package org.italiangrid.voms.util;

import eu.emi.security.authn.x509.CrlCheckingMode;
import eu.emi.security.authn.x509.NamespaceCheckingMode;
import eu.emi.security.authn.x509.OCSPCheckingMode;
import eu.emi.security.authn.x509.OCSPParametes;
import eu.emi.security.authn.x509.ProxySupport;
import eu.emi.security.authn.x509.StoreUpdateListener;
import eu.emi.security.authn.x509.ValidationErrorListener;
import eu.emi.security.authn.x509.X509CertChainValidatorExt;
import eu.emi.security.authn.x509.impl.CRLParameters;
import eu.emi.security.authn.x509.impl.OpensslCertChainValidator;
import eu.emi.security.authn.x509.impl.RevocationParametersExt;
import eu.emi.security.authn.x509.impl.ValidatorParamsExt;
import java.util.Arrays;
import org.italiangrid.voms.ac.impl.DefaultVOMSValidator;

/* loaded from: input_file:org/italiangrid/voms/util/CertificateValidatorBuilder.class */
public class CertificateValidatorBuilder {
    public static final CrlCheckingMode DEFAULT_CRL_CHECKS = CrlCheckingMode.REQUIRE;
    public static final OCSPCheckingMode DEFAULT_OCSP_CHECKS = OCSPCheckingMode.IGNORE;
    public static final NamespaceCheckingMode DEFAULT_NS_CHECKS = NamespaceCheckingMode.GLOBUS_EUGRIDPMA;

    private CertificateValidatorBuilder() {
    }

    public static X509CertChainValidatorExt buildCertificateValidator(String str, ValidationErrorListener validationErrorListener, StoreUpdateListener storeUpdateListener, long j, NamespaceCheckingMode namespaceCheckingMode, CrlCheckingMode crlCheckingMode, OCSPCheckingMode oCSPCheckingMode) {
        ValidatorParamsExt validatorParamsExt = new ValidatorParamsExt(new RevocationParametersExt(crlCheckingMode, new CRLParameters(), new OCSPParametes(oCSPCheckingMode)), ProxySupport.ALLOW);
        if (storeUpdateListener != null) {
            validatorParamsExt.setInitialListeners(Arrays.asList(storeUpdateListener));
        }
        OpensslCertChainValidator opensslCertChainValidator = new OpensslCertChainValidator(str, namespaceCheckingMode, j, validatorParamsExt);
        if (validationErrorListener != null) {
            opensslCertChainValidator.addValidationListener(validationErrorListener);
        }
        return opensslCertChainValidator;
    }

    public static X509CertChainValidatorExt buildCertificateValidator(String str, ValidationErrorListener validationErrorListener) {
        return buildCertificateValidator(str, validationErrorListener, null, 0L, DEFAULT_NS_CHECKS, DEFAULT_CRL_CHECKS, DEFAULT_OCSP_CHECKS);
    }

    public static X509CertChainValidatorExt buildCertificateValidator(String str, ValidationErrorListener validationErrorListener, StoreUpdateListener storeUpdateListener) {
        return buildCertificateValidator(str, validationErrorListener, storeUpdateListener, 0L, DEFAULT_NS_CHECKS, DEFAULT_CRL_CHECKS, DEFAULT_OCSP_CHECKS);
    }

    public static X509CertChainValidatorExt buildCertificateValidator(String str, ValidationErrorListener validationErrorListener, long j) {
        return buildCertificateValidator(str, validationErrorListener, null, j, DEFAULT_NS_CHECKS, DEFAULT_CRL_CHECKS, DEFAULT_OCSP_CHECKS);
    }

    public static X509CertChainValidatorExt buildCertificateValidator(String str) {
        return buildCertificateValidator(str, null, null, 0L, DEFAULT_NS_CHECKS, DEFAULT_CRL_CHECKS, DEFAULT_OCSP_CHECKS);
    }

    public static X509CertChainValidatorExt buildCertificateValidator() {
        return buildCertificateValidator(DefaultVOMSValidator.DEFAULT_TRUST_ANCHORS_DIR, null, null, 0L, DEFAULT_NS_CHECKS, DEFAULT_CRL_CHECKS, DEFAULT_OCSP_CHECKS);
    }
}
