package com.xforceplus.sec.vibranium.service.impl;

import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.conditions.Wrapper;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.xforceplus.sec.vibranium.common.enums.MaskCodeEnum;
import com.xforceplus.sec.vibranium.common.exception.ParamInvalidException;
import com.xforceplus.sec.vibranium.common.exception.ServiceException;
import com.xforceplus.sec.vibranium.common.util.AESHelper;
import com.xforceplus.sec.vibranium.common.util.CollectionUtil;
import com.xforceplus.sec.vibranium.mapper.CipherFieldMapper;
import com.xforceplus.sec.vibranium.mapper.MaskCodeConflictMapper;
import com.xforceplus.sec.vibranium.mapper.SecretKeyMapper;
import com.xforceplus.sec.vibranium.model.domain.CipherField;
import com.xforceplus.sec.vibranium.model.domain.MaskCodeConflict;
import com.xforceplus.sec.vibranium.model.domain.SecretKey;
import com.xforceplus.sec.vibranium.request.DecryptRequestDTO;
import com.xforceplus.sec.vibranium.request.EncryptRequestDTO;
import com.xforceplus.sec.vibranium.service.CipherFieldService;
import com.xforceplus.sec.vibranium.service.constant.RedisKey;
import com.xforceplus.sec.vibranium.service.redis.RedisUtils;
import com.xforceplus.sec.vibranium.service.worker.BatchDecryptWorker;
import com.xforceplus.sec.vibranium.service.worker.BatchEncryptWorker;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import java.util.concurrent.ThreadPoolExecutor;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import javax.annotation.Resource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.dao.DuplicateKeyException;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;

@Service
/* loaded from: input_file:com/xforceplus/sec/vibranium/service/impl/CipherFieldServiceImpl.class */
public class CipherFieldServiceImpl extends ServiceImpl<CipherFieldMapper, CipherField> implements CipherFieldService {

    @Resource
    CipherFieldMapper cipherFieldMapper;

    @Resource
    SecretKeyMapper secretKeyMapper;

    @Resource
    MaskCodeConflictMapper maskCodeConflictMapper;

    @Resource
    RedisUtils redis;

    @Value("${batchSize:5}")
    private int batchSize;

    @Value("${redisEncryptExpireTimeDays:30}")
    private int redisEncryptExpireTimeDays;

    @Value("${redisDecryptExpireTimeDays:30}")
    private int redisDecryptExpireTimeDays;
    private ThreadPoolExecutor executor = (ThreadPoolExecutor) Executors.newFixedThreadPool(100);
    private static final Logger log = LoggerFactory.getLogger(CipherFieldServiceImpl.class);
    private static ConcurrentHashMap<Integer, String> secretKeyMap = new ConcurrentHashMap<>();

    private String encryptFromCache(EncryptRequestDTO encryptRequestDTO) {
        return this.redis.get(String.format(RedisKey.ENCRYPT_KEY.getName(), encryptRequestDTO.getCipherType(), encryptRequestDTO.getOriginalText()));
    }

    private void encryptPutCache(EncryptRequestDTO encryptRequestDTO, String str) {
        this.redis.setEx(String.format(RedisKey.ENCRYPT_KEY.getName(), encryptRequestDTO.getCipherType(), encryptRequestDTO.getOriginalText()), str, this.redisEncryptExpireTimeDays, TimeUnit.DAYS);
    }

