package com.xdja.ca.utils;

import com.xdja.ca.error.ErrorBean;
import com.xdja.ca.error.ErrorEnum;
import com.xdja.ca.sdk.SdkResult;
import com.xdja.pki.gmssl.http.GMSSLHttpClient;
import com.xdja.pki.gmssl.http.GMSSLHttpsClient;
import com.xdja.pki.gmssl.http.bean.GMSSLHttpRequest;
import com.xdja.pki.gmssl.http.bean.GMSSLHttpResponse;
import com.xdja.pki.gmssl.http.exception.GMSSLHttpException;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.impl.client.CloseableHttpClient;
import org.bouncycastle.util.encoders.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/xdja/ca/utils/GMSSLHttpReqUtils.class */
public class GMSSLHttpReqUtils {
    protected static final transient Logger logger = LoggerFactory.getLogger(GMSSLHttpReqUtils.class);
    public static volatile CloseableHttpClient client = null;

    public static SdkResult sendGMSSLHttpPostReturnByte(int i, String str, byte[] bArr, byte[] bArr2, String str2, String str3, String str4, X509Certificate[] x509CertificateArr, String str5, boolean z, boolean z2) {
        GMSSLHttpsClient gMSSLHttpClient;
        String str6;
        SdkResult sdkResult = new SdkResult();
        if (z2) {
            if (i >= 32 || i <= 0) {
                sdkResult.setError(ErrorEnum.CMP_API_PARAMS_KEY_INDEX_IS_ERROR);
                return sdkResult;
            }
            if (StringUtils.isBlank(str)) {
                sdkResult.setError(ErrorEnum.CMP_API_PARAMS_KEY_PWD_IS_EMPTY);
                return sdkResult;
            }
        } else if (bArr == null) {
            sdkResult.setError(ErrorEnum.CMP_API_PARAMS_RA_PRIVATE_KEY_IS_EMPTY);
            return sdkResult;
        }
        if (StringUtils.isBlank(str4)) {
            sdkResult.setError(ErrorEnum.CMP_API_PARAMS_RA_SIGN_SN_IS_EMPTY);
            return sdkResult;
        }
        String valueOf = String.valueOf(System.currentTimeMillis());
        try {
            String buildPostReqSignData = OpenApiReqSignDataUtil.buildPostReqSignData(str4, valueOf, Base64.encode(bArr2));
            logger.debug("待签名原文 ========== " + buildPostReqSignData);
            logger.debug(" ================ RA封装消息使用的服务器证书的签名算法为：" + str5);
            String signByYunHsm = z2 ? SdkHsmUtils.signByYunHsm(str5, i, str, buildPostReqSignData) : SdkHsmUtils.signByBC(str5, bArr, buildPostReqSignData);
            if (StringUtils.isBlank(signByYunHsm)) {
                sdkResult.setError(ErrorEnum.SIGN_BY_HSM_IS_ERROR);
                return sdkResult;
            }
            if (z) {
                if (x509CertificateArr == null || x509CertificateArr.length <= 0) {
                    gMSSLHttpClient = new GMSSLHttpsClient();
                } else {
                    try {
                        gMSSLHttpClient = new GMSSLHttpsClient(x509CertificateArr);
                    } catch (GMSSLHttpException e) {
                        logger.error("GET请求 ========== 国密安全通道工具类异常{}", e);
                        sdkResult.setError(ErrorEnum.GMSSL_HTTP_CLIENT_INTER_EXCEPTION);
                        return sdkResult;
                    }
                }
                str6 = "https://" + str2;
            } else {
                gMSSLHttpClient = new GMSSLHttpClient();
                str6 = "http://" + str2;
            }
            GMSSLHttpRequest gMSSLHttpRequest = new GMSSLHttpRequest();
            gMSSLHttpRequest.setUrl(str6);
            HashMap hashMap = new HashMap();
            hashMap.put("Content-type", str3);
            hashMap.put("sn", str4);
            hashMap.put("time", valueOf);
            hashMap.put("sign", signByYunHsm);
            gMSSLHttpRequest.setHeaders(hashMap);
            gMSSLHttpRequest.setBody(Base64.encode(bArr2));
            try {
                GMSSLHttpResponse post = gMSSLHttpClient.post(gMSSLHttpRequest);
