package org.xipki.ca.server;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xipki.audit.AuditEvent;
import org.xipki.audit.AuditLevel;
import org.xipki.audit.AuditService;
import org.xipki.audit.AuditStatus;
import org.xipki.audit.Audits;
import org.xipki.ca.api.NameId;
import org.xipki.ca.api.mgmt.RequestorInfo;
import org.xipki.ca.api.mgmt.entry.RequestorEntry;
import org.xipki.ca.sdk.CaAuditConstants;
import org.xipki.security.X509Cert;
import org.xipki.util.Args;

/* loaded from: input_file:WEB-INF/lib/ca-server-6.4.0.jar:org/xipki/ca/server/X509CaModule.class */
public abstract class X509CaModule {
    protected final NameId caIdent;
    protected final CaInfo caInfo;
    protected final X509Cert caCert;
    protected final Logger LOG = LoggerFactory.getLogger(getClass());
    protected final List<byte[]> encodedCaCertChain = new ArrayList(2);

    public X509CaModule(CaInfo caInfo) {
        this.caInfo = (CaInfo) Args.notNull(caInfo, "caInfo");
        this.caIdent = caInfo.getIdent();
        this.caCert = caInfo.getCert();
        this.encodedCaCertChain.add(this.caCert.getEncoded());
        if (caInfo.getCertchain() != null) {
            Iterator<X509Cert> it = caInfo.getCertchain().iterator();
            while (it.hasNext()) {
                this.encodedCaCertChain.add(it.next().getEncoded());
            }
        }
    }

    protected static AuditService auditService() {
        return Audits.getAuditService();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AuditEvent newAuditEvent(String str, RequestorInfo requestorInfo) {
        Args.notNull(str, "eventType");
        AuditEvent auditEvent = new AuditEvent();
        auditEvent.setApplicationName("ca");
        auditEvent.setEventData("ca", this.caIdent.getName());
        auditEvent.setEventType(str);
        if (requestorInfo != null) {
            auditEvent.setEventData(CaAuditConstants.NAME_requestor, requestorInfo.getIdent().getName());
        }
        return auditEvent;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setEventStatus(AuditEvent auditEvent, boolean z) {
        auditEvent.setLevel(z ? AuditLevel.INFO : AuditLevel.ERROR);
        auditEvent.setStatus(z ? AuditStatus.SUCCESSFUL : AuditStatus.FAILED);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void finish(AuditEvent auditEvent, boolean z) {
        setEventStatus(auditEvent, z);
        auditEvent.finish();
        auditService().logEvent(auditEvent);
        auditEvent.log(this.LOG);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean verifySignature(X509Cert x509Cert) {
        try {
            ((X509Cert) Args.notNull(x509Cert, RequestorEntry.TYPE_CERT)).verify(this.caCert.getPublicKey());
            return true;
        } catch (Exception e) {
            this.LOG.debug("{} while verifying signature: {}", e.getClass().getName(), e.getMessage());
            return false;
        }
    }
}
