package com.xdja.pki.ra.manager.sdk.cmp;

import com.xdja.ca.cache.RedisClient;
import com.xdja.ca.sdk.CmpApi;
import com.xdja.ca.sdk.SdkResult;
import com.xdja.ca.utils.SdkP10Utils;
import com.xdja.ca.utils.SdkRandomUtils;
import com.xdja.ca.vo.ManagerCertInfo;
import com.xdja.ca.vo.TempInfo;
import com.xdja.ca.vo.UpdateCertInfo;
import com.xdja.ca.vo.UserCertInfo;
import com.xdja.pki.ra.core.common.CommonVariable;
import com.xdja.pki.ra.core.common.ErrorBean;
import com.xdja.pki.ra.core.common.Result;
import com.xdja.pki.ra.core.commonenum.ErrorEnum;
import com.xdja.pki.ra.core.constant.Constants;
import com.xdja.pki.ra.manager.sdk.cmp.bean.CertLifeInfo;
import org.bouncycastle.util.encoders.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import redis.clients.jedis.Jedis;
import redis.clients.util.Pool;

@Service
/* loaded from: input_file:WEB-INF/lib/ra-manager-ca-impl-2.0.0-SNAPSHOT.jar:com/xdja/pki/ra/manager/sdk/cmp/CertLifeCycleLifeCycleManagerImpl.class */
public class CertLifeCycleLifeCycleManagerImpl implements CertLifeCycleManager {
    private Logger logger = LoggerFactory.getLogger(getClass());

    @Value("${ca.open.api.https}")
    private boolean isHttps;
    private CmpApi cmpApi;

    @Autowired
    private Pool<Jedis> jedisPool;
    private RedisClient redisClient;
    private int transIdExpireTime;

    @Value("${transId.cache.expireTime}")
    private void init(int i) {
        this.transIdExpireTime = i;
        this.redisClient = new RedisClient(this.jedisPool);
    }

    @Override // com.xdja.pki.ra.manager.sdk.cmp.CertLifeCycleManager
    public Result issueUserCert(String str, String str2, byte[] bArr, String str3, String str4, String str5, String str6, String str7, String str8, int i, String str9, Integer num) {
        TempInfo tempInfo = new TempInfo(str6, str7);
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("签发用户证书===========applyNo:[{}] , transId:[{}]", str, str5);
        }
        SdkResult sendIssuerCertReqMessages = getCmpApi().sendIssuerCertReqMessages(null, 1, str5, str3, str4, i, tempInfo, Base64.toBase64String(bArr), null, str8, str9, num);
        Result result = getResult(sendIssuerCertReqMessages);
        if (result.getErrorBean() != null) {
            return result;
        }
        UserCertInfo userCertInfo = (UserCertInfo) sendIssuerCertReqMessages.getInfo();
        if (userCertInfo == null) {
            this.logger.error("CA返回的用户证书信息为空.");
            result.setError(ErrorEnum.CA_RESPONSE_USER_CERT_INFO_IS_EMPTY);
            return result;
        }
        result.setInfo(userCertInfo);
        this.logger.debug("签发用户证书===========end！");
        return result;
    }

    @Override // com.xdja.pki.ra.manager.sdk.cmp.CertLifeCycleManager
    public Result updateUserCert(String str, String str2, byte[] bArr, String str3, String str4, String str5, String str6, String str7, String str8, int i, String str9, String str10, boolean z, Integer num) {
        UpdateCertInfo updateCertInfo = new UpdateCertInfo();
        if (z) {
            updateCertInfo.setSignPublicKey(Base64.toBase64String(bArr));
        }
        updateCertInfo.setSignAlg(str8);
        TempInfo tempInfo = new TempInfo(str6, str7);
        this.logger.info("更新用户证书===========applyNo:[{}]", str);
        SdkResult sendUpdateCertReqMessages = getCmpApi().sendUpdateCertReqMessages(1, str5, str3, str4, i, tempInfo, updateCertInfo, str10, str9, num);
        Result result = getResult(sendUpdateCertReqMessages);
        if (result.getErrorBean() != null) {
            return result;
        }
        UserCertInfo userCertInfo = (UserCertInfo) sendUpdateCertReqMessages.getInfo();
        if (userCertInfo == null) {
            this.logger.error("CA返回的用户证书信息为空");
            result.setError(ErrorEnum.CA_RESPONSE_USER_CERT_INFO_IS_EMPTY);
            return result;
        }
        result.setInfo(userCertInfo);
        this.logger.info("更新用户证书===========end！");
        return result;
    }