                logger.debug("========== sendGMSSLHttpPost.result>>>>" + post.getStatusCode() + " " + new String(post.getBody()));
                if (post.getStatusCode() == 200) {
                    sdkResult.setInfo(Base64.decode(post.getBody()));
                    return sdkResult;
                }
                try {
                    ErrorBean errorBean = (ErrorBean) SdkJsonUtils.json2Object(new String(post.getBody()), ErrorBean.class);
                    logger.info("POST请求========= CA的外部接口返回非200状态信息:" + post.getStatusCode() + " ====== errorCode:" + errorBean.getErrCode() + " ====== errorMsg:" + errorBean.getErrMsg());
                    sdkResult.setError(getErrorEnum(errorBean));
                    return sdkResult;
                } catch (Exception e2) {
                    logger.info("POST请求========= CA的外部接口返回非200状态码:" + post.getStatusCode());
                    logger.info(" ========== 异常信息:{}", e2);
                    sdkResult.setError(ErrorEnum.CA_OPEN_API_RETURN_EXCEPTION);
                    return sdkResult;
                }
            } catch (Exception e3) {
                logger.error("POST请求 ========== 国密安全通道工具类异常{}", e3);
                sdkResult.setError(ErrorEnum.GMSSL_HTTP_CLIENT_INTER_EXCEPTION);
                return sdkResult;
            }
        } catch (Exception e4) {
            logger.info("POST请求 ========== 获取签名值异常", e4);
            sdkResult.setError(ErrorEnum.GET_SIGN_BY_YUN_HSM_EXCEPTION);
            return sdkResult;
        }
    }

    public static SdkResult sendGMSSLHttpGetReturnByte(int i, String str, byte[] bArr, Map<String, String> map, String str2, String str3, X509Certificate[] x509CertificateArr, String str4, boolean z, boolean z2) {
        GMSSLHttpsClient gMSSLHttpClient;
        String str5;
        SdkResult sdkResult = new SdkResult();
        if (z2) {
            if (i >= 32 || i <= 0) {
                sdkResult.setError(ErrorEnum.CMP_API_PARAMS_KEY_INDEX_IS_ERROR);
                return sdkResult;
            }
            if (StringUtils.isBlank(str)) {
                sdkResult.setError(ErrorEnum.CMP_API_PARAMS_KEY_PWD_IS_EMPTY);
                return sdkResult;
            }
        } else if (bArr == null) {
            sdkResult.setError(ErrorEnum.CMP_API_PARAMS_RA_PRIVATE_KEY_IS_EMPTY);
            return sdkResult;
        }
        if (StringUtils.isBlank(str3)) {
            sdkResult.setError(ErrorEnum.CMP_API_PARAMS_RA_SIGN_SN_IS_EMPTY);
            return sdkResult;
        }
        String valueOf = String.valueOf(System.currentTimeMillis());
        try {
            String[] split = str2.split("/");
            StringBuffer stringBuffer = new StringBuffer();
            for (int i2 = 1; i2 < split.length; i2++) {
                stringBuffer.append("/").append(split[i2]);
            }
            String stringBuffer2 = stringBuffer.toString();
            logger.debug("sendGMSSLHttpGetReturnByte.uri=========" + stringBuffer2);
            String buildGetReqSignData = OpenApiReqSignDataUtil.buildGetReqSignData(str3, valueOf, stringBuffer2);
            logger.debug("待签名原文 ========== " + buildGetReqSignData);
            logger.debug(" ================ RA封装消息使用的服务器证书的签名算法为：" + str4);
            String signByYunHsm = z2 ? SdkHsmUtils.signByYunHsm(str4, i, str, buildGetReqSignData) : SdkHsmUtils.signByBC(str4, bArr, buildGetReqSignData);
            if (StringUtils.isBlank(signByYunHsm)) {
                sdkResult.setError(ErrorEnum.SIGN_BY_HSM_IS_ERROR);
                return sdkResult;
            }
            if (z) {
                if (x509CertificateArr == null || x509CertificateArr.length <= 0) {
                    gMSSLHttpClient = new GMSSLHttpsClient();
                } else {
                    try {
                        gMSSLHttpClient = new GMSSLHttpsClient(x509CertificateArr);
