package eu.europa.ec.markt.dss.validation102853;

import eu.europa.ec.markt.dss.DSSUtils;
import eu.europa.ec.markt.dss.DigestAlgorithm;
import eu.europa.ec.markt.dss.OID;
import eu.europa.ec.markt.dss.SignatureAlgorithm;
import eu.europa.ec.markt.dss.applet.model.FormatType;
import eu.europa.ec.markt.dss.exception.DSSException;
import eu.europa.ec.markt.dss.exception.NotETSICompliantException;
import eu.europa.ec.markt.dss.signature.DSSDocument;
import eu.europa.ec.markt.dss.signature.InMemoryDocument;
import eu.europa.ec.markt.dss.signature.ProfileException;
import eu.europa.ec.markt.dss.validation.PolicyValue;
import eu.europa.ec.markt.dss.validation.certificate.CertificateSourceType;
import eu.europa.ec.markt.dss.validation102853.asic.ASiCXMLDocumentValidator;
import eu.europa.ec.markt.dss.validation102853.bean.SignatureCryptographicVerification;
import eu.europa.ec.markt.dss.validation102853.bean.SignatureProductionPlace;
import eu.europa.ec.markt.dss.validation102853.bean.SigningCertificate;
import eu.europa.ec.markt.dss.validation102853.cades.CMSDocumentValidator;
import eu.europa.ec.markt.dss.validation102853.condition.Condition;
import eu.europa.ec.markt.dss.validation102853.condition.PolicyIdCondition;
import eu.europa.ec.markt.dss.validation102853.condition.QcStatementCondition;
import eu.europa.ec.markt.dss.validation102853.condition.ServiceInfo;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.DiagnosticData;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.ObjectFactory;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlArchiveTimestamps;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlCertificate;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlCertificateChainType;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlChainCertificate;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlClaimedRoles;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlContentTimestamps;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlDigestAlgAndValueType;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlInfoType;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlIssuerDistinguishedName;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlMessage;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlPolicy;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlQCStatement;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlQualifiers;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlRefsOnlyTimestamps;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlRevocationType;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlSigAndRefsTimestamps;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlSignature;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlSignatureProductionPlace;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlSignedObjectsType;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlSignedSignature;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlSigningCertificateType;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlSubjectDistinguishedName;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlTimestampType;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlTimestamps;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlTrustedServiceProviderType;
import eu.europa.ec.markt.dss.validation102853.data.diagnostic.XmlUsedCertificates;
import eu.europa.ec.markt.dss.validation102853.pades.PDFDocumentValidator;
import eu.europa.ec.markt.dss.validation102853.report.SimpleReport;
import eu.europa.ec.markt.dss.validation102853.report.ValidationReport;
import eu.europa.ec.markt.dss.validation102853.toolbox.PublicKeyUtils;
import eu.europa.ec.markt.dss.validation102853.xades.XMLDocumentValidator;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.logging.Logger;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.asn1.x509.qualified.ETSIQCObjectIdentifiers;
import org.w3c.dom.Document;

/* loaded from: input_file:applet/signature-client.jar:eu/europa/ec/markt/dss/validation102853/SignedDocumentValidator.class */
public abstract class SignedDocumentValidator {
    private static final Logger LOG = Logger.getLogger(SignedDocumentValidator.class.getName());
    protected static final ObjectFactory DIAGNOSTIC_DATA_OBJECT_FACTORY = new ObjectFactory();
    protected DSSDocument document;
    protected DSSDocument externalContent;
    private CertificateVerifier certVerifier;
    protected DiagnosticData dData;
    protected SimpleReport simpleReport;
    ValidationReport detailedReport;
    private static final String MIMETYPE = "mimetype";
    private static final String PATTERN_SIGNATURES_XML = "META-INF/(.*)(?i)signature(.*).xml";
    private static final String PATTERN_SIGNATURES_P7S = "META-INF/(.*)(?i)signature(.*).p7s";
    protected CertificatePool validationCertPool = new CertificatePool();
    private int timestampIndex = 1;
    private final Condition qcp = new PolicyIdCondition(OID._0_4_0_1456_1_2.getName());
    private final Condition qcpplus = new PolicyIdCondition(OID._0_4_0_1456_1_1.getName());
    private final Condition qccompliance = new QcStatementCondition(ETSIQCObjectIdentifiers.id_etsi_qcs_QcCompliance);
    private final Condition qcsscd = new QcStatementCondition(ETSIQCObjectIdentifiers.id_etsi_qcs_QcSSCD);

