package com.xdja.pki.ra.service.manager.customer;

import com.xdja.ca.utils.DnUtil;
import com.xdja.ca.vo.ManagerCertInfo;
import com.xdja.ca.vo.UserCertInfo;
import com.xdja.pki.ra.core.common.CommonVariable;
import com.xdja.pki.ra.core.common.OperatorCertCache;
import com.xdja.pki.ra.core.common.Result;
import com.xdja.pki.ra.core.commonenum.ErrorEnum;
import com.xdja.pki.ra.core.constant.Constants;
import com.xdja.pki.ra.core.constant.PathConstants;
import com.xdja.pki.ra.core.exception.DAOException;
import com.xdja.pki.ra.core.exception.ServiceException;
import com.xdja.pki.ra.core.util.cert.CertDnVerifyUtils;
import com.xdja.pki.ra.core.util.cert.CertUtils;
import com.xdja.pki.ra.core.util.cert.KeyStoreUtils;
import com.xdja.pki.ra.core.util.cert.KeyUtils;
import com.xdja.pki.ra.core.util.cert.RandomUtils;
import com.xdja.pki.ra.core.util.json.JsonUtils;
import com.xdja.pki.ra.manager.dao.CaCertDao;
import com.xdja.pki.ra.manager.dao.CertTempDao;
import com.xdja.pki.ra.manager.dao.CustomerCertDao;
import com.xdja.pki.ra.manager.dao.CustomerDao;
import com.xdja.pki.ra.manager.dao.CustomerTempDao;
import com.xdja.pki.ra.manager.dao.RaCertDao;
import com.xdja.pki.ra.manager.dao.model.CaCertDO;
import com.xdja.pki.ra.manager.dao.model.CertTempDO;
import com.xdja.pki.ra.manager.dao.model.CustomerSysCertDO;
import com.xdja.pki.ra.manager.dao.model.CustomerSysDO;
import com.xdja.pki.ra.manager.dao.model.CustomerSysTempDO;
import com.xdja.pki.ra.manager.dao.model.RaCertDO;
import com.xdja.pki.ra.manager.dto.CustomerCertDTO;
import com.xdja.pki.ra.manager.page.PageInfo;
import com.xdja.pki.ra.manager.sdk.cmp.CertLifeCycleManager;
import com.xdja.pki.ra.service.manager.certapply.CertApplyService;
import com.xdja.pki.ra.service.manager.customer.bean.CustomerCertIssueApplyVO;
import com.xdja.pki.ra.service.manager.customer.bean.CustomerSysCertVO;
import com.xdja.pki.ra.service.manager.customer.bean.CustomerSysResp;
import com.xdja.pki.ra.service.manager.customer.bean.CustomerSysVO;
import com.xdja.pki.ra.service.manager.customer.bean.CustomerTemplateRepVO;
import com.xdja.pki.ra.service.manager.customer.bean.CustomerTemplateSaveVO;
import com.xdja.pki.ra.service.manager.organuser.bean.OrganParamsCheck;
import com.xdja.pki.ra.service.manager.system.CaService;
import com.xdja.pki.ra.service.manager.system.RaServer;
import com.xdja.pki.ra.service.manager.utils.CertContentInfoUtil;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.sql.Timestamp;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.util.encoders.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.dao.DataAccessException;
import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;

@Service
/* loaded from: input_file:WEB-INF/lib/ra-service-manager-impl-2.0.0-SNAPSHOT.jar:com/xdja/pki/ra/service/manager/customer/CustomerSysServiceImpl.class */
public class CustomerSysServiceImpl implements CustomerSysService {
    private Logger logger = LoggerFactory.getLogger(getClass());

    @Autowired
    private CustomerDao customerDao;

    @Autowired
    private CustomerCertDao customerCertDao;

    @Autowired
    private CertTempDao certTempDao;

    @Autowired
    private CustomerTempDao customerTempDao;

    @Autowired
    private RaServer raServer;

    @Autowired
    private CaService caService;

    @Autowired
    private CertApplyService certApplyService;

    @Autowired
    private CaCertDao caCertDao;

    @Autowired
    RaCertDao raCertDao;

    @Autowired
    private CertLifeCycleManager certLifeCycleManager;

    @Autowired
    CertContentInfoUtil certContentInfoUtil;