                    } catch (GMSSLHttpException e) {
                        logger.error("GET请求 ========== 国密安全通道工具类异常{}", e);
                        sdkResult.setError(ErrorEnum.GMSSL_HTTP_CLIENT_INTER_EXCEPTION);
                        return sdkResult;
                    }
                }
                str5 = "https://" + str2;
            } else {
                gMSSLHttpClient = new GMSSLHttpClient();
                str5 = "http://" + str2;
            }
            GMSSLHttpRequest gMSSLHttpRequest = new GMSSLHttpRequest();
            gMSSLHttpRequest.setUrl(str5);
            gMSSLHttpRequest.setParams(map);
            HashMap hashMap = new HashMap();
            hashMap.put("sn", str3);
            hashMap.put("time", valueOf);
            hashMap.put("sign", signByYunHsm);
            gMSSLHttpRequest.setHeaders(hashMap);
            try {
                GMSSLHttpResponse gMSSLHttpResponse = gMSSLHttpClient.get(gMSSLHttpRequest);
                logger.debug("=============== sendGMSSLHttpGet.result>>>>" + gMSSLHttpResponse.getStatusCode() + " " + new String(gMSSLHttpResponse.getBody()));
                if (gMSSLHttpResponse.getStatusCode() == 200) {
                    sdkResult.setInfo(Base64.decode(gMSSLHttpResponse.getBody()));
                    return sdkResult;
                }
                try {
                    ErrorBean errorBean = (ErrorBean) SdkJsonUtils.json2Object(new String(gMSSLHttpResponse.getBody()), ErrorBean.class);
                    logger.info("GET请求=========CA的外部接口返回非200状态信息:" + gMSSLHttpResponse.getStatusCode() + " ====== errorCode:" + errorBean.getErrCode() + " ====== errorMsg:" + errorBean.getErrMsg());
                    sdkResult.setError(getErrorEnum(errorBean));
                    return sdkResult;
                } catch (Exception e2) {
                    logger.info("GET请求=========CA的外部接口返回非200状态码:" + gMSSLHttpResponse.getStatusCode());
                    logger.info(" ========== 异常信息:{}", e2);
                    sdkResult.setError(ErrorEnum.CA_OPEN_API_RETURN_EXCEPTION);
                    return sdkResult;
                }
            } catch (Exception e3) {
                logger.error("GET请求 ========== 国密安全通道工具类异常{}", e3);
                sdkResult.setError(ErrorEnum.GMSSL_HTTP_CLIENT_INTER_EXCEPTION);
                return sdkResult;
            }
        } catch (Exception e4) {
            logger.info("GET请求 ========== 获取签名值异常", e4);
            sdkResult.setError(ErrorEnum.GET_SIGN_BY_YUN_HSM_EXCEPTION);
            return sdkResult;
        }
    }

    private static ErrorEnum getErrorEnum(ErrorBean errorBean) {
        String valueOf = String.valueOf(errorBean.getErrCode());
        ErrorEnum errorEnumByCode = ErrorEnum.getErrorEnumByCode(valueOf);
        if (null != errorEnumByCode) {
            return errorEnumByCode;
        }
        if ("10001".equals(valueOf)) {
            return ErrorEnum.CA_ILLEGAL_REQUEST_PARAMETER;
        }
        if ("10002".equals(valueOf)) {
            return ErrorEnum.CA_MISSING_REQUIRED_PARAMETERS;
        }
        logger.info("=================CA的open-api内部异常==================");
        return ErrorEnum.CA_OPEN_API_INNER_EXCEPTION;
    }

    public static SdkResult sendGMSSLHttpPostReturnString(int i, String str, byte[] bArr, byte[] bArr2, String str2, String str3, String str4, X509Certificate[] x509CertificateArr, String str5, boolean z, boolean z2) {
        GMSSLHttpsClient gMSSLHttpClient;
        String str6;
        SdkResult sdkResult = new SdkResult();
        if (z2) {
            if (i >= 32 || i <= 0) {
                sdkResult.setError(ErrorEnum.CMP_API_PARAMS_KEY_INDEX_IS_ERROR);
                return sdkResult;
            }
            if (StringUtils.isBlank(str)) {
                sdkResult.setError(ErrorEnum.CMP_API_PARAMS_KEY_PWD_IS_EMPTY);
                return sdkResult;
