package com.xdja.pki.ca.securitymanager.web;

import com.xdja.pki.ca.auth.annotation.AuditSign;
import com.xdja.pki.ca.auth.service.bean.AuditSignBean;
import com.xdja.pki.ca.core.Constants;
import com.xdja.pki.ca.core.common.ConfigUtil;
import com.xdja.pki.ca.core.common.ErrorEnum;
import com.xdja.pki.ca.core.common.Result;
import com.xdja.pki.ca.core.configBasic.bean.HsmCertNameBean;
import com.xdja.pki.ca.core.configBasic.bean.KmConfigBean;
import com.xdja.pki.ca.core.exception.ServiceException;
import com.xdja.pki.ca.core.util.CertUtils;
import com.xdja.pki.ca.crl.util.CrlThreadUtil;
import com.xdja.pki.ca.hsm.manager.HsmManager;
import com.xdja.pki.ca.securityaudit.service.bean.AuditLogOperatorTypeEnum;
import com.xdja.pki.ca.securityaudit.service.bean.AuditLogResultEnum;
import com.xdja.pki.ca.securityaudit.service.log.AuditLogService;
import com.xdja.pki.ca.securitymanager.service.init.InitService;
import com.xdja.pki.ca.securitymanager.service.init.SystemConfigService;
import com.xdja.pki.ca.securitymanager.service.vo.AlgTypeEnum;
import com.xdja.pki.ca.securitymanager.service.vo.CreateP10VO;
import com.xdja.pki.ca.securitymanager.service.vo.CrlConfigVO;
import com.xdja.pki.ca.securitymanager.service.vo.LdapConfigVO;
import com.xdja.pki.ca.securitymanager.service.vo.OcspConfigVO;
import java.io.FileInputStream;
import java.util.Map;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.env.Environment;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.multipart.MultipartFile;

@RestController
/* loaded from: input_file:WEB-INF/classes/com/xdja/pki/ca/securitymanager/web/SystemConfigController.class */
public class SystemConfigController {
    private Logger logger = LoggerFactory.getLogger(getClass());

    @Autowired
    private SystemConfigService systemConfigService;

    @Autowired
    private Environment environment;

    @Autowired
    private HsmManager hsmService;

    @Autowired
    private InitService initService;

    @Autowired
    private AuditLogService auditLogService;

    @Autowired
    private CrlThreadUtil crlThreadUtil;

    @RequestMapping(value = {"/v1/config/base"}, method = {RequestMethod.GET})
    public Object getBaseConfig(HttpServletResponse httpServletResponse) {
        try {
            Result baseConfig = this.systemConfigService.getBaseConfig();
            return !baseConfig.isSuccess() ? baseConfig.getError().resp(httpServletResponse) : baseConfig.getInfo();
        } catch (Exception e) {
            this.logger.error("获取基本配置信息出现异常", (Throwable) e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/init/config/ldap"}, method = {RequestMethod.POST})
    public Object saveLdapConfig(HttpServletResponse httpServletResponse, @RequestBody LdapConfigVO ldapConfigVO) {
        try {
            if (ConfigUtil.verifyCurInitStep(this.environment, 6)) {
                Result saveLdapConfig = this.systemConfigService.saveLdapConfig(ldapConfigVO);
                return !saveLdapConfig.isSuccess() ? saveLdapConfig.getError().resp(httpServletResponse) : Result.success();
            }
            this.logger.debug("当前步骤错误，服务器当前初始化步骤为：" + ConfigUtil.getCurrInitStep(this.environment));
            return Result.failure(ErrorEnum.INIT_STEP_ERROR);
        } catch (Exception e) {
            this.logger.error("保存ldap配置信息出现异常", (Throwable) e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/config/ldap"}, method = {RequestMethod.POST})
    @AuditSign
    public Object saveConfigLdap(HttpServletResponse httpServletResponse, @RequestBody LdapConfigVO ldapConfigVO, AuditSignBean auditSignBean) {
        int i;
        if (StringUtils.isBlank(ldapConfigVO.getMasterURL()) || StringUtils.isBlank(ldapConfigVO.getSlaveURL())) {
            this.logger.debug("保存ldap配置信息出现空参数：" + ldapConfigVO);
            return ErrorEnum.MISSING_REQUIRED_PARAMETERS.resp(httpServletResponse);
        }
        StringBuffer stringBuffer = new StringBuffer();
        try {
            Result saveLdapConfig = this.systemConfigService.saveLdapConfig(ldapConfigVO);
            if (saveLdapConfig.isSuccess()) {
                i = AuditLogResultEnum.SUCCESS.id;
                stringBuffer.append("LDAP服务器配置成功,主目录服务器URL=").append(ldapConfigVO.getMasterURL()).append(",从目录服务器URL=").append(ldapConfigVO.getSlaveURL());
            } else {
                i = AuditLogResultEnum.FAIL.id;
                stringBuffer.append("LDAP服务器配置失败,主目录服务器URL=").append(ldapConfigVO.getMasterURL()).append(",从目录服务器URL=").append(ldapConfigVO.getSlaveURL());
            }
            this.logger.info(stringBuffer.toString());
