package eu.europa.esig.dss.asic.validation;

import eu.europa.esig.dss.AsicManifestDocument;
import eu.europa.esig.dss.DSSDocument;
import eu.europa.esig.dss.DSSException;
import eu.europa.esig.dss.DSSNotETSICompliantException;
import eu.europa.esig.dss.DSSUtils;
import eu.europa.esig.dss.DSSXMLUtils;
import eu.europa.esig.dss.InMemoryDocument;
import eu.europa.esig.dss.MimeType;
import eu.europa.esig.dss.asic.signature.ASiCService;
import eu.europa.esig.dss.validation.AdvancedSignature;
import eu.europa.esig.dss.validation.DocumentValidator;
import eu.europa.esig.dss.validation.SignatureScopeFinder;
import eu.europa.esig.dss.validation.SignedDocumentValidator;
import eu.europa.esig.dss.validation.policy.ValidationPolicy;
import eu.europa.esig.dss.validation.report.Reports;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.ListIterator;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.digidoc4j.dss.asic.Manifest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;

/* loaded from: input_file:eu/europa/esig/dss/asic/validation/ASiCContainerValidator.class */
public class ASiCContainerValidator extends SignedDocumentValidator {
    private static final Logger LOG = LoggerFactory.getLogger(ASiCContainerValidator.class);
    private static final String MIME_TYPE = "mimetype";
    private static final String MIME_TYPE_COMMENT = "mimetype=";
    private static final String META_INF_FOLDER = "META-INF/";
    private final DSSDocument asicContainer;
    private SignedDocumentValidator subordinatedValidator;
    private final List<DSSDocument> signatures;
    private List<AdvancedSignature> validatedSignatures;
    private MimeType asicMimeType;
    private boolean cadesSigned;
    private boolean xadesSigned;
    private boolean timestamped;

    private ASiCContainerValidator() {
        super((SignatureScopeFinder) null);
        this.signatures = new ArrayList();
        this.cadesSigned = false;
        this.xadesSigned = false;
        this.timestamped = false;
        this.asicContainer = null;
    }

    public ASiCContainerValidator(DSSDocument dSSDocument) {
        super((SignatureScopeFinder) null);
        this.signatures = new ArrayList();
        this.cadesSigned = false;
        this.xadesSigned = false;
        this.timestamped = false;
        this.asicContainer = dSSDocument;
        analyseEntries();
        createSubordinatedContainerValidators();
    }

    public boolean isSupported(DSSDocument dSSDocument) {
        byte[] bArr = new byte[500];
        DSSUtils.readToArray(dSSDocument, 500, bArr);
        return bArr[0] == 80 && bArr[1] == 75;
    }

    private MimeType determinateAsicMimeType(MimeType mimeType, MimeType mimeType2) {
        if (isASiCMimeType(mimeType)) {
            return mimeType;
        }
        if (isASiCMimeType(mimeType2)) {
            return mimeType2;
        }
        MimeType zipComment = getZipComment(this.asicContainer.getBytes());
        if (isASiCMimeType(zipComment)) {
            return zipComment;
        }
        return null;
    }

    private static boolean isASiCMimeType(MimeType mimeType) {
        return MimeType.ASICS.equals(mimeType) || MimeType.ASICE.equals(mimeType);
    }

    private AsicManifestDocument getRelatedAsicManifest(DSSDocument dSSDocument) {
        for (AsicManifestDocument asicManifestDocument : this.detachedContents) {
            if (asicManifestDocument instanceof AsicManifestDocument) {
                AsicManifestDocument asicManifestDocument2 = asicManifestDocument;
                if (asicManifestDocument2.getSignatureUri().equals(dSSDocument.getName())) {
                    return asicManifestDocument2;
                }
            }
        }
        return null;
    }

    /* renamed from: getSubordinatedValidator, reason: merged with bridge method [inline-methods] */
    public SignedDocumentValidator m3getSubordinatedValidator() {
        return this.subordinatedValidator;
    }

    private void createSubordinatedContainerValidators() {
        DocumentValidator aSiCTimestampDocumentValidator;
        DocumentValidator documentValidator = null;
        for (DSSDocument dSSDocument : this.signatures) {
            if (this.xadesSigned) {
                aSiCTimestampDocumentValidator = new ASiCXMLDocumentValidator(dSSDocument, this.detachedContents);
            } else if (this.cadesSigned) {
                aSiCTimestampDocumentValidator = new ASiCCMSDocumentValidator(dSSDocument, this.detachedContents);
            } else {
                if (!this.timestamped) {
                    throw new DSSException("The format of the signature is unknown! It is neither XAdES nor CAdES, nor timestamp signature!");
                }
                aSiCTimestampDocumentValidator = new ASiCTimestampDocumentValidator(dSSDocument, this.detachedContents);
            }
            if (documentValidator != null) {
                documentValidator.setNextValidator(aSiCTimestampDocumentValidator);
            } else {
                this.subordinatedValidator = aSiCTimestampDocumentValidator;
            }
            documentValidator = aSiCTimestampDocumentValidator;
        }
        if (this.subordinatedValidator == null) {
            throw new DSSException("This is not an ASiC container. The signature cannot be found!");
        }
    }