            }
        } else if (bArr == null) {
            sdkResult.setError(ErrorEnum.CMP_API_PARAMS_RA_PRIVATE_KEY_IS_EMPTY);
            return sdkResult;
        }
        if (StringUtils.isBlank(str4)) {
            sdkResult.setError(ErrorEnum.CMP_API_PARAMS_RA_SIGN_SN_IS_EMPTY);
            return sdkResult;
        }
        String valueOf = String.valueOf(System.currentTimeMillis());
        try {
            String buildPostReqSignData = OpenApiReqSignDataUtil.buildPostReqSignData(str4, valueOf, Base64.encode(bArr2));
            logger.debug("待签名原文 ========== " + buildPostReqSignData);
            logger.debug(" ================ RA封装消息使用的服务器证书的签名算法为：" + str5);
            String signByYunHsm = z2 ? SdkHsmUtils.signByYunHsm(str5, i, str, buildPostReqSignData) : SdkHsmUtils.signByBC(str5, bArr, buildPostReqSignData);
            if (StringUtils.isBlank(signByYunHsm)) {
                sdkResult.setError(ErrorEnum.SIGN_BY_HSM_IS_ERROR);
                return sdkResult;
            }
            if (z) {
                if (x509CertificateArr == null || x509CertificateArr.length <= 0) {
                    gMSSLHttpClient = new GMSSLHttpsClient();
                } else {
                    try {
                        gMSSLHttpClient = new GMSSLHttpsClient(x509CertificateArr);
                    } catch (GMSSLHttpException e) {
                        logger.error("GET请求 ========== 国密安全通道工具类异常{}", e);
                        sdkResult.setError(ErrorEnum.GMSSL_HTTP_CLIENT_INTER_EXCEPTION);
                        return sdkResult;
                    }
                }
                str6 = "https://" + str2;
            } else {
                gMSSLHttpClient = new GMSSLHttpClient();
                str6 = "http://" + str2;
            }
            GMSSLHttpRequest gMSSLHttpRequest = new GMSSLHttpRequest();
            gMSSLHttpRequest.setUrl(str6);
            HashMap hashMap = new HashMap();
            hashMap.put("Content-type", str3);
            hashMap.put("sn", str4);
            hashMap.put("time", valueOf);
            hashMap.put("sign", signByYunHsm);
            gMSSLHttpRequest.setHeaders(hashMap);
            gMSSLHttpRequest.setBody(Base64.encode(bArr2));
            logger.info("请求地址 ========== " + str6);
            try {
                GMSSLHttpResponse post = gMSSLHttpClient.post(gMSSLHttpRequest);
                logger.debug("========== sendGMSSLHttpPost.result>>>>" + post.getStatusCode() + " " + new String(post.getBody()));
                if (post.getStatusCode() == 200) {
                    sdkResult.setInfo(new String(post.getBody()));
                    return sdkResult;
                }
                try {
                    ErrorBean errorBean = (ErrorBean) SdkJsonUtils.json2Object(new String(post.getBody()), ErrorBean.class);
                    logger.info("POST请求========= CA的外部接口返回非200状态信息:" + post.getStatusCode() + " ====== errorCode:" + errorBean.getErrCode() + " ====== errorMsg:" + errorBean.getErrMsg());
                    sdkResult.setError(getErrorEnum(errorBean));
                    return sdkResult;
                } catch (Exception e2) {
                    logger.info("POST请求========= CA的外部接口返回非200状态码:" + post.getStatusCode());
                    logger.error(" ========== 异常信息:{}", e2);
                    sdkResult.setError(ErrorEnum.CA_OPEN_API_RETURN_EXCEPTION);
                    return sdkResult;
                }
            } catch (Exception e3) {
                logger.error("POST请求 ========== 国密安全通道工具类异常{}", e3);
                sdkResult.setError(ErrorEnum.GMSSL_HTTP_CLIENT_INTER_EXCEPTION);
                return sdkResult;
            }
        } catch (Exception e4) {
            logger.info("POST请求 ========== 获取签名值异常", e4);
            sdkResult.setError(ErrorEnum.GET_SIGN_BY_YUN_HSM_EXCEPTION);
