package com.xdja.pki.ca.certcrl.service.impl;

import com.xdja.pki.ca.certcrl.service.util.ArlPublishUtil;
import com.xdja.pki.ca.certcrl.service.util.CrlPublishUtil;
import com.xdja.pki.ca.certmanager.dao.ArlDao;
import com.xdja.pki.ca.certmanager.dao.ArlDataDao;
import com.xdja.pki.ca.certmanager.dao.CertDao;
import com.xdja.pki.ca.certmanager.dao.CrlDao;
import com.xdja.pki.ca.certmanager.dao.CrlDataDao;
import com.xdja.pki.ca.certmanager.dao.CrlTemplateDao;
import com.xdja.pki.ca.certmanager.dao.DeltaRevokeCertDao;
import com.xdja.pki.ca.certmanager.dao.RevokeCertDao;
import com.xdja.pki.ca.certmanager.dao.TemplateDao;
import com.xdja.pki.ca.certmanager.dao.models.CrlBeanDo;
import com.xdja.pki.ca.certmanager.dao.models.CrlTemplateDO;
import com.xdja.pki.ca.certmanager.dao.models.DeltaRevokedCertDO;
import com.xdja.pki.ca.certmanager.dao.models.TemplateDO;
import com.xdja.pki.ca.certmanager.service.crltemplate.CrlTemplateService;
import com.xdja.pki.ca.certmanager.service.crltemplate.bean.CrlTemplateExtensionVO;
import com.xdja.pki.ca.certmanager.service.subsystem.SubSystemService;
import com.xdja.pki.ca.certmanager.service.template.bean.TemplateListDTO;
import com.xdja.pki.ca.certmanager.service.userca.UserCaService;
import com.xdja.pki.ca.certmanager.service.util.CrlExtensionUtil;
import com.xdja.pki.ca.core.Constants;
import com.xdja.pki.ca.core.CrlConstants;
import com.xdja.pki.ca.core.common.Result;
import com.xdja.pki.ca.core.enums.CrlPublishEnum;
import com.xdja.pki.ca.core.enums.SignAlgFormatEnum;
import com.xdja.pki.ca.core.exception.ServiceException;
import com.xdja.pki.ca.core.util.time.IssueTimeUtil;
import com.xdja.pki.ca.securitymanager.dao.CaCertDao;
import com.xdja.pki.ca.securitymanager.dao.CertSnDao;
import com.xdja.pki.ca.securitymanager.service.vo.CaInfoVO;
import com.xdja.pki.ca.securitymanager.service.vo.IssueCaBaseInfo;
import com.xdja.pki.ca.securitymanager.service.vo.SignAlgTypeEnum;
import com.xdja.pki.gmssl.x509.utils.GMSSLCRLUtils;
import com.xdja.pki.gmssl.x509.utils.GMSSLExtensionUtils;
import com.xdja.pki.gmssl.x509.utils.bean.CRLEntry;
import java.math.BigInteger;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;

@Service
/* loaded from: input_file:com/xdja/pki/ca/certcrl/service/impl/CRLServiceImpl.class */
public class CRLServiceImpl implements CrlService {
    private Logger logger = LoggerFactory.getLogger(getClass());

    @Autowired
    private DeltaRevokeCertDao deltaRevokeCertDao;

    @Autowired
    private CertSnDao certSnDao;

    @Autowired
    private RevokeCertDao revokeCertDao;

    @Autowired
    private CrlDao crlDao;

    @Autowired
    private CrlDataDao crlDataDao;

    @Autowired
    private CaCertDao caCertDao;

    @Autowired
    private ArlDao arlDao;

    @Autowired
    private ArlDataDao arlDataDao;

    @Autowired
    private SubSystemService subSystemService;

    @Autowired
    private TemplateDao templateDao;

    @Autowired
    private CertDao certDao;

    @Autowired
    CrlTemplateService crlTemplateService;

    @Autowired
    UserCaService userCaService;

