package com.xdja.pki.service.cert;

import com.xdja.pki.api.ca.CaService;
import com.xdja.pki.api.cert.CertService;
import com.xdja.pki.common.bean.Result;
import com.xdja.pki.common.cipher.Cipher;
import com.xdja.pki.common.config.Cache;
import com.xdja.pki.common.config.ConfigConstant;
import com.xdja.pki.common.config.ConfigJson;
import com.xdja.pki.common.enums.AdminTypeEnum;
import com.xdja.pki.common.enums.CaManufacturerEnum;
import com.xdja.pki.common.enums.CertIssueTypeEnum;
import com.xdja.pki.common.enums.CertPatternEnum;
import com.xdja.pki.common.enums.CertPatternTemplageEnum;
import com.xdja.pki.common.enums.CipherStrategyEnum;
import com.xdja.pki.common.enums.DicEnum;
import com.xdja.pki.common.enums.EnumNames;
import com.xdja.pki.common.enums.PciEPwdIndexEnum;
import com.xdja.pki.common.enums.SystemEnum;
import com.xdja.pki.common.enums.TemplateTypeEnum;
import com.xdja.pki.common.enums.UserCaTypeEnum;
import com.xdja.pki.common.exception.ServiceException;
import com.xdja.pki.common.util.CertUtil;
import com.xdja.pki.common.util.CommSpringUtils;
import com.xdja.pki.common.util.ExtensionUtil;
import com.xdja.pki.common.util.KeyUtil;
import com.xdja.pki.dao.common.CertSnDao;
import com.xdja.pki.dao.common.DicDao;
import com.xdja.pki.dao.template.ExtensionDao;
import com.xdja.pki.dao.template.TemplateDao;
import com.xdja.pki.models.TemplateDO;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.text.MessageFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:com/xdja/pki/service/cert/CertServiceImpl.class */
public class CertServiceImpl implements CertService {
    private Logger logger = LoggerFactory.getLogger(getClass());

    @Autowired
    private TemplateDao templateDao;

    @Autowired
    private ExtensionDao extensionDao;

    @Autowired
    private DicDao dicDao;

    @Autowired
    private CertSnDao certSnDao;

    @Autowired(required = false)
    @Qualifier("innerCa")
    private CaService innerCaService;

    @Autowired(required = false)
    @Qualifier("koalCa")
    private CaService koalCaService;

    @Autowired(required = false)
    @Qualifier("XdjaCa")
    private CaService xdjaCaService;

    @Autowired(required = false)
    @Qualifier("JitCa")
    private CaService jitCaService;

    @Value("${ca.flag}")
    private String caFlag;

    /* renamed from: com.xdja.pki.service.cert.CertServiceImpl$1, reason: invalid class name */
    /* loaded from: input_file:com/xdja/pki/service/cert/CertServiceImpl$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$xdja$pki$common$enums$SystemEnum;
        static final /* synthetic */ int[] $SwitchMap$com$xdja$pki$common$enums$CaManufacturerEnum = new int[CaManufacturerEnum.values().length];

        static {
            try {
                $SwitchMap$com$xdja$pki$common$enums$CaManufacturerEnum[CaManufacturerEnum.XDJA.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$xdja$pki$common$enums$CaManufacturerEnum[CaManufacturerEnum.KOAL.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$xdja$pki$common$enums$CaManufacturerEnum[CaManufacturerEnum.JIT.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$xdja$pki$common$enums$CaManufacturerEnum[CaManufacturerEnum.ONE_SELF.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            $SwitchMap$com$xdja$pki$common$enums$SystemEnum = new int[SystemEnum.values().length];
            try {
                $SwitchMap$com$xdja$pki$common$enums$SystemEnum[SystemEnum.USER_SYSTEM.ordinal()] = 1;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$com$xdja$pki$common$enums$SystemEnum[SystemEnum.ADMIN_SYSTEM.ordinal()] = 2;
            } catch (NoSuchFieldError e6) {
            }
        }
    }