            return sdkResult;
        }
    }

    public static SdkResult sendGMSSLHttpGetReturnString(int i, String str, byte[] bArr, Map<String, String> map, String str2, String str3, X509Certificate[] x509CertificateArr, String str4, boolean z, boolean z2) {
        GMSSLHttpsClient gMSSLHttpClient;
        String str5;
        SdkResult sdkResult = new SdkResult();
        if (z2) {
            if (i >= 32 || i <= 0) {
                sdkResult.setError(ErrorEnum.CMP_API_PARAMS_KEY_INDEX_IS_ERROR);
                return sdkResult;
            }
            if (StringUtils.isBlank(str)) {
                sdkResult.setError(ErrorEnum.CMP_API_PARAMS_KEY_PWD_IS_EMPTY);
                return sdkResult;
            }
        } else if (bArr == null) {
            sdkResult.setError(ErrorEnum.CMP_API_PARAMS_RA_PRIVATE_KEY_IS_EMPTY);
            return sdkResult;
        }
        if (StringUtils.isBlank(str3)) {
            sdkResult.setError(ErrorEnum.CMP_API_PARAMS_RA_SIGN_SN_IS_EMPTY);
            return sdkResult;
        }
        String valueOf = String.valueOf(System.currentTimeMillis());
        try {
            String[] split = str2.split("/");
            StringBuffer stringBuffer = new StringBuffer();
            for (int i2 = 1; i2 < split.length; i2++) {
                stringBuffer.append("/").append(split[i2]);
            }
            String stringBuffer2 = stringBuffer.toString();
            logger.debug("sendGMSSLHttpGetReturnByte.uri=========" + stringBuffer2);
            String buildGetReqSignData = OpenApiReqSignDataUtil.buildGetReqSignData(str3, valueOf, stringBuffer2);
            logger.debug("待签名原文 ========== " + buildGetReqSignData);
            logger.debug(" ================ RA封装消息使用的服务器证书的签名算法为：" + str4);
            String signByYunHsm = z2 ? SdkHsmUtils.signByYunHsm(str4, i, str, buildGetReqSignData) : SdkHsmUtils.signByBC(str4, bArr, buildGetReqSignData);
            if (StringUtils.isBlank(signByYunHsm)) {
                sdkResult.setError(ErrorEnum.SIGN_BY_HSM_IS_ERROR);
                return sdkResult;
            }
            if (z) {
                if (x509CertificateArr == null || x509CertificateArr.length <= 0) {
                    gMSSLHttpClient = new GMSSLHttpsClient();
                } else {
                    try {
                        gMSSLHttpClient = new GMSSLHttpsClient(x509CertificateArr);
                    } catch (GMSSLHttpException e) {
                        logger.error("GET请求 ========== 国密安全通道工具类异常{}", e);
                        sdkResult.setError(ErrorEnum.GMSSL_HTTP_CLIENT_INTER_EXCEPTION);
                        return sdkResult;
                    }
                }
                str5 = "https://" + str2;
            } else {
                gMSSLHttpClient = new GMSSLHttpClient();
                str5 = "http://" + str2;
            }
            GMSSLHttpRequest gMSSLHttpRequest = new GMSSLHttpRequest();
            gMSSLHttpRequest.setUrl(str5);
            gMSSLHttpRequest.setParams(map);
            HashMap hashMap = new HashMap();
            hashMap.put("sn", str3);
            hashMap.put("time", valueOf);
            hashMap.put("sign", signByYunHsm);
            gMSSLHttpRequest.setHeaders(hashMap);
            try {
                GMSSLHttpResponse gMSSLHttpResponse = gMSSLHttpClient.get(gMSSLHttpRequest);
                logger.debug("=============== sendGMSSLHttpGet.result>>>>" + gMSSLHttpResponse.getStatusCode() + " " + new String(gMSSLHttpResponse.getBody()));
                if (gMSSLHttpResponse.getStatusCode() == 200) {
                    sdkResult.setInfo(new String(gMSSLHttpResponse.getBody()));
                    return sdkResult;
                }
                try {
                    ErrorBean errorBean = (ErrorBean) SdkJsonUtils.json2Object(new String(gMSSLHttpResponse.getBody()), ErrorBean.class);
