package com.qoppa.pdf.c;

import com.qoppa.pdf.PDFException;
import com.qoppa.pdf.SignatureValidity;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Date;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Vector;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.ASN1UTCTime;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.DERUTCTime;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.Attributes;
import org.bouncycastle.asn1.cms.CMSAttributes;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
import org.bouncycastle.tsp.TSPValidationException;
import org.bouncycastle.tsp.TimeStampToken;
import org.bouncycastle.util.Selector;
import org.bouncycastle.util.Store;

/* loaded from: input_file:jPDFViewer.v2017R1.14.jar:com/qoppa/pdf/c/f.class */
public abstract class f implements r {
    protected CMSSignedData g;
    protected Vector<c> f;
    protected int d;
    protected Date h;
    private MessageDigest j;
    private Signature i;
    private byte[] c;
    private SignerInformation b;
    private byte[] e;
    SignatureValidity k = new SignatureValidity();

    public f(byte[] bArr, Vector<c> vector, com.qoppa.pdf.p.u uVar) throws PDFException {
        this.d = 0;
        try {
            this.g = new CMSSignedData(bArr);
            this.f = vector;
            for (int i = 0; i < this.f.size(); i++) {
                this.d = Math.max(this.d, this.f.get(i).d());
            }
            if (uVar != null) {
                this.h = com.qoppa.pdf.b.o.b(uVar.b());
            }
        } catch (CMSException e) {
            com.qoppa.h.c.b((Throwable) e);
            throw new PDFException("Error reading Signature: " + e.getMessage());
        }
    }

    @Override // com.qoppa.pdf.c.r
    public SignatureValidity d() {
        return this.k;
    }

    @Override // com.qoppa.pdf.c.r
    public SignatureValidity b(byte[] bArr, int i, int i2) {
        for (int i3 = 0; i3 < this.f.size(); i3++) {
            try {
                c b = b(i, i2, this.f.get(i3));
                if (b != null) {
                    if (this.j != null) {
                        this.j.update(bArr, b.b() - i, b.c());
                    } else {
                        this.i.update(bArr, b.b() - i, b.c());
                    }
                }
            } catch (SignatureException e) {
                this.k.setValidSignatureHash(false);
                this.k.setException(e, "Error Calculating Signature Hash.");
            } catch (Throwable th) {
                this.k.setValidSignatureHash(false);
                this.k.setException(th, "Error Calculating Signature Hash.");
            }
        }
        if (i + i2 > this.d) {
            this.k.setContentAppended(true);
        }
        return this.k;
    }

    private c b(int i, int i2, c cVar) {
        int i3 = i + i2;
        if (cVar.b() > i3 || cVar.d() < i) {
            return null;
        }
        int max = Math.max(i, cVar.b());
        return new c(max, Math.min(i3, cVar.d()) - max);
    }

    @Override // com.qoppa.pdf.c.r
    public SignatureValidity e() {
        try {
            byte[] encodedSignedAttributes = this.b.getEncodedSignedAttributes();
            if (encodedSignedAttributes != null) {
                this.i.update(encodedSignedAttributes);
                if (this.c != null) {
                    this.j.update(this.j.digest());
                }
                boolean equals = Arrays.equals(this.j.digest(), this.e);
                boolean verify = this.i.verify(this.b.getSignature());
                if (!verify && equals) {
                    com.qoppa.h.c.c("Verification failed, try reordering signed attributes.");
                    verify = h();
                }
                this.k.setValidSignatureHash(equals && verify);
            } else {
                if (this.c != null) {
                    this.i.update(this.j.digest());
                }
                this.k.setValidSignatureHash(this.i.verify(this.b.getSignature()));
            }
        } catch (IOException e) {
            this.k.setValidSignatureObject(false);
            this.k.setException(e, "Bad Signature Object.");
        } catch (SignatureException e2) {
            this.k.setValidSignatureHash(false);
            this.k.setException(e2, "Error Calculating Signature Hash.");
        } catch (Throwable th) {
            this.k.setValidSignatureHash(false);
            this.k.setException(th, "Error Calculating Signature Hash.");
        } finally {
            this.c = null;
            this.b = null;
            this.e = null;
            this.j = null;
            this.i = null;
        }
        return this.k;
    }

    private boolean h() throws IOException, SignatureException {
        return b(new Attribute[0], (Attribute[]) this.b.getSignedAttributes().toHashtable().values().toArray(new Attribute[0]));
    }

