package org.ezca.shield.sdk.sign.seal.sealv3.sign.pdf;

import com.itextpdf.text.pdf.PdfDictionary;
import com.itextpdf.text.pdf.security.CrlClient;
import com.itextpdf.text.pdf.security.DigestAlgorithms;
import com.itextpdf.text.pdf.security.ExternalDigest;
import com.itextpdf.text.pdf.security.ExternalSignature;
import com.itextpdf.text.pdf.security.ExternalSignatureContainer;
import com.itextpdf.text.pdf.security.MakeSignature;
import com.itextpdf.text.pdf.security.OcspClient;
import com.itextpdf.text.pdf.security.TSAClient;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Collection;
import org.ezca.shield.sdk.sign.common.util.ByteUtil;
import org.ezca.shield.sdk.sign.common.util.CryptoUtil;

/* loaded from: classes3.dex */
public class MyExternalSignatureContainer implements ExternalSignatureContainer {
    private Calendar cal;
    private Certificate[] chain;
    private Collection<CrlClient> crlList;
    private ExternalDigest externalDigest;
    private ExternalSignature externalSignature;
    private OcspClient ocspClient;
    private PdfDictionary sigDic;
    private MakeSignature.CryptoStandard sigtype;
    private TSAClient tsaClient;

    public MyExternalSignatureContainer(PdfDictionary pdfDictionary, ExternalDigest externalDigest, ExternalSignature externalSignature, Certificate[] certificateArr, Collection<CrlClient> collection, OcspClient ocspClient, TSAClient tSAClient, Calendar calendar, MakeSignature.CryptoStandard cryptoStandard) {
        this.sigDic = pdfDictionary;
        this.externalDigest = externalDigest;
        this.externalSignature = externalSignature;
        this.chain = certificateArr;
        this.crlList = collection;
        this.ocspClient = ocspClient;
        this.tsaClient = tSAClient;
        this.cal = calendar;
        this.sigtype = cryptoStandard;
    }

    private byte[] signRSA(InputStream inputStream) throws GeneralSecurityException {
        OcspClient ocspClient;
        Collection<byte[]> collection = null;
        int i = 0;
        while (collection == null) {
            Certificate[] certificateArr = this.chain;
            if (i >= certificateArr.length) {
                break;
            }
            collection = MakeSignature.processCrl(certificateArr[i], this.crlList);
            i++;
        }
        MyPdfPKCS7 myPdfPKCS7 = new MyPdfPKCS7(null, this.chain, this.externalSignature.getHashAlgorithm(), null, this.externalDigest, false);
        try {
            byte[] digest = DigestAlgorithms.digest(inputStream, this.externalDigest.getMessageDigest(this.externalSignature.getHashAlgorithm()));
            Certificate[] certificateArr2 = this.chain;
            byte[] encoded = (certificateArr2.length < 2 || (ocspClient = this.ocspClient) == null) ? null : ocspClient.getEncoded((X509Certificate) certificateArr2[0], (X509Certificate) certificateArr2[1], null);
            myPdfPKCS7.setExternalDigest(this.externalSignature.sign(myPdfPKCS7.getAuthenticatedAttributeBytes(digest, this.cal, encoded, collection, this.sigtype)), null, this.externalSignature.getEncryptionAlgorithm());
            return myPdfPKCS7.getEncodedPKCS7(digest, this.cal, this.tsaClient, encoded, collection, this.sigtype);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private byte[] signSM2(InputStream inputStream) throws GeneralSecurityException {
        OcspClient ocspClient;
        Collection<byte[]> collection = null;
        int i = 0;
        while (collection == null) {
            Certificate[] certificateArr = this.chain;
            if (i >= certificateArr.length) {
                break;
            }
            collection = MakeSignature.processCrl(certificateArr[i], this.crlList);
            i++;
        }
        MyPdfPKCS7 myPdfPKCS7 = new MyPdfPKCS7(null, this.chain, this.externalSignature.getHashAlgorithm(), null, this.externalDigest, false);
        try {
            byte[] hashSM3 = CryptoUtil.getHashSM3(ByteUtil.input2byte(inputStream));
            Certificate[] certificateArr2 = this.chain;
            byte[] encoded = (certificateArr2.length < 2 || (ocspClient = this.ocspClient) == null) ? null : ocspClient.getEncoded((X509Certificate) certificateArr2[0], (X509Certificate) certificateArr2[1], null);
            myPdfPKCS7.setExternalDigest(this.externalSignature.sign(myPdfPKCS7.getAuthenticatedAttributeBytes(hashSM3, this.cal, encoded, collection, this.sigtype)), null, this.externalSignature.getEncryptionAlgorithm());
            return myPdfPKCS7.getEncodedPKCS7(hashSM3, this.cal, this.tsaClient, encoded, collection, this.sigtype);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // com.itextpdf.text.pdf.security.ExternalSignatureContainer
    public void modifySigningDictionary(PdfDictionary pdfDictionary) {
        pdfDictionary.putAll(this.sigDic);
    }

    @Override // com.itextpdf.text.pdf.security.ExternalSignatureContainer
    public byte[] sign(InputStream inputStream) throws GeneralSecurityException {
        try {
            try {
                byte[] signRSA = this.externalDigest != null ? signRSA(inputStream) : signSM2(inputStream);
                try {
                    inputStream.close();
                    return signRSA;
                } catch (IOException e) {
                    e.printStackTrace();
                    return signRSA;
                }
            } catch (Throwable th) {
                try {
                    inputStream.close();
                } catch (IOException e2) {
                    e2.printStackTrace();
                }
                throw th;
            }
        } catch (Exception e3) {
            e3.printStackTrace();
            try {
                inputStream.close();
            } catch (IOException e4) {
                e4.printStackTrace();
            }
            return null;
        }
    }
}