    @Value("${ldapsdk.response.overtime}")
    public int ldapsdkOutTime;

    @Autowired
    CrlTemplateDao crlTemplateDao;

    public void saveDeltaCrlInfo(String str, String str2, Integer num, Integer num2, Date date, long j, String str3) {
        try {
            ArrayList arrayList = new ArrayList();
            arrayList.add(new DeltaRevokedCertDO(str, num, num2, date, j, str3));
            if (null != str2) {
                arrayList.add(new DeltaRevokedCertDO(str2, num, num2, date, j, str3));
            }
            this.deltaRevokeCertDao.saveBatch(arrayList);
        } catch (Exception e) {
            throw new ServiceException("保存增量CRL信息异常", e);
        }
    }

    public void saveDeltaCrlInfo(String str, Integer num, Integer num2, Date date, long j, String str2) {
        try {
            this.deltaRevokeCertDao.save(new DeltaRevokedCertDO(str, num, num2, date, j, str2));
        } catch (Exception e) {
            throw new ServiceException("保存增量CRL信息异常", e);
        }
    }

    private void copyList(List<CrlBeanDo> list, List<CRLEntry> list2) {
        if (CollectionUtils.isEmpty(list)) {
            return;
        }
        for (CrlBeanDo crlBeanDo : list) {
            list2.add(new CRLEntry(crlBeanDo.getUserCertificateSerial(), crlBeanDo.getRevocationDate(), crlBeanDo.getReason().intValue()));
        }
    }

    private void saveCrlData(Map<Integer, X509CRL> map, Long l, Long l2) {
        this.crlDataDao.saveCrlDatas(map, this.crlDao.saveCrls(l, l2, map));
    }

    public void doIssueCrl(Date date, Integer num, boolean z) {
    }

    private void saveDrlData(Map<Integer, X509CRL> map, Long l, Map<String, Object> map2, Long l2) {
        this.crlDataDao.saveDrlDatas(map, this.crlDao.saveDrls(l, map, map2, l2));
    }

    public void doIssueArl(Date date, Integer num) {
    }

    private void saveArlData(X509CRL x509crl, Long l) {
        this.arlDataDao.saveArlDatas(x509crl, this.arlDao.saveArls(l, x509crl));
    }

    public Date getCrlLastUpdateTime() {
        try {
            return this.crlDao.getCrlLastUpdateTime();
        } catch (Exception e) {
            throw new ServiceException("获取当前最大CRL最后更新时间异常", e);
        }
    }

    public Date getDrlLastUpdateTime() {
        try {
            return this.crlDao.getArlLastUpdateTime();
        } catch (Exception e) {
            throw new ServiceException("获取当前最大CRL最后更新时间异常", e);
        }
    }

    public Date getCrlLastNextUpdatTimeByCrlTemplateId(Long l) {
        try {
            return this.crlDao.getCrlLastNextUpdatTimeByCrlTemplateId(l);
        } catch (Exception e) {
            throw new ServiceException("获取当前模板最大CRL最后更新时间异常", e);
        }
    }

    public Date getDrlLastNextUpdatTimeByCrlTemplateId(Long l) {
        try {
            return this.crlDao.getDrlLastNextUpdatTimeByCrlTemplateId(l);
        } catch (Exception e) {
            throw new ServiceException("获取当前模板最大CRL最后更新时间异常", e);
        }
    }

