package kd.ebg.egf.common.framework.communication.util;

import java.io.File;
import java.io.FileInputStream;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import kd.bos.dataentity.resource.ResManager;
import kd.bos.util.StringUtils;
import kd.ebg.egf.common.exception.EBErrorPriKeyCipherException;
import kd.ebg.egf.common.exception.EBExceiptionUtil;
import kd.ebg.egf.common.exception.EBPriKeyAbsentAliasException;
import kd.ebg.egf.common.exception.EBPubKeyAbsentAliasException;
import kd.ebg.egf.common.utils.string.StrUtil;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:kd/ebg/egf/common/framework/communication/util/CertReader.class */
public class CertReader {
    private KeyStore keyStore;
    private String certPath;
    private String certPwd;
    private String alias;
    private InputStream stream;
    public static final String PKCS12 = "PKCS12";
    public static final String JKS = "JKS";
    public static final String PUBLICKEY = "PUBLICKEY";
    public static final String PRIVATEKEY = "PRIVATEKEY";
    private String name;
    private static final Logger logger = LoggerFactory.getLogger(CertReader.class);
    private static String KEY_STORE_TYPE = "PKCS12";

    public CertReader(String str, String str2, String str3) {
        this.certPath = str;
        this.certPwd = str2;
        this.alias = str3;
    }

    public CertReader(InputStream inputStream, String str, String str2) {
        this.stream = inputStream;
        this.certPwd = str;
        this.alias = str2;
    }

    public void setName(String str) {
        this.name = str;
    }

    public static void setKeyStoreTypr(String str) {
        KEY_STORE_TYPE = str;
    }

    public PrivateKey getPrivateKey() throws Exception {
        String alias = getAlias();
        if (StringUtils.isEmpty(alias)) {
            throw EBExceiptionUtil.serviceException(ResManager.loadKDString("解析证书私钥错误，证书别名为空。", "CertReader_3", "ebg-egf-common", new Object[0]));
        }
        try {
            Key key = this.keyStore.getKey(alias, this.certPwd.toCharArray());
            if (key != null) {
                return (PrivateKey) key;
            }
            throw new EBPriKeyAbsentAliasException(String.format(ResManager.loadKDString("解析证书私钥错误，证书不存在的别名%s。", "CertReader_5", "ebg-egf-common", new Object[0]), alias));
        } catch (UnrecoverableKeyException e) {
            throw new EBErrorPriKeyCipherException(ResManager.loadKDString("解析证书私钥错误，私钥密码错误。", "CertReader_4", "ebg-egf-common", new Object[0]), e);
        }
    }

    public PublicKey getPublicKey() throws Exception {
        return getPublicKey(StrUtil.EMPTY);
    }

    public PublicKey getPublicKey(String str) throws Exception {
        if (StringUtils.isEmpty(str)) {
            str = getAlias();
            if (StringUtils.isEmpty(str)) {
                throw EBExceiptionUtil.serviceException(ResManager.loadKDString("解析证书公钥错误，证书链为空。", "CertReader_1", "ebg-egf-common", new Object[0]));
            }
        }
        Certificate certificate = getCertificate(str);
        if (certificate == null) {
            throw new EBPubKeyAbsentAliasException(String.format(ResManager.loadKDString("解析证书公钥错误，证书链不存在的别名%s。", "CertReader_2", "ebg-egf-common", new Object[0]), str));
        }
        return certificate.getPublicKey();
    }

    public String getAlias() throws Exception {
        if (null != this.alias && !StrUtil.EMPTY.equalsIgnoreCase(this.alias)) {
            return this.alias;
        }
        Enumeration<String> aliases = this.keyStore.aliases();
        String str = StrUtil.EMPTY;
        StringBuilder sb = new StringBuilder();
        sb.append(StrUtil.CRLF).append(ResManager.loadKDString("----------------- 证书链 ----------------------", "CertReader_0", "ebg-egf-common", new Object[0])).append(StrUtil.CRLF);
        while (aliases.hasMoreElements()) {
            if (StringUtils.isEmpty(str)) {
                str = aliases.nextElement();
                sb.append(str).append(StrUtil.CRLF);
            } else {
                sb.append(aliases.nextElement()).append(StrUtil.CRLF);
            }
        }
        sb.append("-----------------------------------------------");
        logger.info(sb.toString());
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        return str;
    }

