package cn.signit.mobilesign.pdf.verify;

import cn.signit.mobilesign.pdf.ITextPdfLoader;
import cn.signit.mobilesign.pdf.verify.data.HandWriteAnalysiser;
import cn.signit.mobilesign.pdf.verify.data.SignDocAnalysiser;
import cn.signit.mobilesign.pdf.verify.data.SignPhotoAnalysiser;
import cn.signit.mobilesign.pdf.verify.data.SignViedoAnalysiser;
import cn.signit.mobilesign.pdf.verify.data.VerifiedData;
import cn.signit.mobilesign.pdf.verify.thread.SpecilExtVerifyThread;
import cn.signit.mobilesign.tools.Report;
import cn.signit.mobilesign.tools.TimeCount;
import cn.signit.sdk.internal.util.codec.Base64;
import com.itextpdf.text.Rectangle;
import com.itextpdf.text.pdf.AcroFields;
import com.itextpdf.text.pdf.PdfName;
import com.itextpdf.text.pdf.PdfReader;
import com.itextpdf.text.pdf.security.CertificateInfo;
import com.itextpdf.text.pdf.security.PdfPKCS7;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.CountDownLatch;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.tsp.TimeStampToken;

/* loaded from: classes.dex */
public class OneTimePdfVerifier {
    private static final String pass = "111111";
    private final AcroFields fields;
    private final PdfReader reader;
    private final float scale;
    private final KeyStore trustedCertKs;

    public OneTimePdfVerifier(InputStream inputStream, byte[] bArr) throws Throwable {
        this(inputStream, bArr, 1.0f);
    }

    public OneTimePdfVerifier(InputStream inputStream, byte[] bArr, float f) throws Throwable {
        this(inputStream, bArr, f, null);
    }

    public OneTimePdfVerifier(InputStream inputStream, byte[] bArr, float f, KeyStore keyStore) throws Throwable {
        TimeCount timeCount = new TimeCount();
        timeCount.start();
        this.reader = new ITextPdfLoader(inputStream, bArr == null ? "".getBytes() : bArr).getPdfReader();
        this.fields = this.reader.getAcroFields();
        this.scale = f;
        this.trustedCertKs = keyStore;
        Security.addProvider(new BouncyCastleProvider());
        Report.docInit = timeCount.end();
    }

    private static KeyStore getDefault() {
        try {
            Security.addProvider(new BouncyCastleProvider());
            BksStore bksStore = new BksStore(pass);
            bksStore.load(new ByteArrayInputStream(Base64.decodeBase64(TrustCerts.bksTrustKeyStore)), pass.toCharArray());
            bksStore.getKeyStore();
            return bksStore.getKeyStore();
        } catch (Exception e) {
            System.err.println("可信证书库解析异常" + e.getLocalizedMessage());
            return null;
        }
    }

    public void close() {
        if (this.reader != null) {
            this.reader.close();
        }
    }

    public List<String> getFieldNames(boolean z) {
        return z ? this.reader.getAcroFields().getSignatureNames() : this.reader.getAcroFields().getBlankSignatureNames();
    }

