package com.xdja.pki.service.config;

import ch.qos.logback.classic.Level;
import ch.qos.logback.classic.LoggerContext;
import ch.qos.logback.classic.util.ContextInitializer;
import cn.com.infosec.netcert.resource.PropertiesKeysRes;
import com.xdja.pki.annotation.LogPersistence;
import com.xdja.pki.api.common.CommonService;
import com.xdja.pki.api.config.LicenseService;
import com.xdja.pki.api.config.SystemConfigService;
import com.xdja.pki.api.crl.CrlService;
import com.xdja.pki.api.init.InitService;
import com.xdja.pki.api.system.vo.CaBaseInfoVO;
import com.xdja.pki.common.bean.Result;
import com.xdja.pki.common.bean.ResultWithLogContent;
import com.xdja.pki.common.bean.extension.LdapOcspUrlInfo;
import com.xdja.pki.common.config.ConfigConstant;
import com.xdja.pki.common.config.ConfigJson;
import com.xdja.pki.common.enums.CaTypeEnum;
import com.xdja.pki.common.enums.CertStatusEnum;
import com.xdja.pki.common.enums.CipherDeviceEnum;
import com.xdja.pki.common.enums.DicEnum;
import com.xdja.pki.common.enums.ErrorEnum;
import com.xdja.pki.common.enums.SystemEnum;
import com.xdja.pki.common.util.CertUtil;
import com.xdja.pki.common.util.DateTimeUtil;
import com.xdja.pki.common.util.ScriptUtils;
import com.xdja.pki.dao.ca.CaDao;
import com.xdja.pki.dao.common.DicDao;
import com.xdja.pki.models.CaDO;
import com.xdja.pki.security.util.OperatorUtil;
import com.xdja.pki.vo.config.BasicConfVO;
import com.xdja.pki.vo.config.CrlConfVO;
import com.xdja.pki.vo.config.DownloadRunLogReqVO;
import com.xdja.pki.vo.config.EditContainerConfVO;
import com.xdja.pki.vo.config.EditLogLevelConf;
import com.xdja.pki.vo.config.ReportCrlItemVo;
import com.xdja.pki.vo.init.RootCaIssueInfoVO;
import com.xdja.pki.vo.log.OperateLogTypeEnum;
import com.xdja.pki.vo.log.content.LogContentBuilder;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import javax.annotation.Resource;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang3.StringUtils;
import org.dom4j.Document;
import org.dom4j.io.OutputFormat;
import org.dom4j.io.SAXReader;
import org.dom4j.io.XMLWriter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.io.ClassPathResource;
import org.springframework.http.HttpHeaders;
import org.springframework.stereotype.Service;
import org.springframework.web.multipart.MultipartFile;

@Service
/* loaded from: input_file:WEB-INF/lib/scms-service-impl-1.0-SNAPSHOT.jar:com/xdja/pki/service/config/SystemConfigServiceImpl.class */
public class SystemConfigServiceImpl implements SystemConfigService {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) SystemConfigServiceImpl.class);

    @Autowired
    private CaDao caDao;

    @Autowired
    private DicDao dicDao;

    @Autowired
    private InitService initService;

    @Autowired
    private LicenseService licenseService;

    @Value("${inner.baseDn}")
    private String baseDn;

    @Autowired
    private CommonService commonService;

    @Resource(name = "innerCaCrl")
    private CrlService innerCaCrl;

    @Override // com.xdja.pki.api.config.SystemConfigService
    public Result getBasicConf() {
        try {
            ConfigJson instance = ConfigJson.getINSTANCE();
            if (instance == null) {
                return Result.failure(ErrorEnum.SYSTEM_CONFIG_FILE_ERROR);
            }
            BasicConfVO basicConfVO = new BasicConfVO();
            basicConfVO.setCrlConf(instance.getCrlConf());
            basicConfVO.setReportCrlConf(instance.getReportCrlConfList());
            basicConfVO.setContainerConf(instance.getContainerConf());
            basicConfVO.setLogLevelConf(instance.getLogLevelConf());
            return Result.success(basicConfVO);
        } catch (Exception e) {
            logger.error("读取系统配置失败", (Throwable) e);
            return Result.failure(ErrorEnum.SYSTEM_CONFIG_FILE_ERROR);
        }
    }

