package eu.peppol.as2;

import com.google.inject.Inject;
import eu.peppol.security.CommonName;
import eu.peppol.security.KeystoreManager;

/* loaded from: input_file:WEB-INF/lib/oxalis-as2-4.0.0-BETA1.jar:eu/peppol/as2/As2MessageInspector.class */
public class As2MessageInspector {
    private final KeystoreManager keystoreManager;

    @Inject
    public As2MessageInspector(KeystoreManager keystoreManager) {
        this.keystoreManager = keystoreManager;
    }

    public void validate(As2Message as2Message) throws InvalidAs2MessageException {
        compareAs2FromHeaderWithCertificateCommonName(as2Message);
    }

    private static void compareAs2FromHeaderWithCertificateCommonName(As2Message as2Message) throws InvalidAs2MessageException {
        PeppolAs2SystemIdentifier valueOf = PeppolAs2SystemIdentifier.valueOf(CommonName.valueOf(as2Message.getSignedMimeMessage().getSignersX509Certificate().getSubjectX500Principal()));
        if (!valueOf.equals(as2Message.getAs2From())) {
            throw new InvalidAs2MessageException("The signers CN '" + valueOf.toString() + "'does not compare to the AS2-From header '" + as2Message.getAs2From().toString() + "'");
        }
    }
}
