package eu.europa.esig.dss.validation;

import eu.europa.esig.dss.crl.CRLBinary;
import eu.europa.esig.dss.enumerations.DigestAlgorithm;
import eu.europa.esig.dss.model.identifier.EncapsulatedRevocationTokenIdentifier;
import eu.europa.esig.dss.model.identifier.Identifier;
import eu.europa.esig.dss.model.identifier.IdentifierBasedObject;
import eu.europa.esig.dss.model.x509.CertificateToken;
import eu.europa.esig.dss.model.x509.Token;
import eu.europa.esig.dss.model.x509.X500PrincipalHelper;
import eu.europa.esig.dss.pdf.PAdESConstants;
import eu.europa.esig.dss.spi.DSSASN1Utils;
import eu.europa.esig.dss.spi.DSSUtils;
import eu.europa.esig.dss.spi.tsl.LOTLInfo;
import eu.europa.esig.dss.spi.tsl.PivotInfo;
import eu.europa.esig.dss.spi.tsl.TLInfo;
import eu.europa.esig.dss.spi.x509.CertificateRef;
import eu.europa.esig.dss.spi.x509.revocation.RevocationRef;
import eu.europa.esig.dss.spi.x509.revocation.crl.CRLRef;
import eu.europa.esig.dss.spi.x509.revocation.crl.CRLToken;
import eu.europa.esig.dss.spi.x509.revocation.ocsp.OCSPRef;
import eu.europa.esig.dss.spi.x509.revocation.ocsp.OCSPResponseBinary;
import eu.europa.esig.dss.spi.x509.revocation.ocsp.OCSPToken;
import eu.europa.esig.dss.utils.Utils;
import eu.europa.esig.dss.validation.scope.SignatureScope;
import eu.europa.esig.dss.validation.timestamp.TimestampToken;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import javax.security.auth.x500.X500Principal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import signservice.org.bouncycastle.openssl.PEMParser;

/* loaded from: input_file:eu/europa/esig/dss/validation/UserFriendlyIdentifierProvider.class */
public class UserFriendlyIdentifierProvider implements TokenIdentifierProvider {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) UserFriendlyIdentifierProvider.class);
    private static final String STRING_DELIMITER = "_";
    private static final String NAME_REPLACEMENT = "-";
    private static final String ISSUER = "ISSUER-";
    private static final String SERIAL = "SERIAL-";
    private static final String UNKNOWN_SIGNER = "UNKNOWN-SIGNER";
    private static final String UNNAMED_SIGNER = "UNNAMED-SIGNER";
    private final Map<String, String> uniqueTokenIdsMap = new HashMap();
    private final Map<String, String> generatedTokenIdsMap = new HashMap();
    private String signaturePrefix = "SIGNATURE";
    private String counterSignaturePrefix = "COUNTER-SIGNATURE";
    private String timestampPrefix = "TIMESTAMP";
    private String certificatePrefix = PEMParser.TYPE_CERTIFICATE;
    private String crlPrefix = PAdESConstants.CRL_ARRAY_NAME_VRI;
    private String ocspPrefix = PAdESConstants.OCSP_ARRAY_NAME_VRI;
    private String signedDataPrefix = "DOCUMENT";
    private String lotlPrefix = "LOTL";
    private String tlPrefix = "TL";
    private String pivotPrefix = "PIVOT";
    private String dateFormat = "yyyyMMdd-HHmm";

    public void setSignaturePrefix(String str) {
        assertNotBlank(str);
        this.signaturePrefix = str;
    }

    public void setCounterSignaturePrefix(String str) {
        assertNotBlank(str);
        this.counterSignaturePrefix = str;
    }

    public void setTimestampPrefix(String str) {
        assertNotBlank(str);
        this.timestampPrefix = str;
    }

    public void setCertificatePrefix(String str) {
        assertNotBlank(str);
        this.certificatePrefix = str;
    }

    public void setCrlPrefix(String str) {
        assertNotBlank(str);
        this.crlPrefix = str;
    }

