package eu.europa.ec.markt.dss.applet.util;

import eu.europa.ec.markt.dss.DSSUtils;
import eu.europa.ec.markt.dss.DigestAlgorithm;
import eu.europa.ec.markt.dss.exception.DSSException;
import eu.europa.ec.markt.dss.signature.DSSDocument;
import eu.europa.ec.markt.dss.signature.DocumentSignatureService;
import eu.europa.ec.markt.dss.signature.FileDocument;
import eu.europa.ec.markt.dss.signature.InMemoryDocument;
import eu.europa.ec.markt.dss.signature.SignatureFormat;
import eu.europa.ec.markt.dss.signature.SignaturePackaging;
import eu.europa.ec.markt.dss.signature.SignatureParameters;
import eu.europa.ec.markt.dss.signature.asic.ASiCXMLSignatureService;
import eu.europa.ec.markt.dss.signature.cades.CAdESService;
import eu.europa.ec.markt.dss.signature.pades.PAdESServiceV2;
import eu.europa.ec.markt.dss.signature.token.DSSPrivateKeyEntry;
import eu.europa.ec.markt.dss.signature.token.SignatureTokenConnection;
import eu.europa.ec.markt.dss.signature.xades.XAdESService;
import eu.europa.ec.markt.dss.validation.TrustedListCertificateVerifier;
import eu.europa.ec.markt.dss.validation.tsp.TSPSource;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.security.NoSuchAlgorithmException;
import org.apache.commons.io.output.ByteArrayOutputStream;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSSignedData;

/* loaded from: input_file:applet/signature-client.jar:eu/europa/ec/markt/dss/applet/util/SigningUtils.class */
public final class SigningUtils {
    public static DSSDocument extendDocument(File file, File file2, SignatureParameters signatureParameters, TSPSource tSPSource, TrustedListCertificateVerifier trustedListCertificateVerifier) throws IOException {
        FileDocument fileDocument = new FileDocument(file);
        signatureParameters.setOriginalDocument(new FileDocument(file2));
        return getSignatureService(signatureParameters.getSignatureFormat(), tSPSource, trustedListCertificateVerifier).extendDocument(fileDocument, signatureParameters);
    }

    private static DocumentSignatureService getSignatureService(SignatureFormat signatureFormat, TSPSource tSPSource, TrustedListCertificateVerifier trustedListCertificateVerifier) {
        String upperCase = signatureFormat.name().toUpperCase();
        if (upperCase.startsWith("XADES")) {
            XAdESService xAdESService = new XAdESService();
            xAdESService.setCertificateVerifier(trustedListCertificateVerifier);
            xAdESService.setTspSource(tSPSource);
            return xAdESService;
        }
        if (upperCase.startsWith("CADES")) {
            CAdESService cAdESService = new CAdESService();
            cAdESService.setCertificateVerifier(trustedListCertificateVerifier);
            cAdESService.setTspSource(tSPSource);
            return cAdESService;
        }
        if (upperCase.toUpperCase().startsWith("PADES")) {
            PAdESServiceV2 pAdESServiceV2 = new PAdESServiceV2();
            pAdESServiceV2.setCertificateVerifier(trustedListCertificateVerifier);
            pAdESServiceV2.setTspSource(tSPSource);
            return pAdESServiceV2;
        }
        if (!upperCase.startsWith("ASIC")) {
            throw new RuntimeException("Cannot create Signature service");
        }
        ASiCXMLSignatureService aSiCXMLSignatureService = new ASiCXMLSignatureService();
        aSiCXMLSignatureService.setCertificateVerifier(trustedListCertificateVerifier);
        aSiCXMLSignatureService.setTspSource(tSPSource);
        return aSiCXMLSignatureService;
    }

    public static DSSDocument signDocument(File file, SignatureParameters signatureParameters, TSPSource tSPSource, TrustedListCertificateVerifier trustedListCertificateVerifier, SignatureTokenConnection signatureTokenConnection, DSSPrivateKeyEntry dSSPrivateKeyEntry) throws IOException, NoSuchAlgorithmException, DSSException {
        CMSSignedData cMSSignedData;
        FileDocument fileDocument = new FileDocument(file);
        DocumentSignatureService signatureService = getSignatureService(signatureParameters.getSignatureFormat(), tSPSource, trustedListCertificateVerifier);
        try {
            if ((signatureService instanceof CAdESService) && SignaturePackaging.ENVELOPING == signatureParameters.getSignaturePackaging() && (cMSSignedData = new CMSSignedData(fileDocument.openStream())) != null && cMSSignedData.getSignedContent() != null && cMSSignedData.getSignedContent().getContent() != null) {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                cMSSignedData.getSignedContent().write(byteArrayOutputStream);
                return ((CAdESService) signatureService).addASignatureToDocument(fileDocument, signatureParameters, signatureTokenConnection.sign(signatureService.toBeSigned(new InMemoryDocument(byteArrayOutputStream.toByteArray()), signatureParameters), DigestAlgorithm.SHA1, dSSPrivateKeyEntry));
            }
        } catch (CMSException e) {
        }
        InputStream inputStream = null;
        try {
            inputStream = signatureService.toBeSigned(fileDocument, signatureParameters);
            DSSDocument signDocument = signatureService.signDocument(fileDocument, signatureParameters, signatureTokenConnection.sign(inputStream, signatureParameters.getDigestAlgorithm(), dSSPrivateKeyEntry));
            DSSUtils.closeQuietly(inputStream);
            return signDocument;
        } catch (Throwable th) {
            DSSUtils.closeQuietly(inputStream);
            throw th;
        }
    }

    private SigningUtils() {
    }
}