            try {
                if (!this.auditLogService.save(AuditLogOperatorTypeEnum.SYSTEM_CONFIG_UPDATE.type, stringBuffer.toString(), i, auditSignBean.getSign())) {
                    this.logger.error("记录LDAP服务器配置审计日志失败");
                }
            } catch (Exception e) {
                this.logger.error("记录LDAP服务器配置审计日志失败", (Throwable) e);
            }
            return !saveLdapConfig.isSuccess() ? saveLdapConfig.getError().resp(httpServletResponse) : Result.success();
        } catch (Exception e2) {
            this.logger.error("保存ldap配置信息出现异常", (Throwable) e2);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/config/ldap"}, method = {RequestMethod.GET})
    public Object getLdapConfig(HttpServletResponse httpServletResponse) {
        try {
            Result ldapConfig = this.systemConfigService.getLdapConfig();
            return !ldapConfig.isSuccess() ? ldapConfig.getError().resp(httpServletResponse) : ldapConfig.getInfo();
        } catch (Exception e) {
            this.logger.error("获取ldap配置信息出现异常", (Throwable) e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/config/crl"}, method = {RequestMethod.GET})
    public Object getCrlConfig(HttpServletResponse httpServletResponse) {
        try {
            Result crlConfig = this.systemConfigService.getCrlConfig();
            return !crlConfig.isSuccess() ? crlConfig.getError().resp(httpServletResponse) : crlConfig.getInfo();
        } catch (Exception e) {
            this.logger.error("保存ldap配置信息出现异常", (Throwable) e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/init/config/crl"}, method = {RequestMethod.POST})
    public Object saveCrlConfig(HttpServletResponse httpServletResponse, @RequestBody CrlConfigVO crlConfigVO) {
        if (null == crlConfigVO.getCertCounts() || null == crlConfigVO.getReleaseCycle() || (crlConfigVO.isDelta() && null == crlConfigVO.getDeltaCrlCycle())) {
            this.logger.debug("保存crl配置信息出现空参数：" + crlConfigVO);
            return ErrorEnum.MISSING_REQUIRED_PARAMETERS.resp(httpServletResponse);
        }
        try {
            if (ConfigUtil.verifyCurInitStep(this.environment, 8)) {
                Result saveCrlConfig = this.systemConfigService.saveCrlConfig(crlConfigVO);
                return !saveCrlConfig.isSuccess() ? saveCrlConfig.getError().resp(httpServletResponse) : Result.success();
            }
            this.logger.debug("当前步骤错误，服务器当前初始化步骤为：" + ConfigUtil.getCurrInitStep(this.environment));
            return ErrorEnum.INIT_STEP_ERROR.resp(httpServletResponse);
        } catch (Exception e) {
            this.logger.error("保存crl配置信息出现异常", (Throwable) e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/config/crl"}, method = {RequestMethod.PUT})
    @AuditSign
    public Object updateConfigCrl(HttpServletResponse httpServletResponse, @RequestBody CrlConfigVO crlConfigVO, AuditSignBean auditSignBean) {
        int i;
        if (null == crlConfigVO.getCertCounts() || null == crlConfigVO.getReleaseCycle() || (crlConfigVO.isDelta() && null == crlConfigVO.getDeltaCrlCycle())) {
            this.logger.debug("保存crl配置信息出现空参数：" + crlConfigVO);
            return ErrorEnum.MISSING_REQUIRED_PARAMETERS.resp(httpServletResponse);
        }
        try {
            Result updateCrlConfig = this.systemConfigService.updateCrlConfig(crlConfigVO);
            Constants.IS_CRL_AGAIN_FIRST = true;
            if (crlConfigVO.isDelta()) {
                Constants.IS_DRL_AGAIN_FIRST = true;
            }
            this.crlThreadUtil.run(new String[0]);
            StringBuffer stringBuffer = new StringBuffer();
            if (updateCrlConfig.isSuccess()) {
                i = AuditLogResultEnum.SUCCESS.id;
                stringBuffer.append("CRL发布信息配置更新成功,CRL发布周期:").append(crlConfigVO.getReleaseCycle()).append(",是否发布增量CRL:").append(crlConfigVO.isDelta()).append(",增量CRL发布周期:").append(crlConfigVO.getDeltaCrlCycle());
            } else {
                i = AuditLogResultEnum.FAIL.id;
                stringBuffer.append("CRL发布信息配置更新失败,CRL发布周期:").append(crlConfigVO.getReleaseCycle()).append(",是否发布增量CRL:").append(crlConfigVO.isDelta()).append(",增量CRL发布周期:").append(crlConfigVO.getDeltaCrlCycle());
            }
            this.logger.info(stringBuffer.toString());
            try {
                if (!this.auditLogService.save(AuditLogOperatorTypeEnum.SYSTEM_CONFIG_UPDATE.type, stringBuffer.toString(), i, auditSignBean.getSign())) {
                    this.logger.error("记录CRL发布信息配置更新审计日志失败");
                }
            } catch (Exception e) {
