package sk.eset.era.g2webconsole.server.modules.security;

import com.google.gwt.user.server.Base64Utils;
import com.google.gwt.user.server.rpc.impl.SerializedInstanceReference;
import com.google.gwt.user.server.rpc.impl.TypeNameObfuscator;
import com.google.protobuf.ByteString;
import java.util.List;
import org.slf4j.Marker;
import sk.eset.era.commons.common.model.objects.StaticobjectidentificationProto;
import sk.eset.era.commons.common.model.objects.UuidProtobuf;
import sk.eset.era.commons.server.model.objects.StaticobjectidentificationProto;
import sk.eset.era.commons.server.model.objects.UuidProtobuf;
import sk.eset.era.g2webconsole.common.model.exceptions.EraRequestHandlingException;
import sk.eset.era.g2webconsole.common.model.exceptions.RequestPendingException;
import sk.eset.era.g2webconsole.common.model.objects.CertificateattributesProto;
import sk.eset.era.g2webconsole.common.model.objects.PeercertificatecreationattributesProto;
import sk.eset.era.g2webconsole.common.model.objects.TwofactorauthtypeProto;
import sk.eset.era.g2webconsole.common.model.objects.composite.ApnCertificatesIdsComposite;
import sk.eset.era.g2webconsole.common.model.objects.composite.ExportCAComposite;
import sk.eset.era.g2webconsole.common.model.objects.composite.ExportCertificateComposite;
import sk.eset.era.g2webconsole.common.model.objects.composite.result.IsRpcResults;
import sk.eset.era.g2webconsole.common.model.objects.composite.result.RpcResult;
import sk.eset.era.g2webconsole.common.model.objects.composite.result.RpcResults;
import sk.eset.era.g2webconsole.server.model.messages.security.Rpcaddcertificationauthorityresponse;
import sk.eset.era.g2webconsole.server.model.messages.security.Rpccreatecertificaterequestandprivatekeyresponse;
import sk.eset.era.g2webconsole.server.model.messages.security.Rpccreatecertificationauthorityresponse;
import sk.eset.era.g2webconsole.server.model.messages.security.Rpccreatepeercertificateandprivatekeyresponse;
import sk.eset.era.g2webconsole.server.model.messages.security.Rpcexportpeercertificateandprivatekeyresponse;
import sk.eset.era.g2webconsole.server.model.messages.security.Rpcgetcertificateissuerresponse;
import sk.eset.era.g2webconsole.server.model.objects.CertificateattributesProto;
import sk.eset.era.g2webconsole.server.model.objects.PeercertificatecreationattributesProto;
import sk.eset.era.g2webconsole.server.model.objects.TwofactorauthtypeProto;
import sk.eset.era.g2webconsole.server.modules.Errors;
import sk.eset.era.g2webconsole.server.modules.Requests;
import sk.eset.era.g2webconsole.server.modules.authorization.ServerSideSessionData;
import sk.eset.era.g2webconsole.server.modules.connection.BusMessageType;
import sk.eset.era.g2webconsole.server.modules.connection.rpc.security.AddCertificationAuthorityRequest;
import sk.eset.era.g2webconsole.server.modules.connection.rpc.security.CreateCertificateRequestAndPrivateKeyRequest;
import sk.eset.era.g2webconsole.server.modules.connection.rpc.security.CreateCertificationAuthorityRequest;
import sk.eset.era.g2webconsole.server.modules.connection.rpc.security.CreatePeerCertificateAndPrivateKeyRequest;
import sk.eset.era.g2webconsole.server.modules.connection.rpc.security.ExportPeerCertificateAndPrivateKeyRequest;
import sk.eset.era.g2webconsole.server.modules.connection.rpc.security.GetCertificateIssuerRequest;
import sk.eset.era.g2webconsole.server.modules.connection.rpc.security.ModifyCertificateDescriptionRequest;
import sk.eset.era.g2webconsole.server.modules.connection.rpc.security.ModifyTwoFactorAuthenticationRequest;
import sk.eset.era.g2webconsole.server.modules.connection.rpc.security.RemoveCertificationAuthorityRequest;
import sk.eset.era.g2webconsole.server.modules.connection.rpc.security.RevokePeerCertificateRequest;

/* loaded from: input_file:WEB-INF/lib/commons-0.0.1-SNAPSHOT.jar:sk/eset/era/g2webconsole/server/modules/security/CertificateModuleImpl.class */
public class CertificateModuleImpl implements CertificateModule {
    private final Requests requests;
    private final Errors errors = new Errors();

    public CertificateModuleImpl(Requests requests) {
        this.requests = requests;
    }

