package eu.europa.esig.dss.validation;

import eu.europa.esig.dss.DSSASN1Utils;
import eu.europa.esig.dss.DSSDocument;
import eu.europa.esig.dss.DSSException;
import eu.europa.esig.dss.DSSPKUtils;
import eu.europa.esig.dss.DSSUnsupportedOperationException;
import eu.europa.esig.dss.DSSUtils;
import eu.europa.esig.dss.DigestAlgorithm;
import eu.europa.esig.dss.EncryptionAlgorithm;
import eu.europa.esig.dss.SignatureAlgorithm;
import eu.europa.esig.dss.SignatureLevel;
import eu.europa.esig.dss.jaxb.diagnostic.DiagnosticData;
import eu.europa.esig.dss.jaxb.diagnostic.XmlBasicSignatureType;
import eu.europa.esig.dss.jaxb.diagnostic.XmlCertificate;
import eu.europa.esig.dss.jaxb.diagnostic.XmlCertificateChainType;
import eu.europa.esig.dss.jaxb.diagnostic.XmlCertificatePolicyIds;
import eu.europa.esig.dss.jaxb.diagnostic.XmlCertifiedRolesType;
import eu.europa.esig.dss.jaxb.diagnostic.XmlChainCertificate;
import eu.europa.esig.dss.jaxb.diagnostic.XmlClaimedRoles;
import eu.europa.esig.dss.jaxb.diagnostic.XmlCommitmentTypeIndication;
import eu.europa.esig.dss.jaxb.diagnostic.XmlDigestAlgAndValueType;
import eu.europa.esig.dss.jaxb.diagnostic.XmlDistinguishedName;
import eu.europa.esig.dss.jaxb.diagnostic.XmlInfoType;
import eu.europa.esig.dss.jaxb.diagnostic.XmlKeyUsageBits;
import eu.europa.esig.dss.jaxb.diagnostic.XmlMessage;
import eu.europa.esig.dss.jaxb.diagnostic.XmlPolicy;
import eu.europa.esig.dss.jaxb.diagnostic.XmlQCStatementIds;
import eu.europa.esig.dss.jaxb.diagnostic.XmlQualifiers;
import eu.europa.esig.dss.jaxb.diagnostic.XmlRevocationType;
import eu.europa.esig.dss.jaxb.diagnostic.XmlServiceStatus;
import eu.europa.esig.dss.jaxb.diagnostic.XmlServiceStatusType;
import eu.europa.esig.dss.jaxb.diagnostic.XmlSignature;
import eu.europa.esig.dss.jaxb.diagnostic.XmlSignatureProductionPlace;
import eu.europa.esig.dss.jaxb.diagnostic.XmlSignatureScopeType;
import eu.europa.esig.dss.jaxb.diagnostic.XmlSignatureScopes;
import eu.europa.esig.dss.jaxb.diagnostic.XmlSignedObjectsType;
import eu.europa.esig.dss.jaxb.diagnostic.XmlSignedSignature;
import eu.europa.esig.dss.jaxb.diagnostic.XmlSigningCertificateType;
import eu.europa.esig.dss.jaxb.diagnostic.XmlStructuralValidationType;
import eu.europa.esig.dss.jaxb.diagnostic.XmlTimestampType;
import eu.europa.esig.dss.jaxb.diagnostic.XmlTimestampedTimestamp;
import eu.europa.esig.dss.jaxb.diagnostic.XmlTimestamps;
import eu.europa.esig.dss.jaxb.diagnostic.XmlTrustedServiceProviderType;
import eu.europa.esig.dss.jaxb.diagnostic.XmlUsedCertificates;
import eu.europa.esig.dss.tsl.Condition;
import eu.europa.esig.dss.tsl.KeyUsageBit;
import eu.europa.esig.dss.tsl.ServiceInfo;
import eu.europa.esig.dss.tsl.ServiceInfoStatus;
import eu.europa.esig.dss.validation.executor.CustomProcessExecutor;
import eu.europa.esig.dss.validation.executor.ProcessExecutor;
import eu.europa.esig.dss.validation.executor.ValidationLevel;
import eu.europa.esig.dss.validation.policy.Context;
import eu.europa.esig.dss.validation.policy.EtsiValidationPolicy;
import eu.europa.esig.dss.validation.policy.ValidationPolicy;
import eu.europa.esig.dss.validation.reports.Reports;
import eu.europa.esig.dss.x509.CertificatePool;
import eu.europa.esig.dss.x509.CertificateSourceType;
import eu.europa.esig.dss.x509.CertificateToken;
import eu.europa.esig.dss.x509.RevocationToken;
import eu.europa.esig.dss.x509.SignaturePolicy;
import eu.europa.esig.dss.x509.crl.ListCRLSource;
import eu.europa.esig.dss.x509.ocsp.ListOCSPSource;
import eu.europa.esig.jaxb.policy.ConstraintsParameters;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Constructor;
import java.net.URL;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import javax.security.auth.x500.X500Principal;
import javax.xml.bind.DatatypeConverter;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/validation/SignedDocumentValidator.class */
public abstract class SignedDocumentValidator implements DocumentValidator {
    protected CertificatePool validationCertPool;
    protected DSSDocument document;
    protected CertificateVerifier certificateVerifier;
    private final SignatureScopeFinder signatureScopeFinder;
    private DiagnosticData jaxbDiagnosticData;
    private File policyDocument;
    private HashMap<String, File> policyDocuments;
    private static final Logger LOG = LoggerFactory.getLogger(SignedDocumentValidator.class);
    private static List<Class<SignedDocumentValidator>> registredDocumentValidators = new ArrayList();
    protected ProcessExecutor processExecutor = null;
    protected List<DSSDocument> detachedContents = new ArrayList();
    protected CertificateToken providedSigningCertificateToken = null;
    private ValidationLevel validationLevel = ValidationLevel.ARCHIVAL_DATA;

    /* JADX WARN: Multi-variable type inference failed */
    private static void registerDocumentValidator(String str, String str2) {
        try {
            Class<?> cls = Class.forName(str2);
            registredDocumentValidators.add(cls);
            LOG.info("Validator '" + cls.getName() + "' is registred");
        } catch (ClassNotFoundException e) {
            LOG.warn("Validator not found for signature type " + str);
        }
    }

    protected SignedDocumentValidator(SignatureScopeFinder signatureScopeFinder) {
        this.signatureScopeFinder = signatureScopeFinder;
    }

    public static SignedDocumentValidator fromDocument(DSSDocument dSSDocument) {
        Constructor<SignedDocumentValidator> declaredConstructor;
        if (CollectionUtils.isEmpty(registredDocumentValidators)) {
            throw new DSSException("No validator registred");
        }
        for (Class<SignedDocumentValidator> cls : registredDocumentValidators) {
            try {
                declaredConstructor = cls.getDeclaredConstructor(new Class[0]);
                declaredConstructor.setAccessible(true);
            } catch (Exception e) {
                LOG.error("Cannot instanciate class '" + cls.getName() + "' : " + e.getMessage(), e);
            }
            if (declaredConstructor.newInstance(new Object[0]).isSupported(dSSDocument)) {
                return cls.getDeclaredConstructor(DSSDocument.class).newInstance(dSSDocument);
            }
            continue;
        }
        throw new DSSException("Document format not recognized/handled");
    }

    public abstract boolean isSupported(DSSDocument dSSDocument);