    private String certChain() throws Exception {
        if (this.name == null) {
            return null;
        }
        logger.info("----------------- 证书链 ----------------------");
        Enumeration<String> aliases = this.keyStore.aliases();
        ArrayList<String> arrayList = new ArrayList(1);
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            logger.info(nextElement);
            arrayList.add(nextElement);
        }
        logger.info("-----------------------------------------------");
        if (this.name.equalsIgnoreCase(PRIVATEKEY) && CertChain.root.getName().equalsIgnoreCase(StrUtil.EMPTY)) {
            for (String str : arrayList) {
                if (str.indexOf("(") == -1 && !this.alias.equalsIgnoreCase(str)) {
                    CertChain.setRoot(str);
                    return StrUtil.EMPTY;
                }
            }
            return StrUtil.EMPTY;
        }
        if (!this.name.equalsIgnoreCase(PUBLICKEY)) {
            return StrUtil.EMPTY;
        }
        boolean z = true;
        while (z) {
            z = false;
            for (String str2 : arrayList) {
                int indexOf = str2.indexOf("(");
                if (indexOf > 0) {
                    String substring = str2.substring(indexOf + 1, str2.indexOf(")"));
                    CertChain last = CertChain.root.getLast();
                    int indexOf2 = last.getName().indexOf("(");
                    String name = last.getName();
                    if (indexOf2 > 0) {
                        name = last.getName().substring(0, indexOf2);
                    }
                    if (name.trim().equalsIgnoreCase(substring.trim())) {
                        last.setNext(new CertChain(str2));
                        z = true;
                    }
                }
            }
        }
        return CertChain.root.getLast().getName();
    }

    public void initKeyStore() throws Exception {
        if (null == Security.getProvider("BC")) {
            Security.addProvider(new BouncyCastleProvider());
        }
        this.keyStore = KeyStore.getInstance(KEY_STORE_TYPE);
        if (null == this.stream) {
            this.stream = new FileInputStream(new File(this.certPath));
        }
        try {
            try {
                this.keyStore.load(this.stream, this.certPwd.toCharArray());
                if (this.stream != null) {
                    this.stream.close();
                }
            } catch (Throwable th) {
                throw new EBErrorPriKeyCipherException(ResManager.loadKDString("解析证书私钥错误，私钥密码错误。", "CertReader_4", "ebg-egf-common", new Object[0]), th);
            }
        } catch (Throwable th2) {
            if (this.stream != null) {
                this.stream.close();
            }
            throw th2;
        }
    }

    public Certificate getCertificate() throws Exception {
        return this.keyStore.getCertificate(getAlias());
    }

    public Certificate getCertificate(String str) throws Exception {
        return this.keyStore.getCertificate(str);
    }

    public KeyStore getKeyStore() {
        return this.keyStore;
    }

    public void setKeyStore(KeyStore keyStore) {
        this.keyStore = keyStore;
    }

    public String getCertPath() {
        return this.certPath;
    }

    public void setCertPath(String str) {
        this.certPath = str;
    }

    public String getCertPwd() {
        return this.certPwd;
    }

    public void setCertPwd(String str) {
        this.certPwd = str;
    }

    public void setAlias(String str) {
        this.alias = str;
    }

    public InputStream getStream() {
        return this.stream;
    }

    public void setStream(InputStream inputStream) {
        this.stream = inputStream;
    }

    public static String getPKCS12() {
        return "PKCS12";
    }

    public static String getJKS() {
        return "JKS";
    }

    public static String getKeyStoreType() {
        return KEY_STORE_TYPE;
    }

    public static void setKeyStoreType(String str) {
        KEY_STORE_TYPE = str;
    }

    public static String getPUBLICKEY() {
        return PUBLICKEY;
    }

    public static String getPRIVATEKEY() {
        return PRIVATEKEY;
    }

    public String getName() {
        return this.name;
    }
}
