package de.adorsys.psd2.validator.signature;

import com.nimbusds.jose.util.X509CertUtils;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.cms.CMSAttributeTableGenerator;
import org.tomitribe.auth.signatures.Signature;

/* loaded from: input_file:BOOT-INF/lib/psd2-validator-1.6.jar:de/adorsys/psd2/validator/signature/TppSignatureValidator.class */
public class TppSignatureValidator {
    private static final List<String> MANDATORY_HEADERS_PSD2 = Arrays.asList(CMSAttributeTableGenerator.DIGEST, "tpp-transaction-id", "x-request-id", "timestamp");

    public boolean verifySignature(String str, String str2, Map<String, String> map) throws NoSuchAlgorithmException, SignatureException, IOException {
        if (StringUtils.isBlank(str)) {
            throw new IllegalArgumentException("SIGNATURE_MISSING");
        }
        if (StringUtils.isBlank(str2)) {
            throw new IllegalArgumentException("CERTIFICAT_MISSING");
        }
        Signature fromString = Signature.fromString(str);
        if (fromString.getHeaders().containsAll(MANDATORY_HEADERS_PSD2)) {
            return new SignatureVerifier(X509CertUtils.parse(str2).getPublicKey(), fromString).verify("method", "uri", map);
        }
        throw new IllegalArgumentException("SIGNATURE_INVALID");
    }
}