    @Override // com.xdja.pki.api.config.SystemConfigService
    @LogPersistence(logType = OperateLogTypeEnum.SYSTEM_CONFIG, desc = "编辑CRL设置")
    public Result editCrlConf(CrlConfVO crlConfVO) {
        ConfigJson.CrlConf readCrlConf = ConfigJson.readCrlConf();
        readCrlConf.setCrlPublishCycle(crlConfVO.getCrlPublishCycle());
        ConfigJson.writeCrlConf(readCrlConf);
        this.innerCaCrl.restartCrlThreads();
        return new ResultWithLogContent(Result.success(null), LogContentBuilder.buildCRLConfigLog(OperatorUtil.getOperator().getUserName(), crlConfVO.getCrlPublishCycle()));
    }

    @Override // com.xdja.pki.api.config.SystemConfigService
    @LogPersistence(logType = OperateLogTypeEnum.SYSTEM_CONFIG, desc = "编辑上报crl设置")
    public Result editReportCrlConf(List<ReportCrlItemVo> list) {
        ArrayList arrayList = new ArrayList();
        HashSet hashSet = new HashSet();
        for (ReportCrlItemVo reportCrlItemVo : list) {
            if (hashSet.contains(reportCrlItemVo.getDeviceId())) {
                return Result.failure(ErrorEnum.REPORT_DEVICE_UUID_IS_EXIST);
            }
            ConfigJson.ReportCrlConf reportCrlConf = new ConfigJson.ReportCrlConf();
            BeanUtils.copyProperties(reportCrlItemVo, reportCrlConf);
            arrayList.add(reportCrlConf);
            hashSet.add(reportCrlItemVo.getDeviceId());
        }
        ConfigJson.writeReportCrlConfList(arrayList);
        return new ResultWithLogContent(Result.success(null), LogContentBuilder.buildReportCrlConfigLog(list));
    }

    @Override // com.xdja.pki.api.config.SystemConfigService
    @LogPersistence(logType = OperateLogTypeEnum.SYSTEM_CONFIG, desc = "编辑签发容器设置")
    public Result editContainerConf(EditContainerConfVO editContainerConfVO) {
        ConfigJson.writeContainerConf(editContainerConfVO.getContainerConf());
        return new ResultWithLogContent(Result.success(null), LogContentBuilder.buildSignContainerConfigLog(editContainerConfVO.getContainerConf()));
    }

    @Override // com.xdja.pki.api.config.SystemConfigService
    public Result getContainerConf() {
        try {
            ConfigJson instance = ConfigJson.getINSTANCE();
            return instance == null ? Result.failure(ErrorEnum.SYSTEM_CONFIG_FILE_ERROR) : Result.success(instance.getContainerConf());
        } catch (Exception e) {
            logger.error("读取系统配置失败", (Throwable) e);
            return Result.failure(ErrorEnum.SYSTEM_CONFIG_FILE_ERROR);
        }
    }

    @Override // com.xdja.pki.api.config.SystemConfigService
    @LogPersistence(logType = OperateLogTypeEnum.SYSTEM_CONFIG, desc = "修改日志级别")
    public Result editRunLogConf(EditLogLevelConf editLogLevelConf) {
        String str;
        ConfigJson.writeLogLevelConf(editLogLevelConf.getLogLevelConf());
        LoggerContext loggerContext = (LoggerContext) LoggerFactory.getILoggerFactory();
        switch (editLogLevelConf.getLogLevelConf().intValue()) {
            case 1:
                str = PropertiesKeysRes.DEBUG_FLAG;
                break;
            case 3:
                str = "ERROR";
                break;
            default:
                str = PropertiesKeysRes.INFO;
                break;
        }
        loggerContext.getLogger("root").setLevel(Level.valueOf(str));
        if (!changeLogBackFile(str)) {
            return Result.failure(ErrorEnum.SYSTEM_CONFIG_FILE_ERROR);
        }
        return new ResultWithLogContent(Result.success(null), LogContentBuilder.buildLogLevelConfigLog(str));
    }

