package eu.europa.esig.dss.validation.process.ltv;

import eu.europa.esig.dss.DSSException;
import eu.europa.esig.dss.DSSUtils;
import eu.europa.esig.dss.XmlDom;
import eu.europa.esig.dss.validation.policy.ProcessParameters;
import eu.europa.esig.dss.validation.policy.XmlNode;
import eu.europa.esig.dss.validation.policy.rules.AttributeValue;
import eu.europa.esig.dss.validation.policy.rules.ExceptionMessage;
import eu.europa.esig.dss.validation.policy.rules.Indication;
import eu.europa.esig.dss.validation.policy.rules.MessageTag;
import eu.europa.esig.dss.validation.policy.rules.NodeName;
import eu.europa.esig.dss.validation.policy.rules.NodeValue;
import eu.europa.esig.dss.validation.policy.rules.SubIndication;
import eu.europa.esig.dss.validation.process.ValidationXPathQueryHolder;
import eu.europa.esig.dss.validation.process.dss.ForLegalPerson;
import eu.europa.esig.dss.validation.process.dss.QualifiedCertificate;
import eu.europa.esig.dss.validation.process.dss.SSCD;
import eu.europa.esig.dss.validation.process.subprocess.X509CertificateValidation;
import eu.europa.esig.dss.validation.report.Conclusion;
import java.util.Date;
import java.util.Iterator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/validation/process/ltv/PastCertificateValidation.class */
public class PastCertificateValidation extends X509CertificateValidation {
    private static final Logger LOG = LoggerFactory.getLogger(PastCertificateValidation.class);
    private String contextName;

    private void prepareParameters(ProcessParameters processParameters) {
        this.constraintData = processParameters.getCurrentValidationPolicy();
        isInitialised();
    }

    private void isInitialised() {
        if (this.constraintData == null) {
            throw new DSSException(String.format(ExceptionMessage.EXCEPTION_TCOPPNTBI, getClass().getSimpleName(), "validationPolicy"));
        }
    }

    public PastCertificateValidationConclusion run(ProcessParameters processParameters, XmlDom xmlDom, String str) {
        this.contextName = str;
        prepareParameters(processParameters);
        LOG.debug(getClass().getSimpleName() + ": start.");
        this.validationDataXmlNode = new XmlNode(NodeName.PAST_CERT_VALIDATION_DATA);
        this.validationDataXmlNode.setNameSpace("http://dss.esig.europa.eu/validation/diagnostic");
        this.contextElement = xmlDom;
        PastCertificateValidationConclusion process = process(processParameters);
        process.setValidationData(this.validationDataXmlNode);
        return process;
    }