                this.logger.error("记录CRL发布信息配置更新审计日志失败", (Throwable) e);
            }
            return !updateCrlConfig.isSuccess() ? updateCrlConfig.getError().resp(httpServletResponse) : Result.success();
        } catch (Exception e2) {
            this.logger.error("保存crl配置信息出现异常", (Throwable) e2);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/init/config/ocsp"}, method = {RequestMethod.POST})
    public Object saveOcspConfig(HttpServletResponse httpServletResponse, @RequestBody OcspConfigVO ocspConfigVO) {
        try {
            if (ConfigUtil.verifyCurInitStep(this.environment, 7)) {
                Result saveOcspConfig = this.systemConfigService.saveOcspConfig(ocspConfigVO);
                return !saveOcspConfig.isSuccess() ? saveOcspConfig.getError().resp(httpServletResponse) : Result.success();
            }
            this.logger.debug("当前步骤错误，服务器当前初始化步骤为：" + ConfigUtil.getCurrInitStep(this.environment));
            return ErrorEnum.INIT_STEP_ERROR.resp(httpServletResponse);
        } catch (Exception e) {
            this.logger.error("保存ldap配置信息出现异常", (Throwable) e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/config/ocsp"}, method = {RequestMethod.POST})
    @AuditSign
    public Object saveConfigOcsp(HttpServletResponse httpServletResponse, @RequestBody OcspConfigVO ocspConfigVO, AuditSignBean auditSignBean) {
        int i;
        if (StringUtils.isBlank(ocspConfigVO.getInterURL()) || StringUtils.isBlank(ocspConfigVO.getNetworkURL())) {
            this.logger.debug("保存ocsp配置信息出现空参数：" + ocspConfigVO);
            return ErrorEnum.MISSING_REQUIRED_PARAMETERS.resp(httpServletResponse);
        }
        try {
            Result saveOcspConfig = this.systemConfigService.saveOcspConfig(ocspConfigVO);
            StringBuffer stringBuffer = new StringBuffer();
            if (saveOcspConfig.isSuccess()) {
                i = AuditLogResultEnum.SUCCESS.id;
                stringBuffer.append("OCSP服务器配置成功,内网访问URL=").append(ocspConfigVO.getInterURL()).append(",外网访问URL=").append(ocspConfigVO.getNetworkURL());
            } else {
                i = AuditLogResultEnum.FAIL.id;
                stringBuffer.append("OCSP服务器配置失败,内网访问URL=").append(ocspConfigVO.getInterURL()).append(",外网访问URL=").append(ocspConfigVO.getNetworkURL());
            }
            this.logger.info(stringBuffer.toString());
            try {
                if (!this.auditLogService.save(AuditLogOperatorTypeEnum.SYSTEM_CONFIG_UPDATE.type, stringBuffer.toString(), i, auditSignBean.getSign())) {
                    this.logger.error("记录OCSP服务器配置审计日志失败");
                }
            } catch (Exception e) {
                this.logger.error("记录OCSP服务器配置审计日志失败", (Throwable) e);
            }
            return !saveOcspConfig.isSuccess() ? saveOcspConfig.getError().resp(httpServletResponse) : Result.success();
        } catch (Exception e2) {
            this.logger.error("保存ocsp配置信息出现异常", (Throwable) e2);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/config/ocsp"}, method = {RequestMethod.GET})
    public Object getOcspConfig(HttpServletResponse httpServletResponse) {
        try {
            Result ocspConfig = this.systemConfigService.getOcspConfig();
            return !ocspConfig.isSuccess() ? ocspConfig.getError().resp(httpServletResponse) : ocspConfig.getInfo();
        } catch (Exception e) {
            this.logger.error("保存ldap配置信息出现异常", (Throwable) e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/init/hsm"}, method = {RequestMethod.POST})
    public Object saveHsmConfig(HttpServletResponse httpServletResponse, @RequestParam("ip") String str, @RequestParam("port") Integer num, @RequestParam("signCert") MultipartFile multipartFile, @RequestParam("signCertPwd") String str2, @RequestParam("encCert") MultipartFile multipartFile2, @RequestParam("encCertPwd") String str3, @RequestParam("hsmCaChain") MultipartFile multipartFile3) {
        if (StringUtils.isBlank(str) || null == num || 0 == multipartFile.getSize() || 0 == multipartFile2.getSize() || StringUtils.isBlank(str2) || StringUtils.isBlank(str3) || 0 == multipartFile3.getSize()) {
            this.logger.debug("配置密码机出现空参数");
            return ErrorEnum.MISSING_REQUIRED_PARAMETERS.resp(httpServletResponse);
        }
        if (!ConfigUtil.verifyCurInitStep(this.environment, 2)) {
            this.logger.debug("保存密码机配置信息失败，当前初始化步骤为：1");
            return ErrorEnum.INIT_STEP_ERROR.resp(httpServletResponse);
        }
        try {
            HsmCertNameBean hsmCertNameBean = new HsmCertNameBean(str, num, str2, str3);
