package cn.tdchain.cipher.rsa;

import cn.tdchain.cipher.CipherException;
import cn.tdchain.cipher.utils.CipherUtil;
import cn.tdchain.jbcc.SoutUtil;
import cn.tdchain.tdmsp.util.PkiConstant;
import java.io.File;
import java.io.FileInputStream;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:cn/tdchain/cipher/rsa/RSAKeyStoreUtil.class */
public class RSAKeyStoreUtil {
    private static final String KEY_STORE = "JKS";
    private static final String X509 = "X.509";
    private static Provider provider = new BouncyCastleProvider();

    private RSAKeyStoreUtil() {
    }

    public static String getPrivateKeyString(String str, String str2, String str3) throws Exception {
        return Base64.getEncoder().encodeToString(getPrivateKey(str, str2, str3).getEncoded());
    }

    public static PrivateKey getPrivateKey(String str) throws Exception {
        return KeyFactory.getInstance(PkiConstant.RSA, provider).generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(str)));
    }

    public static String getPublicKeyStr(String str) throws Exception {
        return Base64.getEncoder().encodeToString(getCert(str).getPublicKey().getEncoded());
    }

    public static PublicKey getPublicKey(String str) throws Exception {
        return KeyFactory.getInstance(PkiConstant.RSA, provider).generatePublic(new X509EncodedKeySpec(Base64.getDecoder().decode(str)));
    }

    public static X509Certificate getCert(String str) throws Exception {
        CertificateFactory certificateFactory = CertificateFactory.getInstance(X509);
        FileInputStream fileInputStream = null;
        try {
            fileInputStream = new FileInputStream(str);
            X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(fileInputStream);
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            return x509Certificate;
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    private static KeyStore getKeyStore(String str, String str2) throws Exception {
        if (SoutUtil.isOpenSout()) {
            System.out.println("getPublicKeyStringByStore before password: " + str2);
            System.out.println("getPublicKeyStringByStore keyStorePath: " + str);
        }
        String zeroSuffix = CipherUtil.zeroSuffix(str2);
        if (SoutUtil.isOpenSout()) {
            System.out.println("getPublicKeyStringByStore after pwd: " + zeroSuffix);
        }
        FileInputStream fileInputStream = null;
        try {
            fileInputStream = new FileInputStream(str);
            KeyStore keyStore = KeyStore.getInstance(KEY_STORE);
            keyStore.load(fileInputStream, zeroSuffix.toCharArray());
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            return keyStore;
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    public static void genKey(String str, String str2, String str3) {
        new File(str).getParentFile().mkdirs();
        String zeroSuffix = CipherUtil.zeroSuffix(str2);
        if (SoutUtil.isOpenSout()) {
            System.out.println("generateKeyStoreFile path:" + str);
            System.out.println("generateKeyStoreFile pwd:" + zeroSuffix);
        }
        execCommand(new String[]{"keytool", "-genkey", "-validity", "36500", "-keysize", "1024", "-alias", str3, "-keyalg", PkiConstant.RSA, "-keystore", str, "-dname", getDname(str3), "-storepass", zeroSuffix, "-keypass", zeroSuffix, "-v"});
    }

    private static String getDname(String str) {
        StringBuilder sb = new StringBuilder();
        sb.append("CN=(").append(str).append("), ");
        sb.append("OU=(").append(str).append("), ");
        sb.append("O=(").append(str).append("), ");
        sb.append("L=(BJ), ST=(BJ), C=(CN)");
        return sb.toString();
    }

    public static void genCert(String str, String str2, String str3) {
        execCommand(new String[]{"keytool", "-export", "-alias", str3, "-keystore", str, "-file", str + ".cert", "-storepass", CipherUtil.zeroSuffix(str2)});
    }

    private static void execCommand(String[] strArr) {
        try {
            Runtime.getRuntime().exec(strArr);
        } catch (Exception e) {
            throw new CipherException("exec command error : " + e.getMessage());
        }
    }

    public static PublicKey getPublicKeyByCert(String str) throws Exception {
        return getCert(str).getPublicKey();
    }

    public static String getPublicKeyStringByKeyStore(String str, String str2, String str3) throws Exception {
        return Base64.getEncoder().encodeToString(getPublicKeyByKeyStore(str, str2, str3).getEncoded());
    }

    public static PublicKey getPublicKeyByKeyStore(String str, String str2, String str3) throws Exception {
        return ((X509Certificate) getKeyStore(str, CipherUtil.zeroSuffix(str3)).getCertificate(str2)).getPublicKey();
    }

    public static PrivateKey getPrivateKey(String str, String str2, String str3) throws Exception {
        String zeroSuffix = CipherUtil.zeroSuffix(str3);
        return (PrivateKey) getKeyStore(str, zeroSuffix).getKey(str2, zeroSuffix.toCharArray());
    }
}