    /* JADX WARN: Removed duplicated region for block: B:96:0x01a2 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static eu.europa.ec.markt.dss.validation102853.SignedDocumentValidator fromDocument(eu.europa.ec.markt.dss.signature.DSSDocument r5) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 430
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: eu.europa.ec.markt.dss.validation102853.SignedDocumentValidator.fromDocument(eu.europa.ec.markt.dss.signature.DSSDocument):eu.europa.ec.markt.dss.validation102853.SignedDocumentValidator");
    }

    private static SignedDocumentValidator getInstanceForAsics(DSSDocument dSSDocument) throws IOException {
        ZipInputStream zipInputStream = new ZipInputStream(dSSDocument.openStream());
        String str = "";
        ByteArrayOutputStream byteArrayOutputStream = null;
        ByteArrayOutputStream byteArrayOutputStream2 = null;
        boolean z = false;
        boolean z2 = false;
        while (true) {
            try {
                try {
                    ZipEntry nextEntry = zipInputStream.getNextEntry();
                    if (nextEntry == null) {
                        if (z2) {
                            return new ASiCXMLDocumentValidator(new InMemoryDocument(byteArrayOutputStream2.toByteArray()), byteArrayOutputStream.toByteArray(), str);
                        }
                        if (!z) {
                            throw new RuntimeException("Is not xades nor cades signed");
                        }
                        CMSDocumentValidator cMSDocumentValidator = new CMSDocumentValidator(new InMemoryDocument(byteArrayOutputStream2.toByteArray()));
                        cMSDocumentValidator.setExternalContent(new InMemoryDocument(byteArrayOutputStream.toByteArray()));
                        try {
                            zipInputStream.close();
                        } catch (IOException e) {
                        }
                        return cMSDocumentValidator;
                    }
                    if (nextEntry.getName().matches(PATTERN_SIGNATURES_P7S)) {
                        if (z2) {
                            throw new NotETSICompliantException(NotETSICompliantException.MSG.MORE_THAN_ONE_SIGNATURE);
                        }
                        byteArrayOutputStream2 = new ByteArrayOutputStream();
                        IOUtils.copy(zipInputStream, byteArrayOutputStream2);
                        byteArrayOutputStream2.close();
                        z = true;
                    } else if (nextEntry.getName().matches(PATTERN_SIGNATURES_XML)) {
                        if (z) {
                            throw new NotETSICompliantException(NotETSICompliantException.MSG.MORE_THAN_ONE_SIGNATURE);
                        }
                        byteArrayOutputStream2 = new ByteArrayOutputStream();
                        IOUtils.copy(zipInputStream, byteArrayOutputStream2);
                        byteArrayOutputStream2.close();
                        z2 = true;
                    } else if (nextEntry.getName().equalsIgnoreCase(MIMETYPE)) {
                        ByteArrayOutputStream byteArrayOutputStream3 = new ByteArrayOutputStream();
                        IOUtils.copy(zipInputStream, byteArrayOutputStream3);
                        byteArrayOutputStream3.close();
                    } else if (nextEntry.getName().indexOf("/") != -1) {
                        continue;
                    } else {
                        if (byteArrayOutputStream != null) {
                            throw new ProfileException("ASiC-S profile support only one data file");
                        }
                        byteArrayOutputStream = new ByteArrayOutputStream();
                        IOUtils.copy(zipInputStream, byteArrayOutputStream);
                        byteArrayOutputStream.close();
                        str = nextEntry.getName();
                    }
                } catch (Exception e2) {
                    throw new RuntimeException(e2);
                }
            } finally {
                try {
                    zipInputStream.close();
                } catch (IOException e3) {
                }
            }
        }
    }

    public DSSDocument getDocument() {
        return this.document;
    }

    public DSSDocument getExternalContent() {
        return this.externalContent;
    }

    public abstract List<AdvancedSignature> getSignatures();

    public void setCertificateVerifier(CertificateVerifier certificateVerifier) {
        this.certVerifier = certificateVerifier;
        TrustedCertificateSource trustedCertSource = certificateVerifier.getTrustedCertSource();
        if (trustedCertSource != null) {
            this.validationCertPool.merge(trustedCertSource.getCertificatePool());
        }
        CertificateSource adjunctCertSource = certificateVerifier.getAdjunctCertSource();
        if (adjunctCertSource != null) {
            this.validationCertPool.merge(adjunctCertSource.getCertificatePool());
        }
    }

    public void setExternalContent(DSSDocument dSSDocument) {
        this.externalContent = dSSDocument;
    }

    public ValidationReport validateDocument() {
        return validateDocument((InputStream) null);
    }

    public ValidationReport validateDocument(URL url) {
        if (url == null) {
            return validateDocument((InputStream) null);
        }
        try {
            return validateDocument(url.openStream());
        } catch (IOException e) {
            throw new DSSException(e);
        }
    }

    public ValidationReport validateDocument(String str) {
        return str == null ? validateDocument((InputStream) null) : validateDocument(getClass().getResourceAsStream(str));
    }

