package com.xdja.pki.service.jit;

import cn.com.jit.pki.core.Response;
import cn.com.jit.pki.ra.cert.response.addapply.CertApplyAddResponse;
import cn.com.jit.pki.ra.cert.response.addapply.CertRevokeApplyAddResponse;
import cn.com.jit.pki.ra.cert.response.auditapply.CertApplyAuditResponse;
import cn.com.jit.pki.ra.cert.response.certmake.CertMakeResponse;
import com.alibaba.fastjson.JSON;
import com.xdja.pki.api.ca.CaService;
import com.xdja.pki.common.bean.Result;
import com.xdja.pki.common.enums.CertStatusEnum;
import com.xdja.pki.common.enums.DoubleCodeIsUserdEnum;
import com.xdja.pki.common.enums.EnumNames;
import com.xdja.pki.common.enums.ErrorEnum;
import com.xdja.pki.common.util.CertUtil;
import com.xdja.pki.common.util.DateTimeUtil;
import com.xdja.pki.common.util.RandomUtil;
import com.xdja.pki.dao.cert.CertDao;
import com.xdja.pki.dao.cert.CertDataDao;
import com.xdja.pki.dao.user.PersonUserDao;
import com.xdja.pki.dao.user.UserDoubleCodeDao;
import com.xdja.pki.models.CertDO;
import com.xdja.pki.models.PersonUserDO;
import com.xdja.pki.models.TemplateDO;
import com.xdja.pki.models.UserDoubleCodeDo;
import com.xdja.pki.service.crl.CrlPublicConstants;
import com.xdja.pki.service.jit.conf.JitCaConf;
import com.xdja.pki.service.jit.runner.InitBusinessRunner;
import com.xdja.pki.vo.Constants;
import com.xdja.pki.vo.openapi.RegisterUserResp;
import com.xdja.pki.vo.user.UserInfoVo;
import java.security.PublicKey;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.stereotype.Service;

@ConditionalOnProperty(name = {"ca.flag"}, havingValue = "4")
@Service("JitCa")
/* loaded from: input_file:WEB-INF/lib/scms-service-impl-1.0-SNAPSHOT.jar:com/xdja/pki/service/jit/JitCaServiceImpl.class */
public class JitCaServiceImpl implements CaService {
    private final Logger logger = LoggerFactory.getLogger(getClass());

    @Autowired
    private PersonUserDao personUserDao;

    @Autowired
    private CertDataDao certDataDao;

    @Autowired
    private UserDoubleCodeDao userDoubleCodeDao;

    @Autowired
    private InitBusinessRunner businessRunner;

    @Autowired
    private CertDao certDao;

    @Autowired
    private JitCaConf jitCaConf;

    @Override // com.xdja.pki.api.ca.CaService
    public Result registerUserInfo(UserInfoVo userInfoVo) {
        PersonUserDO personUserDO = new PersonUserDO();
        BeanUtils.copyProperties(userInfoVo, personUserDO);
        String verifyCode = RandomUtil.getVerifyCode();
        UserDoubleCodeDo userDoubleCodeDo = new UserDoubleCodeDo(this.personUserDao.saveOrUpdateUserInfo(personUserDO).getId(), verifyCode, DoubleCodeIsUserdEnum.NOT_USE.value);
        userDoubleCodeDo.setCreateTime(new Date());
        this.userDoubleCodeDao.saveUserDoubleCode(userDoubleCodeDo);
        return Result.success(new RegisterUserResp("" + userDoubleCodeDo.getUserId().intValue() + "#" + verifyCode));
    }

