package org.xipki.ca.sdk;

import java.io.IOException;
import java.math.BigInteger;
import java.time.Instant;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSocketFactory;
import org.bouncycastle.asn1.x500.X500Name;
import org.xipki.security.KeyCertBytesPair;
import org.xipki.util.exception.DecodeException;
import org.xipki.util.exception.EncodeException;
import org.xipki.util.exception.ErrorCode;
import org.xipki.util.exception.ObjectCreationException;
import org.xipki.util.http.HttpRespContent;
import org.xipki.util.http.SslContextConf;
import org.xipki.util.http.XiHttpClient;

/* loaded from: input_file:org/xipki/ca/sdk/SdkClient.class */
public class SdkClient {
    private static final String CONTENT_TYPE_CBOR = "application/cbor";
    private final String serverUrl;
    private final XiHttpClient client;

    public SdkClient(SdkClientConf sdkClientConf) throws ObjectCreationException {
        this.serverUrl = sdkClientConf.getServerUrl();
        SslContextConf ofSslConf = SslContextConf.ofSslConf(sdkClientConf.getSsl());
        this.client = new XiHttpClient(ofSslConf.getSslSocketFactory(), ofSslConf.buildHostnameVerifier());
    }

    public SdkClient(String str, SSLSocketFactory sSLSocketFactory, HostnameVerifier hostnameVerifier) {
        this.serverUrl = str;
        this.client = new XiHttpClient(sSLSocketFactory, hostnameVerifier);
    }

    public byte[] send(String str, String str2, SdkRequest sdkRequest) throws IOException, SdkErrorResponseException {
        HttpRespContent httpPost;
        String str3 = sdkRequest == null ? null : CONTENT_TYPE_CBOR;
        String str4 = str == null ? this.serverUrl + "-/" : this.serverUrl + str + "/";
        if (sdkRequest == null) {
            httpPost = this.client.httpGet(str4 + str2);
        } else {
            try {
                httpPost = this.client.httpPost(str4 + str2, str3, sdkRequest.encode(), CONTENT_TYPE_CBOR);
            } catch (EncodeException e) {
                throw new SdkErrorResponseException(ErrorCode.CLIENT_REQUEST_ENCODE_ERROR, e.getMessage());
            }
        }
        if (httpPost.isOK()) {
            return httpPost.getContent();
        }
        byte[] content = httpPost.getContent();
        if (content == null) {
            throw new SdkErrorResponseException(ErrorCode.SYSTEM_FAILURE, null);
        }
        try {
            throw new SdkErrorResponseException(ErrorResponse.decode(content));
        } catch (DecodeException e2) {
            throw new SdkErrorResponseException(ErrorCode.CLIENT_RESPONSE_DECODE_ERROR, e2.getMessage());
        }
    }

    public boolean healthy(String str) {
        try {
            send(str, SdkConstants.CMD_health, null);
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    public byte[] cacert(String str) throws IOException, SdkErrorResponseException {
        try {
            byte[][] certificates = CertChainResponse.decode(send(str, SdkConstants.CMD_cacert, null)).getCertificates();
            if (certificates == null || certificates.length == 0) {
                return null;
            }
            return certificates[0];
        } catch (DecodeException e) {
            throw new SdkErrorResponseException(ErrorCode.CLIENT_RESPONSE_DECODE_ERROR, e.getMessage());
        }
    }

    public byte[][] cacerts(String str) throws IOException, SdkErrorResponseException {
        try {
            return CertChainResponse.decode(send(str, SdkConstants.CMD_cacerts, null)).getCertificates();
        } catch (DecodeException e) {
            throw new SdkErrorResponseException(ErrorCode.CLIENT_RESPONSE_DECODE_ERROR, e.getMessage());
        }
    }

