package com.xdja.pki.gmssl.tomcat.tools.main;

import com.alibaba.fastjson.JSONObject;
import com.xdja.pki.gmssl.core.utils.GMSSLX509Utils;
import com.xdja.pki.gmssl.crypto.utils.GMSSLSM2EncryptUtils;
import com.xdja.pki.gmssl.crypto.utils.GMSSLSM4ECBEncryptUtils;
import com.xdja.pki.gmssl.tomcat.utils.GMSSLTomcatUtils;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.IOException;
import java.security.Provider;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.io.FileUtils;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.Selector;
import org.bouncycastle.util.encoders.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/xdja/pki/gmssl/tomcat/tools/main/ResolveCertUtils.class */
public class ResolveCertUtils {
    private static Logger logger = LoggerFactory.getLogger(ResolveCertUtils.class);
    public static final String CERT_HEAD = "-----BEGIN CERTIFICATE-----";
    public static final String CERT_TAIL = "-----END CERTIFICATE-----";
    public static final String PUBLIC_KEY_HEAD = "-----BEGIN PUBLIC KEY-----";
    public static final String PUBLIC_KEY_TAIL = "-----END PUBLIC KEY-----";

    public static void addHttpsPort(String str) throws Exception {
        try {
            TomcatPropertiesEntry tomcatProperties = getTomcatProperties(str);
            System.out.println(tomcatProperties.toString());
            try {
                X509Certificate certFromB64 = getCertFromB64(getEncCertByEnvelopData(tomcatProperties.getEncKeyIndex(), tomcatProperties.getEncPriKey(), GMSSLX509Utils.readFileToByte(tomcatProperties.getEncCertPath())));
                X509Certificate x509Certificate = null;
                ArrayList arrayList = new ArrayList();
                try {
                    for (X509Certificate x509Certificate2 : getCertsByCertChain(file2String(new File(tomcatProperties.getSignCertPath()), "utf-8"))) {
                        if (x509Certificate2.getSubjectX500Principal().equals(certFromB64.getSubjectX500Principal())) {
                            x509Certificate = x509Certificate2;
                        } else {
                            arrayList.add(x509Certificate2);
                        }
                    }
                    GMSSLTomcatUtils.openHttpsPortByYunHsm(arrayList, x509Certificate, certFromB64, tomcatProperties.getEncKeyIndex(), tomcatProperties.getEncPriKey(), tomcatProperties.getTomcatPath(), tomcatProperties.getHttpsPort());
                } catch (Exception e) {
                    logger.error("解析签名证书链失败", e);
                }
            } catch (Exception e2) {
                logger.error("解析加密证书链失败", e2);
            }
        } catch (IOException e3) {
            logger.error("获取配置信息失败", e3);
        }
    }

    public X509Certificate getEncCert(int i, String str, String str2) throws Exception {
        return getCertFromStr(getEncCertByEnvelopData(i, str, GMSSLX509Utils.readFileToByte(str2)));
    }

    public static List<X509Certificate> getCertsByCertChain(String str) throws CMSException, CertificateException {
        ArrayList arrayList = new ArrayList();
        Iterator it = new CMSSignedData(Base64.decode(str)).getCertificates().getMatches((Selector) null).iterator();
        while (it.hasNext()) {
            arrayList.add(new JcaX509CertificateConverter().setProvider("BC").getCertificate((X509CertificateHolder) it.next()));
        }
        return arrayList;
    }