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public DSSDocument getDocument() {
        return this.document;
    }

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public List<DSSDocument> getDetachedContents() {
        return this.detachedContents;
    }

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public void defineSigningCertificate(CertificateToken certificateToken) {
        if (certificateToken == null) {
            throw new NullPointerException();
        }
        this.providedSigningCertificateToken = this.validationCertPool.getInstance(certificateToken, CertificateSourceType.OTHER);
    }

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public void setCertificateVerifier(CertificateVerifier certificateVerifier) {
        this.certificateVerifier = certificateVerifier;
        this.validationCertPool = certificateVerifier.createValidationPool();
        DocumentValidator subordinatedValidator = getSubordinatedValidator();
        while (true) {
            DocumentValidator documentValidator = subordinatedValidator;
            if (documentValidator == null) {
                return;
            }
            documentValidator.setCertificateVerifier(certificateVerifier);
            subordinatedValidator = documentValidator.getNextValidator();
        }
    }

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public void setDetachedContents(List<DSSDocument> list) {
        this.detachedContents = list;
    }

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public void setPolicyFile(File file) {
        this.policyDocument = file;
    }

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public void setPolicyFile(String str, File file) {
        if (this.policyDocuments == null) {
            this.policyDocuments = new HashMap<>();
        }
        this.policyDocuments.put(str, file);
    }

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public void setValidationLevel(ValidationLevel validationLevel) {
        this.validationLevel = validationLevel;
    }

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public Reports validateDocument() {
        return validateDocument((InputStream) null);
    }

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public Reports validateDocument(URL url) {
        if (url == null) {
            return validateDocument((InputStream) null);
        }
        try {
            return validateDocument(url.openStream());
        } catch (IOException e) {
            throw new DSSException(e);
        }
    }

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public Reports validateDocument(String str) {
        return str == null ? validateDocument((InputStream) null) : validateDocument(getClass().getResourceAsStream(str));
    }

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public Reports validateDocument(File file) {
        return (file == null || !file.exists()) ? validateDocument((InputStream) null) : validateDocument(DSSUtils.toByteArrayInputStream(file));
    }

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public Reports validateDocument(InputStream inputStream) {
        return validateDocument(ValidationResourceManager.loadPolicyData(inputStream));
    }

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public Reports validateDocument(ConstraintsParameters constraintsParameters) {
        return validateDocument((ValidationPolicy) new EtsiValidationPolicy(constraintsParameters));
    }

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public Reports validateDocument(ValidationPolicy validationPolicy) {
        LOG.info("Document validation...");
        if (this.certificateVerifier == null) {
            throw new NullPointerException();
        }
        Date date = new Date();
        ProcessExecutor provideProcessExecutorInstance = provideProcessExecutorInstance();
        provideProcessExecutorInstance.setValidationPolicy(validationPolicy);
        provideProcessExecutorInstance.setValidationLevel(this.validationLevel);
        provideProcessExecutorInstance.setDiagnosticData(generateDiagnosticData());
        Date date2 = new Date();
        if (LOG.isTraceEnabled()) {
            LOG.trace("DiagnosticData building : " + DSSUtils.getDateDiff(date, date2, TimeUnit.MILLISECONDS) + " ms.");
        }
        Reports execute = provideProcessExecutorInstance.execute();
        Date date3 = new Date();
        if (LOG.isTraceEnabled()) {
            LOG.trace("Reports building: " + DSSUtils.getDateDiff(date2, date3, TimeUnit.MILLISECONDS) + " ms.");
        }
        return execute;
    }

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public void setProcessExecutor(ProcessExecutor processExecutor) {
        this.processExecutor = processExecutor;
    }

    public ProcessExecutor provideProcessExecutorInstance() {
        if (this.processExecutor == null) {
            this.processExecutor = new CustomProcessExecutor();
        }
        return this.processExecutor;
    }

    private DiagnosticData generateDiagnosticData() {
        prepareDiagnosticData();
        SignatureValidationContext signatureValidationContext = new SignatureValidationContext(this.validationCertPool);
        List<AdvancedSignature> allSignatures = getAllSignatures();
        prepareCertificatesAndTimestamps(allSignatures, signatureValidationContext);
        this.certificateVerifier.setSignatureCRLSource(getSignatureCrlSource(allSignatures));
        this.certificateVerifier.setSignatureOCSPSource(getSignatureOcspSource(allSignatures));
        signatureValidationContext.initialize(this.certificateVerifier);
        signatureValidationContext.setCurrentTime(provideProcessExecutorInstance().getCurrentTime());
        signatureValidationContext.validate();
        HashSet hashSet = new HashSet();
        for (AdvancedSignature advancedSignature : allSignatures) {
            XmlSignature validateSignature = validateSignature(advancedSignature);
            hashSet.addAll(advancedSignature.getUsedCertificatesDigestAlgorithms());
            this.jaxbDiagnosticData.getSignature().add(validateSignature);
        }
        dealUsedCertificates(hashSet, signatureValidationContext.getProcessedCertificates());
        return this.jaxbDiagnosticData;
    }

    private void prepareDiagnosticData() {
        this.jaxbDiagnosticData = new DiagnosticData();
        String absolutePath = this.document.getAbsolutePath();
        String name = this.document.getName();
        if (StringUtils.isNotEmpty(absolutePath)) {
            this.jaxbDiagnosticData.setDocumentName(removeSpecialCharsForXml(absolutePath));
        } else if (StringUtils.isNotEmpty(name)) {
            this.jaxbDiagnosticData.setDocumentName(removeSpecialCharsForXml(name));
        } else {
            this.jaxbDiagnosticData.setDocumentName("?");
        }
    }

    private String removeSpecialCharsForXml(String str) {
        return str.replaceAll("&", "");
    }

    private List<AdvancedSignature> getAllSignatures() {
        ArrayList arrayList = new ArrayList();
        for (AdvancedSignature advancedSignature : getSignatures()) {
            arrayList.add(advancedSignature);
            arrayList.addAll(advancedSignature.getCounterSignatures());
        }
        return arrayList;
    }

    private ListCRLSource getSignatureCrlSource(List<AdvancedSignature> list) {
        ListCRLSource listCRLSource = new ListCRLSource();
        Iterator<AdvancedSignature> it = list.iterator();
        while (it.hasNext()) {
            listCRLSource.addAll(it.next().getCRLSource());
        }
        return listCRLSource;
    }

