package eu.europa.esig.dss.cades.validation;

import eu.europa.esig.dss.cades.CMSUtils;
import eu.europa.esig.dss.cades.signature.CadesLevelBaselineLTATimestampExtractor;
import eu.europa.esig.dss.crl.CRLUtils;
import eu.europa.esig.dss.enumerations.ArchiveTimestampType;
import eu.europa.esig.dss.enumerations.DigestAlgorithm;
import eu.europa.esig.dss.enumerations.TimestampLocation;
import eu.europa.esig.dss.enumerations.TimestampType;
import eu.europa.esig.dss.enumerations.TimestampedObjectType;
import eu.europa.esig.dss.model.DSSDocument;
import eu.europa.esig.dss.model.DSSException;
import eu.europa.esig.dss.model.identifier.EncapsulatedRevocationTokenIdentifier;
import eu.europa.esig.dss.model.identifier.Identifier;
import eu.europa.esig.dss.model.x509.CertificateToken;
import eu.europa.esig.dss.spi.DSSASN1Utils;
import eu.europa.esig.dss.spi.DSSUtils;
import eu.europa.esig.dss.spi.OID;
import eu.europa.esig.dss.spi.x509.CertificateRef;
import eu.europa.esig.dss.spi.x509.revocation.crl.CRLRef;
import eu.europa.esig.dss.spi.x509.revocation.ocsp.OCSPRef;
import eu.europa.esig.dss.spi.x509.revocation.ocsp.OCSPResponseBinary;
import eu.europa.esig.dss.validation.CMSCRLSource;
import eu.europa.esig.dss.validation.CMSCertificateSource;
import eu.europa.esig.dss.validation.CMSOCSPSource;
import eu.europa.esig.dss.validation.ISignatureAttribute;
import eu.europa.esig.dss.validation.SignatureProperties;
import eu.europa.esig.dss.validation.timestamp.AbstractTimestampSource;
import eu.europa.esig.dss.validation.timestamp.TimestampCRLSource;
import eu.europa.esig.dss.validation.timestamp.TimestampOCSPSource;
import eu.europa.esig.dss.validation.timestamp.TimestampToken;
import eu.europa.esig.dss.validation.timestamp.TimestampedReference;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat;
import org.bouncycastle.asn1.esf.CrlListID;
import org.bouncycastle.asn1.esf.CrlOcspRef;
import org.bouncycastle.asn1.esf.CrlValidatedID;
import org.bouncycastle.asn1.esf.OcspListID;
import org.bouncycastle.asn1.esf.OcspResponsesID;
import org.bouncycastle.asn1.esf.RevocationValues;
import org.bouncycastle.asn1.ess.OtherCertID;
import org.bouncycastle.asn1.ocsp.BasicOCSPResponse;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.Certificate;
import org.bouncycastle.asn1.x509.CertificateList;
import org.bouncycastle.cert.ocsp.BasicOCSPResp;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.tsp.TimeStampToken;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/cades/validation/CAdESTimestampSource.class */
public class CAdESTimestampSource extends AbstractTimestampSource<CAdESAttribute> {
    private static final Logger LOG = LoggerFactory.getLogger(CAdESTimestampSource.class);
    protected final transient SignerInformation signerInformation;
    protected final transient CMSSignedData cmsSignedData;
    protected final transient List<DSSDocument> detachedDocuments;

    public CAdESTimestampSource(CAdESSignature cAdESSignature) {
        super(cAdESSignature);
        this.cmsSignedData = cAdESSignature.getCmsSignedData();
        this.detachedDocuments = cAdESSignature.getDetachedContents();
        this.signerInformation = cAdESSignature.getSignerInformation();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* renamed from: getTimestampDataBuilder, reason: merged with bridge method [inline-methods] */
    public CAdESTimestampDataBuilder m22getTimestampDataBuilder() {
        return new CAdESTimestampDataBuilder(this.cmsSignedData, this.signerInformation, this.detachedDocuments, new CadesLevelBaselineLTATimestampExtractor(this.cmsSignedData, this.certificateSource.getAllCertificateTokens()));
    }