    @Override // com.xdja.pki.ra.manager.sdk.cmp.CertLifeCycleManager
    public Result revokeUserCert(String str, String str2, String str3, String str4, String str5, int i, String str6) {
        this.logger.info("撤销用户证书===========start！");
        String uuid = SdkRandomUtils.getUUID();
        this.logger.info("撤销用户证书===========applyNo:{}", str);
        Result result = getResult(getCmpApi().sendRevokeCertReqMessages(1, uuid, str2, str3, str4, str5, i, str6));
        this.logger.info("撤销用户证书===========end！");
        return result;
    }

    @Override // com.xdja.pki.ra.manager.sdk.cmp.CertLifeCycleManager
    public Result freezeUserCert(CertLifeInfo certLifeInfo, int i, String str) {
        this.logger.info("冻结/解冻用户证书===========start！");
        String uuid = SdkRandomUtils.getUUID();
        this.logger.info("冻结/解冻用户证书===========applyNo:{}", certLifeInfo.getApplyNo());
        Result result = getResult(getCmpApi().sendRevokeCertReqMessages(1, uuid, certLifeInfo.getRaDN(), certLifeInfo.getCaDN(), certLifeInfo.getSignSn(), certLifeInfo.getUserCertDN(), 5 == i ? 6 : 8, str));
        this.logger.info("冻结/解冻用户证书===========end！");
        return result;
    }

    @Override // com.xdja.pki.ra.manager.sdk.cmp.CertLifeCycleManager
    public Result recoveryUserCert(String str, String str2, String str3, byte[] bArr, String str4, String str5, String str6, String str7, Integer num) {
        this.logger.info("恢复用户证书===========start！");
        this.logger.info("恢复用户证书===========applyNo:{}", str);
        SdkResult sendRecoveryCertReqMessages = getCmpApi().sendRecoveryCertReqMessages(str5, str2, str3, Base64.toBase64String(bArr), str6, str7, str4, num);
        Result result = getResult(sendRecoveryCertReqMessages);
        if (result.getErrorBean() != null) {
            return result;
        }
        UserCertInfo userCertInfo = (UserCertInfo) sendRecoveryCertReqMessages.getInfo();
        if (userCertInfo == null) {
            this.logger.info("CA返回的用户证书信息为空");
            result.setError(ErrorEnum.CA_RESPONSE_USER_CERT_INFO_IS_EMPTY);
            return result;
        }
        result.setInfo(userCertInfo);
        this.logger.info("恢复用户证书===========end！");
        return result;
    }

    @Override // com.xdja.pki.ra.manager.sdk.cmp.CertLifeCycleManager
    public Result issueCertResp(String str, String str2, int i, String str3) {
        return getResult(getCmpApi().sendCertConfirmContent(i, str3, str, str2, CommonVariable.getCaServiceCert()));
    }

    @Override // com.xdja.pki.ra.manager.sdk.cmp.CertLifeCycleManager
    public Result sendErrorCMPMessage(String str, String str2, int i, String str3, int i2, String str4) {
        return getResult(getCmpApi().sendErrorMsgContent(i, str3, str, str2, i2, str4));
    }

    @Override // com.xdja.pki.ra.manager.sdk.cmp.CertLifeCycleManager
    public Result issueManageCert(boolean z, String str, byte[] bArr, String str2, String str3, String str4, String str5, String str6, String str7, int i, String str8) {
        this.logger.info("签发管理员证书===========start！");
        SdkResult sendIssuerCertReqMessages = getCmpApi().sendIssuerCertReqMessages(Boolean.valueOf(z), 2, str5, str3, str4, i, new TempInfo(str6), Base64.toBase64String(bArr), str2, str7, str8, null);
        Result result = getResult(sendIssuerCertReqMessages);
        if (result.getErrorBean() != null) {
            return result;
        }
        ManagerCertInfo managerCertInfo = (ManagerCertInfo) sendIssuerCertReqMessages.getInfo();
        if (managerCertInfo == null) {
            this.logger.info("CA返回的管理员证书信息为空");
            result.setError(ErrorEnum.CA_RESPONSE_USER_CERT_INFO_IS_EMPTY);
            return result;
        }
        result.setInfo(managerCertInfo);
        this.logger.info("签发管理员证书===========end！");
        return result;
    }