    private ListOCSPSource getSignatureOcspSource(List<AdvancedSignature> list) {
        ListOCSPSource listOCSPSource = new ListOCSPSource();
        Iterator<AdvancedSignature> it = list.iterator();
        while (it.hasNext()) {
            listOCSPSource.addAll(it.next().getOCSPSource());
        }
        return listOCSPSource;
    }

    private void prepareCertificatesAndTimestamps(List<AdvancedSignature> list, ValidationContext validationContext) {
        for (AdvancedSignature advancedSignature : list) {
            Iterator it = advancedSignature.getCertificateSource().getCertificates().iterator();
            while (it.hasNext()) {
                validationContext.addCertificateTokenForVerification((CertificateToken) it.next());
            }
            advancedSignature.prepareTimestamps(validationContext);
        }
    }

    private XmlSignature validateSignature(AdvancedSignature advancedSignature) throws DSSException {
        XmlSignature xmlSignature = new XmlSignature();
        try {
            CertificateToken dealSignature = dealSignature(advancedSignature, xmlSignature);
            dealPolicy(advancedSignature, xmlSignature);
            dealCertificateChain(xmlSignature, dealSignature);
            advancedSignature.validateTimestamps();
            xmlSignature.setTimestamps(dealTimestamps(dealTimestamps(dealTimestamps(dealTimestamps(dealTimestamps(null, advancedSignature.getContentTimestamps()), advancedSignature.getSignatureTimestamps()), advancedSignature.getTimestampsX1()), advancedSignature.getTimestampsX2()), advancedSignature.getArchiveTimestamps()));
        } catch (Exception e) {
            LOG.warn(e.getMessage(), e);
            addErrorMessage(xmlSignature, e);
        }
        return xmlSignature;
    }

    private void addErrorMessage(XmlSignature xmlSignature, Exception exc) {
        addErrorMessage(xmlSignature, exc.toString());
    }

    private void addErrorMessage(XmlSignature xmlSignature, String str) {
        String errorMessage = xmlSignature.getErrorMessage();
        xmlSignature.setErrorMessage(StringUtils.isBlank(errorMessage) ? str : errorMessage + "<br />" + str);
    }

    private XmlTimestamps dealTimestamps(XmlTimestamps xmlTimestamps, List<TimestampToken> list) {
        if (!list.isEmpty()) {
            Iterator<TimestampToken> it = list.iterator();
            while (it.hasNext()) {
                XmlTimestampType xmlForTimestamp = xmlForTimestamp(it.next());
                if (xmlTimestamps == null) {
                    xmlTimestamps = new XmlTimestamps();
                }
                xmlTimestamps.getTimestamp().add(xmlForTimestamp);
            }
        }
        return xmlTimestamps;
    }

    private XmlTimestampType xmlForTimestamp(TimestampToken timestampToken) {
        XmlTimestampType xmlTimestampType = new XmlTimestampType();
        xmlTimestampType.setId(timestampToken.getDSSId().asXmlId());
        xmlTimestampType.setType(timestampToken.getTimeStampType().name());
        xmlTimestampType.setProductionTime(timestampToken.getGenerationTime());
        xmlTimestampType.setSignedDataDigestAlgo(timestampToken.getSignedDataDigestAlgo().getName());
        xmlTimestampType.setEncodedSignedDataDigestValue(timestampToken.getEncodedSignedDataDigestValue());
        xmlTimestampType.setMessageImprintDataFound(timestampToken.isMessageImprintDataFound().booleanValue());
        xmlTimestampType.setMessageImprintDataIntact(timestampToken.isMessageImprintDataIntact().booleanValue());
        xmlTimestampType.setCanonicalizationMethod(timestampToken.getCanonicalizationMethod());
        SignatureAlgorithm signatureAlgorithm = timestampToken.getSignatureAlgorithm();
        XmlBasicSignatureType xmlBasicSignatureType = new XmlBasicSignatureType();
        if (signatureAlgorithm != null) {
            xmlBasicSignatureType.setEncryptionAlgoUsedToSignThisToken(signatureAlgorithm.getEncryptionAlgorithm().getName());
            xmlBasicSignatureType.setDigestAlgoUsedToSignThisToken(signatureAlgorithm.getDigestAlgorithm().getName());
        }
        xmlBasicSignatureType.setKeyLengthUsedToSignThisToken(DSSPKUtils.getPublicKeySize(timestampToken));
        boolean isSignatureValid = timestampToken.isSignatureValid();
        xmlBasicSignatureType.setReferenceDataFound(isSignatureValid);
        xmlBasicSignatureType.setReferenceDataIntact(isSignatureValid);
        xmlBasicSignatureType.setSignatureIntact(isSignatureValid);
        xmlBasicSignatureType.setSignatureValid(isSignatureValid);
        xmlTimestampType.setBasicSignature(xmlBasicSignatureType);
        CertificateToken issuerToken = timestampToken.getIssuerToken();
        xmlTimestampType.setSigningCertificate(xmlForSigningCertificate(issuerToken));
        xmlTimestampType.setCertificateChain(xmlForCertificateChain(issuerToken));
        List<TimestampReference> timestampedReferences = timestampToken.getTimestampedReferences();
        if (CollectionUtils.isNotEmpty(timestampedReferences)) {
            XmlSignedObjectsType xmlSignedObjectsType = new XmlSignedObjectsType();
            List digestAlgAndValue = xmlSignedObjectsType.getDigestAlgAndValue();
            for (TimestampReference timestampReference : timestampedReferences) {
                TimestampReferenceCategory category = timestampReference.getCategory();
                if (TimestampReferenceCategory.SIGNATURE.equals(category)) {
                    XmlSignedSignature xmlSignedSignature = new XmlSignedSignature();
                    xmlSignedSignature.setId(timestampReference.getSignatureId());
                    xmlSignedObjectsType.getSignedSignature().add(xmlSignedSignature);
                } else if (TimestampReferenceCategory.TIMESTAMP.equals(category)) {
                    XmlTimestampedTimestamp xmlTimestampedTimestamp = new XmlTimestampedTimestamp();
                    xmlTimestampedTimestamp.setId(timestampReference.getSignatureId());
                    xmlSignedObjectsType.getTimestampedTimestamp().add(xmlTimestampedTimestamp);
                } else {
                    XmlDigestAlgAndValueType xmlDigestAlgAndValueType = new XmlDigestAlgAndValueType();
                    xmlDigestAlgAndValueType.setDigestMethod(timestampReference.getDigestAlgorithm().getName());
                    xmlDigestAlgAndValueType.setDigestValue(timestampReference.getDigestValue());
                    xmlDigestAlgAndValueType.setCategory(category.name());
                    digestAlgAndValue.add(xmlDigestAlgAndValueType);
                }
            }
            xmlTimestampType.setSignedObjects(xmlSignedObjectsType);
        }
        return xmlTimestampType;
    }