    public ValidationReport validateDocument(InputStream inputStream) {
        LOG.info("Document validation...");
        DiagnosticData generateDiagnosticData = generateDiagnosticData();
        ValidationResourceManager.saveDiagnosticData(generateDiagnosticData);
        ProcessExecutor processExecutor = getProcessExecutor(ValidationResourceManager.convert(generateDiagnosticData), ValidationResourceManager.loadPolicyData(inputStream));
        this.detailedReport = processExecutor.execute();
        this.simpleReport = processExecutor.getSimpleReport();
        return this.detailedReport;
    }

    protected ProcessExecutor getProcessExecutor(Document document, Document document2) {
        return new ProcessExecutor(document, document2);
    }

    private DiagnosticData generateDiagnosticData() {
        this.dData = DIAGNOSTIC_DATA_OBJECT_FACTORY.createDiagnosticData();
        this.dData.setDocumentName(this.document.getAbsolutePath());
        if (this instanceof XMLDocumentValidator) {
            this.dData.setSignatureFormat("XAdES");
        } else if (this instanceof PDFDocumentValidator) {
            this.dData.setSignatureFormat("PAdES");
        } else if (this instanceof CMSDocumentValidator) {
            this.dData.setSignatureFormat("CAdES");
        } else if (this instanceof ASiCXMLDocumentValidator) {
            this.dData.setSignatureFormat(FormatType.ASICS);
        }
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        for (AdvancedSignature advancedSignature : getSignatures()) {
            SignatureValidationContext signatureValidationContext = new SignatureValidationContext(advancedSignature, this.certVerifier, this.validationCertPool);
            XmlSignature validateSignature = validateSignature(advancedSignature, signatureValidationContext);
            hashSet2.addAll(signatureValidationContext.getProcessedCertificates());
            hashSet.addAll(advancedSignature.getUsedCertificatesDigestAlgorithms());
            this.dData.getSignature().add(validateSignature);
        }
        dealUsedCertificates(hashSet, hashSet2);
        return this.dData;
    }

    private XmlSignature validateSignature(AdvancedSignature advancedSignature, ValidationContext validationContext) throws DSSException {
        XmlSignature createXmlSignature = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlSignature();
        try {
            CertificateToken dealSignature = dealSignature(advancedSignature, createXmlSignature);
            validationContext.setCertificateToValidate(dealSignature);
            validationContext.validate();
            dealPolicy(advancedSignature, createXmlSignature);
            dealCertificateChain(createXmlSignature, dealSignature);
            dealTimestamps(createXmlSignature, validationContext.getTimestampTokens());
            dealContentTimestamps(advancedSignature, createXmlSignature);
            dealSigAndRefsTimestamp(createXmlSignature, validationContext.getSigAndRefsTimestamps());
            dealRefsOnlyTimestamp(createXmlSignature, validationContext.getRefsOnlyTimestamps());
            dealArchiveTimestamp(createXmlSignature, validationContext.getArchiveTimestamps());
        } catch (Exception e) {
            LOG.warning(e.toString() + "\n" + e.getStackTrace()[0].toString());
            String errorMessage = createXmlSignature.getErrorMessage();
            if (errorMessage == null || errorMessage.isEmpty()) {
                createXmlSignature.setErrorMessage(e.toString());
            } else {
                String str = errorMessage + "<br>" + e.toString();
            }
        }
        return createXmlSignature;
    }

    private void dealTimestamps(XmlSignature xmlSignature, List<TimestampToken> list) {
        if (list.isEmpty()) {
            return;
        }
        XmlTimestamps createXmlTimestamps = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlTimestamps();
        Iterator<TimestampToken> it2 = list.iterator();
        while (it2.hasNext()) {
            createXmlTimestamps.getTimestamp().add(xmlForTimestamp(it2.next(), TimestampType.SIGNATURE_TIMESTAMP));
        }
        xmlSignature.setTimestamps(createXmlTimestamps);
    }

    private void dealContentTimestamps(AdvancedSignature advancedSignature, XmlSignature xmlSignature) {
        List<TimestampToken> contentTimestamps = advancedSignature.getContentTimestamps();
        if (contentTimestamps.isEmpty()) {
            return;
        }
        XmlContentTimestamps createXmlContentTimestamps = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlContentTimestamps();
        Iterator<TimestampToken> it2 = contentTimestamps.iterator();
        while (it2.hasNext()) {
            createXmlContentTimestamps.getProductionTime().add(DSSUtils.createXMGregorianCalendar(it2.next().getGenerationTime()));
        }
        xmlSignature.setContentTimestamps(createXmlContentTimestamps);
    }

