package org.cesecore.certificates.certificate.certextensions.standard;

import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Iterator;
import org.apache.log4j.Logger;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.KeyPurposeId;
import org.cesecore.certificates.ca.CA;
import org.cesecore.certificates.ca.internal.CertificateValidity;
import org.cesecore.certificates.certificate.certextensions.CertificateExtensionException;
import org.cesecore.certificates.certificateprofile.CertificateProfile;
import org.cesecore.certificates.endentity.EndEntityInformation;

/* loaded from: input_file:org/cesecore/certificates/certificate/certextensions/standard/ExtendedKeyUsage.class */
public class ExtendedKeyUsage extends StandardCertificateExtension {
    private static final long serialVersionUID = 1;
    private static final Logger log = Logger.getLogger(ExtendedKeyUsage.class);

    @Override // org.cesecore.certificates.certificate.certextensions.standard.StandardCertificateExtension
    public void init(CertificateProfile certificateProfile) {
        super.setOID(Extension.extendedKeyUsage.getId());
        super.setCriticalFlag(certificateProfile.getExtendedKeyUsageCritical());
    }

    @Override // org.cesecore.certificates.certificate.certextensions.CertificateExtension
    public ASN1Encodable getValue(EndEntityInformation endEntityInformation, CA ca, CertificateProfile certificateProfile, PublicKey publicKey, PublicKey publicKey2, CertificateValidity certificateValidity) throws CertificateExtensionException {
        org.bouncycastle.asn1.x509.ExtendedKeyUsage extendedKeyUsage = null;
        ArrayList<String> extendedKeyUsageOids = certificateProfile.getExtendedKeyUsageOids();
        if (extendedKeyUsageOids.size() != 0) {
            ASN1Encodable[] aSN1EncodableArr = new ASN1Encodable[extendedKeyUsageOids.size()];
            int i = 0;
            Iterator<String> it = extendedKeyUsageOids.iterator();
            while (it.hasNext()) {
                aSN1EncodableArr[i] = KeyPurposeId.getInstance(new ASN1ObjectIdentifier(it.next()));
                i++;
            }
            extendedKeyUsage = org.bouncycastle.asn1.x509.ExtendedKeyUsage.getInstance(ASN1Sequence.getInstance(new DERSequence(aSN1EncodableArr)));
        }
        if (extendedKeyUsage == null) {
            log.error("ExtendedKeyUsage missconfigured, ExtendedKeyUsage is configured to be used but no OIDs are defined in certificate profile");
        }
        return extendedKeyUsage;
    }
}
