package eu.europa.esig.dss.validation.process.subprocess;

import eu.europa.esig.dss.DSSException;
import eu.europa.esig.dss.XmlDom;
import eu.europa.esig.dss.validation.policy.Constraint;
import eu.europa.esig.dss.validation.policy.ProcessParameters;
import eu.europa.esig.dss.validation.policy.RuleUtils;
import eu.europa.esig.dss.validation.policy.SignatureCryptographicConstraint;
import eu.europa.esig.dss.validation.policy.ValidationPolicy;
import eu.europa.esig.dss.validation.policy.XmlNode;
import eu.europa.esig.dss.validation.policy.rules.AttributeName;
import eu.europa.esig.dss.validation.policy.rules.ExceptionMessage;
import eu.europa.esig.dss.validation.policy.rules.Indication;
import eu.europa.esig.dss.validation.policy.rules.MessageTag;
import eu.europa.esig.dss.validation.policy.rules.NodeName;
import eu.europa.esig.dss.validation.policy.rules.NodeValue;
import eu.europa.esig.dss.validation.policy.rules.SubIndication;
import eu.europa.esig.dss.validation.process.ValidationXPathQueryHolder;
import eu.europa.esig.dss.validation.report.Conclusion;
import eu.europa.esig.dss.x509.TimestampType;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:eu/europa/esig/dss/validation/process/subprocess/SignatureAcceptanceValidation.class */
public class SignatureAcceptanceValidation {
    private ValidationPolicy constraintData;
    private Date currentTime;
    private XmlDom signatureContext;
    private XmlNode subProcessNode;

    private void prepareParameters(ProcessParameters processParameters) {
        this.constraintData = processParameters.getCurrentValidationPolicy();
        this.signatureContext = processParameters.getSignatureContext();
        this.currentTime = processParameters.getCurrentTime();
        isInitialised();
    }

    private void isInitialised() {
        if (this.constraintData == null) {
            throw new DSSException(String.format(ExceptionMessage.EXCEPTION_TCOPPNTBI, getClass().getSimpleName(), "validationPolicy"));
        }
        if (this.signatureContext == null) {
            throw new DSSException(String.format(ExceptionMessage.EXCEPTION_TCOPPNTBI, getClass().getSimpleName(), "signatureContext"));
        }
        if (this.currentTime == null) {
            throw new DSSException(String.format(ExceptionMessage.EXCEPTION_TCOPPNTBI, getClass().getSimpleName(), "currentTime"));
        }
    }

    public Conclusion run(ProcessParameters processParameters, XmlNode xmlNode) {
        if (xmlNode == null) {
            throw new DSSException(String.format(ExceptionMessage.EXCEPTION_TCOPPNTBI, getClass().getSimpleName(), "processNode"));
        }
        prepareParameters(processParameters);
        this.subProcessNode = xmlNode.addChild(NodeName.SAV);
        Conclusion process = process(processParameters);
        this.subProcessNode.addChild(process.toXmlNode());
        return process;
    }

    private Conclusion process(ProcessParameters processParameters) {
        Conclusion conclusion = new Conclusion();
        if (checkStructuralValidationConstraint(conclusion) && checkSigningTimeConstraint(conclusion) && checkContentTypeConstraint(conclusion) && checkContentHintsConstraint(conclusion) && checkContentIdentifierConstraint(conclusion) && checkCommitmentTypeIndicationConstraint(conclusion) && checkSignerLocationConstraint(conclusion) && checkContentTimeStampConstraints(conclusion) && checkClaimedRoleConstraint(conclusion)) {
            if (this.constraintData.shouldCheckIfCertifiedRoleIsPresent()) {
                XmlNode addConstraint = addConstraint(MessageTag.BBB_SAV_ICERRM);
                List<String> certifiedRoles = this.constraintData.getCertifiedRoles();
                String ruleUtils = RuleUtils.toString(certifiedRoles);
                List convertToStringList = XmlDom.convertToStringList(this.signatureContext.getElements("./CertifiedRoles/CertifiedRole", new Object[0]));
                String ruleUtils2 = RuleUtils.toString(convertToStringList);
                if (!RuleUtils.contains(certifiedRoles, (List<String>) convertToStringList)) {
                    addConstraint.addChild(NodeName.STATUS, NodeValue.KO);
                    conclusion.setIndication(Indication.INVALID, SubIndication.SIG_CONSTRAINTS_FAILURE);
                    conclusion.addError(MessageTag.BBB_SAV_ICERRM_ANS).setAttribute(AttributeName.CERTIFIED_ROLES, ruleUtils2).setAttribute(AttributeName.REQUESTED_ROLES, ruleUtils);
                    return conclusion;
                }
                addConstraint.addChild(NodeName.STATUS, NodeValue.OK);
                addConstraint.addChild(NodeName.INFO, ruleUtils2).setAttribute(AttributeName.FIELD, AttributeName.CERTIFIED_ROLES);
                addConstraint.addChild(NodeName.INFO, "WARNING: The attribute certificate is not cryptographically validated.");
            }
            if (!checkMainSignatureCryptographicConstraint(conclusion)) {
                return conclusion;
            }
            conclusion.setIndication(Indication.VALID);
            return conclusion;
        }
        return conclusion;
    }

