package org.xipki.ca.mgmt.client;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.security.cert.CRLException;
import java.security.cert.CertificateException;
import java.time.Instant;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSocketFactory;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.cert.X509CRLHolder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xipki.ca.api.mgmt.CaJson;
import org.xipki.ca.api.mgmt.CaManager;
import org.xipki.ca.api.mgmt.CaMgmtException;
import org.xipki.ca.api.mgmt.CaProfileEntry;
import org.xipki.ca.api.mgmt.CaSystemStatus;
import org.xipki.ca.api.mgmt.CertListInfo;
import org.xipki.ca.api.mgmt.CertListOrderBy;
import org.xipki.ca.api.mgmt.CertWithRevocationInfo;
import org.xipki.ca.api.mgmt.MgmtAction;
import org.xipki.ca.api.mgmt.MgmtRequest;
import org.xipki.ca.api.mgmt.MgmtResponse;
import org.xipki.ca.api.mgmt.entry.CaEntry;
import org.xipki.ca.api.mgmt.entry.CaHasRequestorEntry;
import org.xipki.ca.api.mgmt.entry.CertprofileEntry;
import org.xipki.ca.api.mgmt.entry.ChangeCaEntry;
import org.xipki.ca.api.mgmt.entry.KeypairGenEntry;
import org.xipki.ca.api.mgmt.entry.PublisherEntry;
import org.xipki.ca.api.mgmt.entry.RequestorEntry;
import org.xipki.ca.api.mgmt.entry.SignerEntry;
import org.xipki.security.CertRevocationInfo;
import org.xipki.security.CrlReason;
import org.xipki.security.KeyCertBytesPair;
import org.xipki.security.X509Cert;
import org.xipki.security.util.X509Util;
import org.xipki.util.Args;
import org.xipki.util.IoUtil;
import org.xipki.util.StringUtil;
import org.xipki.util.exception.ObjectCreationException;
import org.xipki.util.http.SslContextConf;
import org.xipki.util.http.SslContextConfWrapper;

/* loaded from: input_file:org/xipki/ca/mgmt/client/CaMgmtClient.class */
public class CaMgmtClient implements CaManager {
    private static final Logger LOG = LoggerFactory.getLogger(CaMgmtClient.class);
    private static final String REQUEST_CT = "application/json";
    private static final String RESPONSE_CT = "application/json";
    private final Map<MgmtAction, URL> actionUrlMap = new HashMap(50);
    private SSLSocketFactory sslSocketFactory;
    private HostnameVerifier hostnameVerifier;
    private final SslContextConf sslContextConf;
    private boolean initialized;
    private CaMgmtException initException;

    public CaMgmtClient(SslContextConfWrapper sslContextConfWrapper) throws ObjectCreationException {
        this.sslContextConf = sslContextConfWrapper == null ? null : sslContextConfWrapper.toSslContextConf();
        if (this.sslContextConf != null) {
            this.sslContextConf.init();
        }
    }

    public synchronized void initIfNotDone() throws CaMgmtException {
        if (this.initException != null) {
            throw this.initException;
        }
        try {
            if (this.initialized) {
                return;
            }
            try {
                if (this.sslContextConf != null) {
                    this.sslSocketFactory = this.sslContextConf.getSslSocketFactory();
                    this.hostnameVerifier = this.sslContextConf.getHostnameVerifier();
                }
            } catch (Exception e) {
                this.initException = new CaMgmtException("could not initialize CaMgmtClient: " + e.getMessage(), e);
                throw this.initException;
            }
        } finally {
            this.initialized = true;
        }
    }

    public void setServerUrl(String str) throws MalformedURLException {
        Args.notBlank(str, "serverUrl");
        if (!str.endsWith("/")) {
            str = str + "/";
        }
        for (MgmtAction mgmtAction : MgmtAction.values()) {
            this.actionUrlMap.put(mgmtAction, new URL(str + mgmtAction));
        }
    }

