package com.xdja.pki.ca.certmanager.web.subSystem;

import com.xdja.pki.ca.auth.annotation.AuditSign;
import com.xdja.pki.ca.auth.service.bean.AuditSignBean;
import com.xdja.pki.ca.certmanager.service.racert.RaManagerCertService;
import com.xdja.pki.ca.certmanager.service.racert.bean.RevokeCertVO;
import com.xdja.pki.ca.certmanager.service.subsystem.SubSystemService;
import com.xdja.pki.ca.certmanager.service.subsystem.bean.SubSystemCertVO;
import com.xdja.pki.ca.certmanager.service.subsystem.bean.SubSystemVO;
import com.xdja.pki.ca.core.Constants;
import com.xdja.pki.ca.core.ca.util.gm.cert.CertUtil;
import com.xdja.pki.ca.core.common.ErrorBean;
import com.xdja.pki.ca.core.common.ErrorEnum;
import com.xdja.pki.ca.core.common.Result;
import com.xdja.pki.ca.core.enums.CertStatusEnum;
import com.xdja.pki.ca.core.enums.DeviceTypeEnum;
import com.xdja.pki.ca.core.util.CertUtils;
import com.xdja.pki.ca.securityaudit.service.bean.AuditLogOperatorTypeEnum;
import com.xdja.pki.ca.securityaudit.service.bean.AuditLogResultEnum;
import com.xdja.pki.ca.securityaudit.service.log.AuditLogService;
import com.xdja.pki.ca.securitymanager.service.vo.InitAlgInfoVO;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.HashMap;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.multipart.MultipartFile;

@RestController
/* loaded from: input_file:com/xdja/pki/ca/certmanager/web/subSystem/SubSystemController.class */
public class SubSystemController {
    private Logger logger = LoggerFactory.getLogger(getClass());

    @Autowired
    private SubSystemService subSystemService;

    @Autowired
    private RaManagerCertService raManagerCertService;

    @Autowired
    private AuditLogService auditLogService;