    private XmlNode addConstraint(MessageTag messageTag) {
        XmlNode addChild = this.subProcessNode.addChild(NodeName.CONSTRAINT);
        addChild.addChild(NodeName.NAME, messageTag.getMessage()).setAttribute("NameId", messageTag.name());
        return addChild;
    }

    private boolean checkStructuralValidationConstraint(Conclusion conclusion) {
        Constraint structuralValidationConstraint = this.constraintData.getStructuralValidationConstraint();
        if (structuralValidationConstraint == null) {
            return true;
        }
        structuralValidationConstraint.create(this.subProcessNode, MessageTag.BBB_SAV_ISSV);
        structuralValidationConstraint.setValue(this.signatureContext.getBoolValue("./StructuralValidation/Valid/text()", new Object[0]));
        String value = this.signatureContext.getValue("./StructuralValidation/Message/text()", new Object[0]);
        if (StringUtils.isNotBlank(value)) {
            structuralValidationConstraint.setAttribute("Log", value);
        }
        structuralValidationConstraint.setIndications(Indication.INVALID, SubIndication.SIG_CONSTRAINTS_FAILURE, MessageTag.BBB_SAV_ISSV_ANS);
        structuralValidationConstraint.setConclusionReceiver(conclusion);
        return structuralValidationConstraint.check();
    }

    private boolean checkSigningTimeConstraint(Conclusion conclusion) {
        Constraint signingTimeConstraint = this.constraintData.getSigningTimeConstraint();
        if (signingTimeConstraint == null) {
            return true;
        }
        signingTimeConstraint.create(this.subProcessNode, MessageTag.BBB_SAV_ISQPSTP);
        signingTimeConstraint.setValue(StringUtils.isNotBlank(this.signatureContext.getValue("./DateTime/text()", new Object[0])));
        signingTimeConstraint.setIndications(Indication.INVALID, SubIndication.SIG_CONSTRAINTS_FAILURE, MessageTag.BBB_SAV_ISQPSTP_ANS);
        signingTimeConstraint.setConclusionReceiver(conclusion);
        return signingTimeConstraint.check();
    }

    private boolean checkContentTypeConstraint(Conclusion conclusion) {
        Constraint contentTypeConstraint = this.constraintData.getContentTypeConstraint();
        if (contentTypeConstraint == null) {
            return true;
        }
        contentTypeConstraint.create(this.subProcessNode, MessageTag.BBB_SAV_ISQPCTP);
        contentTypeConstraint.setValue(this.signatureContext.getValue("./ContentType/text()", new Object[0]));
        contentTypeConstraint.setIndications(Indication.INVALID, SubIndication.SIG_CONSTRAINTS_FAILURE, MessageTag.BBB_SAV_ISQPCTP_ANS);
        contentTypeConstraint.setConclusionReceiver(conclusion);
        return contentTypeConstraint.check();
    }

    private boolean checkContentHintsConstraint(Conclusion conclusion) {
        Constraint contentHintsConstraint = this.constraintData.getContentHintsConstraint();
        if (contentHintsConstraint == null) {
            return true;
        }
        contentHintsConstraint.create(this.subProcessNode, MessageTag.BBB_SAV_ISQPCHP);
        contentHintsConstraint.setValue(this.signatureContext.getValue("./ContentHints/text()", new Object[0]));
        contentHintsConstraint.setIndications(Indication.INVALID, SubIndication.SIG_CONSTRAINTS_FAILURE, MessageTag.BBB_SAV_ISQPCHP_ANS);
        contentHintsConstraint.setConclusionReceiver(conclusion);
        return contentHintsConstraint.check();
    }

    private boolean checkContentIdentifierConstraint(Conclusion conclusion) {
        Constraint contentIdentifierConstraint = this.constraintData.getContentIdentifierConstraint();
        if (contentIdentifierConstraint == null) {
            return true;
        }
        contentIdentifierConstraint.create(this.subProcessNode, MessageTag.BBB_SAV_ISQPCIP);
        contentIdentifierConstraint.setValue(this.signatureContext.getValue("./ContentIdentifier/text()", new Object[0]));
        contentIdentifierConstraint.setIndications(Indication.INVALID, SubIndication.SIG_CONSTRAINTS_FAILURE, MessageTag.BBB_SAV_ISQPCIP_ANS);
        contentIdentifierConstraint.setConclusionReceiver(conclusion);
        return contentIdentifierConstraint.check();
    }

