package de.bos_bremen.vii.doctype;

import de.bos_bremen.algorithm_catalog.AlgorithmCatalog;
import de.bos_bremen.algorithm_catalog.Usage;
import de.bos_bremen.algorithm_identifier.DigestAlgorithm;
import de.bos_bremen.algorithm_identifier.PaddingAlgorithm;
import de.bos_bremen.algorithm_identifier.SignatureAlgorithm;
import de.bos_bremen.algorithm_identifier.gen.SignatureAlgorithmBase;
import de.bos_bremen.ci.QLevel;
import de.bos_bremen.ci.asn1.ANY;
import de.bos_bremen.ci.asn1.AlgorithmIdentifier;
import de.bos_bremen.ci.asn1.DumpWriter;
import de.bos_bremen.ci.asn1.x509.FlatCertificate;
import de.bos_bremen.ci.asn1.x509.Name;
import de.bos_bremen.commons.base64.Base64;
import de.bos_bremen.vii.algo.impl.AlgorithmCatalogFacade;
import de.bos_bremen.vii.common.Signal;
import de.bos_bremen.vii.common.SignalReason;
import de.bos_bremen.vii.common.SignalReasons;
import de.bos_bremen.vii.doctype.VIICertEntry;
import java.io.IOException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.SortedSet;

/* loaded from: input_file:de/bos_bremen/vii/doctype/VIISignatureEntry.class */
public class VIISignatureEntry extends VIIHashableEntry implements VIIValidationTimeProvider {
    public static final String COUNTRY_DE = "DE";
    private static final String INTEGRITY = "integrity";
    private static final String INTEGRITY_REASON = "integrityReason";
    private static final String SIGNATURE_ALGORITHM = "signatureAlgorithm";
    private static final String SIGNING_TIME = "signingTime";
    private static final String AUTHOR_ENTRY = "authorEntry";
    private static final String ATT_CERT_ENTRY = "attCertEntry";
    private static final String TIMESTAMP_CONTENT = "timestampContent";
    private static final String TIMESTAMP_SIGNATURE = "timestampSignature";
    private static final String SIGNATURE_VALUE = "signatureValue";
    private DigestAlgorithm digestAlgo;

    public VIISignatureEntry(ANY any) {
        super(VIIHashableEntry.CONTSIGN, any);
        setIntegrity(Signal.YELLOW);
        put(ATT_CERT_ENTRY, new ArrayList());
    }

    public VIISignatureEntry(String str, ANY any) {
        super(str, any);
        setIntegrity(Signal.YELLOW);
        put(ATT_CERT_ENTRY, new ArrayList());
    }