    /* JADX WARN: Finally extract failed */
    private boolean changeLogBackFile(String str) {
        try {
            String absolutePath = new ClassPathResource(ContextInitializer.AUTOCONFIG_FILE).getFile().getAbsolutePath();
            Document read = new SAXReader().read(new File(absolutePath));
            read.getRootElement().element("root").attribute("level").setValue(str);
            XMLWriter xMLWriter = null;
            try {
                try {
                    FileOutputStream fileOutputStream = new FileOutputStream(absolutePath);
                    OutputFormat createPrettyPrint = OutputFormat.createPrettyPrint();
                    createPrettyPrint.setEncoding("UTF-8");
                    xMLWriter = new XMLWriter(fileOutputStream, createPrettyPrint);
                    xMLWriter.write(read);
                    if (null == xMLWriter) {
                        return true;
                    }
                    try {
                        xMLWriter.close();
                        return true;
                    } catch (IOException e) {
                        logger.error("关闭io流失败", (Throwable) e);
                        return true;
                    }
                } catch (Throwable th) {
                    if (null != xMLWriter) {
                        try {
                            xMLWriter.close();
                        } catch (IOException e2) {
                            logger.error("关闭io流失败", (Throwable) e2);
                        }
                    }
                    throw th;
                }
            } catch (IOException e3) {
                logger.error("写文件失败", (Throwable) e3);
                if (null == xMLWriter) {
                    return true;
                }
                try {
                    xMLWriter.close();
                    return true;
                } catch (IOException e4) {
                    logger.error("关闭io流失败", (Throwable) e4);
                    return true;
                }
            }
        } catch (Exception e5) {
            logger.error("修改logback.xml文件失败", (Throwable) e5);
            return false;
        }
        logger.error("修改logback.xml文件失败", (Throwable) e5);
        return false;
    }

    @Override // com.xdja.pki.api.config.SystemConfigService
    @LogPersistence(logType = OperateLogTypeEnum.SYSTEM_CONFIG, desc = "下载运行日志")
    public Result downloadRunLog(DownloadRunLogReqVO downloadRunLogReqVO) {
        String dateToStr = DateTimeUtil.dateToStr(new Date(downloadRunLogReqVO.getStartDate().longValue()), "yyyy-MM-dd");
        String dateToStr2 = DateTimeUtil.dateToStr(new Date(downloadRunLogReqVO.getEndDate().longValue()), "yyyy-MM-dd");
        long currentTimeMillis = System.currentTimeMillis();
        URL resource = getClass().getClassLoader().getResource("shell/tarScmsLogFile.sh");
        if (resource == null) {
            logger.error("下载运行日志时找不到脚本");
            return Result.failure(ErrorEnum.SERVER_INTERNAL_EXCEPTION);
        }
        String path = resource.getPath();
        String str = ConfigConstant.log_save_path + " " + dateToStr + " " + dateToStr2 + " " + ConfigConstant.static_file_path + "/logs/ " + currentTimeMillis;
        File file = new File(ConfigConstant.static_file_path + "/logs/");
        if (!file.exists() && !file.mkdirs()) {
            logger.error("创建静态资源目录失败");
            return Result.failure(ErrorEnum.TAR_RUN_LOG_ERROR);
        }
        if (!StringUtils.equals(parseTarResult(ScriptUtils.executeScript("sh " + path + " " + str)), "1")) {
            return Result.failure(ErrorEnum.TAR_RUN_LOG_ERROR);
        }
        return new ResultWithLogContent(Result.success(downloadRunLogReqVO.getContextPath() + "/static/logs/scmsLog_" + currentTimeMillis + ".tar.gz"), LogContentBuilder.buildLogExportLog(dateToStr, dateToStr2));
    }

    @Override // com.xdja.pki.api.config.SystemConfigService
    public Result getServerCertInfo() {
        return null;
    }

