package com.xdja.pki.ca.certmanager.service.util;

import com.xdja.pki.bean.CryptoTypeEnum;
import com.xdja.pki.ca.certmanager.dao.ManagerCertDataDao;
import com.xdja.pki.ca.certmanager.dao.SubSystemDao;
import com.xdja.pki.ca.core.Constants;
import com.xdja.pki.ca.core.ca.util.gm.cert.CertUtil;
import com.xdja.pki.ca.core.enums.DeviceTypeEnum;
import com.xdja.pki.ca.securitymanager.dao.CaCertDao;
import com.xdja.pki.ca.securitymanager.service.vo.CaInfoVO;
import com.xdja.pki.gmssl.crypto.sdf.SdfCryptoType;
import com.xdja.pki.ldap.sdk.ca.LDAPCASDK;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.annotation.Resource;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/xdja/pki/ca/certmanager/service/util/LdapCASDKUtil.class */
public class LdapCASDKUtil {
    public static final String DIGESTALGORITHMNAME = "SM3";

    @Value("${ldapsdk.response.overtime}")
    public int ldapsdkOutTime;

    @Resource
    private SubSystemDao subSystemDao;

    @Resource
    private ManagerCertDataDao managerCertDataDao;

    @Resource
    private CaCertDao caCertDao;
    private List<X509Certificate> ldapSignCerts;
    private List<X509Certificate> ocspSignCerts;

    public LDAPCASDK getLdapCASDKInstance() {
        List caSubSystemCertIdsByDevType = this.subSystemDao.getCaSubSystemCertIdsByDevType(DeviceTypeEnum.OCSP.value);
        List caSubSystemCertIdsByDevType2 = this.subSystemDao.getCaSubSystemCertIdsByDevType(DeviceTypeEnum.LDAP.value);
        Map<Long, String> manageCertData = this.managerCertDataDao.getManageCertData(caSubSystemCertIdsByDevType);
        Map<Long, String> manageCertData2 = this.managerCertDataDao.getManageCertData(caSubSystemCertIdsByDevType2);
        this.ocspSignCerts = getCaSubSystemX509Certs(manageCertData);
        this.ldapSignCerts = getCaSubSystemX509Certs(manageCertData2);
        CaInfoVO caInfoVO = (CaInfoVO) Constants.CA_INFO.get(Constants.BASE_ALG_TYPE);
        List caCertsByCaId = this.caCertDao.getCaCertsByCaId(caInfoVO.getCaId());
        String str = null;
        String str2 = null;
        if (caInfoVO.isLadp() && null != caInfoVO.getLdapConfig()) {
            str = caInfoVO.getLdapConfig().getMasterURL();
        }
        if (caInfoVO.isOcsp() && null != caInfoVO.getOcspConfig()) {
            str2 = caInfoVO.getOcspConfig().getInterURL();
        }
        LDAPCASDK ldapcasdk = Constants.CRYPT_DEVICE_TYPE.equals(Constants.CRYPT_DEVICE_BC) ? new LDAPCASDK(caCertsByCaId, caInfoVO.getKeyPair(), str, str2, this.ldapSignCerts, this.ocspSignCerts) : Constants.CRYPT_DEVICE_TYPE.intValue() == Constants.CRYPT_DEVICE_XDJA_HSM.intValue() ? new LDAPCASDK(caCertsByCaId, caInfoVO.getCaPwdBean().getKeyIndex().intValue(), caInfoVO.getCaPwdBean().getPrivateKeyPin(), SdfCryptoType.YUNHSM, str, str2, this.ldapSignCerts, this.ocspSignCerts) : new LDAPCASDK(caCertsByCaId, caInfoVO.getCaPwdBean().getKeyIndex().intValue(), CryptoTypeEnum.SWXAHSM.cryptoCode, str, str2, this.ldapSignCerts, this.ocspSignCerts);
        ldapcasdk.setTime(this.ldapsdkOutTime);
        return ldapcasdk;
    }

    private List<X509Certificate> getCaSubSystemX509Certs(Map<Long, String> map) {
        ArrayList arrayList = null;
        if (map != null && !map.isEmpty()) {
            arrayList = new ArrayList();
            Iterator<Long> it = map.keySet().iterator();
            while (it.hasNext()) {
                X509Certificate certFromStr = CertUtil.getCertFromStr(map.get(it.next()));
                if (null != certFromStr) {
                    arrayList.add(certFromStr);
                }
            }
        }
        return arrayList;
    }

    public List<X509Certificate> getLdapSignCerts() {
        return this.ldapSignCerts;
    }

    public void setLdapSignCerts(List<X509Certificate> list) {
        this.ldapSignCerts = list;
    }

    public List<X509Certificate> getOcspSignCerts() {
        return this.ocspSignCerts;
    }

    public void setOcspSignCerts(List<X509Certificate> list) {
        this.ocspSignCerts = list;
    }
}
