package es.gob.afirma.signers.pades;

import com.aowagie.text.exceptions.BadPasswordException;
import com.aowagie.text.pdf.AcroFields;
import com.aowagie.text.pdf.PdfDictionary;
import com.aowagie.text.pdf.PdfName;
import com.aowagie.text.pdf.PdfPKCS7;
import com.aowagie.text.pdf.PdfReader;
import es.gob.afirma.core.AOCancelledOperationException;
import es.gob.afirma.core.AOException;
import es.gob.afirma.core.AOInvalidFormatException;
import es.gob.afirma.core.misc.AOUtil;
import es.gob.afirma.core.signers.AOPkcs1Signer;
import es.gob.afirma.core.signers.AOSignConstants;
import es.gob.afirma.core.signers.AOSignInfo;
import es.gob.afirma.core.signers.AOSigner;
import es.gob.afirma.core.signers.AOSimpleSignInfo;
import es.gob.afirma.core.signers.CounterSignTarget;
import es.gob.afirma.core.signers.SignEnhancer;
import es.gob.afirma.core.ui.AOUIFactory;
import es.gob.afirma.core.util.tree.AOTreeModel;
import es.gob.afirma.core.util.tree.AOTreeNode;
import es.gob.afirma.signers.cades.CAdESExtraParams;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.GregorianCalendar;
import java.util.Locale;
import java.util.Properties;
import java.util.logging.Logger;

/* loaded from: classes.dex */
public final class AOPDFSigner implements AOSigner {
    private static final Logger LOGGER;
    private static final PdfName PDFNAME_DOCTIMESTAMP;
    private static final PdfName PDFNAME_ETSI_RFC3161;
    private static final String PDF_FILE_HEADER = "%PDF-";
    private static final String PDF_FILE_SUFFIX = ".pdf";
    private static final int PDF_MIN_FILE_SIZE = 70;
    private static SignEnhancer enhancer;
    private static Properties enhancerConfig;

    static {
        Logger logger = Logger.getLogger("es.gob.afirma");
        LOGGER = logger;
        PDFNAME_ETSI_RFC3161 = new PdfName("ETSI.RFC3161");
        PDFNAME_DOCTIMESTAMP = new PdfName("DocTimeStamp");
        String str = null;
        enhancer = null;
        Properties properties = new Properties();
        enhancerConfig = properties;
        try {
            properties.load(AOPDFSigner.class.getResourceAsStream("/enhancer.properties"));
            str = enhancerConfig.getProperty("enhancerClassFile");
            if (str != null) {
                enhancer = (SignEnhancer) Class.forName(str).getConstructor(new Class[0]).newInstance(new Object[0]);
                logger.info("Se usara el siguiente mejorador de firmas: " + str);
            }
        } catch (ClassNotFoundException e) {
            LOGGER.warning("Se ha configurado la clase de mejora '" + str + "', pero esta no se encuentra: " + e);
        } catch (Exception e2) {
            LOGGER.info("No hay un mejorador de firmas correctamente instalado: " + e2);
        }
    }

    public static void configureRespectfulProperties(byte[] bArr, Properties properties) {
        if (properties == null || properties.containsKey(PdfExtraParams.SIGNATURE_SUBFILTER)) {
            return;
        }
        try {
            String firstSupportedSignSubFilter = PdfUtil.getFirstSupportedSignSubFilter(bArr, properties);
            if (firstSupportedSignSubFilter != null) {
                properties.setProperty(PdfExtraParams.SIGNATURE_SUBFILTER, firstSupportedSignSubFilter.substring(firstSupportedSignSubFilter.indexOf(47) + 1));
            }
        } catch (Exception e) {
            LOGGER.warning("Error al configurar la firma PDF para que sea igual a las existentes: " + e);
        }
    }

    public static SignEnhancer getSignEnhancer() {
        return enhancer;
    }

    public static Properties getSignEnhancerConfig() {
        return enhancerConfig;
    }

    public static String getSignedName(String str) {
        return str == null ? "signed.pdf" : str.endsWith(PDF_FILE_SUFFIX) ? str.replace(PDF_FILE_SUFFIX, ".signed.pdf") : str.endsWith(".PDF") ? str.replace(".PDF", ".signed.pdf") : str + ".signed.pdf";
    }

    private static boolean isPdfFile(byte[] bArr) {
        if (bArr != null && bArr.length >= 70) {
            byte[] bArr2 = new byte[5];
            try {
                new ByteArrayInputStream(bArr).read(bArr2);
                if (!PDF_FILE_HEADER.equals(new String(bArr2))) {
                    return false;
                }
                try {
                    new PdfReader(bArr);
                    return true;
                } catch (BadPasswordException e) {
                    LOGGER.warning("El PDF esta protegido con contrasena, se toma como PDF valido: " + e);
                    return true;
                } catch (Exception unused) {
                    return false;
                }
            } catch (Exception e2) {
                LOGGER.warning("El contenido parece corrupto o truncado: " + e2);
            }
        }
        return false;
    }

