package eu.europa.esig.dss.jades;

import eu.europa.esig.dss.enumerations.DigestAlgorithm;
import eu.europa.esig.dss.enumerations.ObjectIdentifier;
import eu.europa.esig.dss.jades.validation.EtsiUComponent;
import eu.europa.esig.dss.jades.validation.JAdESDocumentValidatorFactory;
import eu.europa.esig.dss.jades.validation.JAdESEtsiUHeader;
import eu.europa.esig.dss.jades.validation.JAdESSignature;
import eu.europa.esig.dss.jades.validation.JWS;
import eu.europa.esig.dss.model.DSSDocument;
import eu.europa.esig.dss.model.DSSException;
import eu.europa.esig.dss.model.Digest;
import eu.europa.esig.dss.model.DigestDocument;
import eu.europa.esig.dss.model.InMemoryDocument;
import eu.europa.esig.dss.model.TimestampBinary;
import eu.europa.esig.dss.model.x509.CertificateToken;
import eu.europa.esig.dss.spi.DSSASN1Utils;
import eu.europa.esig.dss.spi.DSSUtils;
import eu.europa.esig.dss.utils.Utils;
import eu.europa.esig.jades.JAdESUtils;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.TimeZone;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.bouncycastle.asn1.x509.IssuerSerial;
import org.jose4j.base64url.Base64Url;
import org.jose4j.json.JsonUtil;
import org.jose4j.json.internal.json_simple.JSONArray;
import org.jose4j.json.internal.json_simple.JSONValue;
import org.jose4j.jwx.CompactSerializer;
import org.jose4j.lang.JoseException;
import org.jose4j.lang.StringUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/jades/DSSJsonUtils.class */
public class DSSJsonUtils {
    public static final String MIME_TYPE_APPLICATION_PREFIX = "application/";
    public static final String HTTP_HEADER_DIGEST = "Digest";
    public static final String CONTENT_ENCODING_BINARY = "binary";
    private static final String DATE_TIME_FORMAT_RFC3339 = "yyyy-MM-dd'T'HH:mm:ss'Z'";
    public static final String OID_NAMESPACE_PREFIX = "urn:oid:";
    private static final Logger LOG = LoggerFactory.getLogger(DSSJsonUtils.class);
    private static final byte[] URL_SAFE_ENCODE_TABLE = {65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 45, 95};
    private static final Set<String> criticalHeaders = (Set) Stream.of((Object[]) new String[]{JAdESHeaderParameterNames.SIG_T, JAdESHeaderParameterNames.X5T_O, JAdESHeaderParameterNames.SIG_X5T_S, JAdESHeaderParameterNames.SR_CMS, JAdESHeaderParameterNames.SIG_PL, JAdESHeaderParameterNames.SR_ATS, JAdESHeaderParameterNames.ADO_TST, JAdESHeaderParameterNames.SIG_PID, JAdESHeaderParameterNames.SIG_D, "b64"}).collect(Collectors.toSet());
    private static final Set<String> criticalHeaderExceptions = (Set) Stream.of((Object[]) new String[]{"alg", "jku", "jwk", "kid", "x5u", "x5c", "x5t", "x5t#S256", "typ", "cty", "crit", "epk", "apu", "apv", "iv", "tag", "p2s", "p2c", "enc", "zip"}).collect(Collectors.toSet());

    private DSSJsonUtils() {
    }

    public static byte[] getAsciiBytes(String str) {
        return StringUtil.getBytesAscii(str);
    }

    public static String toBase64Url(byte[] bArr) {
        return Base64Url.encode(bArr);
    }

    public static String toBase64Url(DSSDocument dSSDocument) {
        return toBase64Url(DSSUtils.toByteArray(dSSDocument));
    }

    public static String toBase64Url(Object obj) {
        return Base64Url.encode(JSONValue.toJSONString(obj).getBytes());
    }

    public static byte[] fromBase64Url(String str) {
        return Base64Url.decode(str);
    }

    public static boolean isBase64UrlEncoded(String str) {
        try {
            Base64Url.decode(str);
            for (byte b : str.getBytes()) {
                if (!isBase64UrlEncoded(b)) {
                    return false;
                }
            }
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    public static boolean isBase64UrlEncoded(byte b) {
        for (byte b2 : URL_SAFE_ENCODE_TABLE) {
            if (b == b2) {
                return true;
            }
        }
        return false;
    }

    public static boolean isUrlSafePayload(String str) {
        return str.matches("[^\\P{Print}.]*");
    }

    public static boolean isUrlSafe(byte b) {
        return (31 < b && b < 46) || (46 < b && b < Byte.MAX_VALUE);
    }