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result getCustomerCertInfo(String str) {
        Result result = new Result();
        CustomerSysCertDO customerCert = this.customerCertDao.getCustomerCert(str);
        if (customerCert == null) {
            this.logger.info("第三方系统证书查询为空");
            result.setError(ErrorEnum.GET_OPERATOR_CERT_INFO_EMPTY);
            return result;
        }
        try {
            result.setInfo(this.certContentInfoUtil.getCertContentInfo(CertUtils.getCertFromStr(customerCert.getCertInfo())));
            return result;
        } catch (Exception e) {
            this.logger.error("证书详情格式读取异常", (Throwable) e);
            result.setError(ErrorEnum.CERT_DETAIL_FORMAT_ERROR);
            return result;
        }
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result registerCustomerInfo(CustomerSysVO customerSysVO) {
        Result result = new Result();
        if (this.customerDao.getSystemIdentifier(customerSysVO.getCustomerSysNumber()) >= 1) {
            result.setError(ErrorEnum.SYS_ID_HAS_EXISTED);
            return result;
        }
        if (!StringUtils.isAnyBlank(customerSysVO.getCustomerSysContact()) && !OrganParamsCheck.isCheck("^(13|14|15|16|17|18|19)[0-9]{9}$", customerSysVO.getCustomerSysContact())) {
            this.logger.info("联系电话格式错误");
            return Result.failure(ErrorEnum.ILLEGAL_REQUEST_PARAMETER);
        }
        CustomerSysDO customerSysDO = new CustomerSysDO();
        BeanUtils.copyProperties(customerSysVO, customerSysDO);
        Date date = new Date(System.currentTimeMillis());
        customerSysDO.setGmtCreate(date);
        customerSysDO.setGmtUpdate(date);
        this.customerDao.insertSystemInfo(customerSysDO);
        return Result.success();
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result getCustomerInfo(Integer num) {
        Result result = new Result();
        result.setInfo(this.customerDao.getSystemInfo(num));
        return result;
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result updateCustomerInfo(Integer num, CustomerSysVO customerSysVO) {
        Result result = new Result();
        if (!this.customerDao.getSystemInfo(num).getCustomerSysNumber().equals(customerSysVO.getCustomerSysNumber())) {
            return Result.failure(ErrorEnum.ILLEGAL_REQUEST_PARAMETER);
        }
        if (!StringUtils.isAnyBlank(customerSysVO.getCustomerSysContact()) && !OrganParamsCheck.isCheck("^(13|14|15|16|17|18|19)[0-9]{9}$", customerSysVO.getCustomerSysContact())) {
            this.logger.info("联系电话格式错误");
            return Result.failure(ErrorEnum.ILLEGAL_REQUEST_PARAMETER);
        }
        CustomerSysDO systemInfo = this.customerDao.getSystemInfo(num);
        BeanUtils.copyProperties(customerSysVO, systemInfo);
        systemInfo.setGmtUpdate(new Date(System.currentTimeMillis()));
        if (this.customerDao.updateSystemInfo(systemInfo) != 0) {
            return Result.success();
        }
        result.setError(ErrorEnum.SYS_UPDATE_IS_ERROR);
        return result;
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result getCustomerInfoList(String str, String str2, int i, int i2) {
        CustomerSysResp customerSysResp = new CustomerSysResp();
        Result result = new Result();
        PageInfo<CustomerSysDO> systemInfoList = this.customerDao.getSystemInfoList(str, str2, Integer.valueOf(i), Integer.valueOf(i2));
        ArrayList arrayList = new ArrayList();
        List<CustomerSysDO> list = systemInfoList.getList();
        if (CollectionUtils.isEmpty(list)) {
            customerSysResp.setRecordCount(0);
            customerSysResp.setPageCount(0);
            customerSysResp.setDatas(arrayList);
            result.setInfo(customerSysResp);
            return result;
        }
        for (CustomerSysDO customerSysDO : list) {
            CustomerSysVO customerSysVO = new CustomerSysVO();
            BeanUtils.copyProperties(customerSysDO, customerSysVO);
            Date gmtCreate = customerSysDO.getGmtCreate();
            customerSysVO.setId(Integer.valueOf((int) customerSysDO.getId()));
            customerSysVO.setGmtCreate(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(gmtCreate));
            arrayList.add(customerSysVO);
        }
        customerSysResp.setDatas(arrayList);
        customerSysResp.setPageCount(systemInfoList.getPageCount());
        customerSysResp.setRecordCount(systemInfoList.getRecordCount());
        result.setInfo(customerSysResp);
        return result;
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result getCustomerCertInfoList(String str, String str2, String str3, String str4, int i, int i2) {
        CustomerSysResp customerSysResp = new CustomerSysResp();
        Result result = new Result();
        PageInfo<CustomerCertDTO> systemCertInfoList = this.customerCertDao.getSystemCertInfoList(str, str2, str3, str4, Integer.valueOf(i), Integer.valueOf(i2));
        ArrayList arrayList = new ArrayList();
        List<CustomerCertDTO> list = systemCertInfoList.getList();
        if (CollectionUtils.isEmpty(list)) {
            customerSysResp.setRecordCount(0);
            customerSysResp.setPageCount(0);
            customerSysResp.setDatas(arrayList);
            result.setInfo(customerSysResp);
            return result;
        }
