package se.idsec.sigval.xml.policy.impl;

import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import se.idsec.signservice.security.sign.SignatureValidationResult;
import se.idsec.sigval.commons.data.PolicyValidationResult;
import se.idsec.sigval.svt.claims.PolicyValidationClaims;
import se.idsec.sigval.svt.claims.ValidationConclusion;
import se.idsec.sigval.xml.data.ExtendedXmlSigvalResult;
import se.idsec.sigval.xml.policy.XMLSignaturePolicyValidator;

/* loaded from: input_file:se/idsec/sigval/xml/policy/impl/AbstractBasicXMLSignaturePolicyChecks.class */
public abstract class AbstractBasicXMLSignaturePolicyChecks implements XMLSignaturePolicyValidator {
    private static final Logger log = LoggerFactory.getLogger(AbstractBasicXMLSignaturePolicyChecks.class);

    @Override // se.idsec.sigval.xml.policy.XMLSignaturePolicyValidator
    public PolicyValidationResult validatePolicy(ExtendedXmlSigvalResult extendedXmlSigvalResult) {
        PolicyValidationClaims.PolicyValidationClaimsBuilder builder = PolicyValidationClaims.builder();
        builder.pol(getValidationPolicy());
        if (!extendedXmlSigvalResult.isSuccess()) {
            log.debug("Basic signature validation failed");
            return new PolicyValidationResult(builder.res(ValidationConclusion.FAILED).msg(extendedXmlSigvalResult.getStatusMessage()).build(), SignatureValidationResult.Status.ERROR_INVALID_SIGNATURE);
        }
        List validatedCertificatePath = extendedXmlSigvalResult.getCertificateValidationResult().getValidatedCertificatePath();
        if (validatedCertificatePath != null && !validatedCertificatePath.isEmpty()) {
            return performAdditionalValidityChecks(extendedXmlSigvalResult);
        }
        log.debug("No valid certificate path was found");
        return new PolicyValidationResult(builder.res(ValidationConclusion.INDETERMINATE).msg("Document content was altered after signing").build(), SignatureValidationResult.Status.ERROR_NOT_TRUSTED);
    }

    protected abstract PolicyValidationResult performAdditionalValidityChecks(ExtendedXmlSigvalResult extendedXmlSigvalResult);

    protected abstract String getValidationPolicy();
}
