package com.bea.common.security.internal.service;

import com.bea.common.engine.ServiceConfigurationException;
import com.bea.common.engine.ServiceInitializationException;
import com.bea.common.engine.ServiceLifecycleSpi;
import com.bea.common.engine.Services;
import com.bea.common.logger.service.LoggerService;
import com.bea.common.logger.spi.LoggerSpi;
import com.bea.common.security.SecurityLogger;
import com.bea.common.security.internal.utils.Delegator;
import com.bea.common.security.internal.utils.X509Utils;
import com.bea.common.security.service.AuditService;
import com.bea.common.security.service.CertPathValidatorService;
import com.bea.common.security.servicecfg.CertPathValidatorServiceConfig;
import com.bea.common.security.spi.CertPathValidatorProvider;
import java.security.InvalidAlgorithmParameterException;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertPathValidatorResult;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import weblogic.security.service.ContextHandler;

/* loaded from: input_file:com/bea/common/security/internal/service/CertPathValidatorServiceImpl.class */
public class CertPathValidatorServiceImpl implements ServiceLifecycleSpi, CertPathValidatorService {
    private LoggerSpi logger;
    private AuditService auditService;
    private CertPathValidatorProvider[] certPathValidators;

    /* loaded from: input_file:com/bea/common/security/internal/service/CertPathValidatorServiceImpl$CertPathValidatorServiceResult.class */
    private class CertPathValidatorServiceResult implements CertPathValidatorResult {
        private ArrayList results;

        private CertPathValidatorServiceResult(ArrayList arrayList) {
            this.results = arrayList;
        }

        public CertPathValidatorServiceResult(int i) {
            this.results = new ArrayList(i);
        }

        public void add(CertPathValidatorResult certPathValidatorResult) {
            this.results.add(certPathValidatorResult);
        }

        public CertPathValidatorResult[] getResults() {
            return (CertPathValidatorResult[]) this.results.toArray(new CertPathValidatorResult[this.results.size()]);
        }

        @Override // java.security.cert.CertPathValidatorResult
        public Object clone() {
            return new CertPathValidatorServiceResult((ArrayList) this.results.clone());
        }
    }

    @Override // com.bea.common.engine.ServiceLifecycleSpi
    public Object init(Object obj, Services services) throws ServiceInitializationException {
        this.logger = ((LoggerService) services.getService(LoggerService.SERVICE_NAME)).getLogger("com.bea.common.security.service.CertPathValidatorService");
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = getClass().getName() + ".init";
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        if (obj == null || !(obj instanceof CertPathValidatorServiceConfig)) {
            throw new ServiceConfigurationException(ServiceLogger.getExpectedConfigurationNotSupplied(str, "CertPathValidatorServiceConfig"));
        }
        CertPathValidatorServiceConfig certPathValidatorServiceConfig = (CertPathValidatorServiceConfig) obj;
        String auditServiceName = certPathValidatorServiceConfig.getAuditServiceName();
        this.auditService = (AuditService) services.getService(auditServiceName);
        if (isDebugEnabled) {
            this.logger.debug(str + " got AuditService " + auditServiceName);
        }
        String[] certPathValidatorNames = certPathValidatorServiceConfig.getCertPathValidatorNames();
        if (certPathValidatorNames == null || certPathValidatorNames.length < 1) {
            throw new ServiceConfigurationException(ServiceLogger.getConfigurationMissingRequiredInfo(str, certPathValidatorServiceConfig.getClass().getName(), "CertPathValidatorNames"));
        }
        this.certPathValidators = new CertPathValidatorProvider[certPathValidatorNames.length];
        for (int i = 0; i < certPathValidatorNames.length; i++) {
            CertPathValidatorProvider certPathValidatorProvider = (CertPathValidatorProvider) services.getService(certPathValidatorNames[i]);
            if (isDebugEnabled) {
                this.logger.debug(str + " got CertPathValidator " + certPathValidatorNames[i]);
            }
            this.certPathValidators[i] = certPathValidatorProvider;
        }
        return Delegator.getProxy(CertPathValidatorService.class, this);
    }

    @Override // com.bea.common.engine.ServiceLifecycleSpi
    public void shutdown() {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = isDebugEnabled ? getClass().getName() + ".shutdown" : null;
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
    }

    @Override // com.bea.common.security.service.CertPathValidatorService
    public CertPathValidatorResult validate(CertPath certPath, X509Certificate[] x509CertificateArr, ContextHandler contextHandler) throws CertPathValidatorException, InvalidAlgorithmParameterException {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        try {
            if (X509Utils.isEmpty(certPath)) {
                throw new IllegalArgumentException(SecurityLogger.getCertPathValidatorEmptyCertPathError());
            }
            if (!certPath.getType().equals("X.509")) {
                throw new IllegalArgumentException(ServiceLogger.getIncorrectCertPathType("X.509"));
            }
            X509Utils.validateOrdered(certPath);
            int length = this.certPathValidators != null ? this.certPathValidators.length : 0;
            CertPathValidatorServiceResult certPathValidatorServiceResult = new CertPathValidatorServiceResult(length);
            for (int i = 0; i < length; i++) {
                try {
                    certPathValidatorServiceResult.add(this.certPathValidators[i].validate(certPath, x509CertificateArr, contextHandler));
                } catch (IllegalArgumentException e) {
                    if (isDebugEnabled) {
                        this.logger.debug("CertPathValidatorServiceImpl.validate() failed.", e);
                    }
                    if (!Boolean.getBoolean("weblogic.security.dontValidateIfSSLErrors")) {
                        CertPathAuditUtil.auditValidatorException(this.auditService, certPath, x509CertificateArr, contextHandler, e);
                    }
                    throw e;
                } catch (RuntimeException e2) {
                    if (isDebugEnabled) {
                        this.logger.debug("CertPathValidatorServiceImpl.validate() failed.", e2);
                    }
                    CertPathAuditUtil.auditValidatorException(this.auditService, certPath, x509CertificateArr, contextHandler, e2);
                    throw e2;
                } catch (CertPathValidatorException e3) {
                    if (isDebugEnabled) {
                        this.logger.debug("CertPathValidatorServiceImpl.validate() failed.", e3);
                    }
                    CertPathAuditUtil.auditValidatorException(this.auditService, certPath, x509CertificateArr, contextHandler, e3);
                    throw e3;
                }
            }
            if (isDebugEnabled) {
                this.logger.debug("CertPathValidatorServiceImpl.validate() success.");
            }
            CertPathAuditUtil.auditValidate(this.auditService, certPath, x509CertificateArr, contextHandler);
            return certPathValidatorServiceResult;
        } catch (IllegalArgumentException e4) {
            if (isDebugEnabled) {
                this.logger.debug("CertPathValidatorServiceImpl.validate() failed.", e4);
            }
            throw e4;
        } catch (RuntimeException e5) {
            if (isDebugEnabled) {
                this.logger.debug("CertPathValidatorServiceImpl.validate() failed.", e5);
            }
            CertPathAuditUtil.auditValidatorException(this.auditService, certPath, x509CertificateArr, contextHandler, e5);
            throw e5;
        } catch (CertificateException e6) {
            if (isDebugEnabled) {
                this.logger.debug("CertPathValidatorServiceImpl.validate() failed.", e6);
            }
            CertPathAuditUtil.auditValidatorException(this.auditService, certPath, x509CertificateArr, contextHandler, e6);
            throw new CertPathValidatorException(e6.getMessage(), e6);
        }
    }
}