    private void dealSigAndRefsTimestamp(XmlSignature xmlSignature, List<TimestampToken> list) {
        if (list.isEmpty()) {
            return;
        }
        XmlSigAndRefsTimestamps createXmlSigAndRefsTimestamps = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlSigAndRefsTimestamps();
        Iterator<TimestampToken> it2 = list.iterator();
        while (it2.hasNext()) {
            createXmlSigAndRefsTimestamps.getTimestamp().add(xmlForTimestamp(it2.next(), TimestampType.VALIDATION_DATA_TIMESTAMP));
        }
        xmlSignature.setSigAndRefsTimestamps(createXmlSigAndRefsTimestamps);
    }

    private void dealRefsOnlyTimestamp(XmlSignature xmlSignature, List<TimestampToken> list) {
        if (list.isEmpty()) {
            return;
        }
        XmlRefsOnlyTimestamps createXmlRefsOnlyTimestamps = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlRefsOnlyTimestamps();
        Iterator<TimestampToken> it2 = list.iterator();
        while (it2.hasNext()) {
            createXmlRefsOnlyTimestamps.getTimestamp().add(xmlForTimestamp(it2.next(), TimestampType.VALIDATION_DATA_REFSONLY_TIMESTAMP));
        }
        xmlSignature.setRefsOnlyTimestamps(createXmlRefsOnlyTimestamps);
    }

    private void dealArchiveTimestamp(XmlSignature xmlSignature, List<TimestampToken> list) {
        if (list.isEmpty()) {
            return;
        }
        XmlArchiveTimestamps createXmlArchiveTimestamps = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlArchiveTimestamps();
        Iterator<TimestampToken> it2 = list.iterator();
        while (it2.hasNext()) {
            createXmlArchiveTimestamps.getTimestamp().add(xmlForTimestamp(it2.next(), TimestampType.ARCHIVE_TIMESTAMP));
        }
        xmlSignature.setArchiveTimestamps(createXmlArchiveTimestamps);
    }

    private XmlTimestampType xmlForTimestamp(TimestampToken timestampToken, TimestampType timestampType) {
        XmlTimestampType createXmlTimestampType = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlTimestampType();
        int i = this.timestampIndex;
        this.timestampIndex = i + 1;
        createXmlTimestampType.setId(i);
        createXmlTimestampType.setCategory(timestampType.name());
        createXmlTimestampType.setProductionTime(DSSUtils.createXMGregorianCalendar(timestampToken.getGenerationTime()));
        createXmlTimestampType.setAlgoUsedToSignThisToken(timestampToken.getSignatureAlgo());
        String signatureAlgoOID = timestampToken.getSignatureAlgoOID();
        if (signatureAlgoOID != null) {
            SignatureAlgorithm forOID = SignatureAlgorithm.forOID(signatureAlgoOID);
            createXmlTimestampType.setAlgoOIDUsedToSignThisToken(signatureAlgoOID);
            createXmlTimestampType.setEncryptionAlgoUsedToSignThisToken(forOID.getEncryptionAlgo().getName());
            createXmlTimestampType.setDigestAlgoUsedToSignThisToken(forOID.getDigestAlgo().getName());
        }
        createXmlTimestampType.setKeyLengthUsedToSignThisToken(getSigningKeyLength(timestampToken));
        createXmlTimestampType.setSignedDataDigestAlgo(timestampToken.getSignedDataDigestAlgo().getName());
        createXmlTimestampType.setEncodedSignedDataDigestValue(timestampToken.getEncodedSignedDataDigestValue());
        createXmlTimestampType.setReferenceDataFound(timestampToken.isSignedDataFound().booleanValue());
        createXmlTimestampType.setReferenceDataIntact(timestampToken.isSignedDataIntact().booleanValue());
        createXmlTimestampType.setSignatureIntact(timestampToken.isSignatureIntact());
        createXmlTimestampType.setSigningCertificate(xmlForSigningCertificate(timestampToken));
        CertificateToken issuerToken = timestampToken.getIssuerToken();
        if (issuerToken != null) {
            createXmlTimestampType.setCertificateChain(xmlForCertificateChain(issuerToken));
        }
        List<TimestampReference> timestampedReferences = timestampToken.getTimestampedReferences();
        if (timestampedReferences != null && !timestampedReferences.isEmpty()) {
            XmlSignedObjectsType createXmlSignedObjectsType = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlSignedObjectsType();
            List<XmlDigestAlgAndValueType> digestAlgAndValue = createXmlSignedObjectsType.getDigestAlgAndValue();
            for (TimestampReference timestampReference : timestampedReferences) {
                TimestampCategory category = timestampReference.getCategory();
                if (TimestampCategory.SIGNATURE.equals(category)) {
                    XmlSignedSignature createXmlSignedSignature = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlSignedSignature();
                    createXmlSignedSignature.setId(timestampReference.getSignatureId());
                    createXmlSignedObjectsType.setSignedSignature(createXmlSignedSignature);
                } else {
                    XmlDigestAlgAndValueType createXmlDigestAlgAndValueType = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlDigestAlgAndValueType();
                    createXmlDigestAlgAndValueType.setDigestMethod(timestampReference.getDigestAlgorithm());
                    createXmlDigestAlgAndValueType.setDigestValue(timestampReference.getDigestValue());
                    createXmlDigestAlgAndValueType.setCategory(category.name());
                    digestAlgAndValue.add(createXmlDigestAlgAndValueType);
                }
            }
            createXmlTimestampType.setSignedObjects(createXmlSignedObjectsType);
        }
        return createXmlTimestampType;
    }