    public VIISignatureEntry() {
        this(null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // de.bos_bremen.vii.doctype.VIIEntry
    public void dumpAttributes(DumpWriter dumpWriter) throws IOException {
        super.dumpAttributes(dumpWriter);
        dumpWriter.newLine();
        dumpWriter.write("integrity: ");
        dumpWriter.write(getIntegrity().toString());
        VIICertEntry author = getAuthor();
        if (author != null) {
            dumpWriter.newLine();
            author.dump(dumpWriter);
        }
        for (VIIAttributeCertEntry vIIAttributeCertEntry : getAttCerts()) {
            dumpWriter.newLine();
            vIIAttributeCertEntry.dump(dumpWriter);
        }
        if (getSigningTime() != null) {
            dumpWriter.newLine();
            dumpWriter.write("signing time: ");
            dumpWriter.write(new SimpleDateFormat("dd.MM.yyyy HH:mm:ss").format(getSigningTime()));
        }
        if (getSignatureValue() != null) {
            dumpWriter.newLine();
            dumpWriter.write("signature value: ");
            dumpWriter.write(Base64.toBase64String(getSignatureValue()));
        }
        if (getSignatureTimestamp() != null) {
            dumpWriter.newLine();
            dumpWriter.write("signature timestamp: ");
            getSignatureTimestamp().dump(dumpWriter);
        }
        if (getContentTimestamp() != null) {
            dumpWriter.newLine();
            dumpWriter.write("content timestamp: ");
            getContentTimestamp().dump(dumpWriter);
        }
        dumpWriter.newLine();
        dumpWriter.write("hash alg: ");
        DigestAlgorithm digestAlgorithm = getDigestAlgorithm();
        dumpWriter.write(digestAlgorithm != null ? digestAlgorithm.getName() : "null");
        dumpWriter.newLine();
        dumpWriter.write("hashAlgAtSigningTimevalid: ");
        SignalReason validityForHashAlgAtSigningTimeReason = getValidityForHashAlgAtSigningTimeReason();
        dumpWriter.write(validityForHashAlgAtSigningTimeReason != null ? validityForHashAlgAtSigningTimeReason.getSignal().toString() : "????????????????????");
        dumpWriter.newLine();
        dumpWriter.write("hashAlgAtVerifyTimevalid: ");
        SignalReason validityForHashAlgAtVerifyTimeReason = getValidityForHashAlgAtVerifyTimeReason();
        dumpWriter.write(validityForHashAlgAtVerifyTimeReason != null ? validityForHashAlgAtVerifyTimeReason.getSignal().toString() : "????????????????????");
        dumpWriter.newLine();
        dumpWriter.write("sig alg: ");
        SignatureAlgorithm signatureAlgorithm = getSignatureAlgorithm();
        dumpWriter.write(signatureAlgorithm != null ? signatureAlgorithm.getName() : "null");
        dumpWriter.newLine();
        dumpWriter.write("cipher alg: ");
        SignatureAlgorithmBase cipherAlgorithm = getCipherAlgorithm();
        dumpWriter.write(cipherAlgorithm != null ? cipherAlgorithm.name() : "null");
        dumpWriter.newLine();
        dumpWriter.write("ciphAlgAtSigningTimevalid: ");
        SignalReason validityForSignatureAlgAtSigningTimeReason = getValidityForSignatureAlgAtSigningTimeReason();
        dumpWriter.write(validityForSignatureAlgAtSigningTimeReason != null ? validityForSignatureAlgAtSigningTimeReason.getSignal().toString() : "????????????????????");
        dumpWriter.newLine();
        dumpWriter.write("ciphAlgAtVerifyTimevalid: ");
        SignalReason validityForSignatureAlgAtVerifyTimeReason = getValidityForSignatureAlgAtVerifyTimeReason();
        dumpWriter.write(validityForSignatureAlgAtVerifyTimeReason != null ? validityForSignatureAlgAtVerifyTimeReason.getSignal().toString() : "????????????????????");
        dumpWriter.newLine();
        dumpWriter.write("padding alg: ");
        PaddingAlgorithm paddingAlgorithm = getPaddingAlgorithm();
        dumpWriter.write(paddingAlgorithm != null ? paddingAlgorithm.getName() : "null");
        dumpWriter.newLine();
        dumpWriter.write("padAlgAtSigningTimevalid: ");
        SignalReason validityForPaddingAlgAtSigningTimeReason = getValidityForPaddingAlgAtSigningTimeReason();
        dumpWriter.write(validityForPaddingAlgAtSigningTimeReason != null ? validityForPaddingAlgAtSigningTimeReason.getSignal().toString() : "????????????????????");
        dumpWriter.newLine();
        dumpWriter.write("padAlgAtVerifyTimevalid: ");
        SignalReason validityForPaddingAlgAtVerifyTimeReason = getValidityForPaddingAlgAtVerifyTimeReason();
        dumpWriter.write(validityForPaddingAlgAtVerifyTimeReason != null ? validityForPaddingAlgAtVerifyTimeReason.getSignal().toString() : "????????????????????");
    }

    public Signal getIntegrity() {
        Signal signal = (Signal) get(INTEGRITY);
        if (signal == null) {
            signal = Signal.RED;
        }
        return signal;
    }

    public final void setIntegrity(Signal signal) {
        put(INTEGRITY, signal);
    }