    public CaSystemStatus getCaSystemStatus() throws CaMgmtException {
        return parse(transmit(MgmtAction.getCaSystemStatus, null), MgmtResponse.GetCaSystemStatus.class).getResult();
    }

    public void unlockCa() throws CaMgmtException {
        voidTransmit(MgmtAction.unlockCa, null);
    }

    public void notifyCaChange() throws CaMgmtException {
        voidTransmit(MgmtAction.notifyCaChange, null);
    }

    public void addDbSchema(String str, String str2) throws CaMgmtException {
        MgmtRequest.AddOrChangeDbSchema addOrChangeDbSchema = new MgmtRequest.AddOrChangeDbSchema();
        addOrChangeDbSchema.setName(str);
        addOrChangeDbSchema.setValue(str2);
        voidTransmit(MgmtAction.addDbSchema, addOrChangeDbSchema);
    }

    public void changeDbSchema(String str, String str2) throws CaMgmtException {
        MgmtRequest.AddOrChangeDbSchema addOrChangeDbSchema = new MgmtRequest.AddOrChangeDbSchema();
        addOrChangeDbSchema.setName(str);
        addOrChangeDbSchema.setValue(str2);
        voidTransmit(MgmtAction.changeDbSchema, addOrChangeDbSchema);
    }

    public void removeDbSchema(String str) throws CaMgmtException {
        removeEntity(MgmtAction.removeDbSchema, str);
    }

    public Map<String, String> getDbSchemas() throws CaMgmtException {
        return parse(transmit(MgmtAction.getDbSchemas, null), MgmtResponse.GetDbSchemas.class).getResult();
    }

    public void republishCertificates(String str, List<String> list, int i) throws CaMgmtException {
        MgmtRequest.RepublishCertificates republishCertificates = new MgmtRequest.RepublishCertificates();
        republishCertificates.setCaName(str);
        republishCertificates.setPublisherNames(list);
        republishCertificates.setNumThreads(i);
        voidTransmit(MgmtAction.republishCertificates, republishCertificates);
    }

    public void removeCa(String str) throws CaMgmtException {
        removeEntity(MgmtAction.removeCa, str);
    }

    public void restartCa(String str) throws CaMgmtException {
        voidTransmit(MgmtAction.restartCa, new MgmtRequest.Name(str));
    }

    public void restartCaSystem() throws CaMgmtException {
        voidTransmit(MgmtAction.restartCaSystem, null);
    }

    public void addCaAlias(String str, String str2) throws CaMgmtException {
        MgmtRequest.AddCaAlias addCaAlias = new MgmtRequest.AddCaAlias();
        addCaAlias.setAliasName(str);
        addCaAlias.setCaName(str2);
        voidTransmit(MgmtAction.addCaAlias, addCaAlias);
    }

    public void removeCaAlias(String str) throws CaMgmtException {
        removeEntity(MgmtAction.removeCaAlias, str);
    }

    public Set<String> getAliasesForCa(String str) throws CaMgmtException {
        return parse(transmit(MgmtAction.getAliasesForCa, new MgmtRequest.Name(str)), MgmtResponse.StringSet.class).getResult();
    }

    public String getCaNameForAlias(String str) throws CaMgmtException {
        return parse(transmit(MgmtAction.getCaNameForAlias, new MgmtRequest.Name(str)), MgmtResponse.StringResponse.class).getResult();
    }

    public Set<String> getCaAliasNames() throws CaMgmtException {
        return getNames(MgmtAction.getCaAliasNames);
    }

    public Set<String> getCertprofileNames() throws CaMgmtException {
        return getNames(MgmtAction.getCertprofileNames);
    }

    public Set<String> getKeypairGenNames() throws CaMgmtException {
        return getNames(MgmtAction.getKeypairGenNames);
    }

    public Set<String> getPublisherNames() throws CaMgmtException {
        return getNames(MgmtAction.getPublisherNames);
    }

    public Set<String> getRequestorNames() throws CaMgmtException {
        return getNames(MgmtAction.getRequestorNames);
    }

    public Set<String> getSignerNames() throws CaMgmtException {
        return getNames(MgmtAction.getSignerNames);
    }