    @Override // com.xforceplus.sec.vibranium.service.CipherFieldService
    public String encrypt(EncryptRequestDTO encryptRequestDTO) {
        log.info("encrypt start,encryptRequestDTO:{}", JSONObject.toJSONString(encryptRequestDTO));
        String encryptFromCache = encryptFromCache(encryptRequestDTO);
        if (!StringUtils.isEmpty(encryptFromCache)) {
            return encryptFromCache;
        }
        String originalText = encryptRequestDTO.getOriginalText();
        int cipherType = MaskCodeEnum.getCipherType(encryptRequestDTO.getCipherType());
        if (MaskCodeEnum.getMaskCodeFormatFunction(cipherType).test(originalText)) {
            encryptPutCache(encryptRequestDTO, originalText);
            return originalText;
        }
        String keyByCipherType = getKeyByCipherType(cipherType);
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        String str = null;
        for (int i = 0; i < 3; i++) {
            try {
                str = (String) MaskCodeEnum.getMaskCodeEnumFunction(cipherType).apply(originalText, Integer.valueOf(i + 1));
                this.cipherFieldMapper.insert(CipherField.builder().createTime(new Date()).cipherText(AESHelper.encrypt(keyByCipherType, originalText)).maskCode(str).keyName(keyByCipherType).cipherType(cipherType).originalText(originalText).build());
                break;
            } catch (DuplicateKeyException e) {
                CipherField cipherField = (CipherField) this.cipherFieldMapper.selectOne((Wrapper) new QueryWrapper().eq("mask_code", str));
                if (cipherField != null && cipherField.getOriginalText().equalsIgnoreCase(originalText)) {
                    return cipherField.getMaskCode();
                }
                arrayList.add(str);
                arrayList2.add(cipherField.getOriginalText());
                if (i == 2) {
                    this.maskCodeConflictMapper.insert(MaskCodeConflict.builder().original(originalText).maskCode((String) arrayList.stream().collect(Collectors.joining(","))).decryptResult((String) arrayList2.stream().collect(Collectors.joining(","))).appid(encryptRequestDTO.getAppId()).fieldClass(encryptRequestDTO.getFieldClass()).fieldName(encryptRequestDTO.getFieldName()).createTime(new Date()).build());
                    throw new ServiceException("掩码hash碰撞");
                }
            }
        }
        encryptPutCache(encryptRequestDTO, str);
        decryptPutCache(encryptRequestDTO.getCipherType(), str, encryptRequestDTO.getOriginalText());
        return str;
    }

    private String getKeyByCipherType(int i) {
        String keyName;
        if (secretKeyMap.containsKey(Integer.valueOf(i))) {
            keyName = secretKeyMap.get(Integer.valueOf(i));
        } else {
            SecretKey secretKey = (SecretKey) this.secretKeyMapper.selectOne((Wrapper) new QueryWrapper().eq("cipher_type", Integer.valueOf(i)));
            if (secretKey == null) {
                throw new ParamInvalidException("Cipher type", " is invalid.");
            }
            keyName = secretKey.getKeyName();
            secretKeyMap.put(Integer.valueOf(i), keyName);
        }
        return keyName;
    }

    private String decryptFromCache(DecryptRequestDTO decryptRequestDTO) {
        return this.redis.get(String.format(RedisKey.DECRYPT_KEY.getName(), decryptRequestDTO.getCipherType(), decryptRequestDTO.getMaskCode()));
    }

    private void decryptPutCache(String str, String str2, String str3) {
        this.redis.setEx(String.format(RedisKey.DECRYPT_KEY.getName(), str, str2), str3, this.redisDecryptExpireTimeDays, TimeUnit.DAYS);
    }

    @Override // com.xforceplus.sec.vibranium.service.CipherFieldService
    public String decrypt(DecryptRequestDTO decryptRequestDTO) {
        log.info("decrypt start,decryptRequestDTO:{}", JSONObject.toJSONString(decryptRequestDTO));
        String decryptFromCache = decryptFromCache(decryptRequestDTO);
        if (!StringUtils.isEmpty(decryptFromCache)) {
            return decryptFromCache;
        }
        String maskCode = decryptRequestDTO.getMaskCode();
        if (!MaskCodeEnum.getMaskCodeFormatFunction(MaskCodeEnum.getCipherType(decryptRequestDTO.getCipherType())).test(maskCode)) {
            log.error("maskCode格式错误：" + maskCode);
            throw new ParamInvalidException("Mask code", " is invalid.");
        }
        CipherField cipherField = (CipherField) this.cipherFieldMapper.selectOne((Wrapper) new QueryWrapper().eq("mask_code", maskCode));
        if (cipherField == null) {
            log.error("maskCode不存在：" + maskCode);
            throw new ParamInvalidException("Mask code", " is invalid.");
        }
        String decrypt = AESHelper.decrypt(cipherField.getKeyName(), cipherField.getCipherText());
        decryptPutCache(decryptRequestDTO.getCipherType(), decryptRequestDTO.getMaskCode(), decrypt);
        return decrypt;
    }

