package com.xdja.pki.gmssl.hsm.server.runner;

import com.xdja.pki.gmssl.core.utils.GMSSLX509Utils;
import com.xdja.pki.gmssl.crypto.utils.GMSSLSM2KeyUtils;
import com.xdja.pki.gmssl.hsm.server.constant.Constants;
import com.xdja.pki.gmssl.keystore.utils.GMSSLKeyStoreUtils;
import com.xdja.pki.gmssl.x509.utils.GMSSLCertUtils;
import com.xdja.pki.gmssl.x509.utils.GMSSLExtensionUtils;
import com.xdja.pki.gmssl.x509.utils.bean.GMSSLSignatureAlgorithm;
import java.io.File;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.concurrent.atomic.AtomicLong;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.ApplicationArguments;
import org.springframework.boot.ApplicationRunner;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;

@Component
@Order(1)
/* loaded from: input_file:BOOT-INF/classes/com/xdja/pki/gmssl/hsm/server/runner/InitRunner.class */
public class InitRunner implements ApplicationRunner {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) InitRunner.class);

    @Override // org.springframework.boot.ApplicationRunner
    public void run(ApplicationArguments applicationArguments) {
        String[] sourceArgs = applicationArguments.getSourceArgs();
        if (null == sourceArgs || sourceArgs.length == 0 || !"init".equalsIgnoreCase(sourceArgs[0])) {
            return;
        }
        try {
            init();
            logger.info("服务初始化成功");
        } catch (Exception e) {
            logger.error("服务初始化失败", (Throwable) e);
        }
        System.exit(0);
    }

    private static void init() throws Exception {
        AtomicLong atomicLong = new AtomicLong(System.currentTimeMillis());
        Date date = new Date();
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(date);
        calendar.add(5, -1);
        Date time = calendar.getTime();
        calendar.add(1, 1);
        Date time2 = calendar.getTime();
        KeyPair generateSM2KeyPairByBC = GMSSLSM2KeyUtils.generateSM2KeyPairByBC();
        ArrayList arrayList = new ArrayList();
        arrayList.add(GMSSLExtensionUtils.genRootCertKeyUsageExtension());
        X509Certificate generateCertByBC = GMSSLCertUtils.generateCertByBC("cn=sub,o=xdja,c=cn", "cn=sub,o=xdja,c=cn", BigInteger.valueOf(atomicLong.getAndIncrement()), time, time2, generateSM2KeyPairByBC.getPrivate(), generateSM2KeyPairByBC.getPublic(), GMSSLSignatureAlgorithm.SM3_WITH_SM2.getSigAlgName(), arrayList);
        GMSSLKeyStoreUtils.saveGMSSLKeyStore(GMSSLKeyStoreUtils.generateGMSSLTrustStoreWithBKS(generateCertByBC), Constants.PWD, Constants.PATH, Constants.ROOT_KEY_STORE_NAME);
        generateServerKeyStore(time, time2, atomicLong, generateCertByBC, "cn=sub,o=xdja,c=cn", generateSM2KeyPairByBC.getPrivate());
        generateClientKeyStore(time, time2, atomicLong, generateCertByBC, "cn=sub,o=xdja,c=cn", generateSM2KeyPairByBC.getPrivate());
    }

