package ch.transsoft.edec.service.ezv.evv.sigcheck.validator;

import ch.transsoft.edec.service.ezv.evv.sigcheck.context.SystemContext;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertStore;
import java.security.cert.CertificateFactory;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Set;

/* loaded from: input_file:ch/transsoft/edec/service/ezv/evv/sigcheck/validator/X509CertificateValidator.class */
public class X509CertificateValidator {
    private Date date = new Date();
    private X509CRL x509crl = null;
    private X509Certificate caCert;
    private SystemContext context;

    public X509CertificateValidator(SystemContext systemContext, X509Certificate x509Certificate) {
        this.caCert = x509Certificate;
        this.context = systemContext;
    }

    public void setX509crl(X509CRL x509crl) {
        this.x509crl = x509crl;
    }

    public void setDate(Date date) {
        this.date = date;
    }

    public boolean isValid(X509Certificate x509Certificate) {
        try {
            CertificateFactory certificateFactory = this.context.getProviderSelector().getCertificateFactory();
            ArrayList arrayList = new ArrayList();
            arrayList.add(this.caCert);
            arrayList.add(x509Certificate);
            CertStore certStore = this.context.getProviderSelector().getCertStore(new CollectionCertStoreParameters(arrayList));
            PKIXParameters pKIXParameters = new PKIXParameters((Set<TrustAnchor>) Collections.singleton(new TrustAnchor(this.caCert, null)));
            pKIXParameters.setRevocationEnabled(false);
            pKIXParameters.addCertStore(certStore);
            pKIXParameters.setDate(this.date);
            ArrayList arrayList2 = new ArrayList();
            arrayList2.add(x509Certificate);
            this.context.getProviderSelector().getCertPathValidator().validate(certificateFactory.generateCertPath(arrayList2), pKIXParameters);
            if (this.x509crl != null) {
                return new X509CRLValidator(this.x509crl).isValid(x509Certificate);
            }
            return true;
        } catch (CertPathValidatorException e) {
            this.context.getOutputterStrategy().write("certificate error: " + e.getMessage());
            return false;
        } catch (Exception e2) {
            this.context.getOutputterStrategy().write("certificate error: " + e2.getMessage());
            return false;
        }
    }
}