    private XmlCertificateChainType xmlForCertificateChain(CertificateToken certificateToken) {
        if (certificateToken == null) {
            return null;
        }
        CertificateToken certificateToken2 = certificateToken;
        XmlCertificateChainType xmlCertificateChainType = new XmlCertificateChainType();
        List chainCertificate = xmlCertificateChainType.getChainCertificate();
        do {
            XmlChainCertificate xmlChainCertificate = new XmlChainCertificate();
            xmlChainCertificate.setId(certificateToken2.getDSSId().asXmlId());
            xmlChainCertificate.setSource(getCertificateMainSourceType(certificateToken2).name());
            chainCertificate.add(xmlChainCertificate);
            if (certificateToken2.isTrusted() || certificateToken2.isSelfSigned()) {
                break;
            }
            certificateToken2 = certificateToken2.getIssuerToken();
        } while (certificateToken2 != null);
        return xmlCertificateChainType;
    }

    private CertificateSourceType getCertificateMainSourceType(CertificateToken certificateToken) {
        CertificateSourceType certificateSourceType = CertificateSourceType.UNKNOWN;
        Set sources = certificateToken.getSources();
        if (sources.size() > 0) {
            certificateSourceType = sources.contains(CertificateSourceType.TRUSTED_LIST) ? CertificateSourceType.TRUSTED_LIST : sources.contains(CertificateSourceType.TRUSTED_STORE) ? CertificateSourceType.TRUSTED_STORE : (CertificateSourceType) sources.iterator().next();
        }
        return certificateSourceType;
    }

    private void dealUsedCertificates(Set<DigestAlgorithm> set, Set<CertificateToken> set2) {
        XmlUsedCertificates xmlUsedCertificates = new XmlUsedCertificates();
        this.jaxbDiagnosticData.setUsedCertificates(xmlUsedCertificates);
        for (CertificateToken certificateToken : set2) {
            XmlCertificate dealCertificateDetails = dealCertificateDetails(set, certificateToken);
            if (LOG.isTraceEnabled()) {
                LOG.trace("PEM for certificate: " + certificateToken.getAbbreviation() + "--->");
                LOG.trace("\n" + DSSUtils.convertToPEM(certificateToken));
            }
            dealTrustedService(certificateToken, dealCertificateDetails);
            dealRevocationData(set, certificateToken, dealCertificateDetails);
            dealCertificateValidationInfo(certificateToken, dealCertificateDetails);
            xmlUsedCertificates.getCertificate().add(dealCertificateDetails);
        }
    }

    private void dealCertificateValidationInfo(CertificateToken certificateToken, XmlCertificate xmlCertificate) {
        List<String> validationInfo = certificateToken.getValidationInfo();
        if (validationInfo.size() > 0) {
            XmlInfoType xmlInfoType = new XmlInfoType();
            for (String str : validationInfo) {
                XmlMessage xmlMessage = new XmlMessage();
                xmlMessage.setId(0);
                xmlMessage.setValue(str);
                xmlInfoType.getMessage().add(xmlMessage);
            }
            xmlCertificate.setInfo(xmlInfoType);
        }
    }

    private XmlCertificate dealCertificateDetails(Set<DigestAlgorithm> set, CertificateToken certificateToken) {
        XmlCertificate xmlCertificate = new XmlCertificate();
        xmlCertificate.setId(certificateToken.getDSSId().asXmlId());
        xmlCertificate.getSubjectDistinguishedName().add(xmlForDistinguishedName("CANONICAL", certificateToken.getSubjectX500Principal()));
        xmlCertificate.getSubjectDistinguishedName().add(xmlForDistinguishedName("RFC2253", certificateToken.getSubjectX500Principal()));
        xmlCertificate.getIssuerDistinguishedName().add(xmlForDistinguishedName("CANONICAL", certificateToken.getIssuerX500Principal()));
        xmlCertificate.getIssuerDistinguishedName().add(xmlForDistinguishedName("RFC2253", certificateToken.getIssuerX500Principal()));
        xmlCertificate.setSerialNumber(certificateToken.getSerialNumber());
        X500Principal subjectX500Principal = certificateToken.getSubjectX500Principal();
        xmlCertificate.setCommonName(DSSASN1Utils.extractAttributeFromX500Principal(BCStyle.CN, subjectX500Principal));
        xmlCertificate.setCountryName(DSSASN1Utils.extractAttributeFromX500Principal(BCStyle.C, subjectX500Principal));
        xmlCertificate.setOrganizationName(DSSASN1Utils.extractAttributeFromX500Principal(BCStyle.O, subjectX500Principal));
        xmlCertificate.setGivenName(DSSASN1Utils.extractAttributeFromX500Principal(BCStyle.GIVENNAME, subjectX500Principal));
        xmlCertificate.setOrganizationalUnit(DSSASN1Utils.extractAttributeFromX500Principal(BCStyle.OU, subjectX500Principal));
        xmlCertificate.setSurname(DSSASN1Utils.extractAttributeFromX500Principal(BCStyle.SURNAME, subjectX500Principal));
        xmlCertificate.setPseudonym(DSSASN1Utils.extractAttributeFromX500Principal(BCStyle.PSEUDONYM, subjectX500Principal));
        for (DigestAlgorithm digestAlgorithm : set) {
            XmlDigestAlgAndValueType xmlDigestAlgAndValueType = new XmlDigestAlgAndValueType();
            xmlDigestAlgAndValueType.setDigestMethod(digestAlgorithm.getName());
            xmlDigestAlgAndValueType.setDigestValue(DSSUtils.digest(digestAlgorithm, certificateToken));
            xmlCertificate.getDigestAlgAndValue().add(xmlDigestAlgAndValueType);
        }
        xmlCertificate.setNotAfter(certificateToken.getNotAfter());
        xmlCertificate.setNotBefore(certificateToken.getNotBefore());
        PublicKey publicKey = certificateToken.getPublicKey();
        xmlCertificate.setPublicKeySize(DSSPKUtils.getPublicKeySize(publicKey));
        xmlCertificate.setPublicKeyEncryptionAlgo(DSSPKUtils.getPublicKeyEncryptionAlgo(publicKey));
        xmlForKeyUsageBits(certificateToken, xmlCertificate);
        if (DSSASN1Utils.isOCSPSigning(certificateToken)) {
            xmlCertificate.setIdKpOCSPSigning(true);
        }
        if (DSSASN1Utils.hasIdPkixOcspNoCheckExtension(certificateToken)) {
            xmlCertificate.setIdPkixOcspNoCheck(true);
        }
        XmlBasicSignatureType xmlBasicSignatureType = new XmlBasicSignatureType();
        SignatureAlgorithm signatureAlgorithm = certificateToken.getSignatureAlgorithm();
        xmlBasicSignatureType.setDigestAlgoUsedToSignThisToken(signatureAlgorithm.getDigestAlgorithm().getName());
        xmlBasicSignatureType.setEncryptionAlgoUsedToSignThisToken(signatureAlgorithm.getEncryptionAlgorithm().getName());
        xmlBasicSignatureType.setKeyLengthUsedToSignThisToken(DSSPKUtils.getPublicKeySize(certificateToken));
        boolean isSignatureValid = certificateToken.isSignatureValid();
        xmlBasicSignatureType.setReferenceDataFound(isSignatureValid);
        xmlBasicSignatureType.setReferenceDataIntact(isSignatureValid);
        xmlBasicSignatureType.setSignatureIntact(isSignatureValid);
        xmlBasicSignatureType.setSignatureValid(isSignatureValid);
        xmlCertificate.setBasicSignature(xmlBasicSignatureType);
        CertificateToken issuerToken = certificateToken.getIssuerToken();
        xmlCertificate.setSigningCertificate(xmlForSigningCertificate(issuerToken));
        xmlCertificate.setCertificateChain(xmlForCertificateChain(issuerToken));
        List qCStatementsIdList = DSSASN1Utils.getQCStatementsIdList(certificateToken);
        if (CollectionUtils.isNotEmpty(qCStatementsIdList)) {
            XmlQCStatementIds xmlQCStatementIds = new XmlQCStatementIds();
            xmlQCStatementIds.getOid().addAll(qCStatementsIdList);
            xmlCertificate.setQCStatementIds(xmlQCStatementIds);
        }
        List policyIdentifiers = DSSASN1Utils.getPolicyIdentifiers(certificateToken);
        if (CollectionUtils.isNotEmpty(policyIdentifiers)) {
            XmlCertificatePolicyIds xmlCertificatePolicyIds = new XmlCertificatePolicyIds();
            xmlCertificatePolicyIds.getOid().addAll(policyIdentifiers);
            xmlCertificate.setCertificatePolicyIds(xmlCertificatePolicyIds);
        }
        xmlCertificate.setSelfSigned(certificateToken.isSelfSigned());
        xmlCertificate.setTrusted(certificateToken.isTrusted());
        return xmlCertificate;
    }

