package org.xipki.ca.sdk;

import java.io.IOException;
import java.math.BigInteger;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSocketFactory;
import org.bouncycastle.asn1.x500.X500Name;
import org.xipki.security.KeyCertBytesPair;
import org.xipki.util.exception.ErrorCode;
import org.xipki.util.exception.ObjectCreationException;
import org.xipki.util.http.HttpRespContent;
import org.xipki.util.http.SslContextConf;
import org.xipki.util.http.XiHttpClient;

/* loaded from: input_file:WEB-INF/lib/ca-sdk-6.0.0.jar:org/xipki/ca/sdk/SdkClient.class */
public class SdkClient {
    private static final String CONTENT_TYPE_JSON = "application/json";
    private final String serverUrl;
    private final XiHttpClient client;

    public SdkClient(SdkClientConf sdkClientConf) throws ObjectCreationException {
        this.serverUrl = sdkClientConf.getServerUrl();
        SslContextConf ofSslConf = SslContextConf.ofSslConf(sdkClientConf.getSsl());
        this.client = new XiHttpClient(ofSslConf.getSslSocketFactory(), ofSslConf.buildHostnameVerifier());
    }

    public SdkClient(String str, SSLSocketFactory sSLSocketFactory, HostnameVerifier hostnameVerifier) {
        this.serverUrl = str;
        this.client = new XiHttpClient(sSLSocketFactory, hostnameVerifier);
    }

    public byte[] send(String str, String str2, SdkRequest sdkRequest) throws IOException, SdkErrorResponseException {
        HttpRespContent httpGet = sdkRequest == null ? this.client.httpGet(this.serverUrl + str + "/" + str2) : this.client.httpPost(this.serverUrl + str + "/" + str2, sdkRequest == null ? null : CONTENT_TYPE_JSON, sdkRequest.encode(), CONTENT_TYPE_JSON);
        if (httpGet.isOK()) {
            return httpGet.getContent();
        }
        byte[] content = httpGet.getContent();
        if (content == null) {
            throw new SdkErrorResponseException(ErrorCode.SYSTEM_FAILURE, null);
        }
        throw new SdkErrorResponseException(ErrorResponse.decode(content));
    }

    public boolean healthy(String str) {
        try {
            send(str, SdkConstants.CMD_health, null);
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    public byte[] cacert(String str) throws IOException, SdkErrorResponseException {
        byte[][] certificates = CertChainResponse.decode(send(str, SdkConstants.CMD_cacert, null)).getCertificates();
        if (certificates == null || certificates.length == 0) {
            return null;
        }
        return certificates[0];
    }

    public byte[][] cacerts(String str) throws IOException, SdkErrorResponseException {
        return CertChainResponse.decode(send(str, SdkConstants.CMD_cacert, null)).getCertificates();
    }

    public CertprofileInfoResponse profileInfo(String str, String str2) throws IOException, SdkErrorResponseException {
        CertprofileInfoRequest certprofileInfoRequest = new CertprofileInfoRequest();
        certprofileInfoRequest.setProfile(str2);
        return CertprofileInfoResponse.decode(send(str, SdkConstants.CMD_profileinfo, certprofileInfoRequest));
    }

    public byte[] generateCrl(String str, String str2) throws IOException, SdkErrorResponseException {
        GenCRLRequest genCRLRequest = new GenCRLRequest();
        genCRLRequest.setCrlDp(str2);
        return CrlResponse.decode(send(str, "gen_crl", genCRLRequest)).getCrl();
    }

    public byte[] currentCrl(String str) throws IOException, SdkErrorResponseException {
        return currentCrl(str, null, null, null);
    }

    public byte[] currentCrl(String str, BigInteger bigInteger, Date date, String str2) throws IOException, SdkErrorResponseException {
        GetCRLRequest getCRLRequest = new GetCRLRequest();
        getCRLRequest.setCrlNumber(bigInteger);
        getCRLRequest.setCrlDp(str2);
        getCRLRequest.setThisUpdate(date == null ? null : Long.valueOf(date.getTime() / 1000));
        return CrlResponse.decode(send(str, SdkConstants.CMD_crl, getCRLRequest)).getCrl();
    }

