package PDF;

import androidx.core.view.InputDeviceCompat;
import com.itextpdf.text.pdf.AcroFields;
import com.itextpdf.text.pdf.PdfDate;
import com.itextpdf.text.pdf.PdfDictionary;
import com.itextpdf.text.pdf.PdfName;
import com.itextpdf.text.pdf.PdfReader;
import com.itextpdf.text.pdf.PdfSignature;
import com.itextpdf.text.pdf.PdfSignatureAppearance;
import com.itextpdf.text.pdf.PdfStamper;
import com.itextpdf.text.pdf.PdfString;
import com.itextpdf.text.pdf.security.BouncyCastleDigest;
import com.itextpdf.text.pdf.security.CertificateVerification;
import com.itextpdf.text.pdf.security.DigestAlgorithms;
import com.itextpdf.text.pdf.security.MakeSignature;
import com.itextpdf.text.pdf.security.PdfPKCS7;
import com.itextpdf.text.pdf.security.TSAClient;
import com.itextpdf.text.pdf.security.VerificationException;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.cert.CRL;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import ru.CryptoPro.JCP.tools.Array;
import userSamples.Certificates;

/* loaded from: classes.dex */
public class SignVerifyPDFExample {
    private static final String IN_PDF_FILE = System.getProperty("user.dir") + File.separator + "data" + File.separator + "PDF" + File.separator + "source.pdf";
    private static final String OUT_PDF_FILE;
    private static final String ROOT_CERT;

    static {
        StringBuilder sb = new StringBuilder();
        sb.append(System.getProperty("user.dir"));
        sb.append(File.separator);
        sb.append("temp");
        sb.append(File.separator);
        OUT_PDF_FILE = sb.toString();
        ROOT_CERT = System.getProperty("user.dir") + File.separator + "data" + File.separator + "CERTS" + File.separator + "VERIFY" + File.separator + "vm-test-ca.cer";
    }

    public static KeyPair genKeyPair(String str, String str2) throws Exception {
        return KeyPairGenerator.getInstance(str, str2).generateKeyPair();
    }

    public static void main(String[] strArr) throws Exception {
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Array.readFile(ROOT_CERT)));
        KeyPair genKeyPair = genKeyPair("GOST3410DH_2012_256", "Crypto");
        String str = IN_PDF_FILE;
        StringBuilder sb = new StringBuilder();
        String str2 = OUT_PDF_FILE;
        sb.append(str2);
        sb.append("signed.2012_256.pdf");
        sign(genKeyPair, "GOST3411_2012_256", "GOST3411_2012_256withGOST3410_2012_256", "JCP", "CN=exc_2012_256, C=RU", x509Certificate, str, sb.toString(), "Crypto-Pro LLC", "Test signature (2012-256)", false, Certificates.HTTP_ADDRESS);
        verify(str2 + "signed.2012_256.pdf", null, null, "JCP");
        sign(genKeyPair("GOST3410DH_2012_512", "Crypto"), "GOST3411_2012_512", "GOST3411_2012_512withGOST3410_2012_512", "JCP", "CN=exc_2012_512, C=RU", x509Certificate, str, str2 + "signed.2012_512.pdf", "Crypto-Pro LLC", "Test signature (2012-512)", false, Certificates.HTTP_ADDRESS);
        verify(str2 + "signed.2012_512.pdf", null, null, "JCP");
    }

    public static void sign(KeyPair keyPair, String str, String str2, String str3, String str4, X509Certificate x509Certificate, String str5, String str6, String str7, String str8, boolean z, String str9) throws Exception {
        sign(keyPair, str, str2, str3, str4, x509Certificate, str5, str6, str7, str8, false, z, str9);
    }

    public static void sign(KeyPair keyPair, String str, String str2, String str3, String str4, X509Certificate x509Certificate, String str5, String str6, String str7, String str8, boolean z, boolean z2, String str9) throws Exception {
        sign(keyPair.getPrivate(), str, str3, new Certificate[]{CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Certificates.createRequestAndGetCert(keyPair, str2, str3, str4, str9))), x509Certificate}, str5, str6, str7, str8, z, z2);
    }

