package com.seeyon.ctp.security;

import com.seeyon.ctp.common.AppContext;
import com.seeyon.ctp.common.config.IConfigPublicKey;
import com.seeyon.ctp.common.constants.Plugins;
import com.seeyon.ctp.common.ctpenumnew.CtpEnumUtil;
import com.seeyon.ctp.common.encrypt.CoderException;
import com.seeyon.ctp.common.i18n.ResourceUtil;
import com.seeyon.ctp.common.log.CtpLogFactory;
import com.seeyon.ctp.common.security.SecurityHelper;
import com.seeyon.ctp.security.algorithm.AbstractEncryptCoder;
import com.seeyon.ctp.security.driver.EncryptMachineDriver;
import com.seeyon.ctp.security.vo.DataEncryptVO;
import com.seeyon.ctp.security.vo.EncryptActionVO;
import com.seeyon.ctp.security.vo.EncryptModuleVO;
import com.seeyon.ctp.security.vo.MachineConnectVO;
import com.seeyon.ctp.util.Strings;
import com.seeyon.ctp.util.json.JSONUtil;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Base64;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.logging.Log;

/* loaded from: input_file:com/seeyon/ctp/security/EncryptCoderFactory.class */
public class EncryptCoderFactory {
    private static final Log LOGGER = CtpLogFactory.getLog(EncryptCoderFactory.class);
    private static EncryptMachineDriver MACHINE_DRIVER;
    private static EncryptCoderFactory instance;

    private EncryptCoderFactory() {
    }

    public static EncryptCoderFactory getInstance() {
        if (Objects.isNull(instance)) {
            instance = new EncryptCoderFactory();
        }
        return instance;
    }

    public EncryptCoder getByCipher(byte[] bArr) throws CoderException {
        return getCipherEncryptCoder(bArr, EncryptAlgorithmEnum.EMPTY_CODER.getEncryptCoder());
    }

    public EncryptCoder getByCipher(String str) throws CoderException {
        return getCipherEncryptCoder(str, EncryptAlgorithmEnum.EMPTY_CODER.getEncryptCoder());
    }

    public EncryptCoder getByEncryptActionEnum(EncryptActionEnum encryptActionEnum) throws CoderException {
        DataEncryptVO dataEncryptConfig = getDataEncryptConfig();
        List<EncryptModuleVO> encryptModules = dataEncryptConfig.getEncryptModules();
        if (Objects.isNull(encryptActionEnum) || Objects.isNull(encryptModules)) {
            return EncryptAlgorithmEnum.EMPTY_CODER.getEncryptCoder();
        }
        String config = getConfig(encryptModules, encryptActionEnum);
        if (Objects.equals(encryptActionEnum, EncryptActionEnum.ENCRYPT_ATTACHMENT) && Objects.equals(IConfigPublicKey.MIDDLE, config)) {
            return EncryptAlgorithmEnum.SYS_XOR_V_2.getEncryptCoder();
        }
        if (!Strings.equals("enable", config)) {
            return EncryptAlgorithmEnum.EMPTY_CODER.getEncryptCoder();
        }
        Integer encryptMode = dataEncryptConfig.getEncryptMode();
        return Strings.equals(3, encryptMode) ? ActionAlgorithmUtil.getActionAlgorithm(encryptActionEnum, getDriver().id()) : ActionAlgorithmUtil.getActionAlgorithm(encryptActionEnum, String.valueOf(encryptMode));
    }

    public MachineConnectVO getMachineConnect() {
        MachineConnectVO machineConnectVO = new MachineConnectVO();
        machineConnectVO.setStatus("failed");
        try {
            EncryptMachineDriver driver = getDriver();
            if (driver.connect()) {
                machineConnectVO.setStatus(CtpEnumUtil.SUCCESS);
                machineConnectVO.setAlertMessage(driver.supplierName());
            } else {
                machineConnectVO.setAlertMessage(ResourceUtil.getString("dataEncryption.connect.failed"));
            }
            return machineConnectVO;
        } catch (Exception e) {
            LOGGER.error(e);
            machineConnectVO.setAlertMessage(ResourceUtil.getString("dataEncryption.unavailable"));
            return machineConnectVO;
        }
    }

