package eu.europa.esig.dss.signature;

import eu.europa.esig.dss.DomUtils;
import eu.europa.esig.dss.enumerations.SignatureForm;
import eu.europa.esig.dss.enumerations.SignatureLevel;
import eu.europa.esig.dss.model.DSSDocument;
import eu.europa.esig.dss.model.DSSException;
import eu.europa.esig.dss.model.MimeType;
import eu.europa.esig.dss.model.SerializableSignatureParameters;
import eu.europa.esig.dss.model.SerializableTimestampParameters;
import eu.europa.esig.dss.model.SignatureValue;
import eu.europa.esig.dss.model.ToBeSigned;
import eu.europa.esig.dss.model.x509.CertificateToken;
import eu.europa.esig.dss.spi.DSSSecurityProvider;
import eu.europa.esig.dss.spi.x509.tsp.TSPSource;
import eu.europa.esig.dss.utils.Utils;
import eu.europa.esig.dss.validation.CertificateVerifier;
import java.security.GeneralSecurityException;
import java.security.Security;
import java.security.Signature;
import java.util.Date;
import java.util.Objects;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/signature/AbstractSignatureService.class */
public abstract class AbstractSignatureService<SP extends SerializableSignatureParameters, TP extends SerializableTimestampParameters> implements DocumentSignatureService<SP, TP> {
    private static final Logger LOG;
    protected TSPSource tspSource;
    protected final CertificateVerifier certificateVerifier;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: eu.europa.esig.dss.signature.AbstractSignatureService$1, reason: invalid class name */
    /* loaded from: input_file:eu/europa/esig/dss/signature/AbstractSignatureService$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$eu$europa$esig$dss$signature$SigningOperation;
        static final /* synthetic */ int[] $SwitchMap$eu$europa$esig$dss$enumerations$SignatureForm = new int[SignatureForm.values().length];

        static {
            try {
                $SwitchMap$eu$europa$esig$dss$enumerations$SignatureForm[SignatureForm.XAdES.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$eu$europa$esig$dss$enumerations$SignatureForm[SignatureForm.CAdES.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$eu$europa$esig$dss$enumerations$SignatureForm[SignatureForm.PAdES.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$eu$europa$esig$dss$enumerations$SignatureForm[SignatureForm.JAdES.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            $SwitchMap$eu$europa$esig$dss$signature$SigningOperation = new int[SigningOperation.values().length];
            try {
                $SwitchMap$eu$europa$esig$dss$signature$SigningOperation[SigningOperation.SIGN.ordinal()] = 1;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$eu$europa$esig$dss$signature$SigningOperation[SigningOperation.COUNTER_SIGN.ordinal()] = 2;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$eu$europa$esig$dss$signature$SigningOperation[SigningOperation.TIMESTAMP.ordinal()] = 3;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$eu$europa$esig$dss$signature$SigningOperation[SigningOperation.EXTEND.ordinal()] = 4;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$eu$europa$esig$dss$signature$SigningOperation[SigningOperation.ADD_SIG_POLICY_STORE.ordinal()] = 5;
            } catch (NoSuchFieldError e9) {
            }
        }
    }

    protected AbstractSignatureService(CertificateVerifier certificateVerifier) {
        Objects.requireNonNull(certificateVerifier, "CertificateVerifier cannot be null !");
        this.certificateVerifier = certificateVerifier;
    }

    @Override // eu.europa.esig.dss.signature.DocumentSignatureService
    public void setTspSource(TSPSource tSPSource) {
        this.tspSource = tSPSource;
    }

    protected void assertSigningDateInCertificateValidityRange(SerializableSignatureParameters serializableSignatureParameters) {
        if (serializableSignatureParameters.getSigningCertificate() == null) {
            if (!serializableSignatureParameters.isGenerateTBSWithoutCertificate()) {
                throw new DSSException("Signing Certificate is not defined!");
            }
        } else {
            if (serializableSignatureParameters.isSignWithExpiredCertificate()) {
                return;
            }
            CertificateToken signingCertificate = serializableSignatureParameters.getSigningCertificate();
            Date notAfter = signingCertificate.getNotAfter();
            Date notBefore = signingCertificate.getNotBefore();
            Date signingDate = serializableSignatureParameters.bLevel().getSigningDate();
            if (signingDate.after(notAfter) || signingDate.before(notBefore)) {
                throw new DSSException(String.format("Signing Date (%s) is not in certificate validity range (%s, %s).", signingDate.toString(), notBefore.toString(), notAfter.toString()));
            }
        }
    }

