package com.nbopen.sdk.aes.param;

import com.nbopen.sdk.aes.exception.SDKException;
import com.nbopen.sdk.aes.exception.SDKExceptionEnums;
import com.nbopen.sdk.aes.utils.MD5Util;
import com.nbopen.sdk.gm.KeyUtils;
import com.nbopen.system.logging.LoggerManager;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.InputStream;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Map;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.X509TrustManager;
import nbcb.cfca.sadk.util.CertUtil;
import nbcb.cfca.sadk.util.KeyUtil;
import nbcb.cfca.sadk.x509.certificate.X509Cert;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:sdklib/open-basic-1.6.7.jar:com/nbopen/sdk/aes/param/KeyStoreFactory.class */
public class KeyStoreFactory {
    private SSLContext sslcontext;
    private PrivateKey merchantPrivatekey;
    private PublicKey openPublicKey;
    private String merchantSerialNo;
    private Map<String, Object> tokenMap;
    private TrustAnyHostnameVerifier trustAnyHostnameVerifier;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:sdklib/open-basic-1.6.7.jar:com/nbopen/sdk/aes/param/KeyStoreFactory$MyX509TrustManager.class */
    public class MyX509TrustManager implements X509TrustManager {
        MyX509TrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    /* loaded from: input_file:sdklib/open-basic-1.6.7.jar:com/nbopen/sdk/aes/param/KeyStoreFactory$TrustAnyHostnameVerifier.class */
    public class TrustAnyHostnameVerifier implements HostnameVerifier {
        public TrustAnyHostnameVerifier() {
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            LoggerManager.debugLogger.debug("Warning: URL Host: {} vs. {}", str, sSLSession.getPeerHost());
            return true;
        }
    }

    /* loaded from: input_file:sdklib/open-basic-1.6.7.jar:com/nbopen/sdk/aes/param/KeyStoreFactory$TrustAnyTrustManager.class */
    private static class TrustAnyTrustManager implements X509TrustManager {
        private TrustAnyTrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    public KeyStoreFactory(boolean z, String str, String str2, String str3) throws SDKException {
        LoggerManager.debugLogger.debug("构建公私钥:private:{} privatepwd:{} public:{}", str, str2, str3);
        if (z) {
            createGMPrivateKey(str, str2);
            createGMPublicKey(str3);
        } else {
            createGMPrivateKeyWithStr(str);
            createGMPublicKeyWithStr(str3);
        }
        ignoreSSLContext();
        ignoreHostnameVerifier();
        LoggerManager.debugLogger.debug("构建公私钥成功...");
    }

    private void createGMPrivateKeyWithStr(String str) throws SDKException {
        if (null == str || str.length() < 1) {
            return;
        }
        try {
            this.merchantPrivatekey = KeyUtils.createPrivateKey(str);
        } catch (Exception e) {
            LoggerManager.exceptionLogger.error("生成三方私钥对象异常", (Throwable) e);
            throw new SDKException(SDKExceptionEnums.INITIALIZE_KEYSTORE_ERROR);
        }
    }

    private void createGMPublicKeyWithStr(String str) throws SDKException {
        if (null == str || str.length() < 1) {
            return;
        }
        try {
            this.openPublicKey = KeyUtils.createPublicKey(str);
        } catch (Exception e) {
            LoggerManager.exceptionLogger.error("生成开放银行公钥对象异常", (Throwable) e);
            throw new SDKException(SDKExceptionEnums.INITIALIZE_KEYSTORE_ERROR);
        }
    }

