package com.xdja.pki.gmssl.keystore.utils;

import com.xdja.pki.gmssl.core.utils.GMSSLX509Utils;
import com.xdja.pki.gmssl.crypto.init.GMSSLHsmKeyStoreBean;
import com.xdja.pki.gmssl.crypto.init.GMSSLHsmKeyStoreUtils;
import com.xdja.pki.gmssl.crypto.init.GMSSLPkiCryptoInit;
import com.xdja.pki.gmssl.crypto.sdf.SdfPrivateKey;
import com.xdja.pki.gmssl.hsm.server.constant.Constants;
import com.xdja.pki.gmssl.x509.utils.GMSSLExtensionUtils;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import javax.crypto.SecretKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/gmssl-pki-utils-1.3.5-SNAPSHOT.jar:com/xdja/pki/gmssl/keystore/utils/GMSSLKeyStoreUtils.class */
public class GMSSLKeyStoreUtils {
    public static final String BKS_KEYSTORE_TYPE = "BKS";
    public static final String PKCS12_KEYSTORE_TYPE = "PKCS12";
    public static final String JKS_KEYSTORE_TYPE = "JKS";
    private static Logger logger;
    static final /* synthetic */ boolean $assertionsDisabled;

    @Deprecated
    public static KeyStore generateGMSSLKeyStore(String str, X509Certificate x509Certificate, String str2, PrivateKey privateKey, X509Certificate x509Certificate2, String str3, PrivateKey privateKey2, X509Certificate x509Certificate3) throws Exception {
        return generateGMSSLKeyStoreWithBKS(str, x509Certificate, str2, privateKey, x509Certificate2, str3, privateKey2, x509Certificate3);
    }

    @Deprecated
    public static KeyStore generateGMSSLKeyStore(String str, List<X509Certificate> list, String str2, PrivateKey privateKey, X509Certificate x509Certificate, String str3, PrivateKey privateKey2, X509Certificate x509Certificate2) throws Exception {
        return generateGMSSLKeyStoreWithType(str, list, str2, privateKey, x509Certificate, str3, privateKey2, x509Certificate2, "BKS");
    }

    public static KeyStore generateGMSSLKeyStoreWithJKS(String str, X509Certificate x509Certificate, String str2, PrivateKey privateKey, X509Certificate x509Certificate2, String str3, PrivateKey privateKey2, X509Certificate x509Certificate3) throws Exception {
        return generateGMSSLKeyStoreWithType(str, x509Certificate, str2, privateKey, x509Certificate2, str3, privateKey2, x509Certificate3, "JKS");
    }

    public static KeyStore generateGMSSLKeyStoreWithJKS(String str, List<X509Certificate> list, String str2, PrivateKey privateKey, X509Certificate x509Certificate, String str3, PrivateKey privateKey2, X509Certificate x509Certificate2) throws Exception {
        return generateGMSSLKeyStoreWithType(str, list, str2, privateKey, x509Certificate, str3, privateKey2, x509Certificate2, "JKS");
    }

    public static KeyStore generateGMSSLKeyStoreWithBKS(String str, X509Certificate x509Certificate, String str2, PrivateKey privateKey, X509Certificate x509Certificate2, String str3, PrivateKey privateKey2, X509Certificate x509Certificate3) throws Exception {
        return generateGMSSLKeyStoreWithType(str, x509Certificate, str2, privateKey, x509Certificate2, str3, privateKey2, x509Certificate3, "BKS");
    }

    public static KeyStore generateGMSSLKeyStoreWithPKCS12(String str, X509Certificate x509Certificate, String str2, PrivateKey privateKey, X509Certificate x509Certificate2, String str3, PrivateKey privateKey2, X509Certificate x509Certificate3) throws Exception {
        return generateGMSSLKeyStoreWithType(str, x509Certificate, str2, privateKey, x509Certificate2, str3, privateKey2, x509Certificate3, "PKCS12");
    }

    public static KeyStore generateGMSSLKeyStoreWithJKS(String str, List<X509Certificate> list, int i, String str2, String str3, X509Certificate x509Certificate, String str4, X509Certificate x509Certificate2) throws Exception {
        SdfPrivateKey sdfPrivateKey = new SdfPrivateKey(i, str2);
        return generateGMSSLKeyStoreWithType(str, list, str3, sdfPrivateKey, x509Certificate, str4, sdfPrivateKey, x509Certificate2, "JKS");
    }

