package com.qoppa.b.i;

import com.qoppa.pdf.PDFException;
import com.qoppa.pdf.SigningInformation;
import com.qoppa.pdf.TimestampServer;
import com.qoppa.pdf.b.ed;
import com.qoppa.pdf.b.pc;
import com.qoppa.pdf.e.w;
import java.io.BufferedReader;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.math.BigInteger;
import java.net.HttpURLConnection;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.Map;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.CMSAttributes;
import org.bouncycastle.asn1.ess.ESSCertID;
import org.bouncycastle.asn1.ess.SigningCertificate;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.asn1.x509.IssuerSerial;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaCertStore;
import org.bouncycastle.cms.CMSAbsentContent;
import org.bouncycastle.cms.CMSAttributeTableGenerationException;
import org.bouncycastle.cms.CMSAttributeTableGenerator;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.CMSTypedData;
import org.bouncycastle.cms.DefaultSignedAttributeTableGenerator;
import org.bouncycastle.cms.SignerInfoGenerator;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.cms.SignerInformationStore;
import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import org.bouncycastle.tsp.TSPAlgorithms;
import org.bouncycastle.tsp.TSPException;
import org.bouncycastle.tsp.TimeStampRequest;
import org.bouncycastle.tsp.TimeStampRequestGenerator;
import org.bouncycastle.tsp.TimeStampResponse;
import org.bouncycastle.tsp.TimeStampToken;

/* loaded from: input_file:com/qoppa/b/i/c.class */
public class c {
    public static final int b = 10000;

    public static int c(SigningInformation signingInformation, String str) throws PDFException {
        int length = c(signingInformation, new CMSAbsentContent(), false, str).length;
        if (signingInformation.getTimestampServer() != null) {
            length += signingInformation.getTimestampServer().getLengthEstimate();
        }
        return length;
    }

    public static int b(SigningInformation signingInformation, String str) throws PDFException {
        int length = b(signingInformation, (CMSTypedData) new CMSAbsentContent(), false, str).length;
        if (signingInformation.getTimestampServer() != null) {
            length += signingInformation.getTimestampServer().getLengthEstimate();
        }
        return length;
    }

    public static byte[] c(SigningInformation signingInformation, CMSTypedData cMSTypedData, String str) throws PDFException {
        return c(signingInformation, cMSTypedData, true, str);
    }

    private static byte[] c(SigningInformation signingInformation, CMSTypedData cMSTypedData, boolean z, String str) throws PDFException {
        try {
            SignerInfoGenerator build = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build()).build(signingInformation.getContentSigner(str), (X509Certificate) signingInformation.getSignerCertificate());
            CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
            cMSSignedDataGenerator.addSignerInfoGenerator(build);
            cMSSignedDataGenerator.addCertificates(new JcaCertStore(Arrays.asList(signingInformation.getCertificateChain())));
            CMSSignedData generate = cMSSignedDataGenerator.generate(cMSTypedData, false);
            if (z && signingInformation.getTimestampServer() != null) {
                generate = b(generate, signingInformation.getTimestampServer());
            }
            return generate.getEncoded();
        } catch (Throwable th) {
            th.printStackTrace();
            throw new PDFException(th.getMessage(), th);
        }
    }

    public static byte[] b(SigningInformation signingInformation, CMSTypedData cMSTypedData, String str) throws PDFException {
        return b(signingInformation, cMSTypedData, true, str);
    }

