package oracle.security.pki;

import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Set;

/* loaded from: input_file:oracle/security/pki/OraclePKIX509CertUsage.class */
public final class OraclePKIX509CertUsage {
    public static final int SSL = 1;
    public static final int S_MIME_ENCRYPTION = 2;
    public static final int S_MIME_SIGNATURE = 4;
    public static final int CODE_SIGNING = 8;
    public static final int CA_SIGNING = 16;
    public static final int TRUST_POINT = 32;
    public static final int UNSUPPORTED_USAGE = 64;

    static boolean a(X509Certificate x509Certificate) {
        Set<String> criticalExtensionOIDs = x509Certificate.getCriticalExtensionOIDs();
        if (criticalExtensionOIDs == null || criticalExtensionOIDs.isEmpty()) {
            return false;
        }
        OraclePKIDebug.a("Critical Extensions Present");
        for (String str : criticalExtensionOIDs) {
            OraclePKIDebug.a("Extensions " + str);
            if (str.equals("2.5.29.15")) {
                return true;
            }
        }
        return false;
    }

    public static int keyUsageForCert(X509Certificate x509Certificate) {
        boolean[] keyUsage = x509Certificate.getKeyUsage();
        boolean a = a(x509Certificate);
        int i = a ? 0 : 32;
        if (keyUsage == null) {
            return 3 | i;
        }
        if (keyUsage[0] && !keyUsage[2] && !keyUsage[5]) {
            return 12 | i;
        }
        if (keyUsage[1] && !keyUsage[0] && !keyUsage[2] && !keyUsage[3] && !keyUsage[4] && !keyUsage[5] && !keyUsage[6] && !keyUsage[7] && !keyUsage[9]) {
            if (a) {
                return 64;
            }
            return 12 | i;
        }
        if (keyUsage[2] && !keyUsage[5]) {
            return 3 | i;
        }
        if (keyUsage[5]) {
            return 48;
        }
        if (a) {
            return 64;
        }
        return 3 | i;
    }

    public static boolean isCertValidFor(Certificate certificate, int i) {
        if (i == 1 || i == 2 || i == 4 || i == 8 || i == 16 || i == 32 || i == 64) {
            return (certificate instanceof X509Certificate) && (i & keyUsageForCert((X509Certificate) certificate)) != 0;
        }
        throw new IllegalArgumentException("Invalid Usage" + i);
    }

    public static boolean isCertChainValidFor(Certificate[] certificateArr, int i) {
        if (i != 1 && i != 2 && i != 4 && i != 8 && i != 16 && i != 32 && i != 64) {
            throw new IllegalArgumentException("Invalid Usage " + i);
        }
        if (certificateArr.length == 0 || !isCertValidFor(certificateArr[0], i)) {
            return false;
        }
        for (int i2 = 1; i2 < certificateArr.length; i2++) {
            if (!isCertValidFor(certificateArr[i2], 32)) {
                return false;
            }
        }
        return true;
    }
}
