package net.netca.pki.a.a.k;

import android.text.TextUtils;
import com.xiaomi.mipush.sdk.Constants;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Array;
import java.util.ArrayList;
import java.util.List;
import net.netca.pki.Certificate;
import net.netca.pki.PublicKey;
import net.netca.pki.SignedData;
import net.netca.pki.Util;
import net.netca.pki.a.a.b.d;
import net.netca.pki.a.a.m.c;
import net.netca.pki.a.a.m.f;
import net.netca.pki.a.a.m.g;
import net.netca.pki.a.a.m.i;
import net.netca.pki.a.a.m.m;
import net.netca.pki.crypto.android.exceptions.DeviceNotFoundException;
import net.netca.pki.crypto.android.exceptions.PinErrorException;
import net.netca.pki.crypto.android.exceptions.UserCancelException;
import net.netca.pki.encoding.asn1.pki.AlgorithmIdentifier;
import net.netca.pki.encoding.asn1.pki.Attribute;
import net.netca.pki.encoding.asn1.pki.tsp.HttpGetTimeStamp;
import net.netca.pki.encoding.json.jose.IHash;
import org.apache.pdfbox.pdmodel.interactive.digitalsignature.SignatureInterface;

/* loaded from: classes3.dex */
public class b implements SignatureInterface {
    private String a;
    private String b;

    /* renamed from: c, reason: collision with root package name */
    private String f7781c;

    /* renamed from: d, reason: collision with root package name */
    private boolean f7782d;

    /* renamed from: e, reason: collision with root package name */
    private boolean f7783e;

    /* renamed from: f, reason: collision with root package name */
    private String f7784f = "SHA256WithRSA";

    /* renamed from: g, reason: collision with root package name */
    private List<byte[]> f7785g = new ArrayList();

    /* renamed from: h, reason: collision with root package name */
    private List<byte[]> f7786h = new ArrayList();

    /* renamed from: i, reason: collision with root package name */
    private int f7787i = 0;

    public b(String str, String str2, String str3, boolean z, boolean z2) {
        this.a = str;
        d();
        this.b = str2;
        this.f7781c = str3;
        this.f7782d = z;
        this.f7783e = z2;
    }

    private void d() {
        Throwable th;
        Certificate certificate;
        Exception e2;
        PublicKey publicKey = null;
        try {
            try {
                certificate = new Certificate(this.a);
                try {
                    publicKey = certificate.getPublicKey(Certificate.PURPOSE_VERIFY_OLD_DATA);
                    this.f7784f = publicKey.isSM2() ? "SM3WithSM2" : "SHA256WithRSA";
                } catch (Exception e3) {
                    e2 = e3;
                    e2.printStackTrace();
                    i.a(certificate);
                    i.a(publicKey);
                }
            } catch (Throwable th2) {
                th = th2;
                i.a(certificate);
                i.a(publicKey);
                throw th;
            }
        } catch (Exception e4) {
            e2 = e4;
            certificate = null;
        } catch (Throwable th3) {
            th = th3;
            certificate = null;
            i.a(certificate);
            i.a(publicKey);
            throw th;
        }
        i.a(certificate);
        i.a(publicKey);
    }

    public int a(String str) {
        String upperCase = str.replace(Constants.ACCEPT_TIME_SEPARATOR_SERVER, "").toUpperCase();
        if (upperCase.startsWith(IHash.SHA1)) {
            return 2;
        }
        if (upperCase.startsWith("SHA256")) {
            return 4;
        }
        if (upperCase.startsWith("SHA512")) {
            return 6;
        }
        return upperCase.startsWith(IHash.SM3) ? 25 : 4;
    }

