package iaik.pki.pathvalidation;

import iaik.asn1.ObjectID;
import iaik.logging.Log;
import iaik.logging.LogFactory;
import iaik.logging.TransactionId;
import iaik.pki.utils.Constants;
import iaik.x509.V3Extension;
import iaik.x509.X509Certificate;
import iaik.x509.X509ExtensionInitException;
import iaik.x509.extensions.AuthorityInfoAccess;
import iaik.x509.extensions.AuthorityKeyIdentifier;
import iaik.x509.extensions.BasicConstraints;
import iaik.x509.extensions.CRLDistributionPoints;
import iaik.x509.extensions.CertificatePolicies;
import iaik.x509.extensions.ExtendedKeyUsage;
import iaik.x509.extensions.FreshestCRL;
import iaik.x509.extensions.InhibitAnyPolicy;
import iaik.x509.extensions.IssuerAltName;
import iaik.x509.extensions.KeyUsage;
import iaik.x509.extensions.NameConstraints;
import iaik.x509.extensions.PolicyConstraints;
import iaik.x509.extensions.PolicyMappings;
import iaik.x509.extensions.PrivateKeyUsagePeriod;
import iaik.x509.extensions.SubjectAltName;
import iaik.x509.extensions.SubjectDirectoryAttributes;
import iaik.x509.extensions.SubjectInfoAccess;
import iaik.x509.extensions.SubjectKeyIdentifier;
import iaik.x509.extensions.netscape.NetscapeBaseUrl;
import iaik.x509.extensions.netscape.NetscapeCaPolicyUrl;
import iaik.x509.extensions.netscape.NetscapeCaRevocationUrl;
import iaik.x509.extensions.netscape.NetscapeCertRenewalUrl;
import iaik.x509.extensions.netscape.NetscapeCertType;
import iaik.x509.extensions.netscape.NetscapeComment;
import iaik.x509.extensions.netscape.NetscapeRevocationUrl;
import iaik.x509.extensions.netscape.NetscapeSSLServerName;
import iaik.x509.extensions.ocsp.NoCheck;
import iaik.x509.extensions.qualified.BiometricInfo;
import iaik.x509.extensions.qualified.QCStatements;
import java.util.HashMap;
import java.util.Map;

/* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_pki-2.00-MOA-MOCCA.jar:iaik/pki/pathvalidation/ExtensionHandler.class */
public abstract class ExtensionHandler implements ExtensionHandlerInterface {
    protected static Log log_ = LogFactory.getLog(Constants.MODULE_NAME);
    private static Map<String, ExtensionHandlerInterface> A;

    public static synchronized void addHandler(String str, ExtensionHandlerInterface extensionHandlerInterface) {
        A.put(str, extensionHandlerInterface);
    }

    public static synchronized void removeHandler(String str) {
        A.remove(str);
    }

    public static synchronized ExtensionHandler getHandler(String str) {
        return (ExtensionHandler) A.get(str);
    }

    public static synchronized void resetHandlers() {
        A();
    }

    public static boolean handleExtension(String str, ValidationStatus validationStatus, X509Certificate x509Certificate, TransactionId transactionId) throws ValidationException {
        V3Extension v3Extension;
        try {
            v3Extension = x509Certificate.getExtension(ObjectID.getObjectID(str));
        } catch (X509ExtensionInitException e) {
            if (e.isCriticalExtension()) {
                throw new ValidationException("Error parsing critical extension " + e.getExtensionID(), null, "iaik.pki.pathvalidation.ExtensionHandler:1");
            }
            v3Extension = null;
        }
        ExtensionHandler handler = getHandler(str);
        if (handler != null) {
            return handler.handleExtension(validationStatus, x509Certificate, v3Extension, transactionId);
        }
        if (v3Extension != null && v3Extension.isCritical()) {
            throw new ValidationException("Unhandled critical extension " + str, null, "iaik.pki.pathvalidation.ExtensionHandler:1");
        }
        log_.debug(transactionId, "--- ignored (no handler registered, but extension not critical) ---", null);
        return true;
    }

    @Override // iaik.pki.pathvalidation.ExtensionHandlerInterface
    public abstract boolean handleExtension(ValidationStatus validationStatus, X509Certificate x509Certificate, V3Extension v3Extension, TransactionId transactionId) throws ValidationException;

    private static void A() {
        A = new HashMap();
        addHandler(BasicConstraints.oid.getID(), new S());
        addHandler(KeyUsage.oid.getID(), new R());
        addHandler(CertificatePolicies.oid.getID(), new L());
        addHandler(PolicyConstraints.oid.getID(), new B());
        addHandler(PolicyMappings.oid.getID(), new C());
        addHandler(InhibitAnyPolicy.oid.getID(), new F());
        addHandler(NameConstraints.oid.getID(), new T());
        addHandler(SubjectAltName.oid.getID(), new A());
        IgnoreHandler ignoreHandler = new IgnoreHandler();
        addHandler(PrivateKeyUsagePeriod.oid.getID(), ignoreHandler);
        addHandler(AuthorityKeyIdentifier.oid.getID(), ignoreHandler);
        addHandler(SubjectKeyIdentifier.oid.getID(), ignoreHandler);
        addHandler(IssuerAltName.oid.getID(), ignoreHandler);
        addHandler(SubjectDirectoryAttributes.oid.getID(), ignoreHandler);
        addHandler(ExtendedKeyUsage.oid.getID(), ignoreHandler);
        addHandler(CRLDistributionPoints.oid.getID(), ignoreHandler);
        addHandler(AuthorityInfoAccess.oid.getID(), ignoreHandler);
        addHandler(SubjectInfoAccess.oid.getID(), ignoreHandler);
        addHandler(FreshestCRL.oid.getID(), ignoreHandler);
        addHandler(NetscapeBaseUrl.oid.getID(), ignoreHandler);
        addHandler(NetscapeCaPolicyUrl.oid.getID(), ignoreHandler);
        addHandler(NetscapeCaRevocationUrl.oid.getID(), ignoreHandler);
        addHandler(NetscapeCertRenewalUrl.oid.getID(), ignoreHandler);
        addHandler(NetscapeCertType.oid.getID(), ignoreHandler);
        addHandler(NetscapeComment.oid.getID(), ignoreHandler);
        addHandler(NetscapeRevocationUrl.oid.getID(), ignoreHandler);
        addHandler(NetscapeSSLServerName.oid.getID(), ignoreHandler);
        addHandler(NoCheck.oid.getID(), ignoreHandler);
        addHandler(BiometricInfo.oid.getID(), ignoreHandler);
        addHandler(QCStatements.oid.getID(), ignoreHandler);
    }

    static {
        A();
    }
}