            hsmCertNameBean.setSignCert(CertUtils.getNameByPath(multipartFile.getOriginalFilename()));
            hsmCertNameBean.setEncCert(CertUtils.getNameByPath(multipartFile2.getOriginalFilename()));
            hsmCertNameBean.setHsmCaChain(CertUtils.getNameByPath(multipartFile3.getOriginalFilename()));
            Result testAndSaveHsmConfig = this.hsmService.testAndSaveHsmConfig(hsmCertNameBean, (FileInputStream) multipartFile.getInputStream(), (FileInputStream) multipartFile2.getInputStream(), (FileInputStream) multipartFile3.getInputStream());
            if (!testAndSaveHsmConfig.isSuccess()) {
                return testAndSaveHsmConfig.getError().resp(httpServletResponse);
            }
            Constants.CRYPT_DEVICE_TYPE = Constants.CRYPT_DEVICE_HSM;
            return this.initService.reportInitStep(2);
        } catch (Exception e) {
            this.logger.error("保存密码机配置出现异常", (Throwable) e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/init/hsm"}, method = {RequestMethod.DELETE})
    public Object deleteHsm(HttpServletResponse httpServletResponse) {
        if (ConfigUtil.verifyCurInitStep(this.environment, 2)) {
            Constants.CRYPT_DEVICE_TYPE = Constants.CRYPT_DEVICE_BC;
            return this.initService.reportInitStep(2);
        }
        this.logger.debug("保存密码机配置信息失败，当前初始化步骤为：1");
        return ErrorEnum.INIT_STEP_ERROR.resp(httpServletResponse);
    }

    @RequestMapping(value = {"/v1/init/hsm/status"}, method = {RequestMethod.POST})
    public Object testHsmConnect(HttpServletResponse httpServletResponse, @RequestParam("ip") String str, @RequestParam("port") Integer num, @RequestParam("signCert") MultipartFile multipartFile, @RequestParam("signCertPwd") String str2, @RequestParam("encCert") MultipartFile multipartFile2, @RequestParam("encCertPwd") String str3, @RequestParam("hsmCaChain") MultipartFile multipartFile3) {
        if (StringUtils.isBlank(str) || null == num || 0 == multipartFile.getSize() || 0 == multipartFile2.getSize() || StringUtils.isBlank(str2) || StringUtils.isBlank(str3) || 0 == multipartFile3.getSize()) {
            this.logger.debug("配置密码机出现空参数");
            return ErrorEnum.MISSING_REQUIRED_PARAMETERS.resp(httpServletResponse);
        }
        if (!ConfigUtil.verifyCurInitStep(this.environment, 2)) {
            this.logger.debug("测试密码机连通性失败，当前初始化步骤为：1");
            return ErrorEnum.INIT_STEP_ERROR.resp(httpServletResponse);
        }
        try {
            HsmCertNameBean hsmCertNameBean = new HsmCertNameBean(str, num, str2, str3);
            hsmCertNameBean.setSignCert(CertUtils.getNameByPath(multipartFile.getOriginalFilename()));
            hsmCertNameBean.setEncCert(CertUtils.getNameByPath(multipartFile2.getOriginalFilename()));
            hsmCertNameBean.setHsmCaChain(CertUtils.getNameByPath(multipartFile3.getOriginalFilename()));
            Result testAndSaveHsmConfig = this.hsmService.testAndSaveHsmConfig(hsmCertNameBean, (FileInputStream) multipartFile.getInputStream(), (FileInputStream) multipartFile2.getInputStream(), (FileInputStream) multipartFile3.getInputStream());
            return !testAndSaveHsmConfig.isSuccess() ? testAndSaveHsmConfig.getError().resp(httpServletResponse) : Result.success();
        } catch (Exception e) {
            this.logger.error("测试密码机连通性出现异常", (Throwable) e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/config/hsm/status"}, method = {RequestMethod.POST})
    public Object testConfigHsmConnect(HttpServletResponse httpServletResponse, @RequestParam("ip") String str, @RequestParam("port") Integer num, @RequestParam(value = "signCert", required = false) MultipartFile multipartFile, @RequestParam("signCertPwd") String str2, @RequestParam(value = "encCert", required = false) MultipartFile multipartFile2, @RequestParam("encCertPwd") String str3, @RequestParam(value = "hsmCaChain", required = false) MultipartFile multipartFile3) {
        if (StringUtils.isBlank(str) || null == num || StringUtils.isBlank(str3) || StringUtils.isBlank(str2)) {
            this.logger.debug("配置密码机出现空参数");
            return ErrorEnum.MISSING_REQUIRED_PARAMETERS.resp(httpServletResponse);
        }
        try {
            HsmCertNameBean hsmCertNameBean = new HsmCertNameBean(str, num, str2, str3);
            FileInputStream fileInputStream = null;
            FileInputStream fileInputStream2 = null;
            FileInputStream fileInputStream3 = null;
            if (null != multipartFile) {
                try {
                    if (0 != multipartFile.getSize()) {