    @Override // com.xforceplus.sec.vibranium.service.CipherFieldService
    public Map<DecryptRequestDTO, String> batchDecrypt(List<DecryptRequestDTO> list) {
        if (CollectionUtil.isEmpty(list)) {
            return null;
        }
        HashMap hashMap = new HashMap();
        ArrayList arrayList = new ArrayList();
        List splitListByBatch = CollectionUtil.splitListByBatch(list, this.batchSize);
        CountDownLatch countDownLatch = new CountDownLatch(splitListByBatch.size());
        Iterator it = splitListByBatch.iterator();
        while (it.hasNext()) {
            arrayList.add(this.executor.submit(new BatchDecryptWorker(countDownLatch, (List) it.next(), this)));
        }
        try {
            countDownLatch.await();
            Iterator it2 = arrayList.iterator();
            while (it2.hasNext()) {
                try {
                    hashMap.putAll((Map) ((Future) it2.next()).get());
                } catch (Exception e) {
                    throw new ServiceException(e.getMessage());
                }
            }
            return hashMap;
        } catch (InterruptedException e2) {
            throw new ServiceException(e2.getMessage());
        }
    }

    @Override // com.xforceplus.sec.vibranium.service.CipherFieldService
    public Map<EncryptRequestDTO, String> batchEncrypt(List<EncryptRequestDTO> list) {
        if (CollectionUtil.isEmpty(list)) {
            return null;
        }
        HashMap hashMap = new HashMap();
        ArrayList arrayList = new ArrayList();
        List splitListByBatch = CollectionUtil.splitListByBatch(list, this.batchSize);
        CountDownLatch countDownLatch = new CountDownLatch(splitListByBatch.size());
        Iterator it = splitListByBatch.iterator();
        while (it.hasNext()) {
            arrayList.add(this.executor.submit(new BatchEncryptWorker(countDownLatch, (List) it.next(), this)));
        }
        try {
            countDownLatch.await();
            Iterator it2 = arrayList.iterator();
            while (it2.hasNext()) {
                try {
                    hashMap.putAll((Map) ((Future) it2.next()).get());
                } catch (Exception e) {
                    throw new ServiceException(e.getMessage());
                }
            }
            return hashMap;
        } catch (InterruptedException e2) {
            throw new ServiceException(e2.getMessage());
        }
    }

    private boolean originalTextEqualsToDecryptText(String str, String str2, String str3, String[] strArr, String[] strArr2, int i, EncryptRequestDTO encryptRequestDTO) {
        if (str.equals(str2)) {
            return true;
        }
        strArr[i] = str3;
        strArr2[i] = str2;
        log.info("传入明文为：" + str + ",DB中解密后的明文为：" + str2);
        if (i != 2) {
            return false;
        }
        this.maskCodeConflictMapper.insert(MaskCodeConflict.builder().original(str).maskCode((String) Arrays.stream(strArr).collect(Collectors.joining(","))).decryptResult((String) Arrays.stream(strArr2).collect(Collectors.joining(","))).appid(encryptRequestDTO.getAppId()).fieldClass(encryptRequestDTO.getFieldClass()).fieldName(encryptRequestDTO.getFieldName()).createTime(new Date()).build());
        throw new ServiceException("掩码hash碰撞");
    }
}