    public SignalReason getIntegrityReason() {
        return (SignalReason) get(INTEGRITY_REASON);
    }

    public void setIntegrityReason(SignalReason signalReason) {
        put(INTEGRITY_REASON, signalReason);
    }

    public VIICertEntry getAuthor() {
        return (VIICertEntry) get(AUTHOR_ENTRY);
    }

    public void setAuthor(VIICertEntry vIICertEntry) {
        put(AUTHOR_ENTRY, vIICertEntry);
    }

    public List<VIIAttributeCertEntry> getAttCerts() {
        return (List) get(ATT_CERT_ENTRY);
    }

    public void addAttCert(VIIAttributeCertEntry vIIAttributeCertEntry) {
        getAttCerts().add(vIIAttributeCertEntry);
    }

    public SignatureAlgorithmBase getCipherAlgorithm() {
        SignatureAlgorithm signatureAlgorithm = getSignatureAlgorithm();
        if (signatureAlgorithm != null) {
            return signatureAlgorithm.getBaseAlgorithm();
        }
        return null;
    }

    public PaddingAlgorithm getPaddingAlgorithm() {
        SignatureAlgorithm signatureAlgorithm = getSignatureAlgorithm();
        if (signatureAlgorithm != null) {
            return signatureAlgorithm.getPaddingAlgorithm();
        }
        return null;
    }

    public void setDigestAlgorithm(DigestAlgorithm digestAlgorithm) {
        this.digestAlgo = digestAlgorithm;
    }

    public DigestAlgorithm getDigestAlgorithm() {
        SignatureAlgorithm signatureAlgorithm = getSignatureAlgorithm();
        DigestAlgorithm digestAlgorithm = signatureAlgorithm != null ? signatureAlgorithm.getDigestAlgorithm() : null;
        return this.digestAlgo == null ? digestAlgorithm : getWeakerDigestAlgorithm(digestAlgorithm, this.digestAlgo);
    }

    private DigestAlgorithm getWeakerDigestAlgorithm(DigestAlgorithm digestAlgorithm, DigestAlgorithm digestAlgorithm2) {
        if (digestAlgorithm == null) {
            return digestAlgorithm2;
        }
        if (digestAlgorithm2 != null && AlgorithmCatalog.getExpirationDate(digestAlgorithm, Usage.SIGN_DATA).compareTo(AlgorithmCatalog.getExpirationDate(digestAlgorithm2, Usage.SIGN_DATA)) >= 0) {
            return digestAlgorithm2;
        }
        return digestAlgorithm;
    }

    public SignatureAlgorithm getSignatureAlgorithm() {
        return (SignatureAlgorithm) get(SIGNATURE_ALGORITHM);
    }

    public void setSignatureAlgorithm(AlgorithmIdentifier algorithmIdentifier) {
        setSignatureAlgorithm(AlgorithmCatalogFacade.getSignatureAlgorithm(algorithmIdentifier));
    }

    public void setSignatureAlgorithm(SignatureAlgorithm signatureAlgorithm) {
        put(SIGNATURE_ALGORITHM, signatureAlgorithm);
    }

    public Date getSigningTime() {
        return (Date) get(SIGNING_TIME);
    }

    public void setSigningTime(Date date) {
        put(SIGNING_TIME, date);
    }

    public byte[] getSignatureValue() {
        return (byte[]) get(SIGNATURE_VALUE);
    }

    public void setSignatureValue(byte[] bArr) {
        put(SIGNATURE_VALUE, bArr);
    }