        for (CustomerCertDTO customerCertDTO : list) {
            CustomerSysCertVO customerSysCertVO = new CustomerSysCertVO();
            BeanUtils.copyProperties(customerCertDTO, customerSysCertVO);
            if (null != customerCertDTO.getTempId()) {
                customerSysCertVO.setCertPatterm(this.certTempDao.getCertTempInfoByTempId(customerCertDTO.getTempId().intValue()).getCertPatterm());
            }
            long currentTimeMillis = System.currentTimeMillis();
            long time = customerCertDTO.getFailureTime().getTime();
            if (time < currentTimeMillis) {
                customerSysCertVO.setCertStatus(2);
            }
            Calendar calendar = Calendar.getInstance();
            long timeInMillis = calendar.getTimeInMillis();
            calendar.add(2, 1);
            if (time <= timeInMillis || calendar.getTimeInMillis() <= time) {
                customerSysCertVO.setOutStatus(false);
            } else {
                customerSysCertVO.setOutStatus(true);
            }
            customerSysCertVO.setEffectiveTime(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(customerCertDTO.getEffectiveTime()));
            customerSysCertVO.setFailureTime(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(customerCertDTO.getFailureTime()));
            arrayList.add(customerSysCertVO);
        }
        customerSysResp.setDatas(arrayList);
        customerSysResp.setPageCount(systemCertInfoList.getPageCount());
        customerSysResp.setRecordCount(systemCertInfoList.getRecordCount());
        result.setInfo(customerSysResp);
        return result;
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result getCustomerTemplateById(Long l) {
        ArrayList arrayList = new ArrayList();
        try {
            List<CertTempDO> allNewCertTemplateList = this.certTempDao.getAllNewCertTemplateList();
            List<CustomerSysTempDO> customerTempInfoById = this.customerTempDao.getCustomerTempInfoById(l);
            if (null != allNewCertTemplateList && !allNewCertTemplateList.isEmpty()) {
                for (CertTempDO certTempDO : allNewCertTemplateList) {
                    CustomerTemplateRepVO customerTemplateRepVO = new CustomerTemplateRepVO();
                    customerTemplateRepVO.setId(certTempDO.getId());
                    customerTemplateRepVO.setTempNo(certTempDO.getTempNo());
                    customerTemplateRepVO.setName(certTempDO.getTempName());
                    customerTemplateRepVO.setStatus(certTempDO.getTempStatus());
                    boolean z = certTempDO.getTempStatus().intValue() != 3;
                    if (null != customerTempInfoById && !customerTempInfoById.isEmpty()) {
                        Iterator<CustomerSysTempDO> it = customerTempInfoById.iterator();
                        while (it.hasNext()) {
                            if (it.next().getTempNo().equals(certTempDO.getTempNo())) {
                                customerTemplateRepVO.setBound(true);
                                z = true;
                            }
                        }
                    }
                    if (z) {
                        arrayList.add(customerTemplateRepVO);
                    }
                }
            }
            return Result.success(arrayList);
        } catch (DAOException e) {
            throw new ServiceException("查询第三方授权模板信息异常", e);
        }
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result saveCustomerTemplates(CustomerTemplateSaveVO customerTemplateSaveVO) {
        Result result = new Result();
        long longValue = customerTemplateSaveVO.getCustomsysId().longValue();
        String templateNos = customerTemplateSaveVO.getTemplateNos();
        String[] strArr = null;
        String str = "";
        try {
            if (!StringUtils.isEmpty(templateNos)) {
                strArr = templateNos.split("#");
                if (strArr.length > 0) {
                    str = Arrays.toString(strArr);
                    List<CertTempDO> allNewCertTemplateList = this.certTempDao.getAllNewCertTemplateList();
                    for (String str2 : strArr) {
                        boolean z = false;
                        if (null != allNewCertTemplateList && !allNewCertTemplateList.isEmpty()) {
                            Iterator<CertTempDO> it = allNewCertTemplateList.iterator();
                            while (true) {
                                if (!it.hasNext()) {
                                    break;
                                }
                                if (str2.equals(it.next().getTempNo())) {
                                    z = true;
                                    break;
                                }
                            }
                            if (!z) {
                                return Result.failure(ErrorEnum.TEMPLATEID_NOT_EXIST);
                            }
                        }
                    }
                }
            }
            Iterator<CustomerSysTempDO> it2 = this.customerTempDao.getCustomerTemplateByStatus(Long.valueOf(longValue), 3).iterator();
            while (it2.hasNext()) {
                if (!str.contains(it2.next().getTempNo())) {
                    return Result.failure(ErrorEnum.TEMPLATE_STOPED_CANNOT_CANCEL);