    private boolean b(Attribute[] attributeArr, Attribute[] attributeArr2) throws IOException, SignatureException {
        int length = attributeArr2.length;
        if (length == 0) {
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            for (Attribute attribute : attributeArr) {
                aSN1EncodableVector.add(attribute);
            }
            byte[] encoded = new Attributes(aSN1EncodableVector).getEncoded();
            this.i.update(encoded, 0, encoded.length);
            return this.i.verify(this.b.getSignature());
        }
        for (int i = 0; i < length; i++) {
            Attribute[] attributeArr3 = (Attribute[]) Arrays.copyOf(attributeArr, attributeArr.length + 1);
            attributeArr3[attributeArr3.length - 1] = attributeArr2[i];
            Attribute[] attributeArr4 = (Attribute[]) Arrays.copyOf(attributeArr2, attributeArr2.length - 1);
            for (int i2 = i; i2 < attributeArr2.length - 1; i2++) {
                attributeArr4[i2] = attributeArr2[i2 + 1];
            }
            if (b(attributeArr3, attributeArr4)) {
                return true;
            }
        }
        return false;
    }

    public Certificate[] g() {
        TimeStampToken b;
        Collection matches;
        ArrayList arrayList = new ArrayList();
        try {
            this.b = f();
            if (this.b != null && (b = b(this.b)) != null && (matches = b.getCertificates().getMatches((Selector) null)) != null) {
                arrayList.addAll(matches);
            }
            if (arrayList.size() <= 0) {
                this.b = null;
                return null;
            }
            Certificate[] certificateArr = new Certificate[arrayList.size()];
            JcaX509CertificateConverter jcaX509CertificateConverter = new JcaX509CertificateConverter();
            jcaX509CertificateConverter.setProvider(com.qoppa.pdf.annotations.b.n.b);
            Iterator it = arrayList.iterator();
            int i = 0;
            while (it.hasNext()) {
                int i2 = i;
                i++;
                certificateArr[i2] = jcaX509CertificateConverter.getCertificate((X509CertificateHolder) it.next());
            }
            return certificateArr;
        } catch (Exception unused) {
            return null;
        } finally {
            this.b = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SignerInformation f() {
        if (this.b == null) {
            Iterator it = this.g.getSignerInfos().getSigners().iterator();
            if (it.hasNext()) {
                this.b = (SignerInformation) it.next();
            }
        }
        return this.b;
    }

    private TimeStampToken b(SignerInformation signerInformation) throws Exception {
        Attribute attribute;
        AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes();
        if (unsignedAttributes == null || (attribute = unsignedAttributes.get(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken)) == null) {
            return null;
        }
        return new TimeStampToken(new CMSSignedData(attribute.getAttrValues().getObjectAt(0).toASN1Primitive().getEncoded()));
    }

    @Override // com.qoppa.pdf.c.r
    public SignatureValidity b() {
        Vector<CRL> vector;
        try {
            this.k.setTested(true);
            if (this.g.getSignedContent() != null) {
                this.c = (byte[]) this.g.getSignedContent().getContent();
            }
            vector = null;
            this.b = f();
        } catch (InvalidKeyException e) {
            this.k.setValidSignatureObject(false);
            this.k.setException(e, "Invalid Signature Key.");
        } catch (NoSuchAlgorithmException e2) {
            this.k.setValidSignatureObject(false);
            this.k.setException(e2, "Unable to verify signature algorithm.");
        } catch (Throwable th) {
            com.qoppa.h.c.b(th);
            this.k.setValidSignatureObject(false);
            this.k.setException(th, "Error reading Signature.");
        }
        if (this.b == null) {
            throw new PDFException("No Signers in Signature.");
        }
        Date date = this.h;
        AttributeTable signedAttributes = this.b.getSignedAttributes();
        if (signedAttributes != null) {
            Attribute attribute = signedAttributes.get(CMSAttributes.messageDigest);
            if (attribute == null) {
                throw new PDFException("Invalid Signature.");
            }
            this.e = attribute.getAttrValues().getObjectAt(0).getOctets();
            vector = c(signedAttributes.get(new ASN1ObjectIdentifier(l.b)));
            Attribute attribute2 = signedAttributes.get(CMSAttributes.signingTime);
            if (attribute2 != null) {
                date = b(attribute2);
            }
        }
        TimeStampToken b = b(this.b);
        if (b != null) {
            this.k.setValidTimestamp(true);
            date = b.getTimeStampInfo().getGenTime();
        }
        Store certificates = this.g.getCertificates();
        X509Certificate certificate = new JcaX509CertificateConverter().getCertificate((X509CertificateHolder) certificates.getMatches(this.b.getSID()).iterator().next());
        b(certificate, date, certificates, this.g.getCRLs(), vector, this.k);
        boolean[] keyUsage = certificate.getKeyUsage();
        if (keyUsage != null && !keyUsage[0] && !keyUsage[1]) {
            this.k.setValidKeyUsage(false);
        }
        if (b != null) {
            b(b, vector);
        }
        String c = l.c(this.b.getDigestAlgOID());
        this.i = Signature.getInstance(String.valueOf(c) + "with" + l.b(this.b.getEncryptionAlgOID()));
        this.i.initVerify(certificate.getPublicKey());
        if (this.c != null || this.e != null) {
            this.j = MessageDigest.getInstance(c);
        }
        return this.k;
    }

