package kd.ebg.aqap.banks.icbcasia.dc.utils;

import com.icbc.api.DefaultIcbcClient;
import com.icbc.api.internal.util.codec.Base64;
import kd.bos.dataentity.resource.ResManager;
import kd.ebg.aqap.common.model.CertInfo;
import kd.ebg.aqap.common.model.repository.UserCertRepository;
import kd.ebg.aqap.common.utils.SpringContextUtil;
import kd.ebg.egf.common.context.RequestContextUtils;
import kd.ebg.egf.common.exception.EBExceiptionUtil;
import kd.ebg.egf.common.framework.conf.IParameter;
import kd.ebg.egf.common.framework.security.manage.AESCipherSecurity;
import kd.ebg.egf.common.framework.security.manage.CipherInfo;
import kd.ebg.egf.common.log.EBGLogger;
import kd.ebg.egf.common.utils.DesUtil;
import kd.ebg.egf.common.utils.string.StringUtils;

/* loaded from: input_file:kd/ebg/aqap/banks/icbcasia/dc/utils/RequestUtil.class */
public class RequestUtil {
    private static final EBGLogger logger = EBGLogger.getInstance().getLogger(RequestUtil.class);

    public static DefaultIcbcClient createClient2(String str) throws Exception {
        IParameter parameter = RequestContextUtils.getParameter();
        String bankParameter = parameter.getBankParameter("appId");
        String bankParameter2 = parameter.getBankParameter("private_key");
        String bankParameter3 = parameter.getBankParameter("public_key");
        if (StringUtils.isEmpty(bankParameter) || StringUtils.isEmpty(bankParameter2) || StringUtils.isEmpty(bankParameter3)) {
            throw EBExceiptionUtil.serviceException(ResManager.loadKDString("普通公钥方式实例化客户端异常", "RequestUtil_4", "ebg-aqap-banks-icbcasia-dc", new Object[0]));
        }
        return new DefaultIcbcClient(bankParameter, bankParameter2, bankParameter3);
    }

    public static DefaultIcbcClient createClient(String str) {
        DefaultIcbcClient defaultIcbcClient;
        IParameter parameter = RequestContextUtils.getParameter();
        String bankParameter = parameter.getBankParameter("appId");
        String key = getKey(getCA("public_key"));
        String bankParameter2 = parameter.getBankParameter("signType");
        if (bankParameter2.equals(Constants.SIGN_TYPE_CA)) {
            logger.info("签名类型为ca:" + bankParameter2);
            String bankParameter3 = parameter.getBankParameter("capassword");
            try {
                String key2 = getKey(Base64.encodeBase64(getCA("caprivatestr")));
                String key3 = getKey(Base64.encodeBase64(getCA("capublicstr")));
                checkData(bankParameter2, "signType-0, appId-1, publicKey-2, caPrivateStr-3, caPublicStr-4,caPassword-5", bankParameter, key, key2, key3, bankParameter3);
                defaultIcbcClient = new DefaultIcbcClient(bankParameter, key2, key, key3, bankParameter3);
            } catch (Exception e) {
                throw EBExceiptionUtil.serviceException(e);
            }
        } else {
            checkData(bankParameter2, "signType-0, appId-1, PrivateKey-2", bankParameter, key, parameter.getBankParameter("private_key"));
            logger.info("签名类型为:" + bankParameter2);
            defaultIcbcClient = new DefaultIcbcClient(bankParameter, bankParameter2, getKey(getCA("private_key")), key);
        }
        return defaultIcbcClient;
    }

    public static byte[] getCA(String str) {
        CertInfo findBankLoginCertByBankLoginIDAndBankConfigIDAndCustomID = ((UserCertRepository) SpringContextUtil.getBean(UserCertRepository.class)).findBankLoginCertByBankLoginIDAndBankConfigIDAndCustomID(str, RequestContextUtils.getRequestContext().getBankLoginID(), RequestContextUtils.getCustomId());
        if (findBankLoginCertByBankLoginIDAndBankConfigIDAndCustomID == null) {
            throw EBExceiptionUtil.serviceException(ResManager.loadKDString("获取证书、秘钥失败，请先配置证书与秘钥。", "RequestUtil_1", "ebg-aqap-banks-icbcasia-dc", new Object[0]));
        }
        CipherInfo cipherInfo = getCipherInfo(findBankLoginCertByBankLoginIDAndBankConfigIDAndCustomID.getFileContent());
        return DesUtil.decryptProxyCert(cipherInfo.getFileBytes(), findBankLoginCertByBankLoginIDAndBankConfigIDAndCustomID.getCustomID(), cipherInfo.getCipherVersion(), findBankLoginCertByBankLoginIDAndBankConfigIDAndCustomID.getCertID());
    }

    private static CipherInfo getCipherInfo(String str) {
        CipherInfo cipherInfo = ((AESCipherSecurity) SpringContextUtil.getBean(AESCipherSecurity.class)).getCipherInfo(str);
        if (cipherInfo.getCipherVersion() == 0) {
            cipherInfo.setFileBytes(java.util.Base64.getDecoder().decode(cipherInfo.getCipherData()));
        } else {
            cipherInfo.setFileBytes(org.apache.commons.codec.binary.Base64.decodeBase64(cipherInfo.getCipherData()));
        }
        return cipherInfo;
    }

    private static String getKey(byte[] bArr) {
        return StringUtils.byteToString(bArr);
    }

    private static void checkData(String str, String str2, String... strArr) {
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < strArr.length; i++) {
            if (StringUtils.isEmpty(strArr[i])) {
                sb.append(i).append(",");
            }
        }
        if (!StringUtils.isEmpty(sb.toString())) {
            throw EBExceiptionUtil.serviceException(sb.insert(0, ResManager.loadKDString("中不能为空的是:", "RequestUtil_2", "ebg-aqap-banks-icbcasia-dc", new Object[0])).insert(0, str2).insert(0, ResManager.loadKDString("实例化客户端异常", "RequestUtil_3", "ebg-aqap-banks-icbcasia-dc", new Object[0])).toString());
        }
    }
}