    private EncryptMachineDriver getDriver() throws CoderException {
        String str = SecurityHelper.getSystemConfig().get(EncryptConsts.ENCRYPT_MACHINE_DRIVER_KEY);
        if (Objects.nonNull(MACHINE_DRIVER) && Strings.equals(MACHINE_DRIVER.getClass().getName(), str)) {
            return MACHINE_DRIVER;
        }
        if (Strings.isBlank(str)) {
            str = EncryptConsts.DEFAULT_ENCRYPT_MACHINE_DRIVER[0];
            SecurityHelper.getSystemConfig().update(EncryptConsts.ENCRYPT_MACHINE_DRIVER_KEY, str);
        }
        initMachineDriver(str);
        return MACHINE_DRIVER;
    }

    private static void initMachineDriver(String str) throws CoderException {
        try {
            MACHINE_DRIVER = (EncryptMachineDriver) Class.forName(str).newInstance();
        } catch (Exception e) {
            LOGGER.error(String.format("encryptor driver load failed, driver class：[%s]", str), e);
            throw new CoderException("encryptor driver load failed", new Object[0]);
        }
    }

    public DataEncryptVO getDataEncryptConfig() {
        String str = SecurityHelper.getSystemConfig().get(IConfigPublicKey.ENCRYPT_DATA);
        if (Strings.isEmpty(str)) {
            return generateDefault();
        }
        DataEncryptVO dataEncryptVO = (DataEncryptVO) JSONUtil.parseJSONString(str, DataEncryptVO.class);
        if (Objects.equals(dataEncryptVO.getEncryptMode(), 3) && !AppContext.hasPlugin(Plugins.ENCRYPT_MACHINE)) {
            return generateDefault();
        }
        List<EncryptModuleVO> encryptModules = dataEncryptVO.getEncryptModules();
        if (Strings.isEmpty(encryptModules)) {
            return generateDefault();
        }
        encryptModules.forEach(encryptModuleVO -> {
            if (Objects.equals(encryptModuleVO.getModuleId(), 2)) {
                encryptModuleVO.getEncryptAction().setSalary("disable");
                if (AppContext.hasPlugin("salary")) {
                    encryptModuleVO.getEncryptAction().setSalary("enable");
                }
            }
        });
        return dataEncryptVO;
    }

    public static boolean enableSignature() {
        DataEncryptVO dataEncryptConfig = getInstance().getDataEncryptConfig();
        return Objects.equals(3, dataEncryptConfig.getEncryptMode()) && Objects.equals(getConfig(dataEncryptConfig.getEncryptModules(), EncryptActionEnum.SIGNATURE_DATA), "enable");
    }

    public static boolean actionSwitch(EncryptActionEnum encryptActionEnum) {
        if (Objects.isNull(encryptActionEnum)) {
            return false;
        }
        return Objects.equals("enable", getConfig(getInstance().getDataEncryptConfig().getEncryptModules(), encryptActionEnum));
    }

    private static String getConfig(List<EncryptModuleVO> list, EncryptActionEnum encryptActionEnum) {
        if (Strings.isEmpty(list) || Objects.isNull(encryptActionEnum)) {
            return "disable";
        }
        for (EncryptModuleVO encryptModuleVO : list) {
            Stream<EncryptActionEnum> stream = EncryptActionEnum.getListByModuleId(encryptModuleVO.getModuleId().intValue()).stream();
            encryptActionEnum.getClass();
            if (stream.anyMatch((v1) -> {
                return r1.equals(v1);
            })) {
                return encryptActionEnum.getConfig(encryptModuleVO.getEncryptAction());
            }
        }
        return "disable";
    }

