package eu.europa.esig.dss.xades.signature;

import eu.europa.esig.dss.DSSException;
import eu.europa.esig.dss.DigestAlgorithm;
import eu.europa.esig.dss.DomUtils;
import eu.europa.esig.dss.SignatureLevel;
import eu.europa.esig.dss.XAdESNamespaces;
import eu.europa.esig.dss.utils.Utils;
import eu.europa.esig.dss.validation.CertificateVerifier;
import eu.europa.esig.dss.validation.ValidationContext;
import eu.europa.esig.dss.x509.CertificateToken;
import eu.europa.esig.dss.x509.RevocationToken;
import eu.europa.esig.dss.x509.crl.CRLToken;
import eu.europa.esig.dss.x509.ocsp.OCSPToken;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.cert.ocsp.BasicOCSPResp;
import org.w3c.dom.Element;

/* loaded from: input_file:eu/europa/esig/dss/xades/signature/XAdESLevelC.class */
public class XAdESLevelC extends XAdESLevelBaselineT {
    public XAdESLevelC(CertificateVerifier certificateVerifier) {
        super(certificateVerifier);
    }

    private void incorporateCRLRefs(Element element, Set<RevocationToken> set) throws DSSException {
        if (set.isEmpty()) {
            return;
        }
        boolean z = false;
        Iterator<RevocationToken> it = set.iterator();
        while (it.hasNext()) {
            z = it.next() instanceof CRLToken;
            if (z) {
                break;
            }
        }
        if (z) {
            Element addElement = DomUtils.addElement(this.documentDom, element, XAdESNamespaces.XAdES, "xades:CRLRefs");
            Iterator<RevocationToken> it2 = set.iterator();
            while (it2.hasNext()) {
                CRLToken cRLToken = (RevocationToken) it2.next();
                if (cRLToken instanceof CRLToken) {
                    CRLToken cRLToken2 = cRLToken;
                    Element addElement2 = DomUtils.addElement(this.documentDom, addElement, XAdESNamespaces.XAdES, "xades:CRLRef");
                    Element addElement3 = DomUtils.addElement(this.documentDom, addElement2, XAdESNamespaces.XAdES, "xades:DigestAlgAndValue");
                    DigestAlgorithm digestAlgorithm = DigestAlgorithm.SHA1;
                    incorporateDigestMethod(addElement3, digestAlgorithm);
                    incorporateDigestValue(addElement3, digestAlgorithm, cRLToken);
                    Element addElement4 = DomUtils.addElement(this.documentDom, addElement2, XAdESNamespaces.XAdES, "xades:CRLIdentifier");
                    DomUtils.addTextElement(this.documentDom, addElement4, XAdESNamespaces.XAdES, "xades:Issuer", cRLToken2.getIssuerX500Principal().getName());
                    DomUtils.addTextElement(this.documentDom, addElement4, XAdESNamespaces.XAdES, "xades:IssueTime", DomUtils.createXMLGregorianCalendar(cRLToken2.getThisUpdate()).toXMLFormat());
                }
            }
        }
    }

    private void incorporateOCSPRefs(Element element, Set<RevocationToken> set) throws DSSException {
        BasicOCSPResp basicOCSPResp;
        if (set.isEmpty()) {
            return;
        }
        boolean z = false;
        Iterator<RevocationToken> it = set.iterator();
        while (it.hasNext()) {
            z = it.next() instanceof OCSPToken;
            if (z) {
                break;
            }
        }
        if (z) {
            Element addElement = DomUtils.addElement(this.documentDom, element, XAdESNamespaces.XAdES, "xades:OCSPRefs");
            Iterator<RevocationToken> it2 = set.iterator();
            while (it2.hasNext()) {
                OCSPToken oCSPToken = (RevocationToken) it2.next();
                if ((oCSPToken instanceof OCSPToken) && (basicOCSPResp = oCSPToken.getBasicOCSPResp()) != null) {
                    Element addElement2 = DomUtils.addElement(this.documentDom, addElement, XAdESNamespaces.XAdES, "xades:OCSPRef");
                    Element addElement3 = DomUtils.addElement(this.documentDom, addElement2, XAdESNamespaces.XAdES, "xades:OCSPIdentifier");
                    Element addElement4 = DomUtils.addElement(this.documentDom, addElement3, XAdESNamespaces.XAdES, "xades:ResponderID");
                    DERTaggedObject aSN1Primitive = basicOCSPResp.getResponderId().toASN1Primitive().toASN1Primitive();
                    if (2 == aSN1Primitive.getTagNo()) {
                        DomUtils.addTextElement(this.documentDom, addElement4, XAdESNamespaces.XAdES, "xades:ByKey", Utils.toBase64(aSN1Primitive.getObject().getOctets()));
                    } else {
                        DomUtils.addTextElement(this.documentDom, addElement4, XAdESNamespaces.XAdES, "xades:ByName", X500Name.getInstance(aSN1Primitive.getObject()).toString());
                    }
                    DomUtils.addTextElement(this.documentDom, addElement3, XAdESNamespaces.XAdES, "xades:ProducedAt", DomUtils.createXMLGregorianCalendar(basicOCSPResp.getProducedAt()).toXMLFormat());
                    Element addElement5 = DomUtils.addElement(this.documentDom, addElement2, XAdESNamespaces.XAdES, "xades:DigestAlgAndValue");
                    DigestAlgorithm digestAlgorithm = DigestAlgorithm.SHA1;
                    incorporateDigestMethod(addElement5, digestAlgorithm);
                    incorporateDigestValue(addElement5, digestAlgorithm, oCSPToken);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // eu.europa.esig.dss.xades.signature.XAdESLevelBaselineT
    public void extendSignatureTag() throws DSSException {
        super.extendSignatureTag();
        SignatureLevel signatureLevel = this.params.getSignatureLevel();
        if (!this.xadesSignature.hasCProfile() || SignatureLevel.XAdES_C.equals(signatureLevel) || SignatureLevel.XAdES_XL.equals(signatureLevel)) {
            ValidationContext signatureValidationContext = this.xadesSignature.getSignatureValidationContext(this.certificateVerifier);
            Element completeCertificateRefs = this.xadesSignature.getCompleteCertificateRefs();
            if (completeCertificateRefs != null) {
                this.unsignedSignaturePropertiesDom.removeChild(completeCertificateRefs);
            }
            Element addElement = DomUtils.addElement(this.documentDom, DomUtils.addElement(this.documentDom, this.unsignedSignaturePropertiesDom, XAdESNamespaces.XAdES, "xades:CompleteCertificateRefs"), XAdESNamespaces.XAdES, "xades:CertRefs");
            CertificateToken signingCertificateToken = this.xadesSignature.getSigningCertificateToken();
            Set processedCertificates = signatureValidationContext.getProcessedCertificates();
            HashSet hashSet = new HashSet();
            hashSet.addAll(processedCertificates);
            hashSet.remove(signingCertificateToken);
            incorporateCertificateRef(addElement, hashSet);
            Element completeRevocationRefs = this.xadesSignature.getCompleteRevocationRefs();
            if (completeRevocationRefs != null) {
                this.unsignedSignaturePropertiesDom.removeChild(completeRevocationRefs);
            }
            Element addElement2 = DomUtils.addElement(this.documentDom, this.unsignedSignaturePropertiesDom, XAdESNamespaces.XAdES, "xades:CompleteRevocationRefs");
            incorporateCRLRefs(addElement2, signatureValidationContext.getProcessedRevocations());
            incorporateOCSPRefs(addElement2, signatureValidationContext.getProcessedRevocations());
        }
    }
}
