package eu.europa.esig.dss.validation;

import eu.europa.esig.dss.crl.CRLBinary;
import eu.europa.esig.dss.enumerations.RevocationOrigin;
import eu.europa.esig.dss.enumerations.RevocationRefOrigin;
import eu.europa.esig.dss.model.DSSException;
import eu.europa.esig.dss.spi.DSSASN1Utils;
import eu.europa.esig.dss.spi.OID;
import eu.europa.esig.dss.spi.x509.revocation.crl.CRLRef;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.esf.CrlListID;
import org.bouncycastle.asn1.esf.CrlOcspRef;
import org.bouncycastle.asn1.esf.CrlValidatedID;
import org.bouncycastle.asn1.esf.RevocationValues;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.CertificateList;
import org.bouncycastle.cert.X509CRLHolder;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.util.Selector;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/validation/CMSCRLSource.class */
public abstract class CMSCRLSource extends SignatureCRLSource {
    private static final Logger LOG = LoggerFactory.getLogger(CMSCRLSource.class);
    protected final transient CMSSignedData cmsSignedData;
    protected final transient AttributeTable unsignedAttributes;
    private List<CRLBinary> signedDataCRLIdentifiers = new ArrayList();

    public CMSCRLSource(CMSSignedData cMSSignedData, AttributeTable attributeTable) {
        this.cmsSignedData = cMSSignedData;
        this.unsignedAttributes = attributeTable;
        extract();
    }

    protected RevocationOrigin getRevocationValuesOrigin() {
        return RevocationOrigin.REVOCATION_VALUES;
    }

    protected RevocationRefOrigin getCompleteRevocationRefsOrigin() {
        return RevocationRefOrigin.COMPLETE_REVOCATION_REFS;
    }

    protected RevocationRefOrigin getAttributeRevocationRefsOrigin() {
        return RevocationRefOrigin.ATTRIBUTE_REVOCATION_REFS;
    }

    public List<CRLBinary> getSignedDataCRLIdentifiers() {
        return this.signedDataCRLIdentifiers;
    }

    private void extract() {
        collectFromSignedData();
        if (this.unsignedAttributes != null) {
            collectRevocationValues(PKCSObjectIdentifiers.id_aa_ets_revocationValues, getRevocationValuesOrigin());
            collectRevocationRefs(PKCSObjectIdentifiers.id_aa_ets_revocationRefs, getCompleteRevocationRefsOrigin());
            collectRevocationRefs(OID.attributeRevocationRefsOid, getAttributeRevocationRefsOrigin());
        }
    }

    private void collectFromSignedData() {
        Iterator it = this.cmsSignedData.getCRLs().getMatches((Selector) null).iterator();
        while (it.hasNext()) {
            this.signedDataCRLIdentifiers.add(addX509CRLHolder((X509CRLHolder) it.next(), getRevocationValuesOrigin()));
        }
    }

    private void collectRevocationValues(ASN1ObjectIdentifier aSN1ObjectIdentifier, RevocationOrigin revocationOrigin) {
        RevocationValues revocationValues = DSSASN1Utils.getRevocationValues(DSSASN1Utils.getAsn1Encodable(this.unsignedAttributes, aSN1ObjectIdentifier));
        if (revocationValues != null) {
            for (CertificateList certificateList : revocationValues.getCrlVals()) {
                addX509CRLHolder(new X509CRLHolder(certificateList), revocationOrigin);
            }
        }
    }

    protected CRLBinary addX509CRLHolder(X509CRLHolder x509CRLHolder, RevocationOrigin revocationOrigin) {
        try {
            return addCRLBinary(x509CRLHolder.getEncoded(), revocationOrigin);
        } catch (IOException e) {
            throw new DSSException(e);
        }
    }

    private void collectRevocationRefs(ASN1ObjectIdentifier aSN1ObjectIdentifier, RevocationRefOrigin revocationRefOrigin) {
        try {
            ASN1Sequence asn1Encodable = DSSASN1Utils.getAsn1Encodable(this.unsignedAttributes, aSN1ObjectIdentifier);
            if (asn1Encodable != null) {
                ASN1Sequence aSN1Sequence = asn1Encodable;
                for (int i = 0; i < aSN1Sequence.size(); i++) {
                    CrlListID crlids = CrlOcspRef.getInstance(aSN1Sequence.getObjectAt(i)).getCrlids();
                    if (crlids != null) {
                        for (CrlValidatedID crlValidatedID : crlids.getCrls()) {
                            addReference(new CRLRef(crlValidatedID, revocationRefOrigin), revocationRefOrigin);
                        }
                    }
                }
            }
        } catch (Exception e) {
            LOG.warn("An error occurred during extraction of revocation references from  signature unsigned properties. Revocations for origin {} were not stored", revocationRefOrigin.toString(), e);
        }
    }
}