    /* JADX WARN: Removed duplicated region for block: B:10:0x0061 A[EDGE_INSN: B:10:0x0061->B:11:0x0061 BREAK  A[LOOP:0: B:7:0x0048->B:9:0x0055], SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:15:0x00b0  */
    /* JADX WARN: Removed duplicated region for block: B:18:0x00b5 A[RETURN] */
    /* JADX WARN: Removed duplicated region for block: B:19:0x0065 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:9:0x0055 A[Catch: Exception -> 0x0076, all -> 0x0095, LOOP:0: B:7:0x0048->B:9:0x0055, LOOP_END, TryCatch #2 {Exception -> 0x0076, blocks: (B:36:0x000e, B:38:0x002d, B:6:0x003e, B:7:0x0048, B:9:0x0055, B:5:0x001a), top: B:35:0x000e, outer: #0 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.lang.String file2String(java.io.File r6, java.lang.String r7) {
        /*
            r0 = 0
            r8 = r0
            java.io.StringWriter r0 = new java.io.StringWriter
            r1 = r0
            r1.<init>()
            r9 = r0
            r0 = r7
            if (r0 == 0) goto L1a
            java.lang.String r0 = ""
            r1 = r7
            java.lang.String r1 = r1.trim()     // Catch: java.lang.Exception -> L76 java.lang.Throwable -> L95
            boolean r0 = r0.equals(r1)     // Catch: java.lang.Exception -> L76 java.lang.Throwable -> L95
            if (r0 == 0) goto L2d
        L1a:
            java.io.InputStreamReader r0 = new java.io.InputStreamReader     // Catch: java.lang.Exception -> L76 java.lang.Throwable -> L95
            r1 = r0
            java.io.FileInputStream r2 = new java.io.FileInputStream     // Catch: java.lang.Exception -> L76 java.lang.Throwable -> L95
            r3 = r2
            r4 = r6
            r3.<init>(r4)     // Catch: java.lang.Exception -> L76 java.lang.Throwable -> L95
            r1.<init>(r2)     // Catch: java.lang.Exception -> L76 java.lang.Throwable -> L95
            r8 = r0
            goto L3e
        L2d:
            java.io.InputStreamReader r0 = new java.io.InputStreamReader     // Catch: java.lang.Exception -> L76 java.lang.Throwable -> L95
            r1 = r0
            java.io.FileInputStream r2 = new java.io.FileInputStream     // Catch: java.lang.Exception -> L76 java.lang.Throwable -> L95
            r3 = r2
            r4 = r6
            r3.<init>(r4)     // Catch: java.lang.Exception -> L76 java.lang.Throwable -> L95
            r3 = r7
            r1.<init>(r2, r3)     // Catch: java.lang.Exception -> L76 java.lang.Throwable -> L95
            r8 = r0
        L3e:
            r0 = 2048(0x800, float:2.87E-42)
            char[] r0 = new char[r0]     // Catch: java.lang.Exception -> L76 java.lang.Throwable -> L95
            r10 = r0
            r0 = 0
            r11 = r0
        L48:
            r0 = -1
            r1 = r8
            r2 = r10
            int r1 = r1.read(r2)     // Catch: java.lang.Exception -> L76 java.lang.Throwable -> L95
            r2 = r1
            r11 = r2
            if (r0 == r1) goto L61
            r0 = r9
            r1 = r10
            r2 = 0
            r3 = r11
            r0.write(r1, r2, r3)     // Catch: java.lang.Exception -> L76 java.lang.Throwable -> L95
            goto L48
        L61:
            r0 = r8
            if (r0 == 0) goto Lac
            r0 = r8
            r0.close()     // Catch: java.io.IOException -> L6c
            goto Lac
        L6c:
            r10 = move-exception
            r0 = r10
            r0.printStackTrace()
            goto Lac
        L76:
            r10 = move-exception
            r0 = r10
            r0.printStackTrace()     // Catch: java.lang.Throwable -> L95
            r0 = 0
            r11 = r0
            r0 = r8
            if (r0 == 0) goto L92
            r0 = r8
            r0.close()     // Catch: java.io.IOException -> L8b
            goto L92
        L8b:
            r12 = move-exception
            r0 = r12
            r0.printStackTrace()
        L92:
            r0 = r11
            return r0
        L95:
            r13 = move-exception
            r0 = r8
            if (r0 == 0) goto La9
            r0 = r8
            r0.close()     // Catch: java.io.IOException -> La2
            goto La9
        La2:
            r14 = move-exception
            r0 = r14
            r0.printStackTrace()
        La9:
            r0 = r13
            throw r0
        Lac:
            r0 = r9
            if (r0 == 0) goto Lb5
            r0 = r9
            java.lang.String r0 = r0.toString()
            return r0
        Lb5:
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.xdja.pki.gmssl.tomcat.tools.main.ResolveCertUtils.file2String(java.io.File, java.lang.String):java.lang.String");
    }

