package com.xdja.pki.ocsp.certmanager.service.certstatus;

import com.xdja.pki.ocsp.cache.CertStatusCache;
import com.xdja.pki.ocsp.cermanager.dao.CertStatusQueryDao;
import com.xdja.pki.ocsp.certmanager.dao.model.CertStatusEntity;
import com.xdja.pki.ocsp.core.Constants;
import com.xdja.pki.ocsp.core.enums.DigestObjectIdentifiers;
import com.xdja.pki.ocsp.core.exception.ServiceException;
import com.xdja.pki.ocsp.core.ocsp.util.DateTimeUtil;
import java.util.Map;
import org.bouncycastle.asn1.ASN1GeneralizedTime;
import org.bouncycastle.asn1.ocsp.RevokedInfo;
import org.bouncycastle.asn1.x509.CRLReason;
import org.bouncycastle.cert.ocsp.CertificateID;
import org.bouncycastle.cert.ocsp.CertificateStatus;
import org.bouncycastle.cert.ocsp.RevokedStatus;
import org.bouncycastle.cert.ocsp.UnknownStatus;
import org.bouncycastle.util.Strings;
import org.bouncycastle.util.encoders.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:com/xdja/pki/ocsp/certmanager/service/certstatus/CertStatusQueryServiceImpl.class */
public class CertStatusQueryServiceImpl implements CertStatusQueryService {
    private Logger logger = LoggerFactory.getLogger(getClass());

    @Autowired
    private CertStatusQueryDao certStatusQueryDao;

    @Autowired
    private CertStatusCache certStatusCache;

    @Autowired
    private CaCertDigestService caCertDigestService;

    public CertificateStatus certStatusQuery(CertificateID certificateID) {
        try {
            String id = certificateID.getHashAlgOID().getId();
            if (!DigestObjectIdentifiers.DIGEST_COLLECTION.contains(id)) {
                this.caCertDigestService.updateCaCertDigest(id);
            }
            String fromByteArray = Strings.fromByteArray(Hex.encode(certificateID.getIssuerNameHash()));
            String fromByteArray2 = Strings.fromByteArray(Hex.encode(certificateID.getIssuerKeyHash()));
            String bigInteger = certificateID.getSerialNumber().toString(16);
            return Constants.IS_REDIS_CACHE ? certStatusCacheQuery(bigInteger, fromByteArray, fromByteArray2) : certStatusDbQuery(bigInteger, fromByteArray, fromByteArray2);
        } catch (Exception e) {
            throw new ServiceException("进行证书状态查询异常", e);
        }
    }

    public CertificateStatus certStatusDbQuery(String str, String str2, String str3) {
        if (!this.certStatusQueryDao.isExistIssuerInfo(str2, str3)) {
            this.logger.info("查询到证书sn：" + str + "的状态为：未知");
            return new UnknownStatus();
        }
        CertStatusEntity certStatusInfo = this.certStatusQueryDao.getCertStatusInfo(str, this.certStatusQueryDao.getIssuerInfo(str2, str3).getIssuerIdHash());
        if (null == certStatusInfo) {
            this.logger.info("查询到证书sn：" + str + "的状态为：正常");
            return CertificateStatus.GOOD;
        }
        RevokedInfo revokedInfo = new RevokedInfo(new ASN1GeneralizedTime(certStatusInfo.getRevokedTime()), CRLReason.lookup(certStatusInfo.getRevokedReason()));
        this.logger.info("查询到证书sn：" + str + "的状态为：撤销");
        return new RevokedStatus(revokedInfo);
    }

    public CertificateStatus certStatusCacheQuery(String str, String str2, String str3) {
        if (!this.certStatusCache.isExistIssuerInfo(str2, str3)) {
            this.logger.info("查询到证书sn：" + str + "的状态为：未知");
            return new UnknownStatus();
        }
        Map certStatusInfo = this.certStatusCache.getCertStatusInfo(str, (String) this.certStatusCache.getIssuerInfo(str2, str3).get("issuerIdHash"));
        if (null == certStatusInfo || certStatusInfo.isEmpty()) {
            this.logger.info("查询到证书sn：" + str + "的状态为：正常");
            return CertificateStatus.GOOD;
        }
        RevokedInfo revokedInfo = new RevokedInfo(new ASN1GeneralizedTime(DateTimeUtil.longToDate(Long.valueOf(((String) certStatusInfo.get("crt")).toString()).longValue())), CRLReason.lookup(Integer.valueOf(((String) certStatusInfo.get("crr")).toString()).intValue()));
        this.logger.info("查询到证书sn：" + str + "的状态为：撤销");
        return new RevokedStatus(revokedInfo);
    }
}