    public PdfReader getReader() {
        return this.reader;
    }

    /* JADX WARN: Unsupported multi-entry loop pattern (BACK_EDGE: B:34:0x0099 -> B:6:0x002d). Please report as a decompilation issue!!! */
    public VerifiedData.OneTimeInfo isSpecilExtentionValid(String str, X509Certificate x509Certificate) {
        VerifiedData.OneTimeInfo oneTimeInfo = new VerifiedData.OneTimeInfo();
        try {
            HandWriteAnalysiser handWriteAnalysiser = new HandWriteAnalysiser(this.reader, str, x509Certificate);
            if (handWriteAnalysiser.isSpecil()) {
                oneTimeInfo.setHandWriteValid(handWriteAnalysiser.isSpecil()).setHandWriteData(handWriteAnalysiser.info().getHandWriteCryptoData()).setSeal(handWriteAnalysiser.getSeal());
            } else if (handWriteAnalysiser.getSeal() != null) {
                oneTimeInfo.setHandWriteValid(true);
                oneTimeInfo.setSeal(handWriteAnalysiser.getSeal());
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        try {
            SignDocAnalysiser signDocAnalysiser = new SignDocAnalysiser(this.reader, str, x509Certificate);
            if (signDocAnalysiser.isSpecil()) {
                oneTimeInfo.setSignDocValid(signDocAnalysiser.isSpecil()).setDocHashData(signDocAnalysiser.info().getDochashData());
            }
        } catch (Exception e2) {
            e2.printStackTrace();
        }
        try {
            SignPhotoAnalysiser signPhotoAnalysiser = new SignPhotoAnalysiser(this.reader, str, x509Certificate);
            if (signPhotoAnalysiser.isSpecil()) {
                oneTimeInfo.setSignPhotoValid(signPhotoAnalysiser.isSpecil()).setSignPhotos(signPhotoAnalysiser.getPictures());
            }
        } catch (Exception e3) {
            e3.printStackTrace();
        }
        try {
            SignViedoAnalysiser signViedoAnalysiser = new SignViedoAnalysiser(this.reader, str, x509Certificate);
            if (signViedoAnalysiser.isSpecil()) {
                oneTimeInfo.setSignVeidoValid(signViedoAnalysiser.isSpecil()).setSignViedos(signViedoAnalysiser.getViedos());
            }
        } catch (Exception e4) {
            e4.printStackTrace();
        }
        return oneTimeInfo;
    }

