package com.venafi.vcert.sdk.policy.converter.cloud;

import com.venafi.vcert.sdk.certificate.KeySize;
import com.venafi.vcert.sdk.certificate.KeyType;
import com.venafi.vcert.sdk.connectors.cloud.CloudConstants;
import com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate;
import com.venafi.vcert.sdk.policy.api.domain.CloudPolicy;
import com.venafi.vcert.sdk.policy.converter.FromPolicyConverter;
import com.venafi.vcert.sdk.policy.domain.Defaults;
import com.venafi.vcert.sdk.policy.domain.DefaultsSubject;
import com.venafi.vcert.sdk.policy.domain.Policy;
import com.venafi.vcert.sdk.policy.domain.PolicySpecification;
import com.venafi.vcert.sdk.policy.domain.PolicySpecificationConst;
import com.venafi.vcert.sdk.policy.domain.Subject;
import com.venafi.vcert.sdk.utils.VCertConstants;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Marker;

/* loaded from: input_file:WEB-INF/lib/vcert-java-0.9.3.jar:com/venafi/vcert/sdk/policy/converter/cloud/PolicyToCloudPolicyConverter.class */
public class PolicyToCloudPolicyConverter implements FromPolicyConverter<CloudPolicy> {
    public static PolicyToCloudPolicyConverter INSTANCE = new PolicyToCloudPolicyConverter();

    private PolicyToCloudPolicyConverter() {
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.venafi.vcert.sdk.policy.converter.FromPolicyConverter
    public CloudPolicy convertFromPolicy(PolicySpecification policySpecification) throws Exception {
        CloudPolicy cloudPolicy = new CloudPolicy();
        Policy policy = policySpecification.policy();
        CloudPolicy.CAInfo certAuthorityInfo = getCertAuthorityInfo(policy);
        cloudPolicy.caInfo(certAuthorityInfo);
        CertificateIssuingTemplate certificateIssuingTemplate = new CertificateIssuingTemplate();
        cloudPolicy.certificateIssuingTemplate(certificateIssuingTemplate);
        cloudPolicy.owners(policySpecification.users());
        certificateIssuingTemplate.certificateAuthority(certAuthorityInfo.caType());
        certificateIssuingTemplate.product(new CertificateIssuingTemplate.Product(certAuthorityInfo.caType(), certAuthorityInfo.vendorProductName(), getValidityPeriod(policy), null, null, null));
        String upperCase = certAuthorityInfo.caType().toUpperCase();
        boolean z = -1;
        switch (upperCase.hashCode()) {
            case -873578705:
                if (upperCase.equals(CloudConstants.ENTRUST_TYPE)) {
                    z = false;
                    break;
                }
                break;
            case 717429451:
                if (upperCase.equals(CloudConstants.DIGICERT_TYPE)) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                certificateIssuingTemplate.trackingData(CloudConstants.ENTRUST_DEFAULT_TRACKING_DATA);
                break;
            case true:
                CertificateIssuingTemplate.Product product = certificateIssuingTemplate.product();
                product.hashAlgorithm("SHA256");
                product.autoRenew(false);
                break;
        }
        List<String> convertDomainsToRegex = convertDomainsToRegex(policy);
        certificateIssuingTemplate.subjectCNRegexes(convertDomainsToRegex);
        if (policy == null || policy.subjectAltNames() == null || policy.subjectAltNames().dnsAllowed() == null) {
            certificateIssuingTemplate.sanDnsNameRegexes(convertDomainsToRegex);
        } else if (policy.subjectAltNames().dnsAllowed().booleanValue()) {
            certificateIssuingTemplate.sanDnsNameRegexes(convertDomainsToRegex);
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(PolicySpecificationConst.ALLOW_ALL);
        if (policy == null || policy.subject() == null) {
            certificateIssuingTemplate.subjectORegexes(arrayList);
            certificateIssuingTemplate.subjectOURegexes(arrayList);
            certificateIssuingTemplate.subjectLRegexes(arrayList);
            certificateIssuingTemplate.subjectSTRegexes(arrayList);
            certificateIssuingTemplate.subjectCValues(arrayList);
        } else {
            Subject subject = policy.subject();
            certificateIssuingTemplate.subjectORegexes((subject.orgs() == null || subject.orgs().length <= 0) ? arrayList : Arrays.asList(subject.orgs()));
            certificateIssuingTemplate.subjectOURegexes((subject.orgUnits() == null || subject.orgUnits().length <= 0) ? arrayList : Arrays.asList(subject.orgUnits()));
            certificateIssuingTemplate.subjectLRegexes((subject.localities() == null || subject.localities().length <= 0) ? arrayList : Arrays.asList(subject.localities()));
            certificateIssuingTemplate.subjectSTRegexes((subject.states() == null || subject.states().length <= 0) ? arrayList : Arrays.asList(subject.states()));
            certificateIssuingTemplate.subjectCValues((subject.countries() == null || subject.countries().length <= 0) ? arrayList : Arrays.asList(subject.countries()));
        }
        certificateIssuingTemplate.keyTypes(getKeyTypes(policy));
        certificateIssuingTemplate.keyReuse(Boolean.valueOf((policy == null || policy.keyPair() == null || policy.keyPair().reuseAllowed() == null) ? false : policy.keyPair().reuseAllowed().booleanValue()));
        Defaults defaults = policySpecification.defaults();
        if (defaults != null && defaults.subject() != null) {
            DefaultsSubject subject2 = defaults.subject();
            if (subject2.org() != null) {
                getRecommendedSettings(certificateIssuingTemplate).subjectOValue(subject2.org());
            }
            if (subject2.orgUnits() != null) {
                getRecommendedSettings(certificateIssuingTemplate).subjectOUValue(subject2.orgUnits()[0]);
            }
            if (subject2.locality() != null) {
                getRecommendedSettings(certificateIssuingTemplate).subjectLValue(subject2.locality());
            }
            if (subject2.state() != null) {
                getRecommendedSettings(certificateIssuingTemplate).subjectSTValue(subject2.state());
            }
            if (subject2.country() != null) {
                getRecommendedSettings(certificateIssuingTemplate).subjectCValue(subject2.country());
            }
        }
        if (defaults != null && defaults.keyPair() != null) {
            CertificateIssuingTemplate.AllowedKeyType defaultKeyType = getDefaultKeyType(defaults);
            CertificateIssuingTemplate.RecommendedSettingsKey recommendedSettingsKey = getRecommendedSettingsKey(certificateIssuingTemplate);
            recommendedSettingsKey.type(defaultKeyType.keyType());
            recommendedSettingsKey.length(defaultKeyType.keyLengths().get(0));
        }
        return cloudPolicy;
    }