    private static byte[] b(SigningInformation signingInformation, CMSTypedData cMSTypedData, boolean z, String str) throws PDFException {
        try {
            ContentSigner contentSigner = signingInformation.getContentSigner(str);
            JcaSignerInfoGeneratorBuilder jcaSignerInfoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build());
            IssuerSerial issuerSerial = new IssuerSerial(new GeneralNames(new GeneralName(new X509CertificateHolder(signingInformation.getSignerCertificate().getEncoded()).getIssuer())), ((X509Certificate) signingInformation.getSignerCertificate()).getSerialNumber());
            w wVar = new w();
            OutputStream outputStream = wVar.getOutputStream();
            outputStream.write(signingInformation.getSignerCertificate().getEncoded());
            outputStream.close();
            final ESSCertID eSSCertID = new ESSCertID(wVar.getDigest(), issuerSerial);
            jcaSignerInfoGeneratorBuilder.setSignedAttributeGenerator(new CMSAttributeTableGenerator() { // from class: com.qoppa.b.i.c.1
                public AttributeTable getAttributes(Map map) throws CMSAttributeTableGenerationException {
                    return new DefaultSignedAttributeTableGenerator().getAttributes(map).add(PKCSObjectIdentifiers.id_aa_signingCertificate, new SigningCertificate(eSSCertID)).remove(CMSAttributes.signingTime);
                }
            });
            SignerInfoGenerator build = jcaSignerInfoGeneratorBuilder.build(contentSigner, (X509Certificate) signingInformation.getSignerCertificate());
            CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
            cMSSignedDataGenerator.addSignerInfoGenerator(build);
            cMSSignedDataGenerator.addCertificates(new JcaCertStore(Arrays.asList(signingInformation.getCertificateChain())));
            CMSSignedData generate = cMSSignedDataGenerator.generate(cMSTypedData, false);
            if (z && signingInformation.getTimestampServer() != null) {
                generate = b(generate, signingInformation.getTimestampServer());
            }
            return generate.getEncoded();
        } catch (Throwable th) {
            th.printStackTrace();
            throw new PDFException(th.getMessage(), th);
        }
    }

    public static byte[] d(SigningInformation signingInformation, CMSTypedData cMSTypedData, String str) throws PDFException {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ((e) cMSTypedData).write(byteArrayOutputStream);
            return b(signingInformation.getTimestampServer(), byteArrayOutputStream.toByteArray()).getEncoded();
        } catch (Throwable th) {
            throw new PDFException(th.getMessage(), th);
        }
    }

    private static CMSSignedData b(CMSSignedData cMSSignedData, TimestampServer timestampServer) throws PDFException {
        Iterator it = cMSSignedData.getSignerInfos().getSigners().iterator();
        if (!it.hasNext()) {
            throw new PDFException("Invalid Signature State: No Signers");
        }
        try {
            TimeStampToken b2 = b(timestampServer, ((SignerInformation) it.next()).getSignature());
            System.out.println(b2.getTimeStampInfo().getGenTime());
            Collection signers = cMSSignedData.getSignerInfos().getSigners();
            SignerInformation signerInformation = (SignerInformation) signers.iterator().next();
            ASN1InputStream aSN1InputStream = new ASN1InputStream(b2.getEncoded());
            ASN1Primitive readObject = aSN1InputStream.readObject();
            aSN1InputStream.close();
            Attribute attribute = new Attribute(new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.2.14"), new DERSet(readObject));
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(attribute);
            SignerInformation replaceUnsignedAttributes = SignerInformation.replaceUnsignedAttributes(signerInformation, new AttributeTable(aSN1EncodableVector));
            signers.clear();
            signers.add(replaceUnsignedAttributes);
            return CMSSignedData.replaceSigners(cMSSignedData, new SignerInformationStore(signers));
        } catch (NoSuchAlgorithmException e) {
            throw new PDFException("Error getting SHA1 message digest.", e);
        } catch (TSPException e2) {
            throw new PDFException("Error processing Timestamp request.", e2);
        } catch (IOException e3) {
            throw new PDFException("Error connecting to Timestamp server: " + e3.getMessage());
        } catch (Throwable th) {
            if (th instanceof PDFException) {
                throw ((PDFException) th);
            }
            throw new PDFException("Error applying timestamp" + (th.getMessage() == null ? "." : ": " + th.getMessage()), th);
        }
    }

