package com.xdja.pki.service.airIssue;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.xdja.pki.api.airissue.AirIssueService;
import com.xdja.pki.api.deviceusercertmanager.DeviceUserCertManagerService;
import com.xdja.pki.common.asn1.SignedAndEnvelopedData;
import com.xdja.pki.common.bean.Result;
import com.xdja.pki.common.config.ConfigJson;
import com.xdja.pki.common.enums.CertRevokeReasonEnum;
import com.xdja.pki.common.enums.CertStatusEnum;
import com.xdja.pki.common.enums.DeviceTypeEnum;
import com.xdja.pki.common.enums.ErrorEnum;
import com.xdja.pki.common.util.HmacUtil;
import com.xdja.pki.dto.UserWithCertDTO;
import com.xdja.pki.ra.core.util.params.PatternCheckUtils;
import com.xdja.pki.vo.Constants;
import com.xdja.pki.vo.airissue.AuthenticationByPhoneVO;
import com.xdja.pki.vo.airissue.CertApplyVO;
import com.xdja.pki.vo.airissue.CertRevokeVO;
import com.xdja.pki.vo.airissue.CertSearchVO;
import com.xdja.pki.vo.airissue.Device;
import com.xdja.pki.vo.airissue.Person;
import com.xdja.pki.vo.deviceusercertmanager.IssueCertReqVo;
import com.xdja.pki.vo.deviceusercertmanager.UserReqVO;
import java.util.Map;
import java.util.regex.Pattern;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.util.encoders.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cache.interceptor.CacheOperationExpressionEvaluator;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.stereotype.Service;
import org.springframework.web.client.RestTemplate;

@Service
/* loaded from: input_file:WEB-INF/lib/scms-service-impl-1.0-SNAPSHOT.jar:com/xdja/pki/service/airIssue/AirIssueServiceImpl.class */
public class AirIssueServiceImpl implements AirIssueService {
    private Logger logger = LoggerFactory.getLogger(getClass());

    @Autowired
    @Qualifier("httpsTemplate")
    private RestTemplate restTemplate;

    @Autowired
    @Qualifier("jsonReqAndJsonAcceptHeaders")
    private HttpHeaders headers;

    @Autowired
    private DeviceUserCertManagerService deviceUserCertManagerService;

    @Value("${inner.baseDn}")
    private String baseDn;
    private static final Pattern P = Pattern.compile(PatternCheckUtils.PHONE_NUMBER_PATTERN);

    @Override // com.xdja.pki.api.airissue.AirIssueService
    public Result authentication(AuthenticationByPhoneVO authenticationByPhoneVO, String str) {
        int parseInt = Integer.parseInt(authenticationByPhoneVO.getChipInfo().getCardType());
        if (parseInt == DeviceTypeEnum.VIRTUAL_HARD_SECURITY_MODULE.clientType) {
            Result sendVhsmAuthenticate = sendVhsmAuthenticate(authenticationByPhoneVO);
            if (!sendVhsmAuthenticate.isSuccess()) {
                return sendVhsmAuthenticate;
            }
        }
        UserReqVO userReqVO = new UserReqVO();
        userReqVO.setUserName("客户端");
        userReqVO.setDeviceNo(str);
        userReqVO.setContactPhone(authenticationByPhoneVO.getChipInfo().getPhone());
        int typeFromClientType = DeviceTypeEnum.getTypeFromClientType(parseInt);
        if (typeFromClientType == -1) {
            this.logger.info("不支持的客户端卡类型,{}", Integer.valueOf(parseInt));
            return Result.failure(ErrorEnum.CLIENT_DEVICE_TYPE_IS_NOT_SUPPORT);
        }
        userReqVO.setDeviceType(Integer.valueOf(typeFromClientType));
        Result addUser = this.deviceUserCertManagerService.addUser(userReqVO);
        if (!addUser.isSuccess()) {
            return addUser;
        }
        StringBuilder sb = new StringBuilder();
        sb.append("CN=").append(authenticationByPhoneVO.getChipInfo().getPhone()).append(",").append(this.baseDn);
        JSONObject jSONObject = new JSONObject();
        jSONObject.put(CacheOperationExpressionEvaluator.RESULT_VARIABLE, (Object) 1);
        jSONObject.put("message", (Object) sb);
        return Result.success(jSONObject.toJSONString());
    }

    @Override // com.xdja.pki.api.airissue.AirIssueService
    public Result certApply(CertApplyVO certApplyVO, String str) throws Exception {
        IssueCertReqVo issueCertReqVo = new IssueCertReqVo();
        issueCertReqVo.setP10(certApplyVO.getP10());
        issueCertReqVo.setValidity(3650);
        issueCertReqVo.setDeviceNo(str);
        Result issueCert = this.deviceUserCertManagerService.issueCert(issueCertReqVo);
        if (!issueCert.isSuccess()) {
            return issueCert;
        }
        Map map = (Map) issueCert.getInfo();
        JSONObject jSONObject = new JSONObject();
        SignedAndEnvelopedData signedAndEnvelopedData = SignedAndEnvelopedData.getInstance(ASN1Sequence.fromByteArray(Base64.decode((String) map.get(Constants.PARAM_SIGNED_AND_ENVELOP_DATA))));
        StringBuilder sb = new StringBuilder();
        sb.append(map.get(Constants.PARAM_SIGN_CERT)).append("#").append(map.get(Constants.PARAM_ENC_CERT)).append("#").append(signedAndEnvelopedData.toSKF(map.get(Constants.PARAM_ENC_CERT).toString())).append("#").append(Base64.toBase64String("scms-server".getBytes()));
        jSONObject.put("cert", (Object) sb);
        jSONObject.put(CacheOperationExpressionEvaluator.RESULT_VARIABLE, (Object) 1);
        return Result.success(jSONObject.toJSONString());
    }