    private boolean checkCommitmentTypeIndicationConstraint(Conclusion conclusion) {
        Constraint commitmentTypeIndicationConstraint = this.constraintData.getCommitmentTypeIndicationConstraint();
        if (commitmentTypeIndicationConstraint == null) {
            return true;
        }
        commitmentTypeIndicationConstraint.create(this.subProcessNode, MessageTag.BBB_SAV_ISQPXTIP);
        commitmentTypeIndicationConstraint.setValue(this.signatureContext.getValue("./CommitmentTypeIndication/Identifier[1]/text()", new Object[0]));
        commitmentTypeIndicationConstraint.setIndications(Indication.INVALID, SubIndication.SIG_CONSTRAINTS_FAILURE, MessageTag.BBB_SAV_ISQPXTIP_ANS);
        commitmentTypeIndicationConstraint.setConclusionReceiver(conclusion);
        return commitmentTypeIndicationConstraint.checkInList();
    }

    private boolean checkSignerLocationConstraint(Conclusion conclusion) {
        Constraint signerLocationConstraint = this.constraintData.getSignerLocationConstraint();
        if (signerLocationConstraint == null) {
            return true;
        }
        signerLocationConstraint.create(this.subProcessNode, MessageTag.BBB_SAV_ISQPSLP);
        String value = this.signatureContext.getValue("./SignatureProductionPlace/text()", new Object[0]);
        XmlDom element = this.signatureContext.getElement("./SignatureProductionPlace", new Object[0]);
        if (element != null) {
            for (XmlDom xmlDom : element.getElements("./*", new Object[0])) {
                if (!value.isEmpty()) {
                    value = value + "; ";
                }
                value = value + xmlDom.getName() + ": " + xmlDom.getText();
            }
        }
        signerLocationConstraint.setValue(value);
        signerLocationConstraint.setIndications(Indication.INVALID, SubIndication.SIG_CONSTRAINTS_FAILURE, MessageTag.BBB_SAV_ISQPSLP_ANS);
        signerLocationConstraint.setConclusionReceiver(conclusion);
        return signerLocationConstraint.check();
    }

    private boolean checkContentTimeStampConstraints(Conclusion conclusion) {
        Constraint contentTimestampPresenceConstraint = this.constraintData.getContentTimestampPresenceConstraint();
        if (contentTimestampPresenceConstraint == null) {
            return true;
        }
        contentTimestampPresenceConstraint.create(this.subProcessNode, MessageTag.BBB_SAV_ISQPCTSIP);
        long countValue = this.signatureContext.getCountValue("count(./Timestamps/Timestamp[@Type='%s'])", new Object[]{TimestampType.CONTENT_TIMESTAMP}) + this.signatureContext.getCountValue("count(./Timestamps/Timestamp[@Type='%s'])", new Object[]{TimestampType.ALL_DATA_OBJECTS_TIMESTAMP}) + this.signatureContext.getCountValue("count(./Timestamps/Timestamp[@Type='%s'])", new Object[]{TimestampType.INDIVIDUAL_DATA_OBJECTS_TIMESTAMP});
        contentTimestampPresenceConstraint.setValue(countValue <= 0 ? SubIndication.NONE : String.valueOf(countValue));
        contentTimestampPresenceConstraint.setIndications(Indication.INVALID, SubIndication.SIG_CONSTRAINTS_FAILURE, MessageTag.BBB_SAV_ISQPCTSIP_ANS);
        contentTimestampPresenceConstraint.setConclusionReceiver(conclusion);
        Constraint contentTimestampImprintFoundConstraint = this.constraintData.getContentTimestampImprintFoundConstraint();
        if (contentTimestampImprintFoundConstraint == null) {
            return contentTimestampPresenceConstraint.check();
        }
        contentTimestampImprintFoundConstraint.create(this.subProcessNode, MessageTag.ADEST_IMIDF);
        contentTimestampImprintFoundConstraint.setValue(true);
        contentTimestampImprintFoundConstraint.setIndications(Indication.INVALID, SubIndication.SIG_CONSTRAINTS_FAILURE, MessageTag.ADEST_IMIDF_ANS);
        contentTimestampImprintFoundConstraint.setConclusionReceiver(conclusion);
        Constraint contentTimestampImprintIntactConstraint = this.constraintData.getContentTimestampImprintIntactConstraint();
        if (contentTimestampImprintIntactConstraint == null) {
            return contentTimestampPresenceConstraint.check() && contentTimestampImprintFoundConstraint.check();
        }
        contentTimestampImprintIntactConstraint.create(this.subProcessNode, MessageTag.ADEST_IMIVC);
        contentTimestampImprintIntactConstraint.setValue(true);
        contentTimestampImprintIntactConstraint.setIndications(Indication.INVALID, SubIndication.SIG_CONSTRAINTS_FAILURE, MessageTag.ADEST_IMIVC_ANS);
        contentTimestampImprintIntactConstraint.setConclusionReceiver(conclusion);
        return contentTimestampPresenceConstraint.check() && contentTimestampImprintFoundConstraint.check() && contentTimestampImprintIntactConstraint.check();
    }