    @Override // es.gob.afirma.core.signers.AOCoSigner
    public byte[] cosign(byte[] bArr, String str, PrivateKey privateKey, Certificate[] certificateArr, Properties properties) throws AOException, IOException {
        return sign(bArr, str, privateKey, certificateArr, properties);
    }

    @Override // es.gob.afirma.core.signers.AOCoSigner
    public byte[] cosign(byte[] bArr, byte[] bArr2, String str, PrivateKey privateKey, Certificate[] certificateArr, Properties properties) throws AOException, IOException {
        return sign(bArr2, str, privateKey, certificateArr, properties);
    }

    @Override // es.gob.afirma.core.signers.AOCounterSigner
    public byte[] countersign(byte[] bArr, String str, CounterSignTarget counterSignTarget, Object[] objArr, PrivateKey privateKey, Certificate[] certificateArr, Properties properties) {
        throw new UnsupportedOperationException("No es posible realizar contrafirmas de ficheros PDF");
    }

    @Override // es.gob.afirma.core.signers.AOSigner
    public byte[] getData(byte[] bArr) throws AOInvalidFormatException {
        if (isSign(bArr)) {
            return bArr;
        }
        throw new AOInvalidFormatException("El documento introducido no contiene una firma valida");
    }

    @Override // es.gob.afirma.core.signers.AOSigner
    public AOSignInfo getSignInfo(byte[] bArr) throws AOException {
        if (bArr == null) {
            throw new IllegalArgumentException("No se han introducido datos para analizar");
        }
        if (isSign(bArr)) {
            return new AOSignInfo(AOSignConstants.SIGN_FORMAT_PDF);
        }
        throw new AOInvalidFormatException("Los datos introducidos no se corresponden con un objeto de firma");
    }

    @Override // es.gob.afirma.core.signers.AOSigner
    public String getSignedName(String str, String str2) {
        if (str2 == null) {
            str2 = "";
        }
        return str == null ? "signed.pdf" : str.toLowerCase(Locale.US).endsWith(PDF_FILE_SUFFIX) ? str.substring(0, str.length() - 4) + str2 + PDF_FILE_SUFFIX : str + str2 + PDF_FILE_SUFFIX;
    }

    @Override // es.gob.afirma.core.signers.AOSigner
    public AOTreeModel getSignersStructure(byte[] bArr, boolean z) {
        PdfReader pdfReader;
        AOTreeNode aOTreeNode = new AOTreeNode("Datos");
        if (!isPdfFile(bArr)) {
            return new AOTreeModel(aOTreeNode);
        }
        try {
            pdfReader = new PdfReader(bArr);
        } catch (BadPasswordException e) {
            LOGGER.info("El PDF necesita contrasena: " + e);
            try {
                pdfReader = new PdfReader(bArr, new String(AOUIFactory.getPassword(CommonPdfMessages.getString("AOPDFSigner.0"), null)).getBytes());
            } catch (BadPasswordException e2) {
                LOGGER.severe("La contrasena del PDF no es valida, se devolvera un arbol vacio: " + e2);
                return new AOTreeModel(aOTreeNode);
            } catch (Exception e3) {
                LOGGER.severe("No se ha podido leer el PDF, se devolvera un arbol vacio: " + e3);
                return new AOTreeModel(aOTreeNode);
            }
        } catch (Exception e4) {
            LOGGER.severe("No se ha podido leer el PDF, se devolvera un arbol vacio: " + e4);
            return new AOTreeModel(aOTreeNode);
        }
        try {
            AcroFields acroFields = pdfReader.getAcroFields();
            for (String str : acroFields.getSignatureNames()) {
                PdfDictionary signatureDictionary = acroFields.getSignatureDictionary(str);
                if (!PDFNAME_ETSI_RFC3161.equals(signatureDictionary.get(PdfName.SUBFILTER)) && !PDFNAME_DOCTIMESTAMP.equals(signatureDictionary.get(PdfName.SUBFILTER))) {
                    try {
                        PdfPKCS7 verifySignature = acroFields.verifySignature(str);
                        if (z) {
                            int length = verifySignature.getSignCertificateChain().length;
                            X509Certificate[] x509CertificateArr = new X509Certificate[length];
                            for (int i = 0; i < length; i++) {
                                x509CertificateArr[i] = (X509Certificate) verifySignature.getSignCertificateChain()[i];
                            }
                            AOSimpleSignInfo aOSimpleSignInfo = new AOSimpleSignInfo(x509CertificateArr, verifySignature.getSignDate().getTime());
                            byte[] pkcs1 = verifySignature.getPkcs1();
                            if (pkcs1 != null) {
                                aOSimpleSignInfo.setPkcs1(pkcs1);
                            }
                            aOTreeNode.add(new AOTreeNode(aOSimpleSignInfo));
                        } else {
                            aOTreeNode.add(new AOTreeNode(AOUtil.getCN(verifySignature.getSigningCertificate())));
                        }
                    } catch (Exception e5) {
                        LOGGER.severe("El PDF contiene una firma corrupta o con un formato desconocido (" + str + "), se continua con las siguientes si las hubiese: " + e5);
                    }
                }
            }
            return new AOTreeModel(aOTreeNode);
        } catch (Exception e6) {
            LOGGER.severe("No se ha podido obtener la informacion de los firmantes del PDF, se devolvera un arbol vacio: " + e6);
            return new AOTreeModel(aOTreeNode);
        }
    }

