package com.xdja.pki.service.subca;

import cn.com.jit.pki.ra.cert.request.query.CertApplyQueryRequest;
import com.xdja.pki.annotation.LogPersistence;
import com.xdja.pki.api.cert.CertService;
import com.xdja.pki.api.common.CommonService;
import com.xdja.pki.api.subca.SubCaCertService;
import com.xdja.pki.bean.PageDataResultBean;
import com.xdja.pki.bean.PageInfo;
import com.xdja.pki.common.bean.CaInfo;
import com.xdja.pki.common.bean.Result;
import com.xdja.pki.common.bean.ResultWithLogContent;
import com.xdja.pki.common.config.Cache;
import com.xdja.pki.common.enums.CaAlgInfoEnum;
import com.xdja.pki.common.enums.CertStatusEnum;
import com.xdja.pki.common.enums.DicEnum;
import com.xdja.pki.common.enums.ErrorEnum;
import com.xdja.pki.common.enums.SystemEnum;
import com.xdja.pki.common.enums.TemplateTypeEnum;
import com.xdja.pki.common.util.CertUtil;
import com.xdja.pki.common.util.DateTimeUtil;
import com.xdja.pki.common.util.P7bUtils;
import com.xdja.pki.dao.common.DicDao;
import com.xdja.pki.dao.subca.SubCaCertDao;
import com.xdja.pki.dao.template.TemplateDao;
import com.xdja.pki.models.SubCaCertDO;
import com.xdja.pki.models.TemplateDO;
import com.xdja.pki.vo.Constants;
import com.xdja.pki.vo.common.DictVO;
import com.xdja.pki.vo.log.OperateLogTypeEnum;
import com.xdja.pki.vo.log.content.LogContentBuilder;
import com.xdja.pki.vo.subca.SubCaCertVO;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.bouncycastle.util.encoders.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.web.multipart.MultipartFile;

@Service
/* loaded from: input_file:WEB-INF/lib/scms-service-impl-1.0-SNAPSHOT.jar:com/xdja/pki/service/subca/SubCaCertServiceImpl.class */
public class SubCaCertServiceImpl implements SubCaCertService {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) SubCaCertServiceImpl.class);

    @Autowired
    private SubCaCertDao subCaCertDao;

    @Autowired
    private CommonService commonService;

    @Autowired
    private CertService certService;

    @Autowired
    private TemplateDao templateDao;

    @Autowired
    private DicDao dicDao;

    @Override // com.xdja.pki.api.subca.SubCaCertService
    public Result listSubCaCert(String str, String str2, Integer num, int i, int i2) {
        Map<String, DictVO> dictGroupByParentCode = this.commonService.getDictGroupByParentCode("signAlg");
        Map<String, DictVO> dictGroupByParentCode2 = this.commonService.getDictGroupByParentCode(CertStatusEnum.DIC_CODE);
        PageInfo<T> trans = this.subCaCertDao.querySubCaCertList(i, i2, str, str2, num).trans(SubCaCertVO.class, (subCaCertDO, subCaCertVO) -> {
            DictVO dictVO = (DictVO) dictGroupByParentCode.get(String.valueOf(subCaCertDO.getSignAlg()));
            if (subCaCertDO.getNotAfterTime().getTime() < System.currentTimeMillis()) {
                subCaCertDO.setStatus(Integer.valueOf(CertStatusEnum.EXPIRE.value));
            }
            DictVO dictVO2 = (DictVO) dictGroupByParentCode2.get(String.valueOf(subCaCertDO.getStatus()));
            subCaCertVO.setId(subCaCertDO.getId());
            subCaCertVO.setCertDn(subCaCertDO.getSubject());
            subCaCertVO.setCertSn(subCaCertDO.getSn());
            subCaCertVO.setCertAlg(dictVO.getName());
            subCaCertVO.setCertStatusCode(dictVO2.getCode());
            subCaCertVO.setCertStatusName(dictVO2.getName());
            subCaCertVO.setNotBeforeTime(DateTimeUtil.dateToStr(subCaCertDO.getNotBeforeTime()));
            subCaCertVO.setNotAfterTime(DateTimeUtil.dateToStr(subCaCertDO.getNotAfterTime()));
        });
        PageDataResultBean pageDataResultBean = new PageDataResultBean(trans);
        pageDataResultBean.setDataList(trans.getList());
        return Result.success(pageDataResultBean);
    }

    @Override // com.xdja.pki.api.subca.SubCaCertService
    public Result resolveP10(MultipartFile multipartFile) {
        try {
            String parseP10 = parseP10(multipartFile);
            String subjectFromP10 = CertUtil.getSubjectFromP10(parseP10);
            int keySize = CertUtil.getKeySize((PublicKey) CertUtil.getPublicKeyFromP10(parseP10).getInfo());
            TemplateDO template = this.templateDao.getTemplate(TemplateTypeEnum.CA_TEMPLATE, Integer.valueOf(CertUtil.getCertKeyAlg((PublicKey) CertUtil.getPublicKeyFromP10(parseP10).getInfo()).type));
            String nameByCodeAndParentCode = this.dicDao.getNameByCodeAndParentCode(template.getSignAlg(), DicEnum.SIGN_ALG.value);
            HashMap hashMap = new HashMap();
            hashMap.put("dn", subjectFromP10);
            hashMap.put("algLength", Integer.valueOf(keySize));
            hashMap.put(CertApplyQueryRequest.CERTAPPLYQUERYREQUEST_VALIDITY, template.getMaxValidity());
            hashMap.put("signAlgName", nameByCodeAndParentCode);
            return Result.success(hashMap);
        } catch (IOException e) {
            e.printStackTrace();
            return Result.failure(ErrorEnum.RESOLVE_DN_ERROR);
        }
    }