    public Set<String> getCaNames() throws CaMgmtException {
        return getNames(MgmtAction.getCaNames);
    }

    public Set<String> getSuccessfulCaNames() throws CaMgmtException {
        return getNames(MgmtAction.getSuccessfulCaNames);
    }

    public Set<String> getFailedCaNames() throws CaMgmtException {
        return getNames(MgmtAction.getFailedCaNames);
    }

    public Set<String> getInactiveCaNames() throws CaMgmtException {
        return getNames(MgmtAction.getInactiveCaNames);
    }

    private Set<String> getNames(MgmtAction mgmtAction) throws CaMgmtException {
        return parse(transmit(mgmtAction, null), MgmtResponse.StringSet.class).getResult();
    }

    public void addCa(CaEntry caEntry) throws CaMgmtException {
        MgmtRequest.AddCa addCa = new MgmtRequest.AddCa();
        addCa.setCaEntry(caEntry);
        voidTransmit(MgmtAction.addCa, addCa);
    }

    public List<X509Cert> getCaCerts(String str) throws CaMgmtException {
        try {
            return X509Util.parseCerts(parse(transmit(MgmtAction.getCaCerts, new MgmtRequest.Name(str)), MgmtResponse.StringResponse.class).getResult().getBytes(StandardCharsets.UTF_8));
        } catch (IOException | CertificateException e) {
            throw new CaMgmtException(e);
        }
    }

    public CaEntry getCa(String str) throws CaMgmtException {
        return parse(transmit(MgmtAction.getCa, new MgmtRequest.Name(str)), MgmtResponse.GetCa.class).getResult();
    }

    public void changeCa(ChangeCaEntry changeCaEntry) throws CaMgmtException {
        MgmtRequest.ChangeCa changeCa = new MgmtRequest.ChangeCa();
        changeCa.setChangeCaEntry(changeCaEntry);
        voidTransmit(MgmtAction.changeCa, changeCa);
    }

    public void removeCertprofileFromCa(String str, String str2) throws CaMgmtException {
        MgmtRequest.RemoveEntityFromCa removeEntityFromCa = new MgmtRequest.RemoveEntityFromCa();
        removeEntityFromCa.setEntityName(str);
        removeEntityFromCa.setCaName(str2);
        voidTransmit(MgmtAction.removeCertprofileFromCa, removeEntityFromCa);
    }

    public void addCertprofileToCa(String str, String str2) throws CaMgmtException {
        MgmtRequest.AddCertprofileToCa addCertprofileToCa = new MgmtRequest.AddCertprofileToCa();
        addCertprofileToCa.setProfileName(str);
        addCertprofileToCa.setCaName(str2);
        voidTransmit(MgmtAction.addCertprofileToCa, addCertprofileToCa);
    }

    public void removePublisherFromCa(String str, String str2) throws CaMgmtException {
        MgmtRequest.RemoveEntityFromCa removeEntityFromCa = new MgmtRequest.RemoveEntityFromCa();
        removeEntityFromCa.setCaName(str2);
        removeEntityFromCa.setEntityName(str);
        voidTransmit(MgmtAction.removePublisherFromCa, removeEntityFromCa);
    }

    public void addPublisherToCa(String str, String str2) throws CaMgmtException {
        MgmtRequest.AddPublisherToCa addPublisherToCa = new MgmtRequest.AddPublisherToCa();
        addPublisherToCa.setPublisherName(str);
        addPublisherToCa.setCaName(str2);
        voidTransmit(MgmtAction.addPublisherToCa, addPublisherToCa);
    }

    public Set<CaProfileEntry> getCertprofilesForCa(String str) throws CaMgmtException {
        Set result = parse(transmit(MgmtAction.getCertprofilesForCa, new MgmtRequest.Name(str)), MgmtResponse.StringSet.class).getResult();
        if (result == null) {
            return Collections.emptySet();
        }
        HashSet hashSet = new HashSet();
        Iterator it = result.iterator();
        while (it.hasNext()) {
            hashSet.add(CaProfileEntry.decode((String) it.next()));
        }
        return hashSet;
    }