                }
            }
            this.customerTempDao.resetCustomerTemplate(Long.valueOf(longValue));
            if (null != strArr && strArr.length > 0) {
                CustomerSysTempDO customerSysTempDO = new CustomerSysTempDO();
                customerSysTempDO.setCustomerSysId(Long.valueOf(longValue));
                Arrays.asList(strArr).forEach(str3 -> {
                    customerSysTempDO.setTempNo(str3);
                    customerSysTempDO.setGmtCreate(new Date(System.currentTimeMillis()));
                    this.customerTempDao.saveCustomerTemplate(customerSysTempDO);
                });
            }
            result.setLogContent("，系统标识=" + this.customerDao.getSystemInfo(Integer.valueOf((int) longValue)).getCustomerSysNumber() + "，模板编号tempNos=" + templateNos);
            return result;
        } catch (DAOException e) {
            throw new ServiceException("保存第三方授权模板服务失败，", e);
        }
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result issCustomerCertByKeyStore(CustomerCertIssueApplyVO customerCertIssueApplyVO) {
        String str;
        int intValue;
        Result result = new Result();
        String rAServiceDnName = this.raServer.getRAServiceDnName();
        if (StringUtils.isBlank(rAServiceDnName)) {
            result.setError(ErrorEnum.GET_RA_SERVICE_DN_NAME_ERROR);
            return result;
        }
        String cAServiceDnName = this.caService.getCAServiceDnName();
        if (StringUtils.isBlank(cAServiceDnName)) {
            result.setError(ErrorEnum.GET_CA_SERVICE_DN_NAME_ERROR);
            return result;
        }
        int intValue2 = customerCertIssueApplyVO.getCertValidity().intValue();
        String signAlg = customerCertIssueApplyVO.getSignAlg();
        String tempNo = customerCertIssueApplyVO.getTempNo();
        String certDn = customerCertIssueApplyVO.getCertDn();
        if (Constants.SIGN_ALG_NAME_SM3_WHIT_SM2.equalsIgnoreCase(signAlg)) {
            str = "SM2";
            intValue = 256;
        } else if (Constants.SIGN_ALG_NAME_SHA256_WHIT_ECDSA.equalsIgnoreCase(signAlg)) {
            str = Constants.KEY_ALG_NAME_NIST;
            intValue = 256;
        } else {
            str = Constants.KEY_ALG_NAME_RSA;
            intValue = customerCertIssueApplyVO.getPrivateKeyLength().intValue();
        }
        this.logger.info("密钥算法：{}, 密钥长度：{}", str, Integer.valueOf(intValue));
        String uuid = RandomUtils.getUUID();
        try {
            KeyPair genKeyPair = KeyUtils.genKeyPair(str, intValue);
            KeyPair genKeyPair2 = KeyUtils.genKeyPair(str, intValue);
            Result issueManageCert = this.certLifeCycleManager.issueManageCert(false, null, genKeyPair.getPublic().getEncoded(), Base64.toBase64String(genKeyPair2.getPublic().getEncoded()), rAServiceDnName, cAServiceDnName, uuid, tempNo, signAlg, intValue2, certDn);
            if (!issueManageCert.isSuccess()) {
                this.logger.info("签发第三方系统证书失败: code:{}, desc:{}", Integer.valueOf(issueManageCert.getErrorBean().getErrCode()), issueManageCert.getErrorBean().getErrMsg());
                result.setErrorBean(issueManageCert.getErrorBean());
                return result;
            }
            ManagerCertInfo managerCertInfo = (ManagerCertInfo) issueManageCert.getInfo();
            UserCertInfo userCertInfo = new UserCertInfo();
            userCertInfo.setSignCert(managerCertInfo.getSignCert());
            try {
                userCertInfo.setEncCert(CertUtils.getDataFromEnvelopDataByBc(genKeyPair2.getPrivate().getEncoded(), managerCertInfo.getEncEncCert().getBytes(), CommonVariable.getKeyAlgName()));
                this.logger.info("第三方系统证书开始入库：{}", userCertInfo);
                Result insertCustomerCertInfo = insertCustomerCertInfo(customerCertIssueApplyVO, userCertInfo);
                if (!insertCustomerCertInfo.isSuccess()) {
                    this.logger.info("将用户证书插入数据库失败");
                    result.setError(insertCustomerCertInfo.getError());
                    return result;
                }
                PrivateKey privateKey = genKeyPair2.getPrivate();
                try {
                    List<X509Certificate> trustCaCerts = CommonVariable.getTrustCaCerts();
                    X509Certificate[] x509CertificateArr = new X509Certificate[trustCaCerts.size()];
                    trustCaCerts.toArray(x509CertificateArr);
                    for (X509Certificate x509Certificate : x509CertificateArr) {
                        if (this.logger.isDebugEnabled()) {
                            this.logger.debug("caCert.length {}", Integer.valueOf(x509CertificateArr.length));
                            this.logger.debug("caCert issuer{}", CertUtils.getIssuerByX509Cert(x509Certificate));
                            this.logger.debug("caCert subjcet:{}", CertUtils.getSubjectByX509Cert(x509Certificate));
                        }
                    }
                    X509Certificate[] x509CertificateArr2 = new X509Certificate[x509CertificateArr.length + 1];
                    X509Certificate certFromStr = CertUtils.getCertFromStr(userCertInfo.getSignCert());
                    x509CertificateArr2[0] = CertUtils.getCertFromStr(userCertInfo.getSignCert());
                    for (int i = 1; i < x509CertificateArr2.length; i++) {
