package se.signatureservice.transactionsigning.supportservice;

import eu.europa.esig.dss.AbstractSignatureParameters;
import eu.europa.esig.dss.cades.CAdESSignatureParameters;
import eu.europa.esig.dss.cades.signature.CAdESService;
import eu.europa.esig.dss.enumerations.SignatureAlgorithm;
import eu.europa.esig.dss.enumerations.SignatureLevel;
import eu.europa.esig.dss.enumerations.SignaturePackaging;
import eu.europa.esig.dss.model.DSSDocument;
import eu.europa.esig.dss.model.SignatureValue;
import eu.europa.esig.dss.model.x509.CertificateToken;
import eu.europa.esig.dss.pades.PAdESSignatureParameters;
import eu.europa.esig.dss.pades.signature.PAdESService;
import eu.europa.esig.dss.validation.CommonCertificateVerifier;
import eu.europa.esig.dss.xades.XAdESSignatureParameters;
import eu.europa.esig.dss.xades.signature.XAdESService;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import se.signatureservice.transactionsigning.SignerConfig;
import se.signatureservice.transactionsigning.ades.AdESSignRequestAttributes;
import se.signatureservice.transactionsigning.ades.AdESSignResponseAttributes;
import se.signatureservice.transactionsigning.ades.AdESType;
import se.signatureservice.transactionsigning.common.Document;
import se.signatureservice.transactionsigning.common.InvalidConfigurationException;
import se.signatureservice.transactionsigning.common.InvalidParameterException;
import se.signatureservice.transactionsigning.common.MimeType;
import se.signatureservice.transactionsigning.common.PendingSignature;
import se.signatureservice.transactionsigning.common.SignatureException;
import se.signatureservice.transactionsigning.common.SignatureIOException;
import se.signatureservice.transactionsigning.common.SignedDocument;
import se.signatureservice.transactionsigning.util.CommonUtils;
import se.signatureservice.transactionsigning.util.DSSUtils;
import se.signatureservice.transactionsigning.util.SignTaskUtils;
import signservice.org.apache.commons.lang3.time.DateUtils;
import signservice.org.bouncycastle.util.encoders.Base64;
import signservice.org.json.JSONArray;
import signservice.org.json.JSONObject;

/* loaded from: input_file:se/signatureservice/transactionsigning/supportservice/DefaultSupportService.class */
public class DefaultSupportService implements SupportService {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) DefaultSupportService.class);
    private SignerConfig config;
    private XAdESService xAdESService = new XAdESService(new CommonCertificateVerifier());
    private PAdESService pAdESService = new PAdESService(new CommonCertificateVerifier());
    private CAdESService cAdESService = new CAdESService(new CommonCertificateVerifier());
    private Map<String, PendingSignature> pendingSignatures = new HashMap();
    private boolean initialized = false;

    @Override // se.signatureservice.transactionsigning.supportservice.SupportService
    public void init(SignerConfig signerConfig) throws InvalidConfigurationException {
        this.config = signerConfig;
        this.initialized = true;
    }

    @Override // se.signatureservice.transactionsigning.supportservice.SupportService
    public String generateSignRequest(List<Document> list) throws SignatureException, SignatureIOException, InvalidParameterException {
        JSONObject jSONObject = new JSONObject();
        ArrayList arrayList = new ArrayList();
        if (!this.initialized) {
            throw new SignatureException("SupportService must be initialized before calling generateSignRequest");
        }
        PendingSignature pendingSignature = new PendingSignature();
        pendingSignature.setSigningDate(DateUtils.round(new Date(), 13));
        String generateRequestId = generateRequestId();
        for (int i = 0; i < list.size(); i++) {
            Integer valueOf = Integer.valueOf(i + 1);
            arrayList.add(new JSONObject().put("signTaskId", String.valueOf(valueOf)).put("signType", this.config.getSignType()).put("keyId", this.config.getKeyId()).put("signRequestData", generateToBeSigned(list.get(i), pendingSignature.getSigningDate(), generateRequestId)).put("attributes", new JSONObject().put(AdESSignRequestAttributes.ADES_TYPE, AdESType.fromMimeType(list.get(i).getMimeType()))));
            pendingSignature.addDocument(valueOf, list.get(i));
        }
        jSONObject.put("requestId", generateRequestId).put("signRequestTasks", (Collection<?>) arrayList);
        pendingSignature.setSignRequest(jSONObject);
        this.pendingSignatures.put(generateRequestId, pendingSignature);
        return jSONObject.toString();
    }