    private void xmlForKeyUsageBits(CertificateToken certificateToken, XmlCertificate xmlCertificate) {
        Set keyUsageBits = certificateToken.getKeyUsageBits();
        if (CollectionUtils.isEmpty(keyUsageBits)) {
            return;
        }
        XmlKeyUsageBits xmlKeyUsageBits = new XmlKeyUsageBits();
        List keyUsage = xmlKeyUsageBits.getKeyUsage();
        Iterator it = keyUsageBits.iterator();
        while (it.hasNext()) {
            keyUsage.add(((KeyUsageBit) it.next()).name());
        }
        xmlCertificate.setKeyUsageBits(xmlKeyUsageBits);
    }

    private XmlDistinguishedName xmlForDistinguishedName(String str, X500Principal x500Principal) {
        XmlDistinguishedName xmlDistinguishedName = new XmlDistinguishedName();
        xmlDistinguishedName.setFormat(str);
        xmlDistinguishedName.setValue(x500Principal.getName(str));
        return xmlDistinguishedName;
    }

    private void dealCertificateChain(XmlSignature xmlSignature, CertificateToken certificateToken) {
        if (certificateToken != null) {
            xmlSignature.setCertificateChain(xmlForCertificateChain(certificateToken));
        }
    }

    private void dealTrustedService(CertificateToken certificateToken, XmlCertificate xmlCertificate) {
        Set<ServiceInfo> associatedTSPS;
        if (certificateToken.isTrusted()) {
            associatedTSPS = certificateToken.getAssociatedTSPS();
        } else {
            CertificateToken trustAnchor = certificateToken.getTrustAnchor();
            if (trustAnchor == null) {
                return;
            } else {
                associatedTSPS = trustAnchor.getAssociatedTSPS();
            }
        }
        if (CollectionUtils.isNotEmpty(associatedTSPS)) {
            for (ServiceInfo serviceInfo : associatedTSPS) {
                XmlTrustedServiceProviderType xmlTrustedServiceProviderType = new XmlTrustedServiceProviderType();
                xmlTrustedServiceProviderType.setTSPName(serviceInfo.getTspName());
                xmlTrustedServiceProviderType.setTSPServiceName(serviceInfo.getServiceName());
                xmlTrustedServiceProviderType.setTSPServiceType(serviceInfo.getType());
                xmlTrustedServiceProviderType.setWellSigned(serviceInfo.isTlWellSigned());
                XmlServiceStatus xmlServiceStatus = new XmlServiceStatus();
                for (ServiceInfoStatus serviceInfoStatus : serviceInfo.getStatus()) {
                    XmlServiceStatusType xmlServiceStatusType = new XmlServiceStatusType();
                    xmlServiceStatusType.setStatus(serviceInfoStatus.getStatus());
                    xmlServiceStatusType.setStartDate(serviceInfoStatus.getStartDate());
                    xmlServiceStatusType.setEndDate(serviceInfoStatus.getEndDate());
                    xmlServiceStatus.getStatusService().add(xmlServiceStatusType);
                }
                xmlTrustedServiceProviderType.setServiceStatus(xmlServiceStatus);
                List<String> qualifiers = getQualifiers(serviceInfo, certificateToken);
                if (CollectionUtils.isNotEmpty(qualifiers)) {
                    XmlQualifiers xmlQualifiers = new XmlQualifiers();
                    Iterator<String> it = qualifiers.iterator();
                    while (it.hasNext()) {
                        xmlQualifiers.getQualifier().add(it.next());
                    }
                    xmlTrustedServiceProviderType.setQualifiers(xmlQualifiers);
                }
                xmlCertificate.getTrustedServiceProvider().add(xmlTrustedServiceProviderType);
            }
        }
    }

    public List<String> getQualifiers(ServiceInfo serviceInfo, CertificateToken certificateToken) {
        LOG.trace("--> GET_QUALIFIERS()");
        ArrayList arrayList = new ArrayList();
        for (Map.Entry entry : serviceInfo.getQualifiersAndConditions().entrySet()) {
            List list = (List) entry.getValue();
            LOG.trace("  --> " + list);
            Iterator it = list.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (((Condition) it.next()).check(certificateToken)) {
                    LOG.trace("    --> CONDITION TRUE / " + ((String) entry.getKey()));
                    arrayList.add(entry.getKey());
                    break;
                }
            }
        }
        return arrayList;
    }

