package com.xdja.pki.ca.securitymanager.service.auth;

import com.xdja.pki.ca.auth.service.AuditSignService;
import com.xdja.pki.ca.auth.service.bean.CertInfoDTO;
import com.xdja.pki.ca.certmanager.dao.ManagerCertDao;
import com.xdja.pki.ca.certmanager.dao.ManagerCertDataDao;
import com.xdja.pki.ca.certmanager.dao.OutDateManagerCertDao;
import com.xdja.pki.ca.certmanager.dao.RevokeManagerCertDao;
import com.xdja.pki.ca.certmanager.dao.models.ManageCertDO;
import com.xdja.pki.ca.certmanager.dao.models.OutdateManageCertDO;
import com.xdja.pki.ca.certmanager.dao.models.RevokedManageCertDO;
import com.xdja.pki.ca.core.Constants;
import com.xdja.pki.ca.core.ca.util.gm.cert.CertUtil;
import com.xdja.pki.ca.core.common.ErrorEnum;
import com.xdja.pki.ca.core.enums.CertStatusEnum;
import com.xdja.pki.ca.core.exception.ServiceException;
import com.xdja.pki.ca.hsm.manager.HsmManager;
import java.security.PublicKey;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:com/xdja/pki/ca/securitymanager/service/auth/AuditSignServiceImpl.class */
public class AuditSignServiceImpl implements AuditSignService {

    @Resource
    private ManagerCertDao managerCertDao;

    @Resource
    private RevokeManagerCertDao revokeManagerCertDao;

    @Resource
    private OutDateManagerCertDao outDateManagerCertDao;

    @Resource
    private ManagerCertDataDao managerCertDataDao;

    @Resource
    private HsmManager hsmManager;

    @Value("${client.offset.time}")
    private int offsetTime;

    public int getSystemKeyAlg() {
        return Constants.BASE_ALG_TYPE.intValue();
    }

    public CertInfoDTO getCertBySn(String str, int i) {
        long longValue;
        String subject;
        int i2;
        try {
            Object managerCert = getManagerCert(str, i);
            if (null == managerCert) {
                return null;
            }
            long currentTimeMillis = System.currentTimeMillis();
            if (managerCert instanceof ManageCertDO) {
                ManageCertDO manageCertDO = (ManageCertDO) managerCert;
                longValue = manageCertDO.getId().longValue();
                subject = manageCertDO.getSubject();
                i2 = manageCertDO.getAfterTime().getTime() < currentTimeMillis ? CertStatusEnum.EXPIRE.value : manageCertDO.getStatus().intValue();
            } else if (managerCert instanceof RevokedManageCertDO) {
                RevokedManageCertDO revokedManageCertDO = (RevokedManageCertDO) managerCert;
                longValue = revokedManageCertDO.getId().longValue();
                subject = revokedManageCertDO.getSubject();
                i2 = revokedManageCertDO.getAfterTime().getTime() < currentTimeMillis ? CertStatusEnum.EXPIRE.value : CertStatusEnum.REVOKE.value;
            } else {
                OutdateManageCertDO outdateManageCertDO = (OutdateManageCertDO) managerCert;
                longValue = outdateManageCertDO.getId().longValue();
                subject = outdateManageCertDO.getSubject();
                i2 = CertStatusEnum.EXPIRE.value;
            }
            String data = this.managerCertDataDao.queryManagerCertDataById(Long.valueOf(longValue)).getData();
            CertInfoDTO certInfoDTO = new CertInfoDTO();
            certInfoDTO.setSn(str);
            certInfoDTO.setKeyAlg(i);
            certInfoDTO.setSubject(subject);
            certInfoDTO.setStatus(i2);
            certInfoDTO.setData(data);
            certInfoDTO.setPublicKey(CertUtil.getCertFromStr(data).getPublicKey());
            return certInfoDTO;
        } catch (Exception e) {
            throw new ServiceException("根据证书序列号获取证书信息失败", e);
        }
    }

    public int getOffsetTime() {
        return this.offsetTime;
    }

    public boolean verifySign(int i, int i2, PublicKey publicKey, byte[] bArr, byte[] bArr2) {
        try {
            return this.hsmManager.verifySign(i, i2, publicKey, bArr, bArr2);
        } catch (Exception e) {
            throw new ServiceException("验证签名失败", e);
        }
    }

    public byte[] getDigest(byte[] bArr) {
        try {
            return this.hsmManager.digest(bArr);
        } catch (Exception e) {
            throw new ServiceException("获取摘要失败", e);
        }
    }

    public Object getIllegalParamError(HttpServletResponse httpServletResponse) {
        return ErrorEnum.ILLEGAL_REQUEST_PARAMETER.resp(httpServletResponse);
    }

    public Object getVerifyTimeError(HttpServletResponse httpServletResponse) {
        return ErrorEnum.CLIENT_TIME_AND_SERVER_DISACCORD.resp(httpServletResponse);
    }

    public Object getContentDisaccordError(HttpServletResponse httpServletResponse) {
        return ErrorEnum.REQUEST_BODY_AND_SIGN_BODY_DISACCORD.resp(httpServletResponse);
    }

    public Object getIllegalSignAlgError(HttpServletResponse httpServletResponse) {
        return ErrorEnum.NOT_SUPPORTED_SIGN_ALG.resp(httpServletResponse);
    }

    public Object getCertNotExistError(HttpServletResponse httpServletResponse) {
        return ErrorEnum.DOWNLOAD_CERT_NOT_EXIST.resp(httpServletResponse);
    }

    public Object getCertStatusError(int i, HttpServletResponse httpServletResponse) {
        return i == CertStatusEnum.FROZEN.value ? ErrorEnum.CERT_ISSUE_STATUE_FREEZE.resp(httpServletResponse) : i == CertStatusEnum.REVOKE.value ? ErrorEnum.CERT_ISSUE_STATUE_REVOKED.resp(httpServletResponse) : ErrorEnum.CERT_ISSUE_STATUE_EXPIRED.resp(httpServletResponse);
    }

    public Object getVerifySignFailError(HttpServletResponse httpServletResponse) {
        return ErrorEnum.VERIFY_ADMIN_OPERATOR_SIGN_FAIL.resp(httpServletResponse);
    }

    public Object getServerInternalError(HttpServletResponse httpServletResponse) {
        return ErrorEnum.SERVER_INTERNAL_EXCEPTION.resp(httpServletResponse);
    }

    private Object getManagerCert(String str, int i) {
        ManageCertDO managerCertsBySn = this.managerCertDao.getManagerCertsBySn(str, i);
        if (null != managerCertsBySn) {
            return managerCertsBySn;
        }
        RevokedManageCertDO revokManagerCertsBySn = this.revokeManagerCertDao.getRevokManagerCertsBySn(str, Integer.valueOf(i));
        if (null != revokManagerCertsBySn) {
            return revokManagerCertsBySn;
        }
        OutdateManageCertDO outDateManagerCertsBySn = this.outDateManagerCertDao.getOutDateManagerCertsBySn(str, Integer.valueOf(i));
        if (null != outDateManagerCertsBySn) {
            return outDateManagerCertsBySn;
        }
        return null;
    }
}