    @Override // com.xdja.pki.api.config.SystemConfigService
    public Result uploadConfigFile(MultipartFile multipartFile) {
        File file = new File(ConfigConstant.exportConfigFilePath);
        if (file.exists() && !file.delete()) {
            logger.error("删除文件失败");
        }
        try {
            FileUtils.copyToFile(multipartFile.getInputStream(), file);
            return Result.success(null);
        } catch (IOException e) {
            logger.error("文件上传失败.", (Throwable) e);
            return Result.failure(ErrorEnum.SERVER_INTERNAL_EXCEPTION);
        }
    }

    @Override // com.xdja.pki.api.config.SystemConfigService
    public Result downConfigFile(String str, HttpServletResponse httpServletResponse) {
        String substring = str.substring(str.lastIndexOf("/") + 1);
        if (new File(str).exists()) {
            downloadFile(httpServletResponse, str, substring);
            return Result.success();
        }
        logger.error("待下载的文件不存在：{}", str);
        return Result.failure(ErrorEnum.FILE_IS_NOT_EXIST);
    }

    @Override // com.xdja.pki.api.config.SystemConfigService
    public Result getCaBaseInfos() {
        HashMap hashMap = new HashMap();
        try {
            for (CaDO caDO : this.caDao.queryBySystemTypes(SystemEnum.USER_SYSTEM)) {
                CaBaseInfoVO caBaseInfoVO = new CaBaseInfoVO();
                caBaseInfoVO.setDn(caDO.getSubject());
                caBaseInfoVO.setSn(CertUtil.getCertFromBase64Str(caDO.getCert()).getSerialNumber().toString(16));
                caBaseInfoVO.setSignAlgName(this.dicDao.getNameByCodeAndParentCode(caDO.getSignAlg(), DicEnum.SIGN_ALG.value));
                caBaseInfoVO.setCaTypeStr(CaTypeEnum.getCaNameByType(caDO.getType().intValue()));
                caBaseInfoVO.setCaType(caDO.getType());
                caBaseInfoVO.setCertStatus(String.valueOf(CertStatusEnum.NORMAL.value));
                caBaseInfoVO.setCertStatusStr(CertStatusEnum.NORMAL.dicName);
                caBaseInfoVO.setBeforeTime(DateTimeUtil.dateToStr(CertUtil.getCertFromBase64Str(caDO.getCert()).getNotBefore()));
                caBaseInfoVO.setAfterTime(DateTimeUtil.dateToStr(CertUtil.getCertFromBase64Str(caDO.getCert()).getNotAfter()));
                caBaseInfoVO.setCnValue(CertUtil.getCnFromSubject(caDO.getSubject()));
                hashMap.put(this.dicDao.getNameByCodeAndParentCode(caDO.getPublicKeyAlg(), DicEnum.ALG.value).toLowerCase(), caBaseInfoVO);
            }
            return Result.success(hashMap);
        } catch (Exception e) {
            throw new RuntimeException("获取CA基本信息异常", e);
        }
    }

    @Override // com.xdja.pki.api.config.SystemConfigService
    @LogPersistence(logType = OperateLogTypeEnum.SYSTEM_CONFIG, desc = "更新CA名称")
    public Result updateCaName(String str) {
        ConfigJson.writeCaName(str);
        return new ResultWithLogContent(Result.success(), LogContentBuilder.updateCaNameLog(OperatorUtil.getOperator().getUserName(), str));
    }

    @Override // com.xdja.pki.api.config.SystemConfigService
    @LogPersistence(logType = OperateLogTypeEnum.ISSUE_CERT, desc = "添加新的CA算法证书")
    public Result addUserCa(RootCaIssueInfoVO rootCaIssueInfoVO, HttpServletResponse httpServletResponse) {
        try {
            Integer caAlg = null == rootCaIssueInfoVO.getAlg() ? rootCaIssueInfoVO.getCaAlg() : rootCaIssueInfoVO.getAlg();
            rootCaIssueInfoVO.setAlg(caAlg);
            rootCaIssueInfoVO.setCaAlg(caAlg);
            Result issueRootCert = this.initService.issueRootCert(SystemEnum.USER_SYSTEM, rootCaIssueInfoVO.getDn(), rootCaIssueInfoVO.getValidity(), rootCaIssueInfoVO.getAlg());
            if (!issueRootCert.isSuccess()) {
                return Result.success();
            }
            String obj = issueRootCert.getInfo().toString();
            this.innerCaCrl.restartCrlThreads();
            return new ResultWithLogContent(issueRootCert, LogContentBuilder.buildIssueCaCertLog(rootCaIssueInfoVO.getDn(), obj));
        } catch (Exception e) {
            throw new RuntimeException("添加第二个内部CA异常", e);
        }
    }