    public List<byte[]> a() {
        return this.f7785g;
    }

    public void a(List<byte[]> list) {
        this.f7785g = list;
    }

    public List<byte[]> b() {
        return this.f7786h;
    }

    public void b(List<byte[]> list) {
        this.f7786h = list;
    }

    public String c() {
        return this.a;
    }

    @Override // org.apache.pdfbox.pdmodel.interactive.digitalsignature.SignatureInterface
    public byte[] sign(InputStream inputStream) throws IOException {
        Certificate certificate;
        SignedData signedData;
        byte[] byteArray;
        SignedData signedData2 = null;
        try {
            try {
                signedData = new SignedData(true);
                try {
                    if (!TextUtils.isEmpty(this.f7781c)) {
                        signedData.keepTbs(true);
                    }
                    certificate = new Certificate(this.a);
                } catch (Exception e2) {
                    e = e2;
                }
            } catch (Throwable th) {
                th = th;
                certificate = null;
            }
            try {
                signedData.setDetached(this.f7782d);
                signedData.setIncludeCertOption(4);
                d a = net.netca.pki.a.a.b.b.j().a(certificate);
                if (a == null) {
                    throw new DeviceNotFoundException("找不到设备");
                }
                int d2 = a.d();
                this.f7787i = d2;
                g.a(d2);
                f.c(a);
                signedData.setDevice(a);
                signedData.setSignCertificate(certificate);
                signedData.setSignAlgorithm(0, a(this.f7784f));
                if (f.a(a)) {
                    if (TextUtils.isEmpty(this.b)) {
                        this.b = new m(net.netca.pki.a.a.e.a.e().c(), certificate, a).a();
                    }
                    if (TextUtils.isEmpty(this.b)) {
                        throw new UserCancelException("取消输入");
                    }
                }
                if (f.b(a)) {
                    if (!a.verifyPwd(1, this.b)) {
                        throw new PinErrorException(a.e());
                    }
                    a.setVerifyPwdUIObject(new net.netca.pki.a.a.b.g(this.b));
                }
                if (this.f7783e) {
                    if (this.f7785g == null) {
                        this.f7785g = new ArrayList();
                    }
                    if (this.f7786h == null) {
                        this.f7786h = new ArrayList();
                    }
                    if (!this.f7786h.isEmpty() || !this.f7785g.isEmpty()) {
                        List<byte[]> list = this.f7785g;
                        byte[][] bArr = (byte[][]) list.toArray((byte[][]) Array.newInstance((Class<?>) byte.class, list.size(), 0));
                        List<byte[]> list2 = this.f7786h;
                        signedData.setAdbeRevocationInfoArchival(0, bArr, (byte[][]) list2.toArray((byte[][]) Array.newInstance((Class<?>) byte.class, list2.size(), 0)));
                    }
                }
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                byteArrayOutputStream.write(signedData.signInit());
                byte[] bArr2 = new byte[1024];
                while (true) {
                    int read = inputStream.read(bArr2);
                    if (read <= 0) {
                        break;
                    }
                    byteArrayOutputStream.write(signedData.signUpdate(bArr2, 0, read));
                }
                byteArrayOutputStream.write(signedData.signFinal());
                if (TextUtils.isEmpty(this.f7781c)) {
                    byteArray = byteArrayOutputStream.toByteArray();
                } else {
                    int signerCount = signedData.getSignerCount() - 1;
                    String stringAttribute = signedData.getStringAttribute(22, signerCount);
                    HttpGetTimeStamp httpGetTimeStamp = new HttpGetTimeStamp();
                    httpGetTimeStamp.setHttpImplement(new net.netca.pki.a.a.f.a());
                    httpGetTimeStamp.setHashAlgorithm(AlgorithmIdentifier.CreateAlgorithmIdentifier(AlgorithmIdentifier.SHA256_OID));
                    httpGetTimeStamp.setData(Util.HexDecode(stringAttribute));
                    httpGetTimeStamp.getTimeStamp(this.f7781c);
                    signedData.addUnsignedAttribute(signerCount, Attribute.SIGNATURE_TIMESTAMP, Util.encodeSetOf(httpGetTimeStamp.getTimeStampToken()));
                    byteArray = signedData.encode();
                }
                i.a(certificate);
                i.a(signedData);
                return byteArray;
            } catch (Exception e3) {
                e = e3;
                c.b("NetcaPdfSignature", e.getMessage());
                throw new IOException(e.getMessage() + " " + g.b(this.f7787i));
            } catch (Throwable th2) {
                th = th2;
                signedData2 = signedData;
                i.a(certificate);
                i.a(signedData2);
                throw th;
            }
        } catch (Exception e4) {
            e = e4;
        } catch (Throwable th3) {
            th = th3;
            certificate = null;
            i.a(certificate);
            i.a(signedData2);
            throw th;
        }
    }
}
