package cn.gtmap.landsale.admin.service.impl;

import cn.com.jsgxca.client.cert.CertificateInfo;
import cn.com.jsgxca.client.common.DigestAlgo;
import cn.com.jsgxca.client.entity.GxPCS;
import cn.com.jsgxca.client.entity.GxSVS;
import cn.com.jsgxca.client.http.SVSClient;
import cn.com.jsgxca.client.util.GxUtils;
import cn.gtmap.egovplat.core.ex.AppException;
import cn.gtmap.landsale.Constants;
import cn.gtmap.landsale.GxcaConfig;
import cn.gtmap.landsale.model.CaSignerX;
import cn.gtmap.landsale.service.CaSvsService;
import com.custle.security.common.constant.AlgorithmConstant;
import com.google.common.collect.Lists;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import net.sf.geographiclib.GeodesicMask;
import org.apache.commons.lang.StringUtils;
import org.apache.http.NameValuePair;
import org.apache.http.client.HttpClient;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.message.BasicNameValuePair;
import org.bouncycastle.util.encoders.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/classes/cn/gtmap/landsale/admin/service/impl/CaSvsServiceImpl.class */
public class CaSvsServiceImpl implements CaSvsService {
    private HttpClient httpClient;
    private String baseUrl;
    private GxcaConfig gxcaConfig;
    private static Logger logger = LoggerFactory.getLogger(CaSvsServiceImpl.class);
    private static final String VC_PATH = "vc.svr";
    private static final String VP1_PATH = "vp1.svr";
    private static final String VP7_PATH = "vp7.svr";
    private static final String DEFAULT_GREEN_PASS = "0";

    public void setBaseUrl(String str) {
        this.baseUrl = str;
    }

    public HttpClient getHttpClient() {
        return this.httpClient;
    }

    public void setHttpClient(HttpClient httpClient) {
        this.httpClient = httpClient;
    }

    public void setGxcaConfig(GxcaConfig gxcaConfig) {
        this.gxcaConfig = gxcaConfig;
    }

    @Override // cn.gtmap.landsale.service.CaSvsService
    public boolean validateCertificate(String str) throws Exception {
        ArrayList newArrayList = Lists.newArrayList();
        newArrayList.add(new BasicNameValuePair("cert", str));
        return validate(this.baseUrl + "/" + VC_PATH, newArrayList);
    }

    @Override // cn.gtmap.landsale.service.CaSvsService
    public boolean validatePKCS1Signature(String str, String str2, String str3, String str4, Constants.CaOriginalDateType caOriginalDateType) throws Exception {
        ArrayList newArrayList = Lists.newArrayList();
        newArrayList.add(new BasicNameValuePair("cert", str));
        newArrayList.add(new BasicNameValuePair("signature", str2));
        newArrayList.add(new BasicNameValuePair("algo", str4));
        newArrayList.add(new BasicNameValuePair("data", str3));
        newArrayList.add(new BasicNameValuePair("datt", String.valueOf(caOriginalDateType.ordinal())));
        return validate(this.baseUrl + "/" + VP1_PATH, newArrayList);
    }

    @Override // cn.gtmap.landsale.service.CaSvsService
    public boolean validatePKCS7Signature(String str) throws Exception {
        ArrayList newArrayList = Lists.newArrayList();
        newArrayList.add(new BasicNameValuePair("p7data", str));
        return validate(this.baseUrl + "/" + VP7_PATH, newArrayList);
    }

    private boolean validate(String str, List list) throws Exception {
        CloseableHttpResponse closeableHttpResponse = null;
        try {
            CloseableHttpClient closeableHttpClient = (CloseableHttpClient) this.httpClient;
            HttpPost httpPost = new HttpPost(str);
            list.add(new BasicNameValuePair("greenpass", "0"));
            httpPost.setEntity(new UrlEncodedFormEntity((List<? extends NameValuePair>) list, "UTF-8"));
            closeableHttpResponse = closeableHttpClient.execute((HttpUriRequest) httpPost);
            int statusCode = closeableHttpResponse.getStatusLine().getStatusCode();
            if (statusCode == 200) {
                if (closeableHttpResponse != null) {
                    closeableHttpResponse.close();
                }
                return true;
            }
            if (StringUtils.startsWith(String.valueOf(statusCode), "4")) {
                if (closeableHttpResponse != null) {
                    closeableHttpResponse.close();
                }
                return false;
            }
            if (StringUtils.startsWith(String.valueOf(statusCode), "5")) {
                throw new AppException(GeodesicMask.REDUCEDLENGTH, new Object[0]);
            }
            if (closeableHttpResponse == null) {
                return false;
            }
            closeableHttpResponse.close();
            return false;
        } catch (Throwable th) {
            if (closeableHttpResponse != null) {
                closeableHttpResponse.close();
            }
            throw th;
        }
    }

    @Override // cn.gtmap.landsale.service.CaSvsService
    public boolean caSignatureValidation(CaSignerX caSignerX, boolean z) throws Exception {
        logger.info("Start CA validation:" + caSignerX.getCertFriendlyName() + "," + caSignerX.getPkcs1() + "," + caSignerX.getSxinput());
        return "GXCA".equals(caSignerX.getSxaction()) ? validateGxcaPKCS1Signature(caSignerX, z) : validateCertificate(caSignerX.getSxcertificate());
    }

