package org.digidoc4j.ddoc;

import java.io.Serializable;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Vector;
import org.digidoc4j.ddoc.factory.NotaryFactory;
import org.digidoc4j.ddoc.utils.ConfigManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/digidoc4j/ddoc/UnsignedProperties.class */
public class UnsignedProperties implements Serializable {
    private static final long serialVersionUID = 1;
    private Signature m_signature;
    private CompleteCertificateRefs m_certRefs;
    private CompleteRevocationRefs m_revRefs;
    private Vector m_notaries;
    private static Logger m_logger = LoggerFactory.getLogger(UnsignedProperties.class);

    public UnsignedProperties(Signature signature) {
        this.m_signature = signature;
        this.m_certRefs = null;
        this.m_revRefs = null;
        this.m_notaries = null;
    }

    public UnsignedProperties(Signature signature, CompleteCertificateRefs completeCertificateRefs, CompleteRevocationRefs completeRevocationRefs) throws DigiDocException {
        this.m_signature = signature;
        setCompleteCertificateRefs(completeCertificateRefs);
        setCompleteRevocationRefs(completeRevocationRefs);
    }

    public CompleteCertificateRefs getCompleteCertificateRefs() {
        return this.m_certRefs;
    }

    public Signature getSignature() {
        return this.m_signature;
    }

    public void setCompleteCertificateRefs(CompleteCertificateRefs completeCertificateRefs) throws DigiDocException {
        this.m_certRefs = completeCertificateRefs;
    }

    public CompleteRevocationRefs getCompleteRevocationRefs() {
        return this.m_revRefs;
    }

    public void setCompleteRevocationRefs(CompleteRevocationRefs completeRevocationRefs) throws DigiDocException {
        this.m_revRefs = completeRevocationRefs;
    }

    public X509Certificate getRespondersCertificate() {
        CertValue certValueOfType;
        X509Certificate x509Certificate = null;
        if (this.m_signature != null && (certValueOfType = this.m_signature.getCertValueOfType(2)) != null) {
            x509Certificate = certValueOfType.getCert();
        }
        return x509Certificate;
    }

    public void setRespondersCertificate(X509Certificate x509Certificate) throws DigiDocException {
        if (this.m_signature == null || x509Certificate == null) {
            return;
        }
        CertValue orCreateCertValueOfType = this.m_signature.getOrCreateCertValueOfType(2);
        orCreateCertValueOfType.setId(this.m_signature.getId() + "-RESPONDER_CERT");
        orCreateCertValueOfType.setCert(x509Certificate);
    }

    private DigiDocException validateRespondersCertificate(X509Certificate x509Certificate) {
        return null;
    }

    public Notary getNotaryById(int i) {
        if (this.m_notaries == null || i >= this.m_notaries.size()) {
            return null;
        }
        return (Notary) this.m_notaries.elementAt(i);
    }

    public void addNotary(Notary notary) {
        if (this.m_notaries == null) {
            this.m_notaries = new Vector();
        }
        this.m_notaries.add(notary);
    }

    public int countNotaries() {
        if (this.m_notaries != null) {
            return this.m_notaries.size();
        }
        return 0;
    }

    public Notary getNotary() {
        return getNotaryById(0);
    }

    public Notary getLastNotary() {
        return getNotaryById(countNotaries() - 1);
    }

    public void setNotary(Notary notary) throws DigiDocException {
        addNotary(notary);
    }