                        hsmCertNameBean.setSignCert(CertUtils.getNameByPath(multipartFile.getOriginalFilename()));
                        fileInputStream = (FileInputStream) multipartFile.getInputStream();
                    }
                } catch (Exception e) {
                    throw new ServiceException("证书文件流异常", e);
                }
            }
            if (null != multipartFile2 && 0 != multipartFile2.getSize()) {
                hsmCertNameBean.setEncCert(CertUtils.getNameByPath(multipartFile2.getOriginalFilename()));
                fileInputStream2 = (FileInputStream) multipartFile2.getInputStream();
            }
            if (null != multipartFile3 && 0 != multipartFile3.getSize()) {
                hsmCertNameBean.setHsmCaChain(CertUtils.getNameByPath(multipartFile3.getOriginalFilename()));
                fileInputStream3 = (FileInputStream) multipartFile3.getInputStream();
            }
            Result testHsmConfig = this.hsmService.testHsmConfig(hsmCertNameBean, fileInputStream, fileInputStream2, fileInputStream3);
            return !testHsmConfig.isSuccess() ? testHsmConfig.getError().resp(httpServletResponse) : Result.success();
        } catch (Exception e2) {
            this.logger.error("测试密码机连通性出现异常", (Throwable) e2);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/config/hsm"}, method = {RequestMethod.POST})
    @AuditSign
    public Object updateConfigHsm(HttpServletResponse httpServletResponse, @RequestParam("ip") String str, @RequestParam("port") Integer num, @RequestParam(value = "signCert", required = false) MultipartFile multipartFile, @RequestParam("signCertPwd") String str2, @RequestParam(value = "encCert", required = false) MultipartFile multipartFile2, @RequestParam("encCertPwd") String str3, @RequestParam(value = "hsmCaChain", required = false) MultipartFile multipartFile3, AuditSignBean auditSignBean) {
        int i;
        if (StringUtils.isBlank(str) || null == num || StringUtils.isBlank(str3) || StringUtils.isBlank(str2)) {
            this.logger.debug("配置密码机出现空参数");
            return ErrorEnum.MISSING_REQUIRED_PARAMETERS.resp(httpServletResponse);
        }
        FileInputStream fileInputStream = null;
        FileInputStream fileInputStream2 = null;
        FileInputStream fileInputStream3 = null;
        try {
            HsmCertNameBean hsmCertNameBean = new HsmCertNameBean(str, num, str2, str3);
            if (null != multipartFile && 0 != multipartFile.getSize()) {
                fileInputStream = (FileInputStream) multipartFile.getInputStream();
                hsmCertNameBean.setSignCert(CertUtils.getNameByPath(multipartFile.getOriginalFilename()));
            }
            if (null != multipartFile2 && 0 != multipartFile2.getSize()) {
                fileInputStream2 = (FileInputStream) multipartFile2.getInputStream();
                hsmCertNameBean.setEncCert(CertUtils.getNameByPath(multipartFile2.getOriginalFilename()));
            }
            if (null != multipartFile3 && 0 != multipartFile3.getSize()) {
                fileInputStream3 = (FileInputStream) multipartFile3.getInputStream();
                hsmCertNameBean.setHsmCaChain(CertUtils.getNameByPath(multipartFile3.getOriginalFilename()));
            }
            Result testAndSaveHsmConfig = this.hsmService.testAndSaveHsmConfig(hsmCertNameBean, fileInputStream, fileInputStream2, fileInputStream3);
            StringBuffer stringBuffer = new StringBuffer();
            if (testAndSaveHsmConfig.isSuccess()) {
                i = AuditLogResultEnum.SUCCESS.id;
                stringBuffer.append("更新密码机配置成功,ip:").append(str).append(",port:").append(num).append(",signCertPwd:").append(str2).append(",encCertPwd").append(str3);
            } else {
                i = AuditLogResultEnum.FAIL.id;
                stringBuffer.append("更新密码机配置失败,ip:").append(str).append(",port:").append(num).append(",signCertPwd:").append(str2).append(",encCertPwd").append(str3);
            }
            this.logger.info(stringBuffer.toString());
            try {
                if (!this.auditLogService.save(AuditLogOperatorTypeEnum.SYSTEM_CONFIG_UPDATE.type, stringBuffer.toString(), i, auditSignBean.getSign())) {
                    this.logger.error("更新密码机配置审计日志失败");
                }
            } catch (Exception e) {
                this.logger.error("更新密码机配置审计日志失败", (Throwable) e);
            }
            if (testAndSaveHsmConfig.isSuccess()) {
                return null;
            }
            return testAndSaveHsmConfig.getError().resp(httpServletResponse);
