package com.xdja.pki.gmssl.test;

import com.xdja.pki.gmssl.crypto.sdf.SdfPrivateKey;
import com.xdja.pki.gmssl.crypto.utils.GMSSLSM2KeyUtils;
import com.xdja.pki.gmssl.keystore.utils.GMSSLKeyStoreUtils;
import com.xdja.pki.gmssl.x509.utils.GMSSLCertUtils;
import com.xdja.pki.gmssl.x509.utils.GMSSLExtensionUtils;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.concurrent.atomic.AtomicLong;
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:com/xdja/pki/gmssl/test/GMSSLKeyStore.class */
public class GMSSLKeyStore {
    private KeyStore serverKeyStore;
    private char[] password;
    private KeyStore trustKeyStore;
    private PrivateKey rootKey;
    private X509Certificate rootCert;
    private PrivateKey signKey;
    private X509Certificate signCert;
    private PrivateKey encKey;
    private X509Certificate encCert;

    public GMSSLKeyStore(String str, PrivateKey privateKey, X509Certificate x509Certificate, PrivateKey privateKey2, X509Certificate x509Certificate2, PrivateKey privateKey3, X509Certificate x509Certificate3) throws NoSuchAlgorithmException, CertificateException, NoSuchProviderException, KeyStoreException, IOException {
        this.password = str.toCharArray();
        this.rootKey = privateKey;
        this.rootCert = x509Certificate;
        this.signKey = privateKey2;
        this.signCert = x509Certificate2;
        this.encKey = privateKey3;
        this.encCert = x509Certificate3;
        this.serverKeyStore = GMSSLKeyStoreUtils.generateGMSSLKeyStore(str, x509Certificate, "sign", privateKey2, x509Certificate2, "enc", privateKey3, x509Certificate3);
        this.trustKeyStore = GMSSLKeyStoreUtils.generateGMSSLTrustStore(x509Certificate);
    }

    public KeyStore getServerKeyStore() {
        return this.serverKeyStore;
    }

    public char[] getPassword() {
        return this.password;
    }

    public KeyStore getTrustKeyStore() {
        return this.trustKeyStore;
    }

    public PrivateKey getRootKey() {
        return this.rootKey;
    }

    public X509Certificate getRootCert() {
        return this.rootCert;
    }

    public PrivateKey getSignKey() {
        return this.signKey;
    }

    public X509Certificate getSignCert() {
        return this.signCert;
    }

    public PrivateKey getEncKey() {
        return this.encKey;
    }

    public X509Certificate getEncCert() {
        return this.encCert;
    }

    public void save() throws Exception {
        File file = new File("." + File.separator + "target" + File.separator + "tomcat" + File.separator + "cert");
        if (!file.exists()) {
            file.mkdirs();
        }
        String str = file.getAbsolutePath() + File.separator;
        FileOutputStream fileOutputStream = new FileOutputStream(str + "trust.keystore");
        getTrustKeyStore().store(fileOutputStream, getPassword());
        fileOutputStream.close();
        FileOutputStream fileOutputStream2 = new FileOutputStream(str + "server.keystore");
        getServerKeyStore().store(fileOutputStream2, getPassword());
        fileOutputStream2.close();
    }