    @Override // sk.eset.era.g2webconsole.server.modules.security.CertificateModule
    public StaticobjectidentificationProto.StaticObjectIdentification importCertificateAuthority(ServerSideSessionData serverSideSessionData, Long l, String str) throws EraRequestHandlingException {
        if (l == null) {
            this.errors.onInsufficientParameters(serverSideSessionData);
        }
        Object retrieveObject = serverSideSessionData.getObjectContainer().retrieveObject(l);
        if (retrieveObject == null || !(retrieveObject instanceof byte[])) {
            throw this.errors.localized(serverSideSessionData, "uploadedFileNotValid", new String[0]);
        }
        Rpcaddcertificationauthorityresponse.RpcAddCertificationAuthorityResponse rpcAddCertificationAuthorityResponse = (Rpcaddcertificationauthorityresponse.RpcAddCertificationAuthorityResponse) this.requests.doRequestNoPending(new AddCertificationAuthorityRequest(ByteString.copyFrom((byte[]) retrieveObject), str), serverSideSessionData);
        if (rpcAddCertificationAuthorityResponse == null) {
            return null;
        }
        return rpcAddCertificationAuthorityResponse.getStaticObjectIdentification().toGwtBuilder().build();
    }

    @Override // sk.eset.era.g2webconsole.server.modules.security.CertificateModule
    public StaticobjectidentificationProto.StaticObjectIdentification createCertificateAuthority(ServerSideSessionData serverSideSessionData, String str, CertificateattributesProto.CertificateAttributes certificateAttributes, String str2) throws EraRequestHandlingException {
        if (str == null || certificateAttributes == null) {
            this.errors.onInsufficientParameters(serverSideSessionData);
        }
        Rpccreatecertificationauthorityresponse.RpcCreateCertificationAuthorityResponse rpcCreateCertificationAuthorityResponse = (Rpccreatecertificationauthorityresponse.RpcCreateCertificationAuthorityResponse) this.requests.doRequestNoPending(new CreateCertificationAuthorityRequest(str, CertificateattributesProto.CertificateAttributes.newBuilder(certificateAttributes).build(), str2), serverSideSessionData);
        if (rpcCreateCertificationAuthorityResponse == null) {
            return null;
        }
        return rpcCreateCertificationAuthorityResponse.getStaticObjectIdentification().toGwtBuilder().build();
    }

    @Override // sk.eset.era.g2webconsole.server.modules.security.CertificateModule
    public StaticobjectidentificationProto.StaticObjectIdentification createPeerCertificateAndPrivateKey(ServerSideSessionData serverSideSessionData, CertificateattributesProto.CertificateAttributes certificateAttributes, PeercertificatecreationattributesProto.PeerCertificateCreationAttributes peerCertificateCreationAttributes, String str, String str2) throws EraRequestHandlingException {
        if (certificateAttributes == null || peerCertificateCreationAttributes == null) {
            this.errors.onInsufficientParameters(serverSideSessionData);
        }
        PeercertificatecreationattributesProto.PeerCertificateCreationAttributes.Builder newBuilder = PeercertificatecreationattributesProto.PeerCertificateCreationAttributes.newBuilder(peerCertificateCreationAttributes);
        Long l = null;
        if (peerCertificateCreationAttributes.hasCertificationAuthorityPfxBlob()) {
            try {
                l = Long.valueOf(Long.parseLong(peerCertificateCreationAttributes.getCertificationAuthorityPfxBlob().toStringUtf8()));
                Object retrieveObject = serverSideSessionData.getObjectContainer().retrieveObject(l);
                if (retrieveObject == null || !(retrieveObject instanceof byte[])) {
                    throw this.errors.localized(serverSideSessionData, "uploadedFileNotValid", new String[0]);
                }
                newBuilder.setCertificationAuthorityPfxBlob(ByteString.copyFrom((byte[]) retrieveObject));
            } catch (NumberFormatException e) {
                throw this.errors.localized(serverSideSessionData, "certificatesCannotAttachPfxCert", new String[0]);
            }
        }
        Rpccreatepeercertificateandprivatekeyresponse.RpcCreatePeerCertificateAndPrivateKeyResponse rpcCreatePeerCertificateAndPrivateKeyResponse = (Rpccreatepeercertificateandprivatekeyresponse.RpcCreatePeerCertificateAndPrivateKeyResponse) this.requests.doRequestNoPending(new CreatePeerCertificateAndPrivateKeyRequest(CertificateattributesProto.CertificateAttributes.newBuilder(certificateAttributes).build(), newBuilder.build(), str, str2), serverSideSessionData);
        if (l != null) {
            serverSideSessionData.getObjectContainer().removeObject(l);
        }
        if (rpcCreatePeerCertificateAndPrivateKeyResponse == null) {
            return null;
        }
        return rpcCreatePeerCertificateAndPrivateKeyResponse.getStaticObjectIdentification().toGwtBuilder().build();
    }

