package com.fshows.ark.spring.boot.starter.core.sensitive.encrypt;

import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.digest.DigestAlgorithm;
import cn.hutool.crypto.digest.Digester;
import com.alibaba.fastjson.JSONObject;
import com.fshows.ark.spring.boot.starter.constant.CommonConstant;
import com.fshows.ark.spring.boot.starter.core.sensitive.enums.AlgorithmTypeEnum;
import com.fshows.ark.spring.boot.starter.core.sensitive.model.SecretKeyModel;
import com.fshows.ark.spring.boot.starter.core.sensitive.model.SensitiveConfigItem;
import com.fshows.ark.spring.boot.starter.core.sensitive.model.SensitiveConfigModel;
import com.fshows.ark.spring.boot.starter.exception.DbSensitiveException;
import com.fshows.ark.spring.boot.starter.util.LogUtil;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.annotation.PostConstruct;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/fshows/ark/spring/boot/starter/core/sensitive/encrypt/DefaultSecretKeyManage.class */
public class DefaultSecretKeyManage implements SecretKeyManage {
    private static final Logger log = LoggerFactory.getLogger(DefaultSecretKeyManage.class);
    private final Map<String, SecretKeyModel> KEY_CACHE_MAP = new ConcurrentHashMap();
    private final Map<String, SecretKeyModel> NAME_KEY_CACHE_MAP = new ConcurrentHashMap();

    @Value("${ark.sensitive.secrekey.config:}")
    private String sensitiveConfig;
    private volatile SecretKeyModel mainEncryptSecretKey;
    private volatile SecretKeyModel searchKeywordsSecret;