    /* JADX WARN: Type inference failed for: r1v26, types: [byte[], byte[][]] */
    private void dealRevocationData(Set<DigestAlgorithm> set, CertificateToken certificateToken, XmlCertificate xmlCertificate) {
        Set<RevocationToken> revocationTokens = certificateToken.getRevocationTokens();
        if (CollectionUtils.isNotEmpty(revocationTokens)) {
            for (RevocationToken revocationToken : revocationTokens) {
                XmlRevocationType xmlRevocationType = new XmlRevocationType();
                xmlRevocationType.setOrigin(revocationToken.getOrigin().name());
                Boolean status = revocationToken.getStatus();
                xmlRevocationType.setStatus(status == null ? false : status.booleanValue());
                xmlRevocationType.setProductionDate(revocationToken.getProductionDate());
                xmlRevocationType.setThisUpdate(revocationToken.getThisUpdate());
                xmlRevocationType.setNextUpdate(revocationToken.getNextUpdate());
                xmlRevocationType.setRevocationDate(revocationToken.getRevocationDate());
                xmlRevocationType.setExpiredCertsOnCRL(revocationToken.getExpiredCertsOnCRL());
                xmlRevocationType.setArchiveCutOff(revocationToken.getArchiveCutOff());
                xmlRevocationType.setReason(revocationToken.getReason());
                xmlRevocationType.setSource(revocationToken.getClass().getSimpleName());
                String sourceURL = revocationToken.getSourceURL();
                if (StringUtils.isNotEmpty(sourceURL)) {
                    xmlRevocationType.setSourceAddress(sourceURL);
                    xmlRevocationType.setAvailable(Boolean.valueOf(revocationToken.isAvailable()));
                }
                xmlRevocationType.setId(DatatypeConverter.printHexBinary(DSSUtils.digest(DigestAlgorithm.SHA256, (byte[][]) new byte[]{certificateToken.getEncoded(), revocationToken.getEncoded()})));
                XmlBasicSignatureType xmlBasicSignatureType = new XmlBasicSignatureType();
                SignatureAlgorithm signatureAlgorithm = revocationToken.getSignatureAlgorithm();
                boolean z = signatureAlgorithm == null;
                xmlBasicSignatureType.setEncryptionAlgoUsedToSignThisToken(z ? "?" : signatureAlgorithm.getEncryptionAlgorithm().getName());
                xmlBasicSignatureType.setKeyLengthUsedToSignThisToken(DSSPKUtils.getPublicKeySize(revocationToken));
                xmlBasicSignatureType.setDigestAlgoUsedToSignThisToken(z ? "?" : signatureAlgorithm.getDigestAlgorithm().getName());
                boolean isSignatureValid = revocationToken.isSignatureValid();
                xmlBasicSignatureType.setReferenceDataFound(isSignatureValid);
                xmlBasicSignatureType.setReferenceDataIntact(isSignatureValid);
                xmlBasicSignatureType.setSignatureIntact(isSignatureValid);
                xmlBasicSignatureType.setSignatureValid(isSignatureValid);
                xmlRevocationType.setBasicSignature(xmlBasicSignatureType);
                for (DigestAlgorithm digestAlgorithm : set) {
                    XmlDigestAlgAndValueType xmlDigestAlgAndValueType = new XmlDigestAlgAndValueType();
                    xmlDigestAlgAndValueType.setDigestMethod(digestAlgorithm.getName());
                    xmlDigestAlgAndValueType.setDigestValue(DSSUtils.digest(digestAlgorithm, revocationToken));
                    xmlRevocationType.getDigestAlgAndValue().add(xmlDigestAlgAndValueType);
                }
                CertificateToken issuerToken = revocationToken.getIssuerToken();
                xmlRevocationType.setSigningCertificate(xmlForSigningCertificate(issuerToken));
                xmlRevocationType.setCertificateChain(xmlForCertificateChain(issuerToken));
                List<String> validationInfo = revocationToken.getValidationInfo();
                if (validationInfo.size() > 0) {
                    XmlInfoType xmlInfoType = new XmlInfoType();
                    for (String str : validationInfo) {
                        XmlMessage xmlMessage = new XmlMessage();
                        xmlMessage.setId(0);
                        xmlMessage.setValue(str);
                        xmlInfoType.getMessage().add(xmlMessage);
                    }
                    xmlRevocationType.setInfo(xmlInfoType);
                }
                xmlCertificate.getRevocation().add(xmlRevocationType);
            }
        }
    }

    private void dealPolicy(AdvancedSignature advancedSignature, XmlSignature xmlSignature) {
        SignaturePolicy signaturePolicy = null;
        try {
            signaturePolicy = advancedSignature.getPolicyId();
        } catch (Exception e) {
            String str = "Error when extracting the signature policy: " + e.getMessage();
            LOG.warn(str, e);
            addErrorMessage(xmlSignature, str);
        }
        if (signaturePolicy == null) {
            return;
        }
        XmlPolicy xmlPolicy = new XmlPolicy();
        xmlSignature.setPolicy(xmlPolicy);
        String identifier = signaturePolicy.getIdentifier();
        xmlPolicy.setId(identifier);
        String url = signaturePolicy.getUrl();
        xmlPolicy.setUrl(url);
        xmlPolicy.setNotice(signaturePolicy.getNotice());
        byte[] digestValue = signaturePolicy.getDigestValue();
        DigestAlgorithm digestAlgorithm = signaturePolicy.getDigestAlgorithm();
        if (ArrayUtils.isNotEmpty(digestValue)) {
            XmlDigestAlgAndValueType xmlDigestAlgAndValueType = new XmlDigestAlgAndValueType();
            xmlDigestAlgAndValueType.setDigestMethod(digestAlgorithm == null ? "" : digestAlgorithm.getName());
            xmlDigestAlgAndValueType.setDigestValue(DatatypeConverter.printBase64Binary(digestValue));
            xmlPolicy.setDigestAlgAndValue(xmlDigestAlgAndValueType);
        }
        if (this.policyDocument == null && StringUtils.isEmpty(url)) {
            xmlPolicy.setIdentified(false);
            if (identifier.isEmpty()) {
                xmlPolicy.setStatus(true);
                return;
            } else {
                xmlPolicy.setStatus(false);
                return;
            }
        }
        xmlPolicy.setIdentified(true);
        if (StringUtils.equalsIgnoreCase("urn:oid:1.3.6.1.4.1.10015.1000.3.2.1", StringUtils.trim(identifier))) {
            return;
        }
        try {
            byte[] byteArray = this.policyDocument == null ? this.certificateVerifier.getDataLoader().get(url) : DSSUtils.toByteArray(this.policyDocument);
            if (ArrayUtils.isEmpty(byteArray)) {
                xmlPolicy.setIdentified(false);
                xmlPolicy.setProcessingError("Empty content for policy");
                return;
            }
            ASN1Sequence aSN1Sequence = null;
            try {
                aSN1Sequence = (ASN1Sequence) DSSASN1Utils.toASN1Primitive(byteArray);
            } catch (Exception e2) {
                LOG.info("Policy bytes are not asn1 processable : " + e2.getMessage());
            }
            try {
                if (aSN1Sequence != null) {
                    xmlPolicy.setAsn1Processable(true);
                    DigestAlgorithm forOID = DigestAlgorithm.forOID(AlgorithmIdentifier.getInstance(aSN1Sequence.getObjectAt(0)).getAlgorithm().getId());
                    if (!forOID.equals(digestAlgorithm)) {
                        xmlPolicy.setProcessingError("The digest algorithm indicated in the SignPolicyHashAlg from the resulting document (" + forOID + ") is not equal to the digest algorithm (" + digestAlgorithm + ").");
                        xmlPolicy.setDigestAlgorithmsEqual(false);
                        xmlPolicy.setStatus(false);
                        return;
                    }
                    xmlPolicy.setDigestAlgorithmsEqual(true);
                    byte[] asn1SignaturePolicyDigest = DSSASN1Utils.getAsn1SignaturePolicyDigest(forOID, byteArray);
                    boolean equals = Arrays.equals(digestValue, asn1SignaturePolicyDigest);
                    xmlPolicy.setStatus(Boolean.valueOf(equals));
                    if (!equals) {
                        xmlPolicy.setProcessingError("The policy digest value (" + DatatypeConverter.printBase64Binary(digestValue) + ") does not match the re-calculated digest value (" + DatatypeConverter.printBase64Binary(asn1SignaturePolicyDigest) + ").");
                        return;
                    }
                    byte[] octets = aSN1Sequence.getObjectAt(2).getOctets();
                    boolean equals2 = Arrays.equals(digestValue, octets);
                    xmlPolicy.setStatus(Boolean.valueOf(equals2));
                    if (!equals2) {
                        xmlPolicy.setProcessingError("The policy digest value (" + DatatypeConverter.printBase64Binary(digestValue) + ") does not match the digest value from the policy file (" + DatatypeConverter.printBase64Binary(octets) + ").");
                    }
                } else {
                    byte[] digest = DSSUtils.digest(digestAlgorithm, byteArray);
                    boolean equals3 = Arrays.equals(digestValue, digest);
                    xmlPolicy.setStatus(Boolean.valueOf(equals3));
                    if (!equals3) {
                        xmlPolicy.setProcessingError("The policy digest value (" + DatatypeConverter.printBase64Binary(digestValue) + ") does not match the re-calculated digest value (" + DatatypeConverter.printBase64Binary(digest) + ").");
                    }
                }
            } catch (Exception e3) {
                xmlPolicy.setStatus(false);
                xmlPolicy.setProcessingError(e3.getMessage());
                LOG.warn(e3.getMessage(), e3);
            }
        } catch (Exception e4) {
            xmlPolicy.setStatus(false);
            xmlPolicy.setProcessingError(e4.getMessage());
            LOG.warn(e4.getMessage(), e4);
        }
    }

