolicy);
                    }
                }
                byte[] encodedPKCS7 = pdfPKCS7.getEncodedPKCS7(digest, calendar, tSAClientBouncyCastle, bArr2);
                if (byteCount + 2 < encodedPKCS7.length) {
                    System.err.println("SigSize - contentEstimated=" + byteCount + ", sigLen=" + encodedPKCS7.length);
                    throw new Exception("Not enough space");
                }
                byte[] bArr3 = new byte[byteCount];
                System.arraycopy(encodedPKCS7, 0, bArr3, 0, encodedPKCS7.length);
                PdfDictionary pdfDictionary = new PdfDictionary();
                pdfDictionary.put(PdfName.CONTENTS, new PdfString(bArr3).setHexWriting(true));
                LOGGER.info(Constants.RES.get("console.closeStream"));
                signatureAppearance.close(pdfDictionary);
                fileOutputStream2.close();
                FileOutputStream fileOutputStream3 = null;
                z = true;
                if (0 != 0) {
                    try {
                        fileOutputStream3.close();
                    } catch (Exception e15) {
                        e15.printStackTrace();
                    }
                }
                LOGGER.info(Constants.RES.get("console.finished." + (1 != 0 ? "ok" : "error")));
                this.options.fireSignerFinishedEvent(null);
                return z;
            }
            messageDigest.update(bArr, 0, read);
        }
    }

    private boolean validateInOutFiles(String str, String str2) {
        LOGGER.info(Constants.RES.get("console.validatingFiles"));
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) {
            LOGGER.info(Constants.RES.get("console.fileNotFilled.error"));
            return false;
        }
        File file = new File(str);
        File file2 = new File(str2);
        if (!file.exists() || !file.isFile() || !file.canRead()) {
            LOGGER.info(Constants.RES.get("console.inFileNotFound.error"));
            return false;
        }
        if (!file.getAbsolutePath().equals(file2.getAbsolutePath())) {
            return true;
        }
        LOGGER.info(Constants.RES.get("console.filesAreEqual.error"));
        return false;
    }
}