    public static KeyStore generateGMSSLKeyStoreWithBKS(String str, X509Certificate x509Certificate, int i, String str2, String str3, X509Certificate x509Certificate2, String str4, X509Certificate x509Certificate3) throws Exception {
        SdfPrivateKey sdfPrivateKey = new SdfPrivateKey(i, str2);
        return generateGMSSLKeyStoreWithType(str, x509Certificate, str3, sdfPrivateKey, x509Certificate2, str4, sdfPrivateKey, x509Certificate3, "BKS");
    }

    public static KeyStore generateGMSSLKeyStoreWithBKS(String str, List<X509Certificate> list, int i, String str2, String str3, X509Certificate x509Certificate, String str4, X509Certificate x509Certificate2) throws Exception {
        SdfPrivateKey sdfPrivateKey = new SdfPrivateKey(i, str2);
        return generateGMSSLKeyStoreWithType(str, list, str3, sdfPrivateKey, x509Certificate, str4, sdfPrivateKey, x509Certificate2, "BKS");
    }

    public static KeyStore generateGMSSLKeyStoreWithBKS(String str, List<X509Certificate> list, String str2, PrivateKey privateKey, X509Certificate x509Certificate, String str3, PrivateKey privateKey2, X509Certificate x509Certificate2) throws Exception {
        return generateGMSSLKeyStoreWithType(str, list, str2, privateKey, x509Certificate, str3, privateKey2, x509Certificate2, "BKS");
    }

    public static KeyStore generateGMSSLKeyStoreWithType(String str, X509Certificate x509Certificate, String str2, PrivateKey privateKey, X509Certificate x509Certificate2, String str3, PrivateKey privateKey2, X509Certificate x509Certificate3, String str4) throws Exception {
        ArrayList arrayList = new ArrayList();
        arrayList.add(x509Certificate);
        return generateGMSSLKeyStoreWithType(str, arrayList, str2, privateKey, x509Certificate2, str3, privateKey2, x509Certificate3, str4);
    }

    public static KeyStore generateGMSSLKeyStoreWithType(String str, List<X509Certificate> list, String str2, PrivateKey privateKey, X509Certificate x509Certificate, String str3, PrivateKey privateKey2, X509Certificate x509Certificate2, String str4) throws Exception {
        KeyStore generateKeystore = generateKeystore(str4);
        generateKeystore.load(null, null);
        if (GMSSLPkiCryptoInit.isHsmServer() && (privateKey instanceof SdfPrivateKey)) {
            SdfPrivateKey sdfPrivateKey = (SdfPrivateKey) privateKey;
            GMSSLHsmKeyStoreBean asymKey = GMSSLHsmKeyStoreUtils.getAsymKey(Integer.valueOf(sdfPrivateKey.getIndex()), false);
            GMSSLHsmKeyStoreBean asymKey2 = GMSSLHsmKeyStoreUtils.getAsymKey(Integer.valueOf(sdfPrivateKey.getIndex()), true);
            generateKeystore.setKeyEntry(str2, asymKey.getPrivateKey(), str.toCharArray(), generateCertArrays(list, x509Certificate));
            generateKeystore.setKeyEntry(str3, asymKey2.getPrivateKey(), str.toCharArray(), generateCertArrays(list, x509Certificate2));
        } else {
            generateKeystore.setKeyEntry(str2, privateKey, str.toCharArray(), generateCertArrays(list, x509Certificate));
            generateKeystore.setKeyEntry(str3, privateKey2, str.toCharArray(), generateCertArrays(list, x509Certificate2));
        }
        return generateKeystore;
    }

    public static KeyStore generateGMSSLKeyStoreWithJKS(String str, List<X509Certificate> list, String str2, PrivateKey privateKey, X509Certificate x509Certificate) throws Exception {
        KeyStore generateKeystore = generateKeystore("JKS");
        generateKeystore.load(null, null);
        if (GMSSLPkiCryptoInit.isHsmServer() && (privateKey instanceof SdfPrivateKey)) {
            generateKeystore.setKeyEntry(str2, GMSSLHsmKeyStoreUtils.getAsymKey(Integer.valueOf(((SdfPrivateKey) privateKey).getIndex()), false).getPrivateKey(), str.toCharArray(), generateCertArrays(list, x509Certificate));
        } else {
            generateKeystore.setKeyEntry(str2, privateKey, str.toCharArray(), generateCertArrays(list, x509Certificate));
        }
        return generateKeystore;
    }

    private static X509Certificate[] generateCertArrays(List<X509Certificate> list, X509Certificate x509Certificate) {
        X509Certificate[] x509CertificateArr = new X509Certificate[list.size() + 1];
        x509CertificateArr[0] = x509Certificate;
        for (int i = 1; i < x509CertificateArr.length; i++) {
            x509CertificateArr[i] = list.get(i - 1);
        }
        return x509CertificateArr;
    }