        } catch (Exception e2) {
            this.logger.error("保存密码机配置出现异常", (Throwable) e2);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/config/hsm"}, method = {RequestMethod.GET})
    public Object getConfigHsm(HttpServletResponse httpServletResponse) {
        try {
            Result hsmConfig = this.hsmService.getHsmConfig();
            return !hsmConfig.isSuccess() ? hsmConfig.getError().resp(httpServletResponse) : hsmConfig.getInfo();
        } catch (Exception e) {
            this.logger.error("更新密码机配置出现异常", (Throwable) e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/config/km"}, method = {RequestMethod.POST})
    public Object saveConfigKm(HttpServletResponse httpServletResponse, @RequestParam("kmCaCert") MultipartFile multipartFile, @RequestParam("kmCommCert") MultipartFile multipartFile2, @RequestParam("ip") String str, @RequestParam("port") Integer num) {
        if (StringUtils.isBlank(str) || null == num) {
            this.logger.debug("保存KM配置出现空参数");
            return ErrorEnum.MISSING_REQUIRED_PARAMETERS.resp(httpServletResponse);
        }
        try {
            KmConfigBean tmpKmConfig = ConfigUtil.getTmpKmConfig(this.environment);
            if (null == tmpKmConfig || StringUtils.isBlank(tmpKmConfig.getPrivateKeyPin())) {
                this.logger.error("证书对应密钥不存在");
                return Result.failure(ErrorEnum.PUBLIC_KEY_IS_NOT_MATCH_ERROR);
            }
            tmpKmConfig.setKmCommCertName(CertUtils.getNameByPath(multipartFile2.getOriginalFilename()));
            tmpKmConfig.setKmCaCertName(CertUtils.getNameByPath(multipartFile.getOriginalFilename()));
            tmpKmConfig.setIp(str);
            tmpKmConfig.setPort(num);
            Result importKmConfig = this.systemConfigService.importKmConfig((FileInputStream) multipartFile.getInputStream(), (FileInputStream) multipartFile2.getInputStream(), tmpKmConfig);
            return !importKmConfig.isSuccess() ? importKmConfig.getError().resp(httpServletResponse) : importKmConfig.getInfo();
        } catch (Exception e) {
            this.logger.error("更新密码机配置出现异常", (Throwable) e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/config/km/update"}, method = {RequestMethod.POST})
    @AuditSign
    public Object updateConfigKm(HttpServletResponse httpServletResponse, @RequestParam(value = "kmCaCert", required = false) MultipartFile multipartFile, @RequestParam(value = "kmCommCert", required = false) MultipartFile multipartFile2, @RequestParam("ip") String str, @RequestParam("port") Integer num, AuditSignBean auditSignBean) {
        int i;
        if (StringUtils.isBlank(str) || null == num) {
            this.logger.debug("保存KM配置出现空参数");
            return ErrorEnum.MISSING_REQUIRED_PARAMETERS.resp(httpServletResponse);
        }
        try {
            FileInputStream fileInputStream = null;
            FileInputStream fileInputStream2 = null;
            KmConfigBean tmpKmConfig = ConfigUtil.getTmpKmConfig(this.environment);
            if (null == tmpKmConfig || StringUtils.isBlank(tmpKmConfig.getPrivateKeyPin())) {
                this.logger.error("证书对应密钥不存在");
                return Result.failure(ErrorEnum.PUBLIC_KEY_IS_NOT_MATCH_ERROR);
            }
            if (null != multipartFile && 0 != multipartFile.getSize()) {
                tmpKmConfig.setKmCaCertName(CertUtils.getNameByPath(multipartFile.getOriginalFilename()));
                fileInputStream = (FileInputStream) multipartFile.getInputStream();
            }
            if (null != multipartFile2 && 0 != multipartFile2.getSize()) {
                fileInputStream2 = (FileInputStream) multipartFile2.getInputStream();
                tmpKmConfig.setKmCommCertName(CertUtils.getNameByPath(multipartFile2.getOriginalFilename()));
            }
            tmpKmConfig.setIp(str);
            tmpKmConfig.setPort(num);
            Result importKmConfig = this.systemConfigService.importKmConfig(fileInputStream, fileInputStream2, tmpKmConfig);
            StringBuffer stringBuffer = new StringBuffer();
            if (importKmConfig.isSuccess()) {
                i = AuditLogResultEnum.SUCCESS.id;
                stringBuffer.append("更新密管系统配置成功,ip:").append(str).append(",port:").append(num);
            } else {
                i = AuditLogResultEnum.FAIL.id;
                stringBuffer.append("更新密管系统配置失败,ip:").append(str).append(",port:").append(num);
            }
            this.logger.info(stringBuffer.toString());
            try {
                if (!this.auditLogService.save(AuditLogOperatorTypeEnum.SYSTEM_CONFIG_UPDATE.type, stringBuffer.toString(), i, auditSignBean.getSign())) {