    @Override // com.xdja.pki.api.subca.SubCaCertService
    @LogPersistence(logType = OperateLogTypeEnum.ISSUE_CERT)
    public Result issuedCert(Long l, int i, MultipartFile multipartFile) {
        try {
            String parseP10 = parseP10(multipartFile);
            Date date = new Date();
            try {
                Result generateSubCaCert = this.certService.generateSubCaCert(parseP10, Integer.valueOf(i), null);
                if (generateSubCaCert.isNotSuccess()) {
                    return generateSubCaCert;
                }
                try {
                    X509Certificate x509Certificate = (X509Certificate) ((HashMap) generateSubCaCert.infoData(HashMap.class)).get(Constants.PARAM_SIGN_CERT);
                    String bigInteger = x509Certificate.getSerialNumber().toString(16);
                    CaInfo caInfo = Cache.caInfo.get(CaAlgInfoEnum.getCaAlgInfoEnum(SystemEnum.USER_SYSTEM, CertUtil.getCertKeyAlg(x509Certificate.getPublicKey()).type));
                    SubCaCertDO subCaCertDO = new SubCaCertDO();
                    subCaCertDO.setSubCaId(l);
                    subCaCertDO.setCaCertId(caInfo.getCaCertId());
                    subCaCertDO.setSubject(CertUtil.getSubjectByX509Cert(x509Certificate));
                    subCaCertDO.setIssuer(caInfo.getSubject());
                    subCaCertDO.setSn(bigInteger);
                    subCaCertDO.setPublicKeyAlg(Integer.valueOf(CertUtil.getCertKeyAlg(x509Certificate.getPublicKey()).type));
                    subCaCertDO.setSignAlg(CertUtil.getCertSignAlg(x509Certificate).code);
                    subCaCertDO.setNotBeforeTime(x509Certificate.getNotBefore());
                    subCaCertDO.setNotAfterTime(x509Certificate.getNotAfter());
                    subCaCertDO.setData(new String(Base64.encode(x509Certificate.getEncoded())));
                    subCaCertDO.setStatus(Integer.valueOf(CertStatusEnum.NORMAL.value));
                    subCaCertDO.setGmtCreate(date);
                    subCaCertDO.setGmtModified(date);
                    this.subCaCertDao.createSubCaCert(subCaCertDO);
                    HashMap hashMap = new HashMap(1);
                    hashMap.put("certSn", bigInteger);
                    return new ResultWithLogContent(Result.success(hashMap), LogContentBuilder.buildIssueSubCaCertLog(String.valueOf(l), bigInteger));
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }
            } catch (Exception e2) {
                return Result.failure(ErrorEnum.CERT_GENERATE_ERROR);
            }
        } catch (Exception e3) {
            return Result.failure(ErrorEnum.P10_FORMAT_IS_ERROR);
        }
    }

    @Override // com.xdja.pki.api.subca.SubCaCertService
    public byte[] downloadSubCaCert(String str) {
        try {
            X509Certificate certFromBase64Str = CertUtil.getCertFromBase64Str(this.subCaCertDao.getCertDataBySn(str));
            List<X509Certificate> resolveCertChain = P7bUtils.resolveCertChain(Cache.caInfo.get(CaAlgInfoEnum.getCaAlgInfoEnum(SystemEnum.USER_SYSTEM, CertUtil.getCertKeyAlg(certFromBase64Str.getPublicKey()).type)).getCertChain());
            resolveCertChain.add(certFromBase64Str);
            return P7bUtils.createCertChainByCerts(CertUtil.sortCerts(resolveCertChain)).getBytes();
        } catch (Exception e) {
            logger.error("下载证书失败", (Throwable) e);
            throw new RuntimeException("download sub ca cert error", e);
        }
    }

    @Override // com.xdja.pki.api.subca.SubCaCertService
    public Result revokeCert(String str, int i, String str2) {
        return 0 == this.subCaCertDao.revoke(str, i, str2) ? Result.failure(ErrorEnum.CERT_IS_NOT_EXISTED) : Result.success();
    }

    private String resolveDn(MultipartFile multipartFile) throws IOException {
        return CertUtil.getSubjectFromP10(parseP10(multipartFile));
    }

    private String parseP10(MultipartFile multipartFile) throws IOException {
        BufferedReader bufferedReader = null;
        StringBuilder sb = new StringBuilder();
        try {
            try {
                bufferedReader = new BufferedReader(new InputStreamReader(multipartFile.getInputStream()));
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    sb.append(readLine);
                }
                if (null != bufferedReader) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e) {
                        logger.error("关闭io流异常", (Throwable) e);
                        throw new RuntimeException("解析P10失败", e);
                    }
                }
                return sb.toString();
            } catch (IOException e2) {
                logger.error("解析P10失败", (Throwable) e2);
                throw new RuntimeException("解析P10失败", e2);
            }
        } catch (Throwable th) {
            if (null != bufferedReader) {
                try {
                    bufferedReader.close();
                } catch (IOException e3) {
                    logger.error("关闭io流异常", (Throwable) e3);
                    throw new RuntimeException("解析P10失败", e3);
                }
            }
            throw th;
        }
    }
}
