package eu.peppol.inbound.ocsp;

import com.sun.xml.wss.impl.callback.CertificateValidationCallback;
import eu.peppol.security.OcspValidatorCache;
import eu.peppol.security.OxalisCertificateValidator;
import java.security.cert.CertPathValidator;
import java.security.cert.PKIXParameters;
import java.security.cert.X509Certificate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/classes/eu/peppol/inbound/ocsp/OcspValidatorCallbackHandler.class */
public class OcspValidatorCallbackHandler implements CertificateValidationCallback.CertificateValidator {
    public static final Logger log = LoggerFactory.getLogger(OcspValidatorCallbackHandler.class);
    private static CertPathValidator certPathValidator;
    private static PKIXParameters pkixParameters;
    private OcspValidatorCache cache = OcspValidatorCache.getInstance();
    private OxalisCertificateValidator oxalisCertificateValidator = OxalisCertificateValidator.getInstance();

    public boolean validate(X509Certificate x509Certificate) {
        log.debug("Validation callback handler called: " + x509Certificate.getSerialNumber());
        boolean validate = this.oxalisCertificateValidator.validate(x509Certificate);
        if (!validate) {
            log.error("Certificate " + x509Certificate.getSubjectDN().getName() + " failed validation");
        }
        return validate;
    }
}