                        x509CertificateArr2[i] = x509CertificateArr[i - 1];
                    }
                    for (X509Certificate x509Certificate2 : x509CertificateArr2) {
                        if (this.logger.isDebugEnabled()) {
                            this.logger.debug("signCert.length {}", Integer.valueOf(x509CertificateArr2.length));
                            this.logger.debug("signCert issuer{}", CertUtils.getIssuerByX509Cert(x509Certificate2));
                            this.logger.debug("signCert subjcet:{}", CertUtils.getSubjectByX509Cert(x509Certificate2));
                        }
                    }
                    X509Certificate[] x509CertificateArr3 = new X509Certificate[x509CertificateArr.length + 1];
                    x509CertificateArr3[0] = CertUtils.getCertFromStr(userCertInfo.getEncCert());
                    for (int i2 = 1; i2 < x509CertificateArr3.length; i2++) {
                        x509CertificateArr3[i2] = x509CertificateArr[i2 - 1];
                    }
                    KeyStoreUtils.generateDoubleCertByKeyStore(true, x509CertificateArr2, x509CertificateArr3, genKeyPair.getPrivate(), privateKey, 1, certFromStr.getSerialNumber().toString(16), PathConstants.USER_CERT_KEYSTORE_FILE_PATH, x509CertificateArr);
                    HashMap hashMap = new HashMap();
                    hashMap.put("transId", uuid);
                    hashMap.put("customerSystemFlag", customerCertIssueApplyVO.getCustomerSysNumber());
                    hashMap.put("certSn", certFromStr.getSerialNumber().toString(16));
                    result.setInfo(hashMap);
                    if (null != x509CertificateArr2[0]) {
                        result.setLogContent("，签名证书SN=" + x509CertificateArr2[0].getSerialNumber().toString(16).toLowerCase());
                    }
                    return result;
                } catch (Exception e) {
                    this.logger.error("生成用户keyStore类型证书失败", (Throwable) e);
                    result.setError(ErrorEnum.GEN_USER_CERT_KEY_STORE_FILE_FAIL);
                    return result;
                }
            } catch (Exception e2) {
                this.logger.info("解析信封失败", (Throwable) e2);
                result.setError(ErrorEnum.GET_RA_SERVER_ENC_CERT_ERROR);
                return result;
            }
        } catch (Exception e3) {
            this.logger.info("生成用户签名公私钥失败");
            result.setError(ErrorEnum.GEN_USER_CERT_SIGN_KEY_FAIL);
            return result;
        }
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result getSysCertBySysNumber(String str, String str2) {
        Result result = new Result();
        try {
            CustomerSysCertDO sysCertBySysNumber = this.customerDao.getSysCertBySysNumber(str, str2);
            if (sysCertBySysNumber.getCertStatus().intValue() == 1) {
                result.setInfo(CertUtils.getCertFromStr(sysCertBySysNumber.getCertInfo()).getPublicKey());
                return result;
            }
            this.logger.info("系统证书状态不正常");
            result.setError(ErrorEnum.CUSTOMER_SYS_CERT_IS_NOT_NORMAL);
            return result;
        } catch (DataAccessException e) {
            this.logger.info("查询证书信息结果不为1", e + "certSn : " + str2);
            result.setError(ErrorEnum.GET_CERT_INFO_BY_SYSNUMBER_IS_EMPTY);
            return result;
        } catch (Exception e2) {
            this.logger.info("获取证书信息异常", (Throwable) e2);
            result.setError(ErrorEnum.GET_CERT_INFO_BY_SYSNUMBER_ERROR);
            return result;
        }
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result genCertConfirm(String str, String str2) {
        Result result = new Result();
        String rAServiceDnName = getRAServiceDnName();
        if (StringUtils.isBlank(rAServiceDnName)) {
            result.setError(ErrorEnum.GET_RA_SERVICE_DN_NAME_ERROR);
            return result;
        }
        String cAServiceDnName = getCAServiceDnName();
        if (StringUtils.isBlank(cAServiceDnName)) {
            result.setError(ErrorEnum.GET_CA_SERVICE_DN_NAME_ERROR);
            return result;
        }
        Result issueCertResp = this.certLifeCycleManager.issueCertResp(rAServiceDnName, cAServiceDnName, 2, str);
        if (!issueCertResp.isSuccess()) {
            this.logger.error("第三方系统证书签发，确认失败:{}", JsonUtils.object2Json(issueCertResp));
            result.setErrorBean(issueCertResp.getErrorBean());
            return result;
        }
        try {
            this.customerCertDao.updateCustomerCertStatus(1, str2);
            return result;
        } catch (Exception e) {
            this.logger.error("更新第三方系统证书状态异常 ", (Throwable) e);
            result.setError(ErrorEnum.UPDATE_USER_CERT_STATUS_EXCEPTION);
            return result;
        }
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result genErrorMsgContent(String str, int i, String str2) {
        Result result = new Result();
        String rAServiceDnName = getRAServiceDnName();
        if (StringUtils.isBlank(rAServiceDnName)) {
            result.setError(ErrorEnum.GET_RA_SERVICE_DN_NAME_ERROR);
            return result;
        }
        String cAServiceDnName = getCAServiceDnName();
        if (StringUtils.isBlank(cAServiceDnName)) {
            result.setError(ErrorEnum.GET_CA_SERVICE_DN_NAME_ERROR);
            return result;
