from typing import List

from cryptography import x509
from cryptography.hazmat.backends import default_backend

from crowdtls.db import CertificateChain


def decode_der(raw_der_certificate: List[int]) -> CertificateChain:
    # Convert list of integers to bytes
    der_cert_bytes = bytes(raw_der_certificate)

    # Parse the DER certificate
    cert = x509.load_der_x509_certificate(der_cert_bytes, default_backend())

    certificate_chain = CertificateChain(
        raw_der_certificate=der_cert_bytes,
        version=cert.version.value,
        serial_number=cert.serial_number,
        signature=cert.signature,
        issuer=cert.issuer.rfc4514_string(),
        validity={"not_valid_before": cert.not_valid_before, "not_valid_after": cert.not_valid_after},
        subject=cert.subject.rfc4514_string(),
        subject_public_key_info=cert.public_key().public_bytes(),
        issuer_unique_id=cert.issuer_unique_id,
        subject_unique_id=cert.subject_unique_id,
        extensions=[str(ext) for ext in cert.extensions],
    )

    return certificate_chain