package com.ibm.ws.webservices.wssecurity.config;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.xml.soapsec.util.ConfigUtil;
import java.io.File;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertStore;
import java.security.cert.CertificateFactory;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.HashSet;
import java.util.Set;

/* loaded from: input_file:wasJars/was-wssecurity.jar:com/ibm/ws/webservices/wssecurity/config/CollectionCertStore.class */
public final class CollectionCertStore {
    private String _algorithm;
    private CollectionCertStoreParameters _params;
    private Set _certNames;
    private String _provider;
    private String _name;
    private CertStore _certStore;
    private static final String comp = "security.wssecurity";
    private static final String clsName = CollectionCertStore.class.getName();
    private static final TraceComponent tc = Tr.register(CollectionCertStore.class, "Web Services Security", "com.ibm.ws.webservices.wssecurity.resources.was-wssecurity");

    public CollectionCertStore(String str, CollectionCertStoreParameters collectionCertStoreParameters, String str2, String str3) {
        this._algorithm = null;
        this._params = null;
        this._certNames = null;
        this._provider = null;
        this._name = null;
        this._certStore = null;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "CollectionCertStore(algorithm, params, provider, name):", new Object[]{str, collectionCertStoreParameters, str2, str3});
        }
        this._algorithm = str;
        this._params = collectionCertStoreParameters;
        this._provider = str2;
        this._name = str3;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "CollectionCertStore()");
        }
    }

    public CollectionCertStore(String str, Set set, String str2, String str3) {
        this._algorithm = null;
        this._params = null;
        this._certNames = null;
        this._provider = null;
        this._name = null;
        this._certStore = null;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "CollectionCertStore(algorithm, certNames, provider, name):", new Object[]{str, set, str2, str3});
        }
        this._algorithm = str;
        this._certNames = set;
        this._provider = str2;
        this._name = str3;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "CollectionCertStore()");
        }
    }

    public synchronized CertStore getInstance() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getInstance()");
        }
        if (this._certStore == null) {
            HashSet hashSet = new HashSet();
            if (this._params == null && this._certNames != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Initializing CollectionCertStoreParameters");
                }
                try {
                    CertificateFactory createCertificateFactory = ConfigUtil.createCertificateFactory("");
                    for (String str : this._certNames) {
                        X509Certificate x509Certificate = null;
                        X509CRL x509crl = null;
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Creating certificate or CRL: " + str);
                        }
                        try {
                            x509Certificate = ConfigUtil.getX509Certificate(new File(str), createCertificateFactory);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Created certificate: " + str);
                            }
                        } catch (Exception e) {
                            x509crl = ConfigUtil.getX509CRL(new File(str), createCertificateFactory);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Created CRL: " + str);
                            }
                        }
                        if (x509crl != null) {
                            hashSet.add(x509crl);
                        } else {
                            hashSet.add(x509Certificate);
                        }
                    }
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Creating CollectionCertStoreParameters");
                    }
                    this._params = new CollectionCertStoreParameters(hashSet);
                } catch (Exception e2) {
                    FFDCFilter.processException(e2, clsName + ".getInstance", "120", this);
                    Tr.error(tc, "security.wssecurity.load.collectioncertstore.failed", new Object[]{this._name, e2});
                }
                this._certNames = null;
            }
            try {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Opening CollectionCertStore \"" + this._name + "\" with algorithm \"" + this._algorithm + "\" and provider \"" + this._provider + "\"");
                }
                if (this._provider == null || "".equals(this._provider)) {
                    this._certStore = CertStore.getInstance(this._algorithm, this._params);
                } else {
                    this._certStore = CertStore.getInstance(this._algorithm, this._params, this._provider);
                }
            } catch (InvalidAlgorithmParameterException e3) {
                FFDCFilter.processException(e3, clsName + ".getInstance", "137", this);
                TraceComponent traceComponent = tc;
                Object[] objArr = new Object[1];
                objArr[0] = (this._params == null || this._params.toString() == null) ? "" : this._params.toString();
                Tr.error(traceComponent, "security.wssecurity.CommonReceiverConfig.s21", objArr);
            } catch (NoSuchAlgorithmException e4) {
                FFDCFilter.processException(e4, clsName + ".getInstance", "134", this);
                Tr.error(tc, "security.wssecurity.CommonReceiverConfig.s20", new Object[]{this._algorithm});
            } catch (NoSuchProviderException e5) {
                FFDCFilter.processException(e5, clsName + ".getInstance", "140", this);
                Tr.error(tc, "security.wssecurity.CommonReceiverConfig.s22", new Object[]{this._provider});
            } catch (Throwable th) {
                FFDCFilter.processException(th, clsName + ".getInstance", "143", this);
                TraceComponent traceComponent2 = tc;
                Object[] objArr2 = new Object[2];
                objArr2[0] = this._name == null ? "" : this._name;
                objArr2[1] = th;
                Tr.error(traceComponent2, "security.wssecurity.load.collectioncertstore.failed", objArr2);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getInstance() returns " + this._certStore);
        }
        return this._certStore;
    }
}
