package com.xdja.pams.scms.service.impl;

import com.xdja.pams.bims.entity.Person;
import com.xdja.pams.bims.service.UserManageService;
import com.xdja.pams.common.bean.ReturnResult;
import com.xdja.pams.common.commonconst.MessageKey;
import com.xdja.pams.common.commonconst.PamsConst;
import com.xdja.pams.common.util.Base64Encrypt;
import com.xdja.pams.common.util.MessageManager;
import com.xdja.pams.scms.bean.DInfo;
import com.xdja.pams.scms.entity.Device;
import com.xdja.pams.scms.entity.TerminalLog;
import com.xdja.pams.scms.service.DeviceService;
import com.xdja.pams.scms.service.TerminalLogService;
import com.xdja.pams.scms.service.TerminalReportService;
import com.xdja.pams.scms.service.WriteOfflineService;
import com.xdja.pams.syms.service.SystemConfigService;
import com.xdja.pams.webservice.client.CommonDClient;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.ECGenParameterSpec;
import java.util.Date;
import org.apache.log4j.Logger;
import org.bouncycastle.asn1.sm2.SM2ObjectIdentifiers;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.support.ResourceBundleMessageSource;
import org.springframework.stereotype.Service;
import org.springframework.web.context.ContextLoader;

@Service
/* loaded from: input_file:com/xdja/pams/scms/service/impl/WriteOfflineServiceImpl.class */
public class WriteOfflineServiceImpl implements WriteOfflineService {

    @Autowired
    SystemConfigService systemConfigService;

    @Autowired
    DeviceService deviceService;

    @Autowired
    UserManageService userManagerService;

    @Autowired
    private TerminalLogService terminalLogService;

    @Autowired
    private TerminalReportService terminalReportService;

    @Autowired
    private ResourceBundleMessageSource message;
    private static Logger log = Logger.getLogger(WriteOfflineServiceImpl.class);

    @Override // com.xdja.pams.scms.service.WriteOfflineService
    public ReturnResult writeOffline(String str, String str2, String str3) throws Exception {
        String str4;
        String str5;
        Device device = this.deviceService.get(str);
        DInfo dInfoByYYS = this.systemConfigService.getDInfoByYYS(device.getCommType(), str3);
        ReturnResult returnResult = new ReturnResult();
        if (dInfoByYYS == null) {
            throw new Exception(MessageManager.getProMessage(this.message, MessageKey.SCMS_D_CONFING_ERROR));
        }
        if (!PamsConst.D_TYPE_NEW.equals(dInfoByYYS.getType())) {
            throw new Exception(MessageManager.getProMessage(this.message, MessageKey.SCMS_DEVICE_WRITEOFFLINE_OLD_D));
        }
        Person queryPersonById = this.userManagerService.queryPersonById(device.getPersonId());
        boolean equals = "1".equals(dInfoByYYS.getIsSM2());
        KeyPair createKeypairSM2 = equals ? createKeypairSM2() : createKeypair();
        PublicKey publicKey = createKeypairSM2.getPublic();
        PrivateKey privateKey = createKeypairSM2.getPrivate();
        byte[] encoded = publicKey.getEncoded();
        byte[] bArr = new byte[128];
        int i = 0;
        if (!equals) {
            for (int length = encoded.length - 133; length < encoded.length - 5; length++) {
                bArr[i] = encoded[length];
                i++;
            }
        }
        String encodeStr = equals ? new Base64Encrypt().encodeStr(encoded) : new Base64Encrypt().encodeStr(bArr);
        if (equals) {
            str4 = PamsConst.D_VERSION_SM2;
            str5 = "2".equals(dInfoByYYS.getAlgType()) ? "2.0" : "1.0";
        } else {
            str4 = "2.0";
            str5 = "admin";
        }
        String certIssue = ("2".equals(str3) || !"1".equals(this.systemConfigService.getValueByCode(PamsConst.SYSCONF_ENAAS_USE))) ? CommonDClient.certIssue(dInfoByYYS.getUrl(), str4, "4", queryPersonById.getCode(), encodeStr, str5, dInfoByYYS.getDevCardNo(), dInfoByYYS.getDevPassword()) : CommonDClient.certIssueRA(dInfoByYYS.getUrl(), str4, "4", queryPersonById.getCode(), encodeStr, str5, dInfoByYYS.getDevCardNo(), dInfoByYYS.getDevPassword(), device.getEnaasUserId(), this.systemConfigService.getValueByCode(PamsConst.SYSCONF_ENAAS_SYSID));
        if (certIssue.length() < 10) {
            throw new Exception(MessageManager.getProMessage(this.message, MessageKey.SCMS_DEVICE_WRITEOFFLINE_GETCERT_FAIL) + PamsConst.STR_COLON + DInfo.getCertIssueErr(certIssue));
        }
        String b64toString = b64toString(certIssue);
        if (!getPFXCert(str2, queryPersonById.getCode(), privateKey, b64toString)) {
            throw new Exception(MessageManager.getProMessage(this.message, MessageKey.SCMS_DEVICE_WRITEOFFLINE_GETCERT_FAIL));
        }
        try {
            device.setHardNo(queryPersonById.getCode());
            device.setIccid(queryPersonById.getCode());
            device.setSn(DInfo.getSN(certIssue));
            device.setAlgType(dInfoByYYS.getAlgType());
            device.setState("3");
            device.setWriteCardDate(new Date());
            device.setOpenDate(new Date());
            device.setCertificate(b64toString);
            this.deviceService.update(device);
            TerminalLog cvsDeviceToTerminalLog = this.deviceService.cvsDeviceToTerminalLog(device, "0");
            this.terminalLogService.save(cvsDeviceToTerminalLog);
            try {
                this.terminalReportService.report(cvsDeviceToTerminalLog);
            } catch (Exception e) {
                log.error("级联监控日志上报失败", e);
            }
            returnResult.setRtnCode("0");
            returnResult.setRtnMsg(MessageManager.getProMessage(this.message, MessageKey.SCMS_DEVICE_WRITEOFFLINE_SUCCESS));
            return returnResult;
        } catch (Exception e2) {
            log.error("离线写卡证书生成成功，更新数据库失败", e2);
            String certRevoke = CommonDClient.certRevoke(dInfoByYYS.getUrl(), str4, "4", device.getHardNo(), str5, dInfoByYYS.getDevCardNo(), dInfoByYYS.getDevPassword());
            if ("1".equals(returnResult)) {
                log.error("离线写卡证书生成成功，更新数据库失败，撤销证书成功");
            } else {
                log.error("离线写卡证书生成成功，更新数据库失败，撤销证书失败：" + DInfo.getCertRevoke(certRevoke));
            }
            throw new Exception(MessageManager.getProMessage(this.message, MessageKey.SCMS_DEVICE_WRITEOFFLINE_ERROR));
        }
    }

