package no.difi.certvalidator.rule;

import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import no.difi.certvalidator.api.CertificateValidationException;
import no.difi.certvalidator.api.FailedValidationException;
import no.difi.certvalidator.util.KeyUsage;

/* loaded from: input_file:WEB-INF/lib/commons-certvalidator-2.2.1.jar:no/difi/certvalidator/rule/KeyUsageRule.class */
public class KeyUsageRule extends AbstractRule {
    private KeyUsage[] expectedKeyUsages;
    private boolean[] expected = new boolean[9];

    public KeyUsageRule(KeyUsage... keyUsageArr) {
        this.expectedKeyUsages = keyUsageArr;
        for (KeyUsage keyUsage : keyUsageArr) {
            this.expected[keyUsage.getBit()] = true;
        }
    }

    @Override // no.difi.certvalidator.rule.AbstractRule, no.difi.certvalidator.api.ValidatorRule
    public void validate(X509Certificate x509Certificate) throws CertificateValidationException {
        boolean[] keyUsage = x509Certificate.getKeyUsage();
        if (!Arrays.equals(this.expected, keyUsage)) {
            throw new FailedValidationException(String.format("Expected %s, found %s.", Arrays.toString(this.expectedKeyUsages), Arrays.toString(prettyprint(keyUsage))));
        }
    }

    private KeyUsage[] prettyprint(boolean[] zArr) {
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < zArr.length; i++) {
            if (zArr[i]) {
                arrayList.add(KeyUsage.of(i));
            }
        }
        return (KeyUsage[]) arrayList.toArray(new KeyUsage[arrayList.size()]);
    }
}