    private Vector<CRL> c(Attribute attribute) throws CertificateException, CRLException, IOException {
        Vector<CRL> vector = null;
        if (attribute != null) {
            ASN1Set attrValues = attribute.getAttrValues();
            if (attrValues.size() > 0) {
                ASN1Sequence objectAt = attrValues.getObjectAt(0);
                for (int i = 0; i < objectAt.size(); i++) {
                    DERTaggedObject objectAt2 = objectAt.getObjectAt(i);
                    if (objectAt2.getTagNo() == 0) {
                        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                        vector = new Vector<>();
                        DERSequence object = objectAt2.getObject();
                        for (int i2 = 0; i2 < object.size(); i2++) {
                            vector.add(certificateFactory.generateCRL(new ByteArrayInputStream(object.getObjectAt(i2).getEncoded())));
                        }
                    } else {
                        objectAt2.getTagNo();
                    }
                }
            }
        }
        return vector;
    }

    private Date b(Attribute attribute) {
        Enumeration objects = attribute.getAttrValues().getObjects();
        while (objects.hasMoreElements()) {
            Object nextElement = objects.nextElement();
            try {
                if (nextElement instanceof DERSequence) {
                    nextElement = ((DERSequence) nextElement).getObjectAt(0);
                }
            } catch (ParseException unused) {
            }
            if (nextElement instanceof ASN1UTCTime) {
                return ((ASN1UTCTime) nextElement).getDate();
            }
            if (nextElement instanceof DERUTCTime) {
                return ((DERUTCTime) nextElement).getDate();
            }
        }
        return null;
    }

    private void b(X509Certificate x509Certificate, Date date, Store store, Store store2, Vector<CRL> vector, SignatureValidity signatureValidity) {
        try {
            k.b(k.b(x509Certificate, store), date, store2, vector, signatureValidity);
        } catch (PDFException e) {
            signatureValidity.setValidCertificateChain(false);
            signatureValidity.setException(e, "Error Verifying Certificate Chain.");
        } catch (CertificateException e2) {
            signatureValidity.setValidCertificateChain(false);
            signatureValidity.setException(e2, "Invalid Certificates.");
        } catch (Throwable th) {
            signatureValidity.setValidCertificateChain(false);
            signatureValidity.setException(th, "Error Verifying Certificate Chain.");
        }
    }

    private void b(TimeStampToken timeStampToken, Vector<CRL> vector) throws Exception {
        this.k.setTSValid(Arrays.equals(timeStampToken.getTimeStampInfo().getMessageImprintDigest(), MessageDigest.getInstance(timeStampToken.getTimeStampInfo().getMessageImprintAlgOID().toString()).digest(this.b.getSignature())));
        BigInteger serialNumber = timeStampToken.getSID().getSerialNumber();
        Store certificates = timeStampToken.getCertificates();
        Iterator it = certificates.getMatches((Selector) null).iterator();
        while (it.hasNext()) {
            X509Certificate certificate = new JcaX509CertificateConverter().getCertificate((X509CertificateHolder) it.next());
            if (certificate.getSerialNumber().equals(serialNumber)) {
                try {
                    timeStampToken.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider(com.qoppa.pdf.annotations.b.n.b).build(certificate));
                    this.k.setTSValidCertificate(true);
                } catch (TSPValidationException unused) {
                    this.k.setTSValidCertificate(false);
                }
                SignatureValidity signatureValidity = new SignatureValidity();
                b(certificate, timeStampToken.getTimeStampInfo().getGenTime(), certificates, timeStampToken.getCRLs(), vector, signatureValidity);
                this.k.setTSTrustedChain(signatureValidity.isTrustedChain());
            }
        }
    }

    @Override // com.qoppa.pdf.c.r
    public Certificate[] c() {
        try {
            Store certificates = this.g.getCertificates();
            this.b = f();
            Vector<Certificate> b = k.b(new JcaX509CertificateConverter().getCertificate((X509CertificateHolder) certificates.getMatches(this.b.getSID()).iterator().next()), certificates);
            return (X509Certificate[]) b.toArray(new X509Certificate[b.size()]);
        } catch (Throwable th) {
            com.qoppa.h.c.b(th);
            return null;
        } finally {
            this.b = null;
        }
    }
}