    @Override // com.xdja.pki.ra.manager.sdk.cmp.CertLifeCycleManager
    public Result updateManageCert(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, int i, String str9, String str10, boolean z) {
        this.logger.info("更新管理员证书===========start！");
        Result result = new Result();
        UpdateCertInfo updateCertInfo = new UpdateCertInfo();
        if (z) {
            try {
                updateCertInfo.setSignPublicKey(Base64.toBase64String(SdkP10Utils.p10ToPublicKey(str2).getEncoded()));
                updateCertInfo.setEncPublicKey(str3);
                updateCertInfo.setUpdateKey(true);
                updateCertInfo.setSignValue(SdkP10Utils.p10ToSignValue(str2));
            } catch (Exception e) {
                this.logger.info("sdk接口-从P10中获取公钥信息异常：", (Throwable) e);
                result.setError(ErrorEnum.GET_PUBLIC_KEY_FROM_P10_EXCEPTION);
                return result;
            }
        }
        updateCertInfo.setSignAlg(str8);
        SdkResult sendUpdateCertReqMessages = getCmpApi().sendUpdateCertReqMessages(2, str6, str4, str5, i, new TempInfo(str7), updateCertInfo, str10, str9, null);
        Result result2 = getResult(sendUpdateCertReqMessages);
        if (result2.getErrorBean() != null) {
            return result2;
        }
        ManagerCertInfo managerCertInfo = (ManagerCertInfo) sendUpdateCertReqMessages.getInfo();
        if (managerCertInfo == null) {
            this.logger.info("CA返回的管理员证书信息为空");
            result2.setError(ErrorEnum.CA_RESPONSE_USER_CERT_INFO_IS_EMPTY);
            return result2;
        }
        result2.setInfo(managerCertInfo);
        this.logger.info("更新管理员证书===========end！");
        return result2;
    }

    @Override // com.xdja.pki.ra.manager.sdk.cmp.CertLifeCycleManager
    public Result revokeManageCert(String str, String str2, String str3, String str4, int i, String str5) {
        this.logger.info("撤销管理员证书===========start！");
        Result result = getResult(getCmpApi().sendRevokeCertReqMessages(2, SdkRandomUtils.getUUID(), str, str2, str3, str4, i, str5));
        this.logger.info("撤销管理员证书===========end！");
        return result;
    }

    private CmpApi getCmpApi() {
        return getCmpApi(this.transIdExpireTime);
    }

    private CmpApi getCmpApi(int i) {
        if (this.cmpApi == null) {
            if (1 == CommonVariable.getIsHsm().intValue() && "SM2".equalsIgnoreCase(CommonVariable.getKeyAlgName())) {
                this.cmpApi = new CmpApi(CommonVariable.getKeyIndex(), CommonVariable.getKeyPwd(), CommonVariable.getSuperCaCerts(), CommonVariable.getCaServiceCert(), CommonVariable.getCaServiceIp(), CommonVariable.getCaServicePort(), CommonVariable.getRaSingSn(), CommonVariable.getSigAlgName(), this.isHttps, true, this.redisClient, i);
            } else {
                this.cmpApi = new CmpApi(CommonVariable.getRaSignPriKey(), CommonVariable.getSuperCaCerts(), CommonVariable.getCaServiceCert(), CommonVariable.getCaServiceIp(), CommonVariable.getCaServicePort(), CommonVariable.getRaSingSn(), CommonVariable.getSigAlgName(), this.isHttps, false, this.redisClient, i);
            }
        }
        return this.cmpApi;
    }

    private static Result getResult(SdkResult sdkResult) {
        Result result = new Result();
        if (!sdkResult.isSuccess()) {
            String substring = String.valueOf(sdkResult.getErrorBean().getErrCode()).substring(0, 3);
            if (Constants.ERROR_CODE_300.equals(substring) || Constants.ERROR_CODE_310.equals(substring)) {
                result.setError(ErrorEnum.CA_SDK_INNER_EXCEPTION);
            } else {
                result.setErrorBean(new ErrorBean(sdkResult.getErrorBean().getErrCode(), sdkResult.getErrorBean().getErrMsg()));
            }
        }
        return result;
    }
}