    public void publishCrl(Long l, Date date) {
        IssueCaBaseInfo issueCaBaseInfo;
        this.logger.info("开始为crl模板[{}]发布crl", l);
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        CrlTemplateDO crlTemplateById = this.crlTemplateDao.getCrlTemplateById(l);
        if (crlTemplateById == null) {
            this.logger.error("crl模板id未找到对应记录{}", l);
            return;
        }
        CaInfoVO caInfoVO = (CaInfoVO) Constants.CA_INFO.get(Constants.ADMIN_CA_ID);
        try {
            try {
                Long caId = crlTemplateById.getCaId();
                if (Constants.CA_INFO.get(caId) == null) {
                    Result issueUserCaBaseInfoByCaId = this.userCaService.getIssueUserCaBaseInfoByCaId(caId);
                    if (!issueUserCaBaseInfoByCaId.isSuccess()) {
                        this.logger.error("加载本地用户CA信息失败{}", issueUserCaBaseInfoByCaId.getError().getDesc());
                        CrlConstants.CRL_THREAD_NEXT_UPDATE_TIME.put("crl" + l, null);
                        return;
                    } else {
                        issueCaBaseInfo = (IssueCaBaseInfo) issueUserCaBaseInfoByCaId.getInfo();
                        Constants.CA_INFO.put(caId, issueCaBaseInfo);
                    }
                } else {
                    issueCaBaseInfo = (IssueCaBaseInfo) Constants.CA_INFO.get(caId);
                }
                List<X509Certificate> caCertsByCaId = this.caCertDao.getCaCertsByCaId(caInfoVO.getCaId());
                Result crlTemplateById2 = this.crlTemplateService.getCrlTemplateById(l);
                if (null == crlTemplateById2) {
                    this.logger.error("获取crl模板详情失败");
                    throw new ServiceException("获取crl模板详情结果为空");
                }
                if (!crlTemplateById2.isSuccess()) {
                    this.logger.error("获取crl模板详情失败,原因为：{}", crlTemplateById2.getError().getDesc());
                    throw new ServiceException("无效的crl模板id:" + l);
                }
                CrlTemplateExtensionVO crlTemplateExtensionVO = (CrlTemplateExtensionVO) crlTemplateById2.getInfo();
                if (date == null) {
                    this.logger.warn("crl模板[{}]上一次发布crl失败,重新纠正时间", l);
                    date = new Date();
                }
                Date nextUpdateDate = IssueTimeUtil.getNextUpdateDate(date, crlTemplateExtensionVO.getCrlConfig().getCrlPeriod());
                Long crlMaxCertNumber = crlTemplateExtensionVO.getCrlConfig().getCrlMaxCertNumber();
                Long valueOf = 0 == l.longValue() ? Long.valueOf((this.certDao.getMaxSnByTemplateId(l).longValue() - 268435456) / crlMaxCertNumber.longValue()) : Long.valueOf(this.crlTemplateService.getCertCountByCache(l).intValue() / crlMaxCertNumber.longValue());
                for (int i = 0; i <= valueOf.longValue(); i++) {
                    List<CrlBeanDo> queryCrlCertList = this.revokeCertDao.queryCrlCertList(date, l, Integer.valueOf(i), issueCaBaseInfo.getId());
                    ArrayList arrayList = new ArrayList();
                    copyList(queryCrlCertList, arrayList);
                    hashMap.put(Integer.valueOf(i), arrayList);
                    if (0 == l.longValue()) {
                        TemplateDO templateDO = new TemplateDO();
                        templateDO.setCrlTempId(l);
                        templateDO.setKeyAlg(issueCaBaseInfo.getPublicKeyAlg());
                        templateDO.setOpenCrl(true);
                        List list = (List) this.templateDao.queryTemplates(templateDO, 1, Integer.MAX_VALUE).getDatas();
                        if (!CollectionUtils.isEmpty(list)) {
                            Iterator it = list.iterator();
                            while (it.hasNext()) {
                                Integer valueOf2 = Integer.valueOf((((TemplateListDTO) it.next()).getId().intValue() * CrlConstants.TRANSLATION_17.intValue()) + i);
                                List<CrlBeanDo> queryCrlCertList2 = this.revokeCertDao.queryCrlCertList(date, l, valueOf2, caId);
