package org.cesecore.certificates.certificate.certextensions.standard;

import java.security.PublicKey;
import java.util.HashMap;
import java.util.List;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.x509.DisplayText;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.NoticeReference;
import org.bouncycastle.asn1.x509.PolicyInformation;
import org.bouncycastle.asn1.x509.PolicyQualifierId;
import org.bouncycastle.asn1.x509.PolicyQualifierInfo;
import org.bouncycastle.asn1.x509.UserNotice;
import org.cesecore.certificates.ca.CA;
import org.cesecore.certificates.ca.X509CA;
import org.cesecore.certificates.ca.internal.CertificateValidity;
import org.cesecore.certificates.certificate.certextensions.CertificateExtensionException;
import org.cesecore.certificates.certificateprofile.CertificatePolicy;
import org.cesecore.certificates.certificateprofile.CertificateProfile;
import org.cesecore.certificates.endentity.EndEntityInformation;

/* loaded from: input_file:org/cesecore/certificates/certificate/certextensions/standard/CertificatePolicies.class */
public class CertificatePolicies extends StandardCertificateExtension {
    private static final Logger log = Logger.getLogger(CertificatePolicies.class);

    @Override // org.cesecore.certificates.certificate.certextensions.standard.StandardCertificateExtension
    public void init(CertificateProfile certificateProfile) {
        super.setOID(Extension.certificatePolicies.getId());
        super.setCriticalFlag(certificateProfile.getCertificatePoliciesCritical());
    }

    @Override // org.cesecore.certificates.certificate.certextensions.CertificateExtension
    public ASN1Encodable getValue(EndEntityInformation endEntityInformation, CA ca, CertificateProfile certificateProfile, PublicKey publicKey, PublicKey publicKey2, CertificateValidity certificateValidity) throws CertificateExtensionException {
        int i = ((X509CA) ca).getUseUTF8PolicyText() ? 2 : 1;
        List<CertificatePolicy> certificatePolicies = certificateProfile.getCertificatePolicies();
        HashMap hashMap = new HashMap();
        for (CertificatePolicy certificatePolicy : certificatePolicies) {
            ASN1ObjectIdentifier aSN1ObjectIdentifier = new ASN1ObjectIdentifier(certificatePolicy.getPolicyID());
            ASN1EncodableVector aSN1EncodableVector = hashMap.containsKey(aSN1ObjectIdentifier) ? (ASN1EncodableVector) hashMap.get(aSN1ObjectIdentifier) : new ASN1EncodableVector();
            PolicyQualifierInfo policyQualifierInformation = getPolicyQualifierInformation(certificatePolicy, i);
            if (policyQualifierInformation != null) {
                aSN1EncodableVector.add(policyQualifierInformation);
            }
            hashMap.put(aSN1ObjectIdentifier, aSN1EncodableVector);
        }
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        for (ASN1ObjectIdentifier aSN1ObjectIdentifier2 : hashMap.keySet()) {
            ASN1EncodableVector aSN1EncodableVector3 = (ASN1EncodableVector) hashMap.get(aSN1ObjectIdentifier2);
            if (aSN1EncodableVector3.size() == 0) {
                aSN1EncodableVector2.add(new PolicyInformation(aSN1ObjectIdentifier2, (ASN1Sequence) null));
            } else {
                aSN1EncodableVector2.add(new PolicyInformation(aSN1ObjectIdentifier2, new DERSequence(aSN1EncodableVector3)));
            }
        }
        DERSequence dERSequence = aSN1EncodableVector2.size() > 0 ? new DERSequence(aSN1EncodableVector2) : null;
        if (dERSequence == null) {
            log.error("Certificate policies missconfigured, no policies present!");
        }
        return dERSequence;
    }

    private PolicyQualifierInfo getPolicyQualifierInformation(CertificatePolicy certificatePolicy, int i) {
        String qualifier;
        PolicyQualifierInfo policyQualifierInfo = null;
        String qualifierId = certificatePolicy.getQualifierId();
        if (qualifierId != null && !StringUtils.isEmpty(qualifierId.trim()) && (qualifier = certificatePolicy.getQualifier()) != null && !StringUtils.isEmpty(qualifier.trim())) {
            if (qualifierId.equals(PolicyQualifierId.id_qt_cps.getId())) {
                policyQualifierInfo = new PolicyQualifierInfo(qualifier);
            } else if (qualifierId.equals(PolicyQualifierId.id_qt_unotice.getId())) {
                policyQualifierInfo = new PolicyQualifierInfo(PolicyQualifierId.id_qt_unotice, new UserNotice((NoticeReference) null, new DisplayText(i, qualifier)));
            }
        }
        return policyQualifierInfo;
    }
}
