package be.fgov.ehealth.technicalconnector.signature.impl.xades.impl;

import be.ehealth.technicalconnector.exception.TechnicalConnectorException;
import be.ehealth.technicalconnector.service.sts.security.Credential;
import be.fgov.ehealth.etee.crypto.ocsp.OCSPCheckerBuilder;
import be.fgov.ehealth.etee.crypto.ocsp.OCSPData;
import be.fgov.ehealth.etee.crypto.policies.OCSPPolicy;
import be.fgov.ehealth.technicalconnector.signature.domain.SignatureVerificationResult;
import be.fgov.ehealth.technicalconnector.signature.impl.xades.XadesSpecification;
import be.fgov.ehealth.technicalconnector.signature.impl.xades.domain.SignedPropertiesBuilder;
import be.fgov.ehealth.technicalconnector.signature.impl.xades.domain.UnsignedPropertiesBuilder;
import java.io.IOException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.Map;
import org.apache.xml.security.signature.XMLSignature;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ocsp.BasicOCSPResponse;
import org.bouncycastle.cert.ocsp.BasicOCSPResp;
import org.bouncycastle.cert.ocsp.OCSPException;
import org.bouncycastle.cert.ocsp.OCSPRespBuilder;
import org.w3c.dom.Element;

/* loaded from: input_file:be/fgov/ehealth/technicalconnector/signature/impl/xades/impl/XadesCSpecification.class */
public class XadesCSpecification implements XadesSpecification {
    @Override // be.fgov.ehealth.technicalconnector.signature.impl.xades.XadesSpecification
    public void addOptionalBeforeSignatureParts(SignedPropertiesBuilder signedPropertiesBuilder, XMLSignature xMLSignature, Credential credential, String str, Map<String, Object> map) throws TechnicalConnectorException {
    }

    @Override // be.fgov.ehealth.technicalconnector.signature.impl.xades.XadesSpecification
    public void addOptionalAfterSignatureParts(UnsignedPropertiesBuilder unsignedPropertiesBuilder, XMLSignature xMLSignature, String str, Map<String, Object> map) throws TechnicalConnectorException {
        try {
            X509Certificate x509Certificate = xMLSignature.getKeyInfo().getX509Certificate();
            OCSPData oCSPData = (OCSPData) OCSPCheckerBuilder.newBuilder().addOCSPPolicy(OCSPPolicy.RECEIVER_MANDATORY).build().validate(x509Certificate).getData();
            unsignedPropertiesBuilder.addCertificate(x509Certificate);
            Iterator it = oCSPData.getCrls().iterator();
            while (it.hasNext()) {
                unsignedPropertiesBuilder.addCrlRef((X509CRL) it.next());
            }
            unsignedPropertiesBuilder.addOCSPRef(convertToOCSPResp(oCSPData));
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    private byte[] convertToOCSPResp(OCSPData oCSPData) throws IOException, OCSPException {
        return new OCSPRespBuilder().build(0, new BasicOCSPResp(BasicOCSPResponse.getInstance(ASN1Primitive.fromByteArray(oCSPData.getOcspResponse())))).getEncoded();
    }

    @Override // be.fgov.ehealth.technicalconnector.signature.impl.xades.XadesSpecification
    public void verify(SignatureVerificationResult signatureVerificationResult, Element element) {
    }
}