                                ArrayList arrayList2 = new ArrayList();
                                copyList(queryCrlCertList2, arrayList2);
                                hashMap.put(valueOf2, arrayList2);
                            }
                        }
                    }
                }
                if (CollectionUtils.isEmpty(hashMap)) {
                    CrlConstants.CRL_THREAD_NEXT_UPDATE_TIME.put("crl" + l, nextUpdateDate);
                    return;
                }
                List crlExtension = crlTemplateExtensionVO.getCrlExtension();
                for (Integer num : hashMap.keySet()) {
                    List changeExtensionFormat = CrlExtensionUtil.changeExtensionFormat(crlExtension, Integer.valueOf(this.certSnDao.getCrlMaxSn(new Date()).intValue()), 0, this.crlTemplateService.getCrl(caInfoVO, issueCaBaseInfo.getSubject(), l, num.intValue(), 5, crlTemplateExtensionVO.getCrlConfig().getQueryType().intValue()), this.crlTemplateService.getDrl(caInfoVO, issueCaBaseInfo.getSubject(), l, num.intValue(), 5, crlTemplateExtensionVO.getCrlConfig().getQueryType().intValue()), caId, false, false);
                    List list2 = (List) hashMap.get(num);
                    hashMap2.put(num, Constants.CRYPT_DEVICE_TYPE.equals(Constants.CRYPT_DEVICE_BC) ? GMSSLCRLUtils.generateCRLByBC(issueCaBaseInfo.getCert(), issueCaBaseInfo.getPrivateKey(), SignAlgTypeEnum.getAlgName(issueCaBaseInfo.getSignAlg().intValue()), (BigInteger) null, date, nextUpdateDate, changeExtensionFormat, list2, SignAlgFormatEnum.isBlankSpaceFormat(Constants.SIGN_ALG_FORMAT_FLAG)) : GMSSLCRLUtils.generateCRLByYunhsm(issueCaBaseInfo.getCert(), issueCaBaseInfo.getKeyIndex().intValue(), issueCaBaseInfo.getKeyPwd(), SignAlgTypeEnum.getAlgName(issueCaBaseInfo.getSignAlg().intValue()), (BigInteger) null, date, nextUpdateDate, changeExtensionFormat, list2, SignAlgFormatEnum.isBlankSpaceFormat(Constants.SIGN_ALG_FORMAT_FLAG)));
                }
                this.logger.debug("CRL模板[{}]发布crl时的签发CA信息issueCaBaseInfo:{} ", issueCaBaseInfo.toString());
                if (!CollectionUtils.isEmpty(hashMap2)) {
                    saveCrlData(hashMap2, issueCaBaseInfo.getId(), l);
                    if (crlTemplateExtensionVO.getCrlConfig().getDrlPeriod() != null && crlTemplateExtensionVO.getCrlConfig().getDrlPeriod().intValue() > 0) {
                        this.deltaRevokeCertDao.deleteBatch(hashMap2);
                    }
                    CrlPublishUtil crlPublishUtil = new CrlPublishUtil();
                    if (CrlPublishEnum.isHttpCRL(crlTemplateExtensionVO.getCrlConfig().getQueryType())) {
                        crlPublishUtil.httpPublishCrl(caInfoVO, hashMap2, false, l);
                    } else if (CrlPublishEnum.isLDAPCRL(crlTemplateExtensionVO.getCrlConfig().getQueryType())) {
                        crlPublishUtil.ldapPublishCrl(caInfoVO, hashMap2, this.subSystemService.getAllLdapServerCerts(), caCertsByCaId, this.ldapsdkOutTime, l);
                    } else if (CrlPublishEnum.isLdapAndHttp(crlTemplateExtensionVO.getCrlConfig().getQueryType())) {
                        crlPublishUtil.httpPublishCrl(caInfoVO, hashMap2, false, l);
                        crlPublishUtil.ldapPublishCrl(caInfoVO, hashMap2, this.subSystemService.getAllLdapServerCerts(), caCertsByCaId, this.ldapsdkOutTime, l);
                    } else {
                        this.logger.info("crl模板发布类型不支持:{}", crlTemplateExtensionVO.getCrlConfig().getQueryType());
                    }
                }
                CrlConstants.CRL_THREAD_NEXT_UPDATE_TIME.put("crl" + l, nextUpdateDate);
            } catch (Exception e) {
                this.logger.error(e.getMessage(), e);
                throw new ServiceException("签发crl失败", e);
            }
        } catch (Throwable th) {
            CrlConstants.CRL_THREAD_NEXT_UPDATE_TIME.put("crl" + l, null);
            throw th;
        }
    }