    public Set<CaHasRequestorEntry> getRequestorsForCa(String str) throws CaMgmtException {
        return parse(transmit(MgmtAction.getRequestorsForCa, new MgmtRequest.Name(str)), MgmtResponse.GetRequestorsForCa.class).getResult();
    }

    public RequestorEntry getRequestor(String str) throws CaMgmtException {
        return parse(transmit(MgmtAction.getRequestor, new MgmtRequest.Name(str)), MgmtResponse.GetRequestor.class).getResult();
    }

    public void addRequestor(RequestorEntry requestorEntry) throws CaMgmtException {
        MgmtRequest.AddRequestor addRequestor = new MgmtRequest.AddRequestor();
        addRequestor.setRequestorEntry(requestorEntry);
        voidTransmit(MgmtAction.addRequestor, addRequestor);
    }

    public void removeRequestor(String str) throws CaMgmtException {
        removeEntity(MgmtAction.removeRequestor, str);
    }

    public void changeRequestor(String str, String str2, String str3) throws CaMgmtException {
        voidTransmit(MgmtAction.changeRequestor, new MgmtRequest.ChangeTypeConfEntity(str, str2, str3));
    }

    public void removeRequestorFromCa(String str, String str2) throws CaMgmtException {
        MgmtRequest.RemoveEntityFromCa removeEntityFromCa = new MgmtRequest.RemoveEntityFromCa();
        removeEntityFromCa.setCaName(str2);
        removeEntityFromCa.setEntityName(str);
        voidTransmit(MgmtAction.removeRequestorFromCa, removeEntityFromCa);
    }

    public void addRequestorToCa(CaHasRequestorEntry caHasRequestorEntry, String str) throws CaMgmtException {
        MgmtRequest.AddRequestorToCa addRequestorToCa = new MgmtRequest.AddRequestorToCa();
        addRequestorToCa.setRequestor(caHasRequestorEntry);
        addRequestorToCa.setCaName(str);
        voidTransmit(MgmtAction.addRequestorToCa, addRequestorToCa);
    }

    public KeypairGenEntry getKeypairGen(String str) throws CaMgmtException {
        return parse(transmit(MgmtAction.getKeypairGen, new MgmtRequest.Name(str)), MgmtResponse.GetKeypairGen.class).getResult();
    }

    public void removeKeypairGen(String str) throws CaMgmtException {
        removeEntity(MgmtAction.removeKeypairGen, str);
    }

    public void changeKeypairGen(String str, String str2, String str3) throws CaMgmtException {
        voidTransmit(MgmtAction.changeKeypairGen, new MgmtRequest.ChangeTypeConfEntity(str, str2, str3));
    }

    public void addKeypairGen(KeypairGenEntry keypairGenEntry) throws CaMgmtException {
        MgmtRequest.AddKeypairGen addKeypairGen = new MgmtRequest.AddKeypairGen();
        addKeypairGen.setEntry(keypairGenEntry);
        voidTransmit(MgmtAction.addKeypairGen, addKeypairGen);
    }

    public CertprofileEntry getCertprofile(String str) throws CaMgmtException {
        return parse(transmit(MgmtAction.getCertprofile, new MgmtRequest.Name(str)), MgmtResponse.GetCertprofile.class).getResult();
    }

    public void removeCertprofile(String str) throws CaMgmtException {
        removeEntity(MgmtAction.removeCertprofile, str);
    }

    public void changeCertprofile(String str, String str2, String str3) throws CaMgmtException {
        voidTransmit(MgmtAction.changeCertprofile, new MgmtRequest.ChangeTypeConfEntity(str, str2, str3));
    }

    public void addCertprofile(CertprofileEntry certprofileEntry) throws CaMgmtException {
        MgmtRequest.AddCertprofile addCertprofile = new MgmtRequest.AddCertprofile();
        addCertprofile.setCertprofileEntry(certprofileEntry);
        voidTransmit(MgmtAction.addCertprofile, addCertprofile);
    }