    public Result generateRootCert(SystemEnum systemEnum, String str, Integer num, Map<String, Object> map) throws Exception {
        if (null == map) {
            map = new HashMap();
        }
        HashMap hashMap = new HashMap();
        CipherStrategyEnum cipherStrategy = CipherStrategyEnum.getCipherStrategy(systemEnum, ConfigConstant.innerAdminSystemAlg.intValue());
        Cipher cipher = cipherStrategy.cipher;
        TemplateDO template = this.templateDao.getTemplate(TemplateTypeEnum.CA_TEMPLATE, Integer.valueOf(cipherStrategy.alg));
        String nameByCodeAndParentCode = this.dicDao.getNameByCodeAndParentCode(template.getSignAlg(), DicEnum.SIGN_ALG.value);
        KeyPair generateKeyPair = cipher.generateKeyPair(template.getKeySize().intValue());
        int indexByUserTypeAndAlg = PciEPwdIndexEnum.getIndexByUserTypeAndAlg(systemEnum, template.getKeyAlg().intValue());
        cipher.writeKeyPair(indexByUserTypeAndAlg, new String(cipherStrategy.password), generateKeyPair, false);
        KeyUtil.writeKeyPair(systemEnum, template.getKeyAlg().intValue(), generateKeyPair);
        Date date = new Date();
        Date date2 = new Date(date.getTime() + ((num.intValue() > template.getMaxValidity().intValue() ? template.getMaxValidity() : num).intValue() * 24 * 60 * 60 * 1000));
        BigInteger sn = this.certSnDao.getSn();
        List changeExtensionFormat = ExtensionUtil.changeExtensionFormat(this.extensionDao.getExtension(template.getId()), (Map) null, generateKeyPair.getPublic(), str, systemEnum, true);
        KeyPair resolveKeyPair = KeyUtil.resolveKeyPair(cipherStrategy, indexByUserTypeAndAlg, generateKeyPair);
        X509Certificate generateCert = cipher.generateCert(str, str, sn, date, date2, resolveKeyPair.getPrivate(), resolveKeyPair.getPublic(), nameByCodeAndParentCode, changeExtensionFormat, map);
        hashMap.put("keyPair", resolveKeyPair);
        hashMap.put("rootCert", generateCert);
        return Result.success(hashMap);
    }

    public Result generateRootCert(SystemEnum systemEnum, String str, Integer num, Integer num2, Map<String, Object> map) throws Exception {
        if (null == map) {
            map = new HashMap();
        }
        HashMap hashMap = new HashMap();
        CipherStrategyEnum cipherStrategy = CipherStrategyEnum.getCipherStrategy(systemEnum, num2.intValue());
        Cipher cipher = cipherStrategy.cipher;
        TemplateDO template = this.templateDao.getTemplate(TemplateTypeEnum.CA_TEMPLATE, Integer.valueOf(cipherStrategy.alg));
        String nameByCodeAndParentCode = this.dicDao.getNameByCodeAndParentCode(template.getSignAlg(), DicEnum.SIGN_ALG.value);
        KeyPair generateKeyPair = cipher.generateKeyPair(template.getKeySize().intValue());
        int indexByUserTypeAndAlg = PciEPwdIndexEnum.getIndexByUserTypeAndAlg(systemEnum, num2.intValue());
        cipher.writeKeyPair(indexByUserTypeAndAlg, new String(cipherStrategy.password), generateKeyPair, false);
        KeyUtil.writeKeyPair(systemEnum, num2.intValue(), generateKeyPair);
        KeyPair resolveKeyPair = KeyUtil.resolveKeyPair(cipherStrategy, indexByUserTypeAndAlg, generateKeyPair);
        Date date = new Date();
        X509Certificate generateCert = cipher.generateCert(str, str, this.certSnDao.getSn(), date, new Date(date.getTime() + ((num.intValue() > template.getMaxValidity().intValue() ? template.getMaxValidity() : num).intValue() * 24 * 60 * 60 * 1000)), resolveKeyPair.getPrivate(), resolveKeyPair.getPublic(), nameByCodeAndParentCode, ExtensionUtil.changeExtensionFormat(this.extensionDao.getExtension(template.getId()), (Map) null, resolveKeyPair.getPublic(), str, systemEnum, true), map);
        hashMap.put("keyPair", resolveKeyPair);
        hashMap.put("rootCert", generateCert);
        return Result.success(hashMap);
    }

