package eu.europa.esig.dss.jades.signature;

import eu.europa.esig.dss.enumerations.DigestAlgorithm;
import eu.europa.esig.dss.enumerations.JWSSerializationType;
import eu.europa.esig.dss.enumerations.SigDMechanism;
import eu.europa.esig.dss.enumerations.SignatureLevel;
import eu.europa.esig.dss.enumerations.SignaturePackaging;
import eu.europa.esig.dss.enumerations.TimestampType;
import eu.europa.esig.dss.jades.DSSJsonUtils;
import eu.europa.esig.dss.jades.JAdESSignatureParameters;
import eu.europa.esig.dss.jades.JAdESTimestampParameters;
import eu.europa.esig.dss.jades.JWSJsonSerializationObject;
import eu.europa.esig.dss.model.DSSDocument;
import eu.europa.esig.dss.model.DSSException;
import eu.europa.esig.dss.model.MimeType;
import eu.europa.esig.dss.model.SerializableSignatureParameters;
import eu.europa.esig.dss.model.SerializableTimestampParameters;
import eu.europa.esig.dss.model.SignaturePolicyStore;
import eu.europa.esig.dss.model.SignatureValue;
import eu.europa.esig.dss.model.ToBeSigned;
import eu.europa.esig.dss.signature.AbstractSignatureService;
import eu.europa.esig.dss.signature.CounterSignatureService;
import eu.europa.esig.dss.signature.MultipleDocumentsSignatureService;
import eu.europa.esig.dss.signature.SignatureExtension;
import eu.europa.esig.dss.signature.SigningOperation;
import eu.europa.esig.dss.spi.DSSUtils;
import eu.europa.esig.dss.utils.Utils;
import eu.europa.esig.dss.validation.CertificateVerifier;
import eu.europa.esig.dss.validation.timestamp.TimestampToken;
import java.io.IOException;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.tsp.TSPException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/jades/signature/JAdESService.class */
public class JAdESService extends AbstractSignatureService<JAdESSignatureParameters, JAdESTimestampParameters> implements MultipleDocumentsSignatureService<JAdESSignatureParameters, JAdESTimestampParameters>, CounterSignatureService<JAdESCounterSignatureParameters> {
    private static final Logger LOG = LoggerFactory.getLogger(JAdESService.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: eu.europa.esig.dss.jades.signature.JAdESService$1, reason: invalid class name */
    /* loaded from: input_file:eu/europa/esig/dss/jades/signature/JAdESService$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$eu$europa$esig$dss$enumerations$JWSSerializationType;
        static final /* synthetic */ int[] $SwitchMap$eu$europa$esig$dss$enumerations$SignatureLevel = new int[SignatureLevel.values().length];

        static {
            try {
                $SwitchMap$eu$europa$esig$dss$enumerations$SignatureLevel[SignatureLevel.JAdES_BASELINE_B.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$eu$europa$esig$dss$enumerations$SignatureLevel[SignatureLevel.JAdES_BASELINE_T.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$eu$europa$esig$dss$enumerations$SignatureLevel[SignatureLevel.JAdES_BASELINE_LT.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$eu$europa$esig$dss$enumerations$SignatureLevel[SignatureLevel.JAdES_BASELINE_LTA.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            $SwitchMap$eu$europa$esig$dss$enumerations$JWSSerializationType = new int[JWSSerializationType.values().length];
            try {
                $SwitchMap$eu$europa$esig$dss$enumerations$JWSSerializationType[JWSSerializationType.COMPACT_SERIALIZATION.ordinal()] = 1;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$eu$europa$esig$dss$enumerations$JWSSerializationType[JWSSerializationType.JSON_SERIALIZATION.ordinal()] = 2;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$eu$europa$esig$dss$enumerations$JWSSerializationType[JWSSerializationType.FLATTENED_JSON_SERIALIZATION.ordinal()] = 3;
            } catch (NoSuchFieldError e7) {
            }
        }
    }