    private DataEncryptVO generateDefault() {
        DataEncryptVO dataEncryptVO = new DataEncryptVO();
        dataEncryptVO.setEncryptMode(1);
        if (SecurityHelper.isGmEnabled()) {
            dataEncryptVO.setEncryptMode(2);
        }
        dataEncryptVO.setEncryptModules(new ArrayList(3));
        EncryptModuleVO encryptModuleVO = new EncryptModuleVO();
        encryptModuleVO.setModuleId(1);
        encryptModuleVO.setEncryptAction(new EncryptActionVO());
        encryptModuleVO.getEncryptAction().setUserPassword("enable");
        String str = SecurityHelper.getSystemConfig().get(IConfigPublicKey.ATTACH_ENCRYPT);
        encryptModuleVO.getEncryptAction().setAttachment("disable");
        if (Strings.isNotBlank(str)) {
            if ("no".equals(str)) {
                encryptModuleVO.getEncryptAction().setAttachment("disable");
            }
            if (IConfigPublicKey.HIGH.equals(str)) {
                encryptModuleVO.getEncryptAction().setAttachment("enable");
            }
            if (IConfigPublicKey.MIDDLE.equals(str)) {
                encryptModuleVO.getEncryptAction().setAttachment(str);
            }
        }
        encryptModuleVO.getEncryptAction().setText("disable");
        encryptModuleVO.getEncryptAction().setAppLog("disable");
        dataEncryptVO.getEncryptModules().add(encryptModuleVO);
        EncryptModuleVO encryptModuleVO2 = new EncryptModuleVO();
        encryptModuleVO2.setModuleId(2);
        encryptModuleVO2.setEncryptAction(new EncryptActionVO());
        encryptModuleVO2.getEncryptAction().setSalary("disable");
        if (AppContext.hasPlugin("salary")) {
            encryptModuleVO2.getEncryptAction().setSalary("enable");
        }
        encryptModuleVO2.getEncryptAction().setIDCard("disable");
        encryptModuleVO2.getEncryptAction().setOfficePhone("disable");
        encryptModuleVO2.getEncryptAction().setCellPhone("disable");
        encryptModuleVO2.getEncryptAction().setEmail("disable");
        dataEncryptVO.getEncryptModules().add(encryptModuleVO2);
        EncryptModuleVO encryptModuleVO3 = new EncryptModuleVO();
        encryptModuleVO3.setModuleId(3);
        encryptModuleVO3.setEncryptAction(new EncryptActionVO());
        encryptModuleVO3.getEncryptAction().setSignatureData("disable");
        List<Integer> list = (List) Stream.of((Object[]) new Integer[]{1, 2}).collect(Collectors.toList());
        if (AppContext.hasPlugin(Plugins.ENCRYPT_MACHINE)) {
            list.add(3);
        }
        dataEncryptVO.getEncryptModules().add(encryptModuleVO3);
        dataEncryptVO.setEncryptModeEnums(list);
        return dataEncryptVO;
    }

    private EncryptCoder getCipherEncryptCoder(byte[] bArr, EncryptCoder encryptCoder) {
        if (bArr.length == 0) {
            return encryptCoder;
        }
        Charset charset = AbstractEncryptCoder.DEFAULT_CHARSET;
        int length = EncryptAlgorithmEnum.maxLengthMark().getBytes(charset).length;
        int i = length % 4;
        if (i != 0) {
            length += 4 - i;
        }
        int min = Math.min(length, bArr.length);
        byte[] bArr2 = new byte[min];
        System.arraycopy(bArr, 0, bArr2, 0, min);
        String str = new String(bArr2, charset);
        try {
            return EncryptAlgorithmEnum.getEncryptCoderByMark(str);
        } catch (Exception e) {
            if (LOGGER.isDebugEnabled()) {
                LOGGER.warn(String.format("headerMark[%s] match failed,use default", str));
            }
            return encryptCoder;
        }
    }

    private EncryptCoder getCipherEncryptCoder(String str, EncryptCoder encryptCoder) {
        if (Strings.isBlank(str)) {
            return encryptCoder;
        }
        int length = Base64.getEncoder().encodeToString(EncryptAlgorithmEnum.maxLengthMark().getBytes(StandardCharsets.UTF_8)).length();
        int i = length % 4;
        if (i != 0) {
            length += 4 - i;
        }
        String substring = str.substring(0, Math.min(length, str.length()));
        try {
            return EncryptAlgorithmEnum.getEncryptCoderByMark(substring);
        } catch (Exception e) {
            if (LOGGER.isDebugEnabled()) {
                LOGGER.warn(String.format("headerMark[%s] match failed,use default", substring), e);
            }
            return encryptCoder;
        }
    }
}