    private byte[] enrollCert0(String str, String str2, String str3, EnrollCertRequestEntry enrollCertRequestEntry) throws IOException, SdkErrorResponseException {
        EnrollCertsRequest enrollCertsRequest = new EnrollCertsRequest();
        enrollCertsRequest.setCaCertMode(CertsMode.NONE);
        enrollCertsRequest.setEntries(Collections.singletonList(enrollCertRequestEntry));
        byte[] cert = EnrollOrPollCertsResponse.decode(send(str3, str2, enrollCertsRequest)).getEntries().get(0).getCert();
        if (cert == null) {
            throw new SdkErrorResponseException(ErrorCode.SYSTEM_FAILURE, "error " + str);
        }
        return cert;
    }

    private KeyCertBytesPair enrollCertCaGenKeypair0(String str, String str2, String str3, EnrollCertRequestEntry enrollCertRequestEntry) throws IOException, SdkErrorResponseException {
        EnrollCertsRequest enrollCertsRequest = new EnrollCertsRequest();
        enrollCertsRequest.setCaCertMode(CertsMode.NONE);
        enrollCertsRequest.setEntries(Collections.singletonList(enrollCertRequestEntry));
        EnrollOrPullCertResponseEntry enrollOrPullCertResponseEntry = EnrollOrPollCertsResponse.decode(send(str3, str2, enrollCertsRequest)).getEntries().get(0);
        if (enrollOrPullCertResponseEntry.getCert() == null || enrollOrPullCertResponseEntry.getPrivateKey() == null) {
            throw new SdkErrorResponseException(ErrorCode.SYSTEM_FAILURE, "error " + str);
        }
        return new KeyCertBytesPair(enrollOrPullCertResponseEntry.getPrivateKey(), enrollOrPullCertResponseEntry.getCert());
    }

    public byte[] enrollCert(String str, String str2, byte[] bArr) throws IOException, SdkErrorResponseException {
        EnrollCertRequestEntry enrollCertRequestEntry = new EnrollCertRequestEntry();
        enrollCertRequestEntry.setP10req(bArr);
        enrollCertRequestEntry.setCertprofile(str2);
        return enrollCert0("enrollCert", SdkConstants.CMD_enroll, str, enrollCertRequestEntry);
    }

    public KeyCertBytesPair enrollCertCaGenKeypair(String str, String str2, String str3) throws IOException, SdkErrorResponseException {
        EnrollCertRequestEntry enrollCertRequestEntry = new EnrollCertRequestEntry();
        enrollCertRequestEntry.setSubject(new X500NameType(str3));
        enrollCertRequestEntry.setCertprofile(str2);
        return enrollCertCaGenKeypair0("enrollCertCaGenKeypair", SdkConstants.CMD_enroll, str, enrollCertRequestEntry);
    }

    public byte[] reenrollCert(String str, String str2, byte[] bArr, X500Name x500Name, BigInteger bigInteger) throws IOException, SdkErrorResponseException {
        EnrollCertRequestEntry enrollCertRequestEntry = new EnrollCertRequestEntry();
        enrollCertRequestEntry.setCertprofile(str2);
        enrollCertRequestEntry.setP10req(bArr);
        OldCertInfoByIssuerAndSerial oldCertInfoByIssuerAndSerial = new OldCertInfoByIssuerAndSerial();
        oldCertInfoByIssuerAndSerial.setReusePublicKey(false);
        oldCertInfoByIssuerAndSerial.setSerialNumber(bigInteger);
        oldCertInfoByIssuerAndSerial.setIssuer(new X500NameType(x500Name));
        enrollCertRequestEntry.setOldCertIsn(oldCertInfoByIssuerAndSerial);
        return enrollCert0("reenrollCert", SdkConstants.CMD_reenroll, str, enrollCertRequestEntry);
    }