    @Deprecated
    public static KeyStore generateGMSSLTrustStore(X509Certificate x509Certificate) throws Exception {
        return generateGMSSLTrustStoreWithBKS(x509Certificate);
    }

    public static KeyStore generateGMSSLTrustStoreWithBKS(X509Certificate x509Certificate) throws Exception {
        return generateGMSSLTrustStoreWithType(x509Certificate, "BKS");
    }

    public static KeyStore generateGMSSLTrustStoreWithJKS(X509Certificate x509Certificate) throws Exception {
        return generateGMSSLTrustStoreWithType(x509Certificate, "JKS");
    }

    public static KeyStore generateGMSSLTrustStoreWithType(X509Certificate x509Certificate, String str) throws Exception {
        KeyStore generateKeystore = generateKeystore(str);
        generateKeystore.load(null, null);
        generateKeystore.setCertificateEntry(Constants.ROOT_KEY_STORE_NAME, x509Certificate);
        return generateKeystore;
    }

    @Deprecated
    public static KeyStore generateGMSSLTrustStore(X509Certificate[] x509CertificateArr) throws Exception {
        return generateGMSSLTrustStoreWithBKS(x509CertificateArr);
    }

    public static KeyStore generateGMSSLTrustStoreWithBKS(X509Certificate[] x509CertificateArr) throws Exception {
        return generateGMSSLTrustStoreWithType(x509CertificateArr, "BKS");
    }

    public static KeyStore generateGMSSLTrustStoreWithJKS(X509Certificate[] x509CertificateArr) throws Exception {
        return generateGMSSLTrustStoreWithType(x509CertificateArr, "JKS");
    }

    public static KeyStore generateGMSSLTrustStoreWithType(X509Certificate[] x509CertificateArr, String str) throws Exception {
        KeyStore generateKeystore = generateKeystore(str);
        generateKeystore.load(null, null);
        for (int i = 0; i < x509CertificateArr.length; i++) {
            generateKeystore.setCertificateEntry("trust-" + i, x509CertificateArr[i]);
        }
        return generateKeystore;
    }

    @Deprecated
    public static KeyStore generateGMSSLTrustStore(List<X509Certificate> list) throws Exception {
        return generateGMSSLTrustStoreWithBKS(list);
    }

    public static KeyStore generateGMSSLTrustStoreWithBKS(List<X509Certificate> list) throws Exception {
        return generateGMSSLTrustStoreWithType(list, "BKS");
    }

    public static KeyStore generateGMSSLTrustStoreWithJKS(List<X509Certificate> list) throws Exception {
        return generateGMSSLTrustStoreWithType(list, "JKS");
    }

    public static KeyStore generateGMSSLTrustStoreWithType(List<X509Certificate> list, String str) throws Exception {
        KeyStore generateKeystore = generateKeystore(str);
        generateKeystore.load(null, null);
        for (int i = 0; i < list.size(); i++) {
            generateKeystore.setCertificateEntry("trust-" + i, list.get(i));
        }
        return generateKeystore;
    }

    public static void saveGMSSLKeyStore(KeyStore keyStore, String str, String str2, String str3) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException {
        saveGMSSLKeyStoreFullName(keyStore, str, str2, str3 + ".keystore");
    }

    public static void saveGMSSLKeyStoreFullName(KeyStore keyStore, String str, String str2, String str3) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException {
        File file = new File(str2);
        if (!file.exists()) {
            file.mkdirs();
        }
        saveGMSSLKeyStoreFullName(keyStore, str, str2 + File.separator + str3);
    }

    public static void saveGMSSLKeyStoreFullName(KeyStore keyStore, String str, String str2) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException {
        FileOutputStream fileOutputStream = new FileOutputStream(str2);
        keyStore.store(fileOutputStream, str.toCharArray());
        fileOutputStream.close();
    }

    public static void saveGMSSLPfx(KeyStore keyStore, String str, String str2, String str3) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException {
        FileOutputStream fileOutputStream = new FileOutputStream(str2 + "/" + str3 + ".pfx");
        keyStore.store(fileOutputStream, str.toCharArray());
        fileOutputStream.close();
    }