                    this.logger.error("更新密管系统配置审计日志失败");
                }
            } catch (Exception e) {
                this.logger.error("更新密管系统配置审计日志失败", (Throwable) e);
            }
            return !importKmConfig.isSuccess() ? importKmConfig.getError().resp(httpServletResponse) : importKmConfig.getInfo();
        } catch (Exception e2) {
            this.logger.error("更新密管系统配置出现异常", (Throwable) e2);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/config/km"}, method = {RequestMethod.GET})
    public Object getConfigKm(HttpServletResponse httpServletResponse) {
        try {
            Result kmConfig = this.systemConfigService.getKmConfig();
            return !kmConfig.isSuccess() ? kmConfig.getError().resp(httpServletResponse) : kmConfig.getInfo();
        } catch (Exception e) {
            this.logger.error("获取KM配置出现异常", (Throwable) e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/config/km/test"}, method = {RequestMethod.POST})
    public Object testConfigKm(HttpServletResponse httpServletResponse, @RequestBody Map<String, Object> map) {
        if (null == map || null == map.get("ip") || null == map.get("port")) {
            return ErrorEnum.MISSING_REQUIRED_PARAMETERS.resp(httpServletResponse);
        }
        try {
            Result testKmConfig = this.systemConfigService.testKmConfig(map.get("ip").toString(), Integer.valueOf(map.get("port").toString()));
            return !testKmConfig.isSuccess() ? testKmConfig.getError().resp(httpServletResponse) : testKmConfig.getInfo();
        } catch (Exception e) {
            this.logger.error("获取KM配置出现异常", (Throwable) e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/config/km/p10"}, method = {RequestMethod.POST})
    @AuditSign
    public Object getConfigKmP10(HttpServletResponse httpServletResponse, @RequestBody CreateP10VO createP10VO, AuditSignBean auditSignBean) {
        int i;
        if (StringUtils.isBlank(createP10VO.getDn()) || null == createP10VO.getKeyIndex() || StringUtils.isBlank(createP10VO.getPrivateKeyPin())) {
            this.logger.debug("生成KM证书申请书时出现空参数：" + createP10VO);
            return ErrorEnum.MISSING_REQUIRED_PARAMETERS.resp(httpServletResponse);
        }
        try {
            createP10VO.setAlg(Integer.valueOf(AlgTypeEnum.SM2.value));
            Result genKmP10 = this.systemConfigService.genKmP10(createP10VO);
            StringBuffer stringBuffer = new StringBuffer();
            if (genKmP10.isSuccess()) {
                i = AuditLogResultEnum.SUCCESS.id;
                stringBuffer.append("密管系统p10生成成功,dn:").append(createP10VO.getDn()).append(",keyIndex:").append(createP10VO.getKeyIndex()).append(",privateKeyPin:").append(createP10VO.getPrivateKeyPin());
            } else {
                i = AuditLogResultEnum.FAIL.id;
                stringBuffer.append("密管系统p10生成失败,dn:").append(createP10VO.getDn()).append(",keyIndex:").append(createP10VO.getKeyIndex()).append(",privateKeyPin:").append(createP10VO.getPrivateKeyPin());
            }
            this.logger.info(stringBuffer.toString());
            try {
                if (!this.auditLogService.save(AuditLogOperatorTypeEnum.SYSTEM_CONFIG_UPDATE.type, stringBuffer.toString(), i, auditSignBean.getSign())) {
                    this.logger.error("密管系统p10生成审计日志失败");
                }
            } catch (Exception e) {
                this.logger.error("密管系统p10生成审计日志失败", (Throwable) e);
            }
            return !genKmP10.isSuccess() ? genKmP10.getError().resp(httpServletResponse) : genKmP10.getInfo();
        } catch (Exception e2) {
            this.logger.error("更新密码机配置出现异常", (Throwable) e2);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/config/km/init"}, method = {RequestMethod.POST})
    public Object testConfigKmInit(HttpServletResponse httpServletResponse) {
        try {
            Result testConfigKmInit = this.systemConfigService.testConfigKmInit();
            return !testConfigKmInit.isSuccess() ? testConfigKmInit.getError().resp(httpServletResponse) : testConfigKmInit.getInfo();
        } catch (Exception e) {
            this.logger.error("更新密码机配置出现异常", (Throwable) e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/system/ca/config/xdjakm"}, method = {RequestMethod.POST})
    @AuditSign