    private PastCertificateValidationConclusion process(ProcessParameters processParameters) {
        PastCertificateValidationConclusion pastCertificateValidationConclusion = new PastCertificateValidationConclusion();
        XmlDom element = this.contextElement.getElement("./CertificateChain", new Object[0]);
        String value = element.getValue("./ChainCertificate[1]/@Id", new Object[0]);
        this.validationDataXmlNode.setAttribute(AttributeValue.CERTIFICATE_ID, value);
        if (!checkProspectiveCertificateChainConstraint(pastCertificateValidationConclusion, Boolean.valueOf(isTrustedProspectiveCertificateChain(processParameters)).booleanValue())) {
            return pastCertificateValidationConclusion;
        }
        XmlNode addConstraint = addConstraint(MessageTag.BBB_XCV_CCCBB);
        XmlDom certificate = processParameters.getCertificate(element.getValue("./ChainCertificate[last()]/@Id", new Object[0]));
        boolean z = false;
        if (certificate != null) {
            z = certificate.getBoolValue("./Trusted/text()", new Object[0]);
        }
        if (!z) {
            addConstraint.addChild(NodeName.STATUS, NodeValue.KO);
            pastCertificateValidationConclusion.setIndication(Indication.INDETERMINATE, SubIndication.NO_CERTIFICATE_CHAIN_FOUND);
            pastCertificateValidationConclusion.addInfo(MessageTag.PCV_TINTA_ANS).addTo(addConstraint);
            return pastCertificateValidationConclusion;
        }
        Date date = null;
        Date date2 = null;
        Iterator it = element.getElements("./ChainCertificate", new Object[0]).iterator();
        while (it.hasNext()) {
            String value2 = ((XmlDom) it.next()).getValue("./@Id", new Object[0]);
            XmlDom certificate2 = processParameters.getCertificate(value2);
            boolean boolValue = certificate2.getBoolValue("./Trusted/text()", new Object[0]);
            Date timeValue = certificate2.getTimeValue("./NotBefore/text()", new Object[0]);
            Date timeValue2 = certificate2.getTimeValue("./NotAfter/text()", new Object[0]);
            if (date2 == null) {
                date2 = timeValue2;
            } else if (date2.after(timeValue2)) {
                date2 = timeValue2;
            }
            if (date == null) {
                date = timeValue;
            } else if (date.before(timeValue)) {
                date = timeValue;
            }
            if (date2.before(date)) {
                addConstraint.addChild(NodeName.STATUS, NodeValue.KO);
                pastCertificateValidationConclusion.setIndication(Indication.INDETERMINATE, SubIndication.NO_CERTIFICATE_CHAIN_FOUND);
                Conclusion.Info addInfo = pastCertificateValidationConclusion.addInfo(MessageTag.XCV_IFCCIIPC_ANS, timeValue2.toString(), timeValue2.toString(), value2);
                addInfo.setAttribute(AttributeValue.CERTIFICATE_ID, value2);
                addInfo.addTo(addConstraint);
                return pastCertificateValidationConclusion;
            }
            if (!boolValue && !certificate2.getBoolValue(ValidationXPathQueryHolder.XP_SIGNATURE_VALID, new Object[0])) {
                addConstraint.addChild(NodeName.STATUS, NodeValue.KO);
                pastCertificateValidationConclusion.setIndication(Indication.INDETERMINATE, SubIndication.NO_CERTIFICATE_CHAIN_FOUND);
                Conclusion.Info addInfo2 = pastCertificateValidationConclusion.addInfo(MessageTag.BBB_XCV_ICSI_ANS);
                addInfo2.setAttribute(AttributeValue.CERTIFICATE_ID, value2);
                addInfo2.addTo(addConstraint);
                return pastCertificateValidationConclusion;
            }
        }
        addConstraint.addChild(NodeName.STATUS, NodeValue.OK);
        ControlTimeSlidingConclusion run = new ControlTimeSliding().run(processParameters, element);
        this.validationDataXmlNode.addChild(run.getValidationData());
        XmlNode addConstraint2 = addConstraint(MessageTag.PCV_ICTSC);
        String indication = run.getIndication();
        if (!Indication.VALID.equals(indication)) {
            addConstraint2.addChild(NodeName.STATUS, NodeValue.KO);
            pastCertificateValidationConclusion.setIndication(indication, run.getSubIndication());
            pastCertificateValidationConclusion.addInfo(MessageTag.PCV_ICTSC_ANS);
            return pastCertificateValidationConclusion;
        }
        addConstraint2.addChild(NodeName.STATUS, NodeValue.OK);
        Date controlTime = run.getControlTime();
        String formatDate = DSSUtils.formatDate(controlTime);
        addConstraint2.addChild(NodeName.INFO).setAttribute(AttributeValue.CONTROL_TIME, formatDate);
        if (NodeName.MAIN_SIGNATURE.equals(this.contextName)) {
            XmlDom certificate3 = processParameters.getCertificate(value);
            if (!checkSigningCertificateQualificationConstraint(pastCertificateValidationConclusion, new QualifiedCertificate(this.constraintData).run(certificate3))) {
                return pastCertificateValidationConclusion;
            }
            if (!checkSigningCertificateSupportedBySSCDConstraint(pastCertificateValidationConclusion, Boolean.valueOf(new SSCD(this.constraintData).run(certificate3)).booleanValue())) {
                return pastCertificateValidationConclusion;
            }
            if (!checkSigningCertificateIssuedToLegalPersonConstraint(pastCertificateValidationConclusion, new ForLegalPerson(this.constraintData).run(certificate3).booleanValue())) {
                return pastCertificateValidationConclusion;
            }
        }
        pastCertificateValidationConclusion.setIndication(Indication.VALID);
        pastCertificateValidationConclusion.addInfo().setAttribute(AttributeValue.CONTROL_TIME, formatDate);
        pastCertificateValidationConclusion.setControlTime(controlTime);
        return pastCertificateValidationConclusion;
    }

    private XmlNode addConstraint(MessageTag messageTag) {
        XmlNode addChild = this.validationDataXmlNode.addChild(NodeName.CONSTRAINT);
        addChild.addChild(NodeName.NAME, messageTag.getMessage()).setAttribute("NameId", messageTag.name());
        return addChild;
    }
}
