package com.centit.framework.jlwater.controller;

import cn.com.syan.sdfapi.DCUtil;
import com.alibaba.fastjson2.JSONObject;
import com.centit.framework.core.controller.BaseController;
import com.centit.framework.core.controller.WrapUpResponseBody;
import com.centit.framework.model.adapter.PlatformEnvironment;
import com.centit.framework.model.security.CentitUserDetails;
import com.redshield.ebl.EblHsmEx;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;

@RequestMapping({"/jlwaterca"})
@Api(value = "水务相关接口", tags = {"水务相关接口"})
@Controller
/* loaded from: input_file:com/centit/framework/jlwater/controller/JlwaterCaPlugin.class */
public class JlwaterCaPlugin extends BaseController {
    public static final String IV = "BD613820D53BCD45D8FB033EB44A63D4";
    public static final String KEY = "7380B7786502DA610DB49E0E28F6161C";
    protected static final Logger logger = LoggerFactory.getLogger(JlwaterCaPlugin.class);

    @Autowired
    private PlatformEnvironment platformEnvironment;

    @GetMapping({"/login"})
    @ApiOperation(value = "水务集团单点登陆", notes = "水务集团单点登陆")
    public String waterLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String parameter = httpServletRequest.getParameter("returnUrl");
        String header = httpServletRequest.getHeader("oam_remote_user");
        if (null == header) {
            header = httpServletRequest.getParameter("testLoginName");
        }
        String str = "";
        if (StringUtils.isBlank(header)) {
            str = "oam_remote_user" + header + "不存在！";
        } else {
            CentitUserDetails loadUserDetailsByLoginName = this.platformEnvironment.loadUserDetailsByLoginName(header);
            if (null != loadUserDetailsByLoginName) {
                SecurityContextHolder.getContext().setAuthentication(loadUserDetailsByLoginName);
            } else {
                str = "登录名" + header + "不存在！";
            }
        }
        if (StringUtils.isNotBlank(str)) {
            String str2 = "redirect:redirecterror";
            try {
                str2 = str2 + "?msg=" + URLEncoder.encode(str, "UTF-8");
            } catch (UnsupportedEncodingException e) {
                logger.error("URLEncoder异常", e);
            }
            return str2;
        }
        String id = httpServletRequest.getSession().getId();
        if (StringUtils.isNotBlank(parameter)) {
            if (parameter.contains("/A/")) {
                parameter = parameter.replace("/A/", "/#/");
            }
            parameter = parameter.contains("?") ? parameter + "&accessToken=" + id : parameter + "?accessToken=" + id;
        }
        httpServletResponse.setHeader("x-auth-token", id);
        return "redirect:" + parameter;
    }

    @GetMapping({"/sm4encrypt"})
    @WrapUpResponseBody
    @ApiOperation(value = "sm4加密", notes = "sm4加密")
    public String sm4encrypt(String str) {
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("输入数据不能为空");
        }
        EblHsmEx eblHsmEx = null;
        try {
            try {
                eblHsmEx = EblHsmEx.getHardInstance();
                String encrypt = eblHsmEx.encrypt(100, "SM4/ECB/PKCS5Padding", DCUtil.hexStr2Bytes(IV), str.getBytes(StandardCharsets.UTF_8));
                if (eblHsmEx != null) {
                    eblHsmEx.free();
                }
                return encrypt;
            } catch (Exception e) {
                logger.error("SM4加密失败: {}", str, e);
                throw new RuntimeException("加密失败", e);
            }
        } catch (Throwable th) {
            if (eblHsmEx != null) {
                eblHsmEx.free();
            }
            throw th;
        }
    }

    @GetMapping({"/sm4decrypt"})
    @WrapUpResponseBody
    @ApiOperation(value = "sm4解密", notes = "sm4解密")
    public String sm4decrypt(String str) {
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("输入数据不能为空");
        }
        EblHsmEx eblHsmEx = null;
        try {
            try {
                eblHsmEx = EblHsmEx.getHardInstance();
                String str2 = new String(eblHsmEx.decrypt(100, "SM4/ECB/PKCS5Padding", DCUtil.hexStr2Bytes(IV), str), StandardCharsets.UTF_8);
                if (eblHsmEx != null) {
                    eblHsmEx.free();
                }
                return str2;
            } catch (Exception e) {
                logger.error("SM4 解密失败: {}", e.getMessage(), e);
                throw new RuntimeException("解密失败", e);
            }
        } catch (Throwable th) {
            if (eblHsmEx != null) {
                eblHsmEx.free();
            }
            throw th;
        }
    }