    public JAdESService(CertificateVerifier certificateVerifier) {
        super(certificateVerifier);
        LOG.debug("+ JAdESService created");
    }

    public TimestampToken getContentTimestamp(DSSDocument dSSDocument, JAdESSignatureParameters jAdESSignatureParameters) {
        return getContentTimestamp(Arrays.asList(dSSDocument), jAdESSignatureParameters);
    }

    public TimestampToken getContentTimestamp(List<DSSDocument> list, JAdESSignatureParameters jAdESSignatureParameters) {
        byte[] concatenateDSSDocuments;
        if (this.tspSource == null) {
            throw new DSSException("A TSPSource is required!");
        }
        if (Utils.isCollectionEmpty(list)) {
            throw new DSSException("Original documents must be provided to generate a content timestamp!");
        }
        byte[] bArr = DSSUtils.EMPTY_BYTE_ARRAY;
        if (SigDMechanism.HTTP_HEADERS.equals(jAdESSignatureParameters.getSigDMechanism())) {
            concatenateDSSDocuments = new HttpHeadersPayloadBuilder(list, true).build();
        } else {
            concatenateDSSDocuments = DSSJsonUtils.concatenateDSSDocuments(list);
            if (jAdESSignatureParameters.isBase64UrlEncodedPayload()) {
                concatenateDSSDocuments = DSSJsonUtils.toBase64Url(concatenateDSSDocuments).getBytes();
            }
        }
        DigestAlgorithm digestAlgorithm = jAdESSignatureParameters.m3getContentTimestampParameters().getDigestAlgorithm();
        try {
            return new TimestampToken(this.tspSource.getTimeStampResponse(digestAlgorithm, DSSUtils.digest(digestAlgorithm, concatenateDSSDocuments)).getBytes(), TimestampType.CONTENT_TIMESTAMP);
        } catch (TSPException | IOException | CMSException e) {
            throw new DSSException("Cannot create a content TimestampToken", e);
        }
    }

    public ToBeSigned getDataToSign(DSSDocument dSSDocument, JAdESSignatureParameters jAdESSignatureParameters) {
        Objects.requireNonNull(dSSDocument, "toSignDocument cannot be null!");
        Objects.requireNonNull(jAdESSignatureParameters, "SignatureParameters cannot be null!");
        assertSigningDateInCertificateValidityRange(jAdESSignatureParameters);
        return getJAdESBuilder(jAdESSignatureParameters, Collections.singletonList(dSSDocument)).buildDataToBeSigned();
    }

    public ToBeSigned getDataToSign(List<DSSDocument> list, JAdESSignatureParameters jAdESSignatureParameters) {
        Objects.requireNonNull(jAdESSignatureParameters, "SignatureParameters cannot be null!");
        assertMultiDocumentsAllowed(list, jAdESSignatureParameters);
        assertSigningDateInCertificateValidityRange(jAdESSignatureParameters);
        return getJAdESBuilder(jAdESSignatureParameters, list).buildDataToBeSigned();
    }

    private void assertMultiDocumentsAllowed(List<DSSDocument> list, JAdESSignatureParameters jAdESSignatureParameters) {
        if (Utils.isCollectionEmpty(list)) {
            throw new DSSException("The documents to sign must be provided!");
        }
        SignaturePackaging signaturePackaging = jAdESSignatureParameters.getSignaturePackaging();
        if (!SignaturePackaging.DETACHED.equals(signaturePackaging) && list.size() > 1) {
            throw new DSSException("Not supported operation (only DETACHED are allowed for multiple document signing)!");
        }
        if (SignaturePackaging.DETACHED.equals(signaturePackaging) && SigDMechanism.NO_SIG_D.equals(jAdESSignatureParameters.getSigDMechanism()) && list.size() > 1) {
            throw new DSSException("NO_SIG_D mechanism is not allowed for multiple documents!");
        }
    }