        }
        OperatorCertCache.getMap().remove(str);
        Result sendErrorCMPMessage = this.certLifeCycleManager.sendErrorCMPMessage(rAServiceDnName, cAServiceDnName, 2, str, i, str2);
        if (sendErrorCMPMessage.isSuccess()) {
            return result;
        }
        this.logger.info("错误确认消息出错：" + JsonUtils.object2Json(sendErrorCMPMessage));
        result.setErrorBean(sendErrorCMPMessage.getErrorBean());
        return result;
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result revokeCustomerCert(String str, String str2, int i, String str3) {
        Result result = new Result();
        String rAServiceDnName = getRAServiceDnName();
        if (StringUtils.isBlank(rAServiceDnName)) {
            result.setError(ErrorEnum.GET_RA_SERVICE_DN_NAME_ERROR);
            return result;
        }
        String cAServiceDnName = getCAServiceDnName();
        if (StringUtils.isBlank(cAServiceDnName)) {
            result.setError(ErrorEnum.GET_CA_SERVICE_DN_NAME_ERROR);
            return result;
        }
        Result revokeManageCert = null == this.customerCertDao.getCustomerCert(str).getTempId() ? this.certLifeCycleManager.revokeManageCert(rAServiceDnName, cAServiceDnName, str, str2, i, str3) : this.certLifeCycleManager.revokeUserCert(null, rAServiceDnName, cAServiceDnName, str, str2, i, str3);
        if (!revokeManageCert.isSuccess()) {
            this.logger.info("CA返回撤销证书错误消息:{}", JsonUtils.object2Json(revokeManageCert));
            result.setErrorBean(revokeManageCert.getErrorBean());
            return result;
        }
        try {
            this.customerCertDao.updateCustomerCertStatus(3, str);
            return result;
        } catch (Exception e) {
            this.logger.error("修改第三方系统证书状态异常{}", (Throwable) e);
            result.setError(ErrorEnum.UPDATE_OPERATOR_CERT_STATUS_EXCEPTION);
            return result;
        }
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result getCertMaxValidity(String str) {
        Result result = new Result();
        CertTempDO certTempInfoByTempNo = this.certTempDao.getCertTempInfoByTempNo(str);
        if (certTempInfoByTempNo == null) {
            result.setError(ErrorEnum.GET_CERT_TEMP_INFO_IS_EMPTY);
            return result;
        }
        int intValue = certTempInfoByTempNo.getMaxValidity().intValue();
        CaCertDO newCaCertInfo = this.caCertDao.getNewCaCertInfo();
        if (newCaCertInfo == null) {
            result.setError(ErrorEnum.GET_CA_CERT_INFO_IS_EMPTY);
            return result;
        }
        int time = (int) ((newCaCertInfo.getFailureTime().getTime() - System.currentTimeMillis()) / 86400000);
        this.logger.info("用户模板:{},CA最大有效期:{},模板最大有效期:{}", str, Integer.valueOf(time), Integer.valueOf(intValue));
        int min = Math.min(intValue, time);
        HashMap hashMap = new HashMap();
        hashMap.put("maxValidity", Integer.valueOf(min));
        result.setInfo(hashMap);
        return result;
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result getCustomerTemplateSelectList(Long l) {
        Result result = new Result();
        try {
            result.setInfo(this.customerTempDao.getCustomerTemplateSelectList(l));
            return result;
        } catch (DAOException e) {
            throw new ServiceException("查询第三方系统模板下拉选择列表异常", e);
        }
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result verifyClientCertDn(String str, String str2) {
        Result result = new Result();
        try {
            X500Name rFC4519X500Name = DnUtil.getRFC4519X500Name(str2);
            this.logger.info("格式化之后的操作员证书DN：" + rFC4519X500Name.toString());
            Result checkDn = CertDnVerifyUtils.checkDn(rFC4519X500Name);
            if (!checkDn.isSuccess()) {
                result.setError(checkDn.getError());
                return result;
            }
            Result checkCertDnSort = CertDnVerifyUtils.checkCertDnSort(rFC4519X500Name);
            if (!checkCertDnSort.isSuccess()) {
                this.logger.info("证书的DN的类型先后顺序有误");
                result.setError(checkCertDnSort.getError());
                return result;
            }
            if (CollectionUtils.isEmpty(this.customerCertDao.queryClientCertByCertDn(str, str2))) {
                return result;
            }
            this.logger.info("有多个的证书的DN信息同【" + str2 + "】一致");
            result.setError(ErrorEnum.CLIENT_CERT_DN_HAVE_SAME_IN_CREATED);
            return result;
        } catch (Exception e) {
            this.logger.info("certDn不正确{}", e.getMessage());
            result.setError(ErrorEnum.CERT_APPLY_DN_IS_ERROR);
            return result;
        }
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result verifyCustomerSysName(Boolean bool, Integer num, String str) {
        Result result = new Result();
        if (this.customerDao.getSystemIdentifier(bool, num, str) < 1) {
            return result;
        }
        result.setError(ErrorEnum.SYS_NAME_HAS_EXISTED);
        return result;
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result verifyCustomerSysNumber(String str) {
        Result result = new Result();
        if (this.customerDao.getSystemIdentifier(str) < 1) {
            return result;
        }
        result.setError(ErrorEnum.SYS_ID_HAS_EXISTED);
        return result;
    }