    public KeyCertBytesPair reenrollCertCaGenKeypair(String str, String str2, X500Name x500Name, String str3, BigInteger bigInteger) throws IOException, SdkErrorResponseException {
        EnrollCertRequestEntry enrollCertRequestEntry = new EnrollCertRequestEntry();
        enrollCertRequestEntry.setCertprofile(str2);
        enrollCertRequestEntry.setSubject(new X500NameType(x500Name));
        OldCertInfoByIssuerAndSerial oldCertInfoByIssuerAndSerial = new OldCertInfoByIssuerAndSerial();
        oldCertInfoByIssuerAndSerial.setReusePublicKey(false);
        oldCertInfoByIssuerAndSerial.setSerialNumber(bigInteger);
        oldCertInfoByIssuerAndSerial.setIssuer(new X500NameType(str3));
        enrollCertRequestEntry.setOldCertIsn(oldCertInfoByIssuerAndSerial);
        return enrollCertCaGenKeypair0("reenrollCertCaGenKeypair", SdkConstants.CMD_reenroll, str, enrollCertRequestEntry);
    }

    public EnrollOrPollCertsResponse enrollCerts(String str, EnrollCertsRequest enrollCertsRequest) throws IOException, SdkErrorResponseException {
        return checkEnrollResp(send(str, SdkConstants.CMD_enroll, enrollCertsRequest), enrollCertsRequest);
    }

    public EnrollOrPollCertsResponse enrollCrossCerts(String str, EnrollCertsRequest enrollCertsRequest) throws IOException, SdkErrorResponseException {
        return checkEnrollResp(send(str, SdkConstants.CMD_enroll_cross, enrollCertsRequest), enrollCertsRequest);
    }

    public EnrollOrPollCertsResponse reenrollCerts(String str, EnrollCertsRequest enrollCertsRequest) throws IOException, SdkErrorResponseException {
        return checkEnrollResp(send(str, SdkConstants.CMD_reenroll, enrollCertsRequest), enrollCertsRequest);
    }

    private EnrollOrPollCertsResponse checkEnrollResp(byte[] bArr, EnrollCertsRequest enrollCertsRequest) throws IOException {
        EnrollOrPollCertsResponse decode = EnrollOrPollCertsResponse.decode(bArr);
        List<EnrollOrPullCertResponseEntry> entries = decode.getEntries();
        int size = enrollCertsRequest.getEntries().size();
        int size2 = entries == null ? 0 : entries.size();
        if (size != size2) {
            throw new IOException("expected " + size + " entries, but received " + size2);
        }
        return decode;
    }

    public void confirmCerts(String str, ConfirmCertsRequest confirmCertsRequest) throws IOException, SdkErrorResponseException {
        send(str, SdkConstants.CMD_confirm_enroll, confirmCertsRequest);
    }

    public void revokePendingCerts(String str, String str2) throws IOException, SdkErrorResponseException {
        TransactionIdRequest transactionIdRequest = new TransactionIdRequest();
        transactionIdRequest.setTid(str2);
        send(str, SdkConstants.CMD_revoke_pending_cert, transactionIdRequest);
    }

    public EnrollOrPollCertsResponse pollCerts(String str, PollCertRequest pollCertRequest) throws IOException, SdkErrorResponseException {
        return EnrollOrPollCertsResponse.decode(send(str, SdkConstants.CMD_poll_cert, pollCertRequest));
    }

    public RevokeCertsResponse revokeCerts(String str, RevokeCertsRequest revokeCertsRequest) throws IOException, SdkErrorResponseException {
        return RevokeCertsResponse.decode(send(str, "revoke_cert", revokeCertsRequest));
    }

    public UnSuspendOrRemoveCertsResponse unsuspendCerts(String str, UnsuspendOrRemoveRequest unsuspendOrRemoveRequest) throws IOException, SdkErrorResponseException {
        return UnSuspendOrRemoveCertsResponse.decode(send(str, "unsuspend_cert", unsuspendOrRemoveRequest));
    }

    public UnSuspendOrRemoveCertsResponse removeCerts(String str, UnsuspendOrRemoveRequest unsuspendOrRemoveRequest) throws IOException, SdkErrorResponseException {
        return UnSuspendOrRemoveCertsResponse.decode(send(str, "remove_cert", unsuspendOrRemoveRequest));
    }

    public byte[] getCert(String str, X500Name x500Name, BigInteger bigInteger) throws IOException, SdkErrorResponseException {
        GetCertRequest getCertRequest = new GetCertRequest();
        getCertRequest.setIssuer(new X500NameType(x500Name));
        getCertRequest.setSerialNumber(bigInteger);
        return PayloadResponse.decode(send(str, SdkConstants.CMD_get_cert, getCertRequest)).getPayload();
    }
}