    public void setOcspPrefix(String str) {
        assertNotBlank(str);
        this.ocspPrefix = str;
    }

    public void setSignedDataPrefix(String str) {
        assertNotBlank(str);
        this.signedDataPrefix = str;
    }

    public void setLOTLPrefix(String str) {
        this.lotlPrefix = str;
    }

    public void setTLPrefix(String str) {
        this.tlPrefix = str;
    }

    public void setPivotPrefix(String str) {
        this.pivotPrefix = str;
    }

    public void setDateFormat(String str) {
        Objects.requireNonNull(str, "The dataFormat cannot be null!");
        this.dateFormat = str;
    }

    @Override // eu.europa.esig.dss.validation.TokenIdentifierProvider
    public String getIdAsString(IdentifierBasedObject identifierBasedObject) {
        Objects.requireNonNull(identifierBasedObject, "The object cannot be null!");
        String cachedIdentifier = getCachedIdentifier(identifierBasedObject);
        if (Utils.isStringNotEmpty(cachedIdentifier)) {
            return cachedIdentifier;
        }
        if (identifierBasedObject instanceof AdvancedSignature) {
            return getIdAsStringForSignature((AdvancedSignature) identifierBasedObject);
        }
        if (identifierBasedObject instanceof Token) {
            return getIdAsStringForToken((Token) identifierBasedObject);
        }
        if (identifierBasedObject instanceof SignatureScope) {
            return getIdAsStringForSignatureScope((SignatureScope) identifierBasedObject);
        }
        if (identifierBasedObject instanceof TLInfo) {
            return getIdAsStringForTL((TLInfo) identifierBasedObject);
        }
        if (identifierBasedObject instanceof CertificateRef) {
            return getIdAsStringForCertRef((CertificateRef) identifierBasedObject);
        }
        if (identifierBasedObject instanceof RevocationRef) {
            return getIdAsStringForRevRef((RevocationRef) identifierBasedObject);
        }
        if (identifierBasedObject instanceof EncapsulatedRevocationTokenIdentifier) {
            return getIdAsStringForRevTokenIdentifier((EncapsulatedRevocationTokenIdentifier) identifierBasedObject);
        }
        LOG.warn("The class '{}' is not supported! Return the original identifier for the object.", identifierBasedObject.getClass());
        return identifierBasedObject.getDSSId().asXmlId();
    }

    private String getCachedIdentifier(IdentifierBasedObject identifierBasedObject) {
        Identifier dSSId = identifierBasedObject.getDSSId();
        if (dSSId == null) {
            throw new IllegalArgumentException(String.format("The returned Identifier cannot be null for the object of class '%s'!", identifierBasedObject.getClass()));
        }
        String asXmlId = dSSId.asXmlId();
        String str = this.uniqueTokenIdsMap.get(asXmlId);
        if (str != null) {
            LOG.trace("The identifier for the token with Id '{}' has been found in the map. Returning the value...", asXmlId);
            return str;
        }
        LOG.trace("Computing the user-friendly identifier for the token with Id '{}'...", asXmlId);
        return null;
    }

    protected String getIdAsStringForSignature(AdvancedSignature advancedSignature) {
        return createIdString(advancedSignature.isCounterSignature() ? this.counterSignaturePrefix : this.signaturePrefix, advancedSignature.getSigningCertificateToken() != null ? advancedSignature.getSigningCertificateToken().getSubject() : null, advancedSignature.getSigningTime(), advancedSignature.getId());
    }

    protected String getIdAsStringForToken(Token token) {
        return createIdString(getTokenPrefix(token), getTokenSubject(token), token.getCreationDate(), token.getDSSIdAsString());
    }

    protected String getIdAsStringForSignatureScope(SignatureScope signatureScope) {
        StringBuilder sb = new StringBuilder(this.signedDataPrefix);
        sb.append(STRING_DELIMITER);
        if (Utils.isStringNotBlank(signatureScope.getName())) {
            sb.append(getUserFriendlyString(signatureScope.getName()));
        } else {
            sb.append(signatureScope.getType().toString());
        }
        return generateId(sb, signatureScope.getDSSIdAsString());
    }

