package com.xdja.pki.service.koal;

import cn.hutool.core.codec.Base64Encoder;
import cn.hutool.core.lang.UUID;
import cn.hutool.crypto.digest.DigestAlgorithm;
import cn.hutool.crypto.digest.Digester;
import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import cn.hutool.json.JSONObject;
import cn.hutool.json.JSONUtil;
import com.xdja.pki.common.bean.Result;
import com.xdja.pki.common.enums.ErrorEnum;
import com.xdja.pki.common.util.CertUtil;
import com.xdja.pki.vo.user.UserInfoVo;
import java.io.IOException;
import java.security.PublicKey;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.util.encoders.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.stereotype.Component;

@ConditionalOnProperty(name = {"ca.flag"}, havingValue = "2")
@Component
/* loaded from: input_file:com/xdja/pki/service/koal/KoalCert.class */
public class KoalCert {
    private Logger logger = LoggerFactory.getLogger(getClass());

    @Autowired
    private KoalConf koalConf;

    public Result registerUser(UserInfoVo userInfoVo) {
        JSONObject jSONObject = new JSONObject();
        JSONObject parseObj = JSONUtil.parseObj(userInfoVo.getParams());
        String str = parseObj.getStr("userOrgRid");
        String str2 = parseObj.getStr("policeType");
        String str3 = parseObj.getStr("jobGrade");
        String str4 = parseObj.getStr("jobTitle");
        String str5 = parseObj.getStr("jobPost");
        jSONObject.set("USER_RESERVE_1", str);
        jSONObject.set("USER_RESERVE_11", "9111");
        jSONObject.set("USER_RESERVE_10", str2);
        jSONObject.set("USER_RESERVE_9", str3);
        jSONObject.set("USER_RESERVE_8", str4);
        jSONObject.set("USER_RESERVE_7", str5);
        jSONObject.set("user_name", userInfoVo.getUsername());
        jSONObject.set("user_idno", userInfoVo.getIdentityNo());
        jSONObject.set("user_cert_cn", userInfoVo.getUsername() + " " + userInfoVo.getIdentityNo());
        jSONObject.set("user_country", "CN");
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.putOpt("user_info", jSONObject);
        HttpResponse executeRequest = executeRequest(getRequestUrl("info/query"), getHeaders("req_info_query"), getRequestBody(null, null, null, "register_user", jSONObject2, null));
        if (!executeRequest.isOk()) {
            this.logger.error("Koal register user error: {}", executeRequest);
            return Result.failure(ErrorEnum.ADD_PERSON_USER_ERROR);
        }
        String str6 = JSONUtil.parseObj(((KoalReponseBean) JSONUtil.toBean(executeRequest.body(), KoalReponseBean.class)).biz_body).getStr("uid");
        if (!StringUtils.isBlank(str6)) {
            return Result.success(str6);
        }
        this.logger.error("Koal register user result uid is null: {}", executeRequest);
        return Result.failure(ErrorEnum.ADD_PERSON_USER_ERROR);
    }

    private HttpResponse applyCert(String str, String str2, String str3, String str4) {
        JSONObject jSONObject = new JSONObject();
        jSONObject.putOpt("mid", str4);
        return executeRequest(getRequestUrl("cert/fast/apply"), getHeaders("req_cert_fast_apply"), getRequestBody(str, str2, str3, "req_cert_fast_apply", jSONObject, null));
    }

    public Result issueCert(String str, String str2, PublicKey publicKey, String str3, String str4) throws Exception {
        String generateCid = KoalUtils.generateCid(publicKey);
        String replace = str3.replace("-----END CERTIFICATE REQUEST-----", "").replace("-----BEGIN CERTIFICATE REQUEST-----", "").replace("\r", "").replace("\n", "").replace("\\r", "").replace("\\n", "");
        HttpResponse applyCert = applyCert(str, str2, generateCid, str4);
        if (!applyCert.isOk()) {
            this.logger.error("Koal gen cert error: " + applyCert);
            return Result.failure(ErrorEnum.CERT_GENERATE_ERROR);
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.putOpt("cert_request", replace);
        HttpResponse executeRequest = executeRequest(getRequestUrl("cert/issue"), getHeaders("req_cert_issue"), getRequestBody(str, str2, generateCid, "req_cert_issue", jSONObject, null));
        if (!executeRequest.isOk()) {
            this.logger.error("Koal gen cert error: " + executeRequest);
            return Result.failure(ErrorEnum.CERT_GENERATE_ERROR);
        }
        JSONObject jSONObject2 = JSONUtil.parseObj(executeRequest.body()).getJSONObject("biz_body");
        Integer num = jSONObject2.getInt("cert_status");
        if (num == null || num.intValue() != 2000) {
            this.logger.error("Koal gen cert error: " + executeRequest);
            return Result.failure(ErrorEnum.CERT_GENERATE_ERROR);
        }
        HashMap hashMap = new HashMap();
        hashMap.put("signCert", CertUtil.getCertFromBase64Str((String) jSONObject2.get("cert_sign")));
        hashMap.put("encCert", CertUtil.getCertFromBase64Str((String) jSONObject2.get("cert_enc")));
        hashMap.put("crlNum", 0);
        String convertToOtherType = convertToOtherType(jSONObject2.get("cert_enc_key").toString());
        this.logger.debug("priEncKeyStr convertToOtherType : {}", convertToOtherType);
        if (StringUtils.isBlank(convertToOtherType)) {
            this.logger.error("Koal gen cert error: convertToOtherPri error!");
            return Result.failure(ErrorEnum.CERT_GENERATE_ERROR);
        }
        hashMap.put("signedAndEnvelopData", convertToOtherType);
        return Result.success(hashMap);
    }

