package org.ejbca.core.model.ca.caadmin.extendedcaservices;

import java.io.Serializable;
import java.util.HashMap;
import java.util.LinkedHashMap;
import org.apache.log4j.Logger;
import org.bouncycastle.cms.CMSException;
import org.cesecore.certificates.ca.CA;
import org.cesecore.certificates.ca.extendedservices.ExtendedCAService;
import org.cesecore.certificates.ca.extendedservices.ExtendedCAServiceInfo;
import org.cesecore.certificates.ca.extendedservices.ExtendedCAServiceNotActiveException;
import org.cesecore.certificates.ca.extendedservices.ExtendedCAServiceRequest;
import org.cesecore.certificates.ca.extendedservices.ExtendedCAServiceRequestException;
import org.cesecore.certificates.ca.extendedservices.ExtendedCAServiceResponse;
import org.cesecore.certificates.ca.extendedservices.IllegalExtendedCAServiceRequestException;
import org.cesecore.keys.token.CryptoToken;
import org.cesecore.util.CryptoProviderTools;
import org.ejbca.core.model.InternalEjbcaResources;

/* loaded from: input_file:org/ejbca/core/model/ca/caadmin/extendedcaservices/HardTokenEncryptCAService.class */
public class HardTokenEncryptCAService extends ExtendedCAService implements Serializable {
    private static final long serialVersionUID = 2126714932597569623L;
    private static Logger log = Logger.getLogger(HardTokenEncryptCAService.class);
    private static final InternalEjbcaResources intres = InternalEjbcaResources.getInstance();
    public static final float LATEST_VERSION = 1.0f;
    public static final String SERVICENAME = "HARDTOKENENCRYPTCASERVICE";

    public HardTokenEncryptCAService(ExtendedCAServiceInfo extendedCAServiceInfo) {
        super(extendedCAServiceInfo);
        log.debug("HardTokenEncryptCAService : constructor " + extendedCAServiceInfo.getStatus());
        CryptoProviderTools.installBCProviderIfNotAvailable();
        this.data = new LinkedHashMap();
        this.data.put("IMPLCLASS", getClass().getName());
        this.data.put("extendedcaservicetype", 4);
        this.data.put("version", new Float(1.0f));
        setStatus(extendedCAServiceInfo.getStatus());
    }

    public HardTokenEncryptCAService(HashMap<?, ?> hashMap) {
        super(hashMap);
        CryptoProviderTools.installBCProviderIfNotAvailable();
        loadData(hashMap);
    }

    public void init(CryptoToken cryptoToken, CA ca) throws Exception {
        log.debug("OCSPCAService : init ");
        setCA(ca);
        setStatus(getExtendedCAServiceInfo().getStatus());
    }

    public void update(CryptoToken cryptoToken, ExtendedCAServiceInfo extendedCAServiceInfo, CA ca) {
        log.debug("OCSPCAService : update " + extendedCAServiceInfo.getStatus());
        setStatus(extendedCAServiceInfo.getStatus());
        setCA(ca);
    }

    public ExtendedCAServiceResponse extendedService(CryptoToken cryptoToken, ExtendedCAServiceRequest extendedCAServiceRequest) throws ExtendedCAServiceRequestException, IllegalExtendedCAServiceRequestException, ExtendedCAServiceNotActiveException {
        HardTokenEncryptCAServiceResponse hardTokenEncryptCAServiceResponse;
        log.trace(">extendedService");
        if (getStatus() != 2) {
            String localizedMessage = intres.getLocalizedMessage("caservice.notactive", "HardTokenEncrypt");
            log.error(localizedMessage);
            throw new ExtendedCAServiceNotActiveException(localizedMessage);
        }
        if (!(extendedCAServiceRequest instanceof HardTokenEncryptCAServiceRequest)) {
            throw new IllegalExtendedCAServiceRequestException("Not a HardTokenEncryptCAServiceRequest: " + extendedCAServiceRequest.getClass().getName());
        }
        HardTokenEncryptCAServiceRequest hardTokenEncryptCAServiceRequest = (HardTokenEncryptCAServiceRequest) extendedCAServiceRequest;
        if (hardTokenEncryptCAServiceRequest.getCommand() == 1) {
            try {
                hardTokenEncryptCAServiceResponse = new HardTokenEncryptCAServiceResponse(1, getCa().encryptData(cryptoToken, hardTokenEncryptCAServiceRequest.getData(), 5));
            } catch (Exception e) {
                throw new IllegalExtendedCAServiceRequestException(e);
            } catch (CMSException e2) {
                log.error("encrypt:", e2.getUnderlyingException());
                throw new IllegalExtendedCAServiceRequestException(e2);
            }
        } else {
            if (hardTokenEncryptCAServiceRequest.getCommand() != 2) {
                throw new IllegalExtendedCAServiceRequestException("Illegal command: " + hardTokenEncryptCAServiceRequest.getCommand());
            }
            try {
                hardTokenEncryptCAServiceResponse = new HardTokenEncryptCAServiceResponse(1, getCa().decryptData(cryptoToken, hardTokenEncryptCAServiceRequest.getData(), 5));
            } catch (CMSException e3) {
                log.error("decrypt:", e3.getUnderlyingException());
                throw new IllegalExtendedCAServiceRequestException(e3);
            } catch (Exception e4) {
                throw new IllegalExtendedCAServiceRequestException(e4);
            }
        }
        return hardTokenEncryptCAServiceResponse;
    }

    public float getLatestVersion() {
        return 1.0f;
    }

    public void upgrade() {
        if (Float.compare(1.0f, getVersion()) != 0) {
            log.info(intres.getLocalizedMessage("caservice.upgrade", new Float(getVersion())));
            this.data.put("version", new Float(1.0f));
        }
    }

    public ExtendedCAServiceInfo getExtendedCAServiceInfo() {
        return new HardTokenEncryptCAServiceInfo(getStatus());
    }
}