    @RequestMapping(value = {"/v1/subSystem/cert/list"}, method = {RequestMethod.GET})
    public Object getSubSystemList(SubSystemVO subSystemVO, HttpServletResponse httpServletResponse) {
        this.logger.debug("收到获取CA子系统列表请求[{}]", subSystemVO);
        if (null == subSystemVO || ((null != subSystemVO.getStatus() && StringUtils.isBlank(CertStatusEnum.getCertStatus(subSystemVO.getStatus().intValue()))) || (null != subSystemVO.getDeviceType() && StringUtils.isBlank(DeviceTypeEnum.getDeviceType(subSystemVO.getDeviceType().intValue()))))) {
            this.logger.debug("分页查询CA子系统列表时请求参数非法[{}]", subSystemVO);
            return ErrorEnum.ILLEGAL_REQUEST_PARAMETER.resp(httpServletResponse);
        }
        try {
            return this.subSystemService.getSubSystemList(subSystemVO);
        } catch (Exception e) {
            this.logger.error("分页查询CA子系统数据失败", e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/ca/subSystem/cert"}, method = {RequestMethod.POST})
    @AuditSign
    public Object issueSubSystemCert(@RequestBody SubSystemCertVO subSystemCertVO, HttpServletResponse httpServletResponse, AuditSignBean auditSignBean) {
        int i;
        this.logger.info("收到CA子系统证书签发请求[{}]", subSystemCertVO);
        if (StringUtils.isBlank(subSystemCertVO.getDn()) || StringUtils.isBlank(subSystemCertVO.getP10()) || StringUtils.isBlank(subSystemCertVO.getSubjectPublicKeyInfo()) || null == subSystemCertVO.getDeviceType() || StringUtils.isBlank(DeviceTypeEnum.getDeviceType(subSystemCertVO.getDeviceType().intValue())) || null == subSystemCertVO.getMaxValidity()) {
            this.logger.debug("签发CA子系统证书请求参数非法[{}]", subSystemCertVO);
            return ErrorEnum.ILLEGAL_REQUEST_PARAMETER.resp(httpServletResponse);
        }
        try {
            Result result = (Result) this.subSystemService.doIssueSubSystemCert(subSystemCertVO);
            this.logger.info("CA子系统证书签发请求处理完成[{}]", result);
            StringBuffer stringBuffer = new StringBuffer();
            if (result.isSuccess()) {
                i = AuditLogResultEnum.SUCCESS.id;
                stringBuffer.append("CA子系统证书签发成功,证书DN=").append(subSystemCertVO.getDn()).append(",证书SN=").append(result.getAuditContent()).append(",证书类型=").append(DeviceTypeEnum.getDeviceType(subSystemCertVO.getDeviceType().intValue()));
            } else {
                i = AuditLogResultEnum.FAIL.id;
                stringBuffer.append("CA子系统证书签发失败,证书DN=").append(subSystemCertVO.getDn()).append(",证书SN=").append(result.getAuditContent()).append(",证书类型=").append(DeviceTypeEnum.getDeviceType(subSystemCertVO.getDeviceType().intValue()));
            }
            this.logger.info(stringBuffer.toString());
            try {
                if (!this.auditLogService.save(AuditLogOperatorTypeEnum.CERT_SIGN.type, stringBuffer.toString(), i, auditSignBean.getSign())) {
                    this.logger.error("记录CA子系统证书签发审计日志失败");
                }
            } catch (Exception e) {
                this.logger.error("记录CA子系统证书签发审计日志失败", e);
            }
            return result.isSuccess() ? result.getInfo() : result.getError().resp(httpServletResponse);
        } catch (Exception e2) {
            this.logger.error("签发CA子系统证书失败", e2);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/cert/p10"}, method = {RequestMethod.POST})
    public Object uploadP10(HttpServletResponse httpServletResponse, @RequestParam("p10") MultipartFile multipartFile) {
        if (0 == multipartFile.getSize()) {
            this.logger.debug("p10文件为空");
            return ErrorEnum.MISSING_REQUIRED_PARAMETERS.resp(httpServletResponse);
        }
        BufferedReader bufferedReader = null;
        InputStream inputStream = null;
        try {
            try {
                InputStream inputStream2 = multipartFile.getInputStream();
                BufferedReader bufferedReader2 = new BufferedReader(new InputStreamReader(inputStream2));
                try {
                    CertUtil.getPublicKeyFromP10(new String(multipartFile.getBytes()));
                    HashMap hashMap = new HashMap();
                    hashMap.put("p10", new String(multipartFile.getBytes()));
                    hashMap.put("dn", CertUtil.getDnFromP10(new String(multipartFile.getBytes())));
                    if (null != inputStream2) {
                        try {
                            inputStream2.close();
                        } catch (IOException e) {
                            e.printStackTrace();
                        }
                    }
                    if (null != bufferedReader2) {
                        try {
                            bufferedReader2.close();
                        } catch (IOException e2) {
                            e2.printStackTrace();
                        }
                    }
                    return hashMap;
                } catch (Exception e3) {
                    this.logger.error("p10格式错误，解析公钥失败", e3);
                    ErrorBean resp = ErrorEnum.P10_FORMAT_ERROR.resp(httpServletResponse);
                    if (null != inputStream2) {
                        try {
                            inputStream2.close();
                        } catch (IOException e4) {
                            e4.printStackTrace();
                        }
                    }
                    if (null != bufferedReader2) {
                        try {
                            bufferedReader2.close();
                        } catch (IOException e5) {
                            e5.printStackTrace();
                        }
                    }
                    return resp;
                }
            } catch (Exception e6) {
                this.logger.error("解析P10失败", e6);
                ErrorBean resp2 = ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
                if (0 != 0) {
                    try {
                        inputStream.close();
                    } catch (IOException e7) {
                        e7.printStackTrace();
                    }
                }
                if (0 != 0) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e8) {
                        e8.printStackTrace();
                    }
                }
                return resp2;
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    inputStream.close();
                } catch (IOException e9) {
                    e9.printStackTrace();
                }
            }
            if (0 != 0) {
                try {
                    bufferedReader.close();
                } catch (IOException e10) {
                    e10.printStackTrace();
                }
            }
            throw th;
        }
    }