    public void addSigner(SignerEntry signerEntry) throws CaMgmtException {
        MgmtRequest.AddSigner addSigner = new MgmtRequest.AddSigner();
        addSigner.setSignerEntry(signerEntry);
        voidTransmit(MgmtAction.addSigner, addSigner);
    }

    public void removeSigner(String str) throws CaMgmtException {
        removeEntity(MgmtAction.removeSigner, str);
    }

    public SignerEntry getSigner(String str) throws CaMgmtException {
        return parse(transmit(MgmtAction.getSigner, new MgmtRequest.Name(str)), MgmtResponse.GetSigner.class).getResult();
    }

    public void changeSigner(String str, String str2, String str3, String str4) throws CaMgmtException {
        MgmtRequest.ChangeSigner changeSigner = new MgmtRequest.ChangeSigner();
        changeSigner.setName(str);
        changeSigner.setType(str2);
        changeSigner.setConf(str3);
        changeSigner.setBase64Cert(str4);
        voidTransmit(MgmtAction.changeSigner, changeSigner);
    }

    public void addPublisher(PublisherEntry publisherEntry) throws CaMgmtException {
        MgmtRequest.AddPublisher addPublisher = new MgmtRequest.AddPublisher();
        addPublisher.setPublisherEntry(publisherEntry);
        voidTransmit(MgmtAction.addPublisher, addPublisher);
    }

    public List<PublisherEntry> getPublishersForCa(String str) throws CaMgmtException {
        return parse(transmit(MgmtAction.getPublishersForCa, new MgmtRequest.Name(str)), MgmtResponse.GetPublischersForCa.class).getResult();
    }

    public PublisherEntry getPublisher(String str) throws CaMgmtException {
        return parse(transmit(MgmtAction.getPublisher, new MgmtRequest.Name(str)), MgmtResponse.GetPublisher.class).getResult();
    }

    public void removePublisher(String str) throws CaMgmtException {
        removeEntity(MgmtAction.removePublisher, str);
    }

    public void changePublisher(String str, String str2, String str3) throws CaMgmtException {
        voidTransmit(MgmtAction.changePublisher, new MgmtRequest.ChangeTypeConfEntity(str, str2, str3));
    }

    public void revokeCa(String str, CertRevocationInfo certRevocationInfo) throws CaMgmtException {
        MgmtRequest.RevokeCa revokeCa = new MgmtRequest.RevokeCa();
        revokeCa.setCaName(str);
        revokeCa.setRevocationInfo(certRevocationInfo);
        voidTransmit(MgmtAction.revokeCa, revokeCa);
    }

    public void unrevokeCa(String str) throws CaMgmtException {
        voidTransmit(MgmtAction.unrevokeCa, new MgmtRequest.Name(str));
    }

    public void revokeCertificate(String str, BigInteger bigInteger, CrlReason crlReason, Instant instant) throws CaMgmtException {
        MgmtRequest.RevokeCertificate revokeCertificate = new MgmtRequest.RevokeCertificate();
        revokeCertificate.setCaName(str);
        revokeCertificate.setSerialNumber(bigInteger);
        revokeCertificate.setReason(crlReason);
        revokeCertificate.setInvalidityTime(instant);
        voidTransmit(MgmtAction.revokeCertificate, revokeCertificate);
    }

    public void unsuspendCertificate(String str, BigInteger bigInteger) throws CaMgmtException {
        MgmtRequest.UnsuspendCertificate unsuspendCertificate = new MgmtRequest.UnsuspendCertificate();
        unsuspendCertificate.setCaName(str);
        unsuspendCertificate.setSerialNumber(bigInteger);
        voidTransmit(MgmtAction.unsuspendCertificate, unsuspendCertificate);
    }

    public void removeCertificate(String str, BigInteger bigInteger) throws CaMgmtException {
        MgmtRequest.RemoveCertificate removeCertificate = new MgmtRequest.RemoveCertificate();
        removeCertificate.setCaName(str);
        removeCertificate.setSerialNumber(bigInteger);
        voidTransmit(MgmtAction.removeCertificate, removeCertificate);
    }

