package eu.europa.ec.markt.dss.signature.asic;

import eu.europa.ec.markt.dss.Digest;
import eu.europa.ec.markt.dss.DigestAlgorithm;
import eu.europa.ec.markt.dss.exception.DSSException;
import eu.europa.ec.markt.dss.signature.DSSDocument;
import eu.europa.ec.markt.dss.signature.DocumentSignatureService;
import eu.europa.ec.markt.dss.signature.InMemoryDocument;
import eu.europa.ec.markt.dss.signature.MimeType;
import eu.europa.ec.markt.dss.signature.SignatureFormat;
import eu.europa.ec.markt.dss.signature.SignaturePackaging;
import eu.europa.ec.markt.dss.signature.SignatureParameters;
import eu.europa.ec.markt.dss.signature.xades.XAdESService;
import eu.europa.ec.markt.dss.validation.CertificateVerifier;
import eu.europa.ec.markt.dss.validation.SignedDocumentValidator;
import eu.europa.ec.markt.dss.validation.tsp.TSPSource;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.net.URLConnection;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.zip.CRC32;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;
import java.util.zip.ZipOutputStream;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:applet/signature-client.jar:eu/europa/ec/markt/dss/signature/asic/ASiCXMLSignatureService.class */
public class ASiCXMLSignatureService implements DocumentSignatureService {
    private static final String ZIP_ENTRY_DETACHED_FILE = "detached-file";
    private static final String ZIP_ENTRY_MIMETYPE = "mimetype";
    private static final String ZIP_ENTRY_METAINF_SIGNATURE = "META-INF/signatures.xml";
    private static final String ASICS_EXTENSION = ".asics";
    private static final String ASICS_NS = "asic:XAdESSignatures";
    private static final String ASICS_URI = "http://uri.etsi.org/2918/v1.2.1#";
    private TSPSource tspSource;
    private CertificateVerifier certificateVerifier;

    private void setXAdESParams(SignatureParameters signatureParameters, boolean z) {
        signatureParameters.setSignatureFormat(z ? SignatureFormat.XAdES_T : SignatureFormat.XAdES_BES);
        signatureParameters.setSignaturePackaging(SignaturePackaging.DETACHED);
    }

    @Deprecated
    public Digest digest(DSSDocument dSSDocument, SignatureParameters signatureParameters) throws DSSException {
        try {
            return new Digest(DigestAlgorithm.SHA1, MessageDigest.getInstance(DigestAlgorithm.SHA1.getName()).digest(IOUtils.toByteArray(toBeSigned(dSSDocument, signatureParameters))));
        } catch (IOException e) {
            throw new DSSException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new DSSException(e2);
        }
    }

    @Override // eu.europa.ec.markt.dss.signature.DocumentSignatureService
    @Deprecated
    public DSSDocument extendDocument(DSSDocument dSSDocument, DSSDocument dSSDocument2, SignatureParameters signatureParameters) throws IOException {
        try {
            return extendDocument(dSSDocument, signatureParameters);
        } catch (DSSException e) {
            throw new IOException(e);
        }
    }

    @Override // eu.europa.ec.markt.dss.signature.DocumentSignatureService
    public void setCertificateVerifier(CertificateVerifier certificateVerifier) {
        this.certificateVerifier = certificateVerifier;
    }

    @Override // eu.europa.ec.markt.dss.signature.DocumentSignatureService
    public void setTspSource(TSPSource tSPSource) {
        this.tspSource = tSPSource;
    }