    @Override // se.signatureservice.transactionsigning.supportservice.SupportService
    public List<SignedDocument> processSignResponse(String str) throws SignatureException {
        ArrayList arrayList = new ArrayList();
        if (!this.initialized) {
            throw new SignatureException("SupportService must be initialized before calling generateSignRequest");
        }
        try {
            JSONObject jSONObject = new JSONObject(str);
            String string = jSONObject.getString("requestId");
            if (!this.pendingSignatures.containsKey(string)) {
                throw new SignatureException("No pending transaction found with requestId: " + string);
            }
            PendingSignature pendingSignature = this.pendingSignatures.get(string);
            JSONArray jSONArray = jSONObject.getJSONArray("signResponseTasks");
            Map<Integer, Document> documents = pendingSignature.getDocuments();
            for (int i = 0; i < jSONArray.length(); i++) {
                String string2 = jSONArray.getJSONObject(i).getString("signResponseData");
                Integer valueOf = Integer.valueOf(Integer.parseInt(jSONArray.getJSONObject(i).getString("signTaskId")));
                Document document = documents.get(valueOf);
                byte[] binaryResponseAttribute = SignTaskUtils.getBinaryResponseAttribute(jSONArray.getJSONObject(i), AdESSignResponseAttributes.ADES_SIGNDATA);
                byte[] binaryResponseAttribute2 = SignTaskUtils.getBinaryResponseAttribute(jSONArray.getJSONObject(i), AdESSignResponseAttributes.ADES_OBJECT_DATA);
                ArrayList arrayList2 = new ArrayList();
                JSONArray jSONArray2 = jSONArray.getJSONObject(i).getJSONArray("signingCertificates");
                for (int i2 = 0; i2 < jSONArray2.length(); i2++) {
                    arrayList2.add(CommonUtils.getCertfromByteArray(Base64.decode(jSONArray2.getString(i2).getBytes("UTF-8"))));
                }
                if (jSONArray2.isEmpty()) {
                    log.error("Signature response (requestId=" + string + ") did not contain any signature certificates (signTaskId=" + valueOf + ").");
                } else {
                    CertificateToken certificateToken = new CertificateToken((X509Certificate) arrayList2.get(0));
                    ArrayList arrayList3 = new ArrayList();
                    Iterator it = arrayList2.iterator();
                    while (it.hasNext()) {
                        arrayList3.add(new CertificateToken((X509Certificate) it.next()));
                    }
                    DSSDocument createDSSDocument = DSSUtils.createDSSDocument(document);
                    AbstractSignatureParameters signatureParameters = getSignatureParameters(document.getMimeType());
                    signatureParameters.bLevel().setSigningDate(pendingSignature.getSigningDate());
                    signatureParameters.setSigningCertificate(certificateToken);
                    signatureParameters.setCertificateChain(arrayList3);
                    if (binaryResponseAttribute != null) {
                        signatureParameters.setSignedData(binaryResponseAttribute);
                    }
                    SignatureValue signatureValue = new SignatureValue(SignatureAlgorithm.forJAVA(SignerConfig.DEFAULT_SIGNATUREALGORITHM), Base64.decode(string2));
                    DSSDocument dSSDocument = null;
                    if (document.getMimeType() == MimeType.PDF) {
                        PAdESSignatureParameters pAdESSignatureParameters = (PAdESSignatureParameters) signatureParameters;
                        pAdESSignatureParameters.setSignerName(string);
                        dSSDocument = this.pAdESService.signDocument(createDSSDocument, pAdESSignatureParameters, signatureValue);
                    } else if (document.getMimeType() == MimeType.XML) {
                        XAdESSignatureParameters xAdESSignatureParameters = (XAdESSignatureParameters) signatureParameters;
                        if (binaryResponseAttribute2 == null) {
                            throw new SignatureException("Required AdES object not found in signature response");
                        }
                        xAdESSignatureParameters.setSignedAdESObject(binaryResponseAttribute2);
                        dSSDocument = this.xAdESService.signDocument(createDSSDocument, xAdESSignatureParameters, signatureValue);
                    } else if (document.getMimeType() == MimeType.BINARY) {
                        dSSDocument = this.cAdESService.signDocument(createDSSDocument, (CAdESSignatureParameters) signatureParameters, signatureValue);
                    }
                    SignedDocument signedDocument = new SignedDocument();
                    signedDocument.setName(document.getName());
                    signedDocument.setMimeType(document.getMimeType());
                    signedDocument.setContent(CommonUtils.getBytesFromInputStream(dSSDocument.openStream()));
                    arrayList.add(signedDocument);
                }
            }
            return arrayList;
        } catch (Exception e) {
            throw new SignatureException("Failed to process sign response: " + (e.getCause() != null ? e.getCause().getMessage() : e.getMessage()), e);
        }
    }

