package org.mule.runtime.module.tls.internal.revocation;

import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.CertPathBuilder;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.PKIXRevocationChecker;
import java.security.cert.TrustAnchor;
import java.security.cert.X509CertSelector;
import java.util.HashSet;
import java.util.Set;
import javax.net.ssl.CertPathTrustManagerParameters;
import javax.net.ssl.ManagerFactoryParameters;
import org.mule.runtime.api.component.AbstractComponent;
import org.mule.runtime.core.privileged.security.RevocationCheck;
import org.mule.runtime.core.privileged.security.tls.TlsConfiguration;

/* loaded from: input_file:org/mule/runtime/module/tls/internal/revocation/StandardRevocationCheck.class */
public class StandardRevocationCheck extends AbstractComponent implements RevocationCheck {
    private Boolean onlyEndEntities = false;
    private Boolean preferCrls = false;
    private Boolean noFallback = false;
    private Boolean softFail = false;

    public void setOnlyEndEntities(Boolean bool) {
        this.onlyEndEntities = bool;
    }

    public void setPreferCrls(Boolean bool) {
        this.preferCrls = bool;
    }

    public void setNoFallback(Boolean bool) {
        this.noFallback = bool;
    }

    public void setSoftFail(Boolean bool) {
        this.softFail = bool;
    }

    @Override // org.mule.runtime.core.privileged.security.RevocationCheck
    public ManagerFactoryParameters configFor(KeyStore keyStore, Set<TrustAnchor> set) {
        try {
            PKIXRevocationChecker pKIXRevocationChecker = (PKIXRevocationChecker) CertPathBuilder.getInstance(TlsConfiguration.REVOCATION_KEYSTORE_ALGORITHM).getRevocationChecker();
            HashSet hashSet = new HashSet();
            if (this.onlyEndEntities.booleanValue()) {
                hashSet.add(PKIXRevocationChecker.Option.ONLY_END_ENTITY);
            }
            if (this.preferCrls.booleanValue()) {
                hashSet.add(PKIXRevocationChecker.Option.PREFER_CRLS);
            }
            if (this.noFallback.booleanValue()) {
                hashSet.add(PKIXRevocationChecker.Option.NO_FALLBACK);
            }
            if (this.softFail.booleanValue()) {
                hashSet.add(PKIXRevocationChecker.Option.SOFT_FAIL);
            }
            pKIXRevocationChecker.setOptions(hashSet);
            PKIXBuilderParameters pKIXBuilderParameters = keyStore != null ? new PKIXBuilderParameters(keyStore, new X509CertSelector()) : new PKIXBuilderParameters(set, new X509CertSelector());
            pKIXBuilderParameters.addCertPathChecker(pKIXRevocationChecker);
            return new CertPathTrustManagerParameters(pKIXBuilderParameters);
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null || getClass() != obj.getClass()) {
            return false;
        }
        StandardRevocationCheck standardRevocationCheck = (StandardRevocationCheck) obj;
        if (this.onlyEndEntities != null) {
            if (!this.onlyEndEntities.equals(standardRevocationCheck.onlyEndEntities)) {
                return false;
            }
        } else if (standardRevocationCheck.onlyEndEntities != null) {
            return false;
        }
        if (this.preferCrls != null) {
            if (!this.preferCrls.equals(standardRevocationCheck.preferCrls)) {
                return false;
            }
        } else if (standardRevocationCheck.preferCrls != null) {
            return false;
        }
        if (this.noFallback != null) {
            if (!this.noFallback.equals(standardRevocationCheck.noFallback)) {
                return false;
            }
        } else if (standardRevocationCheck.noFallback != null) {
            return false;
        }
        return this.softFail != null ? this.softFail.equals(standardRevocationCheck.softFail) : standardRevocationCheck.softFail == null;
    }

    public int hashCode() {
        return (31 * ((31 * ((31 * (this.onlyEndEntities != null ? this.onlyEndEntities.hashCode() : 0)) + (this.preferCrls != null ? this.preferCrls.hashCode() : 0))) + (this.noFallback != null ? this.noFallback.hashCode() : 0))) + (this.softFail != null ? this.softFail.hashCode() : 0);
    }
}
