package org.cesecore.certificates.certificate.certextensions.standard;

import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Iterator;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERUTF8String;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.asn1.x509.qualified.ETSIQCObjectIdentifiers;
import org.bouncycastle.asn1.x509.qualified.Iso4217CurrencyCode;
import org.bouncycastle.asn1.x509.qualified.MonetaryValue;
import org.bouncycastle.asn1.x509.qualified.QCStatement;
import org.bouncycastle.asn1.x509.qualified.RFC3739QCObjectIdentifiers;
import org.bouncycastle.asn1.x509.qualified.SemanticsInformation;
import org.cesecore.certificates.ca.CA;
import org.cesecore.certificates.ca.internal.CertificateValidity;
import org.cesecore.certificates.certificate.certextensions.CertificateExtensionException;
import org.cesecore.certificates.certificateprofile.CertificateProfile;
import org.cesecore.certificates.endentity.EndEntityInformation;
import org.cesecore.util.CertTools;

/* loaded from: input_file:org/cesecore/certificates/certificate/certextensions/standard/QcStatement.class */
public class QcStatement extends StandardCertificateExtension {
    private static final Logger log = Logger.getLogger(QcStatement.class);

    @Override // org.cesecore.certificates.certificate.certextensions.standard.StandardCertificateExtension
    public void init(CertificateProfile certificateProfile) {
        super.setOID(Extension.qCStatements.getId());
        super.setCriticalFlag(certificateProfile.getQCStatementCritical());
    }

    @Override // org.cesecore.certificates.certificate.certextensions.CertificateExtension
    public ASN1Encodable getValue(EndEntityInformation endEntityInformation, CA ca, CertificateProfile certificateProfile, PublicKey publicKey, PublicKey publicKey2, CertificateValidity certificateValidity) throws CertificateExtensionException {
        DERSequence dERSequence = null;
        GeneralNames generalNamesFromAltName = CertTools.getGeneralNamesFromAltName(certificateProfile.getQCStatementRAName());
        SemanticsInformation semanticsInformation = null;
        if (generalNamesFromAltName != null) {
            semanticsInformation = StringUtils.isNotEmpty(certificateProfile.getQCSemanticsId()) ? new SemanticsInformation(new ASN1ObjectIdentifier(certificateProfile.getQCSemanticsId()), generalNamesFromAltName.getNames()) : new SemanticsInformation(generalNamesFromAltName.getNames());
        } else if (StringUtils.isNotEmpty(certificateProfile.getQCSemanticsId())) {
            semanticsInformation = new SemanticsInformation(new ASN1ObjectIdentifier(certificateProfile.getQCSemanticsId()));
        }
        ArrayList arrayList = new ArrayList();
        if (certificateProfile.getUsePkixQCSyntaxV2()) {
            ASN1ObjectIdentifier aSN1ObjectIdentifier = RFC3739QCObjectIdentifiers.id_qcs_pkixQCSyntax_v2;
            if (semanticsInformation != null) {
                arrayList.add(new QCStatement(aSN1ObjectIdentifier, semanticsInformation));
            } else {
                arrayList.add(new QCStatement(aSN1ObjectIdentifier));
            }
        }
        if (certificateProfile.getUseQCEtsiQCCompliance()) {
            arrayList.add(new QCStatement(ETSIQCObjectIdentifiers.id_etsi_qcs_QcCompliance));
        }
        if (certificateProfile.getUseQCEtsiValueLimit() && certificateProfile.getQCEtsiValueLimit() >= 0 && certificateProfile.getQCEtsiValueLimitCurrency() != null) {
            arrayList.add(new QCStatement(ETSIQCObjectIdentifiers.id_etsi_qcs_LimiteValue, new MonetaryValue(new Iso4217CurrencyCode(certificateProfile.getQCEtsiValueLimitCurrency()), certificateProfile.getQCEtsiValueLimit(), certificateProfile.getQCEtsiValueLimitExp())));
        }
        if (certificateProfile.getUseQCEtsiRetentionPeriod()) {
            arrayList.add(new QCStatement(ETSIQCObjectIdentifiers.id_etsi_qcs_RetentionPeriod, new ASN1Integer(Integer.valueOf(certificateProfile.getQCEtsiRetentionPeriod()).intValue())));
        }
        if (certificateProfile.getUseQCEtsiSignatureDevice()) {
            arrayList.add(new QCStatement(ETSIQCObjectIdentifiers.id_etsi_qcs_QcSSCD));
        }
        if (certificateProfile.getUseQCCustomString() && !StringUtils.isEmpty(certificateProfile.getQCCustomStringOid()) && !StringUtils.isEmpty(certificateProfile.getQCCustomStringText())) {
            arrayList.add(new QCStatement(new ASN1ObjectIdentifier(certificateProfile.getQCCustomStringOid()), new DERUTF8String(certificateProfile.getQCCustomStringText())));
        }
        if (!arrayList.isEmpty()) {
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                aSN1EncodableVector.add((QCStatement) it.next());
            }
            dERSequence = new DERSequence(aSN1EncodableVector);
        }
        if (dERSequence != null) {
            return dERSequence;
        }
        log.error("Qualified certificate statements extension has been enabled, but no statements were included!");
        throw new CertificateExtensionException("If qualified certificate statements extension has been enabled, at least one statement must be included!");
    }
}
