package com.xdja.pki.gmssl.hsm.server.runner;

import com.xdja.pki.gmssl.core.utils.GMSSLFileUtils;
import com.xdja.pki.gmssl.core.utils.GMSSLRandomUtils;
import com.xdja.pki.gmssl.core.utils.GMSSLX509Utils;
import com.xdja.pki.gmssl.hsm.server.constant.Constants;
import com.xdja.pki.gmssl.keystore.utils.GMSSLKeyStoreUtils;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.cert.Certificate;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.ApplicationArguments;
import org.springframework.boot.ApplicationRunner;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;

@Component
@Order(2)
/* loaded from: input_file:BOOT-INF/classes/com/xdja/pki/gmssl/hsm/server/runner/KeyStoreRunner.class */
public class KeyStoreRunner implements ApplicationRunner {
    private final Logger logger = LoggerFactory.getLogger(getClass());

    @Override // org.springframework.boot.ApplicationRunner
    public void run(ApplicationArguments applicationArguments) {
        KeyStore keyStore;
        if (checkFile()) {
            return;
        }
        try {
            keyStore = GMSSLKeyStoreUtils.readKeyStoreFromPath(Constants.PATH + File.separator + Constants.SERVER_KEY_STORE_NAME + ".keystore", Constants.PWD.toCharArray());
        } catch (Exception e) {
            keyStore = null;
        }
        if (null == keyStore) {
            this.logger.error("生成key.keystore失败，需先初始化");
            return;
        }
        FileOutputStream fileOutputStream = null;
        try {
            try {
                KeyStore keyStore2 = KeyStore.getInstance("BKS", BouncyCastleProvider.PROVIDER_NAME);
                keyStore2.load(null, null);
                Certificate readCertificateFromKeyStore = GMSSLKeyStoreUtils.readCertificateFromKeyStore(keyStore, "sign");
                for (int i = 1; i <= 60; i++) {
                    keyStore2.setKeyEntry(i + "", GMSSLX509Utils.generateSM2KeyPair().getPrivate(), Constants.PWD.toCharArray(), new Certificate[]{readCertificateFromKeyStore});
                    this.logger.info("非对称密钥索引[{}]生成成功", Integer.valueOf(i));
                }
                for (int i2 = 1; i2 <= 30; i2++) {
                    keyStore2.setKeyEntry((i2 + 100) + "", new SecretKeySpec(GMSSLRandomUtils.generateRandom(16), "SM4"), Constants.PWD.toCharArray(), null);
                    this.logger.info("对称密钥索引[{}]生成成功", (i2 + 100) + "");
                }
                GMSSLKeyStoreUtils.saveGMSSLKeyStore(keyStore2, Constants.PWD, Constants.PATH, "key");
                this.logger.info("key.keystore保存成功");
                if (0 != 0) {
                    try {
                        fileOutputStream.close();
                    } catch (IOException e2) {
                        this.logger.error("生成key.keystore失败", (Throwable) e2);
                    }
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        fileOutputStream.close();
                    } catch (IOException e3) {
                        this.logger.error("生成key.keystore失败", (Throwable) e3);
                        throw th;
                    }
                }
                throw th;
            }
        } catch (Exception e4) {
            this.logger.error("生成key.keystore失败", (Throwable) e4);
            if (0 != 0) {
                try {
                    fileOutputStream.close();
                } catch (IOException e5) {
                    this.logger.error("生成key.keystore失败", (Throwable) e5);
                }
            }
        }
    }

    private boolean checkFile() {
        boolean z = true;
        String str = Constants.PATH + File.separator + "key.keystore";
        try {
            KeyStore readKeyStoreFromPath = GMSSLKeyStoreUtils.readKeyStoreFromPath(str, Constants.PWD.toCharArray());
            int i = 1;
            while (true) {
                if (i > 60) {
                    break;
                }
                if (!readKeyStoreFromPath.containsAlias(i + "")) {
                    z = false;
                    break;
                }
                i++;
            }
            int i2 = 1;
            while (true) {
                if (i2 > 30) {
                    break;
                }
                if (!readKeyStoreFromPath.containsAlias((i2 + 100) + "")) {
                    z = false;
                    break;
                }
                i2++;
            }
        } catch (FileNotFoundException e) {
            return false;
        } catch (Exception e2) {
            this.logger.warn("key.keystore解析失败", (Throwable) e2);
            z = false;
        }
        if (!z) {
            this.logger.warn("key.keystore解析失败或缺失，重新成功key.keystore");
            GMSSLFileUtils.deleteFile(str);
        }
        return z;
    }
}