    @Override // com.xdja.pki.api.ca.CaService
    public Result generateCert(String str, Integer num, String str2, Map<String, Object> map) throws Exception {
        String refcode;
        String authcode;
        PersonUserDO byId = this.personUserDao.getById((Long) map.get(Constants.PARAM_USER_ID));
        this.logger.info("吉大证书模板名称：{}", this.jitCaConf.getTemplateName());
        Response doBusiness = this.businessRunner.getBusiness().doBusiness(JitCaUtils.createCertApplyAddReq(byId, this.jitCaConf.getTemplateName(), str, num));
        if (!"0".equals(doBusiness.getErr())) {
            this.logger.error("请求吉大发起证书申请失败，返回的错误码为：{}", doBusiness.getErr());
            return Result.failure(ErrorEnum.REQ_JIT_CERT_APPLY_ERROR);
        }
        this.logger.info("请求吉大证书申请成功");
        CertApplyAddResponse certApplyAddResponse = (CertApplyAddResponse) doBusiness;
        if (JitCaUtils.checkIfAudit(this.businessRunner.getBusiness(), this.jitCaConf.getTemplateName())) {
            this.logger.info("请求吉大证书申请需要审核");
            Response doBusiness2 = this.businessRunner.getBusiness().doBusiness(JitCaUtils.createCertApplyAuditReq(certApplyAddResponse.getReqSN()));
            if (!"0".equals(doBusiness2.getErr())) {
                this.logger.error("请求吉大发起证书审核申请失败，返回的错误码为：{}", doBusiness2.getErr());
                return Result.failure(ErrorEnum.REQ_JIT_CERT_AUDIT_APPLY_ERROR);
            }
            CertApplyAuditResponse certApplyAuditResponse = (CertApplyAuditResponse) doBusiness2;
            refcode = certApplyAuditResponse.getRefcode();
            authcode = certApplyAuditResponse.getAuthcode();
            this.logger.info("请求吉大证书审核申请成功");
        } else {
            refcode = certApplyAddResponse.getRefcode();
            authcode = certApplyAddResponse.getAuthcode();
        }
        Response doBusiness3 = this.businessRunner.getBusiness().doBusiness(JitCaUtils.createCertMakeReq(refcode, authcode, str2));
        if ("0".equals(doBusiness3.getErr())) {
            this.logger.info("请求吉大证书下载成功");
            return buildResData((CertMakeResponse) doBusiness3, refcode);
        }
        this.logger.error("请求吉大发起证书下载失败，返回的错误码为：{}", doBusiness3.getErr());
        return Result.failure(ErrorEnum.REQ_JIT_CERT_MAKE_ERROR);
    }

    public Result buildResData(CertMakeResponse certMakeResponse, String str) {
        HashMap hashMap = new HashMap();
        hashMap.put(Constants.PARAM_SIGN_CERT, CertUtil.getCertFromP7b(certMakeResponse.getP7b()));
        hashMap.put(Constants.PARAM_ENC_CERT, CertUtil.getCertFromP7b(certMakeResponse.getDoubleP7b()));
        this.logger.info("EncryptedPrivateKey:{}，DoubleEncryptedPrivateKey：{}", certMakeResponse.getEncryptedPrivateKey(), certMakeResponse.getDoubleEncryptedPrivateKey());
        hashMap.put(Constants.PARAM_SIGNED_AND_ENVELOP_DATA, certMakeResponse.getDoubleEncryptedPrivateKey());
        hashMap.put("crlNum", 0);
        hashMap.put("refCode", str);
        this.logger.info("请求吉大签发CA成功: {}", JSON.toJSONString(hashMap));
        return Result.success(hashMap);
    }

    @Override // com.xdja.pki.api.ca.CaService
    public Result queryCert(String str, Map<String, Object> map) {
        Result checkCertSn = checkCertSn(map, str);
        if (!checkCertSn.isSuccess()) {
            return checkCertSn;
        }
        Map<String, Object> queryUserCertsBySn = this.certDao.queryUserCertsBySn(((CertDO) checkCertSn.getInfo()).getSn());
        if (queryUserCertsBySn.get("notAfterTime").toString().compareTo(DateTimeUtil.dateToStr(new Date())) < 0) {
            queryUserCertsBySn.put("status", Integer.valueOf(CertStatusEnum.EXPIRE.value));
        } else if (CrlPublicConstants.CRL_REVOKE_SNS.contains(str)) {
            this.logger.info("此证书在CRL文件中，判定已被撤销，sn:{}", str);
            queryUserCertsBySn.put("status", Integer.valueOf(CertStatusEnum.REVOKE.value));
        }
        return Result.success(queryUserCertsBySn);
    }