    @Override // cn.gtmap.landsale.service.CaSvsService
    public boolean validateGxcaPKCS1Signature(CaSignerX caSignerX, boolean z) {
        SVSClient sVSClient = new SVSClient(this.gxcaConfig.getHost(), this.gxcaConfig.getPort(), this.gxcaConfig.getVersion(), this.gxcaConfig.getAppKey(), this.gxcaConfig.getAppPwd());
        sVSClient.setSSL(true);
        logger.info("gxcaVerifyPKCS1 cert=" + caSignerX.getSxcertificate());
        logger.info("gxcaVerifyPKCS1 sxinput=" + caSignerX.getSxinput());
        logger.info("gxcaVerifyPKCS1 sign=" + caSignerX.getPkcs1());
        Date date = new Date();
        try {
            if (z) {
                try {
                    caSignerX.setSxinput(Base64.toBase64String(caSignerX.getSxinput().getBytes("GB2312")));
                } catch (Exception e) {
                    logger.error(e.getMessage(), (Throwable) e);
                    if (date == null) {
                        return false;
                    }
                    logger.info("Call gxcaVerifyPKCS1 gateway interface time is:" + (new Date().getTime() - date.getTime()) + "ms");
                    return false;
                }
            }
            GxSVS verifyPKCS1 = sVSClient.verifyPKCS1(caSignerX.getSxinput(), caSignerX.getPkcs1(), caSignerX.getSxcertificate());
            if (verifyPKCS1.getRespCode() == 0) {
                if (date != null) {
                    logger.info("Call gxcaVerifyPKCS1 gateway interface time is:" + (new Date().getTime() - date.getTime()) + "ms");
                }
                return true;
            }
            logger.error("login fail:" + verifyPKCS1.getRespCode());
            if (date == null) {
                return false;
            }
            logger.info("Call gxcaVerifyPKCS1 gateway interface time is:" + (new Date().getTime() - date.getTime()) + "ms");
            return false;
        } catch (Throwable th) {
            if (date != null) {
                logger.info("Call gxcaVerifyPKCS1 gateway interface time is:" + (new Date().getTime() - date.getTime()) + "ms");
            }
            throw th;
        }
    }

    @Override // cn.gtmap.landsale.service.CaSvsService
    public HashMap<String, String> gxcaPreLoginData(String str) {
        logger.info("Start get preLogin data:");
        SVSClient sVSClient = new SVSClient(this.gxcaConfig.getHost(), this.gxcaConfig.getPort(), this.gxcaConfig.getVersion(), this.gxcaConfig.getAppKey(), this.gxcaConfig.getAppPwd());
        sVSClient.setSSL(true);
        HashMap<String, String> hashMap = new HashMap<>();
        logger.info("preLogin cert=" + str);
        Date date = new Date();
        try {
            try {
                CertificateInfo certificateInfo = new CertificateInfo(str);
                String keyAlg = certificateInfo.getKeyAlg();
                String str2 = "";
                if (keyAlg.equals(AlgorithmConstant.KEY_ALG_SM2)) {
                    str2 = DigestAlgo.ALGO_SM3;
                } else if (keyAlg.equals(AlgorithmConstant.KEY_ALG_RSA)) {
                    str2 = "sha1";
                }
                GxPCS genRandom = sVSClient.genRandom(10);
                if (genRandom.getRespCode() == 0) {
                    logger.info("preLogin genRandom success:" + certificateInfo.getSubjectDN());
                    String retBase64String = genRandom.getRetBase64String();
                    GxPCS genDigest = sVSClient.genDigest(Base64.toBase64String(Base64.decode(retBase64String)), str2, str);
                    if (genDigest.getRespCode() == 0) {
                        logger.info("preLogin genDigest success:" + certificateInfo.getSubjectDN());
                        hashMap.put("retCode", "success");
                        hashMap.put("dataHash", GxUtils.bytesToHexString(Base64.decode(genDigest.getRetBase64String())));
                        hashMap.put("randomStr", retBase64String);
                    } else {
                        logger.error("The GxStatus2 error:" + (genDigest != null ? Long.valueOf(genDigest.getRespCode()) : ""));
                    }
                } else {
                    logger.error("The GxStatus1 error:" + (genRandom != null ? Long.valueOf(genRandom.getRespCode()) : ""));
                }
                if (date != null) {
                    logger.info("Call gxcaPreLoginData gateway interface time is:" + (new Date().getTime() - date.getTime()) + "ms");
                }
            } catch (Exception e) {
                logger.error(e.getMessage(), (Throwable) e);
                if (date != null) {
                    logger.info("Call gxcaPreLoginData gateway interface time is:" + (new Date().getTime() - date.getTime()) + "ms");
                }
            }
            return hashMap;
        } catch (Throwable th) {
            if (date != null) {
                logger.info("Call gxcaPreLoginData gateway interface time is:" + (new Date().getTime() - date.getTime()) + "ms");
            }
            throw th;
        }
    }
}