    @Override // com.xdja.pki.ra.service.manager.customer.CustomerSysService
    public Result verifyUserSystemFlag(String str) {
        return 1 != this.customerDao.getSystemIdentifier(str == null ? Constants.SYSTEM_FLAG_DEFAULT : str) ? Result.failure(ErrorEnum.ILLEGAL_REQUEST_PARAMETER) : Result.success();
    }

    private Result checkCertDnCnValue(String str) {
        Result result = new Result();
        Result raBaseDn = this.certApplyService.getRaBaseDn();
        if (!raBaseDn.isSuccess()) {
            return raBaseDn;
        }
        String str2 = (String) raBaseDn.getInfo();
        if (str.length() <= 3 || str.length() <= 3 + str2.length()) {
            result.setError(ErrorEnum.OPERATOR_CERT_DN_LENGTH_IS_ERROR);
            return result;
        }
        String substring = str.substring(3, (str.length() - str2.length()) - 1);
        this.logger.info("第三方系统的DN值为 ========== " + substring);
        if (!substring.contains("=")) {
            return result;
        }
        this.logger.info("第三方系统的DN中含有特殊符号");
        result.setError(ErrorEnum.OPERATOR_CERT_DN_VALUE_HAVE_ERROR_SYMBOL);
        return result;
    }