    @Override // com.xdja.pki.api.ca.CaService
    public Result generateCert(String str, Integer num, PublicKey publicKey, int i, Map<String, Object> map) throws Exception {
        return null;
    }

    @Override // com.xdja.pki.api.ca.CaService
    public Result updateCert(String str, Integer num, Map<String, Object> map, String str2, Map<String, Object> map2) {
        return null;
    }

    @Override // com.xdja.pki.api.ca.CaService
    public Result revokeCert(String str, Integer num, String str2, Map<String, Object> map) throws Exception {
        Result checkCertSn = checkCertSn(map, str);
        if (!checkCertSn.isSuccess()) {
            return checkCertSn;
        }
        CertDO certDO = (CertDO) checkCertSn.getInfo();
        if (certDO.getStatus().intValue() != CertStatusEnum.REVOKE.value) {
            Response doBusiness = this.businessRunner.getBusiness().doBusiness(JitCaUtils.createCertRevokeApplyAddReq(1 == this.jitCaConf.getRevokeType().intValue() ? certDO.getRefCode() : str));
            if (!"0".equals(doBusiness.getErr())) {
                this.logger.error("请求吉大发起证书撤销申请失败，返回的错误码为：{}", doBusiness.getErr());
                return Result.failure(ErrorEnum.REQ_JIT_CERT_REVOKE_APPLY_ERROR);
            }
            this.logger.info("请求吉大发起证书撤销申请");
            this.logger.info("吉大证书模板名称：{}", this.jitCaConf.getTemplateName());
            if (JitCaUtils.checkIfAudit(this.businessRunner.getBusiness(), this.jitCaConf.getTemplateName())) {
                this.logger.info("证书撤销申请需要审核");
                Response doBusiness2 = this.businessRunner.getBusiness().doBusiness(JitCaUtils.createCertRevokeApplyAuditReq(((CertRevokeApplyAddResponse) doBusiness).getReqSN()));
                if (!"0".equals(doBusiness2.getErr())) {
                    this.logger.error("请求吉大发起证书审核撤销申请失败，返回的错误码为：{}", doBusiness2.getErr());
                    return Result.failure(ErrorEnum.REQ_JIT_CERT_REVOKE_AUDIT_APPLY_ERROR);
                }
                this.logger.info("请求吉大审核证书撤销申请成功");
            }
            this.certDao.updateCertRevokeStatus(String.valueOf(certDO.getCardType()), certDO.getCardNo(), str, num, str2);
        } else {
            this.logger.info("证书已被撤销，证书SN：{}", certDO.getSn());
        }
        return Result.success();
    }

    private Result checkCertSn(Map<String, Object> map, String str) {
        Integer num = null;
        String str2 = null;
        if (null != map.get(EnumNames.CARD_TYPE.name)) {
            num = (Integer) map.get(EnumNames.CARD_TYPE.name);
        }
        if (null != map.get(EnumNames.CARD_NUMBER.name)) {
            str2 = (String) map.get(EnumNames.CARD_NUMBER.name);
        }
        CertDO certDO = null;
        if (StringUtils.isNotBlank(str)) {
            certDO = this.certDao.queryCertBySn(str);
        } else if (StringUtils.isNotBlank(str2)) {
            certDO = this.certDao.queryCertByCardNo(String.valueOf(num), str2);
        }
        if (null != certDO) {
            return Result.success(certDO);
        }
        this.logger.error("证书不存在，证书SN：{}，证书CardType：{}，证书CardNo：{}", str, num, str2);
        return Result.failure(ErrorEnum.CERT_IS_NOT_EXISTED);
    }

    @Override // com.xdja.pki.api.ca.CaService
    public Result getCrl(Integer num, Map<String, Object> map) {
        return null;
    }

    @Override // com.xdja.pki.api.ca.CaService
    public Result generateAdminCert(String str, Integer num, PublicKey publicKey, TemplateDO templateDO, Map<String, Object> map) throws Exception {
        return null;
    }
}