    public X509Cert generateCrossCertificate(String str, String str2, byte[] bArr, byte[] bArr2, Instant instant, Instant instant2) throws CaMgmtException {
        MgmtRequest.GenerateCrossCertificate generateCrossCertificate = new MgmtRequest.GenerateCrossCertificate();
        generateCrossCertificate.setCaName(str);
        generateCrossCertificate.setProfileName(str2);
        generateCrossCertificate.setEncodedCsr(bArr);
        generateCrossCertificate.setEncodedTargetCert(bArr2);
        generateCrossCertificate.setNotBefore(instant);
        generateCrossCertificate.setNotAfter(instant2);
        return parseCert(parse(transmit(MgmtAction.generateCrossCertificate, generateCrossCertificate), MgmtResponse.ByteArray.class).getResult());
    }

    public X509Cert generateCertificate(String str, String str2, byte[] bArr, Instant instant, Instant instant2) throws CaMgmtException {
        MgmtRequest.GenerateCert generateCert = new MgmtRequest.GenerateCert();
        generateCert.setCaName(str);
        generateCert.setProfileName(str2);
        generateCert.setEncodedCsr(bArr);
        generateCert.setNotBefore(instant);
        generateCert.setNotAfter(instant2);
        return parseCert(parse(transmit(MgmtAction.generateCertificate, generateCert), MgmtResponse.ByteArray.class).getResult());
    }

    public KeyCertBytesPair generateKeyCert(String str, String str2, String str3, Instant instant, Instant instant2) throws CaMgmtException {
        MgmtRequest.GenerateKeyCert generateKeyCert = new MgmtRequest.GenerateKeyCert();
        generateKeyCert.setCaName(str);
        generateKeyCert.setProfileName(str2);
        generateKeyCert.setSubject(str3);
        generateKeyCert.setNotBefore(instant);
        generateKeyCert.setNotAfter(instant2);
        MgmtResponse.KeyCertBytes parse = parse(transmit(MgmtAction.generateKeyCert, generateKeyCert), MgmtResponse.KeyCertBytes.class);
        return new KeyCertBytesPair(parse.getKey(), parse.getCert());
    }

    public X509Cert generateRootCa(CaEntry caEntry, String str, String str2, String str3, Instant instant, Instant instant2) throws CaMgmtException {
        MgmtRequest.GenerateRootCa generateRootCa = new MgmtRequest.GenerateRootCa();
        generateRootCa.setCaEntry(caEntry);
        generateRootCa.setCertprofileName(str);
        generateRootCa.setSubject(str2);
        generateRootCa.setSerialNumber(str3);
        generateRootCa.setNotBefore(instant);
        generateRootCa.setNotAfter(instant2);
        return parseCert(parse(transmit(MgmtAction.generateRootCa, generateRootCa), MgmtResponse.ByteArray.class).getResult());
    }

    public X509CRLHolder generateCrlOnDemand(String str) throws CaMgmtException {
        return parseCrl(transmit(MgmtAction.generateCrlOnDemand, new MgmtRequest.Name(str)));
    }

    public X509CRLHolder getCrl(String str, BigInteger bigInteger) throws CaMgmtException {
        MgmtRequest.GetCrl getCrl = new MgmtRequest.GetCrl();
        getCrl.setCaName(str);
        getCrl.setCrlNumber(bigInteger);
        return parseCrl(transmit(MgmtAction.getCrl, getCrl));
    }

    public X509CRLHolder getCurrentCrl(String str) throws CaMgmtException {
        return parseCrl(transmit(MgmtAction.getCurrentCrl, new MgmtRequest.Name(str)));
    }