    public static void saveGMSSLPfx(KeyStore keyStore, String str, String str2) throws KeyStoreException, NoSuchProviderException, CertificateException, IOException, NoSuchAlgorithmException, UnrecoverableKeyException {
        KeyStore keyStore2 = KeyStore.getInstance("PKCS12", "BC");
        keyStore2.load(null, null);
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.getCertificate(nextElement) != null) {
                keyStore2.setCertificateEntry(nextElement, keyStore.getCertificate(nextElement));
            }
            if (keyStore.getKey(nextElement, str.toCharArray()) != null) {
                keyStore2.setKeyEntry(nextElement, keyStore.getKey(nextElement, str.toCharArray()), str.toCharArray(), keyStore.getCertificateChain(nextElement));
            }
            saveGMSSLPfx(keyStore2, str, str2, nextElement + "_" + str);
        }
    }

    public static void saveGMSSLBKSKeyStore(KeyStore keyStore, String str, String str2, String str3) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException {
        FileOutputStream fileOutputStream = new FileOutputStream(str2 + "/" + str3 + ".bks");
        keyStore.store(fileOutputStream, str.toCharArray());
        fileOutputStream.close();
    }

    public static void saveGMSSLJKSKeyStore(KeyStore keyStore, String str, String str2, String str3) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException {
        FileOutputStream fileOutputStream = new FileOutputStream(str2 + "/" + str3 + ".jks");
        keyStore.store(fileOutputStream, str.toCharArray());
        fileOutputStream.close();
    }

    @Deprecated
    public static void saveGMSSLKeyStoreEntry(String str, String str2, String str3) throws Exception {
        saveGMSSLKeyStoreEntryWithBKS(str, str2, str3);
    }

    public static void saveGMSSLKeyStoreEntryWithBKS(String str, String str2, String str3) throws Exception {
        saveGMSSLKeyStoreEntryWithType(str, str2, str3, "BKS");
    }

    public static void saveGMSSLKeyStoreEntryWithJKS(String str, String str2, String str3) throws Exception {
        saveGMSSLKeyStoreEntryWithType(str, str2, str3, "JKS");
    }

    public static void saveGMSSLKeyStoreEntryWithType(String str, String str2, String str3, String str4) throws Exception {
        InputStream readInputStreamFromPath = GMSSLX509Utils.readInputStreamFromPath(str);
        KeyStore generateKeystore = generateKeystore(str4);
        generateKeystore.load(readInputStreamFromPath, str2.toCharArray());
        saveGMSSLKeyStore(generateKeystore, str2, str3);
    }

    @Deprecated
    public static void printGMSSLKeyStore(String str, String str2) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, IOException, NoSuchProviderException, CertificateException {
        printGMSSLKeyStoreWithBKS(str, str2);
    }

    public static void printGMSSLKeyStoreWithBKS(String str, String str2) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, IOException, NoSuchProviderException, CertificateException {
        printGMSSLKeyStoreWithType(str, str2, "BKS");
    }

    public static void printGMSSLKeyStoreWithJKS(String str, String str2) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, IOException, NoSuchProviderException, CertificateException {
        printGMSSLKeyStoreWithType(str, str2, "JKS");
    }

    public static void printGMSSLKeyStoreWithType(String str, String str2, String str3) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, IOException, NoSuchProviderException, CertificateException {
        InputStream readInputStreamFromPath = GMSSLX509Utils.readInputStreamFromPath(str);
        KeyStore generateKeystore = generateKeystore(str3);
        generateKeystore.load(readInputStreamFromPath, str2.toCharArray());
        printGMSSLKeyStore(generateKeystore, str2);
    }

