package de.gematik.pki.gemlibpki.validators;

import de.gematik.pki.gemlibpki.certificate.CertificateProfile;
import de.gematik.pki.gemlibpki.certificate.Policies;
import de.gematik.pki.gemlibpki.error.ErrorCode;
import de.gematik.pki.gemlibpki.exception.GemPkiException;
import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.Set;
import lombok.NonNull;

/* loaded from: input_file:de/gematik/pki/gemlibpki/validators/CertificateProfileValidator.class */
public interface CertificateProfileValidator {
    void validateCertificate(@NonNull X509Certificate x509Certificate, @NonNull CertificateProfile certificateProfile) throws GemPkiException;

    default Set<String> getCertificatePolicyOids(X509Certificate x509Certificate, String str) throws GemPkiException {
        try {
            Policies policies = new Policies(x509Certificate);
            if (policies.getPolicyOids().isEmpty()) {
                throw new GemPkiException(str, ErrorCode.SE_1033_CERT_TYPE_INFO_MISSING);
            }
            return policies.getPolicyOids();
        } catch (IOException e) {
            throw new GemPkiException(str, ErrorCode.TE_1019_CERT_READ_ERROR);
        } catch (IllegalArgumentException e2) {
            throw new GemPkiException(str, ErrorCode.SE_1033_CERT_TYPE_INFO_MISSING);
        }
    }
}