    public Result generateServerCert(SystemEnum systemEnum, String str, Integer num, Integer num2, Map<String, Object> map) throws Exception {
        Result success;
        if (null == map) {
            map = new HashMap();
        }
        CipherStrategyEnum cipherStrategy = CipherStrategyEnum.getCipherStrategy(systemEnum, ConfigConstant.innerAdminSystemAlg.intValue());
        Cipher cipher = cipherStrategy.cipher;
        switch (AnonymousClass1.$SwitchMap$com$xdja$pki$common$enums$SystemEnum[systemEnum.ordinal()]) {
            case 1:
                KeyPair generateKeyPair = cipher.generateKeyPair(this.templateDao.getTemplate(TemplateTypeEnum.SERVER_TEMPLATE, Integer.valueOf(cipherStrategy.alg)).getKeySize().intValue());
                CaService caService = (CaService) CommSpringUtils.getBean(UserCaTypeEnum.get(ConfigJson.readUseCaType().intValue()).name);
                map.put(EnumNames.SYSTEM_TYPE.name, SystemEnum.USER_SYSTEM);
                map.put(EnumNames.TEMPLATE_TYPE.name, TemplateTypeEnum.SERVER_TEMPLATE);
                success = caService.generateCert(str, num, generateKeyPair.getPublic(), 2, map);
                break;
            case 2:
                success = Result.success();
                break;
            default:
                throw new RuntimeException("不支持的系统类型" + systemEnum);
        }
        if (success.isSuccess()) {
            return success;
        }
        this.logger.error("签发服务器证书失败");
        return success;
    }

    public Result generateP10(SystemEnum systemEnum, String str, TemplateTypeEnum templateTypeEnum, Map<String, Object> map) throws Exception {
        Integer num = (Integer) map.get("caAlg");
        HashMap hashMap = new HashMap();
        CipherStrategyEnum cipherStrategy = CipherStrategyEnum.getCipherStrategy(systemEnum, num.intValue());
        Cipher cipher = cipherStrategy.cipher;
        TemplateDO template = this.templateDao.getTemplate(templateTypeEnum, Integer.valueOf(cipherStrategy.alg));
        KeyPair generateKeyPair = cipher.generateKeyPair(template.getKeySize().intValue());
        String nameByCodeAndParentCode = this.dicDao.getNameByCodeAndParentCode(template.getSignAlg(), DicEnum.SIGN_ALG.value);
        int indexByUserTypeAndAlg = PciEPwdIndexEnum.getIndexByUserTypeAndAlg(systemEnum, cipherStrategy.alg);
        cipher.writeKeyPair(indexByUserTypeAndAlg, new String(cipherStrategy.password), generateKeyPair, false);
        KeyUtil.writeKeyPair(systemEnum, cipherStrategy.alg, generateKeyPair);
        KeyPair resolveKeyPair = KeyUtil.resolveKeyPair(cipherStrategy, indexByUserTypeAndAlg, generateKeyPair);
        PKCS10CertificationRequest generateP10 = cipher.generateP10(str, nameByCodeAndParentCode, resolveKeyPair);
        hashMap.put("keyPair", resolveKeyPair);
        hashMap.put("p10", CertUtil.toPem(generateP10));
        return Result.success(hashMap);
    }

    public Result generateSubCaCert(String str, Integer num, Map<String, Object> map) throws Exception {
        if (null == map) {
            map = new HashMap();
        }
        Result publicKeyFromP10 = CertUtil.getPublicKeyFromP10(str);
        if (!publicKeyFromP10.isSuccess()) {
            return publicKeyFromP10;
        }
        PublicKey publicKey = (PublicKey) publicKeyFromP10.getInfo();
        String subjectFromP10 = CertUtil.getSubjectFromP10(str);
        CaService caService = (CaService) CommSpringUtils.getBean(UserCaTypeEnum.get(ConfigJson.readUseCaType().intValue()).name);
        map.put("templateDO", this.templateDao.getTemplate(TemplateTypeEnum.CA_TEMPLATE, Integer.valueOf(CertUtil.getCertKeyAlg(publicKey).type)));
        Result generateCert = caService.generateCert(subjectFromP10, num, publicKey, CertPatternEnum.SINGLE.value, map);
        if (generateCert.isSuccess()) {
            return generateCert;
        }
        this.logger.error("生成子CA证书失败");
        return generateCert;
    }

    public Result generateUserCert(String str, Integer num, CertPatternTemplageEnum certPatternTemplageEnum, Map<String, Object> map) throws Exception {
        if (null == map) {
            map = new HashMap();
        }
        Result publicKeyFromP10 = CertUtil.getPublicKeyFromP10(str);
        if (!publicKeyFromP10.isSuccess()) {
            return publicKeyFromP10;
        }
        String str2 = (String) map.get("subject");
        String str3 = str2;
        if (str2 == null) {
            str3 = CertUtil.getSubjectFromP10(str);
        }
        PublicKey publicKey = (PublicKey) publicKeyFromP10.getInfo();
        switch (AnonymousClass1.$SwitchMap$com$xdja$pki$common$enums$CaManufacturerEnum[CaManufacturerEnum.getCaManufacturerEnumByCode(this.caFlag).ordinal()]) {
            case 1:
                return this.xdjaCaService.generateCert(str3, num, str, map);
            case 2:
                map.put("publicKey", publicKey);
                return this.koalCaService.generateCert(str3, num, str, map);
            case 3:
                return this.jitCaService.generateCert(str3, num, str, map);
            default:
                TemplateDO templateDO = (TemplateDO) Cache.TEMPLATE_INFO_CACHE.get(CertPatternTemplageEnum.getTemplateName(SystemEnum.USER_SYSTEM, CertUtil.getCertKeyAlg(publicKey).type, certPatternTemplageEnum.getCertPattern()));
                templateDO.setKeySize(Integer.valueOf(certPatternTemplageEnum.getAlgLength()));
                templateDO.setCertPattern(Integer.valueOf(certPatternTemplageEnum.getCertPattern()));
                map.put("templateDO", templateDO);
                return this.innerCaService.generateCert(str3, num, publicKey, certPatternTemplageEnum.certPattern, map);
        }
    }