    @GetMapping({"/sm3encrypt"})
    @WrapUpResponseBody
    @ApiOperation(value = "外部密钥hmac", notes = "外部密钥hmac")
    public String sm3encrypt(String str) {
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("输入数据不能为空");
        }
        EblHsmEx eblHsmEx = null;
        try {
            try {
                eblHsmEx = EblHsmEx.getHardInstance();
                String encodeToString = Base64.getEncoder().encodeToString(eblHsmEx.hmacBytes(DCUtil.hexStr2Bytes(KEY), "HmacSM3", str.getBytes(StandardCharsets.UTF_8)));
                if (eblHsmEx != null) {
                    eblHsmEx.free();
                }
                return encodeToString;
            } catch (Exception e) {
                logger.error("SM3加密失败: {}", str, e);
                throw new RuntimeException("SM3加密失败", e);
            }
        } catch (Throwable th) {
            if (eblHsmEx != null) {
                eblHsmEx.free();
            }
            throw th;
        }
    }

    @GetMapping({"/encryptAndMac"})
    @WrapUpResponseBody
    @ApiOperation(value = "数据加密处理", notes = "提供数据机密性保护的加密接口")
    public JSONObject encryptAndMac(String str) {
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("加密数据不能为空");
        }
        JSONObject jSONObject = new JSONObject();
        EblHsmEx eblHsmEx = null;
        try {
            try {
                EblHsmEx hardInstance = EblHsmEx.getHardInstance();
                byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
                String encrypt = hardInstance.encrypt(100, "SM4/ECB/PKCS5Padding", DCUtil.hexStr2Bytes(IV), bytes);
                if (encrypt == null) {
                    throw new IllegalStateException("加密失败，返回结果为空");
                }
                byte[] hmacBytes = hardInstance.hmacBytes(DCUtil.hexStr2Bytes(KEY), "HmacSM3", bytes);
                if (hmacBytes == null || hmacBytes.length == 0) {
                    throw new IllegalStateException("MAC 生成失败");
                }
                String encodeToString = Base64.getEncoder().encodeToString(hmacBytes);
                jSONObject.put("sm4ecb", encrypt);
                jSONObject.put("sm3Str", encodeToString);
                if (hardInstance != null) {
                    hardInstance.free();
                }
                return jSONObject;
            } catch (Exception e) {
                logger.error("加密过程发生异常", e);
                throw new RuntimeException("加密过程发生异常", e);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                eblHsmEx.free();
            }
            throw th;
        }
    }

    @GetMapping({"/decryptAndVerify"})
    @WrapUpResponseBody
    @ApiOperation(value = "数据解密与完整性校验", notes = "解密SM4加密数据并验证HmacSM3完整性")
    public JSONObject decryptAndVerify(String str, String str2) {
        if (str == null || str.isEmpty() || str2 == null || str2.isEmpty()) {
            throw new IllegalArgumentException("输入数据不能为空");
        }
        EblHsmEx eblHsmEx = null;
        JSONObject jSONObject = new JSONObject();
        try {
            try {
                EblHsmEx hardInstance = EblHsmEx.getHardInstance();
                byte[] decrypt = hardInstance.decrypt(100, "SM4/ECB/PKCS5Padding", DCUtil.hexStr2Bytes(IV), str);
                if (decrypt == null || decrypt.length == 0) {
                    throw new IllegalArgumentException("解密结果为空");
                }
                String encodeToString = Base64.getEncoder().encodeToString(hardInstance.hmacBytes(DCUtil.hexStr2Bytes(KEY), "HmacSM3", decrypt));
                jSONObject.put("data", new String(decrypt, StandardCharsets.UTF_8));
                jSONObject.put("isTampered", Boolean.valueOf(!encodeToString.equals(str2)));
                if (hardInstance != null) {
                    hardInstance.free();
                }
                return jSONObject;
            } catch (Exception e) {
                logger.error("解密或校验过程中发生异常", e);
                throw new RuntimeException("解密或校验过程中发生异常", e);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                eblHsmEx.free();
            }
            throw th;
        }
    }
}
