package org.dromara.pdf.pdfbox.doc;

import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import org.apache.pdfbox.io.IOUtils;
import org.apache.pdfbox.pdmodel.interactive.digitalsignature.SignatureInterface;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
import org.bouncycastle.cert.jcajce.JcaCertStore;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.CMSTypedData;
import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;

/* loaded from: input_file:org/dromara/pdf/pdfbox/doc/XEasyPdfDocumentSignDefaultProcessor.class */
public class XEasyPdfDocumentSignDefaultProcessor implements SignatureInterface {
    private final XEasyPdfDocumentSigner signer;
    private static final String PROVIDER = "BC";

    /* loaded from: input_file:org/dromara/pdf/pdfbox/doc/XEasyPdfDocumentSignDefaultProcessor$CmsProcessableInputStream.class */
    public static class CmsProcessableInputStream implements CMSTypedData {
        private final InputStream in;
        private final ASN1ObjectIdentifier contentType;

        CmsProcessableInputStream(InputStream inputStream) {
            this(new ASN1ObjectIdentifier(CMSObjectIdentifiers.data.getId()), inputStream);
        }

        CmsProcessableInputStream(ASN1ObjectIdentifier aSN1ObjectIdentifier, InputStream inputStream) {
            this.contentType = aSN1ObjectIdentifier;
            this.in = inputStream;
        }

        public Object getContent() {
            return this.in;
        }

        public void write(OutputStream outputStream) throws IOException {
            IOUtils.copy(this.in, outputStream);
            this.in.close();
        }

        public ASN1ObjectIdentifier getContentType() {
            return this.contentType;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public XEasyPdfDocumentSignDefaultProcessor(XEasyPdfDocumentSigner xEasyPdfDocumentSigner) {
        this.signer = xEasyPdfDocumentSigner;
    }

    public byte[] sign(InputStream inputStream) {
        Security.addProvider(new BouncyCastleProvider());
        char[] charArray = this.signer.getParam().getCertificatePassword().toCharArray();
        KeyStore keyStore = KeyStore.getInstance(this.signer.getParam().getKeyStoreType().name());
        FileInputStream fileInputStream = new FileInputStream(this.signer.getParam().getCertificate());
        Throwable th = null;
        try {
            try {
                keyStore.load(fileInputStream, charArray);
                if (fileInputStream != null) {
                    if (0 != 0) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
                String nextElement = keyStore.aliases().nextElement();
                Certificate[] certificateChain = keyStore.getCertificateChain(nextElement);
                CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
                cMSSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(PROVIDER).build()).build(new JcaContentSignerBuilder(this.signer.getParam().getSignAlgorithm().name()).setProvider(PROVIDER).build((PrivateKey) keyStore.getKey(nextElement, charArray)), (X509Certificate) certificateChain[0]));
                cMSSignedDataGenerator.addCertificates(new JcaCertStore(Arrays.asList(certificateChain)));
                return cMSSignedDataGenerator.generate(new CmsProcessableInputStream(inputStream), true).getEncoded();
            } finally {
            }
        } finally {
        }
    }
}