    @Override // de.bos_bremen.vii.doctype.VIIHashableEntry
    public QLevel getQuality() {
        VIICertEntry author = getAuthor();
        return author == null ? QLevel.UNKNOWN : author.getQuality();
    }

    public VIITimestampSignatureEntry getContentTimestamp() {
        return (VIITimestampSignatureEntry) get(TIMESTAMP_CONTENT);
    }

    public void setContentTimestamp(VIITimestampSignatureEntry vIITimestampSignatureEntry) {
        if (vIITimestampSignatureEntry != null) {
            put(TIMESTAMP_CONTENT, vIITimestampSignatureEntry);
            vIITimestampSignatureEntry.setParent(this);
        }
    }

    public VIITimestampSignatureEntry getSignatureTimestamp() {
        return (VIITimestampSignatureEntry) get(TIMESTAMP_SIGNATURE);
    }

    public void setSignatureTimestamp(VIITimestampSignatureEntry vIITimestampSignatureEntry) {
        if (vIITimestampSignatureEntry != null) {
            put(TIMESTAMP_SIGNATURE, vIITimestampSignatureEntry);
            vIITimestampSignatureEntry.setParent(this);
        }
    }

    public boolean isLTVDenied() {
        return "DE".equals(getCountry());
    }

    public boolean isLTVRequired() {
        if (getCumulated() == Signal.GREEN || getCumulated() == Signal.RED || isLTVDenied()) {
            return false;
        }
        boolean z = false;
        VIITimestampSignatureEntry signatureTimestamp = getSignatureTimestamp();
        if (signatureTimestamp != null) {
            Date signingTime = getSigningTime();
            Date generationTime = signatureTimestamp.getGenerationTime();
            if (signingTime != null && signingTime.after(generationTime)) {
                z = true;
            }
        }
        SortedSet<SignalReason> cumulatedReasons = getCumulatedReasons();
        return ((cumulatedReasons.contains(SignalReasons.IDrev_yellow) || cumulatedReasons.contains(SignalReasons.IDtrust_yellow) || cumulatedReasons.contains(SignalReasons.IDrev_red) || cumulatedReasons.contains(SignalReasons.IDtrust_red) || z) && !cumulatedReasons.contains(SignalReasons.STyellow)) & checkRootOnlineLocalMatch();
    }

    private boolean checkRootOnlineLocalMatch() {
        VIICertEntry vIICertEntry;
        List<FlatCertificate> certificateChain;
        FlatCertificate mo38getCertificate;
        VIICertEntry author = getAuthor();
        if (author == null) {
            return false;
        }
        VIICertEntry vIICertEntry2 = author;
        while (true) {
            vIICertEntry = vIICertEntry2;
            if (vIICertEntry.getIssuer() == null) {
                break;
            }
            vIICertEntry2 = vIICertEntry.getIssuer();
        }
        if (vIICertEntry == null) {
            return false;
        }
        if (vIICertEntry != vIICertEntry.getIssuer() && (mo38getCertificate = vIICertEntry.mo38getCertificate()) != null) {
            Name subject = mo38getCertificate.getSubject();
            Name issuer = mo38getCertificate.getIssuer();
            if (subject != null && !subject.equals(issuer)) {
                return false;
            }
        }
        if (VIICertEntry.SourceType.XKMS == vIICertEntry.getSourceType()) {
            return true;
        }
        VIIIdentityEntry evaluatedIdentityObject = author.getEvaluatedIdentityObject();
        if (!evaluatedIdentityObject.isEvaluated() || evaluatedIdentityObject.getXKMSValidateResult() == null || (certificateChain = evaluatedIdentityObject.getXKMSValidateResult().getCertificateChain()) == null || certificateChain.isEmpty()) {
            return false;
        }
        if (vIICertEntry.mo38getCertificate().equals(certificateChain.get(certificateChain.size() - 1))) {
            author.addCumulatedReason(SignalReasons.IDtrust_yellow_localValidation);
            return true;
        }
        author.addCumulatedReason(SignalReasons.IDtrust_yellow_noTrustAnchor);
        return false;
    }

    @Deprecated
    public Signal getIdentity() {
        VIICertEntry author = getAuthor();
        return author == null ? Signal.YELLOW : author.getIdentity();
    }

    @Override // de.bos_bremen.vii.doctype.VIIValidationTimeProvider
    public Date getValidationTime() {
        return getSigningTime();
    }

    public SignalReason getFormatValidity() {
        return SignalReasons.OVERALL_GREEN;
    }
}
