package eu.europa.esig.dss.pades.signature;

import eu.europa.esig.dss.DSSASN1Utils;
import eu.europa.esig.dss.DSSDocument;
import eu.europa.esig.dss.DSSUtils;
import eu.europa.esig.dss.DigestAlgorithm;
import eu.europa.esig.dss.EncryptionAlgorithm;
import eu.europa.esig.dss.FileDocument;
import eu.europa.esig.dss.MimeType;
import eu.europa.esig.dss.SignatureAlgorithm;
import eu.europa.esig.dss.SignatureLevel;
import eu.europa.esig.dss.pades.PAdESSignatureParameters;
import eu.europa.esig.dss.signature.DocumentSignatureService;
import eu.europa.esig.dss.test.gen.CertificateService;
import eu.europa.esig.dss.test.mock.MockPrivateKeyEntry;
import eu.europa.esig.dss.utils.Utils;
import eu.europa.esig.dss.validation.CommonCertificateVerifier;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.math.BigInteger;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.List;
import javax.crypto.Cipher;
import org.apache.pdfbox.pdmodel.PDDocument;
import org.apache.pdfbox.pdmodel.interactive.digitalsignature.PDSignature;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.cms.SignedData;
import org.bouncycastle.asn1.cms.SignerInfo;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.DigestInfo;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.util.encoders.Hex;
import org.junit.Assert;
import org.junit.Before;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/pades/signature/PAdESLevelBTest.class */
public class PAdESLevelBTest extends AbstractPAdESTestSignature {
    private static final Logger logger = LoggerFactory.getLogger(PAdESLevelBTest.class);
    private DocumentSignatureService<PAdESSignatureParameters> service;
    private PAdESSignatureParameters signatureParameters;
    private DSSDocument documentToSign;
    private MockPrivateKeyEntry privateKeyEntry;

    @Before
    public void init() throws Exception {
        this.documentToSign = new FileDocument(new File("src/test/resources/sample.pdf"));
        this.privateKeyEntry = new CertificateService().generateCertificateChain(SignatureAlgorithm.RSA_SHA256);
        this.signatureParameters = new PAdESSignatureParameters();
        this.signatureParameters.bLevel().setSigningDate(new Date());
        this.signatureParameters.setSigningCertificate(this.privateKeyEntry.getCertificate());
        this.signatureParameters.setCertificateChain(this.privateKeyEntry.getCertificateChain());
        this.signatureParameters.setSignatureLevel(SignatureLevel.PAdES_BASELINE_B);
        this.signatureParameters.setLocation("Luxembourg");
        this.signatureParameters.setReason("DSS testing");
        this.signatureParameters.setContactInfo("Jira");
        this.service = new PAdESService(new CommonCertificateVerifier());
    }

