package eu.europa.esig.dss.validation.process.bbb.xcv;

import eu.europa.esig.dss.jaxb.detailedreport.XmlSubXCV;
import eu.europa.esig.dss.jaxb.detailedreport.XmlXCV;
import eu.europa.esig.dss.jaxb.diagnostic.XmlChainItem;
import eu.europa.esig.dss.utils.Utils;
import eu.europa.esig.dss.validation.policy.Context;
import eu.europa.esig.dss.validation.policy.SubContext;
import eu.europa.esig.dss.validation.policy.ValidationPolicy;
import eu.europa.esig.dss.validation.process.Chain;
import eu.europa.esig.dss.validation.process.ChainItem;
import eu.europa.esig.dss.validation.process.bbb.xcv.checks.CheckSubXCVResult;
import eu.europa.esig.dss.validation.process.bbb.xcv.checks.ProspectiveCertificateChainCheck;
import eu.europa.esig.dss.validation.process.bbb.xcv.checks.TrustedServiceStatusCheck;
import eu.europa.esig.dss.validation.process.bbb.xcv.checks.TrustedServiceTypeIdentifierCheck;
import eu.europa.esig.dss.validation.process.bbb.xcv.sub.SubX509CertificateValidation;
import eu.europa.esig.dss.validation.reports.wrapper.CertificateWrapper;
import eu.europa.esig.dss.validation.reports.wrapper.DiagnosticData;
import java.util.Date;
import java.util.Iterator;
import java.util.List;

/* loaded from: input_file:eu/europa/esig/dss/validation/process/bbb/xcv/X509CertificateValidation.class */
public class X509CertificateValidation extends Chain<XmlXCV> {
    private final DiagnosticData diagnosticData;
    private final CertificateWrapper currentCertificate;
    private final Date validationDate;
    private final Date usageTime;
    private final Context context;
    private final ValidationPolicy validationPolicy;

    public X509CertificateValidation(DiagnosticData diagnosticData, CertificateWrapper certificateWrapper, Date date, Context context, ValidationPolicy validationPolicy) {
        this(diagnosticData, certificateWrapper, date, date, context, validationPolicy);
    }

    public X509CertificateValidation(DiagnosticData diagnosticData, CertificateWrapper certificateWrapper, Date date, Date date2, Context context, ValidationPolicy validationPolicy) {
        super(new XmlXCV());
        this.diagnosticData = diagnosticData;
        this.currentCertificate = certificateWrapper;
        this.validationDate = date;
        this.usageTime = date2;
        this.context = context;
        this.validationPolicy = validationPolicy;
    }

    @Override // eu.europa.esig.dss.validation.process.Chain
    protected void initChain() {
        ChainItem<XmlXCV> prospectiveCertificateChain = prospectiveCertificateChain();
        this.firstItem = prospectiveCertificateChain;
        if (this.currentCertificate.isTrusted() || this.currentCertificate.isTrustedChain()) {
            ChainItem<XmlXCV> nextItem = prospectiveCertificateChain.setNextItem(trustedServiceWithExpectedTypeIdentifier()).setNextItem(trustedServiceWithExpectedStatus());
            this.result.getSubXCV().add(new SubX509CertificateValidation(this.currentCertificate, this.validationDate, this.context, SubContext.SIGNING_CERT, this.validationPolicy).execute());
            boolean isTrusted = this.currentCertificate.isTrusted();
            List<XmlChainItem> certificateChain = this.currentCertificate.getCertificateChain();
            if (Utils.isCollectionNotEmpty(certificateChain)) {
                for (XmlChainItem xmlChainItem : certificateChain) {
                    if (!isTrusted) {
                        CertificateWrapper usedCertificateByIdNullSafe = this.diagnosticData.getUsedCertificateByIdNullSafe(xmlChainItem.getId());
                        this.result.getSubXCV().add(new SubX509CertificateValidation(usedCertificateByIdNullSafe, this.validationDate, this.context, SubContext.CA_CERTIFICATE, this.validationPolicy).execute());
                        isTrusted = usedCertificateByIdNullSafe.isTrusted();
                    }
                }
            }
            Iterator it = this.result.getSubXCV().iterator();
            while (it.hasNext()) {
                nextItem = nextItem.setNextItem(checkSubXCVResult((XmlSubXCV) it.next()));
            }
        }
    }

    private ChainItem<XmlXCV> prospectiveCertificateChain() {
        return new ProspectiveCertificateChainCheck(this.result, this.currentCertificate, this.context, this.validationPolicy.getProspectiveCertificateChainConstraint(this.context));
    }

    private ChainItem<XmlXCV> trustedServiceWithExpectedTypeIdentifier() {
        return new TrustedServiceTypeIdentifierCheck(this.result, this.currentCertificate, this.usageTime, this.context, this.validationPolicy.getTrustedServiceTypeIdentifierConstraint(this.context));
    }

    private ChainItem<XmlXCV> trustedServiceWithExpectedStatus() {
        return new TrustedServiceStatusCheck(this.result, this.currentCertificate, this.usageTime, this.context, this.validationPolicy.getTrustedServiceStatusConstraint(this.context));
    }

    private ChainItem<XmlXCV> checkSubXCVResult(XmlSubXCV xmlSubXCV) {
        return new CheckSubXCVResult(this.result, xmlSubXCV, getFailLevelConstraint());
    }
}