    public void publishDrl(Long l, Date date) {
        IssueCaBaseInfo issueCaBaseInfo;
        this.logger.info("开始为crl模板[{}]发布drl", l);
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        CrlTemplateDO crlTemplateById = this.crlTemplateDao.getCrlTemplateById(l);
        if (crlTemplateById == null) {
            this.logger.error("crl模板id未找到对应记录{}", l);
            return;
        }
        CaInfoVO caInfoVO = (CaInfoVO) Constants.CA_INFO.get(Constants.ADMIN_CA_ID);
        try {
            try {
                Long caId = crlTemplateById.getCaId();
                if (Constants.CA_INFO.get(caId) == null) {
                    Result issueUserCaBaseInfoByCaId = this.userCaService.getIssueUserCaBaseInfoByCaId(caId);
                    if (!issueUserCaBaseInfoByCaId.isSuccess()) {
                        this.logger.error("加载本地用户CA信息失败{}", issueUserCaBaseInfoByCaId.getError().getDesc());
                        CrlConstants.CRL_THREAD_NEXT_UPDATE_TIME.put("drl" + l, null);
                        return;
                    } else {
                        issueCaBaseInfo = (IssueCaBaseInfo) issueUserCaBaseInfoByCaId.getInfo();
                        Constants.CA_INFO.put(caId, issueCaBaseInfo);
                    }
                } else {
                    issueCaBaseInfo = (IssueCaBaseInfo) Constants.CA_INFO.get(caId);
                }
                Map<String, Object> lastCrlId = this.crlDao.getLastCrlId(l);
                List<X509Certificate> caCertsByCaId = this.caCertDao.getCaCertsByCaId(caInfoVO.getCaId());
                Result crlTemplateById2 = this.crlTemplateService.getCrlTemplateById(l);
                if (null == crlTemplateById2) {
                    this.logger.error("获取crl模板详情失败");
                    throw new ServiceException("获取crl模板详情结果为空");
                }
                if (!crlTemplateById2.isSuccess()) {
                    this.logger.error("获取crl模板详情失败,原因为：{}", crlTemplateById2.getError().getDesc());
                    throw new ServiceException("无效的crl模板id:" + l);
                }
                CrlTemplateExtensionVO crlTemplateExtensionVO = (CrlTemplateExtensionVO) crlTemplateById2.getInfo();
                if (date == null) {
                    this.logger.warn("crl模板[{}]上一次发布drl失败,重新纠正时间", l);
                    date = new Date();
                }
                Date nextUpdateDate = IssueTimeUtil.getNextUpdateDate(date, crlTemplateExtensionVO.getCrlConfig().getDrlPeriod());
                Long crlMaxCertNumber = crlTemplateExtensionVO.getCrlConfig().getCrlMaxCertNumber();
                Long valueOf = 0 == l.longValue() ? Long.valueOf((this.certDao.getMaxSnByTemplateId(l).longValue() - 268435456) / crlMaxCertNumber.longValue()) : Long.valueOf(this.crlTemplateService.getCertCountByCache(l).intValue() / crlMaxCertNumber.longValue());
                for (int i = 0; i <= valueOf.longValue(); i++) {
                    List<CrlBeanDo> queryDrlCertList = this.deltaRevokeCertDao.queryDrlCertList(date, l, i, issueCaBaseInfo.getId());
                    ArrayList arrayList = new ArrayList();
                    copyList(queryDrlCertList, arrayList);
                    hashMap.put(Integer.valueOf(i), arrayList);
                    if (0 == l.longValue()) {
                        TemplateDO templateDO = new TemplateDO();
                        templateDO.setCrlTempId(l);
                        templateDO.setOpenCrl(true);
                        List list = (List) this.templateDao.queryTemplates(templateDO, 1, Integer.MAX_VALUE).getDatas();
                        if (!CollectionUtils.isEmpty(list)) {
                            Iterator it = list.iterator();
                            while (it.hasNext()) {
                                Integer valueOf2 = Integer.valueOf((((TemplateListDTO) it.next()).getId().intValue() * CrlConstants.TRANSLATION_17.intValue()) + i);
                                List<CrlBeanDo> queryDrlCertList2 = this.deltaRevokeCertDao.queryDrlCertList(date, l, valueOf2.intValue(), caId);
                                ArrayList arrayList2 = new ArrayList();
