package be.ehealth.technicalconnector.service.etee.impl;

import be.ehealth.technicalconnector.exception.TechnicalConnectorException;
import be.ehealth.technicalconnector.handler.SchemaValidatorHandler;
import be.ehealth.technicalconnector.service.etee.CryptoFactory;
import be.fgov.ehealth.etee.crypto.cert.CertificateStatus;
import be.fgov.ehealth.etee.crypto.crl.CRLChecker;
import be.fgov.ehealth.etee.crypto.crl.CRLCheckerBuilder;
import be.fgov.ehealth.etee.crypto.crl.CRLData;
import be.fgov.ehealth.etee.crypto.policies.OCSPOption;
import be.fgov.ehealth.etee.crypto.status.CryptoResult;
import java.security.cert.CertStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import org.joda.time.DateTime;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:be/ehealth/technicalconnector/service/etee/impl/ConnectorCRLRevocationStatusChecker.class */
public final class ConnectorCRLRevocationStatusChecker extends AbstractRevocationStatusChecker {
    private static final Logger LOG = LoggerFactory.getLogger(ConnectorCRLRevocationStatusChecker.class);
    private CRLChecker crlChecker;

    /* renamed from: be.ehealth.technicalconnector.service.etee.impl.ConnectorCRLRevocationStatusChecker$1, reason: invalid class name */
    /* loaded from: input_file:be/ehealth/technicalconnector/service/etee/impl/ConnectorCRLRevocationStatusChecker$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$be$fgov$ehealth$etee$crypto$cert$CertificateStatus = new int[CertificateStatus.values().length];

        static {
            try {
                $SwitchMap$be$fgov$ehealth$etee$crypto$cert$CertificateStatus[CertificateStatus.REVOKED.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
        }
    }

    public ConnectorCRLRevocationStatusChecker() {
        try {
            this.crlChecker = CRLCheckerBuilder.newBuilder().addCertStore((CertStore) CryptoFactory.getOCSPOptions().get(OCSPOption.CERT_STORE)).build();
        } catch (TechnicalConnectorException e) {
            LOG.warn("Unable to obtain CertStore");
            this.crlChecker = CRLCheckerBuilder.newBuilder().build();
        }
    }

    @Override // be.ehealth.technicalconnector.service.etee.impl.AbstractRevocationStatusChecker
    boolean delegateRevoke(X509Certificate x509Certificate, DateTime dateTime) throws CertificateException {
        CryptoResult validate = this.crlChecker.validate(x509Certificate);
        if (validate.getFatal() != null) {
            throw new CertificateException(validate.getFatal().getErrorMessage());
        }
        switch (AnonymousClass1.$SwitchMap$be$fgov$ehealth$etee$crypto$cert$CertificateStatus[((CRLData) validate.getData()).getCertStatus().ordinal()]) {
            case SchemaValidatorHandler.VERIFY_INBOUND /* 1 */:
                return true;
            default:
                return false;
        }
    }
}
