package se.swedenconnect.ca.cmc.api.impl;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.List;
import lombok.Generated;
import org.bouncycastle.asn1.cmc.BodyPartID;
import org.bouncycastle.asn1.cmc.CMCObjectIdentifiers;
import org.bouncycastle.asn1.cmc.GetCert;
import org.bouncycastle.asn1.cmc.RevokeRequest;
import org.bouncycastle.cert.X509CertificateHolder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import se.swedenconnect.ca.cmc.CMCException;
import se.swedenconnect.ca.cmc.api.CMCCaApi;
import se.swedenconnect.ca.cmc.api.CMCCaApiException;
import se.swedenconnect.ca.cmc.api.CMCParsingException;
import se.swedenconnect.ca.cmc.api.CMCRequestParser;
import se.swedenconnect.ca.cmc.api.CMCResponseFactory;
import se.swedenconnect.ca.cmc.api.data.CMCControlObject;
import se.swedenconnect.ca.cmc.api.data.CMCFailType;
import se.swedenconnect.ca.cmc.api.data.CMCRequest;
import se.swedenconnect.ca.cmc.api.data.CMCResponse;
import se.swedenconnect.ca.cmc.api.data.CMCResponseStatus;
import se.swedenconnect.ca.cmc.api.data.CMCStatusType;
import se.swedenconnect.ca.cmc.auth.CMCUtils;
import se.swedenconnect.ca.cmc.model.admin.AdminCMCData;
import se.swedenconnect.ca.cmc.model.response.impl.CMCAdminResponseModel;
import se.swedenconnect.ca.cmc.model.response.impl.CMCBasicCMCResponseModel;
import se.swedenconnect.ca.engine.ca.issuer.CAService;
import se.swedenconnect.ca.engine.ca.models.cert.CertificateModel;
import se.swedenconnect.ca.engine.utils.CAUtils;

/* loaded from: input_file:se/swedenconnect/ca/cmc/api/impl/AbstractCMCCaApi.class */
public abstract class AbstractCMCCaApi implements CMCCaApi {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(AbstractCMCCaApi.class);
    protected final CAService caService;
    protected final CMCRequestParser cmcRequestParser;
    protected final CMCResponseFactory cmcResponseFactory;

    public AbstractCMCCaApi(CAService cAService, CMCRequestParser cMCRequestParser, CMCResponseFactory cMCResponseFactory) {
        this.caService = cAService;
        this.cmcRequestParser = cMCRequestParser;
        this.cmcResponseFactory = cMCResponseFactory;
    }

    @Override // se.swedenconnect.ca.cmc.api.CMCCaApi
    public CMCResponse processRequest(byte[] bArr) {
        byte[] bArr2 = new byte[0];
        try {
            CMCRequest parseCMCrequest = this.cmcRequestParser.parseCMCrequest(bArr);
            parseCMCrequest.getNonce();
            switch (parseCMCrequest.getCmcRequestType()) {
                case issueCert:
                    return processCertIssuingRequest(parseCMCrequest);
                case revoke:
                    return processRevokeRequest(parseCMCrequest);
                case admin:
                    return processCustomRequest(parseCMCrequest);
                case getCert:
                    return processGetCertRequest(parseCMCrequest);
                default:
                    throw new IllegalArgumentException("Unrecognized CMC request type");
            }
        } catch (Exception e) {
            try {
                if (e instanceof CMCParsingException) {
                    return this.cmcResponseFactory.getCMCResponse(new CMCBasicCMCResponseModel(((CMCParsingException) e).getNonce(), CMCResponseStatus.builder().status(CMCStatusType.failed).failType(CMCFailType.badRequest).message(e.getMessage()).bodyPartIDList(new ArrayList()).build(), null, null));
                }
                if (!(e instanceof CMCCaApiException)) {
                    return this.cmcResponseFactory.getCMCResponse(new CMCBasicCMCResponseModel(bArr2, CMCResponseStatus.builder().status(CMCStatusType.failed).failType(CMCFailType.internalCAError).message(e.getMessage()).bodyPartIDList(new ArrayList()).build(), null, null));
                }
                CMCCaApiException cMCCaApiException = (CMCCaApiException) e;
                return this.cmcResponseFactory.getCMCResponse(new CMCBasicCMCResponseModel(bArr2, CMCResponseStatus.builder().status(CMCStatusType.failed).failType(cMCCaApiException.getCmcFailType()).message(e.getMessage()).bodyPartIDList(cMCCaApiException.getFailingBodyPartIds()).build(), null, null));
            } catch (Exception e2) {
                log.error("Critical exception in CA API implementation", e2);
                throw new RuntimeException("Critical exception in CA API implementation", e2);
            }
        }
    }

