package eu.europa.esig.dss.pades.signature;

import eu.europa.esig.dss.DSSDocument;
import eu.europa.esig.dss.DSSException;
import eu.europa.esig.dss.DSSUtils;
import eu.europa.esig.dss.DigestAlgorithm;
import eu.europa.esig.dss.InMemoryDocument;
import eu.europa.esig.dss.MimeType;
import eu.europa.esig.dss.SignatureLevel;
import eu.europa.esig.dss.cades.validation.CAdESSignature;
import eu.europa.esig.dss.pades.PAdESSignatureParameters;
import eu.europa.esig.dss.pades.validation.PAdESSignature;
import eu.europa.esig.dss.pades.validation.PDFDocumentValidator;
import eu.europa.esig.dss.pdf.PdfObjFactory;
import eu.europa.esig.dss.pdf.model.ModelPdfArray;
import eu.europa.esig.dss.pdf.model.ModelPdfDict;
import eu.europa.esig.dss.pdf.model.ModelPdfStream;
import eu.europa.esig.dss.signature.SignatureExtension;
import eu.europa.esig.dss.validation.AdvancedSignature;
import eu.europa.esig.dss.validation.CertificateVerifier;
import eu.europa.esig.dss.validation.DefaultAdvancedSignature;
import eu.europa.esig.dss.x509.CertificateToken;
import eu.europa.esig.dss.x509.OCSPToken;
import eu.europa.esig.dss.x509.crl.CRLToken;
import eu.europa.esig.dss.x509.tsp.TSPSource;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.collections.CollectionUtils;

/* loaded from: input_file:eu/europa/esig/dss/pades/signature/PAdESLevelBaselineLT.class */
class PAdESLevelBaselineLT implements SignatureExtension<PAdESSignatureParameters> {
    private ModelPdfArray dssCertArray = new ModelPdfArray();
    private ModelPdfArray dssOcspArray = new ModelPdfArray();
    private ModelPdfArray dssCrlArray = new ModelPdfArray();
    private final CertificateVerifier certificateVerifier;
    private final TSPSource tspSource;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:eu/europa/esig/dss/pades/signature/PAdESLevelBaselineLT$SignatureValidationCallBack.class */
    public class SignatureValidationCallBack {
        private PAdESSignature signature;
        private List<CRLToken> crls;
        private List<OCSPToken> ocsps;
        private Set<CertificateToken> certificates;

        SignatureValidationCallBack() {
        }

        public PAdESSignature getSignature() {
            return this.signature;
        }

        public void setSignature(PAdESSignature pAdESSignature) {
            this.signature = pAdESSignature;
        }

        public List<CRLToken> getCrls() {
            return this.crls;
        }

        public void setCrls(List<CRLToken> list) {
            this.crls = list;
        }

        public List<OCSPToken> getOcsps() {
            return this.ocsps;
        }

        public void setOcsps(List<OCSPToken> list) {
            this.ocsps = list;
        }

        public Set<CertificateToken> getCertificates() {
            return this.certificates;
        }

        public void setCertificates(Set<CertificateToken> set) {
            this.certificates = set;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PAdESLevelBaselineLT(TSPSource tSPSource, CertificateVerifier certificateVerifier) {
        this.certificateVerifier = certificateVerifier;
        this.tspSource = tSPSource;
    }

    public InMemoryDocument extendSignatures(DSSDocument dSSDocument, PAdESSignatureParameters pAdESSignatureParameters) throws DSSException {
        try {
            PDFDocumentValidator pDFDocumentValidator = new PDFDocumentValidator(dSSDocument);
            pDFDocumentValidator.setCertificateVerifier(this.certificateVerifier);
            List<AdvancedSignature> signatures = pDFDocumentValidator.getSignatures();
            Iterator<AdvancedSignature> it = signatures.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (!it.next().isDataForSignatureLevelPresent(SignatureLevel.PAdES_BASELINE_T)) {
                    dSSDocument = new PAdESLevelBaselineT(this.tspSource).extendSignatures(dSSDocument, pAdESSignatureParameters);
                    break;
                }
            }
            ModelPdfDict modelPdfDict = new ModelPdfDict("DSS");
            for (AdvancedSignature advancedSignature : signatures) {
                if (advancedSignature instanceof PAdESSignature) {
                    PAdESSignature pAdESSignature = (PAdESSignature) advancedSignature;
                    SignatureValidationCallBack signatureValidationCallBack = new SignatureValidationCallBack();
                    validate(pAdESSignature, signatureValidationCallBack);
                    includeToDssDictionary(modelPdfDict, signatureValidationCallBack);
                }
            }
            addGlobalCertsCrlsOcsps(modelPdfDict);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            PdfObjFactory.getInstance().newPAdESSignatureService().addDssDictionary(dSSDocument.openStream(), byteArrayOutputStream, modelPdfDict);
            InMemoryDocument inMemoryDocument = new InMemoryDocument(byteArrayOutputStream.toByteArray());
            inMemoryDocument.setMimeType(MimeType.PDF);
            return inMemoryDocument;
        } catch (IOException e) {
            throw new DSSException(e);
        }
    }

