package org.xipki.ca.certprofile.xijson.conf;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.annotation.JSONField;
import com.alibaba.fastjson.parser.Feature;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.x509.Extension;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xipki.ca.api.profile.Certprofile;
import org.xipki.ca.api.profile.CertprofileException;
import org.xipki.ca.api.profile.ExtensionValue;
import org.xipki.ca.api.profile.KeyParametersOption;
import org.xipki.ca.certprofile.xijson.conf.Describable;
import org.xipki.ca.certprofile.xijson.conf.ExtensionType;
import org.xipki.security.ObjectIdentifiers;
import org.xipki.util.Args;
import org.xipki.util.CollectionUtil;
import org.xipki.util.InvalidConfException;
import org.xipki.util.ValidatableConf;

/* loaded from: input_file:org/xipki/ca/certprofile/xijson/conf/X509ProfileType.class */
public class X509ProfileType extends ValidatableConf {
    private static final Logger LOG = LoggerFactory.getLogger(X509ProfileType.class);

    @JSONField(ordinal = 1)
    private Map<String, String> metadata;

    @JSONField(ordinal = 2)
    private Certprofile.X509CertVersion version;

    @JSONField(ordinal = 3)
    private Certprofile.CertLevel certLevel;

    @JSONField(ordinal = 3)
    private Certprofile.CertDomain certDomain = Certprofile.CertDomain.RFC5280;

    @JSONField(ordinal = 4)
    private Boolean raOnly;

    @JSONField(ordinal = 5)
    private Integer maxSize;

    @JSONField(ordinal = 6)
    private String validity;

    @JSONField(ordinal = 7)
    private String notBeforeTime;

    @JSONField(ordinal = 8)
    private boolean serialNumberInReq;

    @JSONField(ordinal = 9)
    private KeypairGenerationType keypairGeneration;

    @JSONField(ordinal = 10)
    private List<String> signatureAlgorithms;

    @JSONField(ordinal = 11)
    private List<AlgorithmType> keyAlgorithms;

    @JSONField(ordinal = 12)
    private Subject subject;

    @JSONField(ordinal = 13)
    private List<SubjectToSubjectAltNameType> subjectToSubjectAltNames;

    @JSONField(ordinal = 14)
    private List<ExtensionType> extensions;

    public static X509ProfileType parse(InputStream inputStream) throws CertprofileException {
        Args.notNull(inputStream, "confStream");
        try {
            try {
                X509ProfileType x509ProfileType = (X509ProfileType) JSON.parseObject(inputStream, X509ProfileType.class, new Feature[0]);
                x509ProfileType.validate();
                return x509ProfileType;
            } finally {
                try {
                    inputStream.close();
                } catch (IOException e) {
                    LOG.warn("could not close confStream: {}", e.getMessage());
                }
            }
        } catch (IOException | InvalidConfException | RuntimeException e2) {
            throw new CertprofileException("parse profile failed, message: " + e2.getMessage(), e2);
        }
    }

    public Certprofile.X509CertVersion getVersion() {
        return this.version;
    }

    public void setVersion(Certprofile.X509CertVersion x509CertVersion) {
        this.version = x509CertVersion;
    }

    public List<String> getSignatureAlgorithms() {
        if (this.signatureAlgorithms == null) {
            this.signatureAlgorithms = new LinkedList();
        }
        return this.signatureAlgorithms;
    }

    public void setSignatureAlgorithms(List<String> list) {
        this.signatureAlgorithms = list;
    }

    public Certprofile.CertLevel getCertLevel() {
        return this.certLevel;
    }

    public void setCertLevel(Certprofile.CertLevel certLevel) {
        this.certLevel = certLevel;
    }

    public Certprofile.CertDomain getCertDomain() {
        return this.certDomain;
    }

    public void setCertDomain(Certprofile.CertDomain certDomain) {
        this.certDomain = certDomain;
    }

    public Map<String, String> getMetadata() {
        if (this.metadata == null) {
            this.metadata = new HashMap();
        }
        return this.metadata;
    }