    @Override // eu.europa.ec.markt.dss.signature.DocumentSignatureService
    public DSSDocument signDocument(DSSDocument dSSDocument, SignatureParameters signatureParameters, byte[] bArr) throws DSSException {
        URL resource;
        try {
            setXAdESParams(signatureParameters, false);
            XAdESService xadesService = signatureParameters.getContext().getXadesService();
            System.out.println("File name: " + dSSDocument.getName());
            DSSDocument signDocument = xadesService.signDocument(dSSDocument, signatureParameters, bArr);
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            Document parse = newInstance.newDocumentBuilder().parse(signDocument.openStream());
            Element element = (Element) parse.removeChild(parse.getDocumentElement());
            Document createDocument = newInstance.newDocumentBuilder().getDOMImplementation().createDocument(ASICS_URI, ASICS_NS, null);
            Element documentElement = createDocument.getDocumentElement();
            createDocument.adoptNode(element);
            documentElement.appendChild(element);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ZipOutputStream zipOutputStream = new ZipOutputStream(byteArrayOutputStream);
            if (signatureParameters.isAsicComment() && StringUtils.isNotEmpty(dSSDocument.getName())) {
                if (!System.getProperties().containsKey("content.types.user.table") && (resource = getClass().getResource("/custom-content-types.properties")) != null) {
                    System.setProperty("content.types.user.table", resource.getPath());
                }
                zipOutputStream.setComment("mimetype=" + URLConnection.getFileNameMap().getContentTypeFor(dSSDocument.getName()));
            }
            String code = MimeType.ASICS.getCode();
            ZipEntry zipEntry = new ZipEntry(ZIP_ENTRY_MIMETYPE);
            zipEntry.setMethod(0);
            zipEntry.setSize(code.getBytes().length);
            zipEntry.setCompressedSize(code.getBytes().length);
            CRC32 crc32 = new CRC32();
            crc32.update(code.getBytes());
            zipEntry.setCrc(crc32.getValue());
            zipOutputStream.putNextEntry(zipEntry);
            zipOutputStream.write(code.getBytes());
            ZipEntry zipEntry2 = new ZipEntry(dSSDocument.getName() != null ? dSSDocument.getName() : ZIP_ENTRY_DETACHED_FILE);
            zipOutputStream.setLevel(8);
            zipOutputStream.putNextEntry(zipEntry2);
            IOUtils.copy(dSSDocument.openStream(), zipOutputStream);
            zipOutputStream.putNextEntry(new ZipEntry(ZIP_ENTRY_METAINF_SIGNATURE));
            TransformerFactory.newInstance().newTransformer().transform(new DOMSource(createDocument), new StreamResult(zipOutputStream));
            zipOutputStream.close();
            return new InMemoryDocument(byteArrayOutputStream.toByteArray(), dSSDocument.getName() != null ? dSSDocument.getName() + ASICS_EXTENSION : null, MimeType.ASICS);
        } catch (Exception e) {
            throw new DSSException(e);
        }
    }

    @Override // eu.europa.ec.markt.dss.signature.DocumentSignatureService
    public InputStream toBeSigned(DSSDocument dSSDocument, SignatureParameters signatureParameters) throws DSSException {
        setXAdESParams(signatureParameters, false);
        return signatureParameters.getContext().getXadesService().toBeSigned(dSSDocument, signatureParameters);
    }

    @Override // eu.europa.ec.markt.dss.signature.DocumentSignatureService
    public DSSDocument signDocument(DSSDocument dSSDocument, SignatureParameters signatureParameters) throws DSSException {
        InputStream beSigned = toBeSigned(dSSDocument, signatureParameters);
        if (signatureParameters.getSigningToken() == null) {
            throw new DSSException("SigningToken is null, the connection through available API to the SSCD must be set.");
        }
        try {
            return signDocument(dSSDocument, signatureParameters, signatureParameters.getSigningToken().sign(beSigned, signatureParameters.getDigestAlgorithm(), signatureParameters.getPrivateKeyEntry()));
        } catch (IOException e) {
            throw new DSSException("Signed info input stream read error.", e);
        } catch (NoSuchAlgorithmException e2) {
            throw new DSSException("The digest algorythm is not supported: " + signatureParameters.getDigestAlgorithm(), e2);
        }
    }

    @Override // eu.europa.ec.markt.dss.signature.DocumentSignatureService
    public DSSDocument extendDocument(DSSDocument dSSDocument, SignatureParameters signatureParameters) throws DSSException {
        if (signatureParameters.getSignatureFormat() != SignatureFormat.ASiC_S_T) {
            throw new DSSException("Unsupported signature format " + signatureParameters.getSignatureFormat());
        }
        try {
            SignedDocumentValidator fromDocument = SignedDocumentValidator.fromDocument(dSSDocument);
            fromDocument.setExternalContent(signatureParameters.getOriginalDocument());
            XAdESService xadesService = signatureParameters.getContext().getXadesService();
            xadesService.setCertificateVerifier(this.certificateVerifier);
            xadesService.setTspSource(this.tspSource);
            setXAdESParams(signatureParameters, true);
            DSSDocument extendDocument = xadesService.extendDocument(fromDocument.getDocument(), signatureParameters);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ZipOutputStream zipOutputStream = new ZipOutputStream(byteArrayOutputStream);
            ZipInputStream zipInputStream = new ZipInputStream(dSSDocument.openStream());
            while (true) {
                ZipEntry nextEntry = zipInputStream.getNextEntry();
                if (nextEntry == null) {
                    zipOutputStream.close();
                    return new InMemoryDocument(byteArrayOutputStream.toByteArray());
                }
                ZipEntry zipEntry = new ZipEntry(nextEntry.getName());
                if (ZIP_ENTRY_METAINF_SIGNATURE.equals(nextEntry.getName())) {
                    zipOutputStream.putNextEntry(zipEntry);
                    IOUtils.copy(extendDocument.openStream(), zipOutputStream);
                } else {
                    zipOutputStream.putNextEntry(zipEntry);
                    IOUtils.copy(zipInputStream, zipOutputStream);
                }
            }
        } catch (IOException e) {
            throw new DSSException(e);
        }
    }
}