    public static TomcatPropertiesEntry getTomcatProperties(String str) throws IOException {
        TomcatPropertiesEntry tomcatPropertiesEntry = new TomcatPropertiesEntry();
        JSONObject jSONObject = JSONObject.parseObject(FileUtils.readFileToString(new File(str), "UTF-8")).getJSONObject("Tomcat");
        tomcatPropertiesEntry.setTomcatPath(jSONObject.getString("tomcatPath"));
        tomcatPropertiesEntry.setRootCertPath(jSONObject.getString("rootCertPath"));
        tomcatPropertiesEntry.setSignCertPath(jSONObject.getString("signCertPath"));
        tomcatPropertiesEntry.setEncCertPath(jSONObject.getString("encCertPath"));
        tomcatPropertiesEntry.setEncKeyIndex(jSONObject.getInteger("encKeyIndex").intValue());
        tomcatPropertiesEntry.setEncPriKey(jSONObject.getString("encPriKey"));
        tomcatPropertiesEntry.setHttpsPort(jSONObject.getInteger("httpsPort").intValue());
        tomcatPropertiesEntry.setCryptoType(jSONObject.getString("cryptoType"));
        return tomcatPropertiesEntry;
    }

    public static String getEncCertByEnvelopData(int i, String str, byte[] bArr) throws Exception {
        SM2EnvelopedData sM2EnvelopedData = SM2EnvelopedData.getInstance(Base64.decode(bArr));
        DERSequence objectAt = sM2EnvelopedData.getRecipientInfos().getObjectAt(0);
        DEROctetString dEROctetString = null;
        for (int i2 = 0; i2 < objectAt.size(); i2++) {
            ASN1Encodable objectAt2 = objectAt.getObjectAt(i2);
            if (objectAt2 instanceof DEROctetString) {
                dEROctetString = (DEROctetString) objectAt2;
            }
        }
        return GMSSLSM4ECBEncryptUtils.decryptByBCWithPKCS7Padding(GMSSLSM2EncryptUtils.decryptASN1ByYunhsm(i, str, Base64.toBase64String(dEROctetString.getOctets())), Base64.toBase64String(sM2EnvelopedData.getEncryptedContentInfo().getEncryptedContent().getOctets()));
    }

    public static X509Certificate getCertFromStr(String str) {
        String replace = str.replace(CERT_HEAD, "").replace(CERT_TAIL, "").replace("\r", "").replace("\n", "").replace("\\r", "").replace("\\n", "");
        X509Certificate certFromB64 = getCertFromB64(replace);
        if (certFromB64 == null) {
            certFromB64 = getCertFromNormalStr(replace);
        }
        if (certFromB64 == null) {
            certFromB64 = getCertFromStr16(replace);
        }
        return certFromB64;
    }

    private static synchronized X509Certificate getCertFromB64(String str) {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509", (Provider) new BouncyCastleProvider()).generateCertificate(new ByteArrayInputStream(Base64.decode(str)));
        } catch (Exception e) {
            System.err.println("getCertFromB64 error: " + e.toString());
            return null;
        }
    }

    private static synchronized X509Certificate getCertFromStr16(String str) {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509", (Provider) new BouncyCastleProvider()).generateCertificate(new ByteArrayInputStream(hex2byte(str)));
        } catch (Exception e) {
            System.err.println("getCertFromFullStr error: " + e.toString());
            return null;
        }
    }

    public static byte[] hex2byte(String str) {
        StringBuffer stringBuffer;
        int length;
        if (null == str || str.equals("") || (length = (stringBuffer = new StringBuffer(str.trim())).length()) == 0 || length % 2 == 1) {
            return null;
        }
        byte[] bArr = new byte[length / 2];
        for (int i = 0; i < length; i += 2) {
            try {
                bArr[i / 2] = (byte) Integer.decode("0x" + stringBuffer.substring(i, i + 2)).intValue();
            } catch (Exception e) {
                return null;
            }
        }
        return bArr;
    }

    private static synchronized X509Certificate getCertFromNormalStr(String str) {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509", (Provider) new BouncyCastleProvider()).generateCertificate(new ByteArrayInputStream(str.getBytes()));
        } catch (Exception e) {
            System.err.println("getCertFromFullStr error: " + e.toString());
            return null;
        }
    }

    static {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