    protected String getIdAsStringForTL(TLInfo tLInfo) {
        StringBuilder sb = new StringBuilder(getTlPrefix(tLInfo));
        if (tLInfo.getParsingCacheInfo() != null && Utils.isStringNotBlank(tLInfo.getParsingCacheInfo().getTerritory())) {
            sb.append(STRING_DELIMITER);
            sb.append(getUserFriendlyString(tLInfo.getParsingCacheInfo().getTerritory()));
        }
        if (tLInfo.getParsingCacheInfo() != null && tLInfo.getParsingCacheInfo().getIssueDate() != null) {
            sb.append(STRING_DELIMITER);
            sb.append(DSSUtils.formatDateWithCustomFormat(tLInfo.getParsingCacheInfo().getIssueDate(), this.dateFormat));
        }
        return generateId(sb, tLInfo.getDSSIdAsString());
    }

    protected String getIdAsStringForCertRef(CertificateRef certificateRef) {
        StringBuilder sb = new StringBuilder(this.certificatePrefix);
        if (certificateRef.getResponderId() != null) {
            sb.append(STRING_DELIMITER);
            sb.append(getHumanReadableName(new X500PrincipalHelper(certificateRef.getResponderId().getX500Principal())));
        } else if (certificateRef.getCertificateIdentifier() != null) {
            if (certificateRef.getCertificateIdentifier().getIssuerName() != null) {
                sb.append(STRING_DELIMITER);
                sb.append(ISSUER);
                sb.append(getHumanReadableName(new X500PrincipalHelper(certificateRef.getCertificateIdentifier().getIssuerName())));
            }
            if (certificateRef.getCertificateIdentifier().getSerialNumber() != null) {
                sb.append(STRING_DELIMITER);
                sb.append(SERIAL);
                sb.append(certificateRef.getCertificateIdentifier().getSerialNumber());
            }
        } else if (certificateRef.getCertDigest() != null) {
            sb.append(STRING_DELIMITER);
            sb.append(certificateRef.getCertDigest().getHexValue());
        }
        return generateId(sb, certificateRef.getDSSIdAsString());
    }

    protected String getIdAsStringForRevRef(RevocationRef<?> revocationRef) {
        StringBuilder sb = new StringBuilder(getRevocationRefPrefix(revocationRef));
        sb.append(STRING_DELIMITER);
        sb.append(revocationRef.getDigest().getHexValue());
        return generateId(sb, revocationRef.getDSSIdAsString());
    }

    protected String getIdAsStringForRevTokenIdentifier(EncapsulatedRevocationTokenIdentifier<?> encapsulatedRevocationTokenIdentifier) {
        StringBuilder sb = new StringBuilder(getRevocationIdentifierPrefix(encapsulatedRevocationTokenIdentifier));
        sb.append(STRING_DELIMITER);
        sb.append(Utils.toHex(encapsulatedRevocationTokenIdentifier.getDigestValue(DigestAlgorithm.SHA256)));
        return generateId(sb, encapsulatedRevocationTokenIdentifier.asXmlId());
    }

    private String createIdString(String str, X500PrincipalHelper x500PrincipalHelper, Date date, String str2) {
        StringBuilder sb = new StringBuilder(str);
        sb.append(STRING_DELIMITER);
        if (x500PrincipalHelper != null) {
            sb.append(getHumanReadableName(x500PrincipalHelper));
        } else {
            sb.append(UNKNOWN_SIGNER);
        }
        if (date != null) {
            sb.append(STRING_DELIMITER);
            sb.append(DSSUtils.formatDateWithCustomFormat(date, this.dateFormat));
        }
        return generateId(sb, str2);
    }

