package com.xdja.pki.ca.securitymanager.service.util;

import com.xdja.pki.ca.core.Constants;
import com.xdja.pki.ca.core.common.ConfigUtil;
import com.xdja.pki.ca.core.configBasic.bean.CaPwdBean;
import com.xdja.pki.ca.core.configBasic.bean.CaSoftServerPwdBean;
import com.xdja.pki.ca.core.util.CertUtils;
import com.xdja.pki.ca.securitymanager.service.vo.AlgTypeEnum;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import org.springframework.core.env.Environment;

/* loaded from: input_file:WEB-INF/lib/ca-service-securitymanager-api-0.0.1-SNAPSHOT.jar:com/xdja/pki/ca/securitymanager/service/util/CaServerPwdUtil.class */
public class CaServerPwdUtil {
    public static void saveCaServerPwdCache(Environment environment, Integer num, Integer num2, String str) throws Exception {
        if (AlgTypeEnum.SM2.value != Constants.BASE_ALG_TYPE.intValue() || !Constants.CRYPT_DEVICE_TYPE.equals(Constants.CRYPT_DEVICE_XDJA_HSM)) {
            if (null != num2) {
                ConfigUtil.saveCaServerPwdConfig(environment, new CaPwdBean(num2, str));
            }
        } else {
            CaSoftServerPwdBean caSoftServerPwdBean = new CaSoftServerPwdBean();
            caSoftServerPwdBean.setSignPrivateKeyPath(Constants.CA_ROOT_PRIVATE_PATH + Constants.CA_SERVER_SIGN_PRIVATE_FILE_NAME);
            caSoftServerPwdBean.setEncPrivateKeyPath(Constants.CA_ROOT_PRIVATE_PATH + Constants.CA_SERVER_ENC_PRIVATE_FILE_NAME);
            ConfigUtil.saveCaRSAServerPwdConfig(environment, caSoftServerPwdBean);
        }
    }

    public static CaSoftServerPwdBean getCaRSAServerPwdCache(Environment environment, X509Certificate x509Certificate, X509Certificate x509Certificate2) throws Exception {
        PrivateKey readPrivateKeyByPath;
        PrivateKey readPrivateKeyByPath2;
        CaSoftServerPwdBean caRSAServerPwdConfig = ConfigUtil.getCaRSAServerPwdConfig(environment);
        if (null != caRSAServerPwdConfig) {
            caRSAServerPwdConfig.setSignCert(x509Certificate);
            caRSAServerPwdConfig.setEncCert(x509Certificate2);
            CertUtils.readPrivateKeyByPath(caRSAServerPwdConfig.getSignPrivateKeyPath());
            readPrivateKeyByPath = CertUtils.readPrivateKeyByPath(caRSAServerPwdConfig.getSignPrivateKeyPath());
            readPrivateKeyByPath2 = CertUtils.readPrivateKeyByPath(caRSAServerPwdConfig.getEncPrivateKeyPath());
        } else {
            caRSAServerPwdConfig = new CaSoftServerPwdBean();
            readPrivateKeyByPath = CertUtils.readPrivateKeyByPath(Constants.CA_ROOT_PRIVATE_PATH + Constants.CA_SERVER_SIGN_PRIVATE_FILE_NAME);
            readPrivateKeyByPath2 = CertUtils.readPrivateKeyByPath(Constants.CA_ROOT_PRIVATE_PATH + Constants.CA_SERVER_ENC_PRIVATE_FILE_NAME);
        }
        caRSAServerPwdConfig.setSignPrivateKey(readPrivateKeyByPath);
        caRSAServerPwdConfig.setEncPrivateKey(readPrivateKeyByPath2);
        return caRSAServerPwdConfig;
    }
}