    public byte[] cacertBySubject(byte[] bArr) throws IOException, SdkErrorResponseException {
        X500NameType x500NameType = new X500NameType(bArr);
        CaIdentifierRequest caIdentifierRequest = new CaIdentifierRequest();
        caIdentifierRequest.setIssuer(x500NameType);
        try {
            byte[][] certificates = CertChainResponse.decode(send(null, SdkConstants.CMD_cacert2, caIdentifierRequest)).getCertificates();
            if (certificates == null || certificates.length == 0) {
                return null;
            }
            return certificates[0];
        } catch (DecodeException e) {
            throw new SdkErrorResponseException(ErrorCode.CLIENT_RESPONSE_DECODE_ERROR, e.getMessage());
        }
    }

    public byte[][] cacertsBySubject(byte[] bArr) throws IOException, SdkErrorResponseException {
        X500NameType x500NameType = new X500NameType(bArr);
        CaIdentifierRequest caIdentifierRequest = new CaIdentifierRequest();
        caIdentifierRequest.setIssuer(x500NameType);
        try {
            return CertChainResponse.decode(send(null, SdkConstants.CMD_cacerts2, caIdentifierRequest)).getCertificates();
        } catch (DecodeException e) {
            throw new SdkErrorResponseException(ErrorCode.CLIENT_RESPONSE_DECODE_ERROR, e.getMessage());
        }
    }

    public CaNameResponse caNameBySubject(byte[] bArr) throws IOException, SdkErrorResponseException {
        X500NameType x500NameType = new X500NameType(bArr);
        CaIdentifierRequest caIdentifierRequest = new CaIdentifierRequest();
        caIdentifierRequest.setIssuer(x500NameType);
        try {
            return CaNameResponse.decode(send(null, SdkConstants.CMD_caname, caIdentifierRequest));
        } catch (DecodeException e) {
            throw new SdkErrorResponseException(ErrorCode.CLIENT_RESPONSE_DECODE_ERROR, e.getMessage());
        }
    }

    public CertprofileInfoResponse profileInfo(String str, String str2) throws IOException, SdkErrorResponseException {
        try {
            return CertprofileInfoResponse.decode(send(str, SdkConstants.CMD_profileinfo, new CertprofileInfoRequest(str2)));
        } catch (DecodeException e) {
            throw new SdkErrorResponseException(ErrorCode.CLIENT_RESPONSE_DECODE_ERROR, e.getMessage());
        }
    }

    public byte[] generateCrl(String str, String str2) throws IOException, SdkErrorResponseException {
        try {
            return CrlResponse.decode(send(str, "gen_crl", new GenCRLRequest(str2))).getCrl();
        } catch (DecodeException e) {
            throw new SdkErrorResponseException(ErrorCode.CLIENT_RESPONSE_DECODE_ERROR, e.getMessage());
        }
    }

    public byte[] currentCrl(String str) throws IOException, SdkErrorResponseException {
        return currentCrl(str, null, null, null);
    }

    public byte[] currentCrl(String str, BigInteger bigInteger, Instant instant, String str2) throws IOException, SdkErrorResponseException {
        try {
            return CrlResponse.decode(send(str, SdkConstants.CMD_crl, new GetCRLRequest(bigInteger, instant == null ? null : Long.valueOf(instant.getEpochSecond()), str2))).getCrl();
        } catch (DecodeException e) {
            throw new SdkErrorResponseException(ErrorCode.CLIENT_RESPONSE_DECODE_ERROR, e.getMessage());
        }
    }

    private byte[] enrollCert0(String str, String str2, String str3, EnrollCertRequestEntry enrollCertRequestEntry) throws IOException, SdkErrorResponseException {
        EnrollCertsRequest enrollCertsRequest = new EnrollCertsRequest();
        enrollCertsRequest.setCaCertMode(CertsMode.NONE);
        enrollCertsRequest.setEntries(new EnrollCertRequestEntry[]{enrollCertRequestEntry});
        try {
            byte[] cert = EnrollOrPollCertsResponse.decode(send(str3, str2, enrollCertsRequest)).getEntries()[0].getCert();
            if (cert == null) {
                throw new SdkErrorResponseException(ErrorCode.SYSTEM_FAILURE, "error " + str);
            }
            return cert;
        } catch (DecodeException e) {
            throw new SdkErrorResponseException(ErrorCode.CLIENT_RESPONSE_DECODE_ERROR, e.getMessage());
        }
    }

