package org.ejbca.core.model.approval;

import java.io.ByteArrayInputStream;
import java.io.Externalizable;
import java.io.IOException;
import java.io.ObjectInput;
import java.io.ObjectOutput;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.apache.log4j.Logger;
import org.cesecore.authentication.tokens.AlwaysAllowLocalAuthenticationToken;
import org.cesecore.authentication.tokens.AuthenticationToken;
import org.cesecore.authentication.tokens.LocalJvmOnlyAuthenticationToken;
import org.cesecore.authentication.tokens.UsernamePrincipal;
import org.cesecore.authentication.tokens.X509CertificateAuthenticationToken;
import org.cesecore.util.Base64;
import org.cesecore.util.CertTools;
import org.ejbca.config.EjbcaConfiguration;
import org.ejbca.core.ejb.authentication.cli.CliAuthenticationToken;
import org.ejbca.core.ejb.authentication.cli.CliAuthenticationTokenReferenceRegistry;
import org.ejbca.core.model.log.Admin;

/* loaded from: input_file:org/ejbca/core/model/approval/ApprovalRequest.class */
public abstract class ApprovalRequest implements Externalizable {
    private static final long serialVersionUID = -1;
    private static final Logger log = Logger.getLogger(ApprovalRequest.class);
    private static final int LATEST_BASE_VERSION = 4;
    public static final int REQUESTTYPE_SIMPLE = 1;
    public static final int REQUESTTYPE_COMPARING = 2;
    private AuthenticationToken requestAdmin;
    private String requestSignature;
    private int approvalRequestType;
    private int numOfRequiredApprovals;
    private int cAId;
    private int endEntityProfileId;
    private boolean[] approvalSteps;

    protected ApprovalRequest(AuthenticationToken authenticationToken, String str, int i, int i2, int i3, int i4) {
        this.requestAdmin = null;
        this.requestSignature = null;
        this.approvalRequestType = 1;
        this.numOfRequiredApprovals = 0;
        this.cAId = 0;
        this.endEntityProfileId = 0;
        this.approvalSteps = new boolean[]{false};
        setRequestAdmin(authenticationToken);
        this.requestSignature = str;
        this.approvalRequestType = i;
        this.numOfRequiredApprovals = i2;
        this.cAId = i3;
        this.endEntityProfileId = i4;
    }

    protected ApprovalRequest(AuthenticationToken authenticationToken, String str, int i, int i2, int i3, int i4, int i5) {
        this.requestAdmin = null;
        this.requestSignature = null;
        this.approvalRequestType = 1;
        this.numOfRequiredApprovals = 0;
        this.cAId = 0;
        this.endEntityProfileId = 0;
        this.approvalSteps = new boolean[]{false};
        setRequestAdmin(authenticationToken);
        this.requestSignature = str;
        this.approvalRequestType = i;
        this.numOfRequiredApprovals = i2;
        this.cAId = i3;
        this.endEntityProfileId = i4;
        this.approvalSteps = new boolean[i5];
        for (int i6 = 0; i6 < i5; i6++) {
            this.approvalSteps[i6] = false;
        }
    }

    public ApprovalRequest() {
        this.requestAdmin = null;
        this.requestSignature = null;
        this.approvalRequestType = 1;
        this.numOfRequiredApprovals = 0;
        this.cAId = 0;
        this.endEntityProfileId = 0;
        this.approvalSteps = new boolean[]{false};
    }

    public abstract boolean isExecutable();

    public abstract void execute() throws ApprovalRequestExecutionException;

    public abstract int generateApprovalId();

    public abstract List<ApprovalDataText> getNewRequestDataAsText(AuthenticationToken authenticationToken);

    public abstract List<ApprovalDataText> getOldRequestDataAsText(AuthenticationToken authenticationToken);

    public boolean isAllowedTransition() {
        return false;
    }

    public long getRequestValidity() {
        return EjbcaConfiguration.getApprovalDefaultRequestValidity();
    }

    public long getApprovalValidity() {
        return EjbcaConfiguration.getApprovalDefaultApprovalValidity();
    }

    public abstract int getApprovalType();

    public int getNumOfRequiredApprovals() {
        return this.numOfRequiredApprovals;
    }

    public int getApprovalRequestType() {
        return this.approvalRequestType;
    }

    public String getRequestSignature() {
        return this.requestSignature;
    }

    public int getCAId() {
        return this.cAId;
    }

    public int getEndEntityProfileId() {
        return this.endEntityProfileId;
    }

    public void setRequestAdmin(AuthenticationToken authenticationToken) {
        this.requestAdmin = authenticationToken;
    }

    public Certificate getRequestAdminCert() {
        Set credentials = this.requestAdmin.getCredentials();
        if (credentials == null) {
            return null;
        }
        for (Object obj : credentials) {
            if (obj instanceof Certificate) {
                return (Certificate) obj;
            }
        }
        return null;
    }

    public AuthenticationToken getRequestAdmin() {
        return this.requestAdmin;
    }

    public boolean isStepDone(int i) {
        return this.approvalSteps[i];
    }

    public void markStepAsDone(int i) {
        this.approvalSteps[i] = true;
    }

    public int getNumberOfApprovalSteps() {
        return this.approvalSteps.length;
    }

    @Override // java.io.Externalizable
    public void writeExternal(ObjectOutput objectOutput) throws IOException {
        objectOutput.writeInt(4);
        objectOutput.writeObject(this.requestAdmin);
        objectOutput.writeObject(this.requestSignature);
        objectOutput.writeInt(this.approvalRequestType);
        objectOutput.writeInt(this.numOfRequiredApprovals);
        objectOutput.writeInt(this.cAId);
        objectOutput.writeInt(this.endEntityProfileId);
        objectOutput.writeInt(this.approvalSteps.length);
        for (int i = 0; i < this.approvalSteps.length; i++) {
            objectOutput.writeBoolean(this.approvalSteps[i]);
        }
    }

