package com.itextpdf.signatures.validation.extensions;

import com.itextpdf.bouncycastleconnector.BouncyCastleFactoryCreator;
import com.itextpdf.commons.bouncycastle.IBouncyCastleFactory;
import com.itextpdf.commons.utils.MessageFormatUtil;
import com.itextpdf.io.util.EnumUtil;
import com.itextpdf.signatures.SignerProperties;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;

/* loaded from: input_file:com/itextpdf/signatures/validation/extensions/KeyUsageExtension.class */
public class KeyUsageExtension extends CertificateExtension {
    private static final IBouncyCastleFactory FACTORY = BouncyCastleFactoryCreator.getFactory();
    public static final String EXPECTED_VALUE = "Key usage expected: ({0})";
    public static final String ACTUAL_VALUE = "\nbut found {0}";
    public static final String MISSING_VALUE = "\nbut nothing found.";
    private final int keyUsage;
    private final boolean resultOnMissingExtension;
    private String messagePreAmble;
    private String message;

    public KeyUsageExtension(int i) {
        this(i, false);
    }

    public KeyUsageExtension(int i, boolean z) {
        super("2.5.29.15", FACTORY.createKeyUsage(i).toASN1Primitive());
        this.keyUsage = i;
        this.resultOnMissingExtension = z;
        this.messagePreAmble = MessageFormatUtil.format(EXPECTED_VALUE, new Object[]{convertKeyUsageMaskToString(i)});
        this.message = this.messagePreAmble;
    }

    public KeyUsageExtension(List<KeyUsage> list) {
        this(list, false);
    }

    public KeyUsageExtension(List<KeyUsage> list, boolean z) {
        this(convertKeyUsageSetToInt(list), z);
    }

    public KeyUsageExtension(KeyUsage keyUsage) {
        this((List<KeyUsage>) Collections.singletonList(keyUsage), false);
    }

    public KeyUsageExtension(KeyUsage keyUsage, boolean z) {
        this((List<KeyUsage>) Collections.singletonList(keyUsage), z);
    }

    @Override // com.itextpdf.signatures.validation.extensions.CertificateExtension
    public boolean existsInCertificate(X509Certificate x509Certificate) {
        boolean[] keyUsage = x509Certificate.getKeyUsage();
        if (keyUsage == null) {
            this.message = this.messagePreAmble + MISSING_VALUE;
            return this.resultOnMissingExtension;
        }
        int i = 0;
        for (int i2 = 0; i2 < keyUsage.length - 1; i2++) {
            if (keyUsage[i2]) {
                i += 1 << ((8 - i2) - 1);
            }
        }
        if (keyUsage[8]) {
            i += 32768;
        }
        if ((i & this.keyUsage) == this.keyUsage) {
            return true;
        }
        this.message = this.messagePreAmble + MessageFormatUtil.format(ACTUAL_VALUE, new Object[]{convertKeyUsageMaskToString(i)});
        return false;
    }

    @Override // com.itextpdf.signatures.validation.extensions.CertificateExtension
    public String getMessage() {
        return this.message;
    }

    private static String convertKeyUsageMaskToString(int i) {
        StringBuilder sb = new StringBuilder();
        String str = SignerProperties.IGNORED_ID;
        for (KeyUsage keyUsage : EnumUtil.getAllValuesOfEnum(KeyUsage.class)) {
            if (((1 << ((8 - keyUsage.ordinal()) - 1)) & i) > 0 || (keyUsage == KeyUsage.DECIPHER_ONLY && (i & 32768) == 32768)) {
                sb.append(str).append(keyUsage);
                str = ", ";
            }
        }
        return sb.toString();
    }

    private static int convertKeyUsageSetToInt(Iterable<KeyUsage> iterable) {
        int i = 0;
        Iterator<KeyUsage> it = iterable.iterator();
        while (it.hasNext()) {
            KeyUsage next = it.next();
            i = next == KeyUsage.DECIPHER_ONLY ? i + 32768 : i + (1 << ((8 - next.ordinal()) - 1));
        }
        return i;
    }
}
