package koal.usap.client.pep.ldap.biz.pki;

import com.koal.security.pki.x509.Certificate;
import java.io.File;
import java.io.FileOutputStream;
import java.io.Serializable;
import java.util.HashMap;
import java.util.Map;
import koal.common.file.FileUtil;
import koal.security.utils.Base64;
import koal.usap.client.ws.util.CertUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:koal/usap/client/pep/ldap/biz/pki/TrustCertListCfg.class */
public class TrustCertListCfg implements Serializable {
    private static final long serialVersionUID = 1;
    private static final Logger logger = LoggerFactory.getLogger(TrustCertListCfg.class);
    protected String trustPath;
    private Map<String, String> dnToCertificate = new HashMap();

    public void initConfig(String str) throws Exception {
        try {
            this.trustPath = str;
            File file = new File(this.trustPath);
            if (!file.exists()) {
                file.mkdirs();
            }
            if (file.isFile()) {
                throw new Exception("信任列表目录不是目录：" + file.getAbsolutePath());
            }
            for (File file2 : file.listFiles()) {
                if (file2.isFile() && (file2.getName().endsWith(".cer") || file2.getName().endsWith(".CER"))) {
                    try {
                        Certificate certificate = new Certificate();
                        certificate.decode(CertUtil.getCertBytes(FileUtil.readFileAsByteArray(file2.getAbsolutePath())));
                        this.dnToCertificate.put(certificate.getSubject().toString(), new String(Base64.encode(certificate.encode())));
                    } catch (Exception e) {
                        logger.error("解析CA证书失败：", e);
                    }
                }
            }
        } catch (Exception e2) {
            throw e2;
        }
    }

    public void saveCert(Certificate certificate) throws Exception {
        File file = new File(this.trustPath + File.separator + certificate.getSubject().toString());
        if (file.exists() && file.isFile()) {
            file.delete();
        }
        file.createNewFile();
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        fileOutputStream.write(certificate.encode());
        fileOutputStream.close();
        this.dnToCertificate.put(certificate.getSubject().toString(), new String(Base64.encode(certificate.encode())));
    }

    public Certificate getIssuerCert(Certificate certificate) throws Exception {
        String str = this.dnToCertificate.get(certificate.getIssuer().toString());
        if (str == null) {
            return null;
        }
        Certificate certificate2 = new Certificate();
        certificate2.decode(Base64.decode(str));
        return certificate2;
    }
}