    private boolean checkContentTimestampImprintFoundConstraint(Conclusion conclusion) {
        Constraint contentTimestampPresenceConstraint = this.constraintData.getContentTimestampPresenceConstraint();
        if (contentTimestampPresenceConstraint == null) {
            return true;
        }
        contentTimestampPresenceConstraint.create(this.subProcessNode, MessageTag.BBB_SAV_ISQPCTSIP);
        long countValue = this.signatureContext.getCountValue("count(./Timestamps/Timestamp[@Type='%s'])", new Object[]{TimestampType.CONTENT_TIMESTAMP}) + this.signatureContext.getCountValue("count(./Timestamps/Timestamp[@Type='%s'])", new Object[]{TimestampType.ALL_DATA_OBJECTS_TIMESTAMP}) + this.signatureContext.getCountValue("count(./Timestamps/Timestamp[@Type='%s'])", new Object[]{TimestampType.INDIVIDUAL_DATA_OBJECTS_TIMESTAMP});
        contentTimestampPresenceConstraint.setValue(countValue <= 0 ? SubIndication.NONE : String.valueOf(countValue));
        contentTimestampPresenceConstraint.setIndications(Indication.INVALID, SubIndication.SIG_CONSTRAINTS_FAILURE, MessageTag.BBB_SAV_ISQPCTSIP_ANS);
        contentTimestampPresenceConstraint.setConclusionReceiver(conclusion);
        return contentTimestampPresenceConstraint.check();
    }

    private boolean checkClaimedRoleConstraint(Conclusion conclusion) {
        Constraint claimedRoleConstraint = this.constraintData.getClaimedRoleConstraint();
        if (claimedRoleConstraint == null) {
            return true;
        }
        claimedRoleConstraint.create(this.subProcessNode, MessageTag.BBB_SAV_ICRM);
        List convertToStringList = XmlDom.convertToStringList(this.signatureContext.getElements("./ClaimedRoles/ClaimedRole", new Object[0]));
        String certifiedRolesAttendance = this.constraintData.getCertifiedRolesAttendance();
        String str = null;
        Iterator it = convertToStringList.iterator();
        if (it.hasNext()) {
            str = (String) it.next();
        }
        if ("ANY".equals(certifiedRolesAttendance)) {
            claimedRoleConstraint.setExpectedValue("*");
        }
        claimedRoleConstraint.setValue(str);
        claimedRoleConstraint.setIndications(Indication.INVALID, SubIndication.SIG_CONSTRAINTS_FAILURE, MessageTag.BBB_SAV_ICRM_ANS);
        claimedRoleConstraint.setConclusionReceiver(conclusion);
        return claimedRoleConstraint.checkInList();
    }

    private boolean checkMainSignatureCryptographicConstraint(Conclusion conclusion) {
        SignatureCryptographicConstraint signatureCryptographicConstraint = this.constraintData.getSignatureCryptographicConstraint(NodeName.MAIN_SIGNATURE);
        if (signatureCryptographicConstraint == null) {
            return true;
        }
        signatureCryptographicConstraint.create(this.subProcessNode, MessageTag.ASCCM);
        signatureCryptographicConstraint.setCurrentTime(this.currentTime);
        signatureCryptographicConstraint.setEncryptionAlgorithm(this.signatureContext.getValue(ValidationXPathQueryHolder.XP_ENCRYPTION_ALGO_USED_TO_SIGN_THIS_TOKEN, new Object[0]));
        signatureCryptographicConstraint.setDigestAlgorithm(this.signatureContext.getValue(ValidationXPathQueryHolder.XP_DIGEST_ALGO_USED_TO_SIGN_THIS_TOKEN, new Object[0]));
        signatureCryptographicConstraint.setKeyLength(this.signatureContext.getValue(ValidationXPathQueryHolder.XP_KEY_LENGTH_USED_TO_SIGN_THIS_TOKEN, new Object[0]));
        signatureCryptographicConstraint.setIndications(Indication.INDETERMINATE, SubIndication.CRYPTO_CONSTRAINTS_FAILURE_NO_POE, MessageTag.EMPTY);
        signatureCryptographicConstraint.setConclusionReceiver(conclusion);
        return signatureCryptographicConstraint.check();
    }
}