    public ArrayList verify(SignedDoc signedDoc) {
        ArrayList arrayList = new ArrayList();
        X509Certificate respondersCertificate = getRespondersCertificate();
        if (m_logger.isDebugEnabled()) {
            m_logger.debug("Responders cert: " + respondersCertificate.getSerialNumber() + " - " + respondersCertificate.getSubjectDN().getName() + " complete cert refs nr: " + this.m_certRefs.getCertSerial() + " - " + this.m_certRefs.getCertIssuer());
        }
        if (respondersCertificate == null) {
            arrayList.add(new DigiDocException(53, "No notarys certificate!", null));
            return arrayList;
        }
        if (respondersCertificate != null && !respondersCertificate.getSerialNumber().equals(this.m_certRefs.getCertSerial())) {
            arrayList.add(new DigiDocException(53, "Wrong notarys certificate: " + respondersCertificate.getSerialNumber() + " ref: " + this.m_certRefs.getCertSerial(), null));
        }
        try {
            byte[] digestOfType = SignedDoc.digestOfType(respondersCertificate.getEncoded(), SignedDoc.SHA1_DIGEST_TYPE);
            if (m_logger.isDebugEnabled()) {
                m_logger.debug("Not cert calc hash: " + Base64Util.encode(digestOfType, 0) + " cert-ref hash: " + Base64Util.encode(this.m_certRefs.getCertDigestValue(), 0));
            }
            if (!SignedDoc.compareDigests(digestOfType, this.m_certRefs.getCertDigestValue())) {
                arrayList.add(new DigiDocException(53, "Notary certificates digest doesn't match!", null));
                m_logger.error("Notary certificates digest doesn't match!");
            }
        } catch (DigiDocException e) {
            arrayList.add(e);
        } catch (Exception e2) {
            arrayList.add(new DigiDocException(53, "Error calculating notary certificate digest!", null));
        }
        for (int i = 0; i < countNotaries(); i++) {
            try {
                Notary notaryById = getNotaryById(i);
                byte[] ocspResponseData = notaryById.getOcspResponseData();
                if (m_logger.isDebugEnabled()) {
                    m_logger.debug("OCSP value: " + notaryById.getId() + " data: " + (ocspResponseData != null ? ocspResponseData.length : 0) + " bytes");
                }
                if (ocspResponseData == null || ocspResponseData.length == 0) {
                    arrayList.add(new DigiDocException(83, "OCSP value is empty!", null));
                } else {
                    OcspRef ocspRefByUri = this.m_revRefs.getOcspRefByUri("#" + notaryById.getId());
                    if (m_logger.isDebugEnabled()) {
                        m_logger.debug("OCSP ref: " + (ocspRefByUri != null ? ocspRefByUri.getUri() : "NULL"));
                    }
                    if (ocspRefByUri == null) {
                        arrayList.add(new DigiDocException(83, "No OCSP ref for uri: #" + notaryById.getId(), null));
                    } else {
                        byte[] digestOfType2 = SignedDoc.digestOfType(ocspResponseData, SignedDoc.SHA1_DIGEST_TYPE);
                        byte[] digestValue = ocspRefByUri.getDigestValue();
                        if (m_logger.isDebugEnabled()) {
                            m_logger.debug("Check ocsp: " + notaryById.getId() + " calc hash: " + Base64Util.encode(digestOfType2, 0) + " refs-hash: " + Base64Util.encode(digestValue, 0));
                        }
                        if (!SignedDoc.compareDigests(digestOfType2, digestValue)) {
                            arrayList.add(new DigiDocException(83, "Notarys digest doesn't match!", null));
                            m_logger.error("Notarys digest doesn't match!");
                        }
                    }
                }
            } catch (DigiDocException e3) {
                arrayList.add(e3);
            }
        }
        try {
            NotaryFactory notaryFactory = ConfigManager.instance().getNotaryFactory();
            for (int i2 = 0; i2 < countNotaries(); i2++) {
                Notary notaryById2 = getNotaryById(i2);
                if (m_logger.isDebugEnabled()) {
                    m_logger.debug("Verify notray: " + notaryById2.getId() + " ocsp: " + (notaryById2.getOcspResponseData() != null ? notaryById2.getOcspResponseData().length : 0) + " responder: " + notaryById2.getResponderId());
                }
                notaryFactory.parseAndVerifyResponse(this.m_signature, notaryById2);
            }
        } catch (DigiDocException e4) {
            arrayList.add(e4);
        }
        return arrayList;
    }

    public ArrayList validate() {
        ArrayList arrayList = new ArrayList();
        DigiDocException digiDocException = null;
        X509Certificate respondersCertificate = getRespondersCertificate();
        if (respondersCertificate == null) {
            digiDocException = validateRespondersCertificate(respondersCertificate);
        }
        if (digiDocException != null) {
            arrayList.add(digiDocException);
        }
        if (this.m_certRefs != null) {
            ArrayList validate = this.m_certRefs.validate();
            if (!validate.isEmpty()) {
                arrayList.addAll(validate);
            }
        }
        if (this.m_revRefs != null) {
            ArrayList validate2 = this.m_revRefs.validate();
            if (!validate2.isEmpty()) {
                arrayList.addAll(validate2);
            }
        }
        return arrayList;
    }
}