    private KeyCertBytesPair enrollCertCaGenKeypair0(String str, String str2, String str3, EnrollCertRequestEntry enrollCertRequestEntry) throws IOException, SdkErrorResponseException {
        EnrollCertsRequest enrollCertsRequest = new EnrollCertsRequest();
        enrollCertsRequest.setCaCertMode(CertsMode.NONE);
        enrollCertsRequest.setEntries(new EnrollCertRequestEntry[]{enrollCertRequestEntry});
        try {
            EnrollOrPullCertResponseEntry enrollOrPullCertResponseEntry = EnrollOrPollCertsResponse.decode(send(str3, str2, enrollCertsRequest)).getEntries()[0];
            if (enrollOrPullCertResponseEntry.getCert() == null || enrollOrPullCertResponseEntry.getPrivateKey() == null) {
                throw new SdkErrorResponseException(ErrorCode.SYSTEM_FAILURE, "error " + str);
            }
            return new KeyCertBytesPair(enrollOrPullCertResponseEntry.getPrivateKey(), enrollOrPullCertResponseEntry.getCert());
        } catch (DecodeException e) {
            throw new SdkErrorResponseException(ErrorCode.CLIENT_RESPONSE_DECODE_ERROR, e.getMessage());
        }
    }

    public byte[] enrollCert(String str, String str2, byte[] bArr) throws IOException, SdkErrorResponseException {
        EnrollCertRequestEntry enrollCertRequestEntry = new EnrollCertRequestEntry();
        enrollCertRequestEntry.setP10req(bArr);
        enrollCertRequestEntry.setCertprofile(str2);
        return enrollCert0("enrollCert", SdkConstants.CMD_enroll, str, enrollCertRequestEntry);
    }

    public KeyCertBytesPair enrollCertCaGenKeypair(String str, String str2, String str3) throws IOException, SdkErrorResponseException {
        EnrollCertRequestEntry enrollCertRequestEntry = new EnrollCertRequestEntry();
        enrollCertRequestEntry.setSubject(new X500NameType(str3));
        enrollCertRequestEntry.setCertprofile(str2);
        return enrollCertCaGenKeypair0("enrollCertCaGenKeypair", SdkConstants.CMD_enroll, str, enrollCertRequestEntry);
    }

    public byte[] reenrollCert(String str, String str2, byte[] bArr, X500Name x500Name, BigInteger bigInteger) throws IOException, SdkErrorResponseException {
        EnrollCertRequestEntry enrollCertRequestEntry = new EnrollCertRequestEntry();
        enrollCertRequestEntry.setCertprofile(str2);
        enrollCertRequestEntry.setP10req(bArr);
        enrollCertRequestEntry.setOldCertIsn(new OldCertInfoByIssuerAndSerial(false, new X500NameType(x500Name), bigInteger));
        return enrollCert0("reenrollCert", SdkConstants.CMD_reenroll, str, enrollCertRequestEntry);
    }

    public KeyCertBytesPair reenrollCertCaGenKeypair(String str, String str2, X500Name x500Name, String str3, BigInteger bigInteger) throws IOException, SdkErrorResponseException {
        EnrollCertRequestEntry enrollCertRequestEntry = new EnrollCertRequestEntry();
        enrollCertRequestEntry.setCertprofile(str2);
        enrollCertRequestEntry.setSubject(new X500NameType(x500Name));
        enrollCertRequestEntry.setOldCertIsn(new OldCertInfoByIssuerAndSerial(false, new X500NameType(str3), bigInteger));
        return enrollCertCaGenKeypair0("reenrollCertCaGenKeypair", SdkConstants.CMD_reenroll, str, enrollCertRequestEntry);
    }

    public EnrollOrPollCertsResponse enrollCerts(String str, EnrollCertsRequest enrollCertsRequest) throws IOException, SdkErrorResponseException {
        return checkEnrollResp(send(str, SdkConstants.CMD_enroll, enrollCertsRequest), enrollCertsRequest);
    }

