package se.idsec.sigval.xml.xmlstruct;

import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.namespace.QName;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import se.idsec.sigval.commons.algorithms.DigestAlgorithmRegistry;
import se.idsec.x509cert.extensions.AuthnContext;
import se.swedenconnect.schemas.etsi.xades_1_3_2.DigestAlgAndValueType;
import se.swedenconnect.schemas.etsi.xades_1_3_2.EncapsulatedPKIDataType;
import se.swedenconnect.schemas.etsi.xades_1_3_2.JAXBContextFactory;
import se.swedenconnect.schemas.etsi.xades_1_3_2.QualifyingProperties;
import se.swedenconnect.schemas.etsi.xades_1_3_2.SignaturePolicyIdentifier;
import se.swedenconnect.schemas.etsi.xades_1_3_2.SignedSignatureProperties;
import se.swedenconnect.schemas.etsi.xades_1_3_2.SigningCertificate;
import se.swedenconnect.schemas.etsi.xades_1_3_2.SigningCertificateV2;
import se.swedenconnect.schemas.etsi.xades_1_3_2.XAdESTimeStampType;

/* loaded from: input_file:se/idsec/sigval/xml/xmlstruct/XAdESObjectParser.class */
public class XAdESObjectParser implements XMLSigConstants {
    private static final Logger log = LoggerFactory.getLogger(XAdESObjectParser.class);
    private QualifyingProperties qualifyingProperties;
    private Date claimedSigningTime;
    List<DigestAlgAndValueType> certHashList;
    SignaturePolicyIdentifier signaturePolicyIdentifier;
    List<XadesSignatureTimestampData> signatureTimeStampDataList;

    public XAdESObjectParser(Element element, SignatureData signatureData) throws XMLSecurityException, JAXBException {
        this.qualifyingProperties = null;
        NodeList elementsByTagNameNS = element.getElementsByTagNameNS(XMLSigConstants.XADES_NAMESPACE, "QualifyingProperties");
        for (int i = 0; i < elementsByTagNameNS.getLength(); i++) {
            QualifyingProperties qualifyingProperties = (QualifyingProperties) getXAdESContext().createUnmarshaller().unmarshal(elementsByTagNameNS.item(i));
            try {
            } catch (Exception e) {
                log.debug("Error when parsing Qualifying properties: {}", e.getMessage());
            }
            if (signatureData.getRefDataMap().containsKey("#" + qualifyingProperties.getSignedProperties().getId())) {
                this.qualifyingProperties = qualifyingProperties;
                break;
            }
            continue;
        }
        if (this.qualifyingProperties != null) {
            parseQualifyingProperties();
        }
    }

    public boolean isXadesVerified(X509Certificate x509Certificate) {
        if (this.certHashList == null || this.certHashList.isEmpty()) {
            return false;
        }
        for (DigestAlgAndValueType digestAlgAndValueType : this.certHashList) {
            try {
            } catch (Exception e) {
                log.debug("Error parsing XAdES cert ref digest: {}", e.getMessage());
            }
            if (Arrays.equals(DigestAlgorithmRegistry.get(digestAlgAndValueType.getDigestMethod().getAlgorithm()).getInstance().digest(x509Certificate.getEncoded()), digestAlgAndValueType.getDigestValue())) {
                return true;
            }
        }
        return false;
    }

    private void parseQualifyingProperties() {
        try {
            SignedSignatureProperties signedSignatureProperties = this.qualifyingProperties.getSignedProperties().getSignedSignatureProperties();
            XMLGregorianCalendar signingTime = signedSignatureProperties.getSigningTime();
            if (signingTime != null) {
                this.claimedSigningTime = signingTime.toGregorianCalendar().getTime();
            }
            SigningCertificateV2 signingCertificateV2 = signedSignatureProperties.getSigningCertificateV2();
            if (signingCertificateV2 != null) {
                this.certHashList = (List) signingCertificateV2.getCerts().stream().map(certIDTypeV2 -> {
                    return certIDTypeV2.getCertDigest();
                }).collect(Collectors.toList());
            } else {
                SigningCertificate signingCertificate = signedSignatureProperties.getSigningCertificate();
                if (signingCertificate != null) {
                    this.certHashList = (List) signingCertificate.getCerts().stream().map(certIDType -> {
                        return certIDType.getCertDigest();
                    }).collect(Collectors.toList());
                }
            }
            this.signaturePolicyIdentifier = signedSignatureProperties.getSignaturePolicyIdentifier();
        } catch (Exception e) {
            log.error("Error parsing XAdES signed properties content: {}", e.getMessage());
        }
        this.signatureTimeStampDataList = new ArrayList();
        try {
            Stream filter = this.qualifyingProperties.getUnsignedProperties().getUnsignedSignatureProperties().getCounterSignaturesAndSignatureTimeStampsAndCompleteCertificateRefs().stream().filter(obj -> {
                return JAXBElement.class.isInstance(obj);
            });
            Class<JAXBElement> cls = JAXBElement.class;
            Objects.requireNonNull(JAXBElement.class);
            for (XAdESTimeStampType xAdESTimeStampType : (List) filter.map(cls::cast).filter(jAXBElement -> {
                return isSignatureTimestamp(jAXBElement);
            }).map(jAXBElement2 -> {
                return (XAdESTimeStampType) jAXBElement2.getValue();
            }).collect(Collectors.toList())) {
                Optional findFirst = xAdESTimeStampType.getEncapsulatedTimeStampsAndXMLTimeStamps().stream().filter(obj2 -> {
                    return obj2 instanceof EncapsulatedPKIDataType;
                }).map(obj3 -> {
                    return (EncapsulatedPKIDataType) obj3;
                }).findFirst();
                if (findFirst.isPresent()) {
                    this.signatureTimeStampDataList.add(XadesSignatureTimestampData.builder().canonicalizationMethod(xAdESTimeStampType.getCanonicalizationMethod().getAlgorithm()).timeStampSignatureBytes(((EncapsulatedPKIDataType) findFirst.get()).getValue()).build());
                }
            }
        } catch (Exception e2) {
            log.debug("No Timestamp data was available from XAdES data");
        }
    }

    private boolean isSignatureTimestamp(JAXBElement<?> jAXBElement) {
        QName name = jAXBElement.getName();
        return name.getNamespaceURI().equals(XMLSigConstants.XADES_NAMESPACE) && name.getLocalPart().equals("SignatureTimeStamp") && jAXBElement.getDeclaredType().equals(XAdESTimeStampType.class);
    }

    private JAXBContext getXAdESContextv1() throws JAXBException {
        return JAXBContextFactory.createContext();
    }

    private JAXBContext getXAdESContext() throws JAXBException {
        return JAXBContext.newInstance("se.swedenconnect.schemas.etsi.xades_1_3_2", AuthnContext.class.getClassLoader());
    }

    public QualifyingProperties getQualifyingProperties() {
        return this.qualifyingProperties;
    }

    public Date getClaimedSigningTime() {
        return this.claimedSigningTime;
    }

    public List<DigestAlgAndValueType> getCertHashList() {
        return this.certHashList;
    }

    public SignaturePolicyIdentifier getSignaturePolicyIdentifier() {
        return this.signaturePolicyIdentifier;
    }

    public List<XadesSignatureTimestampData> getSignatureTimeStampDataList() {
        return this.signatureTimeStampDataList;
    }
}
