package koal.ra.caclient;

import com.koal.common.util.Base64;
import com.koal.security.pki.x509.Certificate;
import koal.ra.caclient.spec.RACertRecoverResp;
import koal.ra.caclient.spec.RACertRenewResp;
import koal.ra.caclient.spec.RACertRequestResp;
import koal.ra.caclient.spec.RACertRevokeResp;
import koal.ra.caclient.spec.RAMessage;
import koal.ra.caclient.spec.RARespMessage;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:koal/ra/caclient/KoalCaResponse.class */
public class KoalCaResponse {
    private static final Logger mLog = LoggerFactory.getLogger(KoalCaResponse.class);

    static void caResponseDecode(RAMessage rAMessage, String str) throws Exception {
        try {
            rAMessage.decode(Base64.decode(str.getBytes()));
        } catch (Exception e) {
            throw new Exception("CA响应结果解析错误: " + e.getMessage(), e);
        }
    }

    static void checkErrorMessage(RAMessage rAMessage) throws Exception {
        if (rAMessage.isErrorMessage()) {
            throw new Exception("error.ca.response", new Exception("error.response.code(" + rAMessage.getErrorCode() + ");message(" + rAMessage.getErrorMessage() + ")"));
        }
    }

    static void checkResponseCount(RARespMessage rARespMessage) throws Exception {
        if (rARespMessage.getResponseCount() < 1) {
            throw new Exception("CA返回的响应结果无效(ResponseCount<1)。");
        }
    }

    static void checkResponseStatus(RARespMessage rARespMessage) throws Exception {
        int status = rARespMessage.getStatus();
        if (status != 0) {
            throw new Exception("CA返回的响应结果无效(status=" + status + "): " + rARespMessage.getStatusMessage());
        }
    }

    public static CertResponse issue(KoalCALinkProperties koalCALinkProperties, ReqTemplate reqTemplate, String str, LraType lraType) throws Exception {
        RACertRequestResp createMessage = RACertRequestResp.createMessage(koalCALinkProperties.getSender(), koalCALinkProperties.getReceiver(), koalCALinkProperties.getCaVersion());
        caResponseDecode(createMessage, str);
        checkErrorMessage(createMessage);
        checkResponseCount(createMessage);
        checkResponseStatus(createMessage);
        CertResponse certResponse = new CertResponse();
        try {
            Certificate newSigCert = createMessage.getNewSigCert();
            Certificate newEncCert = createMessage.getNewEncCert();
            String lRACertResp = createMessage.getLRACertResp(koalCALinkProperties.getSender(), koalCALinkProperties.getReceiver(), lraType);
            certResponse.setOldSigCert(reqTemplate.getSigCert());
            certResponse.setOldEncCert(reqTemplate.getEncCert());
            certResponse.setNewSigCert(newSigCert);
            certResponse.setNewEncCert(newEncCert);
            certResponse.setLraType(lraType);
            certResponse.setLraInfo(lRACertResp);
            return certResponse;
        } catch (Exception e) {
            mLog.error("Failed to generate sign lraInfo: " + e.getMessage(), e);
            throw new Exception("证书签发LraInfo码生成失败: " + e.getMessage(), e);
        }
    }

    public static CertResponse revoke(KoalCALinkProperties koalCALinkProperties, ReqTemplate reqTemplate, String str) throws Exception {
        RACertRevokeResp createMessage = RACertRevokeResp.createMessage(koalCALinkProperties.getSender(), koalCALinkProperties.getReceiver(), koalCALinkProperties.getCaVersion());
        caResponseDecode(createMessage, str);
        checkErrorMessage(createMessage);
        checkResponseCount(createMessage);
        checkResponseStatus(createMessage);
        CertResponse certResponse = new CertResponse();
        certResponse.setOldSigCert(reqTemplate.getSigCert());
        certResponse.setOldEncCert(reqTemplate.getEncCert());
        return certResponse;
    }

    public static CertResponse renew(KoalCALinkProperties koalCALinkProperties, ReqTemplate reqTemplate, String str, LraType lraType) throws Exception {
        RACertRenewResp createMessage = RACertRenewResp.createMessage(koalCALinkProperties.getSender(), koalCALinkProperties.getReceiver(), koalCALinkProperties.getCaVersion());
        caResponseDecode(createMessage, str);
        checkErrorMessage(createMessage);
        checkResponseCount(createMessage);
        checkResponseStatus(createMessage);
        CertResponse certResponse = new CertResponse();
        try {
            Certificate newSigCert = createMessage.getNewSigCert();
            Certificate newEncCert = createMessage.getNewEncCert();
            String lRACertResp = createMessage.getLRACertResp(koalCALinkProperties.getSender(), koalCALinkProperties.getReceiver(), lraType);
            certResponse.setOldSigCert(reqTemplate.getSigCert());
            certResponse.setOldEncCert(reqTemplate.getEncCert());
            certResponse.setNewSigCert(newSigCert);
            certResponse.setNewEncCert(newEncCert);
            certResponse.setLraType(lraType);
            certResponse.setLraInfo(lRACertResp);
            return certResponse;
        } catch (Exception e) {
            mLog.error("Failed to generate renew lraInfo: " + e.getMessage(), e);
            throw new Exception("证书更新LraInfo码生成失败: " + e.getMessage(), e);
        }
    }

    public static CertResponse postpone(KoalCALinkProperties koalCALinkProperties, ReqTemplate reqTemplate, String str, LraType lraType) throws Exception {
        try {
            return renew(koalCALinkProperties, reqTemplate, str, lraType);
        } catch (Exception e) {
            throw new Exception("证书延期LraInfo码生成失败: " + e.getMessage(), e);
        }
    }

    public static CertResponse recover(KoalCALinkProperties koalCALinkProperties, ReqTemplate reqTemplate, String str, LraType lraType) throws Exception {
        RACertRecoverResp createMessage = RACertRecoverResp.createMessage(koalCALinkProperties.getSender(), koalCALinkProperties.getReceiver(), koalCALinkProperties.getCaVersion());
        caResponseDecode(createMessage, str);
        checkErrorMessage(createMessage);
        checkResponseCount(createMessage);
        checkResponseStatus(createMessage);
        CertResponse certResponse = new CertResponse();
        try {
            Certificate newSigCert = createMessage.getNewSigCert();
            Certificate newEncCert = createMessage.getNewEncCert();
            String lRACertResp = createMessage.getLRACertResp(koalCALinkProperties.getSender(), koalCALinkProperties.getReceiver(), lraType);
            certResponse.setOldSigCert(reqTemplate.getSigCert());
            certResponse.setOldEncCert(reqTemplate.getEncCert());
            certResponse.setNewSigCert(newSigCert);
            certResponse.setNewEncCert(newEncCert);
            certResponse.setLraType(lraType);
            certResponse.setLraInfo(lRACertResp);
            return certResponse;
        } catch (Exception e) {
            mLog.error("Failed to generate recover lraInfo: " + e.getMessage(), e);
            throw new Exception("证书恢复LraInfo码生成失败: " + e.getMessage(), e);
        }
    }
}