    @Override // eu.europa.esig.dss.pades.signature.AbstractPAdESTestSignature
    protected void onDocumentSigned(byte[] bArr) {
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            PDDocument load = PDDocument.load(byteArrayInputStream);
            List<PDSignature> signatureDictionaries = load.getSignatureDictionaries();
            Assert.assertEquals(1L, signatureDictionaries.size());
            for (PDSignature pDSignature : signatureDictionaries) {
                byte[] contents = pDSignature.getContents(bArr);
                byte[] signedContent = pDSignature.getSignedContent(bArr);
                logger.info("Byte range : " + Arrays.toString(pDSignature.getByteRange()));
                ASN1InputStream aSN1InputStream = new ASN1InputStream(contents);
                ASN1Sequence readObject = aSN1InputStream.readObject();
                logger.info("SEQ : " + readObject.toString());
                Assert.assertEquals(PKCSObjectIdentifiers.signedData, ASN1ObjectIdentifier.getInstance(readObject.getObjectAt(0)));
                SignedData signedData = SignedData.getInstance(DERTaggedObject.getInstance(readObject.getObjectAt(1)).getObject());
                ASN1ObjectIdentifier aSN1ObjectIdentifier = ASN1ObjectIdentifier.getInstance(ASN1Sequence.getInstance(signedData.getDigestAlgorithms().getObjectAt(0)).getObjectAt(0));
                DigestAlgorithm forOID = DigestAlgorithm.forOID(aSN1ObjectIdentifier.getId());
                logger.info("DIGEST ALGO : " + forOID);
                ContentInfo encapContentInfo = signedData.getEncapContentInfo();
                ASN1ObjectIdentifier contentType = encapContentInfo.getContentType();
                logger.info("ENCAPSULATED CONTENT INFO TYPE : " + contentType);
                Assert.assertEquals(PKCSObjectIdentifiers.data, contentType);
                ASN1Encodable content = encapContentInfo.getContent();
                logger.info("ENCAPSULATED CONTENT INFO CONTENT : " + content);
                Assert.assertNull(content);
                List<X509Certificate> extractCertificates = extractCertificates(signedData);
                ASN1Set signerInfos = signedData.getSignerInfos();
                logger.info("SIGNER INFO ASN1 : " + signerInfos.toString());
                SignerInfo signerInfo = SignerInfo.getInstance(ASN1Sequence.getInstance(signerInfos.getObjectAt(0)));
                Assert.assertNull(signerInfo.getUnauthenticatedAttributes());
                ASN1Set authenticatedAttributes = signerInfo.getAuthenticatedAttributes();
                logger.info("AUTHENTICATED ATTR : " + authenticatedAttributes);
                ArrayList arrayList = new ArrayList();
                int i = 0;
                for (int i2 = 0; i2 < authenticatedAttributes.size(); i2++) {
                    Attribute attribute = Attribute.getInstance(authenticatedAttributes.getObjectAt(i2));
                    ASN1ObjectIdentifier attrType = attribute.getAttrType();
                    arrayList.add(attrType);
                    int length = attrType.getEncoded().length + attribute.getEncoded().length;
                    Assert.assertTrue(length >= i);
                    i = length;
                }
                logger.info("List of OID for Auth Attrb : " + arrayList);
                Attribute attribute2 = Attribute.getInstance(authenticatedAttributes.getObjectAt(1));
                Assert.assertEquals(PKCSObjectIdentifiers.pkcs_9_at_messageDigest, attribute2.getAttrType());
                String base64 = Utils.toBase64(ASN1OctetString.getInstance(attribute2.getAttrValues().getObjectAt(0)).getOctets());
                logger.info("MESSAGE DIGEST : " + base64);
                String base642 = Utils.toBase64(DSSUtils.digest(forOID, signedContent));
                logger.info("COMPUTED DIGEST SIGNED CONTENT BASE64 : " + base642);
                Assert.assertEquals(base64, base642);
                logger.info("SIGNER IDENTIFIER : " + signerInfo.getSID().getId());
                IssuerAndSerialNumber issuerAndSerialNumber = IssuerAndSerialNumber.getInstance(signerInfo.getSID());
                logger.info("ISSUER AND SN : " + issuerAndSerialNumber.getName() + " " + issuerAndSerialNumber.getSerialNumber());
                BigInteger value = issuerAndSerialNumber.getSerialNumber().getValue();
                X509Certificate x509Certificate = null;
                for (X509Certificate x509Certificate2 : extractCertificates) {
                    if (value.equals(x509Certificate2.getSerialNumber())) {
                        x509Certificate = x509Certificate2;
                    }
                }
                Assert.assertNotNull(x509Certificate);
                EncryptionAlgorithm forName = EncryptionAlgorithm.forName(x509Certificate.getPublicKey().getAlgorithm());
                ASN1OctetString encryptedDigest = signerInfo.getEncryptedDigest();
                logger.info("SIGNATURE VALUE : " + Hex.toHexString(encryptedDigest.getOctets()));
                Cipher cipher = Cipher.getInstance(forName.getName());
                cipher.init(2, x509Certificate);
                ASN1InputStream aSN1InputStream2 = new ASN1InputStream(cipher.doFinal(encryptedDigest.getOctets()));
                ASN1Sequence readObject2 = aSN1InputStream2.readObject();
                logger.info("DECRYPTED : " + readObject2);
                DigestInfo digestInfo = new DigestInfo(readObject2);
                Assert.assertEquals(aSN1ObjectIdentifier, digestInfo.getAlgorithmId().getAlgorithm());
                String base643 = Utils.toBase64(digestInfo.getDigest());
                logger.info("DECRYPTED BASE64 : " + base643);
                String base644 = Utils.toBase64(DSSUtils.digest(forOID, authenticatedAttributes.getEncoded()));
                logger.info("COMPUTED DIGEST FROM SIGNATURE BASE64 : " + base644);
                Assert.assertEquals(base643, base644);
                Utils.closeQuietly(aSN1InputStream2);
                Utils.closeQuietly(aSN1InputStream);
            }
            Utils.closeQuietly(byteArrayInputStream);
            load.close();
        } catch (Exception e) {
            logger.error(e.getMessage(), e);
            Assert.fail(e.getMessage());
        }
    }

    private List<X509Certificate> extractCertificates(SignedData signedData) throws Exception {
        ASN1Set certificates = signedData.getCertificates();
        logger.info("CERTIFICATES (" + certificates.size() + ") : " + certificates);
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < certificates.size(); i++) {
            arrayList.add(DSSASN1Utils.getCertificate(new X509CertificateHolder(ASN1Sequence.getInstance(certificates.getObjectAt(i)).getEncoded())).getCertificate());
        }
        return arrayList;
    }

    protected DocumentSignatureService<PAdESSignatureParameters> getService() {
        return this.service;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* renamed from: getSignatureParameters, reason: merged with bridge method [inline-methods] */
    public PAdESSignatureParameters m7getSignatureParameters() {
        return this.signatureParameters;
    }

    protected MimeType getExpectedMime() {
        return MimeType.PDF;
    }

    protected boolean isBaselineT() {
        return false;
    }

    protected boolean isBaselineLTA() {
        return false;
    }

    protected DSSDocument getDocumentToSign() {
        return this.documentToSign;
    }

    protected MockPrivateKeyEntry getPrivateKeyEntry() {
        return this.privateKeyEntry;
    }
}