    public CertWithRevocationInfo getCert(String str, BigInteger bigInteger) throws CaMgmtException {
        MgmtRequest.GetCert getCert = new MgmtRequest.GetCert();
        getCert.setCaName(str);
        getCert.setSerialNumber(bigInteger);
        MgmtResponse.GetCert parse = parse(transmit(MgmtAction.getCert, getCert), MgmtResponse.GetCert.class);
        try {
            if (parse.getResult() == null) {
                return null;
            }
            return parse.getResult().toCertWithRevocationInfo();
        } catch (CertificateException e) {
            throw new CaMgmtException("could not parse the certificate", e);
        }
    }

    public CertWithRevocationInfo getCert(X500Name x500Name, BigInteger bigInteger) throws CaMgmtException {
        MgmtRequest.GetCert getCert = new MgmtRequest.GetCert();
        try {
            getCert.setEncodedIssuerDn(x500Name.getEncoded());
            getCert.setSerialNumber(bigInteger);
            try {
                return parse(transmit(MgmtAction.getCert, getCert), MgmtResponse.GetCert.class).getResult().toCertWithRevocationInfo();
            } catch (CertificateException e) {
                throw new CaMgmtException("could not parse the certificate", e);
            }
        } catch (IOException e2) {
            throw new CaMgmtException("could not encode issuer", e2);
        }
    }

    public void loadConf(byte[] bArr) throws CaMgmtException, IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        try {
            loadConfAndClose(byteArrayInputStream);
            byteArrayInputStream.close();
        } catch (Throwable th) {
            try {
                byteArrayInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public void loadConfAndClose(InputStream inputStream) throws CaMgmtException, IOException {
        MgmtRequest.LoadConf loadConf = new MgmtRequest.LoadConf();
        loadConf.setConfBytes(IoUtil.readAllBytes(inputStream));
        voidTransmit(MgmtAction.loadConf, loadConf);
    }

    public InputStream exportConf(List<String> list) throws CaMgmtException {
        MgmtRequest.ExportConf exportConf = new MgmtRequest.ExportConf();
        exportConf.setCaNames(list);
        return new ByteArrayInputStream(parse(transmit(MgmtAction.exportConf, exportConf), MgmtResponse.ByteArray.class).getResult());
    }

    public List<CertListInfo> listCertificates(String str, X500Name x500Name, Instant instant, Instant instant2, CertListOrderBy certListOrderBy, int i) throws CaMgmtException {
        MgmtRequest.ListCertificates listCertificates = new MgmtRequest.ListCertificates();
        listCertificates.setCaName(str);
        if (x500Name != null) {
            try {
                listCertificates.setEncodedSubjectDnPattern(x500Name.getEncoded());
            } catch (IOException e) {
                throw new CaMgmtException("could not parse subjectPattern", e);
            }
        }
        listCertificates.setValidFrom(instant);
        listCertificates.setValidTo(instant2);
        listCertificates.setOrderBy(certListOrderBy);
        listCertificates.setNumEntries(i);
        return parse(transmit(MgmtAction.listCertificates, listCertificates), MgmtResponse.ListCertificates.class).getResult();
    }

    public Set<String> getSupportedSignerTypes() throws CaMgmtException {
        return parse(transmit(MgmtAction.getSupportedSignerTypes, null), MgmtResponse.StringSet.class).getResult();
    }

    public Set<String> getSupportedCertprofileTypes() throws CaMgmtException {
        return parse(transmit(MgmtAction.getSupportedCertprofileTypes, null), MgmtResponse.StringSet.class).getResult();
    }

    public Set<String> getSupportedPublisherTypes() throws CaMgmtException {
        return parse(transmit(MgmtAction.getSupportedPublisherTypes, null), MgmtResponse.StringSet.class).getResult();
    }

    public String getTokenInfoP11(String str, Integer num, boolean z) throws CaMgmtException {
        return parse(transmit(MgmtAction.tokenInfoP11, new MgmtRequest.TokenInfoP11(str, num, z)), MgmtResponse.StringResponse.class).getResult();
    }

    private X509Cert parseCert(byte[] bArr) throws CaMgmtException {
        try {
            return X509Util.parseCert(bArr);
        } catch (CertificateException e) {
            throw new CaMgmtException("could not parse X.509 certificate", e);
        }
    }