    protected SignatureProperties<CAdESAttribute> getSignedSignatureProperties() {
        return CAdESSignedAttributes.build(this.signerInformation);
    }

    protected SignatureProperties<CAdESAttribute> getUnsignedSignatureProperties() {
        return CAdESUnsignedAttributes.build(this.signerInformation);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isContentTimestamp(CAdESAttribute cAdESAttribute) {
        return PKCSObjectIdentifiers.id_aa_ets_contentTimestamp.equals(cAdESAttribute.getASN1Oid());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isAllDataObjectsTimestamp(CAdESAttribute cAdESAttribute) {
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isIndividualDataObjectsTimestamp(CAdESAttribute cAdESAttribute) {
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isSignatureTimestamp(CAdESAttribute cAdESAttribute) {
        return PKCSObjectIdentifiers.id_aa_signatureTimeStampToken.equals(cAdESAttribute.getASN1Oid());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isCompleteCertificateRef(CAdESAttribute cAdESAttribute) {
        return PKCSObjectIdentifiers.id_aa_ets_certificateRefs.equals(cAdESAttribute.getASN1Oid());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isAttributeCertificateRef(CAdESAttribute cAdESAttribute) {
        return OID.attributeCertificateRefsOid.equals(cAdESAttribute.getASN1Oid());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isCompleteRevocationRef(CAdESAttribute cAdESAttribute) {
        return PKCSObjectIdentifiers.id_aa_ets_revocationRefs.equals(cAdESAttribute.getASN1Oid());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isAttributeRevocationRef(CAdESAttribute cAdESAttribute) {
        return OID.attributeRevocationRefsOid.equals(cAdESAttribute.getASN1Oid());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isRefsOnlyTimestamp(CAdESAttribute cAdESAttribute) {
        return PKCSObjectIdentifiers.id_aa_ets_certCRLTimestamp.equals(cAdESAttribute.getASN1Oid());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isSigAndRefsTimestamp(CAdESAttribute cAdESAttribute) {
        return PKCSObjectIdentifiers.id_aa_ets_escTimeStamp.equals(cAdESAttribute.getASN1Oid());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isCertificateValues(CAdESAttribute cAdESAttribute) {
        return PKCSObjectIdentifiers.id_aa_ets_certValues.equals(cAdESAttribute.getASN1Oid());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isRevocationValues(CAdESAttribute cAdESAttribute) {
        return PKCSObjectIdentifiers.id_aa_ets_revocationValues.equals(cAdESAttribute.getASN1Oid());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isAttrAuthoritiesCertValues(CAdESAttribute cAdESAttribute) {
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isAttributeRevocationValues(CAdESAttribute cAdESAttribute) {
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isArchiveTimestamp(CAdESAttribute cAdESAttribute) {
        return isArchiveTimestampV2(cAdESAttribute) || isArchiveTimestampV3(cAdESAttribute);
    }

    private boolean isArchiveTimestampV2(CAdESAttribute cAdESAttribute) {
        return OID.id_aa_ets_archiveTimestampV2.equals(cAdESAttribute.getASN1Oid());
    }

    private boolean isArchiveTimestampV3(CAdESAttribute cAdESAttribute) {
        return OID.id_aa_ets_archiveTimestampV3.equals(cAdESAttribute.getASN1Oid());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isTimeStampValidationData(CAdESAttribute cAdESAttribute) {
        return false;
    }

    protected TimestampToken makeTimestampToken(CAdESAttribute cAdESAttribute, TimestampType timestampType, List<TimestampedReference> list) {
        TimeStampToken timeStampToken = cAdESAttribute.toTimeStampToken();
        if (timeStampToken == null) {
            return null;
        }
        return new TimestampToken(timeStampToken, timestampType, list, TimestampLocation.CAdES);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<TimestampedReference> getIndividualContentTimestampedReferences(CAdESAttribute cAdESAttribute) {
        throw new DSSException("Not applicable for CAdES!");
    }

    protected List<TimestampedReference> getArchiveTimestampOtherReferences(TimestampToken timestampToken) {
        return getSignedDataReferences(timestampToken);
    }

