package com.impleo.dropnsign.agent.sign;

import com.impleo.dropnsign.agent.sign.EUTrustedList;
import eu.europa.esig.dss.token.DSSPrivateKeyEntry;
import eu.europa.esig.dss.token.SignatureTokenConnection;
import eu.europa.esig.dss.x509.CertificateToken;
import java.io.ByteArrayInputStream;
import java.security.KeyStoreException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Iterator;
import org.apache.xml.security.keys.content.x509.XMLX509Certificate;

/* loaded from: input_file:com/impleo/dropnsign/agent/sign/ValidatedCertificate.class */
public class ValidatedCertificate {
    protected DSSPrivateKeyEntry privateKey;
    protected SignatureTokenConnection tokenConnection;
    protected boolean authenticatedEU;
    protected X509Certificate certificateEUTrustedList;
    protected CertificateToken[] chain;

    public ValidatedCertificate(DSSPrivateKeyEntry dSSPrivateKeyEntry, SignatureTokenConnection signatureTokenConnection, EUTrustedList eUTrustedList) throws KeyStoreException, CertificateException {
        this.privateKey = dSSPrivateKeyEntry;
        this.tokenConnection = signatureTokenConnection;
        if (signatureTokenConnection == null || eUTrustedList == null) {
            return;
        }
        authenticateUE(eUTrustedList);
    }

    public ValidatedCertificate(DSSPrivateKeyEntry dSSPrivateKeyEntry, SignatureTokenConnection signatureTokenConnection) throws KeyStoreException, CertificateException {
        this.privateKey = dSSPrivateKeyEntry;
        this.tokenConnection = signatureTokenConnection;
    }

    protected void authenticateUE(EUTrustedList eUTrustedList) throws KeyStoreException, CertificateException {
        this.chain = this.privateKey.getCertificateChain();
        for (CertificateToken certificateToken : this.chain) {
            byte[] encoded = certificateToken.getEncoded();
            Iterator<EUTrustedList.Certificate> it = eUTrustedList.getCertificateList().iterator();
            while (it.hasNext()) {
                if (Arrays.equals(it.next().getBytes(), encoded)) {
                    this.certificateEUTrustedList = (X509Certificate) CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID).generateCertificate(new ByteArrayInputStream(encoded));
                    this.authenticatedEU = true;
                    return;
                }
            }
        }
        this.authenticatedEU = false;
    }

    public boolean isAuthenticatedUE() {
        return this.authenticatedEU;
    }

    public X509Certificate getCertificateEUTrustedList() {
        return this.certificateEUTrustedList;
    }

    public CertificateToken[] getChain() {
        return this.chain;
    }

    public DSSPrivateKeyEntry getPrivateKey() {
        return this.privateKey;
    }

    public SignatureTokenConnection getTokenConnection() {
        return this.tokenConnection;
    }
}