                    logger.info("GET请求=========CA的外部接口返回非200状态信息:" + gMSSLHttpResponse.getStatusCode() + " ====== errorCode:" + errorBean.getErrCode() + " ====== errorMsg:" + errorBean.getErrMsg());
                    sdkResult.setError(getErrorEnum(errorBean));
                    return sdkResult;
                } catch (Exception e2) {
                    logger.info("GET请求=========CA的外部接口返回非200状态码:" + gMSSLHttpResponse.getStatusCode());
                    sdkResult.setError(ErrorEnum.CA_OPEN_API_RETURN_EXCEPTION);
                    return sdkResult;
                }
            } catch (Exception e3) {
                logger.error("GET请求 ========== 国密安全通道工具类异常{}", e3);
                sdkResult.setError(ErrorEnum.GMSSL_HTTP_CLIENT_INTER_EXCEPTION);
                return sdkResult;
            }
        } catch (Exception e4) {
            logger.info("GET请求 ========== 获取签名值异常", e4);
            sdkResult.setError(ErrorEnum.GET_SIGN_BY_YUN_HSM_EXCEPTION);
            return sdkResult;
        }
    }

    public static SdkResult sendGMSSLHttpGetReturnByteInit(Map<String, String> map, String str, X509Certificate[] x509CertificateArr, boolean z) {
        GMSSLHttpsClient gMSSLHttpClient;
        String str2;
        SdkResult sdkResult = new SdkResult();
        String valueOf = String.valueOf(System.currentTimeMillis());
        if (z) {
            if (x509CertificateArr == null || x509CertificateArr.length <= 0) {
                gMSSLHttpClient = new GMSSLHttpsClient();
            } else {
                try {
                    gMSSLHttpClient = new GMSSLHttpsClient(x509CertificateArr);
                } catch (GMSSLHttpException e) {
                    logger.error("GET请求 ========== 国密安全通道工具类异常{}", e);
                    sdkResult.setError(ErrorEnum.GMSSL_HTTP_CLIENT_INTER_EXCEPTION);
                    return sdkResult;
                }
            }
            str2 = "https://" + str;
        } else {
            gMSSLHttpClient = new GMSSLHttpClient();
            str2 = "http://" + str;
        }
        GMSSLHttpRequest gMSSLHttpRequest = new GMSSLHttpRequest();
        gMSSLHttpRequest.setUrl(str2);
        gMSSLHttpRequest.setParams(map);
        HashMap hashMap = new HashMap();
        hashMap.put("sn", null);
        hashMap.put("time", valueOf);
        hashMap.put("sign", null);
        gMSSLHttpRequest.setHeaders(hashMap);
        try {
            GMSSLHttpResponse gMSSLHttpResponse = gMSSLHttpClient.get(gMSSLHttpRequest);
            logger.debug("=============== sendGMSSLHttpGet.result>>>>" + gMSSLHttpResponse.getStatusCode() + " " + new String(gMSSLHttpResponse.getBody()));
            if (gMSSLHttpResponse.getStatusCode() == 200) {
                sdkResult.setInfo(Base64.decode(gMSSLHttpResponse.getBody()));
                return sdkResult;
            }
            try {
                ErrorBean errorBean = (ErrorBean) SdkJsonUtils.json2Object(new String(gMSSLHttpResponse.getBody()), ErrorBean.class);
                logger.info("GET请求=========CA的外部接口返回非200状态信息:" + gMSSLHttpResponse.getStatusCode() + " ====== errorCode:" + errorBean.getErrCode() + " ====== errorMsg:" + errorBean.getErrMsg());
                sdkResult.setErrorBean(errorBean);
                return sdkResult;
            } catch (Exception e2) {
                logger.info("GET请求=========CA的外部接口返回非200状态码:" + gMSSLHttpResponse.getStatusCode());
                logger.info(" ========== 异常信息:{}", e2);
                sdkResult.setError(ErrorEnum.CA_OPEN_API_RETURN_EXCEPTION);
                return sdkResult;
            }
        } catch (Exception e3) {
            logger.error("GET请求 ========== 国密安全通道工具类异常{}", e3);
            sdkResult.setError(ErrorEnum.GMSSL_HTTP_CLIENT_INTER_EXCEPTION);
            return sdkResult;
        }
    }
}