    public DSSDocument signDocument(DSSDocument dSSDocument, JAdESSignatureParameters jAdESSignatureParameters, SignatureValue signatureValue) {
        return signDocument(Collections.singletonList(dSSDocument), jAdESSignatureParameters, signatureValue);
    }

    public DSSDocument signDocument(List<DSSDocument> list, JAdESSignatureParameters jAdESSignatureParameters, SignatureValue signatureValue) {
        JAdESBuilder jAdESBuilder = getJAdESBuilder(jAdESSignatureParameters, list);
        DSSDocument build = jAdESBuilder.build(signatureValue);
        SignatureExtension<JAdESSignatureParameters> extensionProfile = getExtensionProfile(jAdESSignatureParameters);
        if (extensionProfile != null) {
            if (SignaturePackaging.DETACHED.equals(jAdESSignatureParameters.getSignaturePackaging()) && Utils.isCollectionEmpty(jAdESSignatureParameters.getDetachedContents())) {
                jAdESSignatureParameters.setDetachedContents(list);
            }
            build = extensionProfile.extendSignatures(build, jAdESSignatureParameters);
        }
        build.setName(getFinalFileName(list.iterator().next(), SigningOperation.SIGN, jAdESSignatureParameters.getSignatureLevel()));
        build.setMimeType(jAdESBuilder.getMimeType());
        return build;
    }

    protected JAdESBuilder getJAdESBuilder(JAdESSignatureParameters jAdESSignatureParameters, List<DSSDocument> list) {
        JWSJsonSerializationObject jWSJsonSerializationObjectToSign = getJWSJsonSerializationObjectToSign(list);
        if (containsSignatures(jWSJsonSerializationObjectToSign)) {
            if (jWSJsonSerializationObjectToSign.isValid()) {
                return new JAdESSerializationBuilder(this.certificateVerifier, jAdESSignatureParameters, jWSJsonSerializationObjectToSign);
            }
            throw new DSSException(String.format("Parallel signing is not supported for invalid RFC 7515 signatures. Reason(s) : %s", jWSJsonSerializationObjectToSign.getStructuralValidationErrors()));
        }
        switch (AnonymousClass1.$SwitchMap$eu$europa$esig$dss$enumerations$JWSSerializationType[jAdESSignatureParameters.getJwsSerializationType().ordinal()]) {
            case 1:
                return new JAdESCompactBuilder(this.certificateVerifier, jAdESSignatureParameters, list);
            case 2:
            case 3:
                return new JAdESSerializationBuilder(this.certificateVerifier, jAdESSignatureParameters, list);
            default:
                throw new DSSException(String.format("The requested JWS Serialization Type '%s' is not supported!", jAdESSignatureParameters.getJwsSerializationType()));
        }
    }

    private JWSJsonSerializationObject getJWSJsonSerializationObjectToSign(List<DSSDocument> list) {
        if (Utils.isCollectionNotEmpty(list) && list.size() == 1) {
            return DSSJsonUtils.toJWSJsonSerializationObject(list.get(0));
        }
        return null;
    }

    private boolean containsSignatures(JWSJsonSerializationObject jWSJsonSerializationObject) {
        return jWSJsonSerializationObject != null && Utils.isCollectionNotEmpty(jWSJsonSerializationObject.getSignatures());
    }

    public DSSDocument extendDocument(DSSDocument dSSDocument, JAdESSignatureParameters jAdESSignatureParameters) {
        Objects.requireNonNull(dSSDocument, "toExtendDocument is not defined!");
        Objects.requireNonNull(jAdESSignatureParameters, "Cannot extend the signature. SignatureParameters are not defined!");
        Objects.requireNonNull(jAdESSignatureParameters.getSignatureLevel(), "SignatureLevel must be defined!");
        assertExtensionPossible(jAdESSignatureParameters);
        SignatureExtension<JAdESSignatureParameters> extensionProfile = getExtensionProfile(jAdESSignatureParameters);
        if (extensionProfile == null) {
            throw new DSSException("Cannot extend to " + jAdESSignatureParameters.getSignatureLevel());
        }
        DSSDocument extendSignatures = extensionProfile.extendSignatures(dSSDocument, jAdESSignatureParameters);
        extendSignatures.setName(getFinalFileName(dSSDocument, SigningOperation.EXTEND, jAdESSignatureParameters.getSignatureLevel()));
        extendSignatures.setMimeType(MimeType.JOSE_JSON);
        return extendSignatures;
    }