    @PostConstruct
    public void initMap() {
        if (StrUtil.isBlank(this.sensitiveConfig)) {
            LogUtil.error(log, "ark-spring-boot-starter >>  数据库敏感字段密钥配置为空 >> 请检查‘ark.sensitive.secrekey.config’配置");
            throw new DbSensitiveException("ark-spring-boot-starter >> 数据库敏感字段密钥配置为空 >> 请检查‘ark.sensitive.secrekey.config’配置");
        }
        SensitiveConfigModel sensitiveConfigModel = (SensitiveConfigModel) JSONObject.parseObject(this.sensitiveConfig, SensitiveConfigModel.class);
        for (SensitiveConfigItem sensitiveConfigItem : sensitiveConfigModel.getSecretList()) {
            AlgorithmTypeEnum byName = AlgorithmTypeEnum.getByName(sensitiveConfigItem.getAlgorithmType());
            if (byName == null) {
                LogUtil.error(log, "ark-spring-boot-starter >>  数据库敏感字段加密配置初始化异常 >> 未识别的algorithmType,请检查‘ark.sensitive.secrekey.config’配置是否正确 >> {}", sensitiveConfigItem.getAlgorithmType());
                throw new DbSensitiveException("ark-spring-boot-starter >> 数据库敏感字段加密配置初始化异常！ >> 未识别的algorithmType");
            }
            if (StrUtil.isBlank(sensitiveConfigItem.getKeyId())) {
                LogUtil.error(log, "ark-spring-boot-starter >>  数据库敏感字段加密配置初始化异常 >> keyId不能为空,请检查‘ark.sensitive.secrekey.config’配置是否正确 >> {}", sensitiveConfigItem.getKeyId());
                throw new DbSensitiveException("ark-spring-boot-starter >> 数据库敏感字段加密配置初始化异常！ >> keyId不能为空");
            }
            int parseInt = Integer.parseInt(sensitiveConfigItem.getKeyId());
            if (parseInt < 0 || parseInt > 65535) {
                LogUtil.error(log, "ark-spring-boot-starter >>  数据库敏感字段加密配置初始化异常 >> 无效的keyId,keyId的取值范围为（0-65535的数字）,请检查‘ark.sensitive.secrekey.config’配置是否正确 >> {}", sensitiveConfigItem.getKeyId());
                throw new DbSensitiveException("ark-spring-boot-starter >> 数据库敏感字段加密配置初始化异常！ >> keyId不能为空");
            }
            if (StrUtil.isBlank(sensitiveConfigItem.getSeed())) {
                LogUtil.error(log, "ark-spring-boot-starter >>  数据库敏感字段加密配置初始化异常 >> seed不能为空,请检查‘ark.sensitive.secrekey.config’配置是否正确 >> {}", sensitiveConfigItem.getSeed());
                throw new DbSensitiveException("ark-spring-boot-starter >> 数据库敏感字段加密配置初始化异常！ >> seed不能为空");
            }
            SecretKeyModel secretKeyModel = new SecretKeyModel();
            secretKeyModel.setSecretName(sensitiveConfigItem.getSecretName());
            secretKeyModel.setKeyId(parseInt);
            secretKeyModel.setAlgorithmType(byName);
            Digester digester = new Digester(DigestAlgorithm.MD5);
            secretKeyModel.setPrivateKey(digester.digest(digester.digestHex(sensitiveConfigItem.getSeed()) + sensitiveConfigItem.getSeed()));
            this.KEY_CACHE_MAP.put(StrUtil.format(CommonConstant.SECRETKEY_CACHE_MAP_KEY, new Object[]{sensitiveConfigItem.getKeyId(), byName.getValue()}), secretKeyModel);
            if (StrUtil.isNotBlank(secretKeyModel.getSecretName())) {
                this.NAME_KEY_CACHE_MAP.put(secretKeyModel.getSecretName(), secretKeyModel);
            }
        }
        this.mainEncryptSecretKey = this.NAME_KEY_CACHE_MAP.get(sensitiveConfigModel.getMainSecretName());
        this.searchKeywordsSecret = this.NAME_KEY_CACHE_MAP.get(sensitiveConfigModel.getSearchKeywordsSecretName());
        if (this.mainEncryptSecretKey == null) {
            LogUtil.error(log, "ark-spring-boot-starter >>  数据库敏感字段加密配置初始化异常 >> 未设置加密主密钥,请检查‘ark.sensitive.secrekey.config’配置中“mainEncryptSecretKey”是否正确 >> {}", sensitiveConfigModel.getMainSecretName());
            throw new DbSensitiveException("ark-spring-boot-starter >> 数据库敏感字段加密配置初始化异常！ >> 未设置加密主密钥");
        }
        if (this.searchKeywordsSecret == null) {
            LogUtil.error(log, "ark-spring-boot-starter >>  数据库敏感字段加密配置初始化异常 >> 未设置检索查询字段加密主密钥,请检查‘ark.sensitive.secrekey.config’配置中“searchKeywordsSecretName”是否正确 >> {}", sensitiveConfigModel.getSearchKeywordsSecretName());
            throw new DbSensitiveException("ark-spring-boot-starter >> 数据库敏感字段加密配置初始化异常！ >> 未设置检索查询字段加密主密钥");
        }
    }

    @Override // com.fshows.ark.spring.boot.starter.core.sensitive.encrypt.SecretKeyManage
    public SecretKeyModel getSecretKey(String str, AlgorithmTypeEnum algorithmTypeEnum) {
        if (StrUtil.isBlank(this.sensitiveConfig)) {
            return null;
        }
        return this.KEY_CACHE_MAP.get(StrUtil.format(CommonConstant.SECRETKEY_CACHE_MAP_KEY, new Object[]{str, algorithmTypeEnum.getValue()}));
    }

    @Override // com.fshows.ark.spring.boot.starter.core.sensitive.encrypt.SecretKeyManage
    public SecretKeyModel getSecretKeyByName(String str) {
        if (StrUtil.isBlank(this.sensitiveConfig)) {
            return null;
        }
        return this.NAME_KEY_CACHE_MAP.get(str);
    }

    @Override // com.fshows.ark.spring.boot.starter.core.sensitive.encrypt.SecretKeyManage
    public SecretKeyModel getMainEncryptSecretKey() {
        return this.mainEncryptSecretKey;
    }

    @Override // com.fshows.ark.spring.boot.starter.core.sensitive.encrypt.SecretKeyManage
    public SecretKeyModel getSearchKeywordsSecret() {
        if (StrUtil.isBlank(this.sensitiveConfig)) {
            return null;
        }
        return this.searchKeywordsSecret;
    }
}