    public static boolean isUtf8(byte[] bArr) {
        try {
            StandardCharsets.UTF_8.newDecoder().decode(ByteBuffer.wrap(bArr));
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    public static String concatenate(String... strArr) {
        return CompactSerializer.serialize(strArr);
    }

    public static Set<String> getSupportedCriticalHeaders() {
        return criticalHeaders;
    }

    public static boolean isCriticalHeaderException(String str) {
        return criticalHeaderExceptions.contains(str);
    }

    public static Digest getDigest(Map<?, ?> map) {
        try {
            if (!Utils.isMapNotEmpty(map)) {
                return null;
            }
            String str = (String) map.get(JAdESHeaderParameterNames.DIG_ALG);
            String str2 = (String) map.get(JAdESHeaderParameterNames.DIG_VAL);
            if (Utils.isStringNotEmpty(str) && Utils.isStringNotEmpty(str2)) {
                return new Digest(DigestAlgorithm.forJAdES(str), fromBase64Url(str2));
            }
            return null;
        } catch (Exception e) {
            LOG.warn("Unable to extract Digest Algorithm and Value. Reason : {}", e.getMessage(), e);
            return null;
        }
    }

    public static JsonObject getOidObject(ObjectIdentifier objectIdentifier) {
        return getOidObject(getUriOrUrnOid(objectIdentifier), objectIdentifier.getDescription(), objectIdentifier.getDocumentationReferences());
    }

    public static String getUriOrUrnOid(ObjectIdentifier objectIdentifier) {
        String uri = objectIdentifier.getUri();
        if (uri == null && objectIdentifier.getOid() != null) {
            uri = toUrnOid(objectIdentifier.getOid());
        }
        return uri;
    }

    public static String toUrnOid(String str) {
        return OID_NAMESPACE_PREFIX + str;
    }

    public static JsonObject getOidObject(String str, String str2, String[] strArr) {
        Objects.requireNonNull(str, "uri must be defined!");
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put(JAdESHeaderParameterNames.ID, str);
        if (Utils.isStringNotEmpty(str2)) {
            linkedHashMap.put(JAdESHeaderParameterNames.DESC, str2);
        }
        if (Utils.isArrayNotEmpty(strArr)) {
            linkedHashMap.put(JAdESHeaderParameterNames.DOC_REFS, new JSONArray(Arrays.asList(strArr)));
        }
        return new JsonObject(linkedHashMap);
    }

    public static JsonObject getTstContainer(List<TimestampBinary> list, String str) {
        if (Utils.isCollectionEmpty(list)) {
            throw new IllegalArgumentException("Impossible to create 'tstContainer'. List of TimestampBinaries cannot be null or empty!");
        }
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        if (str != null) {
            linkedHashMap.put(JAdESHeaderParameterNames.CANON_ALG, str);
        }
        ArrayList arrayList = new ArrayList();
        Iterator<TimestampBinary> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(getTstToken(it.next()));
        }
        linkedHashMap.put(JAdESHeaderParameterNames.TST_TOKENS, new JSONArray(arrayList));
        return new JsonObject(linkedHashMap);
    }

    private static JsonObject getTstToken(TimestampBinary timestampBinary) {
        Objects.requireNonNull(timestampBinary, "timestampBinary cannot be null!");
        HashMap hashMap = new HashMap();
        hashMap.put(JAdESHeaderParameterNames.VAL, Utils.toBase64(timestampBinary.getBytes()));
        return new JsonObject(hashMap);
    }

    public static byte[] concatenateDSSDocuments(List<DSSDocument> list) {
        if (Utils.isCollectionEmpty(list)) {
            throw new IllegalArgumentException("Unable to build a JWS Payload. Reason : the detached content is not provided!");
        }
        if (list.size() == 1) {
            return DSSUtils.toByteArray(list.get(0));
        }
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                Iterator<DSSDocument> it = list.iterator();
                while (it.hasNext()) {
                    byteArrayOutputStream.write(DSSUtils.toByteArray(it.next()));
                }
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                byteArrayOutputStream.close();
                return byteArray;
            } finally {
            }
        } catch (IOException e) {
            throw new DSSException(String.format("Unable to build a JWS Payload. Reason : %s", e.getMessage()), e);
        }
    }

