package nl.clockwork.ebms.validation;

import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import nl.clockwork.ebms.common.CPAManager;
import nl.clockwork.ebms.model.CacheablePartyId;
import nl.clockwork.ebms.model.EbMSMessage;
import nl.clockwork.ebms.util.CPAUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.oasis_open.committees.ebxml_cppa.schema.cpp_cpa_2_0.DeliveryChannel;
import org.oasis_open.committees.ebxml_msg.schema.msg_header_2_0.MessageHeader;

/* loaded from: input_file:nl/clockwork/ebms/validation/ClientCertificateValidator.class */
public class ClientCertificateValidator {
    protected transient Log logger = LogFactory.getLog(getClass());
    private boolean enabled;
    private CPAManager cpaManager;

    public void validate(EbMSMessage ebMSMessage) throws ValidatorException {
        X509Certificate[] certificates;
        if (this.enabled && (certificates = ClientCertificateManager.getCertificates()) != null && certificates.length > 0 && !certificates[0].equals(getClientCertificate(ebMSMessage.getMessageHeader()))) {
            throw new ValidationException("Invalid SSL Client Certificate!");
        }
    }

    private X509Certificate getClientCertificate(MessageHeader messageHeader) {
        try {
            DeliveryChannel sendDeliveryChannel = this.cpaManager.getSendDeliveryChannel(messageHeader.getCPAId(), new CacheablePartyId(messageHeader.getFrom().getPartyId()), messageHeader.getFrom().getRole(), CPAUtils.toString(messageHeader.getService()), messageHeader.getAction());
            if (sendDeliveryChannel != null) {
                return CPAUtils.getX509Certificate(CPAUtils.getClientCertificate(sendDeliveryChannel));
            }
            return null;
        } catch (CertificateException e) {
            this.logger.warn("", e);
            return null;
        }
    }

    public void setEnabled(boolean z) {
        this.enabled = z;
    }

    public void setCpaManager(CPAManager cPAManager) {
        this.cpaManager = cPAManager;
    }
}