    protected List<TimestampedReference> getSignedDataReferences(TimestampToken timestampToken) {
        if (ArchiveTimestampType.CAdES_V2.equals(timestampToken.getArchiveTimestampType()) || ArchiveTimestampType.CAdES.equals(timestampToken.getArchiveTimestampType())) {
            return getSignatureSignedDataReferences();
        }
        ArrayList arrayList = new ArrayList();
        ASN1Sequence atsHashIndex = DSSASN1Utils.getAtsHashIndex(timestampToken.getUnsignedAttributes());
        if (atsHashIndex != null) {
            DigestAlgorithm hashIndexDigestAlgorithm = getHashIndexDigestAlgorithm(atsHashIndex);
            arrayList.addAll(getSignedDataCertificateReferences(atsHashIndex, hashIndexDigestAlgorithm, timestampToken.getDSSIdAsString()));
            arrayList.addAll(getSignedDataRevocationReferences(atsHashIndex, hashIndexDigestAlgorithm, timestampToken.getDSSIdAsString()));
        }
        return arrayList;
    }

    private List<TimestampedReference> getSignedDataCertificateReferences(ASN1Sequence aSN1Sequence, DigestAlgorithm digestAlgorithm, String str) {
        ArrayList arrayList = new ArrayList();
        if (this.signatureCertificateSource instanceof CMSCertificateSource) {
            List<DEROctetString> dEROctetStrings = DSSASN1Utils.getDEROctetStrings(DSSASN1Utils.getCertificatesHashIndex(aSN1Sequence));
            for (CertificateToken certificateToken : this.signatureCertificateSource.getSignedDataCertificates()) {
                if (isDigestValuePresent(certificateToken.getDigest(digestAlgorithm), dEROctetStrings)) {
                    addReference(arrayList, certificateToken.getDSSId(), TimestampedObjectType.CERTIFICATE);
                } else {
                    LOG.warn("The certificate with id [{}] was not included to the message imprint of timestamp with id [{}] or was added to the CMS SignedData after this ArchiveTimestamp!", certificateToken.getDSSIdAsString(), str);
                }
            }
        }
        return arrayList;
    }

    private List<TimestampedReference> getSignedDataRevocationReferences(ASN1Sequence aSN1Sequence, DigestAlgorithm digestAlgorithm, String str) {
        ArrayList arrayList = new ArrayList();
        List<DEROctetString> dEROctetStrings = DSSASN1Utils.getDEROctetStrings(DSSASN1Utils.getCRLHashIndex(aSN1Sequence));
        if (this.signatureCRLSource instanceof CMSCRLSource) {
            for (EncapsulatedRevocationTokenIdentifier encapsulatedRevocationTokenIdentifier : this.signatureCRLSource.getCMSSignedDataRevocationBinaries()) {
                if (isDigestValuePresent(encapsulatedRevocationTokenIdentifier.getDigestValue(digestAlgorithm), dEROctetStrings)) {
                    addReference(arrayList, encapsulatedRevocationTokenIdentifier, TimestampedObjectType.REVOCATION);
                } else {
                    LOG.warn("The CRL Token with id [{}] was not included to the message imprint of timestamp with id [{}] or was added to the CMS SignedData after this ArchiveTimestamp!", encapsulatedRevocationTokenIdentifier.asXmlId(), str);
                }
            }
        }
        arrayList.addAll(getSignedDataOCSPReferences(dEROctetStrings, digestAlgorithm, str));
        return arrayList;
    }

    private List<TimestampedReference> getSignedDataOCSPReferences(List<DEROctetString> list, DigestAlgorithm digestAlgorithm, String str) {
        ArrayList arrayList = new ArrayList();
        if (this.signatureOCSPSource instanceof CMSOCSPSource) {
            for (OCSPResponseBinary oCSPResponseBinary : this.signatureOCSPSource.getCMSSignedDataRevocationBinaries()) {
                if (isDigestValuePresent(DSSUtils.digest(digestAlgorithm, DSSASN1Utils.getDEREncoded(new DERTaggedObject(false, 1, new OtherRevocationInfoFormat(oCSPResponseBinary.getAsn1ObjectIdentifier(), DSSASN1Utils.toASN1Primitive(oCSPResponseBinary.getBasicOCSPRespContent()))))), list)) {
                    addReference(arrayList, oCSPResponseBinary, TimestampedObjectType.REVOCATION);
                } else {
                    LOG.warn("The OCSP Token with id [{}] was not included to the message imprint of timestamp with id [{}] or was added to the CMS SignedData after this ArchiveTimestamp!", oCSPResponseBinary.asXmlId(), str);
                }
            }
        }
        return arrayList;
    }