    @RequestMapping(value = {"/v1/cert/pem"}, method = {RequestMethod.POST})
    public Object uploadPem(HttpServletResponse httpServletResponse, @RequestParam("pem") MultipartFile multipartFile) {
        if (0 == multipartFile.getSize()) {
            this.logger.debug("pem文件为空");
            return ErrorEnum.ILLEGAL_REQUEST_PARAMETER.resp(httpServletResponse);
        }
        BufferedReader bufferedReader = null;
        InputStream inputStream = null;
        StringBuffer stringBuffer = new StringBuffer();
        try {
            try {
                inputStream = multipartFile.getInputStream();
                bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    stringBuffer.append(readLine);
                }
                CertUtil.getPublicKeyBySubjectKeyInfo(Constants.BASE_ALG_TYPE, stringBuffer.toString());
                String removePemTag = CertUtils.removePemTag(stringBuffer.toString());
                this.logger.debug("pem解析结果：" + removePemTag);
                HashMap hashMap = new HashMap();
                hashMap.put("subjectPublicKeyInfo", removePemTag);
                if (null != bufferedReader) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }
                if (null != inputStream) {
                    try {
                        inputStream.close();
                    } catch (IOException e2) {
                        e2.printStackTrace();
                    }
                }
                return hashMap;
            } catch (Throwable th) {
                if (null != bufferedReader) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e3) {
                        e3.printStackTrace();
                    }
                }
                if (null != inputStream) {
                    try {
                        inputStream.close();
                    } catch (IOException e4) {
                        e4.printStackTrace();
                    }
                }
                throw th;
            }
        } catch (Exception e5) {
            this.logger.error(String.format("加密公钥格式错误，解析公钥失败%s", stringBuffer.toString()), e5);
            ErrorBean resp = ErrorEnum.PEM_FORMAT_ERROR.resp(httpServletResponse);
            if (null != bufferedReader) {
                try {
                    bufferedReader.close();
                } catch (IOException e6) {
                    e6.printStackTrace();
                }
            }
            if (null != inputStream) {
                try {
                    inputStream.close();
                } catch (IOException e7) {
                    e7.printStackTrace();
                }
            }
            return resp;
        }
    }

    @RequestMapping(value = {"/v1/cert/issue/algInfo/{type}"}, method = {RequestMethod.GET})
    public Object getCertIssueAlgInfo(HttpServletResponse httpServletResponse, @PathVariable Integer num) {
        this.logger.info("收到获取证书签发时算法基本信息请求[{}]", num);
        try {
            InitAlgInfoVO certIssueAlgInfo = this.subSystemService.getCertIssueAlgInfo(num);
            this.logger.info("获取证书签发时算法基本信息请求处理成功[{}]", certIssueAlgInfo);
            return certIssueAlgInfo;
        } catch (Exception e) {
            this.logger.error("获取证书签发时算法信息失败", e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/ca/subSystem/cert"}, method = {RequestMethod.DELETE})
    @AuditSign
    public Object deleteRaAdminCert(HttpServletResponse httpServletResponse, @RequestBody RevokeCertVO revokeCertVO, AuditSignBean auditSignBean) {
        int i;
        this.logger.info("收到CA子系统证书撤销请求[{}]", revokeCertVO);
        if (StringUtils.isBlank(revokeCertVO.getSn()) || null == revokeCertVO.getAlg() || null == revokeCertVO.getRevokeReason()) {
            this.logger.debug("撤销证书出现非法参数[{}]", revokeCertVO);
            return ErrorEnum.ILLEGAL_REQUEST_PARAMETER.resp(httpServletResponse);
        }
        try {
            Result deleteRaManagerCert = this.raManagerCertService.deleteRaManagerCert(revokeCertVO);
            this.logger.info("CA子系统证书撤销请求处理完成[{}]", deleteRaManagerCert);
            StringBuffer stringBuffer = new StringBuffer();
            if (deleteRaManagerCert.isSuccess()) {
                i = AuditLogResultEnum.SUCCESS.id;
                stringBuffer.append("撤销CA子系统证书成功,证书DN=").append(deleteRaManagerCert.getAuditContent()).append(",证书SN=").append(revokeCertVO.getSn()).append(",撤销原因=").append(revokeCertVO.getRevokeReason()).append(",撤销理由=").append(revokeCertVO.getRevokeNote());
            } else {
                i = AuditLogResultEnum.FAIL.id;
                stringBuffer.append("撤销CA子系统证书失败,证书DN=").append(deleteRaManagerCert.getAuditContent()).append(",证书SN=").append(revokeCertVO.getSn()).append(",撤销原因=").append(revokeCertVO.getRevokeReason()).append(",撤销理由=").append(revokeCertVO.getRevokeNote());
            }
            this.logger.info(stringBuffer.toString());
            try {
                if (!this.auditLogService.save(AuditLogOperatorTypeEnum.CERT_REVOKED.type, stringBuffer.toString(), i, auditSignBean.getSign())) {
                    this.logger.error("记录撤销CA子系统证书审计日志失败");
                }
            } catch (Exception e) {
                this.logger.error("记录撤销CA子系统证书审计日志失败", e);
            }
            return deleteRaManagerCert.isSuccess() ? deleteRaManagerCert.getInfo() : deleteRaManagerCert.getError().resp(httpServletResponse);
        } catch (Exception e2) {
            this.logger.error("签发RA管理员证书失败", e2);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }
}