    public Object saveConfigXdjaKm(@RequestParam(value = "localSignCert", required = false) MultipartFile multipartFile, @RequestParam(value = "localEncCert", required = false) MultipartFile multipartFile2, @RequestParam(value = "kmServerSignCert", required = false) MultipartFile multipartFile3, @RequestParam(value = "kmServerEncCert", required = false) MultipartFile multipartFile4, @RequestParam("kmIp") String str, @RequestParam("kmPort") int i, @RequestParam(value = "kmTrustCert", required = false) MultipartFile multipartFile5, @RequestParam("keyIndex") int i2, @RequestParam("priKeyPwd") String str2, AuditSignBean auditSignBean, HttpServletResponse httpServletResponse) {
        int i3;
        if (StringUtils.isAnyBlank(str, str2) || i < 1 || i2 < 1 || i2 > 30) {
            this.logger.info("配置km导入参数有误或为空");
            return ErrorEnum.ILLEGAL_REQUEST_PARAMETER.resp(httpServletResponse);
        }
        try {
            Result saveXdjaKmConfig = this.systemConfigService.saveXdjaKmConfig(i2, str2, str, i, multipartFile, multipartFile2, multipartFile3, multipartFile4, multipartFile5);
            StringBuffer stringBuffer = new StringBuffer();
            if (saveXdjaKmConfig.isSuccess()) {
                i3 = AuditLogResultEnum.SUCCESS.id;
                stringBuffer.append("配置xdja密管系统配置成功,ip:").append(str).append(",port:").append(i);
            } else {
                i3 = AuditLogResultEnum.FAIL.id;
                stringBuffer.append("配置xdja密管系统配置失败,ip:").append(str).append(",port:").append(i);
            }
            this.logger.info(stringBuffer.toString());
            try {
                if (!this.auditLogService.save(AuditLogOperatorTypeEnum.SYSTEM_CONFIG_UPDATE.type, stringBuffer.toString(), i3, auditSignBean.getSign())) {
                    this.logger.error("配置xdja密管系统配置审计日志失败");
                }
            } catch (Exception e) {
                this.logger.error("配置xdja密管系统配置审计日志失败", (Throwable) e);
            }
            return !saveXdjaKmConfig.isSuccess() ? saveXdjaKmConfig.getError().resp(httpServletResponse) : saveXdjaKmConfig.getInfo();
        } catch (Exception e2) {
            this.logger.error("配置信大捷安km异常", (Throwable) e2);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/system/ca/config/xdjakm"}, method = {RequestMethod.GET})
    public Object getConfigXdjaKm(HttpServletResponse httpServletResponse) {
        try {
            Result xdjaKmConfig = this.systemConfigService.getXdjaKmConfig();
            return !xdjaKmConfig.isSuccess() ? xdjaKmConfig.getError().resp(httpServletResponse) : xdjaKmConfig.getInfo();
        } catch (Exception e) {
            this.logger.error("获取信大捷安km配置信息异常", (Throwable) e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/system/ca/config/km/{kmType}"}, method = {RequestMethod.POST})
    @AuditSign
    public Object chooseKmSystem(@PathVariable int i, AuditSignBean auditSignBean, HttpServletResponse httpServletResponse) {
        int i2;
        if (i != 1 && i != 2) {
            return ErrorEnum.ILLEGAL_REQUEST_PARAMETER.resp(httpServletResponse);
        }
        try {
            Result chooseKmSystem = this.systemConfigService.chooseKmSystem(i);
            StringBuffer stringBuffer = new StringBuffer();
            if (chooseKmSystem.isSuccess()) {
                i2 = AuditLogResultEnum.SUCCESS.id;
                stringBuffer.append("选择密管系统成功,kmType:").append(i);
            } else {
                i2 = AuditLogResultEnum.FAIL.id;
                stringBuffer.append("选择密管系统失败,kmType:").append(i);
            }
            this.logger.info(stringBuffer.toString());
            try {
                if (!this.auditLogService.save(AuditLogOperatorTypeEnum.SYSTEM_CONFIG_UPDATE.type, stringBuffer.toString(), i2, auditSignBean.getSign())) {
                    this.logger.error("选择密管系统配置审计日志失败");
                }
            } catch (Exception e) {
                this.logger.error("选择密管系统配置审计日志失败", (Throwable) e);
            }
            return !chooseKmSystem.isSuccess() ? chooseKmSystem.getError().resp(httpServletResponse) : chooseKmSystem.getInfo();
        } catch (Exception e2) {
            this.logger.error("选择km系统配置信息异常", (Throwable) e2);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/v1/system/ca/config/km"}, method = {RequestMethod.GET})
    public Object getKmSystemType(HttpServletResponse httpServletResponse) {
        try {
            Result kmSystemType = this.systemConfigService.getKmSystemType();
            return !kmSystemType.isSuccess() ? kmSystemType.getError().resp(httpServletResponse) : kmSystemType.getInfo();
        } catch (Exception e) {
            this.logger.error("获取系统所选择的km系统异常", (Throwable) e);
            return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
        }
    }
}