    protected String getFinalDocumentName(DSSDocument dSSDocument, SigningOperation signingOperation, SignatureLevel signatureLevel, MimeType mimeType) {
        StringBuilder sb = new StringBuilder();
        String name = mimeType != null ? "container" : dSSDocument.getName();
        String str = "";
        if (Utils.isStringNotEmpty(name)) {
            int lastIndexOf = name.lastIndexOf(46);
            if (lastIndexOf > 0) {
                sb.append(name.substring(0, lastIndexOf));
                str = name.substring(lastIndexOf + 1);
            } else {
                sb.append(name);
            }
        } else {
            sb.append("document");
        }
        switch (AnonymousClass1.$SwitchMap$eu$europa$esig$dss$signature$SigningOperation[signingOperation.ordinal()]) {
            case 1:
                sb.append("-signed");
                break;
            case 2:
                sb.append("-counter-signed");
                break;
            case 3:
                sb.append("-timestamped");
                break;
            case DomUtils.TRANSFORMER_INDENT_NUMBER /* 4 */:
                sb.append("-extended");
                break;
            case 5:
                sb.append("-sig-policy-store");
                break;
            default:
                throw new DSSException(String.format("The following operation '%s' is not supported!", signingOperation));
        }
        if (signatureLevel != null) {
            sb.append('-');
            sb.append(Utils.lowerCase(signatureLevel.name().replace("_", "-")));
        }
        String fileExtensionString = getFileExtensionString(signatureLevel, mimeType);
        String str2 = Utils.isStringNotBlank(fileExtensionString) ? fileExtensionString : str;
        if (Utils.isStringNotBlank(str2)) {
            sb.append('.');
            sb.append(str2);
        }
        return sb.toString();
    }

    private String getFileExtensionString(SignatureLevel signatureLevel, MimeType mimeType) {
        if (mimeType != null) {
            return MimeType.getExtension(mimeType);
        }
        if (signatureLevel == null) {
            return "";
        }
        switch (AnonymousClass1.$SwitchMap$eu$europa$esig$dss$enumerations$SignatureForm[signatureLevel.getSignatureForm().ordinal()]) {
            case 1:
                return "xml";
            case 2:
                return "pkcs7";
            case 3:
                return "pdf";
            case DomUtils.TRANSFORMER_INDENT_NUMBER /* 4 */:
                return "json";
            default:
                throw new DSSException("Unable to generate a full document name");
        }
    }

    protected String getFinalFileName(DSSDocument dSSDocument, SigningOperation signingOperation) {
        return getFinalFileName(dSSDocument, signingOperation, null);
    }

    protected String getFinalFileName(DSSDocument dSSDocument, SigningOperation signingOperation, SignatureLevel signatureLevel) {
        return getFinalDocumentName(dSSDocument, signingOperation, signatureLevel, null);
    }

    @Override // eu.europa.esig.dss.signature.DocumentSignatureService
    public DSSDocument timestamp(DSSDocument dSSDocument, TP tp) {
        throw new UnsupportedOperationException("Unsupported operation for this file format");
    }

    @Override // eu.europa.esig.dss.signature.DocumentSignatureService
    public boolean isValidSignatureValue(ToBeSigned toBeSigned, SignatureValue signatureValue, CertificateToken certificateToken) {
        Objects.requireNonNull(toBeSigned, "ToBeSigned cannot be null!");
        Objects.requireNonNull(signatureValue, "SignatureValue cannot be null!");
        Objects.requireNonNull(certificateToken, "CertificateToken cannot be null!");
        try {
            Signature signature = Signature.getInstance(signatureValue.getAlgorithm().getJCEId(), DSSSecurityProvider.getSecurityProviderName());
            signature.initVerify(certificateToken.getPublicKey());
            signature.update(toBeSigned.getBytes());
            return signature.verify(signatureValue.getValue());
        } catch (GeneralSecurityException e) {
            LOG.error("Unable to verify the signature value : {}", e.getMessage());
            return false;
        }
    }

    static {
        Security.addProvider(DSSSecurityProvider.getSecurityProvider());
        LOG = LoggerFactory.getLogger(AbstractSignatureService.class);
    }
}