    public void setMetadata(Map<String, String> map) {
        this.metadata = map;
    }

    public String getValidity() {
        return this.validity;
    }

    public void setValidity(String str) {
        this.validity = str;
    }

    public String getNotBeforeTime() {
        return this.notBeforeTime;
    }

    public void setNotBeforeTime(String str) {
        this.notBeforeTime = str;
    }

    public boolean isSerialNumberInReq() {
        return this.serialNumberInReq;
    }

    public void setSerialNumberInReq(boolean z) {
        this.serialNumberInReq = z;
    }

    public KeypairGenerationType getKeypairGeneration() {
        return this.keypairGeneration;
    }

    public void setKeypairGeneration(KeypairGenerationType keypairGenerationType) {
        this.keypairGeneration = keypairGenerationType;
    }

    public List<AlgorithmType> getKeyAlgorithms() {
        if (this.keyAlgorithms == null) {
            this.keyAlgorithms = new LinkedList();
        }
        return this.keyAlgorithms;
    }

    public void setKeyAlgorithms(List<AlgorithmType> list) {
        this.keyAlgorithms = list;
    }

    public Subject getSubject() {
        return this.subject;
    }

    public void setSubject(Subject subject) {
        this.subject = subject;
    }

    public List<SubjectToSubjectAltNameType> getSubjectToSubjectAltNames() {
        if (this.subjectToSubjectAltNames == null) {
            this.subjectToSubjectAltNames = new LinkedList();
        }
        return this.subjectToSubjectAltNames;
    }

    public void setSubjectToSubjectAltNames(List<SubjectToSubjectAltNameType> list) {
        this.subjectToSubjectAltNames = list;
    }

    public List<ExtensionType> getExtensions() {
        if (this.extensions == null) {
            this.extensions = new LinkedList();
        }
        return this.extensions;
    }

    public void setExtensions(List<ExtensionType> list) {
        this.extensions = list;
    }

    public Boolean getRaOnly() {
        return this.raOnly;
    }

    public void setRaOnly(Boolean bool) {
        this.raOnly = bool;
    }

    public Integer getMaxSize() {
        return this.maxSize;
    }

    public void setMaxSize(Integer num) {
        this.maxSize = num;
    }

    public Map<String, ExtensionType> buildExtensions() {
        HashMap hashMap = new HashMap();
        for (ExtensionType extensionType : getExtensions()) {
            hashMap.put(extensionType.getType().getOid(), extensionType);
        }
        return hashMap;
    }

    public Map<ASN1ObjectIdentifier, KeyParametersOption> toXiKeyAlgorithms() throws CertprofileException {
        HashMap hashMap = new HashMap();
        for (AlgorithmType algorithmType : this.keyAlgorithms) {
            List<Describable.DescribableOid> algorithms = algorithmType.getAlgorithms();
            ArrayList arrayList = new ArrayList(algorithms.size());
            Iterator<Describable.DescribableOid> it = algorithms.iterator();
            while (it.hasNext()) {
                ASN1ObjectIdentifier xiOid = it.next().toXiOid();
                if (hashMap.containsKey(xiOid)) {
                    throw new CertprofileException("duplicate definition of keyAlgorithm " + xiOid.getId());
                }
                arrayList.add(xiOid);
            }
            KeyParametersOption.AllowAllParametersOption xiKeyParametersOption = algorithmType.getParameters() == null ? KeyParametersOption.ALLOW_ALL : algorithmType.getParameters().toXiKeyParametersOption();
            Iterator it2 = arrayList.iterator();
            while (it2.hasNext()) {
                hashMap.put((ASN1ObjectIdentifier) it2.next(), xiKeyParametersOption);
            }
        }
        return CollectionUtil.unmodifiableMap(hashMap);
    }