    public static boolean isJsonDocument(DSSDocument dSSDocument) {
        if (!isAllowedSignatureDocumentType(dSSDocument)) {
            return false;
        }
        try {
            InputStream openStream = dSSDocument.openStream();
            try {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                try {
                    int read = openStream.read();
                    if (read != 123) {
                        byteArrayOutputStream.close();
                        if (openStream != null) {
                            openStream.close();
                        }
                        return false;
                    }
                    byteArrayOutputStream.write(read);
                    Utils.copy(openStream, byteArrayOutputStream);
                    if (byteArrayOutputStream.size() < 2) {
                        byteArrayOutputStream.close();
                        if (openStream != null) {
                            openStream.close();
                        }
                        return false;
                    }
                    boolean z = JsonUtil.parseJson(byteArrayOutputStream.toString()) != null;
                    byteArrayOutputStream.close();
                    if (openStream != null) {
                        openStream.close();
                    }
                    return z;
                } catch (Throwable th) {
                    try {
                        byteArrayOutputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            } finally {
            }
        } catch (JoseException e) {
            LOG.warn("Unable to parse content as JSON : {}", e.getMessage());
            return false;
        } catch (IOException e2) {
            throw new DSSException(String.format("Cannot read the document. Reason : %s", e2.getMessage()), e2);
        }
    }

    public static boolean isAllowedSignatureDocumentType(DSSDocument dSSDocument) {
        if (!(dSSDocument instanceof DigestDocument) && !(dSSDocument instanceof HTTPHeader)) {
            return true;
        }
        if (!LOG.isDebugEnabled()) {
            return false;
        }
        LOG.debug("The provided document of class '{}' cannot be parsed.", dSSDocument.getClass());
        return false;
    }

    public static List<Object> getEtsiU(JWS jws) {
        Map<String, Object> unprotected = jws.getUnprotected();
        return unprotected == null ? Collections.emptyList() : (List) unprotected.get(JAdESHeaderParameterNames.ETSI_U);
    }

    public static List<EtsiUComponent> getUnsignedPropertiesWithHeaderName(JAdESEtsiUHeader jAdESEtsiUHeader, String str) {
        if (!jAdESEtsiUHeader.isExist()) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        for (EtsiUComponent etsiUComponent : jAdESEtsiUHeader.getAttributes()) {
            if (str.equals(etsiUComponent.getHeaderName())) {
                arrayList.add(etsiUComponent);
            }
        }
        return arrayList;
    }

    public static Date getDate(String str) {
        if (!Utils.isStringNotEmpty(str)) {
            return null;
        }
        try {
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat(DATE_TIME_FORMAT_RFC3339);
            simpleDateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));
            return simpleDateFormat.parse(str);
        } catch (ParseException e) {
            LOG.warn("Unable to parse date with value '{}' : {}", str, e.getMessage());
            return null;
        }
    }

    public static IssuerSerial getIssuerSerial(String str) {
        if (Utils.isStringNotEmpty(str) && Utils.isBase64Encoded(str)) {
            return DSSASN1Utils.getIssuerSerial(Utils.fromBase64(str));
        }
        return null;
    }

    public static String generateKid(CertificateToken certificateToken) {
        return Utils.toBase64(DSSASN1Utils.getDEREncoded(DSSASN1Utils.getIssuerSerial(certificateToken)));
    }

    public static JAdESSignature extractJAdESCounterSignature(EtsiUComponent etsiUComponent, JAdESSignature jAdESSignature) {
        Object value = etsiUComponent.getValue();
        String str = null;
        if (value instanceof String) {
            str = (String) value;
        } else if (value instanceof Map) {
            str = JsonUtil.toJson((Map) value);
        } else {
            LOG.warn("Unsupported entry of type 'cSig' found! Class : {}. The entry is skipped", value.getClass());
        }
        if (!Utils.isStringNotEmpty(str)) {
            return null;
        }
        DSSDocument inMemoryDocument = new InMemoryDocument(str.getBytes());
        JAdESDocumentValidatorFactory jAdESDocumentValidatorFactory = new JAdESDocumentValidatorFactory();
        if (!jAdESDocumentValidatorFactory.isSupported(inMemoryDocument)) {
            return null;
        }
        List signatures = jAdESDocumentValidatorFactory.m17create(inMemoryDocument).getSignatures();
        if (signatures.size() != 1) {
            LOG.warn("{} counter signatures found in 'cSig' element. Only one is allowed!", Integer.valueOf(signatures.size()));
            return null;
        }
        JAdESSignature jAdESSignature2 = (JAdESSignature) signatures.iterator().next();
        jAdESSignature2.setMasterSignature(jAdESSignature);
        jAdESSignature2.setMasterCSigComponent(etsiUComponent);
        jAdESSignature2.setDetachedContents(Arrays.asList(new InMemoryDocument(jAdESSignature.getSignatureValue())));
        if (LOG.isDebugEnabled()) {
            LOG.debug("A JWS counter signature found with Id : '{}'", jAdESSignature2.getId());
        }
        return jAdESSignature2;
    }