    @Override // com.xdja.pki.api.airissue.AirIssueService
    public Result certRevoke(CertRevokeVO certRevokeVO, String str) {
        UserReqVO userReqVO = new UserReqVO();
        userReqVO.setDeviceNo(str);
        userReqVO.setReason(Integer.valueOf(CertRevokeReasonEnum.LEAVE_OFF.value));
        userReqVO.setRemark(certRevokeVO.getInfo().getReason());
        Result deleteUser = this.deviceUserCertManagerService.deleteUser(userReqVO);
        if (!deleteUser.isSuccess()) {
            return deleteUser;
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put(CacheOperationExpressionEvaluator.RESULT_VARIABLE, (Object) 1);
        jSONObject.put("message", (Object) "");
        return Result.success(jSONObject.toJSONString());
    }

    @Override // com.xdja.pki.api.airissue.AirIssueService
    public Result certSearch(CertSearchVO certSearchVO, String str) {
        Result userDetail = this.deviceUserCertManagerService.getUserDetail(str);
        if (!userDetail.isSuccess()) {
            return userDetail;
        }
        UserWithCertDTO userWithCertDTO = (UserWithCertDTO) userDetail.getInfo();
        int i = (null == userWithCertDTO || null == userWithCertDTO.getCertStatus()) ? 4 : Integer.parseInt(userWithCertDTO.getCertStatus()) == CertStatusEnum.EXPIRE.value ? 14 : 3;
        JSONObject jSONObject = new JSONObject();
        jSONObject.put(CacheOperationExpressionEvaluator.RESULT_VARIABLE, (Object) Integer.valueOf(i));
        jSONObject.put("message", (Object) "");
        return Result.success(jSONObject);
    }

    @Override // com.xdja.pki.api.airissue.AirIssueService
    public Result checkPhoneNo(String str) {
        JSONObject jSONObject = new JSONObject();
        if (str.length() == 11 && !P.matcher(str).matches()) {
        }
        jSONObject.put(CacheOperationExpressionEvaluator.RESULT_VARIABLE, (Object) 0);
        jSONObject.put("message", (Object) "");
        return Result.success(jSONObject);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private Result sendVhsmAuthenticate(AuthenticationByPhoneVO authenticationByPhoneVO) {
        try {
            ConfigJson.VhsmConfig readVhsmConfig = ConfigJson.readVhsmConfig();
            if (null == readVhsmConfig) {
                this.logger.info("vhsm没有进行配置");
                return Result.failure(ErrorEnum.VHSM_CONFIG_IS_NOT_INIT);
            }
            Device device = new Device();
            device.setSn(authenticationByPhoneVO.getChipInfo().getImei());
            device.setDeviceOs(1);
            device.setDeviceType(1);
            device.setCertType(1);
            Person person = new Person();
            person.setName(authenticationByPhoneVO.getIdCardInfo().getName());
            person.setIdentity(authenticationByPhoneVO.getChipInfo().getPhone());
            person.setSex(authenticationByPhoneVO.getIdCardInfo().getSex());
            person.setMobile(authenticationByPhoneVO.getChipInfo().getPhone());
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("device", JSONObject.toJSON(device));
            jSONObject.put("person", JSONObject.toJSON(person));
            jSONObject.put("appId", (Object) ConfigJson.getINSTANCE().getVhsmConfig().getAppId());
            long currentTimeMillis = System.currentTimeMillis() + 600000;
            jSONObject.put("ts", (Object) Long.valueOf(currentTimeMillis));
            StringBuilder sb = new StringBuilder();
            sb.append(null == device.getSn() ? "" : device.getSn()).append(null == person.getName() ? "" : person.getName()).append(null == person.getIdentity() ? "" : person.getIdentity()).append(null == person.getMobile() ? "" : person.getMobile()).append(ConfigJson.getINSTANCE().getVhsmConfig().getAppId()).append(currentTimeMillis);
            jSONObject.put("sign", (Object) HmacUtil.encrypt(sb.toString(), ConfigJson.getINSTANCE().getVhsmConfig().getAppSecret()));
            JSONObject parseObject = JSON.parseObject((String) this.restTemplate.exchange("https://" + readVhsmConfig.getIp() + ":" + readVhsmConfig.getPort() + "/vhsm-web/importPersonAndDevice", HttpMethod.POST, new HttpEntity<>(jSONObject.toJSONString(), this.headers), String.class, new Object[0]).getBody());
            if (!parseObject.get("flag").equals(false)) {
                return Result.success();
            }
            this.logger.info("向vhsm导入设备人员信息失败");
            this.logger.info(parseObject.toJSONString());
            return Result.failure(ErrorEnum.VHSM_IMPORT_DEVICE_PERSON_INFO_FAIL);
        } catch (Exception e) {
            this.logger.info("向vhsm导入设备人员信息失败");
            e.printStackTrace();
            return Result.failure(ErrorEnum.VHSM_IMPORT_DEVICE_PERSON_INFO_FAIL);
        }
    }
}