    private static TimeStampToken b(TimestampServer timestampServer, byte[] bArr) throws NoSuchAlgorithmException, IOException, PDFException, TSPException {
        long currentTimeMillis = System.currentTimeMillis();
        TimeStampRequestGenerator timeStampRequestGenerator = new TimeStampRequestGenerator();
        timeStampRequestGenerator.setCertReq(true);
        TimeStampToken timeStampToken = null;
        if (timestampServer.getTspAlgorithm() != null) {
            timeStampToken = b(timeStampRequestGenerator, timestampServer, bArr, timestampServer.getTspAlgorithm());
        } else {
            try {
                com.qoppa.v.d.c("Try SHA512");
                timeStampToken = b(timeStampRequestGenerator, timestampServer, bArr, TSPAlgorithms.SHA512);
            } catch (Exception e) {
                e.printStackTrace();
            }
            if (timeStampToken == null) {
                try {
                    com.qoppa.v.d.c("Try SHA1");
                    timeStampToken = b(timeStampRequestGenerator, timestampServer, bArr, TSPAlgorithms.SHA1);
                } catch (Exception e2) {
                    e2.printStackTrace();
                }
            }
            if (timeStampToken == null) {
                com.qoppa.v.d.c("Try SHA256");
                timeStampToken = b(timeStampRequestGenerator, timestampServer, bArr, TSPAlgorithms.SHA256);
            }
        }
        System.out.println(System.currentTimeMillis() - currentTimeMillis);
        return timeStampToken;
    }

    private static TimeStampToken b(TimeStampRequestGenerator timeStampRequestGenerator, TimestampServer timestampServer, byte[] bArr, ASN1ObjectIdentifier aSN1ObjectIdentifier) throws IOException, PDFException, TSPException, NoSuchAlgorithmException {
        TimeStampRequest generate = timeStampRequestGenerator.generate(aSN1ObjectIdentifier, MessageDigest.getInstance(aSN1ObjectIdentifier.toString()).digest(bArr), BigInteger.valueOf((int) (Math.random() * 1000.0d)));
        byte[] encoded = generate.getEncoded();
        HttpURLConnection httpURLConnection = (HttpURLConnection) new pc(timestampServer.getServerURL()).b();
        httpURLConnection.setDoOutput(true);
        httpURLConnection.setDoInput(true);
        httpURLConnection.setRequestMethod("POST");
        httpURLConnection.setRequestProperty("Content-type", "application/timestamp-query");
        httpURLConnection.setRequestProperty("Content-length", String.valueOf(encoded.length));
        httpURLConnection.setConnectTimeout(b);
        httpURLConnection.setReadTimeout(b);
        if (timestampServer.getUser() != null && timestampServer.getPWD() != null) {
            httpURLConnection.setRequestProperty("Authorization", "Basic " + ed.b((String.valueOf(timestampServer.getUser()) + ":" + timestampServer.getPWD()).getBytes(), false));
        }
        OutputStream outputStream = httpURLConnection.getOutputStream();
        outputStream.write(encoded);
        outputStream.flush();
        if (httpURLConnection.getResponseCode() == 200) {
            TimeStampResponse timeStampResponse = new TimeStampResponse(httpURLConnection.getInputStream());
            timeStampResponse.validate(generate);
            TimeStampToken timeStampToken = timeStampResponse.getTimeStampToken();
            if (timeStampToken == null) {
                com.qoppa.v.d.c("Null timestamp token for hash algorithm " + aSN1ObjectIdentifier.toString());
                com.qoppa.v.d.c("Response status string:" + timeStampResponse.getStatusString());
                com.qoppa.v.d.c(timeStampResponse.getFailInfo().toString());
            }
            return timeStampToken;
        }
        InputStream errorStream = httpURLConnection.getErrorStream();
        if (errorStream != null) {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(errorStream));
            com.qoppa.v.d.c("ErrorStream:");
            String readLine = bufferedReader.readLine();
            while (true) {
                String str = readLine;
                if (str == null) {
                    break;
                }
                com.qoppa.v.d.c(str);
                readLine = bufferedReader.readLine();
            }
        }
        throw new PDFException("Error getting timestamp from server: " + httpURLConnection.getResponseCode() + " - " + httpURLConnection.getResponseMessage());
    }
}