                                copyList(queryDrlCertList2, arrayList2);
                                hashMap.put(valueOf2, arrayList2);
                            }
                        }
                    }
                }
                if (CollectionUtils.isEmpty(hashMap)) {
                    this.logger.debug("模板[{}]没有需生成drl的信息", l);
                    CrlConstants.CRL_THREAD_NEXT_UPDATE_TIME.put("drl" + l, nextUpdateDate);
                    return;
                }
                List crlExtension = crlTemplateExtensionVO.getCrlExtension();
                for (Integer num : hashMap.keySet()) {
                    BigInteger crlMaxSn = this.certSnDao.getCrlMaxSn(new Date());
                    String crl = this.crlTemplateService.getCrl(caInfoVO, issueCaBaseInfo.getSubject(), l, num.intValue(), 5, crlTemplateExtensionVO.getCrlConfig().getQueryType().intValue());
                    String drl = this.crlTemplateService.getDrl(caInfoVO, issueCaBaseInfo.getSubject(), l, num.intValue(), 5, crlTemplateExtensionVO.getCrlConfig().getQueryType().intValue());
                    String lastCrlSn = this.crlDao.getLastCrlSn(l.longValue() == 0 ? "" : l + "crl" + num + ".crl");
                    this.logger.debug("获取到最新baseSn：{}", lastCrlSn);
                    List changeExtensionFormat = CrlExtensionUtil.changeExtensionFormat(crlExtension, Integer.valueOf(crlMaxSn.intValue()), StringUtils.isBlank(lastCrlSn) ? 0 : Integer.valueOf(Integer.parseInt(lastCrlSn, 16)), crl, drl, caId, false, true);
                    List list2 = (List) hashMap.get(num);
                    hashMap2.put(num, Constants.CRYPT_DEVICE_TYPE.equals(Constants.CRYPT_DEVICE_BC) ? GMSSLCRLUtils.generateCRLByBC(issueCaBaseInfo.getCert(), issueCaBaseInfo.getPrivateKey(), SignAlgTypeEnum.getAlgName(issueCaBaseInfo.getSignAlg().intValue()), (BigInteger) null, date, nextUpdateDate, changeExtensionFormat, list2, SignAlgFormatEnum.isBlankSpaceFormat(Constants.SIGN_ALG_FORMAT_FLAG)) : GMSSLCRLUtils.generateCRLByYunhsm(issueCaBaseInfo.getCert(), issueCaBaseInfo.getKeyIndex().intValue(), issueCaBaseInfo.getKeyPwd(), SignAlgTypeEnum.getAlgName(issueCaBaseInfo.getSignAlg().intValue()), (BigInteger) null, date, nextUpdateDate, changeExtensionFormat, list2, SignAlgFormatEnum.isBlankSpaceFormat(Constants.SIGN_ALG_FORMAT_FLAG)));
                }
                this.logger.debug("CRL模板[{}]发布drl时的签发CA信息issueCaBaseInfo:{} ", issueCaBaseInfo.toString());
                if (!CollectionUtils.isEmpty(hashMap2)) {
                    saveDrlData(hashMap2, issueCaBaseInfo.getId(), lastCrlId, l);
                    CrlPublishUtil crlPublishUtil = new CrlPublishUtil();
                    if (CrlPublishEnum.isHttpCRL(crlTemplateExtensionVO.getCrlConfig().getQueryType())) {
                        crlPublishUtil.httpPublishCrl(caInfoVO, hashMap2, true, l);
                    } else if (CrlPublishEnum.isLDAPCRL(crlTemplateExtensionVO.getCrlConfig().getQueryType())) {
                        crlPublishUtil.ldapPublishCrl(caInfoVO, hashMap2, this.subSystemService.getAllLdapServerCerts(), caCertsByCaId, this.ldapsdkOutTime, l);
                    } else if (CrlPublishEnum.isLdapAndHttp(crlTemplateExtensionVO.getCrlConfig().getQueryType())) {
                        crlPublishUtil.httpPublishCrl(caInfoVO, hashMap2, true, l);
                        crlPublishUtil.ldapPublishCrl(caInfoVO, hashMap2, this.subSystemService.getAllLdapServerCerts(), caCertsByCaId, this.ldapsdkOutTime, l);
                    } else {
                        this.logger.info("crl模板发布类型不支持:{}", crlTemplateExtensionVO.getCrlConfig().getQueryType());
                    }
                }
                CrlConstants.CRL_THREAD_NEXT_UPDATE_TIME.put("drl" + l, nextUpdateDate);
            } catch (Exception e) {
                this.logger.error(e.getMessage(), e);
                throw new ServiceException("签发drl失败", e);
            }
        } catch (Throwable th) {
            CrlConstants.CRL_THREAD_NEXT_UPDATE_TIME.put("drl" + l, null);
            throw th;
        }
    }