    protected CMCResponse processCertIssuingRequest(CMCRequest cMCRequest) throws CMCCaApiException {
        try {
            return this.cmcResponseFactory.getCMCResponse(new CMCBasicCMCResponseModel(cMCRequest.getNonce(), new CMCResponseStatus(CMCStatusType.success, Arrays.asList(cMCRequest.getCertReqBodyPartId())), cMCRequest.getCmcRequestType(), (byte[]) CMCUtils.getCMCControlObject(CMCObjectIdentifiers.id_cmc_regInfo, cMCRequest.getPkiData()).getValue(), Arrays.asList(this.caService.issueCertificate(getCertificateModel(cMCRequest)))));
        } catch (Exception e) {
            throw new CMCCaApiException(e, (List<BodyPartID>) (cMCRequest.getCertReqBodyPartId() == null ? new ArrayList() : Arrays.asList(cMCRequest.getCertReqBodyPartId())), CMCFailType.badRequest);
        }
    }

    abstract CertificateModel getCertificateModel(CMCRequest cMCRequest) throws CMCException;

    protected CMCResponse processRevokeRequest(CMCRequest cMCRequest) throws CMCCaApiException {
        try {
            CMCControlObject cMCControlObject = CMCUtils.getCMCControlObject(CMCObjectIdentifiers.id_cmc_revokeRequest, cMCRequest.getPkiData());
            BodyPartID bodyPartID = cMCControlObject.getBodyPartID();
            RevokeRequest revokeRequest = (RevokeRequest) cMCControlObject.getValue();
            if (!this.caService.getCaCertificate().getSubject().equals(revokeRequest.getName())) {
                throw new CMCCaApiException("Revocation request does not match CA issuer name", (List<BodyPartID>) Arrays.asList(bodyPartID), CMCFailType.badRequest);
            }
            Date date = revokeRequest.getInvalidityDate().getDate();
            try {
                this.caService.revokeCertificate(revokeRequest.getSerialNumber(), revokeRequest.getReason().getValue().intValue(), date);
                this.caService.publishNewCrl();
                return this.cmcResponseFactory.getCMCResponse(new CMCBasicCMCResponseModel(cMCRequest.getNonce(), new CMCResponseStatus(CMCStatusType.success, Arrays.asList(bodyPartID)), null, null));
            } catch (Exception e) {
                throw new CMCCaApiException(e.getMessage(), e, Arrays.asList(bodyPartID), CMCFailType.badCertId);
            }
        } catch (Exception e2) {
            if (e2 instanceof CMCCaApiException) {
                throw ((CMCCaApiException) e2);
            }
            throw new CMCCaApiException(e2, new ArrayList(), CMCFailType.badRequest);
        }
    }

    protected CMCResponse processCustomRequest(CMCRequest cMCRequest) throws CMCException {
        CMCControlObject cMCControlObject = CMCUtils.getCMCControlObject(CMCObjectIdentifiers.id_cmc_regInfo, cMCRequest.getPkiData());
        return this.cmcResponseFactory.getCMCResponse(new CMCAdminResponseModel(cMCRequest.getNonce(), new CMCResponseStatus(CMCStatusType.success, Arrays.asList(cMCControlObject.getBodyPartID())), cMCRequest.getCmcRequestType(), getAdminResponse((AdminCMCData) cMCControlObject.getValue())));
    }

    protected abstract AdminCMCData getAdminResponse(AdminCMCData adminCMCData) throws CMCException;

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v8, types: [java.util.List] */
    protected CMCResponse processGetCertRequest(CMCRequest cMCRequest) throws CMCCaApiException {
        ArrayList arrayList = new ArrayList();
        try {
            CMCControlObject cMCControlObject = CMCUtils.getCMCControlObject(CMCObjectIdentifiers.id_cmc_getCert, cMCRequest.getPkiData());
            arrayList = Arrays.asList(cMCControlObject.getBodyPartID());
            GetCert getCert = (GetCert) cMCControlObject.getValue();
            if (!this.caService.getCaCertificate().getSubject().equals(getCert.getIssuerName().getName())) {
                throw new CMCCaApiException("Get certificate request does not match CA issuer name", arrayList, CMCFailType.badRequest);
            }
            return this.cmcResponseFactory.getCMCResponse(new CMCBasicCMCResponseModel(cMCRequest.getNonce(), new CMCResponseStatus(CMCStatusType.success, arrayList), cMCRequest.getCmcRequestType(), null, Arrays.asList(CAUtils.getCert(new X509CertificateHolder(this.caService.getCaRepository().getCertificate(getCert.getSerialNumber()).getCertificate())))));
        } catch (Exception e) {
            throw new CMCCaApiException("Failure to process Get Cert reqeust", e, arrayList, CMCFailType.badRequest);
        }
    }
}