    @Override // es.gob.afirma.core.signers.AOSigner
    public boolean isSign(byte[] bArr) {
        if (bArr == null) {
            LOGGER.warning("Se han introducido datos nulos para su comprobacion");
            return false;
        }
        if (!isPdfFile(bArr)) {
            return false;
        }
        Object root = getSignersStructure(bArr, false).getRoot();
        if (root instanceof AOTreeNode) {
            if (AOTreeModel.getChildCount(root) > 0) {
                return true;
            }
            Properties properties = System.getProperties();
            try {
                if (PdfUtil.pdfHasUnregisteredSignatures(bArr, properties)) {
                    if (Boolean.TRUE.toString().equalsIgnoreCase(properties.getProperty(PdfExtraParams.ALLOW_COSIGNING_UNREGISTERED_SIGNATURES))) {
                        return true;
                    }
                }
            } catch (Exception e) {
                LOGGER.severe("No se han podido comprobar las firmas no registradas del PDF: " + e);
            }
        }
        return false;
    }

    @Override // es.gob.afirma.core.signers.AOSigner
    public boolean isValidDataFile(byte[] bArr) {
        if (bArr != null) {
            return isPdfFile(bArr);
        }
        LOGGER.warning("Se han introducido datos nulos para su comprobacion");
        return false;
    }

    @Override // es.gob.afirma.core.signers.AOSimpleSigner
    public byte[] sign(byte[] bArr, String str, PrivateKey privateKey, Certificate[] certificateArr, Properties properties) throws AOException, IOException {
        Properties properties2 = properties != null ? properties : new Properties();
        Certificate[] certificateArr2 = Boolean.parseBoolean(properties2.getProperty(CAdESExtraParams.INCLUDE_ONLY_SIGNNING_CERTIFICATE, Boolean.FALSE.toString())) ? new X509Certificate[]{(X509Certificate) certificateArr[0]} : certificateArr;
        GregorianCalendar signTime = PdfUtil.getSignTime(properties2.getProperty("signTime"));
        try {
            byte[] timestampPdf = PdfTimestamper.timestampPdf(bArr, properties2, signTime);
            try {
                PdfSignResult preSign = PAdESTriPhaseSigner.preSign(str, timestampPdf, certificateArr2, signTime, properties2);
                try {
                    try {
                        return PAdESTriPhaseSigner.postSign(str, timestampPdf, certificateArr2, new AOPkcs1Signer().sign(preSign.getSign(), str, privateKey, certificateArr2, properties2), preSign, getSignEnhancer(), getSignEnhancerConfig());
                    } catch (NoSuchAlgorithmException e) {
                        throw new AOException("Error el en algoritmo de firma: " + e, e);
                    }
                } catch (Exception e2) {
                    if ("es.gob.jmulticard.CancelledOperationException".equals(e2.getClass().getName())) {
                        throw new AOCancelledOperationException();
                    }
                    throw new AOException("Error durante la firma PAdES: " + e2, e2);
                }
            } catch (InvalidPdfException e3) {
                throw e3;
            }
        } catch (NoSuchAlgorithmException e4) {
            throw new IOException("No se soporta el algoritmo indicado para la huella digital del sello de tiempo: " + e4, e4);
        }
    }
}