    private void assertExtensionPossible(JAdESSignatureParameters jAdESSignatureParameters) {
        if (!JWSSerializationType.JSON_SERIALIZATION.equals(jAdESSignatureParameters.getJwsSerializationType()) && !JWSSerializationType.FLATTENED_JSON_SERIALIZATION.equals(jAdESSignatureParameters.getJwsSerializationType())) {
            throw new DSSException(String.format("The type '%s' does not support signature extension!", jAdESSignatureParameters.getJwsSerializationType()));
        }
    }

    private SignatureExtension<JAdESSignatureParameters> getExtensionProfile(JAdESSignatureParameters jAdESSignatureParameters) {
        switch (AnonymousClass1.$SwitchMap$eu$europa$esig$dss$enumerations$SignatureLevel[jAdESSignatureParameters.getSignatureLevel().ordinal()]) {
            case 1:
                return null;
            case 2:
                JAdESLevelBaselineT jAdESLevelBaselineT = new JAdESLevelBaselineT(this.certificateVerifier);
                jAdESLevelBaselineT.setTspSource(this.tspSource);
                return jAdESLevelBaselineT;
            case 3:
                JAdESLevelBaselineLT jAdESLevelBaselineLT = new JAdESLevelBaselineLT(this.certificateVerifier);
                jAdESLevelBaselineLT.setTspSource(this.tspSource);
                return jAdESLevelBaselineLT;
            case 4:
                JAdESLevelBaselineLTA jAdESLevelBaselineLTA = new JAdESLevelBaselineLTA(this.certificateVerifier);
                jAdESLevelBaselineLTA.setTspSource(this.tspSource);
                return jAdESLevelBaselineLTA;
            default:
                throw new DSSException("Unsupported signature format " + jAdESSignatureParameters.getSignatureLevel());
        }
    }

    public DSSDocument timestamp(List<DSSDocument> list, JAdESTimestampParameters jAdESTimestampParameters) {
        throw new UnsupportedOperationException("Unsupported operation for this file format");
    }

    public DSSDocument addSignaturePolicyStore(DSSDocument dSSDocument, SignaturePolicyStore signaturePolicyStore) {
        return addSignaturePolicyStore(dSSDocument, signaturePolicyStore, true);
    }

    public DSSDocument addSignaturePolicyStore(DSSDocument dSSDocument, SignaturePolicyStore signaturePolicyStore, boolean z) {
        Objects.requireNonNull(dSSDocument, "The document cannot be null");
        Objects.requireNonNull(signaturePolicyStore, "The signaturePolicyStore cannot be null");
        DSSDocument addSignaturePolicyStore = new JAdESSignaturePolicyStoreBuilder().addSignaturePolicyStore(dSSDocument, signaturePolicyStore, z);
        addSignaturePolicyStore.setName(getFinalFileName(dSSDocument, SigningOperation.ADD_SIG_POLICY_STORE));
        addSignaturePolicyStore.setMimeType(dSSDocument.getMimeType());
        return addSignaturePolicyStore;
    }

    public ToBeSigned getDataToBeCounterSigned(DSSDocument dSSDocument, JAdESCounterSignatureParameters jAdESCounterSignatureParameters) {
        Objects.requireNonNull(dSSDocument, "signatureDocument cannot be null!");
        verifyAndSetCounterSignatureParameters(jAdESCounterSignatureParameters);
        return getDataToSign(new JAdESCounterSignatureBuilder().getSignatureValueToBeSigned(dSSDocument, jAdESCounterSignatureParameters), jAdESCounterSignatureParameters);
    }