    private XmlCertificateChainType xmlForCertificateChain(CertificateToken certificateToken) {
        XmlCertificateChainType createXmlCertificateChainType = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlCertificateChainType();
        List<XmlChainCertificate> chainCertificate = createXmlCertificateChainType.getChainCertificate();
        do {
            XmlChainCertificate createXmlChainCertificate = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlChainCertificate();
            createXmlChainCertificate.setId(certificateToken.getDSSId());
            List<CertificateSourceType> source = certificateToken.getSource();
            if (source.size() > 0) {
                createXmlChainCertificate.setSource(source.get(0).name());
            } else {
                createXmlChainCertificate.setSource("UNKNOWN");
            }
            chainCertificate.add(createXmlChainCertificate);
            if (certificateToken.isTrusted() || certificateToken.isSelfSigned()) {
                break;
            }
            certificateToken = certificateToken.getIssuerToken();
        } while (certificateToken != null);
        return createXmlCertificateChainType;
    }

    private void dealUsedCertificates(Set<DigestAlgorithm> set, Set<CertificateToken> set2) {
        XmlUsedCertificates createXmlUsedCertificates = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlUsedCertificates();
        this.dData.setUsedCertificates(createXmlUsedCertificates);
        for (CertificateToken certificateToken : set2) {
            XmlCertificate dealCertificateDetails = dealCertificateDetails(set, certificateToken);
            dealQCStatement(certificateToken, dealCertificateDetails);
            dealTrustedService(certificateToken, dealCertificateDetails);
            dealRevocationData(certificateToken, dealCertificateDetails);
            dealCertificateValidationInfo(certificateToken, dealCertificateDetails);
            createXmlUsedCertificates.getCertificate().add(dealCertificateDetails);
        }
    }

    private void dealQCStatement(CertificateToken certificateToken, XmlCertificate xmlCertificate) {
        if (certificateToken.isTrusted()) {
            return;
        }
        System.out.println("--> QCStatement for: " + certificateToken.getAbbreviation());
        X509Certificate certificate = certificateToken.getCertificate();
        XmlQCStatement createXmlQCStatement = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlQCStatement();
        createXmlQCStatement.setQCP(this.qcp.check(certificate));
        createXmlQCStatement.setQCPPlus(this.qcpplus.check(certificate));
        createXmlQCStatement.setQCC(this.qccompliance.check(certificate));
        createXmlQCStatement.setQCSSCD(this.qcsscd.check(certificate));
        xmlCertificate.setQCStatement(createXmlQCStatement);
    }

    private void dealCertificateValidationInfo(CertificateToken certificateToken, XmlCertificate xmlCertificate) {
        List<String> validationInfo = certificateToken.getValidationInfo();
        if (validationInfo.size() > 0) {
            XmlInfoType createXmlInfoType = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlInfoType();
            for (String str : validationInfo) {
                XmlMessage createXmlMessage = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlMessage();
                createXmlMessage.setId(0);
                createXmlMessage.setValue(str);
                createXmlInfoType.getMessage().add(createXmlMessage);
            }
            xmlCertificate.setInfo(createXmlInfoType);
        }
    }