    public static List<String> validateAgainstJAdESSchema(JWS jws) {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(JAdESUtils.getInstance().validateAgainstJWSProtectedHeaderSchema(jws.getHeaders().getFullHeaderAsJsonString()));
        Map<String, Object> unprotected = jws.getUnprotected();
        if (Utils.isMapNotEmpty(unprotected)) {
            arrayList.addAll(JAdESUtils.getInstance().validateAgainstJWSUnprotectedHeaderSchema(JsonUtil.toJson(unprotected)));
            Object obj = unprotected.get(JAdESHeaderParameterNames.ETSI_U);
            if ((obj instanceof List) && areAllBase64UrlComponents((List) obj)) {
                arrayList.addAll(JAdESUtils.getInstance().validateAgainstJWSUnprotectedHeaderSchema(JsonUtil.toJson(getClearEtsiURepresentation(unprotected))));
            }
        }
        return arrayList;
    }

    public static boolean checkComponentsUnicity(List<Object> list) {
        if (!Utils.isCollectionNotEmpty(list)) {
            return true;
        }
        Iterator<Object> it = list.iterator();
        boolean isStringFormat = isStringFormat(it.next());
        while (it.hasNext()) {
            if (isStringFormat != isStringFormat(it.next())) {
                return false;
            }
        }
        return true;
    }

    public static boolean isStringFormat(Object obj) {
        return obj instanceof String;
    }

    public static boolean areAllBase64UrlComponents(List<Object> list) {
        if (!Utils.isCollectionNotEmpty(list)) {
            return true;
        }
        for (Object obj : list) {
            if (!isStringFormat(obj) || !isBase64UrlEncoded((String) obj)) {
                return false;
            }
        }
        return true;
    }

    private static Map<String, Object> getClearEtsiURepresentation(Map<String, Object> map) {
        ArrayList arrayList = new ArrayList();
        Iterator it = ((List) map.get(JAdESHeaderParameterNames.ETSI_U)).iterator();
        while (it.hasNext()) {
            arrayList.add(parseEtsiUComponent(it.next()));
        }
        HashMap hashMap = new HashMap();
        hashMap.put(JAdESHeaderParameterNames.ETSI_U, arrayList);
        return hashMap;
    }

    public static Map<String, Object> parseEtsiUComponent(Object obj) {
        try {
            if (obj instanceof Map) {
                Map<String, Object> map = (Map) obj;
                if (map.size() == 1) {
                    return map;
                }
                LOG.debug("A child of 'etsiU' shall contain only one entry! Found : {}. The element is skipped for message a imprint computation!", Integer.valueOf(map.size()));
                return null;
            }
            if (obj instanceof String) {
                String str = (String) obj;
                if (isBase64UrlEncoded(str)) {
                    return JsonUtil.parseJson(new String(fromBase64Url(str)));
                }
                LOG.debug("A String component of 'etsiU' array shall be base64Url encoded!");
            } else {
                LOG.debug("A component of unsupported class '{}' found inside an 'etsiU' array!", obj.getClass());
            }
            return null;
        } catch (Exception e) {
            LOG.warn("An error occurred during 'etsiU' component parsing : {}", e.getMessage(), e);
            return null;
        }
    }

    public static JWSJsonSerializationObject toJWSJsonSerializationObject(JWS jws) {
        JWSJsonSerializationObject jWSJsonSerializationObject = new JWSJsonSerializationObject();
        jWSJsonSerializationObject.getSignatures().add(jws);
        jWSJsonSerializationObject.setPayload(jws.getSignedPayload());
        return jWSJsonSerializationObject;
    }

    public static byte[] getSigningInputBytes(JWS jws) {
        byte[] byteArray;
        if (jws.isRfc7797UnencodedPayload()) {
            try {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                try {
                    byteArrayOutputStream.write(getAsciiBytes(jws.getEncodedHeader()));
                    byteArrayOutputStream.write(46);
                    byte[] unverifiedPayloadBytes = jws.getUnverifiedPayloadBytes();
                    if (Utils.isArrayNotEmpty(unverifiedPayloadBytes)) {
                        byteArrayOutputStream.write(unverifiedPayloadBytes);
                    }
                    byteArray = byteArrayOutputStream.toByteArray();
                    byteArrayOutputStream.close();
                } finally {
                }
            } catch (IOException e) {
                throw new DSSException(String.format("Unable to compute the JWS Signature Input for the unencoded payload! Reason : %s", e.getMessage()), e);
            }
        } else {
            byteArray = getAsciiBytes(concatenate(jws.getEncodedHeader(), jws.getEncodedPayload()));
        }
        if (LOG.isTraceEnabled()) {
            LOG.trace("JWS Signature Input: ");
            LOG.trace(new String(byteArray));
        }
        return byteArray;
    }
}