    protected List<TimestampedReference> getSignatureSignedDataReferences() {
        ArrayList arrayList = new ArrayList();
        if (this.signatureCertificateSource instanceof CMSCertificateSource) {
            addReferences(arrayList, createReferencesForCertificates(this.signatureCertificateSource.getSignedDataCertificates()));
        }
        if (this.signatureCRLSource instanceof CMSCRLSource) {
            Iterator it = this.signatureCRLSource.getCMSSignedDataRevocationBinaries().iterator();
            while (it.hasNext()) {
                addReference(arrayList, (EncapsulatedRevocationTokenIdentifier) it.next(), TimestampedObjectType.REVOCATION);
            }
        }
        if (this.signatureOCSPSource instanceof CMSOCSPSource) {
            Iterator it2 = this.signatureOCSPSource.getCMSSignedDataRevocationBinaries().iterator();
            while (it2.hasNext()) {
                addReference(arrayList, (EncapsulatedRevocationTokenIdentifier) it2.next(), TimestampedObjectType.REVOCATION);
            }
        }
        return arrayList;
    }

    private DigestAlgorithm getHashIndexDigestAlgorithm(ASN1Sequence aSN1Sequence) {
        AlgorithmIdentifier algorithmIdentifier = DSSASN1Utils.getAlgorithmIdentifier(aSN1Sequence);
        return algorithmIdentifier != null ? DigestAlgorithm.forOID(algorithmIdentifier.getAlgorithm().getId()) : CMSUtils.DEFAULT_ARCHIVE_TIMESTAMP_HASH_ALGO;
    }