    public DSSDocument counterSignSignature(DSSDocument dSSDocument, JAdESCounterSignatureParameters jAdESCounterSignatureParameters, SignatureValue signatureValue) {
        Objects.requireNonNull(dSSDocument, "signatureDocument cannot be null!");
        Objects.requireNonNull(jAdESCounterSignatureParameters, "SignatureParameters cannot be null!");
        Objects.requireNonNull(signatureValue, "signatureValue cannot be null!");
        verifyAndSetCounterSignatureParameters(jAdESCounterSignatureParameters);
        JAdESCounterSignatureBuilder jAdESCounterSignatureBuilder = new JAdESCounterSignatureBuilder();
        DSSDocument buildEmbeddedCounterSignature = jAdESCounterSignatureBuilder.buildEmbeddedCounterSignature(dSSDocument, signDocument(jAdESCounterSignatureBuilder.getSignatureValueToBeSigned(dSSDocument, jAdESCounterSignatureParameters), jAdESCounterSignatureParameters, signatureValue), jAdESCounterSignatureParameters);
        buildEmbeddedCounterSignature.setName(getFinalFileName(dSSDocument, SigningOperation.COUNTER_SIGN, jAdESCounterSignatureParameters.getSignatureLevel()));
        buildEmbeddedCounterSignature.setMimeType(dSSDocument.getMimeType());
        return buildEmbeddedCounterSignature;
    }

    private void verifyAndSetCounterSignatureParameters(JAdESCounterSignatureParameters jAdESCounterSignatureParameters) {
        if (jAdESCounterSignatureParameters.getSignaturePackaging() == null) {
            jAdESCounterSignatureParameters.setSignaturePackaging(SignaturePackaging.DETACHED);
        } else if (!SignaturePackaging.DETACHED.equals(jAdESCounterSignatureParameters.getSignaturePackaging())) {
            throw new IllegalArgumentException(String.format("The SignaturePackaging '%s' is not supported by JAdES Counter Signature!", jAdESCounterSignatureParameters.getSignaturePackaging()));
        }
        if (jAdESCounterSignatureParameters.getSigDMechanism() == null) {
            jAdESCounterSignatureParameters.setSigDMechanism(SigDMechanism.NO_SIG_D);
        } else if (!SigDMechanism.NO_SIG_D.equals(jAdESCounterSignatureParameters.getSigDMechanism())) {
            throw new IllegalArgumentException(String.format("The SigDMechanism '%s' is not supported by JAdES Counter Signature!", jAdESCounterSignatureParameters.getSigDMechanism()));
        }
        if (JWSSerializationType.JSON_SERIALIZATION.equals(jAdESCounterSignatureParameters.getJwsSerializationType())) {
            throw new IllegalArgumentException("The JWSSerializationType.JSON_SERIALIZATION parameter is not supported for a JAdES Counter Signature!");
        }
    }

    public /* bridge */ /* synthetic */ DSSDocument timestamp(List list, SerializableTimestampParameters serializableTimestampParameters) {
        return timestamp((List<DSSDocument>) list, (JAdESTimestampParameters) serializableTimestampParameters);
    }

    public /* bridge */ /* synthetic */ DSSDocument signDocument(List list, SerializableSignatureParameters serializableSignatureParameters, SignatureValue signatureValue) {
        return signDocument((List<DSSDocument>) list, (JAdESSignatureParameters) serializableSignatureParameters, signatureValue);
    }

    public /* bridge */ /* synthetic */ ToBeSigned getDataToSign(List list, SerializableSignatureParameters serializableSignatureParameters) {
        return getDataToSign((List<DSSDocument>) list, (JAdESSignatureParameters) serializableSignatureParameters);
    }

    public /* bridge */ /* synthetic */ TimestampToken getContentTimestamp(List list, SerializableSignatureParameters serializableSignatureParameters) {
        return getContentTimestamp((List<DSSDocument>) list, (JAdESSignatureParameters) serializableSignatureParameters);
    }
}
