package df.sign;

import com.itextpdf.text.pdf.PdfObject;
import df.sign.cms.CMSSignedDataWrapper;
import df.sign.cms.PKCS7Manager;
import df.sign.datastructure.Data;
import df.sign.datastructure.SignConfig;
import df.sign.pdf.PDFManager;
import df.sign.pkcs11.CertificateData;
import df.sign.pkcs11.SmartCardAccessI;
import java.security.Signature;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:df/sign/SignEngine.class */
public class SignEngine {
    ArrayList<Data> dataToSignList;
    ArrayList<Data> dataSignedList;
    private SmartCardAccessI smartCardAccessManager;
    public String[] dllList;
    public ArrayList<CertificateData> certificateList;
    public boolean useNTPTime = false;

    public SignEngine(SmartCardAccessI smartCardAccessI, String[] strArr) throws Exception {
        this.dataToSignList = null;
        this.dataSignedList = null;
        this.smartCardAccessManager = null;
        this.dllList = null;
        this.certificateList = null;
        if (strArr == null || strArr.length == 0) {
            throw new Exception("Please provide one or more libraries to access the smart card");
        }
        this.dllList = strArr;
        this.dataToSignList = new ArrayList<>();
        this.dataSignedList = new ArrayList<>();
        this.smartCardAccessManager = smartCardAccessI;
        this.certificateList = new ArrayList<>();
    }

    public SignEngine loadDataToSign(Data data) throws Exception {
        if (data.id == null || data.id.isEmpty()) {
            throw new Exception("id must be defined");
        }
        if (data.data == null || data.data.length == 0) {
            throw new Exception("data must be defined");
        }
        if (data.config == null) {
            throw new Exception("config must be defined");
        }
        this.dataToSignList.add(data);
        return this;
    }

    public SignEngine loadDataToSign(Data[] dataArr) throws Exception {
        for (Data data : dataArr) {
            loadDataToSign(data);
        }
        return this;
    }

    public SignEngine loadDataToSign(List<Data> list) throws Exception {
        Iterator<Data> it = list.iterator();
        while (it.hasNext()) {
            loadDataToSign(it.next());
        }
        return this;
    }

    public SignEngine cleanDataToSign() {
        this.dataToSignList = new ArrayList<>();
        return this;
    }

    public List<Data> getSignedData() {
        return this.dataSignedList;
    }

    public int getNumDataToSign() {
        return this.dataToSignList.size();
    }

    public SignEngine sign(CertificateData certificateData, String str) throws Exception {
        byte[] buildSignedPDF;
        if (certificateData == null) {
            throw new Exception("certData can not be null");
        }
        if (str == null || str.length() == 0) {
            throw new Exception("pin can not be empty");
        }
        Date date = new Date();
        if (this.useNTPTime) {
            date = SignUtils.getNTPDate();
        }
        String str2 = CMSSignedDataGenerator.DIGEST_SHA256;
        CertificateData checkAlternativeLibraries = checkAlternativeLibraries(str, certificateData, str2);
        try {
            if (!SignUtils.isContainedIntoArray(checkAlternativeLibraries.slot, this.smartCardAccessManager.connectToLibrary(checkAlternativeLibraries.dll))) {
                throw new Exception("Impossible to use the slot " + checkAlternativeLibraries.slot + " with the library " + checkAlternativeLibraries.dll);
            }
            long login = this.smartCardAccessManager.login(checkAlternativeLibraries.slot, str);
            try {
                Iterator<Data> it = this.dataToSignList.iterator();
                while (it.hasNext()) {
                    Data next = it.next();
                    String str3 = next.id;
                    SignConfig signConfig = next.config;
                    PDFManager pDFManager = null;
                    byte[] bArr = next.data;
                    byte[] bArr2 = bArr;
                    if (PKCS7Manager.isPKCS7File(bArr)) {
                        signConfig.saveAsPDF = false;
                        byte[] extractData = PKCS7Manager.extractData(bArr);
                        if (extractData.length != 0) {
                            bArr2 = extractData;
                        }
                    } else if (PDFManager.isAPdf(bArr) && !signConfig.signPdfAsP7m) {
                        signConfig.saveAsPDF = true;
                        pDFManager = new PDFManager(bArr, checkAlternativeLibraries.cert);
                        pDFManager.setDateTime(date);
                        if (signConfig.visibleSignature) {
                            pDFManager.setVisibleSignature(signConfig.pageNumToSign, signConfig.signPosition);
                        }
                        pDFManager.preClose();
                        bArr2 = pDFManager.getDataToHashAndSign();
                    }
                    byte[] calculateHASH = SignUtils.calculateHASH(str2, bArr2);
                    byte[] signData = this.smartCardAccessManager.signData(login, checkAlternativeLibraries.certID, checkAlternativeLibraries.certLABEL, CMSSignedDataWrapper.getDigestInfoToSign(str2, SignUtils.calculateHASH(str2, CMSSignedDataWrapper.getDataToSign(calculateHASH, date, checkAlternativeLibraries.cert))));
                    if (pDFManager == null) {
                        buildSignedPDF = PKCS7Manager.buildPKCS7(str2, bArr, checkAlternativeLibraries.cert, signData, calculateHASH, date);
                    } else {
                        pDFManager.buildSignedPDF(str2, signData, calculateHASH);
                        int contentsSize = pDFManager.getContentsSize();
                        PDFManager pDFManager2 = new PDFManager(bArr, checkAlternativeLibraries.cert);
                        pDFManager2.setDateTime(date);
                        if (signConfig.visibleSignature) {
                            pDFManager2.setVisibleSignature(signConfig.pageNumToSign, signConfig.signPosition);
                        }
                        pDFManager2.setContentsSize(contentsSize);
                        pDFManager2.preClose();
                        byte[] calculateHASH2 = SignUtils.calculateHASH(str2, pDFManager2.getDataToHashAndSign());
                        buildSignedPDF = pDFManager2.buildSignedPDF(str2, this.smartCardAccessManager.signData(login, checkAlternativeLibraries.certID, checkAlternativeLibraries.certLABEL, CMSSignedDataWrapper.getDigestInfoToSign(str2, SignUtils.calculateHASH(str2, CMSSignedDataWrapper.getDataToSign(calculateHASH2, date, checkAlternativeLibraries.cert)))), calculateHASH2);
                        new PDFManager(buildSignedPDF, null).isCorrectlySigned();
                    }
                    this.dataSignedList.add(new Data(str3, buildSignedPDF, signConfig));
                }
                this.smartCardAccessManager.closeSession(login);
                return this;
            } catch (Throwable th) {
                this.smartCardAccessManager.closeSession(login);
                throw th;
            }
        } finally {
            this.smartCardAccessManager.disconnectLibrary();
        }
    }