    private String generateToBeSigned(Document document, Date date, String str) throws SignatureException {
        byte[] bArr = null;
        DSSDocument createDSSDocument = DSSUtils.createDSSDocument(document);
        AbstractSignatureParameters signatureParameters = getSignatureParameters(document.getMimeType());
        signatureParameters.setGenerateTBSWithoutCertificate(true);
        signatureParameters.bLevel().setSigningDate(date);
        if (document.getMimeType() == MimeType.PDF) {
            PAdESSignatureParameters pAdESSignatureParameters = (PAdESSignatureParameters) signatureParameters;
            log.debug("Preparing for PAdES signature");
            pAdESSignatureParameters.setSignerName(str);
            bArr = this.pAdESService.getDataToSign(createDSSDocument, pAdESSignatureParameters).getBytes();
        } else if (document.getMimeType() == MimeType.XML) {
            log.debug("Preparing for XAdES signature");
            bArr = this.xAdESService.getDataToSign(createDSSDocument, (XAdESSignatureParameters) signatureParameters).getBytes();
        } else if (document.getMimeType() == MimeType.BINARY) {
            log.debug("Preparing for CAdES signature");
            bArr = this.cAdESService.getDataToSign(createDSSDocument, (CAdESSignatureParameters) signatureParameters).getBytes();
        }
        log.debug("Generated dataToBeSigned = " + (bArr != null ? Base64.toBase64String(bArr) : null));
        if (bArr != null) {
            return Base64.toBase64String(bArr);
        }
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private AbstractSignatureParameters getSignatureParameters(MimeType mimeType) throws SignatureException {
        CAdESSignatureParameters cAdESSignatureParameters;
        if (mimeType == MimeType.PDF) {
            PAdESSignatureParameters pAdESSignatureParameters = new PAdESSignatureParameters();
            pAdESSignatureParameters.setSignatureLevel(SignatureLevel.valueByName(SignerConfig.DEFAULT_PADES_SIGNATURELEVEL));
            pAdESSignatureParameters.setSignaturePackaging(SignaturePackaging.valueOf("ENVELOPED"));
            cAdESSignatureParameters = pAdESSignatureParameters;
        } else if (mimeType == MimeType.XML) {
            XAdESSignatureParameters xAdESSignatureParameters = new XAdESSignatureParameters();
            xAdESSignatureParameters.setSignatureLevel(SignatureLevel.valueByName(SignerConfig.DEFAULT_XADES_SIGNATURELEVEL));
            xAdESSignatureParameters.setSignaturePackaging(SignaturePackaging.valueOf("ENVELOPED"));
            xAdESSignatureParameters.setSigningCertificateDigestMethod(SignatureAlgorithm.forJAVA(SignerConfig.DEFAULT_SIGNATUREALGORITHM).getDigestAlgorithm());
            xAdESSignatureParameters.setSignedInfoCanonicalizationMethod("http://www.w3.org/2001/10/xml-exc-c14n#");
            xAdESSignatureParameters.setSignedPropertiesCanonicalizationMethod("http://www.w3.org/2001/10/xml-exc-c14n#");
            xAdESSignatureParameters.setXPathLocationString(SignerConfig.DEFAULT_XADES_XPATHLOCATIONSTRING);
            cAdESSignatureParameters = xAdESSignatureParameters;
        } else {
            if (mimeType != MimeType.BINARY) {
                throw new SignatureException("Unsupported mimetype: " + mimeType.toString());
            }
            CAdESSignatureParameters cAdESSignatureParameters2 = new CAdESSignatureParameters();
            cAdESSignatureParameters2.setSignatureLevel(SignatureLevel.valueByName(SignerConfig.DEFAULT_CADES_SIGNATURELEVEL));
            cAdESSignatureParameters2.setSignaturePackaging(SignaturePackaging.valueOf(SignerConfig.DEFAULT_CADES_SIGNATUREPACKING));
            cAdESSignatureParameters = cAdESSignatureParameters2;
        }
        cAdESSignatureParameters.setEncryptionAlgorithm(SignatureAlgorithm.forJAVA(SignerConfig.DEFAULT_SIGNATUREALGORITHM).getEncryptionAlgorithm());
        cAdESSignatureParameters.setDigestAlgorithm(SignatureAlgorithm.forJAVA(SignerConfig.DEFAULT_SIGNATUREALGORITHM).getDigestAlgorithm());
        return cAdESSignatureParameters;
    }

    private String generateRequestId() {
        return UUID.randomUUID().toString();
    }
}
