package de.adorsys.psd2.validator.certificate;

import com.nimbusds.jose.util.X509CertUtils;
import java.security.cert.X509Certificate;
import no.difi.certvalidator.Validator;
import no.difi.certvalidator.ValidatorBuilder;
import no.difi.certvalidator.api.CertificateValidationException;
import no.difi.certvalidator.util.SimpleCertificateBucket;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:BOOT-INF/lib/psd2-certificate-validator-11.8.jar:de/adorsys/psd2/validator/certificate/CertificateValidatorFactory.class */
public class CertificateValidatorFactory {
    private Validator validator;

    public CertificateValidatorFactory(SimpleCertificateBucket simpleCertificateBucket, SimpleCertificateBucket simpleCertificateBucket2, SimpleCertificateBucket simpleCertificateBucket3) {
        this.validator = ValidatorBuilder.newInstance().addRule(new ExpirationRuleExt()).addRule(new CRLRuleExt()).addRule(new BlackListRule(simpleCertificateBucket)).addRule(new ChainRuleExt(simpleCertificateBucket2, simpleCertificateBucket3)).build();
    }

    public boolean validate(String str) throws CertificateValidationException {
        if (StringUtils.isBlank(str)) {
            throw new FailedCertValidationException(CertificateErrorMsgCode.CERTIFICATE_MISSING.name(), CertificateErrorMsgCode.CERTIFICATE_MISSING.toString());
        }
        X509Certificate parse = X509CertUtils.parse(str);
        if (parse == null) {
            throw new FailedCertValidationException(CertificateErrorMsgCode.CERTIFICATE_MISSING.name(), CertificateErrorMsgCode.CERTIFICATE_MISSING.toString());
        }
        this.validator.validate(parse);
        return true;
    }
}