    public static void printGMSSLKeyStore(KeyStore keyStore, String str) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException {
        System.out.println("Keystore type: " + keyStore.getType());
        System.out.println("Keystore provider: " + keyStore.getProvider());
        System.out.println();
        System.out.println("Your keystore contains " + keyStore.size() + " entries");
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            System.out.println();
            String nextElement = aliases.nextElement();
            System.out.println("Alias name: " + nextElement);
            System.out.println("Creation date: " + keyStore.getCreationDate(nextElement));
            if (keyStore.isKeyEntry(nextElement)) {
                System.out.println("Entry type: PrivateKeyEntry");
                Key key = keyStore.getKey(nextElement, str.toCharArray());
                System.out.println("Key Algorithm: " + key.getAlgorithm());
                if (key instanceof SecretKey) {
                    System.out.println(SdfPrivateKey.getInstance(key));
                } else {
                    System.out.println(key);
                }
                Certificate[] certificateChain = keyStore.getCertificateChain(nextElement);
                System.out.println("Certificate chain length: " + certificateChain.length);
                for (int i = 1; i <= certificateChain.length; i++) {
                    System.out.println("Certificate[" + i + "]: ");
                    System.out.println(certificateChain[i - 1]);
                }
            } else if (keyStore.isCertificateEntry(nextElement)) {
                System.out.println("Entry type: CertificateEntry");
                System.out.println(keyStore.getCertificate(nextElement));
            } else {
                System.out.println("UnKnown type alias : " + nextElement);
            }
        }
    }

    public static void saveGMSSLKeyStore(KeyStore keyStore, String str, String str2) throws Exception {
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                Key key = keyStore.getKey(nextElement, str.toCharArray());
                String str3 = nextElement + "_pri";
                if (key instanceof SecretKey) {
                    SdfPrivateKey sdfPrivateKey = SdfPrivateKey.getInstance(key);
                    if (!$assertionsDisabled && sdfPrivateKey == null) {
                        throw new AssertionError();
                    }
                    GMSSLX509Utils.writeSdfPrivateKey(str2, str3, sdfPrivateKey);
                } else {
                    GMSSLX509Utils.writePrivateKeyToPem(str2, str3, (PrivateKey) key);
                }
                Certificate[] certificateChain = keyStore.getCertificateChain(nextElement);
                for (int i = 1; i <= certificateChain.length; i++) {
                    GMSSLX509Utils.writeCertificateToPem(str2, nextElement + "_cert_" + i, (X509Certificate) certificateChain[i - 1]);
                }
            } else if (keyStore.isCertificateEntry(nextElement)) {
                GMSSLX509Utils.writeCertificateToPem(str2, nextElement + "_cert", (X509Certificate) keyStore.getCertificate(nextElement));
            } else {
                logger.error("UnKnown type alias : " + nextElement);
            }
        }
    }

    private static KeyStore generateKeystore(String str) throws NoSuchProviderException, KeyStoreException {
        return ("BKS".equals(str) || "PKCS12".equals(str)) ? KeyStore.getInstance(str, "BC") : KeyStore.getInstance(str);
    }

    public static KeyStore readKeyStoreFromPath(String str, char[] cArr) throws Exception {
        KeyStore readKeyStoreFromPath;
        try {
            readKeyStoreFromPath = readKeyStoreFromPath(str, cArr, "JKS");
        } catch (Exception e) {
            readKeyStoreFromPath = readKeyStoreFromPath(str, cArr, "BKS");
        }
        return readKeyStoreFromPath;
    }

    public static KeyStore readKeyStoreFromPath(String str, char[] cArr, String str2) throws Exception {
        return readKeyStoreFromStream(cArr, str2, GMSSLX509Utils.readInputStreamFromPath(str));
    }

    public static KeyStore readKeyStoreFromBytes(char[] cArr, String str, byte[] bArr) throws Exception {
        return readKeyStoreFromStream(cArr, str, new ByteArrayInputStream(bArr));
    }

    public static KeyStore readKeyStoreFromStream(char[] cArr, String str, InputStream inputStream) throws Exception {
        KeyStore keyStore = "BKS".equals(str) ? KeyStore.getInstance(str, "BC") : KeyStore.getInstance(str);
        keyStore.load(inputStream, cArr);
        return keyStore;
    }

    public static Certificate readCertificateFromKeyStore(KeyStore keyStore, String str) throws KeyStoreException {
        return keyStore.getCertificate(str);
    }

    public static PrivateKey readPrivateKeyFromKeyStore(String str, char[] cArr, String str2) throws Exception {
        return readPrivateKeyFromKeyStore(readKeyStoreFromPath(str, cArr), cArr, str2);
    }

    public static PrivateKey readPrivateKeyFromKeyStore(KeyStore keyStore, char[] cArr, String str) throws Exception {
        return (PrivateKey) keyStore.getKey(str, cArr);
    }

    static {
        $assertionsDisabled = !GMSSLKeyStoreUtils.class.desiredAssertionStatus();
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
        logger = LoggerFactory.getLogger((Class<?>) GMSSLExtensionUtils.class);
    }
}
