package org.cesecore.certificates.certificate.certextensions.standard;

import java.security.PublicKey;
import java.util.ArrayList;
import java.util.StringTokenizer;
import org.apache.log4j.Logger;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.DERIA5String;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.x509.CRLDistPoint;
import org.bouncycastle.asn1.x509.DistributionPoint;
import org.bouncycastle.asn1.x509.DistributionPointName;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.asn1.x509.ReasonFlags;
import org.cesecore.certificates.ca.CA;
import org.cesecore.certificates.ca.X509CA;
import org.cesecore.certificates.ca.internal.CertificateValidity;
import org.cesecore.certificates.certificate.certextensions.CertificateExtensionException;
import org.cesecore.certificates.certificateprofile.CertificateProfile;
import org.cesecore.certificates.endentity.EndEntityInformation;

/* loaded from: input_file:org/cesecore/certificates/certificate/certextensions/standard/FreshestCrl.class */
public class FreshestCrl extends StandardCertificateExtension {
    private static final long serialVersionUID = 1;
    private static final Logger log = Logger.getLogger(FreshestCrl.class);

    @Override // org.cesecore.certificates.certificate.certextensions.standard.StandardCertificateExtension
    public void init(CertificateProfile certificateProfile) {
        super.setOID(Extension.freshestCRL.getId());
        super.setCriticalFlag(false);
    }

    @Override // org.cesecore.certificates.certificate.certextensions.CertificateExtension
    public ASN1Encodable getValue(EndEntityInformation endEntityInformation, CA ca, CertificateProfile certificateProfile, PublicKey publicKey, PublicKey publicKey2, CertificateValidity certificateValidity) throws CertificateExtensionException {
        String freshestCRLURI = certificateProfile.getFreshestCRLURI();
        X509CA x509ca = (X509CA) ca;
        if (certificateProfile.getUseCADefinedFreshestCRL()) {
            freshestCRLURI = x509ca.getCADefinedFreshestCRL();
        }
        CRLDistPoint cRLDistPoint = null;
        if (freshestCRLURI != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(freshestCRLURI, ";", false);
            ArrayList arrayList = new ArrayList();
            while (stringTokenizer.hasMoreTokens()) {
                String nextToken = stringTokenizer.nextToken();
                GeneralName generalName = new GeneralName(6, new DERIA5String(nextToken));
                if (log.isDebugEnabled()) {
                    log.debug("Added freshest CRL distpoint: " + nextToken);
                }
                ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
                aSN1EncodableVector.add(generalName);
                arrayList.add(new DistributionPoint(new DistributionPointName(0, GeneralNames.getInstance(new DERSequence(aSN1EncodableVector))), (ReasonFlags) null, (GeneralNames) null));
            }
            if (!arrayList.isEmpty()) {
                cRLDistPoint = new CRLDistPoint((DistributionPoint[]) arrayList.toArray(new DistributionPoint[arrayList.size()]));
            }
        }
        if (cRLDistPoint == null) {
            log.error("UseFreshestCRL is true, but no URI string defined!");
        }
        return cRLDistPoint;
    }
}