    private CertificateToken dealSignature(AdvancedSignature advancedSignature, XmlSignature xmlSignature) {
        AdvancedSignature masterSignature = advancedSignature.getMasterSignature();
        if (masterSignature != null) {
            xmlSignature.setType("COUNTERSIGNATURE");
            xmlSignature.setParentId(masterSignature.getId());
        }
        performStructuralValidation(advancedSignature, xmlSignature);
        performSignatureCryptographicValidation(advancedSignature, xmlSignature);
        xmlSignature.setId(advancedSignature.getId());
        xmlSignature.setDateTime(advancedSignature.getSigningTime());
        SignatureLevel dataFoundUpToLevel = advancedSignature.getDataFoundUpToLevel();
        xmlSignature.setSignatureFormat(dataFoundUpToLevel == null ? "UNKNOWN" : dataFoundUpToLevel.name());
        dealWithSignatureProductionPlace(advancedSignature, xmlSignature);
        dealWithCommitmentTypeIndication(advancedSignature, xmlSignature);
        dealWithClaimedRole(advancedSignature, xmlSignature);
        xmlSignature.setContentType(advancedSignature.getContentType());
        xmlSignature.setContentIdentifier(advancedSignature.getContentIdentifier());
        xmlSignature.setContentHints(advancedSignature.getContentHints());
        dealWithCertifiedRole(advancedSignature, xmlSignature);
        CertificateValidity dealSigningCertificate = dealSigningCertificate(advancedSignature, xmlSignature);
        XmlBasicSignatureType xmlBasicSignatureType = getXmlBasicSignatureType(xmlSignature);
        EncryptionAlgorithm encryptionAlgorithm = advancedSignature.getEncryptionAlgorithm();
        xmlBasicSignatureType.setEncryptionAlgoUsedToSignThisToken(encryptionAlgorithm == null ? "?" : encryptionAlgorithm.getName());
        CertificateToken certificateToken = dealSigningCertificate == null ? null : dealSigningCertificate.getCertificateToken();
        xmlBasicSignatureType.setKeyLengthUsedToSignThisToken(String.valueOf(certificateToken == null ? 0 : DSSPKUtils.getPublicKeySize(certificateToken.getPublicKey())));
        DigestAlgorithm digestAlgorithm = advancedSignature.getDigestAlgorithm();
        xmlBasicSignatureType.setDigestAlgoUsedToSignThisToken(digestAlgorithm == null ? "?" : digestAlgorithm.getName());
        xmlSignature.setBasicSignature(xmlBasicSignatureType);
        dealSignatureScope(xmlSignature, advancedSignature);
        return certificateToken;
    }

    private void performStructuralValidation(AdvancedSignature advancedSignature, XmlSignature xmlSignature) {
        String validateStructure;
        ValidationPolicy validationPolicy = this.processExecutor.getValidationPolicy();
        if (validationPolicy == null || validationPolicy.getStructuralValidationConstraint(Context.SIGNATURE) == null || (validateStructure = advancedSignature.validateStructure()) == null) {
            return;
        }
        XmlStructuralValidationType xmlStructuralValidationType = new XmlStructuralValidationType();
        xmlStructuralValidationType.setValid("".equals(validateStructure));
        if (!"".equals(validateStructure)) {
            xmlStructuralValidationType.setMessage(validateStructure);
        }
        xmlSignature.setStructuralValidation(xmlStructuralValidationType);
    }

    private void dealWithSignatureProductionPlace(AdvancedSignature advancedSignature, XmlSignature xmlSignature) {
        SignatureProductionPlace signatureProductionPlace = advancedSignature.getSignatureProductionPlace();
        if (signatureProductionPlace != null) {
            XmlSignatureProductionPlace xmlSignatureProductionPlace = new XmlSignatureProductionPlace();
            xmlSignatureProductionPlace.setCountryName(signatureProductionPlace.getCountryName());
            xmlSignatureProductionPlace.setStateOrProvince(signatureProductionPlace.getStateOrProvince());
            xmlSignatureProductionPlace.setPostalCode(signatureProductionPlace.getPostalCode());
            xmlSignatureProductionPlace.setAddress(signatureProductionPlace.getStreetAddress());
            xmlSignatureProductionPlace.setCity(signatureProductionPlace.getCity());
            xmlSignature.setSignatureProductionPlace(xmlSignatureProductionPlace);
        }
    }

