package org.apache.pdfbox.examples.signature;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.interfaces.RSAPrivateKey;
import java.util.Calendar;
import java.util.Enumeration;
import org.apache.pdfbox.pdmodel.PDDocument;
import org.apache.pdfbox.pdmodel.interactive.digitalsignature.PDSignature;
import org.apache.pdfbox.pdmodel.interactive.digitalsignature.SignatureInterface;
import org.apache.pdfbox.pdmodel.interactive.digitalsignature.SignatureOptions;
import org.apache.pdfbox.pdmodel.interactive.digitalsignature.visible.PDVisibleSigProperties;
import org.apache.pdfbox.pdmodel.interactive.digitalsignature.visible.PDVisibleSignDesigner;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.SignerInfoGeneratorBuilder;
import org.bouncycastle.crypto.params.RSAKeyParameters;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.bc.BcDigestCalculatorProvider;
import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;

/* loaded from: input_file:org/apache/pdfbox/examples/signature/CreateVisibleSignature.class */
public class CreateVisibleSignature implements SignatureInterface {
    private static final BouncyCastleProvider BCPROVIDER = new BouncyCastleProvider();
    private final PrivateKey privKey;
    private final Certificate[] cert;
    private SignatureOptions options;

    public CreateVisibleSignature(KeyStore keyStore, char[] cArr) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, IOException {
        Enumeration<String> aliases = keyStore.aliases();
        if (!aliases.hasMoreElements()) {
            throw new IOException("Could not find alias");
        }
        String nextElement = aliases.nextElement();
        this.privKey = (PrivateKey) keyStore.getKey(nextElement, cArr);
        this.cert = keyStore.getCertificateChain(nextElement);
    }

    public File signPDF(File file, PDVisibleSigProperties pDVisibleSigProperties) throws IOException {
        byte[] bArr = new byte[8192];
        if (file == null || !file.exists()) {
            throw new IOException("Document for signing does not exist");
        }
        String name = file.getName();
        File file2 = new File(file.getParent(), name.substring(0, name.lastIndexOf(46)) + "_signed.pdf");
        FileInputStream fileInputStream = new FileInputStream(file);
        FileOutputStream fileOutputStream = new FileOutputStream(file2);
        while (true) {
            int read = fileInputStream.read(bArr);
            if (read == -1) {
                break;
            }
            fileOutputStream.write(bArr, 0, read);
        }
        fileInputStream.close();
        PDDocument load = PDDocument.load(file);
        PDSignature pDSignature = new PDSignature();
        pDSignature.setFilter(PDSignature.FILTER_ADOBE_PPKLITE);
        pDSignature.setSubFilter(PDSignature.SUBFILTER_ADBE_PKCS7_DETACHED);
        pDSignature.setName("signer name");
        pDSignature.setLocation("signer location");
        pDSignature.setReason("reason for signature");
        pDSignature.setSignDate(Calendar.getInstance());
        if (pDVisibleSigProperties == null || !pDVisibleSigProperties.isVisualSignEnabled()) {
            load.addSignature(pDSignature, this);
        } else {
            try {
                this.options = new SignatureOptions();
                this.options.setVisualSignature(pDVisibleSigProperties);
                load.addSignature(pDSignature, this, this.options);
                if (this.options != null) {
                    this.options.close();
                }
            } catch (Throwable th) {
                if (this.options != null) {
                    this.options.close();
                }
                throw th;
            }
        }
        load.saveIncremental(fileOutputStream);
        return file2;
    }

    public byte[] sign(InputStream inputStream) throws IOException {
        try {
            org.bouncycastle.asn1.x509.Certificate certificate = org.bouncycastle.asn1.x509.Certificate.getInstance(ASN1Primitive.fromByteArray(this.cert[0].getEncoded()));
            AlgorithmIdentifier find = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA256WITHRSAENCRYPTION");
            AlgorithmIdentifier find2 = new DefaultDigestAlgorithmIdentifierFinder().find(find);
            RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) this.privKey;
            ContentSigner build = new BcRSAContentSignerBuilder(find, find2).build(new RSAKeyParameters(true, rSAPrivateKey.getModulus(), rSAPrivateKey.getPrivateExponent()));
            CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
            cMSSignedDataGenerator.addSignerInfoGenerator(new SignerInfoGeneratorBuilder(new BcDigestCalculatorProvider()).build(build, new X509CertificateHolder(certificate)));
            return cMSSignedDataGenerator.generate(new CMSProcessableInputStream(inputStream), false).getEncoded();
        } catch (CertificateEncodingException e) {
            throw new IOException(e);
        } catch (CMSException e2) {
            throw new IOException((Throwable) e2);
        } catch (OperatorCreationException e3) {
            throw new IOException((Throwable) e3);
        }
    }

    public static void main(String[] strArr) throws KeyStoreException, CertificateException, IOException, NoSuchAlgorithmException, UnrecoverableKeyException {
        if (strArr.length != 4) {
            usage();
            System.exit(1);
            return;
        }
        File file = new File(strArr[0]);
        KeyStore keyStore = KeyStore.getInstance("PKCS12", (Provider) BCPROVIDER);
        char[] charArray = strArr[1].toCharArray();
        keyStore.load(new FileInputStream(file), charArray);
        File file2 = new File(strArr[2]);
        CreateVisibleSignature createVisibleSignature = new CreateVisibleSignature(keyStore, (char[]) charArray.clone());
        PDVisibleSignDesigner pDVisibleSignDesigner = new PDVisibleSignDesigner(strArr[2], new FileInputStream(strArr[3]), 1);
        pDVisibleSignDesigner.xAxis(0.0f).yAxis(0.0f).zoom(-50.0f).signatureFieldName("signature");
        PDVisibleSigProperties pDVisibleSigProperties = new PDVisibleSigProperties();
        pDVisibleSigProperties.signerName("name").signerLocation("location").signatureReason("Security").preferredSize(0).page(1).visualSignEnabled(true).setPdVisibleSignature(pDVisibleSignDesigner).buildSignature();
        createVisibleSignature.signPDF(file2, pDVisibleSigProperties);
    }

    private static void usage() {
        System.err.println("Usage: java " + CreateVisibleSignature.class.getName() + " <pkcs12-keystore-file> <pin> <input-pdf> <sign-image>");
    }
}