    private KeyPair createKeypairSM2() throws Exception {
        Security.addProvider(new BouncyCastleProvider());
        SecureRandom secureRandom = new SecureRandom();
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECSM2", "BC");
            keyPairGenerator.initialize(new ECGenParameterSpec(SM2ObjectIdentifiers.sm2256.getId()), secureRandom);
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new Exception("创建基于SM2算法的公私钥对失败");
        }
    }

    private KeyPair createKeypair() throws Exception {
        try {
            return KeyPairGenerator.getInstance("RSA").generateKeyPair();
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new Exception("创建基于RSA算法的公私钥对失败");
        }
    }

    private boolean getPFXCert(String str, String str2, PrivateKey privateKey, String str3) {
        Security.addProvider(new BouncyCastleProvider());
        char[] charArray = str.toCharArray();
        Certificate[] certificateArr = new Certificate[1];
        try {
            certificateArr[0] = (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(new Base64Encrypt().decode(str3)));
            KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");
            keyStore.load(null, null);
            keyStore.setKeyEntry("firefighter", privateKey, charArray, certificateArr);
            String str4 = ContextLoader.getCurrentWebApplicationContext().getServletContext().getRealPath("/") + PamsConst.PATH_WRITEOFFLINE_CERTUSER + File.separator + str2 + PamsConst.CERT_EXTENSIONNAME;
            log.info("证书路径:" + str4);
            try {
                FileOutputStream fileOutputStream = new FileOutputStream(str4);
                keyStore.store(fileOutputStream, charArray);
                fileOutputStream.close();
                return true;
            } catch (Exception e) {
                log.error("输出pfx证书出错", e);
                return false;
            }
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            return false;
        }
    }

    private String getSN(String str) {
        String str2 = "";
        try {
            str2 = ((X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(str.getBytes()))).getSerialNumber().toString(16);
        } catch (NoSuchProviderException e) {
            log.error(e.getMessage(), e);
        } catch (CertificateException e2) {
            log.error(e2.getMessage(), e2);
        }
        return str2;
    }

    public String b64toString(String str) {
        String str2 = "";
        String[] split = str.split("\n");
        if (split.length > 2) {
            for (int i = 1; i < split.length - 1; i++) {
                str2 = str2 + split[i];
            }
        }
        return str2;
    }

    public SystemConfigService getSystemConfigService() {
        return this.systemConfigService;
    }

    public void setSystemConfigService(SystemConfigService systemConfigService) {
        this.systemConfigService = systemConfigService;
    }

    public DeviceService getDeviceService() {
        return this.deviceService;
    }

    public void setDeviceService(DeviceService deviceService) {
        this.deviceService = deviceService;
    }

    public UserManageService getUserManagerService() {
        return this.userManagerService;
    }

    public void setUserManagerService(UserManageService userManageService) {
        this.userManagerService = userManageService;
    }

    public TerminalLogService getTerminalLogService() {
        return this.terminalLogService;
    }

    public void setTerminalLogService(TerminalLogService terminalLogService) {
        this.terminalLogService = terminalLogService;
    }

    public TerminalReportService getTerminalReportService() {
        return this.terminalReportService;
    }

    public void setTerminalReportService(TerminalReportService terminalReportService) {
        this.terminalReportService = terminalReportService;
    }
}
