package net.shibboleth.metadata.dom.ds;

import java.io.ByteArrayInputStream;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.annotation.Nonnull;
import net.shibboleth.metadata.ErrorStatus;
import net.shibboleth.metadata.dom.AbstractDOMTraversalStage;
import net.shibboleth.metadata.dom.AbstractDOMValidationStage;
import net.shibboleth.metadata.pipeline.StageProcessingException;
import net.shibboleth.utilities.java.support.codec.Base64Support;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import org.w3c.dom.Element;

/* loaded from: input_file:net/shibboleth/metadata/dom/ds/X509ValidationStage.class */
public class X509ValidationStage extends AbstractDOMValidationStage<X509Certificate> {
    private CertificateFactory factory;

    @Override // net.shibboleth.metadata.dom.AbstractDOMTraversalStage
    protected boolean applicable(@Nonnull Element element) {
        return "http://www.w3.org/2000/09/xmldsig#".equals(element.getNamespaceURI()) && "X509Certificate".equals(element.getLocalName());
    }

    @Override // net.shibboleth.metadata.dom.AbstractDOMTraversalStage
    protected void visit(@Nonnull Element element, @Nonnull AbstractDOMTraversalStage.TraversalContext traversalContext) throws StageProcessingException {
        try {
            X509Certificate x509Certificate = (X509Certificate) this.factory.generateCertificate(new ByteArrayInputStream(Base64Support.decode(element.getTextContent())));
            if (!traversalContext.getStash().containsValue(x509Certificate)) {
                traversalContext.getStash().put(x509Certificate);
                applyValidators(x509Certificate, traversalContext);
            }
        } catch (CertificateException e) {
            traversalContext.getItem().getItemMetadata().put(new ErrorStatus(getId(), "could not convert X509Certificate data"));
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.shibboleth.metadata.dom.AbstractDOMValidationStage
    public void doInitialize() throws ComponentInitializationException {
        super.doInitialize();
        try {
            this.factory = CertificateFactory.getInstance("X.509");
        } catch (CertificateException e) {
            throw new ComponentInitializationException("can't create X.509 certificate factory", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.shibboleth.metadata.dom.AbstractDOMValidationStage
    public void doDestroy() {
        this.factory = null;
        super.doDestroy();
    }
}