    public Result generateAdminCert(String str, CertIssueTypeEnum certIssueTypeEnum, AdminTypeEnum adminTypeEnum, Map<String, Object> map) throws Exception {
        return null;
    }

    public Result queryCert(String str, Integer num, String str2, Map<String, Object> map) {
        if (null == map) {
            map = new HashMap();
        }
        switch (AnonymousClass1.$SwitchMap$com$xdja$pki$common$enums$CaManufacturerEnum[CaManufacturerEnum.getCaManufacturerEnumByCode(this.caFlag).ordinal()]) {
            case 1:
                return this.xdjaCaService.queryCert(str, map);
            case 2:
                return this.koalCaService.queryCert(str, map);
            case 3:
                this.logger.info("证书查询（对接吉大），请求的PAMS参数为：{}", map);
                return this.jitCaService.queryCert(str, map);
            default:
                CaService caService = (CaService) CommSpringUtils.getBean(UserCaTypeEnum.get(ConfigJson.readUseCaType().intValue()).name);
                map.put(EnumNames.CARD_TYPE.name, num);
                map.put(EnumNames.CARD_NUMBER.name, str2);
                return caService.queryCert(str, map);
        }
    }

    public Result revokeUserCert(String str, Integer num, String str2, Integer num2, String str3, Map<String, Object> map) throws Exception {
        if (null == map) {
            map = new HashMap();
        }
        map.put(EnumNames.CARD_TYPE.name, num);
        map.put(EnumNames.CARD_NUMBER.name, str2);
        switch (AnonymousClass1.$SwitchMap$com$xdja$pki$common$enums$CaManufacturerEnum[CaManufacturerEnum.getCaManufacturerEnumByCode(this.caFlag).ordinal()]) {
            case 1:
                return this.xdjaCaService.revokeCert(str, num2, str3, map);
            case 2:
                return this.koalCaService.revokeCert(str, num2, str3, map);
            case 3:
                this.logger.info("证书撤销（对接吉大），请求的PAMS参数为：{}", map);
                return this.jitCaService.revokeCert(str, num2, str3, map);
            case 4:
                return this.innerCaService.revokeCert(str, num2, str3, map);
            default:
                throw new ServiceException(MessageFormat.format("未知的CA类型：{0}", num));
        }
    }

    public Result generateUserCert(PublicKey publicKey, String str, Integer num, CertPatternTemplageEnum certPatternTemplageEnum, Map<String, Object> map) throws Exception {
        TemplateDO templateDO = (TemplateDO) Cache.TEMPLATE_INFO_CACHE.get(CertPatternTemplageEnum.getTemplateName(SystemEnum.USER_SYSTEM, certPatternTemplageEnum.getAlg(), certPatternTemplageEnum.getCertPattern()));
        templateDO.setKeySize(Integer.valueOf(certPatternTemplageEnum.getAlgLength()));
        templateDO.setCertPattern(Integer.valueOf(certPatternTemplageEnum.getCertPattern()));
        if (null == map) {
            map = new HashMap();
        }
        CaService caService = (CaService) CommSpringUtils.getBean(UserCaTypeEnum.get(ConfigJson.readUseCaType().intValue()).name);
        map.put("templateDO", templateDO);
        Result generateCert = caService.generateCert(str, num, publicKey, certPatternTemplageEnum.certPattern, map);
        if (generateCert.isSuccess()) {
            return generateCert;
        }
        this.logger.error("生成用户证书失败");
        return generateCert;
    }