    private void includeToDssDictionary(ModelPdfDict modelPdfDict, SignatureValidationCallBack signatureValidationCallBack) throws IOException {
        ModelPdfDict ensureNotNull = ensureNotNull(modelPdfDict, "VRI");
        ModelPdfDict modelPdfDict2 = new ModelPdfDict();
        String upperCase = Hex.encodeHexString(DSSUtils.digest(DigestAlgorithm.SHA1, signatureValidationCallBack.getSignature().getCAdESSignature().getCmsSignedData().getEncoded())).toUpperCase();
        if (CollectionUtils.isNotEmpty(signatureValidationCallBack.getCertificates())) {
            ModelPdfArray modelPdfArray = new ModelPdfArray();
            Iterator<CertificateToken> it = signatureValidationCallBack.getCertificates().iterator();
            while (it.hasNext()) {
                ModelPdfStream modelPdfStream = new ModelPdfStream(it.next().getEncoded());
                modelPdfArray.add(modelPdfStream);
                this.dssCertArray.add(modelPdfStream);
            }
            modelPdfDict2.add("Cert", modelPdfArray);
        }
        if (CollectionUtils.isNotEmpty(signatureValidationCallBack.getCrls())) {
            ModelPdfArray modelPdfArray2 = new ModelPdfArray();
            Iterator<CRLToken> it2 = signatureValidationCallBack.getCrls().iterator();
            while (it2.hasNext()) {
                ModelPdfStream modelPdfStream2 = new ModelPdfStream(it2.next().getEncoded());
                modelPdfArray2.add(modelPdfStream2);
                this.dssCrlArray.add(modelPdfStream2);
            }
            modelPdfDict2.add("CRL", modelPdfArray2);
        }
        if (CollectionUtils.isNotEmpty(signatureValidationCallBack.getOcsps())) {
            ModelPdfArray modelPdfArray3 = new ModelPdfArray();
            Iterator<OCSPToken> it3 = signatureValidationCallBack.getOcsps().iterator();
            while (it3.hasNext()) {
                ModelPdfStream modelPdfStream3 = new ModelPdfStream(it3.next().getEncoded());
                modelPdfArray3.add(modelPdfStream3);
                this.dssOcspArray.add(modelPdfStream3);
            }
            modelPdfDict2.add("OCSP", modelPdfArray3);
        }
        ensureNotNull.add(upperCase, modelPdfDict2);
    }

    private void addGlobalCertsCrlsOcsps(ModelPdfDict modelPdfDict) {
        if (this.dssCertArray.size() > 0) {
            modelPdfDict.add("Certs", this.dssCertArray);
        }
        if (this.dssCrlArray.size() > 0) {
            modelPdfDict.add("CRLs", this.dssCrlArray);
        }
        if (this.dssOcspArray.size() > 0) {
            modelPdfDict.add("OCSPs", this.dssOcspArray);
        }
    }

    private ModelPdfDict ensureNotNull(ModelPdfDict modelPdfDict, String str) {
        ModelPdfDict modelPdfDict2 = (ModelPdfDict) modelPdfDict.getValues().get(str);
        if (modelPdfDict2 == null) {
            modelPdfDict2 = new ModelPdfDict();
            modelPdfDict.add(str, modelPdfDict2);
        }
        return modelPdfDict2;
    }

    private void validate(PAdESSignature pAdESSignature, SignatureValidationCallBack signatureValidationCallBack) {
        CAdESSignature cAdESSignature = pAdESSignature.getCAdESSignature();
        DefaultAdvancedSignature.RevocationDataForInclusion revocationDataForInclusion = cAdESSignature.getRevocationDataForInclusion(cAdESSignature.getSignatureValidationContext(this.certificateVerifier));
        signatureValidationCallBack.setSignature(pAdESSignature);
        signatureValidationCallBack.setCrls(revocationDataForInclusion.crlTokens);
        signatureValidationCallBack.setOcsps(revocationDataForInclusion.ocspTokens);
        signatureValidationCallBack.setCertificates(new HashSet(cAdESSignature.getCertificates()));
    }
}
