package cn.org.bjca.gaia.assemb.util;

import cn.org.bjca.gaia.asn1.DLSequence;
import cn.org.bjca.gaia.assemb.exception.ErrorCode;
import cn.org.bjca.gaia.assemb.exception.PkiException;
import cn.org.bjca.gaia.assemb.param.BjcaKey;
import cn.org.bjca.gaia.jcajce.provider.asymmetric.ec.BCECPrivateKey;
import cn.org.bjca.gaia.jce.provider.BJCAJEProvider;
import cn.org.bjca.gaia.util.encoders.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Enumeration;

/* loaded from: input_file:cn/org/bjca/gaia/assemb/util/Pkcs12Util.class */
public class Pkcs12Util {
    public void p12Generator(String str, String str2, BjcaKey bjcaKey, String str3, String str4, String str5) throws PkiException {
        if (!bjcaKey.getKeyType().equals(BjcaKey.RSA_PRV_KEY)) {
            throw new PkiException(ErrorCode.Pkcs12.GEN_P12, "构造P12失败不支持的算法类型" + bjcaKey.getKeyType());
        }
        ByteArrayInputStream byteArrayInputStream = null;
        try {
            try {
                byteArrayInputStream = new ByteArrayInputStream(Base64.decode(str5));
                X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
                if (byteArrayInputStream != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }
                Key convertKey = KeyPairUtil.convertKey(bjcaKey);
                FileOutputStream fileOutputStream = null;
                try {
                    try {
                        X509Certificate[] x509CertificateArr = {x509Certificate};
                        KeyStore keyStore = KeyStore.getInstance("PKCS12", "BJCAJE");
                        keyStore.load(null, null);
                        keyStore.setKeyEntry(str2, convertKey, str4.toCharArray(), x509CertificateArr);
                        FileUtil.confirmDir(FileUtil.getDirPathFromFilePath(str));
                        fileOutputStream = new FileOutputStream(str);
                        keyStore.store(fileOutputStream, str3.toCharArray());
                        if (fileOutputStream != null) {
                            try {
                                fileOutputStream.close();
                            } catch (IOException e2) {
                                e2.printStackTrace();
                            }
                        }
                    } catch (Exception e3) {
                        throw new PkiException(ErrorCode.Pkcs12.GEN_P12, "构造P12失败 ", e3);
                    }
                } catch (Throwable th) {
                    if (fileOutputStream != null) {
                        try {
                            fileOutputStream.close();
                        } catch (IOException e4) {
                            e4.printStackTrace();
                            throw th;
                        }
                    }
                    throw th;
                }
            } catch (Exception e5) {
                throw new PkiException(ErrorCode.Pkcs12.GEN_P12, "构造P12失败 解析证书失败", e5);
            }
        } catch (Throwable th2) {
            if (byteArrayInputStream != null) {
                try {
                    byteArrayInputStream.close();
                } catch (IOException e6) {
                    e6.printStackTrace();
                    throw th2;
                }
            }
            throw th2;
        }
    }

    public byte[] p12Generator(String str, BjcaKey bjcaKey, String str2, String str3, String str4) throws PkiException {
        if (!bjcaKey.getKeyType().equals(BjcaKey.RSA_PRV_KEY)) {
            throw new PkiException(ErrorCode.Pkcs12.GEN_P12, "构造P12失败不支持的算法类型" + bjcaKey.getKeyType());
        }
        ByteArrayInputStream byteArrayInputStream = null;
        try {
            try {
                byteArrayInputStream = new ByteArrayInputStream(Base64.decode(str4));
                X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
                if (byteArrayInputStream != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }
                Key convertKey = KeyPairUtil.convertKey(bjcaKey);
                try {
                    X509Certificate[] x509CertificateArr = {x509Certificate};
                    KeyStore keyStore = KeyStore.getInstance("PKCS12", "BJCAJE");
                    keyStore.load(null, null);
                    keyStore.setKeyEntry(str, convertKey, str3.toCharArray(), x509CertificateArr);
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    keyStore.store(byteArrayOutputStream, str2.toCharArray());
                    return byteArrayOutputStream.toByteArray();
                } catch (Exception e2) {
                    throw new PkiException(ErrorCode.Pkcs12.GEN_P12, "构造P12失败 ", e2);
                }
            } catch (Exception e3) {
                throw new PkiException(ErrorCode.Pkcs12.GEN_P12, "构造P12失败 解析证书失败", e3);
            }
        } catch (Throwable th) {
            if (byteArrayInputStream != null) {
                try {
                    byteArrayInputStream.close();
                } catch (IOException e4) {
                    e4.printStackTrace();
                    throw th;
                }
            }
            throw th;
        }
    }

    public String exportP12Certificate(byte[] bArr, String str) throws PkiException {
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12", "BJCAJE");
            keyStore.load(new ByteArrayInputStream(bArr), str.toCharArray());
            Enumeration<String> aliases = keyStore.aliases();
            String str2 = "";
            while (aliases.hasMoreElements()) {
                str2 = aliases.nextElement();
            }
            return Base64.toBase64String(keyStore.getCertificate(str2).getEncoded());
        } catch (Exception e) {
            throw new PkiException(ErrorCode.Pkcs12.PARSE_CERT, "从P12中解析证书 ", e);
        }
    }

    public BjcaKey exportP12Key(byte[] bArr, String str, String str2) throws PkiException {
        BjcaKey bjcaKey;
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12", "BJCAJE");
            keyStore.load(new ByteArrayInputStream(bArr), str.toCharArray());
            Enumeration<String> aliases = keyStore.aliases();
            String str3 = "";
            while (aliases.hasMoreElements()) {
                str3 = aliases.nextElement();
            }
            BCECPrivateKey bCECPrivateKey = (PrivateKey) keyStore.getKey(str3, str2.toCharArray());
            if (bCECPrivateKey.getAlgorithm().equals("RSA")) {
                bjcaKey = new BjcaKey(BjcaKey.RSA_PRV_KEY, bCECPrivateKey.getEncoded());
            } else {
                byte[] encoded = bCECPrivateKey.getEncoded();
                if (encoded.length <= 33) {
                    bjcaKey = new BjcaKey(BjcaKey.SM2_PRV_KEY, encoded);
                } else {
                    if (bCECPrivateKey instanceof BCECPrivateKey) {
                        return new BjcaKey(BjcaKey.SM2_PRV_KEY, bCECPrivateKey.getD().toByteArray());
                    }
                    bjcaKey = new BjcaKey(BjcaKey.SM2_PRV_KEY, DLSequence.fromByteArray(DLSequence.fromByteArray(encoded).getObjectAt(2).getOctets()).getObjectAt(1).getOctets());
                }
            }
            return bjcaKey;
        } catch (Exception e) {
            throw new PkiException(ErrorCode.Pkcs12.PARSE_CERT, "从P12中解析证书 ", e);
        }
    }

    static {
        if (Security.getProvider("BJCAJE") == null) {
            Security.addProvider(new BJCAJEProvider());
        }
    }
}