    public static void sign(PrivateKey privateKey, String str, String str2, Certificate[] certificateArr, String str3, String str4, String str5, String str6, boolean z, boolean z2) throws Exception {
        PdfReader pdfReader = new PdfReader(str3);
        FileOutputStream fileOutputStream = new FileOutputStream(str4);
        PdfStamper createSignature = z ? PdfStamper.createSignature(pdfReader, fileOutputStream, (char) 0, (File) null, true) : PdfStamper.createSignature(pdfReader, fileOutputStream, (char) 0);
        PdfSignatureAppearance signatureAppearance = createSignature.getSignatureAppearance();
        signatureAppearance.setCertificate(certificateArr[0]);
        signatureAppearance.setReason(str6);
        signatureAppearance.setLocation(str5);
        PdfSignature pdfSignature = new PdfSignature(PdfName.ADOBE_CryptoProPDF, z2 ? PdfName.ETSI_CADES_DETACHED : PdfName.ADBE_PKCS7_DETACHED);
        pdfSignature.setReason(signatureAppearance.getReason());
        pdfSignature.setLocation(signatureAppearance.getLocation());
        pdfSignature.setSignatureCreator(signatureAppearance.getSignatureCreator());
        pdfSignature.setContact(signatureAppearance.getContact());
        pdfSignature.setDate(new PdfDate(signatureAppearance.getSignDate()));
        signatureAppearance.setCryptoDictionary(pdfSignature);
        HashMap hashMap = new HashMap();
        hashMap.put(PdfName.CONTENTS, new Integer(InputDeviceCompat.SOURCE_STYLUS));
        signatureAppearance.preClose(hashMap);
        PdfPKCS7 pdfPKCS7 = new PdfPKCS7(privateKey, certificateArr, str, str2, new BouncyCastleDigest(), false);
        byte[] digest = DigestAlgorithms.digest(signatureAppearance.getRangeStream(), MessageDigest.getInstance(str));
        Calendar calendar = Calendar.getInstance();
        byte[] authenticatedAttributeBytes = pdfPKCS7.getAuthenticatedAttributeBytes(digest, calendar, (byte[]) null, (Collection) null, z2 ? MakeSignature.CryptoStandard.CADES : MakeSignature.CryptoStandard.CMS);
        pdfPKCS7.update(authenticatedAttributeBytes, 0, authenticatedAttributeBytes.length);
        byte[] encodedPKCS7 = pdfPKCS7.getEncodedPKCS7(digest, calendar, (TSAClient) null, (byte[]) null, (Collection) null, z2 ? MakeSignature.CryptoStandard.CADES : MakeSignature.CryptoStandard.CMS);
        if (8192 < encodedPKCS7.length) {
            throw new IOException("Not enough space");
        }
        byte[] bArr = new byte[8192];
        System.arraycopy(encodedPKCS7, 0, bArr, 0, encodedPKCS7.length);
        PdfDictionary pdfDictionary = new PdfDictionary();
        pdfDictionary.put(PdfName.CONTENTS, new PdfString(bArr).setHexWriting(true));
        signatureAppearance.close(pdfDictionary);
        createSignature.close();
        fileOutputStream.close();
        pdfReader.close();
    }

    public static int verify(String str, KeyStore keyStore, CRL crl, String str2) throws Exception {
        ArrayList arrayList;
        if (crl != null) {
            arrayList = new ArrayList(1);
            arrayList.add(crl);
        } else {
            arrayList = null;
        }
        AcroFields acroFields = new PdfReader(str).getAcroFields();
        ArrayList signatureNames = acroFields.getSignatureNames();
        if (signatureNames.size() == 0) {
            throw new Exception("Signatures not found.");
        }
        Iterator it = signatureNames.iterator();
        while (it.hasNext()) {
            String str3 = (String) it.next();
            System.out.println("Signature: " + str3);
            PdfPKCS7 verifySignature = acroFields.verifySignature(str3, str2);
            if (!verifySignature.verify()) {
                throw new Exception("Invalid signature: " + str3);
            }
            System.out.println("Signer certificate: " + verifySignature.getSigningCertificate().getSubjectDN());
            Calendar signDate = verifySignature.getSignDate();
            System.out.println("Signature date: " + signDate);
            X509Certificate[] x509CertificateArr = (X509Certificate[]) verifySignature.getSignCertificateChain();
            if (verifySignature.getTimeStampToken() != null) {
                boolean verifyTimestampImprint = verifySignature.verifyTimestampImprint();
                System.out.println("Timestamp imprint verified: " + verifyTimestampImprint);
                signDate = verifySignature.getTimeStampDate();
                System.out.println("Timestamp date: " + signDate);
            }
            System.out.println("Certificate subject: " + verifySignature.getSigningCertificate().getSubjectDN());
            System.out.println("Document wasn't modified.");
            if (keyStore != null) {
                List verifyCertificates = CertificateVerification.verifyCertificates(x509CertificateArr, keyStore, arrayList, signDate);
                if (!verifyCertificates.isEmpty()) {
                    System.err.println("Certificate validation failed: ");
                    Iterator it2 = verifyCertificates.iterator();
                    while (it2.hasNext()) {
                        ((VerificationException) it2.next()).printStackTrace();
                    }
                    throw new Exception("Validation failed.");
                }
                System.out.println("Certificates verified against the key store");
            }
        }
        return signatureNames.size();
    }
}