    public void publishArl(Long l, Date date) {
        IssueCaBaseInfo issueCaBaseInfo;
        this.logger.info("开始为crl模板[{}]发布arl", l);
        CrlTemplateDO crlTemplateById = this.crlTemplateDao.getCrlTemplateById(l);
        if (crlTemplateById == null) {
            this.logger.error("crl模板id未找到对应记录{}", l);
            return;
        }
        CaInfoVO caInfoVO = (CaInfoVO) Constants.CA_INFO.get(Constants.ADMIN_CA_ID);
        Long caId = crlTemplateById.getCaId();
        if (Constants.CA_INFO.get(caId) == null) {
            Result issueUserCaBaseInfoByCaId = this.userCaService.getIssueUserCaBaseInfoByCaId(caId);
            if (!issueUserCaBaseInfoByCaId.isSuccess()) {
                this.logger.error("加载本地用户CA信息失败{}", issueUserCaBaseInfoByCaId.getError().getDesc());
                return;
            } else {
                issueCaBaseInfo = (IssueCaBaseInfo) issueUserCaBaseInfoByCaId.getInfo();
                Constants.CA_INFO.put(caId, issueCaBaseInfo);
            }
        } else {
            issueCaBaseInfo = (IssueCaBaseInfo) Constants.CA_INFO.get(caId);
        }
        List<X509Certificate> caCertsByCaId = this.caCertDao.getCaCertsByCaId(caInfoVO.getCaId());
        ArrayList arrayList = new ArrayList();
        try {
            try {
                Result crlTemplateById2 = this.crlTemplateService.getCrlTemplateById(l);
                if (null == crlTemplateById2) {
                    this.logger.error("获取crl模板详情失败");
                    throw new ServiceException("获取crl模板详情结果为空");
                }
                if (!crlTemplateById2.isSuccess()) {
                    this.logger.error("获取crl模板详情失败,原因为：{}", crlTemplateById2.getError().getDesc());
                    throw new ServiceException("无效的crl模板id:" + l);
                }
                CrlTemplateExtensionVO crlTemplateExtensionVO = (CrlTemplateExtensionVO) crlTemplateById2.getInfo();
                Date nextUpdateDate = IssueTimeUtil.getNextUpdateDate(date, crlTemplateExtensionVO.getCrlConfig().getCrlPeriod());
                String crl = this.crlTemplateService.getCrl(caInfoVO, issueCaBaseInfo.getSubject(), l, 0, 2, crlTemplateExtensionVO.getCrlConfig().getQueryType() == null ? 0 : crlTemplateExtensionVO.getCrlConfig().getQueryType().intValue());
                if (StringUtils.isNotBlank(crl)) {
                    arrayList.add(GMSSLExtensionUtils.genARLExtension(crl));
                }