    private XmlCertificate dealCertificateDetails(Set<DigestAlgorithm> set, CertificateToken certificateToken) {
        XmlCertificate createXmlCertificate = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlCertificate();
        createXmlCertificate.setId(certificateToken.getDSSId());
        XmlSubjectDistinguishedName createXmlSubjectDistinguishedName = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlSubjectDistinguishedName();
        createXmlSubjectDistinguishedName.setFormat("CANONICAL");
        createXmlSubjectDistinguishedName.setValue(certificateToken.getSubjectX500Principal().getName("CANONICAL"));
        createXmlCertificate.setSubjectDistinguishedName(createXmlSubjectDistinguishedName);
        XmlIssuerDistinguishedName createXmlIssuerDistinguishedName = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlIssuerDistinguishedName();
        createXmlIssuerDistinguishedName.setFormat("CANONICAL");
        createXmlIssuerDistinguishedName.setValue(certificateToken.getIssuerX500Principal().getName("CANONICAL"));
        createXmlCertificate.setIssuerDistinguishedName(createXmlIssuerDistinguishedName);
        createXmlCertificate.setSerialNumber(certificateToken.getSerialNumber());
        for (DigestAlgorithm digestAlgorithm : set) {
            XmlDigestAlgAndValueType xmlDigestAlgAndValueType = new XmlDigestAlgAndValueType();
            xmlDigestAlgAndValueType.setDigestMethod(digestAlgorithm.getName());
            xmlDigestAlgAndValueType.setDigestValue(certificateToken.getDigestValue(digestAlgorithm));
            createXmlCertificate.getDigestAlgAndValue().add(xmlDigestAlgAndValueType);
        }
        createXmlCertificate.setIssuerCertificate(Integer.valueOf(certificateToken.getIssuerTokenDSSId()));
        createXmlCertificate.setNotAfter(DSSUtils.createXMGregorianCalendar(certificateToken.getNotAfter()));
        createXmlCertificate.setNotBefore(DSSUtils.createXMGregorianCalendar(certificateToken.getNotBefore()));
        PublicKey publicKey = certificateToken.getPublicKey();
        createXmlCertificate.setPublicKeySize(PublicKeyUtils.getPublicKeySize(publicKey));
        createXmlCertificate.setPublicKeyEncryptionAlgo(PublicKeyUtils.getPublicKeyEncryptionAlgo(publicKey));
        createXmlCertificate.setAlgoUsedToSignThisToken(certificateToken.getSignatureAlgo());
        String signatureAlgoOID = certificateToken.getSignatureAlgoOID();
        createXmlCertificate.setAlgoOIDUsedToSignThisToken(signatureAlgoOID);
        SignatureAlgorithm forOID = SignatureAlgorithm.forOID(signatureAlgoOID);
        createXmlCertificate.setDigestAlgoUsedToSignThisToken(forOID.getDigestAlgo().getName());
        createXmlCertificate.setEncryptionAlgoUsedToSignThisToken(forOID.getEncryptionAlgo().getName());
        createXmlCertificate.setKeyLengthUsedToSignThisToken(getSigningKeyLength((Token) certificateToken));
        createXmlCertificate.setSelfSigned(Boolean.valueOf(certificateToken.isSelfSigned()));
        createXmlCertificate.setTrusted(Boolean.valueOf(certificateToken.isTrusted()));
        createXmlCertificate.setTokenSignatureIntact(certificateToken.isSignatureIntact());
        return createXmlCertificate;
    }

    private String getSigningKeyLength(CertificateToken certificateToken) {
        return certificateToken != null ? String.valueOf(PublicKeyUtils.getPublicKeySize(certificateToken.getPublicKey())) : "";
    }

    private String getSigningKeyLength(Token token) {
        CertificateToken issuerToken = token.getIssuerToken();
        String str = "";
        if (issuerToken != null) {
            str = String.valueOf(PublicKeyUtils.getPublicKeySize(issuerToken.getPublicKey()));
        } else if (token.isSelfSigned()) {
            str = String.valueOf(PublicKeyUtils.getPublicKeySize(((CertificateToken) token).getPublicKey()));
        }
        return str;
    }

    private void dealCertificateChain(XmlSignature xmlSignature, CertificateToken certificateToken) {
        if (certificateToken != null) {
            xmlSignature.setCertificateChain(xmlForCertificateChain(certificateToken));
        }
    }

    private void dealTrustedService(CertificateToken certificateToken, XmlCertificate xmlCertificate) {
        CertificateToken trustAnchor;
        if (certificateToken.isTrusted() || (trustAnchor = certificateToken.getTrustAnchor()) == null) {
            return;
        }
        Date notBefore = certificateToken.getNotBefore();
        XmlTrustedServiceProviderType createXmlTrustedServiceProviderType = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlTrustedServiceProviderType();
        List<ServiceInfo> associatedTSPS = trustAnchor.getAssociatedTSPS();
        if (associatedTSPS == null) {
            return;
        }
        boolean z = true;
        Iterator<ServiceInfo> it2 = associatedTSPS.iterator();
        while (true) {
            if (!it2.hasNext()) {
                break;
            }
            ServiceInfo next = it2.next();
            if (z) {
                createXmlTrustedServiceProviderType.setTSPName(next.getTspName());
                createXmlTrustedServiceProviderType.setTSPServiceName(next.getServiceName());
                createXmlTrustedServiceProviderType.setTSPServiceType(next.getType());
                createXmlTrustedServiceProviderType.setWellSigned(next.isTlWellSigned());
                z = false;
            }
            Date statusStartDate = next.getStatusStartDate();
            Date statusEndDate = next.getStatusEndDate();
            if (statusEndDate == null) {
                statusEndDate = new Date();
            }
            if (notBefore.after(statusStartDate) && notBefore.before(statusEndDate)) {
                createXmlTrustedServiceProviderType.setStatus(next.getStatus());
                createXmlTrustedServiceProviderType.setStartDate(DSSUtils.createXMGregorianCalendar(statusStartDate));
                createXmlTrustedServiceProviderType.setEndDate(DSSUtils.createXMGregorianCalendar(next.getStatusEndDate()));
                createXmlTrustedServiceProviderType.setExpiredCertsRevocationInfo(DSSUtils.createXMGregorianCalendar(next.getExpiredCertsRevocationInfo()));
                List<String> qualifiers = next.getQualifiers(certificateToken.getCertificate());
                if (!qualifiers.isEmpty()) {
                    XmlQualifiers createXmlQualifiers = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlQualifiers();
                    Iterator<String> it3 = qualifiers.iterator();
                    while (it3.hasNext()) {
                        createXmlQualifiers.getQualifier().add(it3.next());
                    }
                    createXmlTrustedServiceProviderType.setQualifiers(createXmlQualifiers);
                }
            }
        }
        xmlCertificate.setTrustedServiceProvider(createXmlTrustedServiceProviderType);
    }