    private void analyseEntries() throws DSSException {
        try {
            try {
                MimeType mimeType = null;
                ZipInputStream zipInputStream = new ZipInputStream(this.asicContainer.openStream());
                for (ZipEntry nextEntry = zipInputStream.getNextEntry(); nextEntry != null; nextEntry = zipInputStream.getNextEntry()) {
                    String name = nextEntry.getName();
                    if (isCAdES(name)) {
                        if (this.xadesSigned) {
                            throw new DSSNotETSICompliantException(DSSNotETSICompliantException.MSG.DIFFERENT_SIGNATURE_FORMATS);
                        }
                        addEntryElement(name, this.signatures, zipInputStream);
                        this.cadesSigned = true;
                    } else if (isXAdES(name)) {
                        if (this.cadesSigned) {
                            throw new DSSNotETSICompliantException(DSSNotETSICompliantException.MSG.DIFFERENT_SIGNATURE_FORMATS);
                        }
                        addEntryElement(name, this.signatures, zipInputStream);
                        this.xadesSigned = true;
                    } else if (isTimestamp(name)) {
                        addEntryElement(name, this.signatures, zipInputStream);
                        this.timestamped = true;
                    } else if (isASiCManifest(name)) {
                        addAsicManifestEntryElement(name, this.detachedContents, zipInputStream);
                    } else if (isManifest(name)) {
                        addEntryElement(name, this.detachedContents, zipInputStream);
                    } else if (isContainer(name)) {
                        addEntryElement(name, this.detachedContents, zipInputStream);
                    } else if (isMetadata(name)) {
                        addEntryElement(name, this.detachedContents, zipInputStream);
                    } else if (isMimetype(name)) {
                        mimeType = getMimeType(addEntryElement(name, this.detachedContents, zipInputStream));
                    } else if (name.indexOf("/") == -1) {
                        addEntryElement(name, this.detachedContents, zipInputStream);
                    } else if (!name.endsWith("/")) {
                        addEntryElement(name, this.detachedContents, zipInputStream);
                    }
                }
                this.asicMimeType = determinateAsicMimeType(this.asicContainer.getMimeType(), mimeType);
                if (MimeType.ASICS == this.asicMimeType) {
                    ListIterator listIterator = this.detachedContents.listIterator();
                    while (listIterator.hasNext()) {
                        String name2 = ((DSSDocument) listIterator.next()).getName();
                        if (MIME_TYPE.equals(name2)) {
                            listIterator.remove();
                        } else if (name2.indexOf(47) != -1) {
                            listIterator.remove();
                        }
                    }
                }
                IOUtils.closeQuietly(zipInputStream);
            } catch (Exception e) {
                if (!(e instanceof DSSException)) {
                    throw new DSSException(e);
                }
                throw e;
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly((InputStream) null);
            throw th;
        }
    }

    public MimeType getAsicMimeType() {
        return this.asicMimeType;
    }

    public void setAsicMimeType(MimeType mimeType) {
        this.asicMimeType = mimeType;
    }

    private static MimeType getMimeType(DSSDocument dSSDocument) throws DSSException {
        try {
            InputStream openStream = dSSDocument.openStream();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            IOUtils.copy(openStream, byteArrayOutputStream);
            return MimeType.fromMimeTypeString(StringUtils.trim(byteArrayOutputStream.toString("UTF-8")));
        } catch (IOException e) {
            throw new DSSException(e);
        }
    }

    private static DSSDocument addEntryElement(String str, List<DSSDocument> list, ZipInputStream zipInputStream) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        IOUtils.copy(zipInputStream, byteArrayOutputStream);
        InMemoryDocument inMemoryDocument = new InMemoryDocument(byteArrayOutputStream.toByteArray(), str);
        list.add(inMemoryDocument);
        return inMemoryDocument;
    }

    private static void addAsicManifestEntryElement(String str, List<DSSDocument> list, ZipInputStream zipInputStream) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        IOUtils.copy(zipInputStream, byteArrayOutputStream);
        list.add(new AsicManifestDocument(byteArrayOutputStream.toByteArray(), str));
    }

    private static boolean isMetadata(String str) {
        return str.equals("META-INF/metadata.xml");
    }

    private static boolean isContainer(String str) {
        return str.equals("META-INF/container.xml");
    }

    private static boolean isManifest(String str) {
        return str.equals(Manifest.XML_PATH);
    }