    private boolean isDigestValuePresent(byte[] bArr, List<DEROctetString> list) {
        return list.contains(new DEROctetString(bArr));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<CertificateRef> getCertificateRefs(CAdESAttribute cAdESAttribute) {
        ArrayList arrayList = new ArrayList();
        ASN1Sequence aSN1Object = cAdESAttribute.getASN1Object();
        for (int i = 0; i < aSN1Object.size(); i++) {
            arrayList.add(DSSASN1Utils.getCertificateRef(OtherCertID.getInstance(aSN1Object.getObjectAt(i))));
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<CRLRef> getCRLRefs(CAdESAttribute cAdESAttribute) {
        ArrayList arrayList = new ArrayList();
        ASN1Sequence aSN1Object = cAdESAttribute.getASN1Object();
        for (int i = 0; i < aSN1Object.size(); i++) {
            CrlListID crlids = CrlOcspRef.getInstance(aSN1Object.getObjectAt(i)).getCrlids();
            if (crlids != null) {
                for (CrlValidatedID crlValidatedID : crlids.getCrls()) {
                    arrayList.add(new CRLRef(crlValidatedID));
                }
            }
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<OCSPRef> getOCSPRefs(CAdESAttribute cAdESAttribute) {
        ArrayList arrayList = new ArrayList();
        ASN1Sequence aSN1Object = cAdESAttribute.getASN1Object();
        for (int i = 0; i < aSN1Object.size(); i++) {
            OcspListID ocspids = CrlOcspRef.getInstance(aSN1Object.getObjectAt(i)).getOcspids();
            if (ocspids != null) {
                for (OcspResponsesID ocspResponsesID : ocspids.getOcspResponses()) {
                    arrayList.add(new OCSPRef(ocspResponsesID));
                }
            }
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<Identifier> getEncapsulatedCertificateIdentifiers(CAdESAttribute cAdESAttribute) {
        ArrayList arrayList = new ArrayList();
        ASN1Sequence aSN1Object = cAdESAttribute.getASN1Object();
        for (int i = 0; i < aSN1Object.size(); i++) {
            try {
                arrayList.add(DSSUtils.loadCertificate(Certificate.getInstance(aSN1Object.getObjectAt(i)).getEncoded()).getDSSId());
            } catch (Exception e) {
                if (LOG.isDebugEnabled()) {
                    LOG.warn("Unable to parse an encapsulated certificate : {}", e.getMessage(), e);
                } else {
                    LOG.warn("Unable to parse an encapsulated certificate : {}", e.getMessage());
                }
            }
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<Identifier> getEncapsulatedCRLIdentifiers(CAdESAttribute cAdESAttribute) {
        ArrayList arrayList = new ArrayList();
        RevocationValues revocationValues = DSSASN1Utils.getRevocationValues(cAdESAttribute.getASN1Object());
        if (revocationValues != null) {
            for (CertificateList certificateList : revocationValues.getCrlVals()) {
                try {
                    arrayList.add(CRLUtils.buildCRLBinary(certificateList.getEncoded()));
                } catch (Exception e) {
                    if (LOG.isDebugEnabled()) {
                        LOG.warn("Unable to parse CRL binaries : {}", e.getMessage(), e);
                    } else {
                        LOG.warn("Unable to parse CRL binaries : {}", e.getMessage());
                    }
                }
            }
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<Identifier> getEncapsulatedOCSPIdentifiers(CAdESAttribute cAdESAttribute) {
        ArrayList arrayList = new ArrayList();
        RevocationValues revocationValues = DSSASN1Utils.getRevocationValues(cAdESAttribute.getASN1Object());
        if (revocationValues != null) {
            for (BasicOCSPResponse basicOCSPResponse : revocationValues.getOcspVals()) {
                try {
                    arrayList.add(OCSPResponseBinary.build(new BasicOCSPResp(basicOCSPResponse)));
                } catch (Exception e) {
                    if (LOG.isDebugEnabled()) {
                        LOG.warn("Unable to parse OCSP response binaries : {}", e.getMessage(), e);
                    } else {
                        LOG.warn("Unable to parse OCSP response binaries : {}", e.getMessage());
                    }
                }
            }
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ArchiveTimestampType getArchiveTimestampType(CAdESAttribute cAdESAttribute) {
        return OID.id_aa_ets_archiveTimestampV2.equals(cAdESAttribute.getASN1Oid()) ? ArchiveTimestampType.CAdES_V2 : OID.id_aa_ets_archiveTimestampV3.equals(cAdESAttribute.getASN1Oid()) ? ArchiveTimestampType.CAdES_V3 : ArchiveTimestampType.CAdES;
    }

    protected void addEncapsulatedValuesFromTimestamp(List<TimestampedReference> list, TimestampToken timestampToken) {
        super.addEncapsulatedValuesFromTimestamp(list, timestampToken);
        TimestampCRLSource cRLSource = timestampToken.getCRLSource();
        Iterator it = cRLSource.getAllRevocationBinaries().iterator();
        while (it.hasNext()) {
            addReference(list, (EncapsulatedRevocationTokenIdentifier) it.next(), TimestampedObjectType.REVOCATION);
        }
        Iterator it2 = cRLSource.getAllReferencedRevocationBinaries().iterator();
        while (it2.hasNext()) {
            addReference(list, (EncapsulatedRevocationTokenIdentifier) it2.next(), TimestampedObjectType.REVOCATION);
        }
        TimestampOCSPSource oCSPSource = timestampToken.getOCSPSource();
        Iterator it3 = oCSPSource.getAllReferencedRevocationBinaries().iterator();
        while (it3.hasNext()) {
            addReference(list, (EncapsulatedRevocationTokenIdentifier) it3.next(), TimestampedObjectType.REVOCATION);
        }
        Iterator it4 = oCSPSource.getAllReferencedRevocationBinaries().iterator();
        while (it4.hasNext()) {
            addReference(list, (EncapsulatedRevocationTokenIdentifier) it4.next(), TimestampedObjectType.REVOCATION);
        }
    }

    protected /* bridge */ /* synthetic */ TimestampToken makeTimestampToken(ISignatureAttribute iSignatureAttribute, TimestampType timestampType, List list) {
        return makeTimestampToken((CAdESAttribute) iSignatureAttribute, timestampType, (List<TimestampedReference>) list);
    }
}