    private static void generateServerKeyStore(Date date, Date date2, AtomicLong atomicLong, X509Certificate x509Certificate, String str, PrivateKey privateKey) throws Exception {
        KeyPair generateSM2KeyPairByBC = GMSSLSM2KeyUtils.generateSM2KeyPairByBC();
        ArrayList arrayList = new ArrayList();
        arrayList.add(GMSSLExtensionUtils.genSignatureCertKeyUsageExtension());
        arrayList.add(GMSSLExtensionUtils.genSubjectKeyIdentifierExtension(generateSM2KeyPairByBC.getPublic()));
        arrayList.add(GMSSLExtensionUtils.genAuthorityKeyIdentifierExtension(x509Certificate));
        X509Certificate generateCertByBC = GMSSLCertUtils.generateCertByBC(str, "cn=sign,o=xdja,c=cn", BigInteger.valueOf(atomicLong.getAndIncrement()), date, date2, privateKey, generateSM2KeyPairByBC.getPublic(), GMSSLSignatureAlgorithm.SM3_WITH_SM2.getSigAlgName(), arrayList);
        KeyPair generateSM2KeyPairByBC2 = GMSSLSM2KeyUtils.generateSM2KeyPairByBC();
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(GMSSLExtensionUtils.genEncryptCertKeyUsageExtension());
        arrayList2.add(GMSSLExtensionUtils.genSubjectKeyIdentifierExtension(generateSM2KeyPairByBC2.getPublic()));
        arrayList2.add(GMSSLExtensionUtils.genAuthorityKeyIdentifierExtension(x509Certificate));
        GMSSLKeyStoreUtils.saveGMSSLKeyStore(GMSSLKeyStoreUtils.generateGMSSLKeyStoreWithBKS(Constants.PWD, x509Certificate, "sign", generateSM2KeyPairByBC.getPrivate(), generateCertByBC, "enc", generateSM2KeyPairByBC2.getPrivate(), GMSSLCertUtils.generateCertByBC(str, "cn=enc,o=xdja,c=cn", BigInteger.valueOf(atomicLong.getAndIncrement()), date, date2, privateKey, generateSM2KeyPairByBC2.getPublic(), GMSSLSignatureAlgorithm.SM3_WITH_SM2.getSigAlgName(), arrayList2)), Constants.PWD, Constants.PATH, Constants.SERVER_KEY_STORE_NAME);
    }

    private static void generateClientKeyStore(Date date, Date date2, AtomicLong atomicLong, X509Certificate x509Certificate, String str, PrivateKey privateKey) throws Exception {
        KeyPair generateSM2KeyPairByBC = GMSSLSM2KeyUtils.generateSM2KeyPairByBC();
        ArrayList arrayList = new ArrayList();
        arrayList.add(GMSSLExtensionUtils.genSignatureCertKeyUsageExtension());
        arrayList.add(GMSSLExtensionUtils.genSubjectKeyIdentifierExtension(generateSM2KeyPairByBC.getPublic()));
        arrayList.add(GMSSLExtensionUtils.genAuthorityKeyIdentifierExtension(x509Certificate));
        X509Certificate generateCertByBC = GMSSLCertUtils.generateCertByBC(str, "cn=sign,o=xdja,c=cn", BigInteger.valueOf(atomicLong.getAndIncrement()), date, date2, privateKey, generateSM2KeyPairByBC.getPublic(), GMSSLSignatureAlgorithm.SM3_WITH_SM2.getSigAlgName(), arrayList);
        KeyPair generateSM2KeyPairByBC2 = GMSSLSM2KeyUtils.generateSM2KeyPairByBC();
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(GMSSLExtensionUtils.genEncryptCertKeyUsageExtension());
        arrayList2.add(GMSSLExtensionUtils.genSubjectKeyIdentifierExtension(generateSM2KeyPairByBC2.getPublic()));
        arrayList2.add(GMSSLExtensionUtils.genAuthorityKeyIdentifierExtension(x509Certificate));
        KeyStore generateGMSSLKeyStoreWithBKS = GMSSLKeyStoreUtils.generateGMSSLKeyStoreWithBKS(Constants.PWD, x509Certificate, "sign", generateSM2KeyPairByBC.getPrivate(), generateCertByBC, "enc", generateSM2KeyPairByBC2.getPrivate(), GMSSLCertUtils.generateCertByBC(str, "cn=enc,o=xdja,c=cn", BigInteger.valueOf(atomicLong.getAndIncrement()), date, date2, privateKey, generateSM2KeyPairByBC2.getPublic(), GMSSLSignatureAlgorithm.SM3_WITH_SM2.getSigAlgName(), arrayList2));
        GMSSLKeyStoreUtils.saveGMSSLKeyStore(generateGMSSLKeyStoreWithBKS, Constants.PWD, Constants.PATH, Constants.CLIENT_KEY_STORE_NAME);
        GMSSLX509Utils.writeKeyStoreToP12(generateGMSSLKeyStoreWithBKS, Constants.PWD.toCharArray(), Constants.PATH + File.separator + Constants.CLIENT_KEY_STORE_NAME);
    }
}