    public Result generateUserCert(Integer num, String str, CertPatternTemplageEnum certPatternTemplageEnum, Map<String, Object> map) throws Exception {
        TemplateDO templateDO = (TemplateDO) Cache.TEMPLATE_INFO_CACHE.get(certPatternTemplageEnum.certTemplateName.templateName);
        templateDO.setCertPattern(Integer.valueOf(certPatternTemplageEnum.getCertPattern()));
        templateDO.setKeySize(Integer.valueOf(certPatternTemplageEnum.getAlgLength()));
        templateDO.setKeyAlg(Integer.valueOf(certPatternTemplageEnum.getAlg()));
        if (null == map) {
            map = new HashMap();
        }
        map.put("templateDO", templateDO);
        Cipher cipher = CipherStrategyEnum.getCipherStrategy(certPatternTemplageEnum.systemEnum, certPatternTemplageEnum.alg).cipher;
        CaService caService = (CaService) CommSpringUtils.getBean(UserCaTypeEnum.get(ConfigJson.readUseCaType().intValue()).name);
        KeyPair generateKeyPair = cipher.generateKeyPair(templateDO.getKeySize().intValue());
        Result generateCert = caService.generateCert(str, num, generateKeyPair.getPublic(), certPatternTemplageEnum.certPattern, map);
        if (generateCert.isSuccess()) {
            ((Map) generateCert.getInfo()).put("signPrivate", generateKeyPair.getPrivate());
            return generateCert;
        }
        this.logger.error("生成用户证书失败");
        return generateCert;
    }

    public Result generateInnerCert(String str, TemplateTypeEnum templateTypeEnum, Map<String, Object> map) throws Exception {
        CipherStrategyEnum cipherStrategy = CipherStrategyEnum.getCipherStrategy(SystemEnum.USER_SYSTEM, 2);
        Cipher cipher = cipherStrategy.cipher;
        TemplateDO template = this.templateDao.getTemplate(templateTypeEnum, Integer.valueOf(cipherStrategy.alg));
        CaService caService = (CaService) CommSpringUtils.getBean(UserCaTypeEnum.get(ConfigJson.readUseCaType().intValue()).name);
        if (null == map) {
            map = new HashMap();
        }
        map.put(EnumNames.SYSTEM_TYPE.name, SystemEnum.USER_SYSTEM);
        map.put(EnumNames.TEMPLATE_TYPE.name, templateTypeEnum);
        KeyPair generateKeyPair = cipher.generateKeyPair(template.getKeySize().intValue());
        Result generateCert = caService.generateCert(str, template.getMaxValidity(), generateKeyPair.getPublic(), 2, map);
        if (!generateCert.isSuccess()) {
            this.logger.error("生成内部用户体系证书失败");
            return generateCert;
        }
        Map map2 = (Map) generateCert.getInfo();
        map2.put("signKeyPair", generateKeyPair);
        map2.remove("encPrivate");
        map2.remove("signedAndEnvelopData");
        return generateCert;
    }

    public Result generateAdminCert(String str, int i, String str2, Map<String, Object> map) {
        if (null == map) {
            try {
                map = new HashMap();
            } catch (Exception e) {
                e.printStackTrace();
                throw new RuntimeException("签发证书失败", e);
            }
        }
        Result publicKeyFromP10 = CertUtil.getPublicKeyFromP10(str);
        if (publicKeyFromP10.isSuccess()) {
            return this.innerCaService.generateAdminCert(null != map.get("subject") ? map.get("subject").toString() : CertUtil.getSubjectFromP10(str), Integer.valueOf(i), (PublicKey) publicKeyFromP10.getInfo(), this.templateDao.getTemplateByName(str2), map);
        }
        return publicKeyFromP10;
    }

    public Result generateAdminCert(int i, String str, String str2, Map<String, Object> map) {
        try {
            TemplateDO templateByName = this.templateDao.getTemplateByName(str2);
            if (null == map) {
                map = new HashMap();
            }
            KeyPair generateKeyPair = CipherStrategyEnum.getCipherStrategy(SystemEnum.ADMIN_SYSTEM, ConfigConstant.innerAdminSystemAlg.intValue()).cipher.generateKeyPair(templateByName.getKeySize().intValue());
            Result generateAdminCert = this.innerCaService.generateAdminCert(str, Integer.valueOf(i), generateKeyPair.getPublic(), templateByName, map);
            if (generateAdminCert.isSuccess()) {
                ((Map) generateAdminCert.getInfo()).put("signPrivate", generateKeyPair.getPrivate());
                return generateAdminCert;
            }
            this.logger.error("生成用户证书失败");
            return generateAdminCert;
        } catch (Exception e) {
            throw new RuntimeException("签发管理体系中证书异常", e);
        }
    }
}