    private CloudPolicy.CAInfo getCertAuthorityInfo(Policy policy) {
        return new CloudPolicy.CAInfo((policy == null || policy.certificateAuthority() == null) ? VCertConstants.CLOUD_DEFAULT_CA : policy.certificateAuthority());
    }

    private String getValidityPeriod(Policy policy) {
        return "P" + ((policy == null || policy.maxValidDays() == null || (policy.maxValidDays() != null && policy.maxValidDays().intValue() == 0)) ? 365 : policy.maxValidDays().intValue()) + "D";
    }

    private List<String> convertDomainsToRegex(Policy policy) {
        List<String> arrayList;
        if (policy == null || policy.domains() == null || policy.domains().length <= 0) {
            arrayList = new ArrayList();
            arrayList.add(PolicySpecificationConst.ALLOW_ALL);
        } else {
            arrayList = convertToRegex(policy.domains(), (policy == null || policy.wildcardAllowed() == null) ? false : policy.wildcardAllowed().booleanValue());
        }
        return arrayList;
    }

    private List<String> convertToRegex(String[] strArr, boolean z) {
        ArrayList arrayList = new ArrayList();
        for (String str : strArr) {
            arrayList.add(String.format("[%sa-z]{1}[a-z0-9.-]*\\.", z ? Marker.ANY_MARKER : "") + StringUtils.replace(str, ".", "\\."));
        }
        return arrayList;
    }

    private List<CertificateIssuingTemplate.AllowedKeyType> getKeyTypes(Policy policy) {
        ArrayList arrayList = new ArrayList();
        String cloudDefaultKeyType = getCloudDefaultKeyType();
        List<Integer> cloudDefaultKeySizes = getCloudDefaultKeySizes();
        if (policy != null && policy.keyPair() != null) {
            if (policy.keyPair().keyTypes()[0] != null) {
                cloudDefaultKeyType = policy.keyPair().keyTypes()[0].toUpperCase();
            }
            if (policy.keyPair().rsaKeySizes() != null) {
                cloudDefaultKeySizes = Arrays.asList(policy.keyPair().rsaKeySizes());
            }
        }
        arrayList.add(new CertificateIssuingTemplate.AllowedKeyType(cloudDefaultKeyType, cloudDefaultKeySizes));
        return arrayList;
    }

    private CertificateIssuingTemplate.AllowedKeyType getDefaultKeyType(Defaults defaults) {
        String cloudDefaultKeyType = getCloudDefaultKeyType();
        List<Integer> cloudDefaultKeySizes = getCloudDefaultKeySizes();
        if (defaults != null && defaults.keyPair() != null) {
            if (defaults.keyPair().keyType() != null) {
                cloudDefaultKeyType = defaults.keyPair().keyType().toUpperCase();
            }
            if (defaults.keyPair().rsaKeySize() != null) {
                cloudDefaultKeySizes = Arrays.asList(defaults.keyPair().rsaKeySize());
            }
        }
        return new CertificateIssuingTemplate.AllowedKeyType(cloudDefaultKeyType, cloudDefaultKeySizes);
    }

    private String getCloudDefaultKeyType() {
        return KeyType.RSA.value().toUpperCase();
    }

    private List<Integer> getCloudDefaultKeySizes() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(Integer.valueOf(KeySize.KS2048.value()));
        return arrayList;
    }

    private CertificateIssuingTemplate.RecommendedSettings getRecommendedSettings(CertificateIssuingTemplate certificateIssuingTemplate) {
        if (certificateIssuingTemplate.recommendedSettings() == null) {
            certificateIssuingTemplate.recommendedSettings(new CertificateIssuingTemplate.RecommendedSettings());
        }
        return certificateIssuingTemplate.recommendedSettings();
    }

    private CertificateIssuingTemplate.RecommendedSettingsKey getRecommendedSettingsKey(CertificateIssuingTemplate certificateIssuingTemplate) {
        CertificateIssuingTemplate.RecommendedSettingsKey key = getRecommendedSettings(certificateIssuingTemplate).key();
        if (key == null) {
            key = new CertificateIssuingTemplate.RecommendedSettingsKey();
            getRecommendedSettings(certificateIssuingTemplate).key(key);
        }
        return key;
    }
}