    private void dealRevocationData(CertificateToken certificateToken, XmlCertificate xmlCertificate) {
        XmlRevocationType createXmlRevocationType = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlRevocationType();
        RevocationToken revocationToken = certificateToken.getRevocationToken();
        if (revocationToken != null) {
            Boolean status = revocationToken.getStatus();
            createXmlRevocationType.setStatus(status == null ? false : status.booleanValue());
            createXmlRevocationType.setDateTime(DSSUtils.createXMGregorianCalendar(revocationToken.getRevocationDate()));
            createXmlRevocationType.setReason(revocationToken.getReason());
            createXmlRevocationType.setIssuingTime(DSSUtils.createXMGregorianCalendar(revocationToken.getIssuingTime()));
            createXmlRevocationType.setNextUpdate(DSSUtils.createXMGregorianCalendar(revocationToken.getNextUpdate()));
            createXmlRevocationType.setSource(revocationToken.getClass().getSimpleName());
            createXmlRevocationType.setSourceAddress(revocationToken.getSourceURI());
            createXmlRevocationType.setSigningCertificate(xmlForSigningCertificate(revocationToken));
            String signatureAlgoOID = revocationToken.getSignatureAlgoOID();
            SignatureAlgorithm forOID = SignatureAlgorithm.forOID(signatureAlgoOID);
            createXmlRevocationType.setAlgoOIDUsedToSignThisToken(signatureAlgoOID);
            createXmlRevocationType.setAlgoUsedToSignThisToken(revocationToken.getSignatureAlgo());
            createXmlRevocationType.setEncryptionAlgoUsedToSignThisToken(forOID.getEncryptionAlgo().getName());
            createXmlRevocationType.setKeyLengthUsedToSignThisToken(getSigningKeyLength(revocationToken));
            createXmlRevocationType.setDigestAlgoUsedToSignThisToken(forOID.getDigestAlgo().getName());
            createXmlRevocationType.setReferenceDataFound(revocationToken.isSignatureIntact());
            createXmlRevocationType.setReferenceDataIntact(revocationToken.isSignatureIntact());
            createXmlRevocationType.setSignatureIntact(revocationToken.isSignatureIntact());
            List<String> validationInfo = revocationToken.getValidationInfo();
            if (validationInfo.size() > 0) {
                XmlInfoType createXmlInfoType = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlInfoType();
                for (String str : validationInfo) {
                    XmlMessage createXmlMessage = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlMessage();
                    createXmlMessage.setId(0);
                    createXmlMessage.setValue(str);
                    createXmlInfoType.getMessage().add(createXmlMessage);
                }
                createXmlRevocationType.setInfo(createXmlInfoType);
            }
            xmlCertificate.setRevocation(createXmlRevocationType);
        }
    }

    private void dealPolicy(AdvancedSignature advancedSignature, XmlSignature xmlSignature) {
        PolicyValue policyId = advancedSignature.getPolicyId();
        if (policyId != null) {
            XmlPolicy createXmlPolicy = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlPolicy();
            createXmlPolicy.setId(policyId.getSignaturePolicyId());
            createXmlPolicy.setIdentified(true);
            createXmlPolicy.setStatus(true);
            xmlSignature.setPolicy(createXmlPolicy);
        }
    }