    public static GMSSLKeyStore generateGMSSLKeyStoreByBC() throws Exception {
        AtomicLong atomicLong = new AtomicLong(System.currentTimeMillis());
        Date date = new Date();
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(date);
        calendar.add(5, -1);
        Date time = calendar.getTime();
        calendar.add(1, 1);
        Date time2 = calendar.getTime();
        ArrayList arrayList = new ArrayList();
        arrayList.add(GMSSLExtensionUtils.genRootCertKeyUsageExtension());
        KeyPair generateSM2KeyPairByBC = GMSSLSM2KeyUtils.generateSM2KeyPairByBC();
        X509Certificate generateCertByBC = GMSSLCertUtils.generateCertByBC("CN=ROOTCA,O=XDJA,C=CN", "CN=ROOTCA,O=XDJA,C=CN", BigInteger.valueOf(atomicLong.getAndIncrement()), time, time2, generateSM2KeyPairByBC.getPrivate(), generateSM2KeyPairByBC.getPublic(), arrayList);
        AuthorityKeyIdentifier createAuthorityKeyIdentifier = new JcaX509ExtensionUtils().createAuthorityKeyIdentifier(generateCertByBC);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(GMSSLExtensionUtils.genSignatureCertKeyUsageExtension());
        arrayList2.add(new Extension(Extension.authorityKeyIdentifier, true, createAuthorityKeyIdentifier.getEncoded()));
        KeyPair generateSM2KeyPairByBC2 = GMSSLSM2KeyUtils.generateSM2KeyPairByBC();
        X509Certificate generateCertByBC2 = GMSSLCertUtils.generateCertByBC("CN=ROOTCA,O=XDJA,C=CN", "CN=SIGN,OU=SERVER,O=XDJA,C=CN", BigInteger.valueOf(atomicLong.getAndIncrement()), time, time2, generateSM2KeyPairByBC.getPrivate(), generateSM2KeyPairByBC2.getPublic(), arrayList2);
        ArrayList arrayList3 = new ArrayList();
        arrayList3.add(GMSSLExtensionUtils.genEncryptCertKeyUsageExtension());
        arrayList3.add(new Extension(Extension.authorityKeyIdentifier, true, createAuthorityKeyIdentifier.getEncoded()));
        KeyPair generateSM2KeyPairByBC3 = GMSSLSM2KeyUtils.generateSM2KeyPairByBC();
        return new GMSSLKeyStore("password", generateSM2KeyPairByBC.getPrivate(), generateCertByBC, generateSM2KeyPairByBC2.getPrivate(), generateCertByBC2, generateSM2KeyPairByBC3.getPrivate(), GMSSLCertUtils.generateCertByBC("CN=ROOTCA,O=XDJA,C=CN", "CN=ENC,OU=SERVER,O=XDJA,C=CN", BigInteger.valueOf(atomicLong.getAndIncrement()), time, time2, generateSM2KeyPairByBC.getPrivate(), generateSM2KeyPairByBC3.getPublic(), arrayList3));
    }

    public static GMSSLKeyStore generateGMSSLKeyStoreByYunhsm(int i, String str) throws Exception {
        AtomicLong atomicLong = new AtomicLong(System.currentTimeMillis());
        Date date = new Date();
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(date);
        calendar.add(5, -1);
        Date time = calendar.getTime();
        calendar.add(1, 1);
        Date time2 = calendar.getTime();
        ArrayList arrayList = new ArrayList();
        arrayList.add(GMSSLExtensionUtils.genRootCertKeyUsageExtension());
        PublicKey signPublicKeyByYunhsm = GMSSLSM2KeyUtils.getSignPublicKeyByYunhsm(i);
        SdfPrivateKey genSdfPrivateKey = GMSSLSM2KeyUtils.genSdfPrivateKey(i, str);
        X509Certificate generateCertByYunhsm = GMSSLCertUtils.generateCertByYunhsm("CN=ROOTCA,O=XDJA,C=CN", "CN=ROOTCA,O=XDJA,C=CN", BigInteger.valueOf(atomicLong.getAndIncrement()), time, time2, genSdfPrivateKey, signPublicKeyByYunhsm, arrayList);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(GMSSLExtensionUtils.genSignatureCertKeyUsageExtension());
        PublicKey signPublicKeyByYunhsm2 = GMSSLSM2KeyUtils.getSignPublicKeyByYunhsm(i);
        SdfPrivateKey genSdfPrivateKey2 = GMSSLSM2KeyUtils.genSdfPrivateKey(i, str);
        X509Certificate generateCertByYunhsm2 = GMSSLCertUtils.generateCertByYunhsm("CN=ROOTCA,O=XDJA,C=CN", "CN=SIGN,O=SERVER,O=XDJA,C=CN", BigInteger.valueOf(atomicLong.getAndIncrement()), time, time2, genSdfPrivateKey, signPublicKeyByYunhsm2, arrayList2);
        ArrayList arrayList3 = new ArrayList();
        arrayList3.add(GMSSLExtensionUtils.genEncryptCertKeyUsageExtension());
        return new GMSSLKeyStore("password", genSdfPrivateKey, generateCertByYunhsm, genSdfPrivateKey2, generateCertByYunhsm2, GMSSLSM2KeyUtils.genSdfPrivateKey(i, str), GMSSLCertUtils.generateCertByYunhsm("CN=ROOTCA,O=XDJA,C=CN", "CN=ENC,O=SERVER,O=XDJA,C=CN", BigInteger.valueOf(atomicLong.getAndIncrement()), time, time2, genSdfPrivateKey, GMSSLSM2KeyUtils.getEncryptPublicKeyByYunhsm(i), arrayList3));
    }

    static {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
