package com.sun.identity.security.cert;

import com.iplanet.security.x509.X500Name;
import com.sun.identity.security.SecurityDebug;
import com.sun.identity.shared.debug.Debug;
import java.io.IOException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;

/* loaded from: input_file:com/sun/identity/security/cert/CRLValidator.class */
public abstract class CRLValidator {
    private AMLDAPCertStoreParameters ldapParams = null;
    private static Debug debug = SecurityDebug.debug;

    public abstract boolean validateCertificate(X509Certificate x509Certificate, String str);

    public X509CRL getCRL(X509Certificate x509Certificate, String str) {
        X509CRL x509crl = null;
        String str2 = null;
        try {
            X500Name issuerDN = AMCRLStore.getIssuerDN(x509Certificate);
            if (issuerDN != null) {
                str2 = issuerDN.getAttributeValue(str);
            }
            if (str2 == null || this.ldapParams == null) {
                return null;
            }
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("CRLValidator - attrValue to search crl : ").append(str2).toString());
            }
            this.ldapParams.setSearchFilter(AMCRLStore.setSearchFilter(str, str2));
            try {
                x509crl = new AMCRLStore(this.ldapParams).getCRL(x509Certificate);
            } catch (IOException e) {
                debug.error(new StringBuffer().append("X509Certificate: verifyCertificate.").append(e.toString()).toString());
            }
            return x509crl;
        } catch (Exception e2) {
            debug.error(new StringBuffer().append("attrValue to search crl : ").append(str2).toString(), e2);
            return null;
        }
    }

    public void setLdapParams(AMLDAPCertStoreParameters aMLDAPCertStoreParameters) {
        this.ldapParams = aMLDAPCertStoreParameters;
    }
}