    @Override // com.xdja.pki.api.config.SystemConfigService
    @LogPersistence(logType = OperateLogTypeEnum.SYSTEM_CONFIG, desc = "更新容器名称")
    public Result updateChipContainer(String str) {
        ConfigJson.writeContainerConf(str);
        return new ResultWithLogContent(Result.success(), LogContentBuilder.buildSignContainerConfigLog(str));
    }

    @Override // com.xdja.pki.api.config.SystemConfigService
    public Result getBaseInfo() {
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("caBaseInfo", buildBaseInfo());
            Result loadLicenseInfo = this.licenseService.loadLicenseInfo();
            if (loadLicenseInfo.isNotSuccess()) {
                return loadLicenseInfo;
            }
            hashMap.put("licenseInfo", loadLicenseInfo.getInfo());
            return Result.success(hashMap);
        } catch (Exception e) {
            throw new RuntimeException("获取基本信息异常", e);
        }
    }

    @Override // com.xdja.pki.api.config.SystemConfigService
    public Result getConfigInfo() {
        ConfigJson.CrlConf readCrlConf = ConfigJson.readCrlConf();
        String readContainerConf = ConfigJson.readContainerConf();
        HashMap hashMap = new HashMap();
        hashMap.put("chipContainer", readContainerConf);
        hashMap.put(LdapOcspUrlInfo.CRL_NAME, readCrlConf);
        return Result.success(hashMap);
    }

    private Map<String, String> buildBaseInfo() {
        HashMap hashMap = new HashMap();
        String readCaName = ConfigJson.readCaName();
        String nameByType = CipherDeviceEnum.getNameByType(ConfigJson.readCryptModule().intValue());
        hashMap.put("caName", readCaName);
        hashMap.put("baseDn", this.baseDn);
        hashMap.put("cryptModuleStr", nameByType);
        return hashMap;
    }

    private String parseTarResult(String str) {
        if (StringUtils.isBlank(str)) {
            return "-1";
        }
        String[] split = str.split("\n");
        return split[split.length - 1];
    }

    private void downloadFile(HttpServletResponse httpServletResponse, String str, String str2) {
        FileInputStream fileInputStream = null;
        ServletOutputStream servletOutputStream = null;
        try {
            try {
                fileInputStream = new FileInputStream(str);
                servletOutputStream = httpServletResponse.getOutputStream();
                httpServletResponse.reset();
                httpServletResponse.setContentType("APPLICATION/OCTET-STREAM");
                httpServletResponse.setHeader(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=" + str2);
                byte[] bArr = new byte[8192];
                while (true) {
                    int read = fileInputStream.read(bArr);
                    if (read == -1) {
                        break;
                    }
                    servletOutputStream.write(bArr, 0, read);
                    servletOutputStream.flush();
                }
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                        logger.error("二进制根据[{}]读取文件关闭文件流异常,[{}]......", (Object) null, e.getMessage());
                        return;
                    }
                }
                if (servletOutputStream != null) {
                    servletOutputStream.close();
                }
            } catch (Exception e2) {
                logger.error("二进制根据[{}]读取文件异常,[{}]......", str, e2.getMessage());
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e3) {
                        logger.error("二进制根据[{}]读取文件关闭文件流异常,[{}]......", (Object) null, e3.getMessage());
                        return;
                    }
                }
                if (servletOutputStream != null) {
                    servletOutputStream.close();
                }
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e4) {
                    logger.error("二进制根据[{}]读取文件关闭文件流异常,[{}]......", (Object) null, e4.getMessage());
                    throw th;
                }
            }
            if (servletOutputStream != null) {
                servletOutputStream.close();
            }
            throw th;
        }
    }
}