    @Override // sk.eset.era.g2webconsole.server.modules.security.CertificateModule
    public ApnCertificatesIdsComposite createCertificateRequestAndPrivateKeyRequest(ServerSideSessionData serverSideSessionData, CertificateattributesProto.CertificateAttributes certificateAttributes, int i) throws EraRequestHandlingException, RequestPendingException {
        if (certificateAttributes == null) {
            this.errors.onInsufficientParameters(serverSideSessionData);
        }
        Rpccreatecertificaterequestandprivatekeyresponse.RpcCreateCertificateRequestAndPrivateKeyResponse rpcCreateCertificateRequestAndPrivateKeyResponse = i == -1 ? (Rpccreatecertificaterequestandprivatekeyresponse.RpcCreateCertificateRequestAndPrivateKeyResponse) this.requests.doRequestAllowPending(new CreateCertificateRequestAndPrivateKeyRequest(CertificateattributesProto.CertificateAttributes.newBuilder(certificateAttributes).build()), serverSideSessionData) : (Rpccreatecertificaterequestandprivatekeyresponse.RpcCreateCertificateRequestAndPrivateKeyResponse) this.requests.sendPendingRequest(serverSideSessionData, i, false, BusMessageType.CreateCertificateRequestAndPrivateKeyResponse, Rpccreatecertificaterequestandprivatekeyresponse.RpcCreateCertificateRequestAndPrivateKeyResponse.class, null);
        if (rpcCreateCertificateRequestAndPrivateKeyResponse == null) {
            return null;
        }
        ApnCertificatesIdsComposite apnCertificatesIdsComposite = new ApnCertificatesIdsComposite();
        Long storeObject = serverSideSessionData.getObjectContainer().storeObject(rpcCreateCertificateRequestAndPrivateKeyResponse.getCertificatePrivateKeyPemBlob().toByteArray(), Integer.valueOf(rpcCreateCertificateRequestAndPrivateKeyResponse.getCertificatePrivateKeyPemBlob().toByteArray().length), true);
        Long storeObject2 = serverSideSessionData.getObjectContainer().storeObject(rpcCreateCertificateRequestAndPrivateKeyResponse.getSignedCertificateRequestPlistBlob().toByteArray(), Integer.valueOf(rpcCreateCertificateRequestAndPrivateKeyResponse.getSignedCertificateRequestPlistBlob().toByteArray().length), true);
        apnCertificatesIdsComposite.setCertificatePrivateKeyPemBlobId(storeObject);
        apnCertificatesIdsComposite.setSignedCertificateRequestPlistBlobId(storeObject2);
        return apnCertificatesIdsComposite;
    }

    @Override // sk.eset.era.g2webconsole.server.modules.security.CertificateModule
    public ExportCertificateComposite exportPeerCertificateAndPrivateKeyRequest(ServerSideSessionData serverSideSessionData, UuidProtobuf.Uuid uuid) throws EraRequestHandlingException {
        if (uuid == null) {
            this.errors.onInsufficientParameters(serverSideSessionData);
        }
        Rpcexportpeercertificateandprivatekeyresponse.RpcExportPeerCertificateAndPrivateKeyResponse rpcExportPeerCertificateAndPrivateKeyResponse = (Rpcexportpeercertificateandprivatekeyresponse.RpcExportPeerCertificateAndPrivateKeyResponse) this.requests.doRequestNoPending(new ExportPeerCertificateAndPrivateKeyRequest(UuidProtobuf.Uuid.newBuilder(uuid).build()), serverSideSessionData);
        return new ExportCertificateComposite(serverSideSessionData.getObjectContainer().storeObject(rpcExportPeerCertificateAndPrivateKeyResponse.getPeerCertificatePfxBlob().toByteArray(), Integer.valueOf(rpcExportPeerCertificateAndPrivateKeyResponse.getPeerCertificatePfxBlob().toByteArray().length), true), conevrtToBase64(rpcExportPeerCertificateAndPrivateKeyResponse.getPeerCertificatePfxBlob().toByteArray()));
    }

    @Override // sk.eset.era.g2webconsole.server.modules.security.CertificateModule
    public void modifyCertificateDescription(ServerSideSessionData serverSideSessionData, boolean z, StaticobjectidentificationProto.StaticObjectIdentification staticObjectIdentification, String str) throws EraRequestHandlingException {
        if (staticObjectIdentification == null || str == null) {
            this.errors.onInsufficientParameters(serverSideSessionData);
        }
        this.requests.doRequestNoPending(new ModifyCertificateDescriptionRequest(z, StaticobjectidentificationProto.StaticObjectIdentification.newBuilder(staticObjectIdentification).build(), str), serverSideSessionData);
    }