    private CertificateData checkAlternativeLibraries(String str, CertificateData certificateData, String str2) throws Exception {
        String str3 = PdfObject.NOTHING;
        ArrayList arrayList = new ArrayList();
        arrayList.add(certificateData);
        arrayList.addAll(certificateData.alternativeCertificateList);
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            CertificateData certificateData2 = (CertificateData) it.next();
            str3 = String.valueOf(str3) + certificateData2.dll + "\n";
            try {
                try {
                } catch (Exception e) {
                    e.printStackTrace();
                    this.smartCardAccessManager.closeSession(0L);
                    this.smartCardAccessManager.disconnectLibrary();
                }
                if (!SignUtils.isContainedIntoArray(certificateData2.slot, this.smartCardAccessManager.connectToLibrary(certificateData2.dll))) {
                    throw new Exception("Impossible to use the slot " + certificateData2.slot + " with the library " + certificateData2.dll);
                    break;
                }
                long login = this.smartCardAccessManager.login(certificateData2.slot, str);
                byte[] bytes = "test".getBytes();
                byte[] signData = this.smartCardAccessManager.signData(login, certificateData2.certID, certificateData2.certLABEL, CMSSignedDataWrapper.getDigestInfoToSign(str2, SignUtils.calculateHASH(str2, bytes)));
                Signature signature = Signature.getInstance("SHA256WithRSA", BouncyCastleProvider.PROVIDER_NAME);
                signature.initVerify(certificateData2.cert.getPublicKey());
                signature.update(bytes);
                if (signature.verify(signData)) {
                    this.smartCardAccessManager.closeSession(login);
                    this.smartCardAccessManager.disconnectLibrary();
                    return certificateData2;
                }
                this.smartCardAccessManager.closeSession(login);
                this.smartCardAccessManager.disconnectLibrary();
            } catch (Throwable th) {
                this.smartCardAccessManager.closeSession(0L);
                this.smartCardAccessManager.disconnectLibrary();
                throw th;
            }
        }
        throw new Exception("Impossible to perform a valid signature with the following certificate and libraries\nCertificate: '" + certificateData.cert.getSubjectDN().getName() + "'\nLibraries:\n" + str3);
    }

    public SignEngine loadSmartCardCertificateList(boolean z) {
        ArrayList<CertificateData> arrayList = new ArrayList<>();
        for (String str : this.dllList) {
            String libraryFullPath = SignUtils.getLibraryFullPath(str);
            if (libraryFullPath != null) {
                try {
                    for (long j : this.smartCardAccessManager.connectToLibrary(libraryFullPath)) {
                        try {
                            Iterator<CertificateData> it = this.smartCardAccessManager.getCertificateList(j).iterator();
                            while (it.hasNext()) {
                                CertificateData next = it.next();
                                next.id = String.valueOf(arrayList.size()) + ": " + SignUtils.getIDFromSubject(next.cert.getSubjectDN().getName());
                                next.dll = libraryFullPath;
                                next.slot = j;
                                int indexOf = arrayList.indexOf(next);
                                if (indexOf == -1) {
                                    arrayList.add(next);
                                } else {
                                    arrayList.get(indexOf).alternativeCertificateList.add(next);
                                }
                            }
                        } catch (Exception e) {
                            System.err.println(e.getMessage());
                        }
                    }
                    this.smartCardAccessManager.disconnectLibrary();
                } catch (Exception e2) {
                    this.smartCardAccessManager.disconnectLibrary();
                    System.err.println(e2.getMessage());
                }
            }
        }
        if (!z) {
            arrayList = SignUtils.processCertificateList(arrayList);
        }
        this.certificateList = arrayList;
        return this;
    }
}