    public VerifiedData.EachVerifierResult verify(String str) {
        boolean z;
        boolean z2;
        TimeCount timeCount = new TimeCount();
        timeCount.start();
        VerifiedData.EachVerifierResult scale = new VerifiedData.EachVerifierResult().signFieldName(str).scale(this.scale > 0.0f ? this.scale : 1.0f);
        PdfPKCS7 verifySignature = this.fields.verifySignature(str, "SC");
        CountDownLatch countDownLatch = new CountDownLatch(1);
        VerifiedData.OneTimeInfo oneTimeInfo = new VerifiedData.OneTimeInfo();
        new SpecilExtVerifyThread(this.reader, oneTimeInfo, str, verifySignature.getSigningCertificate(), countDownLatch);
        List<AcroFields.FieldPosition> fieldPositions = this.fields.getFieldPositions(str);
        if (fieldPositions != null && !fieldPositions.isEmpty()) {
            AcroFields.FieldPosition fieldPosition = fieldPositions.get(0);
            Rectangle rectangle = fieldPosition.position;
            if (rectangle.getWidth() == 0.0f || rectangle.getHeight() == 0.0f) {
                scale.visibleSign(false);
            } else {
                float height = this.reader.getPageSize(fieldPosition.page).getHeight() * this.scale;
                scale.page(fieldPosition.page).ulX(rectangle.getLeft() * this.scale).ulY(height - (rectangle.getTop() * this.scale)).lrX(rectangle.getRight() * this.scale).lrY(height - (rectangle.getBottom() * this.scale)).visibleSign(true);
            }
        }
        scale.signDate(verifySignature.getSignDate().getTime()).signerName(CertificateInfo.getSubjectFields(verifySignature.getSigningCertificate()).getField("CN")).signReason(verifySignature.getReason()).signLocation(verifySignature.getLocation()).signContact(this.fields.getSignatureDictionary(str).getAsString(PdfName.CONTACTINFO) == null ? "" : this.fields.getSignatureDictionary(str).getAsString(PdfName.CONTACTINFO).toUnicodeString()).totalSignRevisions(this.fields.getTotalRevisions()).currentSignRevision(this.fields.getRevision(str)).signCoveredWholeDoc(this.fields.signatureCoversWholeDocument(str));
        try {
            z = !verifySignature.verify();
        } catch (GeneralSecurityException e) {
            e.printStackTrace();
            z = true;
        }
        scale.modified(z);
        Certificate[] signCertificateChain = verifySignature.getSignCertificateChain();
        scale.certAgainstRootValid(true).certAgainstRootResult("签名使用的数字证书是可信的数字证书颁发机构签发");
        scale.certsChainLen(signCertificateChain.length);
        int i = -1;
        boolean z3 = true;
        for (Certificate certificate : signCertificateChain) {
            i++;
            X509Certificate x509Certificate = (X509Certificate) certificate;
            if (z3) {
                scale.certIssuer(x509Certificate.getIssuerDN().getName().trim().replace("OID.1.2.840.113549.1.9.1", "EMAILADDRESS").replace("OID.2.5.4.4", "SN")).certSubject(x509Certificate.getSubjectDN().getName().trim().replace("OID.1.2.840.113549.1.9.1", "EMAILADDRESS").replace("OID.2.5.4.4", "SN")).certStartDate(x509Certificate.getNotBefore()).certEndDate(x509Certificate.getNotAfter());
                z3 = false;
            }
            try {
                x509Certificate.checkValidity();
            } catch (CertificateExpiredException e2) {
                scale.certInvalid(true).certInvalidAt(i).certInvalidResult("签名使用的数字证书已经过期");
            } catch (CertificateNotYetValidException e3) {
                scale.certInvalid(true).certInvalidAt(i).certInvalidResult("签名使用的数字证书已经失效");
            }
        }
        if (0 == 0) {
            scale.certInvalid(false).certInvalidAt(-1);
        }
        if (verifySignature.getTimeStampDate() != null) {
            Object timeStampToken = verifySignature.getTimeStampToken();
            if (timeStampToken instanceof TimeStampToken) {
                scale.setTsaDate(verifySignature.getTimeStampDate().getTime());
            } else if (timeStampToken instanceof org.bouncycastle.tsp.TimeStampToken) {
                scale.setTsaDate(verifySignature.getTimeStampDate().getTime());
            }
            try {
                z2 = verifySignature.verifyTimestampImprint();
            } catch (GeneralSecurityException e4) {
                e4.printStackTrace();
                z2 = false;
            }
            scale.setTsaValid(z2);
        }
        if (verifySignature.getCRLs() != null) {
            scale.crlResult("crlEmbedded:true");
        } else {
            scale.crlResult("crlEmbedded:false");
        }
        try {
            TimeCount timeCount2 = new TimeCount();
            timeCount2.start();
            countDownLatch.await();
            Report.threadWait = timeCount2.end();
        } catch (InterruptedException e5) {
            e5.printStackTrace();
        }
        scale.setOneTimeInfo(oneTimeInfo);
        Report.normalVerify = timeCount.end() - Report.threadWait;
        return scale;
    }

    public VerifiedData verify() {
        TimeCount timeCount = new TimeCount();
        timeCount.start();
        new ArrayList(0);
        new ArrayList(0);
        VerifiedData verifiedData = new VerifiedData();
        int i = 0;
        ArrayList arrayList = new ArrayList();
        try {
            ArrayList<String> signatureNames = this.fields.getSignatureNames();
            ArrayList<String> blankSignatureNames = this.fields.getBlankSignatureNames();
            Iterator<String> it = signatureNames.iterator();
            while (it.hasNext()) {
                VerifiedData.EachVerifierResult verify = verify(it.next());
                if (verify.checkValidSign()) {
                    i++;
                }
                arrayList.add(verify);
            }
            verifiedData.status(0);
            verifiedData.totalSignFields(signatureNames.size() + blankSignatureNames.size()).blankSignFields(blankSignatureNames.size()).signedFields(signatureNames.size()).validSignedFields(i).verifySignedDetails(arrayList);
        } catch (Exception e) {
            e.printStackTrace();
            verifiedData.status(1);
        } finally {
            close();
        }
        timeCount.print();
        return verifiedData;
    }
}