                List<CrlBeanDo> snsForArl = this.revokeCertDao.getSnsForArl(issueCaBaseInfo.getId(), date, l);
                ArrayList arrayList2 = new ArrayList();
                copyList(snsForArl, arrayList2);
                BigInteger crlMaxSn = this.certSnDao.getCrlMaxSn(new Date());
                X509CRL generateCRLByBC = Constants.CRYPT_DEVICE_TYPE.equals(Constants.CRYPT_DEVICE_BC) ? GMSSLCRLUtils.generateCRLByBC(issueCaBaseInfo.getCert(), issueCaBaseInfo.getPrivateKey(), SignAlgTypeEnum.getAlgName(issueCaBaseInfo.getSignAlg().intValue()), crlMaxSn, date, nextUpdateDate, arrayList, arrayList2, SignAlgFormatEnum.isBlankSpaceFormat(Constants.SIGN_ALG_FORMAT_FLAG)) : GMSSLCRLUtils.generateCRLByYunhsm(issueCaBaseInfo.getCert(), issueCaBaseInfo.getKeyIndex().intValue(), issueCaBaseInfo.getKeyPwd(), SignAlgTypeEnum.getAlgName(issueCaBaseInfo.getSignAlg().intValue()), crlMaxSn, date, nextUpdateDate, arrayList, arrayList2, SignAlgFormatEnum.isBlankSpaceFormat(Constants.SIGN_ALG_FORMAT_FLAG));
                saveArlData(generateCRLByBC, issueCaBaseInfo.getId());
                ArlPublishUtil arlPublishUtil = new ArlPublishUtil();
                if (CrlPublishEnum.isHttpCRL(crlTemplateExtensionVO.getCrlConfig().getQueryType())) {
                    arlPublishUtil.httpPublishCrl(caInfoVO, generateCRLByBC, l);
                } else if (CrlPublishEnum.isLDAPCRL(crlTemplateExtensionVO.getCrlConfig().getQueryType())) {
                    arlPublishUtil.ldapPublishArl(caInfoVO, generateCRLByBC, this.subSystemService.getAllLdapServerCerts(), caCertsByCaId, this.ldapsdkOutTime, l);
                } else if (CrlPublishEnum.isLdapAndHttp(crlTemplateExtensionVO.getCrlConfig().getQueryType())) {
                    arlPublishUtil.httpPublishCrl(caInfoVO, generateCRLByBC, l);
                    arlPublishUtil.ldapPublishArl(caInfoVO, generateCRLByBC, this.subSystemService.getAllLdapServerCerts(), caCertsByCaId, this.ldapsdkOutTime, l);
                } else {
                    this.logger.info("crl模板发布类型不支持:{}", crlTemplateExtensionVO.getCrlConfig().getQueryType());
                }
                CrlConstants.CRL_THREAD_NEXT_UPDATE_TIME.put("arl" + l, nextUpdateDate);
            } catch (Exception e) {
                this.logger.error(e.getMessage(), e);
                throw new ServiceException("签发arl失败", e);
            }
        } catch (Throwable th) {
            CrlConstants.CRL_THREAD_NEXT_UPDATE_TIME.put("arl" + l, null);
            throw th;
        }
    }
}
