package com.xdja.pki.ldap.service;

import com.xdja.pki.issue.PkixIssueCRL;
import com.xdja.pki.issue.PkixIssueReq;
import com.xdja.pki.issue.PkixIssueRespBuilder;
import com.xdja.pki.issue.TBSIssueResponseStatus;
import com.xdja.pki.issue.TBSIssueType;
import com.xdja.pki.ldap.config.LDAPConfiguration;
import com.xdja.pki.ldap.dao.IDAO;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import sun.security.provider.certpath.X509CertificatePair;

@Service
/* loaded from: input_file:com/xdja/pki/ldap/service/OpenLDAPService.class */
public class OpenLDAPService {

    @Autowired
    private LDAPConfiguration ldapConfiguration;

    @Autowired
    private IDAO idao;

    /* renamed from: com.xdja.pki.ldap.service.OpenLDAPService$1, reason: invalid class name */
    /* loaded from: input_file:com/xdja/pki/ldap/service/OpenLDAPService$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$xdja$pki$issue$TBSIssueType = new int[TBSIssueType.values().length];

        static {
            try {
                $SwitchMap$com$xdja$pki$issue$TBSIssueType[TBSIssueType.UPDATE_ROOT_CERTIFICATE.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$xdja$pki$issue$TBSIssueType[TBSIssueType.SEND_CERTIFICATE.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$xdja$pki$issue$TBSIssueType[TBSIssueType.SEND_CRL.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$xdja$pki$issue$TBSIssueType[TBSIssueType.SEND_CROSS_CERTIFICATE.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$com$xdja$pki$issue$TBSIssueType[TBSIssueType.SEND_CERTIFICATE_STATUS.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
        }
    }

    public byte[] pkixIssue(PkixIssueReq pkixIssueReq, PkixIssueRespBuilder pkixIssueRespBuilder) throws Exception {
        switch (AnonymousClass1.$SwitchMap$com$xdja$pki$issue$TBSIssueType[pkixIssueReq.getTBSIssueType().ordinal()]) {
            case 1:
                List certificateList = pkixIssueReq.getCertificateList();
                System.out.println("UPDATE_ROOT_CERTIFICATE " + certificateList.size());
                if (certificateList.size() != 3) {
                    return pkixIssueRespBuilder.build(pkixIssueReq, TBSIssueResponseStatus.Error).getEncoded();
                }
                this.idao.updateRootCACertificate((X509Certificate) pkixIssueReq.getCertificateList().get(0), (X509Certificate) pkixIssueReq.getCertificateList().get(1), (X509Certificate) pkixIssueReq.getCertificateList().get(2));
                this.ldapConfiguration.updateCaCert((X509Certificate) pkixIssueReq.getCertificateList().get(2));
                break;
            case 2:
                List certificateList2 = pkixIssueReq.getCertificateList();
                System.out.println("SEND_CERTIFICATE " + certificateList2.size());
                Iterator it = certificateList2.iterator();
                while (it.hasNext()) {
                    this.idao.sendCertificate((X509Certificate) it.next());
                }
                break;
            case 3:
                List<PkixIssueCRL> cRLList = pkixIssueReq.getCRLList();
                System.out.println("SEND_CRL " + cRLList.size());
                for (PkixIssueCRL pkixIssueCRL : cRLList) {
                    this.idao.sendCRL(pkixIssueCRL.getCrlSegment(), pkixIssueCRL.getCrl());
                }
                break;
            case 4:
                List certificateList3 = pkixIssueReq.getCertificateList();
                System.out.println("SEND_CROSS_CERTIFICATE " + certificateList3.size());
                String principal = this.ldapConfiguration.getCaCert().getSubjectDN().toString();
                if (certificateList3.size() == 1) {
                    X509Certificate x509Certificate = (X509Certificate) certificateList3.get(0);
                    if (!principal.equals(x509Certificate.getSubjectDN().toString())) {
                        if (!principal.equals(x509Certificate.getIssuerDN().toString())) {
                            return pkixIssueRespBuilder.build(pkixIssueReq, TBSIssueResponseStatus.Error).getEncoded();
                        }
                        this.idao.sendCrossCertificate(new X509CertificatePair((X509Certificate) null, x509Certificate));
                        break;
                    } else {
                        this.idao.sendCrossCertificate(new X509CertificatePair(x509Certificate, (X509Certificate) null));
                        break;
                    }
                } else {
                    if (certificateList3.size() != 2) {
                        return pkixIssueRespBuilder.build(pkixIssueReq, TBSIssueResponseStatus.Error).getEncoded();
                    }
                    try {
                        this.idao.sendCrossCertificate(new X509CertificatePair((X509Certificate) certificateList3.get(0), (X509Certificate) certificateList3.get(1)));
                        break;
                    } catch (CertificateException e) {
                        return pkixIssueRespBuilder.build(pkixIssueReq, TBSIssueResponseStatus.Error).getEncoded();
                    }
                }
            case 5:
                System.out.println(pkixIssueReq.getCertStatusList());
                break;
            default:
                throw new Exception("bad request unknown type " + pkixIssueReq.getTBSIssueType());
        }
        return pkixIssueRespBuilder.build(pkixIssueReq, TBSIssueResponseStatus.Normal).getEncoded();
    }
}
