package org.linagora.linsign.server.entities.impl;

import it.trento.comune.j4sign.cms.ExternalSignatureCMSSignedDataGenerator;
import it.trento.comune.j4sign.cms.ExternalSignatureSignerInfoGenerator;
import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.MessageDigest;
import java.security.Security;
import java.security.cert.CertStore;
import java.security.cert.CollectionCertStoreParameters;
import java.util.ArrayList;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.cms.CMSProcessable;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.linagora.linsign.exceptions.ComputeSignatureException;
import org.linagora.linsign.exceptions.FinalizeDocumentException;
import org.linagora.linsign.server.entities.SignedDocumentsContainer;
import org.linagora.linsign.utils.archive.ArchiveFile;
import org.linagora.linsign.utils.encode.Base64Utils;
import org.linagora.linsign.utils.sign.config.SignaturePolicy;

/* loaded from: input_file:WEB-INF/lib/linsign-1.0.jar:org/linagora/linsign/server/entities/impl/CmsObject.class */
public class CmsObject extends SignedDocumentsContainer {
    private ExternalSignatureCMSSignedDataGenerator gen;
    private ExternalSignatureSignerInfoGenerator signerGenerator;
    private CMSProcessable msg;

    public CmsObject(String str) {
        super(str);
    }

    public CmsObject() {
    }

    @Override // org.linagora.linsign.server.entities.SignedDocumentsContainer
    protected byte[] computeSignature(SignaturePolicy signaturePolicy) throws ComputeSignatureException {
        installBC();
        this.signerGenerator = new ExternalSignatureSignerInfoGenerator(CMSSignedDataGenerator.DIGEST_SHA1, CMSSignedDataGenerator.ENCRYPTION_RSA);
        try {
            File file = getSourceDocuments().get(0);
            byte[] bArr = new byte[(int) file.length()];
            DataInputStream dataInputStream = new DataInputStream(new FileInputStream(file));
            dataInputStream.readFully(bArr);
            dataInputStream.close();
            this.msg = new CMSProcessableByteArray(bArr);
            byte[] bytesToSign = this.signerGenerator.getBytesToSign(PKCSObjectIdentifiers.data, this.msg, "BC");
            MessageDigest messageDigest = MessageDigest.getInstance(CMSSignedDataGenerator.DIGEST_SHA1);
            messageDigest.update(bytesToSign);
            return messageDigest.digest();
        } catch (Exception e) {
            throw new ComputeSignatureException(e);
        }
    }

    @Override // org.linagora.linsign.server.entities.SignedDocumentsContainer
    public File computeFinalizeDocument(String str) throws FinalizeDocumentException {
        try {
            if (this.endDocument == null) {
                this.endDocument = ArchiveFile.getOutputNameWithCMSExtension(this.sourceDocuments.get(0));
            }
            this.signature = Base64Utils.decode(str);
            if (this.signercert != null && this.signature != null) {
                ExternalSignatureCMSSignedDataGenerator externalSignatureCMSSignedDataGenerator = new ExternalSignatureCMSSignedDataGenerator();
                this.signerGenerator.setCertificate(this.signercert);
                this.signerGenerator.setSignedBytes(this.signature);
                externalSignatureCMSSignedDataGenerator.addSignerInf(this.signerGenerator);
                ArrayList arrayList = new ArrayList();
                arrayList.add(this.signercert);
                externalSignatureCMSSignedDataGenerator.addCertificatesAndCRLs(CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList), "BC"));
                byte[] encoded = externalSignatureCMSSignedDataGenerator.generate(this.msg, true).getEncoded();
                FileOutputStream fileOutputStream = new FileOutputStream(this.endDocument);
                fileOutputStream.write(encoded);
                fileOutputStream.close();
            }
            return this.endDocument;
        } catch (Exception e) {
            throw new FinalizeDocumentException(e);
        }
    }

    private void installBC() {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