    private X509CRLHolder parseCrl(byte[] bArr) throws CaMgmtException {
        try {
            return X509Util.parseCrl(parse(bArr, MgmtResponse.ByteArray.class).getResult());
        } catch (CRLException e) {
            throw new CaMgmtException("could not parse X.509 CRL", e);
        }
    }

    private void removeEntity(MgmtAction mgmtAction, String str) throws CaMgmtException {
        voidTransmit(mgmtAction, new MgmtRequest.Name(str));
    }

    private void voidTransmit(MgmtAction mgmtAction, MgmtRequest mgmtRequest) throws CaMgmtException {
        transmit(mgmtAction, mgmtRequest, true);
    }

    private byte[] transmit(MgmtAction mgmtAction, MgmtRequest mgmtRequest) throws CaMgmtException {
        return transmit(mgmtAction, mgmtRequest, false);
    }

    private byte[] transmit(MgmtAction mgmtAction, MgmtRequest mgmtRequest, boolean z) throws CaMgmtException {
        initIfNotDone();
        byte[] jSONBytes = mgmtRequest == null ? null : CaJson.toJSONBytes(mgmtRequest);
        int length = jSONBytes == null ? 0 : jSONBytes.length;
        try {
            HttpURLConnection openHttpConn = IoUtil.openHttpConn(this.actionUrlMap.get(mgmtAction));
            if (openHttpConn instanceof HttpsURLConnection) {
                if (this.sslSocketFactory != null) {
                    ((HttpsURLConnection) openHttpConn).setSSLSocketFactory(this.sslSocketFactory);
                }
                if (this.hostnameVerifier != null) {
                    ((HttpsURLConnection) openHttpConn).setHostnameVerifier(this.hostnameVerifier);
                }
            }
            openHttpConn.setDoOutput(true);
            openHttpConn.setUseCaches(false);
            openHttpConn.setRequestMethod("POST");
            openHttpConn.setRequestProperty("Content-Type", "application/json");
            openHttpConn.setRequestProperty("Content-Length", Integer.toString(length));
            OutputStream outputStream = openHttpConn.getOutputStream();
            if (length != 0) {
                outputStream.write(jSONBytes);
            }
            outputStream.flush();
            if (openHttpConn.getResponseCode() != 200) {
                String headerField = openHttpConn.getHeaderField("x-xipki-error");
                if (headerField != null) {
                    throw new CaMgmtException(headerField);
                }
                StringBuilder sb = new StringBuilder(100);
                sb.append("server returns ").append(openHttpConn.getResponseCode());
                String responseMessage = openHttpConn.getResponseMessage();
                if (StringUtil.isNotBlank(responseMessage)) {
                    sb.append(" ").append(responseMessage);
                }
                throw new CaMgmtException(sb.toString());
            }
            InputStream inputStream = openHttpConn.getInputStream();
            try {
                String contentType = openHttpConn.getContentType();
                if (!"application/json".equals(contentType)) {
                    throw new CaMgmtException("bad response: mime type " + contentType + " not supported!");
                }
                if (z) {
                    return null;
                }
                byte[] readAllBytesAndClose = IoUtil.readAllBytesAndClose(openHttpConn.getInputStream());
                if ((inputStream != null) & (1 == 0)) {
                    inputStream.close();
                }
                return readAllBytesAndClose;
            } finally {
                if ((inputStream != null) & (0 == 0)) {
                    inputStream.close();
                }
            }
        } catch (IOException e) {
            throw new CaMgmtException("IOException while sending message to the server: " + e.getMessage(), e);
        }
    }

    private static <T extends MgmtResponse> T parse(byte[] bArr, Class<T> cls) throws CaMgmtException {
        try {
            return (T) CaJson.parseObject(bArr, cls);
        } catch (RuntimeException e) {
            throw new CaMgmtException("cannot parse response " + cls + " from byte[]", e);
        }
    }

    static {
        LOG.info("XiPKI CA Management Client version {}", StringUtil.getBundleVersion(CaMgmtClient.class));
    }
}