    private String getHumanReadableName(X500PrincipalHelper x500PrincipalHelper) {
        String humanReadableName = DSSASN1Utils.getHumanReadableName(x500PrincipalHelper);
        return Utils.isStringNotEmpty(humanReadableName) ? getUserFriendlyString(humanReadableName) : UNNAMED_SIGNER;
    }

    private String generateId(StringBuilder sb, String str) {
        String sb2 = sb.toString();
        Long duplicatesNumber = getDuplicatesNumber(sb2, str);
        if (duplicatesNumber.longValue() != 0) {
            sb.append(STRING_DELIMITER);
            sb.append(Long.valueOf(duplicatesNumber.longValue() + 1));
        }
        this.generatedTokenIdsMap.put(str, sb2);
        String sb3 = sb.toString();
        this.uniqueTokenIdsMap.put(str, sb3);
        return sb3;
    }

    private Long getDuplicatesNumber(String str, String str2) {
        return Long.valueOf(this.generatedTokenIdsMap.entrySet().stream().filter(entry -> {
            return !str2.equals(entry.getKey()) && str.equals(entry.getValue());
        }).count());
    }

    private String getTokenPrefix(Token token) {
        if (token instanceof CertificateToken) {
            return this.certificatePrefix;
        }
        if (token instanceof CRLToken) {
            return this.crlPrefix;
        }
        if (token instanceof OCSPToken) {
            return this.ocspPrefix;
        }
        if (token instanceof TimestampToken) {
            return this.timestampPrefix;
        }
        throw new IllegalArgumentException(String.format("Unsupported token of class '%s' has been reached!", token.getClass()));
    }

    private X500PrincipalHelper getTokenSubject(Token token) {
        X500PrincipalHelper x500PrincipalHelper = null;
        if (token instanceof CertificateToken) {
            x500PrincipalHelper = ((CertificateToken) token).getSubject();
        } else {
            X500Principal issuerX500Principal = token.getIssuerX500Principal();
            if (issuerX500Principal != null) {
                x500PrincipalHelper = new X500PrincipalHelper(issuerX500Principal);
            }
        }
        return x500PrincipalHelper;
    }

    private String getTlPrefix(TLInfo tLInfo) {
        return tLInfo instanceof PivotInfo ? this.pivotPrefix : tLInfo instanceof LOTLInfo ? this.lotlPrefix : this.tlPrefix;
    }

    private String getRevocationRefPrefix(RevocationRef<?> revocationRef) {
        if (revocationRef instanceof CRLRef) {
            return this.crlPrefix;
        }
        if (revocationRef instanceof OCSPRef) {
            return this.ocspPrefix;
        }
        throw new IllegalArgumentException(String.format("Unsupported RevocationRef of class '%s' has been reached!", revocationRef.getClass()));
    }

    private String getRevocationIdentifierPrefix(EncapsulatedRevocationTokenIdentifier<?> encapsulatedRevocationTokenIdentifier) {
        if (encapsulatedRevocationTokenIdentifier instanceof CRLBinary) {
            return this.crlPrefix;
        }
        if (encapsulatedRevocationTokenIdentifier instanceof OCSPResponseBinary) {
            return this.ocspPrefix;
        }
        throw new IllegalArgumentException(String.format("Unsupported RevocationTokenIdentifier of class '%s' has been reached!", encapsulatedRevocationTokenIdentifier.getClass()));
    }

    private String getUserFriendlyString(String str) {
        return trim(DSSUtils.replaceAllNonAlphanumericCharacters(DSSUtils.removeControlCharacters(str), NAME_REPLACEMENT), NAME_REPLACEMENT);
    }

    private String trim(String str, String str2) {
        while (str.length() > str2.length() && str.startsWith(str2)) {
            str = Utils.substringAfter(str, str2);
        }
        while (str.length() > str2.length() && str.endsWith(str2)) {
            str = str.substring(0, str.length() - str2.length());
        }
        return str;
    }

    private void assertNotBlank(String str) {
        if (Utils.isStringBlank(str)) {
            throw new IllegalArgumentException("The prefix cannot be null or blank!");
        }
    }
}
