package com.supwisdom.goa.user.codec.safetydata;

import com.alibaba.fastjson.JSONObject;
import com.supwisdom.goa.system.domain.KeyStore;
import com.supwisdom.goa.system.event.RotateKeyStoreEvent;
import com.supwisdom.goa.system.repo.KeyStoreRepository;
import com.supwisdom.goa.user.codec.crypto.AES;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import org.apache.commons.codec.binary.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.event.EventListener;
import org.springframework.scheduling.annotation.Scheduled;

/* loaded from: input_file:com/supwisdom/goa/user/codec/safetydata/SafetyDataCodecAES.class */
public class SafetyDataCodecAES implements ISafetyDataCodec, InitializingBean {
    private static final String KEY_TYPE_SAFETY_DATA_CODEC_AES = "SAFETY_DATA_CODEC_AES";

    @Autowired
    private KeyStoreRepository keyStoreRepository;
    private volatile Map<String, String> mapDecodeData = new ConcurrentHashMap();
    public static final String PREFIX_AES = "AES";
    private static final Logger log = LoggerFactory.getLogger(SafetyDataCodecAES.class);
    private static KeyStore curKeyStore = null;
    private static Map<String, KeyStore> mapKeyStore = new ConcurrentHashMap();

    public void afterPropertiesSet() throws Exception {
        initKeyStore();
    }

    @EventListener
    public void handleRotateKeyEvent(RotateKeyStoreEvent rotateKeyStoreEvent) {
        if (("ALL".equals(rotateKeyStoreEvent.getKeyType()) || KEY_TYPE_SAFETY_DATA_CODEC_AES.equals(rotateKeyStoreEvent.getKeyType())) && curKeyStore != null) {
            this.keyStoreRepository.stopKey(this.keyStoreRepository.selectById(curKeyStore.getId()));
        }
    }

    @Scheduled(initialDelayString = "${safetyDataCodecAESRefresh.schedule.startDelay:30000}", fixedDelayString = "${safetyDataCodecAESRefresh.schedule.fixDelay:300000}")
    public void refresh() {
        log.info("SafetyDataCodecAES refreshKeyStore");
        initKeyStore();
    }

    private void initKeyStore() {
        log.info("SafetyDataCodecAES initKeyStore");
        KeyStore keyStore = null;
        ConcurrentHashMap concurrentHashMap = new ConcurrentHashMap();
        List<KeyStore> selectByKeyType = this.keyStoreRepository.selectByKeyType(KEY_TYPE_SAFETY_DATA_CODEC_AES);
        if (selectByKeyType != null && selectByKeyType.size() > 0) {
            log.info("SafetyDataCodecAES initKeyStore load");
            for (KeyStore keyStore2 : selectByKeyType) {
                if (keyStore2.getStatus().intValue() == 1) {
                    keyStore = keyStore2;
                }
                if (keyStore2.getStatus().intValue() == 1 || keyStore2.getStatus().intValue() == 2) {
                    concurrentHashMap.put(keyStore2.getKeyId(), keyStore2);
                }
            }
        }
        if (keyStore == null) {
            log.info("SafetyDataCodecAES initKeyStore init");
            try {
                KeyStore newKey = this.keyStoreRepository.newKey(KEY_TYPE_SAFETY_DATA_CODEC_AES, UUID.randomUUID().toString(), Base64.encodeBase64String(AES.generateKey()), "AES", "本地算法", new JSONObject().toJSONString());
                keyStore = newKey;
                concurrentHashMap.put(newKey.getKeyId(), newKey);
            } catch (Exception e) {
                log.error("SafetyDataCodecAES initKeyStore init, error, {}", e.getMessage());
            }
        }
        if (keyStore != null) {
            curKeyStore = keyStore;
            mapKeyStore = concurrentHashMap;
        }
        log.info("SafetyDataCodecAES initKeyStore finish");
    }

    @Override // com.supwisdom.goa.user.codec.safetydata.ISafetyDataCodec
    public String encode(String str) {
        return encodeByKeyStore(str, curKeyStore);
    }

    @Override // com.supwisdom.goa.user.codec.safetydata.ISafetyDataCodec
    public String decode(String str) {
        KeyStore keyStore = mapKeyStore.get(extractKeyId(str));
        return keyStore == null ? str : decodeByKeyStore(str, keyStore);
    }

    private String extractKeyId(String str) {
        String str2 = null;
        if (str.indexOf("$$") > 0) {
            str2 = str.split("\\$\\$")[1];
        }
        return str2;
    }

    private String encodeByKeyStore(String str, KeyStore keyStore) {
        try {
            return Base64.encodeBase64URLSafeString(AES.encrypt(str.toString().getBytes(), Base64.decodeBase64(keyStore.getKey()), AES.generateIV())) + "$$" + keyStore.getKeyId();
        } catch (Exception e) {
            e.printStackTrace();
            throw new RuntimeException(e);
        }
    }

    private String decodeByKeyStore(String str, KeyStore keyStore) {
        try {
            String substring = str.substring(0, str.indexOf("$$"));
            if (this.mapDecodeData.containsKey(substring)) {
                return this.mapDecodeData.get(substring);
            }
            String str2 = new String(AES.decrypt(Base64.decodeBase64(substring), Base64.decodeBase64(keyStore.getKey()), AES.generateIV()));
            this.mapDecodeData.put(substring, str2);
            return str2;
        } catch (Exception e) {
            e.printStackTrace();
            throw new RuntimeException(e);
        }
    }

    @Override // com.supwisdom.goa.user.codec.safetydata.ISafetyDataCodec
    public String prefix() {
        return "AES";
    }
}
