package cn.com.infosec.netsign.base.processors;

import cn.com.infosec.netsign.base.AbstractMessage;
import cn.com.infosec.netsign.base.AdminMessage;
import cn.com.infosec.netsign.base.ErrorInfoRes;
import cn.com.infosec.netsign.base.Processor;
import cn.com.infosec.netsign.base.channels.ServerChannel;
import cn.com.infosec.netsign.base.processors.util.MessageConvertor;
import cn.com.infosec.netsign.base.processors.util.ProcessUtil;
import cn.com.infosec.netsign.base.util.CertRevokedException;
import cn.com.infosec.netsign.base.util.CertTrustException;
import cn.com.infosec.netsign.base.util.CertValidateException;
import cn.com.infosec.netsign.base.util.NetSignImpl;
import cn.com.infosec.netsign.base.util.TrustConfig;
import cn.com.infosec.netsign.base.util.VerifyOCSPException;
import cn.com.infosec.netsign.crypto.util.CryptoUtil;
import cn.com.infosec.netsign.logger.ConsoleLogger;
import cn.com.infosec.netsign.manager.ChannelManager;
import cn.com.infosec.netsign.resources.ResourceManager;
import cn.com.infosec.netsign.resources.ResourcePool;
import cn.com.infosec.netsign.resources.rawcert.PBCRAWCert;
import cn.com.infosec.netsign.resources.rawcert.PBCRAWCertProxy;
import cn.com.infosec.netsign.resources.rawcert.PBCRAWCertResourceList;
import java.io.ByteArrayInputStream;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Map;

/* loaded from: input_file:cn/com/infosec/netsign/base/processors/AdminUploadCertProcessor.class */
public class AdminUploadCertProcessor implements Processor {
    private PBCRAWCertResourceList certList = null;