    private void dealWithCertifiedRole(AdvancedSignature advancedSignature, XmlSignature xmlSignature) {
        List<CertifiedRole> list = null;
        try {
            list = advancedSignature.getCertifiedSignerRoles();
        } catch (DSSException e) {
            LOG.warn("Exception", e);
            addErrorMessage(xmlSignature, (Exception) e);
        }
        if (list == null || list.isEmpty()) {
            return;
        }
        for (CertifiedRole certifiedRole : list) {
            XmlCertifiedRolesType xmlCertifiedRolesType = new XmlCertifiedRolesType();
            xmlCertifiedRolesType.setCertifiedRole(certifiedRole.getRole());
            xmlCertifiedRolesType.setNotBefore(certifiedRole.getNotBefore());
            xmlCertifiedRolesType.setNotAfter(certifiedRole.getNotAfter());
            xmlSignature.getCertifiedRoles().add(xmlCertifiedRolesType);
        }
    }

    private void dealWithClaimedRole(AdvancedSignature advancedSignature, XmlSignature xmlSignature) {
        String[] strArr = null;
        try {
            strArr = advancedSignature.getClaimedSignerRoles();
        } catch (DSSException e) {
            LOG.warn("Exception: ", e);
            addErrorMessage(xmlSignature, (Exception) e);
        }
        if (strArr == null || strArr.length <= 0) {
            return;
        }
        XmlClaimedRoles xmlClaimedRoles = new XmlClaimedRoles();
        for (String str : strArr) {
            xmlClaimedRoles.getClaimedRole().add(str);
        }
        xmlSignature.setClaimedRoles(xmlClaimedRoles);
    }

    private void dealWithCommitmentTypeIndication(AdvancedSignature advancedSignature, XmlSignature xmlSignature) {
        CommitmentType commitmentType = null;
        try {
            commitmentType = advancedSignature.getCommitmentTypeIndication();
        } catch (Exception e) {
            LOG.warn("Exception: ", e);
            addErrorMessage(xmlSignature, e);
        }
        if (commitmentType != null) {
            XmlCommitmentTypeIndication xmlCommitmentTypeIndication = new XmlCommitmentTypeIndication();
            List identifier = xmlCommitmentTypeIndication.getIdentifier();
            List<String> identifiers = commitmentType.getIdentifiers();
            if (CollectionUtils.isNotEmpty(identifiers)) {
                Iterator<String> it = identifiers.iterator();
                while (it.hasNext()) {
                    identifier.add(it.next());
                }
            }
            xmlSignature.setCommitmentTypeIndication(xmlCommitmentTypeIndication);
        }
    }

    protected void dealSignatureScope(XmlSignature xmlSignature, AdvancedSignature advancedSignature) {
        XmlSignatureScopes xmlSignatureScopes = new XmlSignatureScopes();
        for (SignatureScope signatureScope : this.signatureScopeFinder.findSignatureScope(advancedSignature)) {
            XmlSignatureScopeType xmlSignatureScopeType = new XmlSignatureScopeType();
            xmlSignatureScopeType.setName(signatureScope.getName());
            xmlSignatureScopeType.setScope(signatureScope.getType());
            xmlSignatureScopeType.setValue(signatureScope.getDescription());
            xmlSignatureScopes.getSignatureScope().add(xmlSignatureScopeType);
        }
        xmlSignature.setSignatureScopes(xmlSignatureScopes);
    }

    private XmlBasicSignatureType getXmlBasicSignatureType(XmlSignature xmlSignature) {
        XmlBasicSignatureType basicSignature = xmlSignature.getBasicSignature();
        if (basicSignature == null) {
            basicSignature = new XmlBasicSignatureType();
        }
        return basicSignature;
    }

    private void performSignatureCryptographicValidation(AdvancedSignature advancedSignature, XmlSignature xmlSignature) {
        SignatureCryptographicVerification checkSignatureIntegrity = advancedSignature.checkSignatureIntegrity();
        XmlBasicSignatureType xmlBasicSignatureType = getXmlBasicSignatureType(xmlSignature);
        xmlBasicSignatureType.setReferenceDataFound(checkSignatureIntegrity.isReferenceDataFound());
        xmlBasicSignatureType.setReferenceDataIntact(checkSignatureIntegrity.isReferenceDataIntact());
        xmlBasicSignatureType.setSignatureIntact(checkSignatureIntegrity.isSignatureIntact());
        xmlBasicSignatureType.setSignatureValid(checkSignatureIntegrity.isSignatureValid());
        xmlSignature.setBasicSignature(xmlBasicSignatureType);
        if (checkSignatureIntegrity.getErrorMessage().isEmpty()) {
            return;
        }
        xmlSignature.setErrorMessage(checkSignatureIntegrity.getErrorMessage());
    }

    private CertificateValidity dealSigningCertificate(AdvancedSignature advancedSignature, XmlSignature xmlSignature) {
        XmlSigningCertificateType xmlSigningCertificateType = new XmlSigningCertificateType();
        advancedSignature.checkSigningCertificate();
        CertificateValidity theCertificateValidity = advancedSignature.getCandidatesForSigningCertificate().getTheCertificateValidity();
        if (theCertificateValidity != null) {
            CertificateToken certificateToken = theCertificateValidity.getCertificateToken();
            if (certificateToken != null) {
                xmlSigningCertificateType.setId(certificateToken.getDSSId().asXmlId());
            }
            xmlSigningCertificateType.setAttributePresent(Boolean.valueOf(theCertificateValidity.isAttributePresent()));
            xmlSigningCertificateType.setDigestValuePresent(Boolean.valueOf(theCertificateValidity.isDigestPresent()));
            xmlSigningCertificateType.setDigestValueMatch(Boolean.valueOf(theCertificateValidity.isDigestEqual()));
            xmlSigningCertificateType.setIssuerSerialMatch(Boolean.valueOf(theCertificateValidity.isSerialNumberEqual() && theCertificateValidity.isDistinguishedNameEqual()));
            xmlSigningCertificateType.setSigned(theCertificateValidity.getSigned());
            xmlSignature.setSigningCertificate(xmlSigningCertificateType);
        }
        return theCertificateValidity;
    }

    protected XmlSigningCertificateType xmlForSigningCertificate(CertificateToken certificateToken) {
        if (certificateToken == null) {
            return null;
        }
        XmlSigningCertificateType xmlSigningCertificateType = new XmlSigningCertificateType();
        xmlSigningCertificateType.setId(certificateToken.getDSSId().asXmlId());
        return xmlSigningCertificateType;
    }

    public void setNextValidator(DocumentValidator documentValidator) {
        throw new DSSUnsupportedOperationException("This method is not applicable in this context!");
    }

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public DocumentValidator getNextValidator() {
        return null;
    }

    @Override // eu.europa.esig.dss.validation.DocumentValidator
    public DocumentValidator getSubordinatedValidator() {
        return null;
    }

    static {
        Properties properties = new Properties();
        try {
            properties.load(SignedDocumentValidator.class.getResourceAsStream("/document-validators.properties"));
        } catch (IOException e) {
            LOG.error("Cannot load properties from document-validators.properties : " + e.getMessage(), e);
        }
        for (String str : properties.stringPropertyNames()) {
            registerDocumentValidator(str, properties.getProperty(str));
        }
    }
}
