package com.bea.common.security.internal.service;

import com.bea.common.engine.ServiceConfigurationException;
import com.bea.common.engine.ServiceInitializationException;
import com.bea.common.engine.ServiceLifecycleSpi;
import com.bea.common.engine.Services;
import com.bea.common.logger.service.LoggerService;
import com.bea.common.logger.spi.LoggerSpi;
import com.bea.common.security.SecurityLogger;
import com.bea.common.security.internal.utils.Delegator;
import com.bea.common.security.internal.utils.X509Utils;
import com.bea.common.security.service.AuditService;
import com.bea.common.security.service.CertPathBuilderService;
import com.bea.common.security.servicecfg.CertPathBuilderServiceConfig;
import com.bea.common.security.spi.CertPathBuilderProvider;
import com.bea.common.security.spi.CertPathValidatorProvider;
import java.security.InvalidAlgorithmParameterException;
import java.security.cert.CertPath;
import java.security.cert.CertPathBuilderException;
import java.security.cert.CertPathBuilderResult;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import weblogic.security.pk.CertPathSelector;
import weblogic.security.service.ContextHandler;

/* loaded from: input_file:com/bea/common/security/internal/service/CertPathBuilderServiceImpl.class */
public class CertPathBuilderServiceImpl implements ServiceLifecycleSpi, CertPathBuilderService {
    private LoggerSpi logger;
    private AuditService auditService;
    private CertPathBuilderProvider certPathBuilder;
    private CertPathValidatorProvider[] certPathValidators;

    @Override // com.bea.common.engine.ServiceLifecycleSpi
    public Object init(Object obj, Services services) throws ServiceInitializationException {
        this.logger = ((LoggerService) services.getService(LoggerService.SERVICE_NAME)).getLogger("com.bea.common.security.service.CertPathBuilderService");
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = getClass().getName() + ".init";
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        if (obj == null || !(obj instanceof CertPathBuilderServiceConfig)) {
            throw new ServiceConfigurationException(ServiceLogger.getExpectedConfigurationNotSupplied(str, "CertPathBuilderServiceConfig"));
        }
        CertPathBuilderServiceConfig certPathBuilderServiceConfig = (CertPathBuilderServiceConfig) obj;
        String auditServiceName = certPathBuilderServiceConfig.getAuditServiceName();
        this.auditService = (AuditService) services.getService(auditServiceName);
        if (isDebugEnabled) {
            this.logger.debug(str + " got AuditService " + auditServiceName);
        }
        String certPathBuilderName = certPathBuilderServiceConfig.getCertPathBuilderName();
        this.certPathBuilder = (CertPathBuilderProvider) services.getService(certPathBuilderName);
        if (isDebugEnabled) {
            this.logger.debug(str + " got CertPathBuilder " + certPathBuilderName);
        }
        String[] certPathValidatorNames = certPathBuilderServiceConfig.getCertPathValidatorNames();
        if (certPathValidatorNames != null && certPathValidatorNames.length > 0) {
            this.certPathValidators = new CertPathValidatorProvider[certPathValidatorNames.length];
            for (int i = 0; i < certPathValidatorNames.length; i++) {
                CertPathValidatorProvider certPathValidatorProvider = (CertPathValidatorProvider) services.getService(certPathValidatorNames[i]);
                if (isDebugEnabled) {
                    this.logger.debug(str + " got CertPathValidator " + certPathValidatorNames[i]);
                }
                this.certPathValidators[i] = certPathValidatorProvider;
            }
        }
        return Delegator.getProxy(CertPathBuilderService.class, this);
    }

    @Override // com.bea.common.engine.ServiceLifecycleSpi
    public void shutdown() {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = isDebugEnabled ? getClass().getName() + ".shutdown" : null;
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
    }

    @Override // com.bea.common.security.service.CertPathBuilderService
    public CertPathBuilderResult build(CertPathSelector certPathSelector, X509Certificate[] x509CertificateArr, ContextHandler contextHandler) throws CertPathBuilderException, InvalidAlgorithmParameterException {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        try {
            CertPathBuilderResult build = this.certPathBuilder.build(certPathSelector, x509CertificateArr, contextHandler);
            CertPath certPath = build.getCertPath();
            if (X509Utils.isEmpty(certPath)) {
                throw new CertPathBuilderException(SecurityLogger.getCertPathBuilderProviderReturnedEmptyCertPathError());
            }
            if (!certPath.getType().equals("X.509")) {
                throw new CertPathBuilderException(ServiceLogger.getCertPathBuildReturnedNonX509CertPath());
            }
            try {
                X509Utils.validateOrdered(certPath);
                for (int i = 0; this.certPathValidators != null && i < this.certPathValidators.length; i++) {
                    try {
                        this.certPathValidators[i].validate(build.getCertPath(), x509CertificateArr, contextHandler);
                    } catch (IllegalArgumentException e) {
                        if (isDebugEnabled) {
                            this.logger.debug("CertPathBuilderServiceImpl.build() failed to validate.", e);
                        }
                        throw e;
                    } catch (RuntimeException e2) {
                        if (isDebugEnabled) {
                            this.logger.debug("CertPathBuilderServiceImpl.build() failed to validate.", e2);
                        }
                        CertPathAuditUtil.auditValidatorException(this.auditService, build.getCertPath(), x509CertificateArr, contextHandler, e2);
                        throw e2;
                    } catch (CertPathValidatorException e3) {
                        if (isDebugEnabled) {
                            this.logger.debug("CertPathBuilderServiceImpl.build() failed to validate.", e3);
                        }
                        CertPathAuditUtil.auditValidatorException(this.auditService, build.getCertPath(), x509CertificateArr, contextHandler, e3);
                        throw new CertPathBuilderException(e3.getMessage(), e3);
                    }
                }
                if (isDebugEnabled) {
                    this.logger.debug("CertPathBuilderServiceImpl.build() success.");
                }
                CertPathAuditUtil.auditBuild(this.auditService, certPathSelector, x509CertificateArr, contextHandler);
                return build;
            } catch (CertificateException e4) {
                throw new CertPathBuilderException(SecurityLogger.getCertPathBuilderProviderUnorderedCertPathError(e4.getMessage(), certPath.toString()), e4);
            }
        } catch (IllegalArgumentException e5) {
            if (isDebugEnabled) {
                this.logger.debug("CertPathBuilderServiceImpl.build() failed.", e5);
            }
            throw e5;
        } catch (RuntimeException e6) {
            if (isDebugEnabled) {
                this.logger.debug("CertPathBuilderServiceImpl.build() failed.", e6);
            }
            CertPathAuditUtil.auditBuilderException(this.auditService, certPathSelector, x509CertificateArr, contextHandler, e6);
            throw e6;
        } catch (CertPathBuilderException e7) {
            if (isDebugEnabled) {
                this.logger.debug("CertPathBuilderServiceImpl.build() failed.", e7);
            }
            CertPathAuditUtil.auditBuilderException(this.auditService, certPathSelector, x509CertificateArr, contextHandler, e7);
            throw e7;
        }
    }
}
