package com.rivigo.finance;

import com.itextpdf.text.DocumentException;
import com.itextpdf.text.pdf.PdfReader;
import com.itextpdf.text.pdf.PdfSignatureAppearance;
import com.itextpdf.text.pdf.PdfStamper;
import com.itextpdf.text.pdf.security.BouncyCastleDigest;
import com.itextpdf.text.pdf.security.MakeSignature;
import com.itextpdf.text.pdf.security.OcspClient;
import com.itextpdf.text.pdf.security.PrivateKeySignature;
import com.itextpdf.text.pdf.security.TSAClient;
import com.rivigo.finance.constants.Constants;
import com.rivigo.finance.dto.DigitalSignatureParametersDTO;
import com.rivigo.finance.enums.SignaturePage;
import com.rivigo.finance.exception.DigitalSignatureException;
import java.io.IOException;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Collection;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.exception.ExceptionUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/rivigo/finance/DigitalSignatureUtils.class */
public class DigitalSignatureUtils {
    private static final Logger log = LoggerFactory.getLogger(DigitalSignatureUtils.class);

    public static void addSignatureToPdf(byte[] bArr, OutputStream outputStream, DigitalSignatureParametersDTO digitalSignatureParametersDTO) throws DigitalSignatureException {
        try {
            log.info("Signing pdf with {}", digitalSignatureParametersDTO);
            PdfReader pdfReader = new PdfReader(bArr);
            PdfSignatureAppearance signatureAppearance = PdfStamper.createSignature(pdfReader, outputStream, (char) 0).getSignatureAppearance();
            signatureAppearance.setVisibleSignature(digitalSignatureParametersDTO.getRectangle(), getPageNumber(digitalSignatureParametersDTO.getSignaturePage(), pdfReader).intValue(), digitalSignatureParametersDTO.getFieldName());
            if (StringUtils.isNotBlank(digitalSignatureParametersDTO.getCustomText())) {
                signatureAppearance.setLayer2Text(digitalSignatureParametersDTO.getCustomText());
            }
            signatureAppearance.setAcro6Layers(false);
            Security.addProvider(new BouncyCastleProvider());
            KeyStore keyStore = KeyStore.getInstance(Constants.KEYSTORE_TYPE);
            keyStore.load(digitalSignatureParametersDTO.getPfxInputStream(), digitalSignatureParametersDTO.getPassword().toCharArray());
            String nextElement = keyStore.aliases().nextElement();
            MakeSignature.signDetached(signatureAppearance, new BouncyCastleDigest(), new PrivateKeySignature((PrivateKey) keyStore.getKey(nextElement, digitalSignatureParametersDTO.getPassword().toCharArray()), Constants.HASH_ALGO, Constants.PROVIDER), new Certificate[]{(X509Certificate) keyStore.getCertificate(nextElement)}, (Collection) null, (OcspClient) null, (TSAClient) null, 0, MakeSignature.CryptoStandard.CMS);
            log.info("Signing complete");
        } catch (IOException | DocumentException | GeneralSecurityException e) {
            log.error("Exception occurred while signing document. Error - {}", ExceptionUtils.getFullStackTrace(e));
            throw new DigitalSignatureException("Could not sign document");
        }
    }

    private static Integer getPageNumber(SignaturePage signaturePage, PdfReader pdfReader) {
        if (signaturePage == SignaturePage.LAST) {
            return Integer.valueOf(pdfReader.getNumberOfPages());
        }
        return 1;
    }
}