    public void validate() throws InvalidConfException {
        notNull(this.version, "version");
        notNull(this.certLevel, "certLevel");
        notEmpty(this.validity, "validity");
        notEmpty(this.notBeforeTime, "notBeforeTime");
        validate(this.keypairGeneration);
        validate(this.keyAlgorithms);
        notNull(this.subject, "subject");
        validate(this.subject);
        validate(this.subjectToSubjectAltNames);
        notNull(this.extensions, "extensions");
        validate(this.extensions);
        HashSet hashSet = new HashSet();
        for (ExtensionType extensionType : this.extensions) {
            if (!hashSet.add(extensionType.getType().getOid())) {
                throw new InvalidConfException("duplicated definition of extension " + ObjectIdentifiers.getName(extensionType.getType().toXiOid()));
            }
        }
    }

    public Map<ASN1ObjectIdentifier, ExtensionValue> buildConstantExtesions() throws CertprofileException {
        HashMap hashMap = new HashMap();
        for (ExtensionType extensionType : getExtensions()) {
            ASN1ObjectIdentifier aSN1ObjectIdentifier = new ASN1ObjectIdentifier(extensionType.getType().getOid());
            if (!Extension.subjectAlternativeName.equals(aSN1ObjectIdentifier) && !Extension.subjectInfoAccess.equals(aSN1ObjectIdentifier) && !Extension.biometricInfo.equals(aSN1ObjectIdentifier) && extensionType.getConstant() != null) {
                try {
                    hashMap.put(aSN1ObjectIdentifier, new ExtensionValue(extensionType.isCritical(), extensionType.getConstant().toASN1Encodable()));
                } catch (InvalidConfException e) {
                    throw new CertprofileException(e.getMessage(), e);
                }
            }
        }
        if (CollectionUtil.isEmpty(hashMap)) {
            return null;
        }
        return Collections.unmodifiableMap(hashMap);
    }

    public Map<ASN1ObjectIdentifier, ExtensionType.ExtnSyntax> buildExtesionsWithSyntax() throws CertprofileException {
        HashMap hashMap = new HashMap();
        for (ExtensionType extensionType : getExtensions()) {
            ASN1ObjectIdentifier aSN1ObjectIdentifier = new ASN1ObjectIdentifier(extensionType.getType().getOid());
            if (!Extension.subjectAlternativeName.equals(aSN1ObjectIdentifier) && !Extension.subjectInfoAccess.equals(aSN1ObjectIdentifier) && !Extension.biometricInfo.equals(aSN1ObjectIdentifier) && extensionType.getSyntax() != null) {
                hashMap.put(aSN1ObjectIdentifier, extensionType.getSyntax());
            }
        }
        if (CollectionUtil.isEmpty(hashMap)) {
            return null;
        }
        return Collections.unmodifiableMap(hashMap);
    }

    public Map<ASN1ObjectIdentifier, Certprofile.ExtensionControl> buildExtensionControls() throws CertprofileException {
        HashMap hashMap = new HashMap();
        for (ExtensionType extensionType : getExtensions()) {
            ASN1ObjectIdentifier xiOid = extensionType.getType().toXiOid();
            if (hashMap.containsKey(xiOid)) {
                throw new CertprofileException("duplicated definition of extension " + xiOid.getId());
            }
            boolean isPermittedInRequest = extensionType.isPermittedInRequest();
            if (isPermittedInRequest && extensionType.getConstant() != null) {
                throw new CertprofileException("constant Extension is not permitted in request");
            }
            if (!isPermittedInRequest && extensionType.getSyntax() != null) {
                throw new CertprofileException("Extension with syntax must be permitted in request");
            }
            hashMap.put(xiOid, new Certprofile.ExtensionControl(extensionType.isCritical(), extensionType.isRequired(), isPermittedInRequest));
        }
        return Collections.unmodifiableMap(hashMap);
    }

    public static Set<ASN1ObjectIdentifier> toOidSet(List<Describable.DescribableOid> list) {
        if (CollectionUtil.isEmpty(list)) {
            return null;
        }
        HashSet hashSet = new HashSet();
        Iterator<Describable.DescribableOid> it = list.iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().toXiOid());
        }
        return Collections.unmodifiableSet(hashSet);
    }
}
