package eu.europa.esig.dss.tsl.service;

import eu.europa.esig.dss.FileDocument;
import eu.europa.esig.dss.tsl.TSLValidationResult;
import eu.europa.esig.dss.validation.CommonCertificateVerifier;
import eu.europa.esig.dss.validation.executor.ValidationLevel;
import eu.europa.esig.dss.validation.policy.rules.Indication;
import eu.europa.esig.dss.validation.reports.Reports;
import eu.europa.esig.dss.validation.reports.SimpleReport;
import eu.europa.esig.dss.x509.CertificateToken;
import eu.europa.esig.dss.x509.CommonTrustedCertificateSource;
import eu.europa.esig.dss.x509.KeyStoreCertificateSource;
import eu.europa.esig.dss.xades.XPathQueryHolder;
import eu.europa.esig.dss.xades.validation.XMLDocumentValidator;
import java.io.File;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.Callable;
import org.apache.commons.collections.CollectionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/tsl/service/TSLValidator.class */
public class TSLValidator implements Callable<TSLValidationResult> {
    private static final Logger logger = LoggerFactory.getLogger(TSLValidator.class);
    private File file;
    private String countryCode;
    private KeyStoreCertificateSource dssKeyStore;
    private List<CertificateToken> potentialSigners;

    public TSLValidator(File file, String str, KeyStoreCertificateSource keyStoreCertificateSource) {
        this.file = file;
        this.countryCode = str;
        this.dssKeyStore = keyStoreCertificateSource;
    }

    public TSLValidator(File file, String str, KeyStoreCertificateSource keyStoreCertificateSource, List<CertificateToken> list) {
        this.file = file;
        this.countryCode = str;
        this.dssKeyStore = keyStoreCertificateSource;
        this.potentialSigners = list;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // java.util.concurrent.Callable
    public TSLValidationResult call() throws Exception {
        CommonCertificateVerifier commonCertificateVerifier = new CommonCertificateVerifier(true);
        commonCertificateVerifier.setTrustedCertSource(buildTrustedCertificateSource(this.dssKeyStore, this.potentialSigners));
        XMLDocumentValidator xMLDocumentValidator = new XMLDocumentValidator(new FileDocument(this.file));
        xMLDocumentValidator.setCertificateVerifier(commonCertificateVerifier);
        xMLDocumentValidator.setValidationLevel(ValidationLevel.BASIC_SIGNATURES);
        List xPathQueryHolder = xMLDocumentValidator.getXPathQueryHolder();
        xPathQueryHolder.clear();
        xPathQueryHolder.add(new XPathQueryHolder());
        Reports validateDocument = xMLDocumentValidator.validateDocument(TSLValidator.class.getResourceAsStream("/tsl-constraint.xml"));
        SimpleReport simpleReport = validateDocument.getSimpleReport();
        Indication indication = simpleReport.getIndication(simpleReport.getFirstSignatureId());
        boolean equals = Indication.TOTAL_PASSED.equals(indication);
        TSLValidationResult tSLValidationResult = new TSLValidationResult();
        tSLValidationResult.setCountryCode(this.countryCode);
        tSLValidationResult.setIndication(indication);
        tSLValidationResult.setSubIndication(simpleReport.getSubIndication(simpleReport.getFirstSignatureId()));
        if (!equals) {
            logger.info("The TSL signature is not valid : \n");
            validateDocument.print();
        }
        return tSLValidationResult;
    }

    private CommonTrustedCertificateSource buildTrustedCertificateSource(KeyStoreCertificateSource keyStoreCertificateSource, List<CertificateToken> list) {
        CommonTrustedCertificateSource commonTrustedCertificateSource = new CommonTrustedCertificateSource();
        if (CollectionUtils.isNotEmpty(list)) {
            Iterator<CertificateToken> it = list.iterator();
            while (it.hasNext()) {
                commonTrustedCertificateSource.addCertificate(it.next());
            }
        }
        if (keyStoreCertificateSource != null && CollectionUtils.isNotEmpty(keyStoreCertificateSource.getCertificatesFromKeyStore())) {
            Iterator it2 = keyStoreCertificateSource.getCertificatesFromKeyStore().iterator();
            while (it2.hasNext()) {
                commonTrustedCertificateSource.addCertificate((CertificateToken) it2.next());
            }
        }
        return commonTrustedCertificateSource;
    }
}