    @Override // sk.eset.era.g2webconsole.server.modules.security.CertificateModule
    public void modifyTwoFactorAuthentication(ServerSideSessionData serverSideSessionData, boolean z, UuidProtobuf.Uuid uuid, boolean z2, boolean z3, TwofactorauthtypeProto.TwoFactorAuthType twoFactorAuthType) throws EraRequestHandlingException {
        if (uuid == null) {
            this.errors.onInsufficientParameters(serverSideSessionData);
        }
        this.requests.doRequestNoPending(new ModifyTwoFactorAuthenticationRequest(z, UuidProtobuf.Uuid.newBuilder(uuid).build(), z2, z3, twoFactorAuthType != null ? TwofactorauthtypeProto.TwoFactorAuthType.valueOf(twoFactorAuthType.getNumber()) : null), serverSideSessionData);
    }

    @Override // sk.eset.era.g2webconsole.server.modules.security.CertificateModule
    public void removeCertificationAuthority(ServerSideSessionData serverSideSessionData, StaticobjectidentificationProto.StaticObjectIdentification staticObjectIdentification) throws EraRequestHandlingException {
        if (staticObjectIdentification == null) {
            this.errors.onInsufficientParameters(serverSideSessionData);
        }
        this.requests.doRequestNoPending(new RemoveCertificationAuthorityRequest(StaticobjectidentificationProto.StaticObjectIdentification.newBuilder(staticObjectIdentification).build()), serverSideSessionData);
    }

    @Override // sk.eset.era.g2webconsole.server.modules.security.CertificateModule
    public IsRpcResults<StaticobjectidentificationProto.StaticObjectIdentification, EraRequestHandlingException> removeCertificationAuthorities(ServerSideSessionData serverSideSessionData, List<StaticobjectidentificationProto.StaticObjectIdentification> list) throws EraRequestHandlingException {
        if (list == null) {
            this.errors.onInsufficientParameters(serverSideSessionData);
        }
        RpcResults rpcResults = new RpcResults();
        for (StaticobjectidentificationProto.StaticObjectIdentification staticObjectIdentification : list) {
            EraRequestHandlingException eraRequestHandlingException = null;
            try {
                removeCertificationAuthority(serverSideSessionData, staticObjectIdentification);
            } catch (EraRequestHandlingException e) {
                eraRequestHandlingException = e;
            }
            rpcResults.getResults().put(staticObjectIdentification, new RpcResult(staticObjectIdentification, eraRequestHandlingException));
        }
        return rpcResults;
    }

    @Override // sk.eset.era.g2webconsole.server.modules.security.CertificateModule
    public void revokePeerCertificate(ServerSideSessionData serverSideSessionData, UuidProtobuf.Uuid uuid, String str) throws EraRequestHandlingException {
        if (uuid == null || str == null) {
            this.errors.onInsufficientParameters(serverSideSessionData);
        }
        this.requests.doRequestNoPending(new RevokePeerCertificateRequest(UuidProtobuf.Uuid.newBuilder(uuid).build(), str), serverSideSessionData);
    }

    @Override // sk.eset.era.g2webconsole.server.modules.security.CertificateModule
    public ExportCAComposite getCertificateAuthorityIssuer(ServerSideSessionData serverSideSessionData, UuidProtobuf.Uuid uuid) throws EraRequestHandlingException {
        if (uuid == null) {
            this.errors.onInsufficientParameters(serverSideSessionData);
        }
        Rpcgetcertificateissuerresponse.RpcGetCertificateIssuerResponse rpcGetCertificateIssuerResponse = (Rpcgetcertificateissuerresponse.RpcGetCertificateIssuerResponse) this.requests.doRequestNoPending(new GetCertificateIssuerRequest(UuidProtobuf.Uuid.newBuilder(uuid).build()), serverSideSessionData);
        return new ExportCAComposite(serverSideSessionData.getObjectContainer().storeObject(rpcGetCertificateIssuerResponse.getCertificateIssuerDerBlob().toByteArray(), Integer.valueOf(rpcGetCertificateIssuerResponse.getCertificateIssuerDerBlob().toByteArray().length), true), conevrtToBase64(rpcGetCertificateIssuerResponse.getCertificateIssuerDerBlob().toByteArray()));
    }

    private String conevrtToBase64(byte[] bArr) {
        return Base64Utils.toBase64(bArr).replace("$", Marker.ANY_NON_NULL_MARKER).replace(TypeNameObfuscator.SERVICE_INTERFACE_ID, SerializedInstanceReference.SERIALIZED_REFERENCE_SEPARATOR);
    }
}
