package es.gob.afirma.triphase.signer.processors;

import es.gob.afirma.core.AOException;
import es.gob.afirma.core.AOInvalidFormatException;
import es.gob.afirma.core.misc.Base64;
import es.gob.afirma.core.signers.CounterSignTarget;
import es.gob.afirma.core.signers.TriphaseData;
import es.gob.afirma.signers.xades.AOFacturaESigner;
import es.gob.afirma.signers.xades.EFacturaAlreadySignedException;
import es.gob.afirma.signers.xades.InvalidEFacturaDataException;
import es.gob.afirma.signers.xml.XMLConstants;
import es.gob.afirma.signvalidation.InvalidSignatureException;
import es.gob.afirma.signvalidation.SignValidity;
import es.gob.afirma.signvalidation.ValidateXMLSignature;
import es.gob.afirma.triphase.signer.xades.XAdESTriPhaseSignerServerSide;
import es.gob.afirma.triphase.signer.xades.XmlPreSignException;
import es.gob.afirma.triphase.signer.xades.XmlPreSignResult;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Properties;
import java.util.logging.Logger;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.dsig.XMLSignatureException;
import javax.xml.parsers.ParserConfigurationException;
import org.xml.sax.SAXException;

/* loaded from: input_file:es/gob/afirma/triphase/signer/processors/XAdESTriPhasePreProcessor.class */
public class XAdESTriPhasePreProcessor implements TriPhasePreProcessor {
    private final boolean facturae;
    private static final String PROPERTY_NAME_PRESIGN = "PRE";
    private static final String PROPERTY_NAME_PKCS1_SIGN = "PK1";
    private static final String PROPERTY_NAME_NEED_PRE = "NEED_PRE";
    private static final String PROPERTY_NAME_SCHEMA_BASE = "BASE";
    private static final String PROPERTY_NAME_XML_ENCODING = "ENCODING";
    private static final String EXTRAPARAM_NAME_TARGET = "target";
    private static final Logger LOGGER = Logger.getLogger("es.gob.afirma");

    public XAdESTriPhasePreProcessor() {
        this(false);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public XAdESTriPhasePreProcessor(boolean z) {
        this.facturae = z;
    }

    @Override // es.gob.afirma.triphase.signer.processors.TriPhasePreProcessor
    public TriphaseData preProcessPreSign(byte[] bArr, String str, X509Certificate[] x509CertificateArr, Properties properties, boolean z) throws IOException, AOException {
        LOGGER.info("Prefirma XAdES - Firma - INICIO");
        AOFacturaESigner aOFacturaESigner = new AOFacturaESigner();
        if (this.facturae && !aOFacturaESigner.isValidDataFile(bArr)) {
            throw new InvalidEFacturaDataException();
        }
        if (this.facturae && aOFacturaESigner.isSign(bArr)) {
            throw new EFacturaAlreadySignedException();
        }
        TriphaseData preProcessPre = preProcessPre(bArr, str, x509CertificateArr, this.facturae ? AOFacturaESigner.getFacturaEExtraParams(properties) : properties, XAdESTriPhaseSignerServerSide.Op.SIGN);
        LOGGER.info("Prefirma XAdES - Firma - FIN");
        return preProcessPre;
    }

    @Override // es.gob.afirma.triphase.signer.processors.TriPhasePreProcessor
    public TriphaseData preProcessPreCoSign(byte[] bArr, String str, X509Certificate[] x509CertificateArr, Properties properties, boolean z) throws IOException, AOException {
        LOGGER.info("Prefirma XAdES - Cofirma - INICIO");
        if (z) {
            SignValidity validate = new ValidateXMLSignature().validate(bArr);
            if (validate.getValidity() == SignValidity.SIGN_DETAIL_TYPE.KO) {
                throw new InvalidSignatureException("La firma que se trata de cofirmar no es valida: " + validate.getError().toString());
            }
        }
        TriphaseData preProcessPre = preProcessPre(bArr, str, x509CertificateArr, properties, XAdESTriPhaseSignerServerSide.Op.COSIGN);
        LOGGER.info("Prefirma XAdES - Cofirma - FIN");
        return preProcessPre;
    }

