package eu.europa.esig.dss.tsl.validation;

import eu.europa.esig.dss.diagnostic.CertificateWrapper;
import eu.europa.esig.dss.diagnostic.DiagnosticData;
import eu.europa.esig.dss.diagnostic.SignatureWrapper;
import eu.europa.esig.dss.enumerations.Indication;
import eu.europa.esig.dss.enumerations.SubIndication;
import eu.europa.esig.dss.enumerations.TokenExtractionStrategy;
import eu.europa.esig.dss.model.DSSDocument;
import eu.europa.esig.dss.model.DSSException;
import eu.europa.esig.dss.model.x509.CertificateToken;
import eu.europa.esig.dss.policy.ValidationPolicy;
import eu.europa.esig.dss.policy.ValidationPolicyFacade;
import eu.europa.esig.dss.simplereport.SimpleReport;
import eu.europa.esig.dss.spi.DSSUtils;
import eu.europa.esig.dss.spi.x509.CertificateSource;
import eu.europa.esig.dss.spi.x509.CommonTrustedCertificateSource;
import eu.europa.esig.dss.validation.CommonCertificateVerifier;
import eu.europa.esig.dss.validation.executor.ValidationLevel;
import eu.europa.esig.dss.validation.reports.Reports;
import eu.europa.esig.dss.xades.definition.xades132.XAdES132Paths;
import eu.europa.esig.dss.xades.validation.XMLDocumentValidator;
import java.util.Date;
import java.util.List;
import java.util.Objects;
import java.util.function.Supplier;

/* loaded from: input_file:eu/europa/esig/dss/tsl/validation/TLValidatorTask.class */
public class TLValidatorTask implements Supplier<ValidationResult> {
    private final DSSDocument trustedList;
    private final CertificateSource certificateSource;

    public TLValidatorTask(DSSDocument dSSDocument, CertificateSource certificateSource) {
        Objects.requireNonNull(dSSDocument, "The document is null");
        Objects.requireNonNull(certificateSource, "The certificate source is null");
        this.trustedList = dSSDocument;
        this.certificateSource = certificateSource;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // java.util.function.Supplier
    public ValidationResult get() {
        return fillResult(validateTL());
    }

    private Reports validateTL() {
        CommonCertificateVerifier commonCertificateVerifier = new CommonCertificateVerifier(true);
        commonCertificateVerifier.setTrustedCertSources(new CertificateSource[]{buildTrustedCertificateSource(this.certificateSource)});
        XMLDocumentValidator xMLDocumentValidator = new XMLDocumentValidator(this.trustedList);
        xMLDocumentValidator.setCertificateVerifier(commonCertificateVerifier);
        xMLDocumentValidator.setTokenExtractionStrategy(TokenExtractionStrategy.EXTRACT_CERTIFICATES_ONLY);
        xMLDocumentValidator.setEnableEtsiValidationReport(false);
        xMLDocumentValidator.setValidationLevel(ValidationLevel.BASIC_SIGNATURES);
        xMLDocumentValidator.setSkipValidationContextExecution(true);
        List xAdESPathsHolder = xMLDocumentValidator.getXAdESPathsHolder();
        xAdESPathsHolder.clear();
        xAdESPathsHolder.add(new XAdES132Paths());
        return xMLDocumentValidator.validateDocument(getTrustedListValidationPolicy());
    }

    private ValidationResult fillResult(Reports reports) {
        SimpleReport simpleReport = reports.getSimpleReport();
        if (simpleReport.getSignaturesCount() != 1) {
            throw new DSSException(String.format("Number of signatures must be equal to 1 (currently : %s)", Integer.valueOf(simpleReport.getSignaturesCount())));
        }
        Indication indication = simpleReport.getIndication(simpleReport.getFirstSignatureId());
        SubIndication subIndication = simpleReport.getSubIndication(simpleReport.getFirstSignatureId());
        DiagnosticData diagnosticData = reports.getDiagnosticData();
        SignatureWrapper signatureById = diagnosticData.getSignatureById(diagnosticData.getFirstSignatureId());
        Date claimedSigningTime = signatureById.getClaimedSigningTime();
        CertificateWrapper signingCertificate = signatureById.getSigningCertificate();
        CertificateToken certificateToken = null;
        if (signingCertificate != null) {
            certificateToken = DSSUtils.loadCertificate(signingCertificate.getBinaries());
        }
        return new ValidationResult(indication, subIndication, claimedSigningTime, certificateToken, this.certificateSource);
    }

    private CommonTrustedCertificateSource buildTrustedCertificateSource(CertificateSource certificateSource) {
        CommonTrustedCertificateSource commonTrustedCertificateSource = new CommonTrustedCertificateSource();
        commonTrustedCertificateSource.importAsTrusted(certificateSource);
        return commonTrustedCertificateSource;
    }

    private ValidationPolicy getTrustedListValidationPolicy() {
        try {
            return ValidationPolicyFacade.newFacade().getTrustedListValidationPolicy();
        } catch (Exception e) {
            throw new DSSException("Unable to load the validation policy for trusted list", e);
        }
    }
}