    @Override // cn.com.infosec.netsign.base.Processor
    public AbstractMessage process(AbstractMessage abstractMessage) throws ProcessorException {
        AdminMessage createAdminMessage = ProcessUtil.createAdminMessage(abstractMessage);
        HashMap hashMap = (HashMap) MessageConvertor.convertAdminMessage(abstractMessage, createAdminMessage).getContent();
        ResourcePool allResourceList = ResourceManager.getAllResourceList();
        String str = (String) hashMap.get("listname");
        PBCRAWCertProxy pBCRAWCertProxy = new PBCRAWCertProxy();
        pBCRAWCertProxy.setType(2001);
        pBCRAWCertProxy.addCondition("name", str);
        this.certList = allResourceList.getResourceList(pBCRAWCertProxy);
        if (this.certList == null) {
            createAdminMessage.setResult(ErrorInfoRes.NO_RESOURCE_LIST_FOUND);
            createAdminMessage.setErrMsg(new StringBuffer("Can not find resource list by name:").append(str).toString());
            return createAdminMessage;
        }
        byte[] bArr = (byte[]) hashMap.get("cert");
        String str2 = (String) hashMap.get("bankName");
        if (str2 == null || str2.equals("")) {
            createAdminMessage.setResult(ErrorInfoRes.NO_BANKNAME_RECEIVED);
            createAdminMessage.setErrMsg("Bank name not received");
            return createAdminMessage;
        }
        String str3 = (String) hashMap.get("inBlack");
        if (str3 == null || "".equals(str3)) {
            createAdminMessage.setResult(ErrorInfoRes.NO_INBLACK_PARAMETER_RECEIVED);
            createAdminMessage.setErrMsg("inBlack parameter not received");
            return createAdminMessage;
        }
        String str4 = (String) hashMap.get("bankID");
        if (bArr == null) {
            createAdminMessage.setResult(ErrorInfoRes.RECEIVE_RAW_CERT_FAILED);
            createAdminMessage.setErrMsg("RAW cert not received");
            return createAdminMessage;
        }
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509FX", NetSignImpl.PROVIDER_INFOSEC).generateCertificate(new ByteArrayInputStream(bArr));
            if (x509Certificate == null) {
                createAdminMessage.setResult(ErrorInfoRes.GERNERATE_CERT_FAILED);
                createAdminMessage.setErrMsg("Generate certificate failed");
                return createAdminMessage;
            }
            if (str4 != null && !str4.equals("") && x509Certificate.getSubjectDN().getName().indexOf(str4) < 0) {
                createAdminMessage.setResult(ErrorInfoRes.CERTDN_NOT_CONTAIN_BANKID);
                createAdminMessage.setErrMsg(new StringBuffer("BankID:").append(str4).append(" not contaned in the subject:").append(x509Certificate.getSubjectDN().getName()).toString());
                return createAdminMessage;
            }
            PBCRAWCert pBCRAWCert = new PBCRAWCert();
            pBCRAWCert.setCert(x509Certificate);
            pBCRAWCert.setPath(this.certList.getPath());
            pBCRAWCert.setBankName(str2);
            pBCRAWCert.setBlackList(Boolean.parseBoolean(str3));
            if (str4 != null && !str4.equals("")) {
                pBCRAWCert.setBankCode(str4);
            }
            NetSignImpl netSignImpl = new NetSignImpl();
            Map trustConfig = getTrustConfig(ChannelManager.getServerChannels(), pBCRAWCert.getIssuerDN());
            if (trustConfig != null) {
                try {
                    netSignImpl.verifyRAWCert(pBCRAWCert, trustConfig);
                    pBCRAWCertProxy.setType(3001);
                    pBCRAWCertProxy.addCondition("resource", pBCRAWCert);
                    if (this.certList.setResource(pBCRAWCertProxy)) {
                        this.certList.log(new StringBuffer("AdminUploadCertPorcessor certificate ").append(pBCRAWCert.getCertDN()).append(" saved.").toString());
                    } else {
                        this.certList.log(new StringBuffer("AdminUploadCertPorcessor certificate ").append(pBCRAWCert.getCertDN()).append(" not saved.").toString());
                    }
                } catch (CertRevokedException e) {
                    ConsoleLogger.logException(e);
                    createAdminMessage.setResult(ErrorInfoRes.CERT_REVOKED_ERROR);
                    createAdminMessage.setErrMsg(new StringBuffer("Verify RAWCert failed:").append(e.toString()).toString());
                } catch (CertTrustException e2) {
                    ConsoleLogger.logException(e2);
                    createAdminMessage.setResult(ErrorInfoRes.CERT_NOT_TRUST_ERROR);
                    createAdminMessage.setErrMsg(new StringBuffer("Verify RAWCert failed:").append(e2.toString()).toString());
                } catch (CertValidateException e3) {
                    ConsoleLogger.logException(e3);
                    createAdminMessage.setResult(ErrorInfoRes.CERT_VALIDATE_ERROR);
                    createAdminMessage.setErrMsg(new StringBuffer("Verify RAWCert failed:").append(e3.toString()).toString());
                } catch (VerifyOCSPException e4) {
                    ConsoleLogger.logException(e4);
                    createAdminMessage.setResult(ErrorInfoRes.VERIFY_OCSP_ERROR);
                    createAdminMessage.setErrMsg(new StringBuffer("Verify RAWCert failed:").append(e4.toString()).toString());
                } catch (Exception e5) {
                    ConsoleLogger.logException(e5);
                    createAdminMessage.setResult(ErrorInfoRes.UNKNOWN_ERROR_MSG);
                    createAdminMessage.setErrMsg(new StringBuffer("upload RAWCert failed:").append(e5.toString()).toString());
                }
            } else {
                createAdminMessage.setResult(ErrorInfoRes.CAN_NOT_FIND_TRUST_CERT_BY_DN);
                createAdminMessage.setErrMsg("Can not find trust cert by the dn of the cert.");
            }
            return createAdminMessage;
        } catch (Exception e6) {
            ConsoleLogger.logException(e6);
            createAdminMessage.setResult(ErrorInfoRes.GERNERATE_CERT_FAILED);
            createAdminMessage.setErrMsg(new StringBuffer("Generate certificate failed:").append(e6.toString()).toString());
            return createAdminMessage;
        }
    }

    private Map getTrustConfig(Map map, String str) {
        Map trustConfigs;
        String trimDN = CryptoUtil.trimDN(str);
        String turnDN = CryptoUtil.turnDN(trimDN);
        for (ServerChannel serverChannel : (ServerChannel[]) map.values().toArray(new ServerChannel[0])) {
            if (serverChannel.getResourcePool() != null && serverChannel.getResourcePool().get(this.certList.getName()) != null && (trustConfigs = serverChannel.getTrustConfigs()) != null) {
                TrustConfig trustConfig = (TrustConfig) trustConfigs.get(trimDN);
                if (trustConfig == null && trustConfigs.size() > 0) {
                    trustConfig = (TrustConfig) trustConfigs.get(turnDN);
                }
                if (trustConfig != null) {
                    return trustConfigs;
                }
            }
        }
        return null;
    }
}