    private String getRAServiceDnName() {
        try {
            RaCertDO newRaCertInfo = this.raCertDao.getNewRaCertInfo();
            if (newRaCertInfo == null) {
                return null;
            }
            return CertUtils.getSubjectByX509Cert(CertUtils.getCertFromStr(newRaCertInfo.getCertInfo()));
        } catch (Exception e) {
            this.logger.error("获取RA服务器证书异常{}", (Throwable) e);
            return null;
        }
    }

    private String getCAServiceDnName() {
        try {
            CaCertDO newCaCertInfo = this.caCertDao.getNewCaCertInfo();
            if (newCaCertInfo == null) {
                return null;
            }
            return CertUtils.getSubjectByX509Cert(CertUtils.getCertFromStr(newCaCertInfo.getCertInfo()));
        } catch (Exception e) {
            this.logger.error("获取CA服务器证书异常{}", (Throwable) e);
            return null;
        }
    }

    private Result insertCustomerCertInfo(CustomerCertIssueApplyVO customerCertIssueApplyVO, UserCertInfo userCertInfo) {
        Result result = new Result();
        String signCert = userCertInfo.getSignCert();
        if (StringUtils.isBlank(signCert)) {
            this.logger.info("CA返回的用户证书信息中，签名证书为空");
            result.setError(ErrorEnum.CA_RESPONSE_USER_SIGN_CERT_INFO_IS_EMPTY);
            return result;
        }
        long nanoTime = System.nanoTime();
        CustomerSysCertDO customerSysCertDO = new CustomerSysCertDO();
        handleCustomerSysCertDO(nanoTime, customerCertIssueApplyVO, customerSysCertDO);
        if (StringUtils.isBlank(userCertInfo.getEncCert())) {
            customerSysCertDO.setCertType(1);
        } else {
            customerSysCertDO.setCertType(2);
        }
        CaCertDO newCaCertInfo = this.caCertDao.getNewCaCertInfo();
        if (newCaCertInfo == null) {
            this.logger.info("获取CA证书信息为空");
            result.setError(ErrorEnum.GET_CA_CERT_INFO_IS_EMPTY);
            return result;
        }
        customerSysCertDO.setCaCertId(newCaCertInfo.getId());
        X509Certificate certFromStr = CertUtils.getCertFromStr(signCert);
        if (certFromStr == null) {
            this.logger.info("CA返回的用户证书信息中，签名证书错误");
            result.setError(ErrorEnum.CA_RESPONSE_USER_SIGN_CERT_ERROR);
            return result;
        }
        customerSysCertDO.setCertInfo(signCert);
        customerSysCertDO.setCertSn(certFromStr.getSerialNumber().toString(16).toLowerCase());
        customerSysCertDO.setCertDn(CertUtils.getSubjectByX509Cert(certFromStr));
        Date notBefore = certFromStr.getNotBefore();
        Date notAfter = certFromStr.getNotAfter();
        customerSysCertDO.setEffectiveTime(new Timestamp(notBefore.getTime()));
        customerSysCertDO.setFailureTime(new Timestamp(notAfter.getTime()));
        int time = (int) ((notAfter.getTime() - notBefore.getTime()) / 86400000);
        customerSysCertDO.setCertValidity(Integer.valueOf(time));
        int time2 = (int) ((newCaCertInfo.getFailureTime().getTime() - notBefore.getTime()) / 86400000);
        customerSysCertDO.setEncKeyValidity(Integer.valueOf(time2));
        Date date = new Date();
        customerSysCertDO.setGmtCreate(new Timestamp(date.getTime()));
        customerSysCertDO.setGmtUpdate(new Timestamp(date.getTime()));
        CustomerSysCertDO insertCustomerCertInfo = this.customerCertDao.insertCustomerCertInfo(customerSysCertDO);
        String encCert = userCertInfo.getEncCert();
        if (StringUtils.isNotBlank(encCert)) {
            CustomerSysCertDO customerSysCertDO2 = new CustomerSysCertDO();
            handleCustomerSysCertDO(nanoTime, customerCertIssueApplyVO, customerSysCertDO2);
            customerSysCertDO2.setCertType(3);
            customerSysCertDO2.setCertStatus(0);
            customerSysCertDO2.setCaCertId(newCaCertInfo.getId());
            customerSysCertDO2.setEffectiveTime(new Timestamp(notBefore.getTime()));
            customerSysCertDO2.setFailureTime(new Timestamp(notAfter.getTime()));
            customerSysCertDO2.setCertValidity(Integer.valueOf(time));
            customerSysCertDO2.setEncKeyValidity(Integer.valueOf(time2));
            X509Certificate certFromStr2 = CertUtils.getCertFromStr(encCert);
            if (certFromStr2 == null) {
                this.logger.info("CA返回的用户证书信息中，加密证书错误");
                result.setError(ErrorEnum.CA_RESPONSE_USER_ENC_CERT_ERROR);
                return result;
            }
            customerSysCertDO2.setCertInfo(encCert);
            customerSysCertDO2.setGmtCreate(new Timestamp(date.getTime()));
            customerSysCertDO2.setGmtUpdate(new Timestamp(date.getTime()));
            customerSysCertDO2.setCertDn(CertUtils.getSubjectByX509Cert(certFromStr2));
            customerSysCertDO2.setCertSn(certFromStr2.getSerialNumber().toString(16).toLowerCase());
            customerSysCertDO2.setSignCertSn(insertCustomerCertInfo.getCertSn());
            try {
                this.customerCertDao.insertCustomerCertInfo(customerSysCertDO2);
            } catch (Exception e) {
                this.logger.info("插入第三方系统证书信息异常");
                this.customerCertDao.deleteCustomerCert(insertCustomerCertInfo.getId().longValue());
            }
        }
        return result;
    }

    private void handleCustomerSysCertDO(long j, CustomerCertIssueApplyVO customerCertIssueApplyVO, CustomerSysCertDO customerSysCertDO) {
        customerSysCertDO.setPairCertIndex(Long.valueOf(j));
        customerSysCertDO.setCertStatus(0);
        customerSysCertDO.setCustomerSysId(customerCertIssueApplyVO.getCustomerSysId());
        customerSysCertDO.setCustomerSysNumber(customerCertIssueApplyVO.getCustomerSysNumber());
        customerSysCertDO.setTempId(customerCertIssueApplyVO.getTempId());
        customerSysCertDO.setTempNo(customerCertIssueApplyVO.getTempNo());
        customerSysCertDO.setSignAlg(customerCertIssueApplyVO.getSignAlg());
        customerSysCertDO.setPrivateKeyLength(customerCertIssueApplyVO.getPrivateKeyLength());
    }
}
