package org.apache.hadoop.hdds.security.x509.certificate.authority.profile;

import java.util.Map;
import java.util.function.BiPredicate;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.KeyUsage;

/* loaded from: input_file:org/apache/hadoop/hdds/security/x509/certificate/authority/profile/DefaultCAProfile.class */
public class DefaultCAProfile extends DefaultProfile {
    private static final BiPredicate<Extension, PKIProfile> VALIDATE_BASIC_CONSTRAINTS = DefaultCAProfile::validateBasicExtensions;

    private static boolean validateBasicExtensions(Extension extension, PKIProfile pKIProfile) {
        return BasicConstraints.getInstance(extension.getParsedValue()).isCA() && pKIProfile.isCA();
    }

    @Override // org.apache.hadoop.hdds.security.x509.certificate.authority.profile.DefaultProfile, org.apache.hadoop.hdds.security.x509.certificate.authority.profile.PKIProfile
    public boolean isCA() {
        return true;
    }

    @Override // org.apache.hadoop.hdds.security.x509.certificate.authority.profile.DefaultProfile, org.apache.hadoop.hdds.security.x509.certificate.authority.profile.PKIProfile
    public Map<ASN1ObjectIdentifier, BiPredicate<Extension, PKIProfile>> getExtensionsMap() {
        EXTENSIONS_MAP.putIfAbsent(Extension.basicConstraints, VALIDATE_BASIC_CONSTRAINTS);
        return EXTENSIONS_MAP;
    }

    @Override // org.apache.hadoop.hdds.security.x509.certificate.authority.profile.DefaultProfile, org.apache.hadoop.hdds.security.x509.certificate.authority.profile.PKIProfile
    public KeyUsage getKeyUsage() {
        return new KeyUsage(190);
    }
}