    public EnrollOrPollCertsResponse enrollCrossCerts(String str, EnrollCertsRequest enrollCertsRequest) throws IOException, SdkErrorResponseException {
        return checkEnrollResp(send(str, SdkConstants.CMD_enroll_cross, enrollCertsRequest), enrollCertsRequest);
    }

    public EnrollOrPollCertsResponse reenrollCerts(String str, EnrollCertsRequest enrollCertsRequest) throws IOException, SdkErrorResponseException {
        return checkEnrollResp(send(str, SdkConstants.CMD_reenroll, enrollCertsRequest), enrollCertsRequest);
    }

    private EnrollOrPollCertsResponse checkEnrollResp(byte[] bArr, EnrollCertsRequest enrollCertsRequest) throws IOException, SdkErrorResponseException {
        try {
            EnrollOrPollCertsResponse decode = EnrollOrPollCertsResponse.decode(bArr);
            EnrollOrPullCertResponseEntry[] entries = decode.getEntries();
            int length = enrollCertsRequest.getEntries().length;
            int length2 = entries == null ? 0 : entries.length;
            if (length != length2) {
                throw new IOException("expected " + length + " entries, but received " + length2);
            }
            return decode;
        } catch (DecodeException e) {
            throw new SdkErrorResponseException(ErrorCode.CLIENT_RESPONSE_DECODE_ERROR, e.getMessage());
        }
    }

    public void confirmCerts(String str, ConfirmCertsRequest confirmCertsRequest) throws IOException, SdkErrorResponseException {
        send(str, SdkConstants.CMD_confirm_enroll, confirmCertsRequest);
    }

    public void revokePendingCerts(String str, String str2) throws IOException, SdkErrorResponseException {
        send(str, SdkConstants.CMD_revoke_pending_cert, new TransactionIdRequest(str2));
    }

    public EnrollOrPollCertsResponse pollCerts(PollCertRequest pollCertRequest) throws IOException, SdkErrorResponseException {
        try {
            return EnrollOrPollCertsResponse.decode(send(null, SdkConstants.CMD_poll_cert, pollCertRequest));
        } catch (DecodeException e) {
            throw new SdkErrorResponseException(ErrorCode.CLIENT_RESPONSE_DECODE_ERROR, e.getMessage());
        }
    }

    public RevokeCertsResponse revokeCerts(RevokeCertsRequest revokeCertsRequest) throws IOException, SdkErrorResponseException {
        try {
            return RevokeCertsResponse.decode(send(null, "revoke_cert", revokeCertsRequest));
        } catch (DecodeException e) {
            throw new SdkErrorResponseException(ErrorCode.CLIENT_RESPONSE_DECODE_ERROR, e.getMessage());
        }
    }

    public UnSuspendOrRemoveCertsResponse unsuspendCerts(UnsuspendOrRemoveRequest unsuspendOrRemoveRequest) throws IOException, SdkErrorResponseException {
        try {
            return UnSuspendOrRemoveCertsResponse.decode(send(null, "unsuspend_cert", unsuspendOrRemoveRequest));
        } catch (DecodeException e) {
            throw new SdkErrorResponseException(ErrorCode.CLIENT_RESPONSE_DECODE_ERROR, e.getMessage());
        }
    }

    public UnSuspendOrRemoveCertsResponse removeCerts(UnsuspendOrRemoveRequest unsuspendOrRemoveRequest) throws IOException, SdkErrorResponseException {
        try {
            return UnSuspendOrRemoveCertsResponse.decode(send(null, "remove_cert", unsuspendOrRemoveRequest));
        } catch (DecodeException e) {
            throw new SdkErrorResponseException(ErrorCode.CLIENT_RESPONSE_DECODE_ERROR, e.getMessage());
        }
    }

    public byte[] getCert(String str, X500Name x500Name, BigInteger bigInteger) throws IOException, SdkErrorResponseException {
        try {
            return PayloadResponse.decode(send(str, SdkConstants.CMD_get_cert, new GetCertRequest(bigInteger, new X500NameType(x500Name)))).getPayload();
        } catch (DecodeException e) {
            throw new SdkErrorResponseException(ErrorCode.CLIENT_RESPONSE_DECODE_ERROR, e.getMessage());
        }
    }
}