    private CertificateToken dealSignature(AdvancedSignature advancedSignature, XmlSignature xmlSignature) {
        SigningCertificate dealSigningCertificate = dealSigningCertificate(advancedSignature, xmlSignature);
        dealSignatureCryptographicIntegrity(advancedSignature, xmlSignature);
        xmlSignature.setId(advancedSignature.getId());
        xmlSignature.setDateTime(DSSUtils.createXMGregorianCalendar(advancedSignature.getSigningTime()));
        SignatureProductionPlace signatureProductionPlace = advancedSignature.getSignatureProductionPlace();
        if (signatureProductionPlace != null) {
            XmlSignatureProductionPlace createXmlSignatureProductionPlace = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlSignatureProductionPlace();
            signatureProductionPlace.setCountryName(signatureProductionPlace.getCountryName());
            signatureProductionPlace.setStateOrProvince(signatureProductionPlace.getStateOrProvince());
            signatureProductionPlace.setPostalCode(signatureProductionPlace.getPostalCode());
            signatureProductionPlace.setCity(signatureProductionPlace.getCity());
            xmlSignature.setSignatureProductionPlace(createXmlSignatureProductionPlace);
        }
        String[] claimedSignerRoles = advancedSignature.getClaimedSignerRoles();
        if (claimedSignerRoles != null) {
            XmlClaimedRoles createXmlClaimedRoles = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlClaimedRoles();
            for (String str : claimedSignerRoles) {
                createXmlClaimedRoles.getClaimedRole().add(str);
            }
            xmlSignature.setClaimedRoles(createXmlClaimedRoles);
        }
        xmlSignature.setEncryptionAlgoUsedToSignThisToken(advancedSignature.getEncryptionAlgo().getName());
        xmlSignature.setKeyLengthUsedToSignThisToken(getSigningKeyLength(dealSigningCertificate.getCertToken()));
        xmlSignature.setDigestAlgoUsedToSignThisToken(advancedSignature.getDigestAlgo().getName());
        return dealSigningCertificate.getCertToken();
    }

    private void dealSignatureCryptographicIntegrity(AdvancedSignature advancedSignature, XmlSignature xmlSignature) {
        SignatureCryptographicVerification checkIntegrity = advancedSignature.checkIntegrity(this.externalContent);
        xmlSignature.setReferenceDataFound(checkIntegrity.isReferenceDataFound());
        xmlSignature.setReferenceDataIntact(checkIntegrity.isReferenceDataIntact());
        xmlSignature.setSignatureIntact(checkIntegrity.isSignatureIntact());
        if (checkIntegrity.getErrorMessage().isEmpty()) {
            return;
        }
        xmlSignature.setErrorMessage(checkIntegrity.getErrorMessage());
    }

    private SigningCertificate dealSigningCertificate(AdvancedSignature advancedSignature, XmlSignature xmlSignature) {
        SigningCertificate signingCertificate = advancedSignature.getSigningCertificate();
        XmlSigningCertificateType createXmlSigningCertificateType = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlSigningCertificateType();
        if (signingCertificate.getCertToken() != null) {
            createXmlSigningCertificateType.setId(signingCertificate.getCertToken().getDSSId());
        }
        createXmlSigningCertificateType.setDigestValueMatch(signingCertificate.isDigestMatch());
        createXmlSigningCertificateType.setIssuerSerialMatch(signingCertificate.isSerialNumberMatch());
        xmlSignature.setSigningCertificate(createXmlSigningCertificateType);
        return signingCertificate;
    }

    protected XmlSigningCertificateType xmlForSigningCertificate(RevocationToken revocationToken) {
        XmlSigningCertificateType createXmlSigningCertificateType = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlSigningCertificateType();
        CertificateToken issuerToken = revocationToken.getIssuerToken();
        if (issuerToken != null) {
            createXmlSigningCertificateType.setId(issuerToken.getDSSId());
        }
        createXmlSigningCertificateType.setDigestValueMatch(revocationToken.isSignatureIntact());
        createXmlSigningCertificateType.setIssuerSerialMatch(revocationToken.isSignatureIntact());
        return createXmlSigningCertificateType;
    }

    protected XmlSigningCertificateType xmlForSigningCertificate(TimestampToken timestampToken) {
        XmlSigningCertificateType createXmlSigningCertificateType = DIAGNOSTIC_DATA_OBJECT_FACTORY.createXmlSigningCertificateType();
        CertificateToken issuerToken = timestampToken.getIssuerToken();
        if (issuerToken != null) {
            createXmlSigningCertificateType.setId(issuerToken.getDSSId());
        }
        createXmlSigningCertificateType.setDigestValueMatch(timestampToken.isSignatureIntact());
        createXmlSigningCertificateType.setIssuerSerialMatch(timestampToken.isSignatureIntact());
        return createXmlSigningCertificateType;
    }

    public DiagnosticData getDiagnosticData() {
        return this.dData;
    }

    public SimpleReport getSimpleReport() {
        return this.simpleReport;
    }

    public ValidationReport getDetailedReport() {
        return this.detailedReport;
    }

    public void printReports() {
        System.out.println("----------------Diagnostic data-----------------");
        System.out.println(ValidationResourceManager.jaxbMarshalToOutputStream(getDiagnosticData()).toString());
        System.out.println("----------------Validation report---------------");
        System.out.println(getDetailedReport());
        System.out.println("----------------Simple report-------------------");
        System.out.println(getSimpleReport());
        System.out.println("------------------------------------------------");
    }
}
