package com.xdja.pki.ocsp.openapi.api;

import com.xdja.pki.ocsp.certmanager.service.certstatus.OcspResponseService;
import com.xdja.pki.ocsp.core.Constants;
import java.security.KeyPair;
import java.security.cert.X509Certificate;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.bouncycastle.cert.ocsp.OCSPReq;
import org.bouncycastle.util.encoders.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpHeaders;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

@RestController
/* loaded from: input_file:WEB-INF/classes/com/xdja/pki/ocsp/openapi/api/CertStatusController.class */
public class CertStatusController {
    private Logger logger = LoggerFactory.getLogger(getClass());

    @Autowired
    private OcspResponseService ocspResponseService;

    @RequestMapping(value = {"/v1/cert/status"}, method = {RequestMethod.POST}, produces = {"application/ocsp-response"}, consumes = {"application/ocsp-request"})
    public byte[] certStatusQuery(@RequestBody byte[] bArr, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String str;
        String header = httpServletRequest.getHeader("keyStr");
        String header2 = httpServletRequest.getHeader("sdfCryptoType");
        if (httpServletRequest.getHeader("signAlgName").contains("SM2") && "YUNHSM".equalsIgnoreCase(header2)) {
            str = "YUNHSM";
            Constants.CRYPT_DEVICE_TYPE = 1;
        } else {
            str = Constants.PROVIDER;
            Constants.CRYPT_DEVICE_TYPE = 2;
        }
        List list = (List) Constants.CA_TO_OCSP_MAP.get(header);
        Constants.ISSUERCERT = (List) list.get(0);
        Constants.OCSP_SIGN_CERT = (X509Certificate) list.get(1);
        if ("YUNHSM".equalsIgnoreCase(str)) {
            String[] strArr = (String[]) list.get(2);
            Constants.PRIVATE_KEY_INDEX = Integer.parseInt(strArr[0]);
            Constants.PRIVATE_KEY_PASSWORD = strArr[1];
        } else {
            Constants.SIGN_CERT_KEYPAIR = (KeyPair) list.get(2);
        }
        httpServletResponse.setHeader("Content-Transfer-Encoding", "Binary");
        httpServletResponse.setHeader(HttpHeaders.CONTENT_TYPE, "application/ocsp-response");
        return buildOcspResp(bArr);
    }

    @RequestMapping(value = {"/v1/cert/status/{ocsp}"}, method = {RequestMethod.GET}, produces = {"application/ocsp-response"}, consumes = {"application/ocsp-request"})
    public byte[] certStatusQueryGET(@PathVariable("ocsp") String str, HttpServletResponse httpServletResponse) {
        this.logger.debug("收到证书状态查询请求：" + str);
        try {
            byte[] decode = Base64.decode(str);
            httpServletResponse.setHeader("Content-Transfer-Encoding", "Binary");
            httpServletResponse.setHeader(HttpHeaders.CONTENT_TYPE, "application/ocsp-response");
            return buildOcspResp(decode);
        } catch (Exception e) {
            this.logger.error("ocsp请求Base64解码异常", (Throwable) e);
            return this.ocspResponseService.builOCSPResponse(null, 1);
        }
    }

    private byte[] buildOcspResp(byte[] bArr) {
        OCSPReq oCSPReq = null;
        int i = 0;
        try {
            this.logger.debug("收到证书状态查询请求：" + Base64.toBase64String(bArr));
            oCSPReq = this.ocspResponseService.buildOcspReq(bArr);
        } catch (Exception e) {
            i = 1;
            this.logger.error("解析ocsp请求结构体异常", (Throwable) e);
        }
        try {
            byte[] builOCSPResponse = this.ocspResponseService.builOCSPResponse(oCSPReq, i);
            this.logger.debug("返回证书状态查询结果：" + Base64.toBase64String(builOCSPResponse));
            return builOCSPResponse;
        } catch (Exception e2) {
            e2.printStackTrace();
            this.logger.error("ocsp证书状态查询异常", (Throwable) e2);
            return null;
        }
    }
}
