package org.gluu.oxauth.cert.validation;

import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.List;
import javax.security.auth.x500.X500Principal;
import org.gluu.oxauth.cert.validation.model.ValidationStatus;
import org.gluu.oxauth.model.util.SecurityProviderUtility;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/gluu/oxauth/cert/validation/GenericCertificateVerifier.class */
public class GenericCertificateVerifier implements CertificateVerifier {
    private static final Logger log = LoggerFactory.getLogger(GenericCertificateVerifier.class);

    public GenericCertificateVerifier() {
        SecurityProviderUtility.installBCProvider(true);
    }

    @Override // org.gluu.oxauth.cert.validation.CertificateVerifier
    public ValidationStatus validate(X509Certificate x509Certificate, List<X509Certificate> list, Date date) {
        ValidationStatus validationStatus = new ValidationStatus(x509Certificate, list.get(0), date, ValidationStatus.ValidatorSourceType.APP, ValidationStatus.CertificateValidity.UNKNOWN);
        try {
            X500Principal subjectX500Principal = x509Certificate.getSubjectX500Principal();
            try {
                log.debug("Validity status is valid for '" + subjectX500Principal + "'");
                x509Certificate.checkValidity(date);
                validationStatus.setValidity(ValidationStatus.CertificateValidity.VALID);
            } catch (CertificateExpiredException e) {
                log.debug("Validity status is expied for '" + subjectX500Principal + "'");
            } catch (CertificateNotYetValidException e2) {
                log.warn("Validity status is not yet valid for '" + subjectX500Principal + "'");
            }
        } catch (Exception e3) {
            log.error("CRL exception: ", e3);
        }
        return validationStatus;
    }

    @Override // org.gluu.oxauth.cert.validation.CertificateVerifier
    public void destroy() {
    }
}