    private static boolean isASiCManifest(String str) {
        return str.endsWith(".xml") && str.startsWith("META-INF/ASiCManifest");
    }

    public static boolean isMimetype(String str) {
        return MIME_TYPE.equalsIgnoreCase(str);
    }

    public static boolean isTimestamp(String str) {
        return str.endsWith(".tst") && str.startsWith(META_INF_FOLDER) && str.contains("timestamp");
    }

    public static boolean isXAdES(String str) {
        return str.endsWith(".xml") && str.startsWith(META_INF_FOLDER) && str.contains("signature");
    }

    public static boolean isCAdES(String str) {
        return str.endsWith(".p7s") && str.startsWith(META_INF_FOLDER) && str.contains("signature");
    }

    private static MimeType getZipComment(byte[] bArr) {
        byte[] bArr2 = {80, 75, 5, 6};
        int min = Math.min(bArr.length, bArr.length);
        for (int length = (min - bArr2.length) - 22; length >= 0; length--) {
            boolean z = true;
            int i = 0;
            while (true) {
                if (i >= bArr2.length) {
                    break;
                }
                if (bArr[length + i] != bArr2[i]) {
                    z = false;
                    break;
                }
                i++;
            }
            if (z) {
                int i2 = bArr[length + 20] + (bArr[length + 21] * 256);
                int i3 = (min - length) - 22;
                if (i2 != i3) {
                    LOG.warn("WARNING! ZIP comment size mismatch: directory says len is " + i2 + ", but file ends after " + i3 + " bytes!");
                }
                String str = new String(bArr, length + 22, Math.min(i2, i3));
                int indexOf = str.indexOf(MIME_TYPE_COMMENT);
                if (indexOf > -1) {
                    return MimeType.fromMimeTypeString(str.substring(MIME_TYPE_COMMENT.length() + indexOf));
                }
            }
        }
        LOG.warn("ZIP comment NOT found!");
        return null;
    }

    public Reports validateDocument(ValidationPolicy validationPolicy) {
        Reports reports = null;
        Reports reports2 = null;
        DocumentValidator documentValidator = this.subordinatedValidator;
        do {
            documentValidator.setProcessExecutor(this.processExecutor);
            if (MimeType.ASICE.equals(this.asicMimeType) && (documentValidator instanceof ASiCCMSDocumentValidator)) {
                AsicManifestDocument relatedAsicManifest = getRelatedAsicManifest(documentValidator.getDocument());
                ArrayList arrayList = new ArrayList();
                arrayList.add(relatedAsicManifest);
                documentValidator.setDetachedContents(arrayList);
            } else {
                documentValidator.setDetachedContents(this.detachedContents);
            }
            documentValidator.setCertificateVerifier(this.certificateVerifier);
            Reports validateDocument = documentValidator.validateDocument(validationPolicy);
            if (reports == null) {
                reports2 = validateDocument;
            } else {
                reports.setNextReport(validateDocument);
            }
            reports = validateDocument;
            documentValidator = documentValidator.getNextValidator();
        } while (documentValidator != null);
        return reports2;
    }

    public List<AdvancedSignature> getSignatures() {
        if (this.signatures == null) {
            return null;
        }
        if (this.validatedSignatures != null) {
            return this.validatedSignatures;
        }
        this.validatedSignatures = new ArrayList();
        DocumentValidator documentValidator = this.subordinatedValidator;
        do {
            Iterator it = documentValidator.getSignatures().iterator();
            while (it.hasNext()) {
                this.validatedSignatures.add((AdvancedSignature) it.next());
            }
            documentValidator = documentValidator.getNextValidator();
        } while (documentValidator != null);
        return this.validatedSignatures;
    }

    public DSSDocument removeSignature(String str) throws DSSException {
        if (StringUtils.isBlank(str)) {
            throw new NullPointerException("signatureId");
        }
        for (int i = 0; i < this.signatures.size(); i++) {
            DSSDocument dSSDocument = this.signatures.get(i);
            if (str.equals(DSSXMLUtils.getIDIdentifier((Element) DSSXMLUtils.buildDOM(dSSDocument).getDocumentElement().getFirstChild()))) {
                this.signatures.remove(i);
                Document createDocument = DSSXMLUtils.createDocument("http://uri.etsi.org/02918/v1.2.1#", ASiCService.ASICS_NS);
                for (int i2 = 0; i2 < this.signatures.size(); i2++) {
                    Node firstChild = DSSXMLUtils.buildDOM(dSSDocument).getDocumentElement().getFirstChild();
                    Element documentElement = createDocument.getDocumentElement();
                    createDocument.adoptNode(firstChild);
                    documentElement.appendChild(firstChild);
                }
                return new InMemoryDocument(DSSXMLUtils.serializeNode(createDocument));
            }
        }
        throw new DSSException("The signature with the given id was not found!");
    }
}