    @Override // es.gob.afirma.triphase.signer.processors.TriPhasePreProcessor
    public TriphaseData preProcessPreCounterSign(byte[] bArr, String str, X509Certificate[] x509CertificateArr, Properties properties, CounterSignTarget counterSignTarget, boolean z) throws IOException, AOException {
        LOGGER.info("Prefirma XAdES - Contrafirma - INICIO");
        if (z) {
            SignValidity validate = new ValidateXMLSignature().validate(bArr);
            if (validate.getValidity() == SignValidity.SIGN_DETAIL_TYPE.KO) {
                throw new InvalidSignatureException("La firma que se trata de contrafirmar no es valida: " + validate.getError().toString());
            }
        }
        properties.setProperty(EXTRAPARAM_NAME_TARGET, counterSignTarget.name());
        TriphaseData preProcessPre = preProcessPre(bArr, str, x509CertificateArr, properties, XAdESTriPhaseSignerServerSide.Op.COUNTERSIGN);
        LOGGER.info("Prefirma XAdES - Contrafirma - FIN");
        return preProcessPre;
    }

    private static TriphaseData preProcessPre(byte[] bArr, String str, X509Certificate[] x509CertificateArr, Properties properties, XAdESTriPhaseSignerServerSide.Op op) throws IOException, AOException {
        if (((String) XMLConstants.SIGN_ALGOS_URI.get(str)) == null) {
            throw new AOException("El formato de firma XAdES no soporta el algoritmo de firma '" + str + "'");
        }
        try {
            XmlPreSignResult preSign = XAdESTriPhaseSignerServerSide.preSign(bArr, str, x509CertificateArr, properties, op);
            String signatureId = TriPhaseUtil.getSignatureId(properties);
            TriphaseData triphaseData = new TriphaseData();
            for (int i = 0; i < preSign.getSignedInfos().size(); i++) {
                HashMap hashMap = new HashMap();
                hashMap.put(PROPERTY_NAME_PRESIGN, Base64.encode(preSign.getSignedInfos().get(i)));
                hashMap.put(PROPERTY_NAME_NEED_PRE, Boolean.TRUE.toString());
                if (i == 0) {
                    hashMap.put(PROPERTY_NAME_SCHEMA_BASE, Base64.encode(XAdESTriPhaseSignerUtil.removeCommonParts(preSign.getXmlSign(), preSign.getEncoding(), properties)));
                    if (preSign.getEncoding() != null) {
                        hashMap.put(PROPERTY_NAME_XML_ENCODING, preSign.getEncoding());
                    }
                }
                triphaseData.addSignOperation(new TriphaseData.TriSign(hashMap, signatureId));
            }
            return triphaseData;
        } catch (XmlPreSignException e) {
            throw new AOException("Error en la prefirma XAdES: " + e, e);
        } catch (InvalidKeyException e2) {
            throw new AOException("Error en la prefirma XAdES por problemas con las claves: " + e2, e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new AOException("Error en la prefirma XAdES por no soportarse un algoritmo: " + e3, e3);
        } catch (ParserConfigurationException e4) {
            throw new AOException("Error en la prefirma XAdES por problemas en el parser SAX: " + e4, e4);
        } catch (SAXException e5) {
            throw new AOException("Error en la prefirma XAdES en el proceso SAX del XML: " + e5, e5);
        } catch (MarshalException e6) {
            throw new AOException("Error en la prefirma XAdES al empaquetar el XML: " + e6, e6);
        } catch (SignatureException e7) {
            throw new AOException("Error en la prefirma XAdES en la firma: " + e7, e7);
        } catch (XMLSignatureException e8) {
            throw new AOException("Error en la prefirma XAdES en la firma XMLDSig: " + e8, e8);
        }
    }

    @Override // es.gob.afirma.triphase.signer.processors.TriPhasePreProcessor
    public byte[] preProcessPostSign(byte[] bArr, String str, X509Certificate[] x509CertificateArr, Properties properties, byte[] bArr2) throws NoSuchAlgorithmException, AOException, IOException {
        return preProcessPostSign(bArr, str, x509CertificateArr, properties, TriphaseData.parser(bArr2));
    }

    @Override // es.gob.afirma.triphase.signer.processors.TriPhasePreProcessor
    public byte[] preProcessPostSign(byte[] bArr, String str, X509Certificate[] x509CertificateArr, Properties properties, TriphaseData triphaseData) throws NoSuchAlgorithmException, AOException, IOException {
        LOGGER.info("Postfirma XAdES - Firma - INICIO");
        if (this.facturae && !new AOFacturaESigner().isValidDataFile(bArr)) {
            throw new AOInvalidFormatException("Los datos proporcionados no son una factura electronica compatible");
        }
        byte[] preProcessPost = preProcessPost(bArr, str, x509CertificateArr, this.facturae ? AOFacturaESigner.getFacturaEExtraParams(properties) : properties, XAdESTriPhaseSignerServerSide.Op.SIGN, triphaseData);
        LOGGER.info("Postfirma XAdES - Firma - FIN");
        return preProcessPost;
    }