    private HttpResponse applyRevokeCert(String str, String str2, String str3, String str4) {
        JSONObject jSONObject = new JSONObject();
        jSONObject.putOpt("cert_sn", str4);
        jSONObject.putOpt("op_signature", Base64Encoder.encode(new Digester(DigestAlgorithm.SHA1).digest(jSONObject.toJSONString(4))));
        return executeRequest(getRequestUrl("cert/apply_revoke"), getHeaders("req_cert_apply_revoke"), getRequestBody(str, str2, str3, "req_cert_apply_revoke", jSONObject, null));
    }

    public Result revokeCert(String str, String str2, PublicKey publicKey, String str3) {
        String generateCid = KoalUtils.generateCid(publicKey);
        HttpResponse applyRevokeCert = applyRevokeCert(str, str2, generateCid, str3);
        if (!applyRevokeCert.isOk()) {
            this.logger.error("Koal revoke cert error: " + applyRevokeCert);
            return Result.failure(ErrorEnum.REVOKE_CERT_ERROR);
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.putOpt("cert_sn", str3);
        HttpResponse executeRequest = executeRequest(getRequestUrl("cert/revoke"), getHeaders("req_cert_revoke"), getRequestBody(str, str2, generateCid, "req_cert_revoke", jSONObject, null));
        if (!executeRequest.isOk()) {
            this.logger.error("Koal revoke cert error: " + executeRequest);
            return Result.failure(ErrorEnum.REVOKE_CERT_ERROR);
        }
        if (JSONUtil.parseObj(executeRequest.body()).getJSONObject("biz_body").getInt("cert_status").intValue() == 2006) {
            return Result.success();
        }
        this.logger.error("Koal revoke cert error: " + executeRequest);
        return Result.failure(ErrorEnum.REVOKE_CERT_ERROR);
    }

    private JSONObject getRequestBody(String str, String str2, String str3, String str4, JSONObject jSONObject, JSONObject jSONObject2) {
        JSONObject jSONObject3 = new JSONObject();
        jSONObject3.set("biz_id", UUID.randomUUID().toString());
        jSONObject3.set("tid", str);
        jSONObject3.set("uid", str2);
        jSONObject3.set("cid", str3);
        jSONObject3.set("biz_type", new String[]{str4});
        jSONObject3.putOpt("biz_body", jSONObject == null ? new JSONObject() : jSONObject);
        jSONObject3.putOpt("biz_opt", jSONObject2 == null ? new JSONObject() : jSONObject2);
        return jSONObject3;
    }

    private HttpResponse executeRequest(String str, Map<String, String> map, JSONObject jSONObject) {
        this.logger.info("||----------------------------------------------↓");
        this.logger.info("|| requestUrl: {} ", str);
        this.logger.info("|| headers: {} ", JSONUtil.toJsonStr(map));
        this.logger.info("|| body: {}", jSONObject.toString());
        this.logger.info("||----------------------------------------------↑");
        HttpResponse execute = ((HttpRequest) HttpRequest.post(str).addHeaders(map)).body(jSONObject.toJSONString(4)).execute();
        this.logger.info("\n");
        this.logger.info("||----------------------------------------------↓");
        this.logger.info("response: {}", execute.toString());
        this.logger.info("||----------------------------------------------↑");
        return execute;
    }

    private String getRequestUrl(String str) {
        return this.koalConf.serviceUrl.concat(str);
    }

    private Map<String, String> getHeaders(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("Cookie", "SESSION-ID=22ef4ca1-2d40-4b85-bb9f-a82c1e269abf");
        hashMap.put("Content-Type", "application/json");
        hashMap.put("CDS-SM-VERSION", "2.2");
        hashMap.put("CDS-REQ-TYPE", str);
        return hashMap;
    }

    private String convertToOtherType(String str) {
        Enumeration objects = ASN1Sequence.getInstance(Base64.decode(str)).getObjects();
        objects.nextElement();
        try {
            byte[] encoded = ((DEROctetString) objects.nextElement()).getEncoded();
            return Base64.toBase64String(Arrays.copyOfRange(encoded, 4, encoded.length));
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        }
    }
}