    @Override // java.io.Externalizable
    public void readExternal(ObjectInput objectInput) throws IOException, ClassNotFoundException {
        int readInt = objectInput.readInt();
        if (readInt == 1) {
            X509Certificate x509Certificate = null;
            try {
                x509Certificate = (X509Certificate) CertTools.getCertificateFactory().generateCertificate(new ByteArrayInputStream(Base64.decode(((String) objectInput.readObject()).getBytes())));
            } catch (CertificateException e) {
                log.error(e);
            }
            HashSet hashSet = new HashSet();
            hashSet.add(x509Certificate);
            HashSet hashSet2 = new HashSet();
            hashSet2.add(x509Certificate.getSubjectX500Principal());
            this.requestAdmin = new X509CertificateAuthenticationToken(hashSet2, hashSet);
            this.requestSignature = (String) objectInput.readObject();
            this.approvalRequestType = objectInput.readInt();
            this.numOfRequiredApprovals = objectInput.readInt();
            this.cAId = objectInput.readInt();
            this.endEntityProfileId = objectInput.readInt();
            this.approvalSteps = new boolean[1];
        }
        if (readInt == 2) {
            Admin admin = (Admin) objectInput.readObject();
            X509Certificate x509Certificate2 = (X509Certificate) admin.getAdminInformation().getX509Certificate();
            AlwaysAllowLocalAuthenticationToken alwaysAllowLocalAuthenticationToken = null;
            if (x509Certificate2 != null) {
                HashSet hashSet3 = new HashSet();
                hashSet3.add(x509Certificate2);
                HashSet hashSet4 = new HashSet();
                hashSet4.add(x509Certificate2.getSubjectX500Principal());
                alwaysAllowLocalAuthenticationToken = new X509CertificateAuthenticationToken(hashSet4, hashSet3);
            } else if (admin.getAdminInformation().isSpecialUser() && admin.getUsername() != null) {
                alwaysAllowLocalAuthenticationToken = new AlwaysAllowLocalAuthenticationToken(new UsernamePrincipal(admin.getUsername()));
            }
            this.requestAdmin = alwaysAllowLocalAuthenticationToken;
            this.requestAdmin = null;
            this.requestSignature = (String) objectInput.readObject();
            this.approvalRequestType = objectInput.readInt();
            this.numOfRequiredApprovals = objectInput.readInt();
            this.cAId = objectInput.readInt();
            this.endEntityProfileId = objectInput.readInt();
            this.approvalSteps = new boolean[1];
        }
        if (readInt == 3) {
            Admin admin2 = (Admin) objectInput.readObject();
            X509Certificate x509Certificate3 = (X509Certificate) admin2.getAdminInformation().getX509Certificate();
            AlwaysAllowLocalAuthenticationToken alwaysAllowLocalAuthenticationToken2 = null;
            if (x509Certificate3 != null) {
                HashSet hashSet5 = new HashSet();
                hashSet5.add(x509Certificate3);
                HashSet hashSet6 = new HashSet();
                hashSet6.add(x509Certificate3.getSubjectX500Principal());
                alwaysAllowLocalAuthenticationToken2 = new X509CertificateAuthenticationToken(hashSet6, hashSet5);
            } else if (admin2.getAdminInformation().isSpecialUser() && admin2.getUsername() != null) {
                alwaysAllowLocalAuthenticationToken2 = new AlwaysAllowLocalAuthenticationToken(new UsernamePrincipal(admin2.getUsername()));
            }
            this.requestAdmin = alwaysAllowLocalAuthenticationToken2;
            this.requestSignature = (String) objectInput.readObject();
            this.approvalRequestType = objectInput.readInt();
            this.numOfRequiredApprovals = objectInput.readInt();
            this.cAId = objectInput.readInt();
            this.endEntityProfileId = objectInput.readInt();
            this.approvalSteps = new boolean[objectInput.readInt()];
            for (int i = 0; i < this.approvalSteps.length; i++) {
                this.approvalSteps[i] = objectInput.readBoolean();
            }
        }
        if (readInt == 4) {
            this.requestAdmin = (AuthenticationToken) objectInput.readObject();
            if (log.isTraceEnabled()) {
                log.trace("ApprovalRequest has a requestAdmin token of type: " + this.requestAdmin.getClass().getName());
            }
            if (this.requestAdmin instanceof LocalJvmOnlyAuthenticationToken) {
                if (log.isTraceEnabled()) {
                    log.trace("It was a LocalJvmOnlyAuthenticationToken so we will re-init it with local random token.");
                }
                this.requestAdmin.initRandomToken();
            } else if (this.requestAdmin instanceof CliAuthenticationToken) {
                CliAuthenticationTokenReferenceRegistry.INSTANCE.registerToken((CliAuthenticationToken) this.requestAdmin);
            }
            this.requestSignature = (String) objectInput.readObject();
            this.approvalRequestType = objectInput.readInt();
            this.numOfRequiredApprovals = objectInput.readInt();
            this.cAId = objectInput.readInt();
            this.endEntityProfileId = objectInput.readInt();
            this.approvalSteps = new boolean[objectInput.readInt()];
            for (int i2 = 0; i2 < this.approvalSteps.length; i2++) {
                this.approvalSteps[i2] = objectInput.readBoolean();
            }
        }
    }
}