    @Override // es.gob.afirma.triphase.signer.processors.TriPhasePreProcessor
    public byte[] preProcessPostCoSign(byte[] bArr, String str, X509Certificate[] x509CertificateArr, Properties properties, byte[] bArr2) throws NoSuchAlgorithmException, AOException, IOException {
        LOGGER.info("Postfirma XAdES - Cofirma - INICIO");
        byte[] preProcessPost = preProcessPost(bArr, str, x509CertificateArr, properties, XAdESTriPhaseSignerServerSide.Op.COSIGN, TriphaseData.parser(bArr2));
        LOGGER.info("Postfirma XAdES - Cofirma - FIN");
        return preProcessPost;
    }

    @Override // es.gob.afirma.triphase.signer.processors.TriPhasePreProcessor
    public byte[] preProcessPostCoSign(byte[] bArr, String str, X509Certificate[] x509CertificateArr, Properties properties, TriphaseData triphaseData) throws NoSuchAlgorithmException, AOException, IOException {
        LOGGER.info("Postfirma XAdES - Cofirma - INICIO");
        byte[] preProcessPost = preProcessPost(bArr, str, x509CertificateArr, properties, XAdESTriPhaseSignerServerSide.Op.COSIGN, triphaseData);
        LOGGER.info("Postfirma XAdES - Cofirma - FIN");
        return preProcessPost;
    }

    @Override // es.gob.afirma.triphase.signer.processors.TriPhasePreProcessor
    public byte[] preProcessPostCounterSign(byte[] bArr, String str, X509Certificate[] x509CertificateArr, Properties properties, byte[] bArr2, CounterSignTarget counterSignTarget) throws NoSuchAlgorithmException, AOException, IOException {
        LOGGER.info("Postfirma XAdES - Contrafirma - INICIO");
        properties.setProperty(EXTRAPARAM_NAME_TARGET, counterSignTarget.name());
        byte[] preProcessPost = preProcessPost(bArr, str, x509CertificateArr, properties, XAdESTriPhaseSignerServerSide.Op.COUNTERSIGN, TriphaseData.parser(bArr2));
        LOGGER.info("Postfirma XAdES - Contrafirma - FIN");
        return preProcessPost;
    }

    @Override // es.gob.afirma.triphase.signer.processors.TriPhasePreProcessor
    public byte[] preProcessPostCounterSign(byte[] bArr, String str, X509Certificate[] x509CertificateArr, Properties properties, TriphaseData triphaseData, CounterSignTarget counterSignTarget) throws NoSuchAlgorithmException, AOException, IOException {
        LOGGER.info("Postfirma XAdES - Contrafirma - INICIO");
        properties.setProperty(EXTRAPARAM_NAME_TARGET, counterSignTarget.name());
        byte[] preProcessPost = preProcessPost(bArr, str, x509CertificateArr, properties, XAdESTriPhaseSignerServerSide.Op.COUNTERSIGN, triphaseData);
        LOGGER.info("Postfirma XAdES - Contrafirma - FIN");
        return preProcessPost;
    }

    private static byte[] preProcessPost(byte[] bArr, String str, X509Certificate[] x509CertificateArr, Properties properties, XAdESTriPhaseSignerServerSide.Op op, TriphaseData triphaseData) throws IOException, AOException {
        if (triphaseData.getSignsCount() < 1) {
            LOGGER.severe("No se ha encontrado la informacion de firma en la peticion");
            throw new AOException("No se ha encontrado la informacion de firma en la peticion");
        }
        String str2 = triphaseData.getSign(0).getProperty(PROPERTY_NAME_XML_ENCODING) != null ? new String(Base64.decode(triphaseData.getSign(0).getProperty(PROPERTY_NAME_SCHEMA_BASE)), triphaseData.getSign(0).getProperty(PROPERTY_NAME_XML_ENCODING)) : new String(Base64.decode(triphaseData.getSign(0).getProperty(PROPERTY_NAME_SCHEMA_BASE)));
        for (int i = 0; i < triphaseData.getSignsCount(); i++) {
            String property = triphaseData.getSign(i).getProperty(PROPERTY_NAME_PKCS1_SIGN);
            if (property == null) {
                throw new IllegalArgumentException("La propiedades adicionales no contienen la firma PKCS#1");
            }
            str2 = str2.replace(XAdESTriPhaseSignerServerSide.REPLACEMENT_STRING.replace(XAdESTriPhaseSignerServerSide.REPLACEMENT_CODE, Integer.toString(i)), property.trim());
        }
        try {
            XmlPreSignResult preSign = XAdESTriPhaseSignerServerSide.preSign(bArr, str, x509CertificateArr, properties, op);
            try {
                return XAdESTriPhaseSignerUtil.insertCommonParts(str2.getBytes(preSign.getEncoding()), preSign.getXmlSign(), properties);
            } catch (Exception e) {
                throw new AOException("Error insertando los datos a firmar y la cadena de certificados: " + e, e);
            }
        } catch (Exception e2) {
            throw new AOException("Error recreando los datos a firmar y la cadena de certificados: " + e2);
        }
    }
}