    private static InputStream checkKeyPath(String str) {
        FileInputStream fileInputStream = null;
        String str2 = str;
        try {
            File file = new File(str);
            LoggerManager.debugLogger.debug("读取证书--绝对路径：" + str2);
            if (!file.exists()) {
                str2 = System.getProperty("user.dir") + File.separator + str;
                File file2 = new File(str2);
                LoggerManager.debugLogger.debug("读取证书--发布路径：" + str2);
                if (!file2.exists()) {
                    str2 = Thread.currentThread().getContextClassLoader().getResource("").getPath() + File.separator + str;
                    if (str2.startsWith("file:")) {
                        str2 = str2.substring("file:".length(), str2.length());
                    }
                    File file3 = new File(str2);
                    LoggerManager.debugLogger.debug("读取证书--编译路径：" + str2);
                    if (!file3.exists()) {
                        return Thread.currentThread().getContextClassLoader().getResourceAsStream(str);
                    }
                }
            }
            fileInputStream = new FileInputStream(str2);
        } catch (SecurityException e) {
            LoggerManager.exceptionLogger.error("证书文件" + str + "无读取权限，跳过读取");
        } catch (Exception e2) {
            LoggerManager.exceptionLogger.error("证书文件" + str + "不存在，跳过读取", (Throwable) e2);
        }
        return fileInputStream;
    }

    private void createGMPrivateKey(String str, String str2) throws SDKException {
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) {
            return;
        }
        try {
            InputStream checkKeyPath = checkKeyPath(str);
            if (checkKeyPath == null) {
                throw new Exception("私钥证书文件不存在！");
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = new byte[1024];
            while (true) {
                int read = checkKeyPath.read(bArr);
                if (read <= -1) {
                    byteArrayOutputStream.flush();
                    this.merchantPrivatekey = KeyUtil.getPrivateKeyFromSM2(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()), str2);
                    this.merchantSerialNo = MD5Util.getMsgDigestStr(CertUtil.getCertFromSM2(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())).getStringSerialNumber());
                    return;
                }
                byteArrayOutputStream.write(bArr, 0, read);
            }
        } catch (Exception e) {
            LoggerManager.exceptionLogger.error("生成三方私钥对象异常", (Throwable) e);
            throw new SDKException(SDKExceptionEnums.INITIALIZE_KEYSTORE_ERROR);
        }
    }

    private void createGMPublicKey(String str) throws SDKException {
        if (StringUtils.isEmpty(str)) {
            return;
        }
        try {
            InputStream checkKeyPath = checkKeyPath(str);
            if (checkKeyPath == null) {
                throw new Exception("公钥证书文件不存在！");
            }
            this.openPublicKey = new X509Cert(checkKeyPath).getPublicKey();
        } catch (Exception e) {
            LoggerManager.exceptionLogger.error("生成开放银行公钥对象异常", (Throwable) e);
            throw new SDKException(SDKExceptionEnums.INITIALIZE_KEYSTORE_ERROR);
        }
    }

    private void ignoreSSLContext() {
        try {
            this.sslcontext = SSLContext.getInstance("TLS");
            this.sslcontext.init(null, new X509TrustManager[]{new MyX509TrustManager()}, new SecureRandom());
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    private void ignoreHostnameVerifier() {
        this.trustAnyHostnameVerifier = new TrustAnyHostnameVerifier();
    }

    public SSLContext getSslcontext() {
        return this.sslcontext;
    }

    public Map<String, Object> getTokenMap() {
        return this.tokenMap;
    }

    public void setTokenMap(Map<String, Object> map) {
        this.tokenMap = map;
    }

    public PrivateKey getmerchantPrivatekey() {
        return this.merchantPrivatekey;
    }

    public void setmerchantPrivatekey(PrivateKey privateKey) {
        this.merchantPrivatekey = privateKey;
    }

    public PublicKey getOpenPublicKey() {
        return this.openPublicKey;
    }

    public void setOpenPublicKey(PublicKey publicKey) {
        this.openPublicKey = publicKey;
    }

    public TrustAnyHostnameVerifier getTrustAnyHostnameVerifier() {
        return this.trustAnyHostnameVerifier;
    }

    public String getMerchantSerialNo() {
        return this.merchantSerialNo;
    }

    public boolean checkTokenVaild(String str, String str2) {
        long currentTimeMillis = System.currentTimeMillis();
        try {
            long parseLong = Long.parseLong(str);
            if (parseLong - currentTimeMillis >= Long.parseLong(str2) || parseLong - currentTimeMillis <= 0) {
                return parseLong - currentTimeMillis >= 0;
            }
            return false;
        } catch (Exception e) {
            return true;
        }
    }
}
