package com.nbcb.sdk.aes.param;

import com.nbcb.bouncycastle.util.encoders.Base64;
import com.nbcb.sdk.aes.exception.SDKException;
import com.nbcb.sdk.aes.exception.SDKExceptionEnums;
import com.nbcb.sdk.aes.utils.SecurityUtils;
import com.nbcb.sdk.gm.KeyUtils;
import java.io.FileInputStream;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Map;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:com/nbcb/sdk/aes/param/KeyStoreFactory.class */
public class KeyStoreFactory implements Cloneable {
    private static Log log = LogFactory.getLog(KeyStoreFactory.class);
    private static KeyStoreFactory instance = null;
    private KeyStore keyStore = null;
    private SSLContext sslcontext;
    private PrivateKey merchantPrivatekey;
    private PublicKey openPublicKey;
    private Map<String, Object> tokenMap;
    private TrustAnyHostnameVerifier trustAnyHostnameVerifier;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/nbcb/sdk/aes/param/KeyStoreFactory$MyX509TrustManager.class */
    public class MyX509TrustManager implements X509TrustManager {
        MyX509TrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    /* loaded from: input_file:com/nbcb/sdk/aes/param/KeyStoreFactory$TrustAnyHostnameVerifier.class */
    public class TrustAnyHostnameVerifier implements HostnameVerifier {
        public TrustAnyHostnameVerifier() {
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            System.out.println("Warning: URL Host: " + str + " vs. " + sSLSession.getPeerHost());
            return true;
        }
    }

    /* loaded from: input_file:com/nbcb/sdk/aes/param/KeyStoreFactory$TrustAnyTrustManager.class */
    private static class TrustAnyTrustManager implements X509TrustManager {
        private TrustAnyTrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    public static KeyStoreFactory getInstance() throws SDKException {
        if (null == instance) {
            instance = new KeyStoreFactory();
        }
        return instance;
    }

    private KeyStoreFactory() throws SDKException {
        createGMPrivateKey();
        createGMPublicKey();
        ignoreSSLContext();
        ignoreHostnameVerifier();
    }

    public KeyStoreFactory getClone(ArrayConfig arrayConfig) throws CloneNotSupportedException, SDKException {
        KeyStoreFactory keyStoreFactory = (KeyStoreFactory) super.clone();
        try {
            keyStoreFactory.merchantPrivatekey = KeyUtils.createPrivateKey(arrayConfig.getPRIVATEKEY());
            keyStoreFactory.openPublicKey = KeyUtils.createPublicKey(arrayConfig.getPUBLICKEY());
            keyStoreFactory.ignoreSSLContext();
            keyStoreFactory.ignoreHostnameVerifier();
            return keyStoreFactory;
        } catch (Exception e) {
            if (log.isErrorEnabled()) {
                log.error("生成三方私钥对象异常", e);
            }
            throw new SDKException(SDKExceptionEnums.INITIALIZE_KEYSTORE_ERROR);
        }
    }

    private void createGMPrivateKey() throws SDKException {
        try {
            this.merchantPrivatekey = KeyUtils.createPrivateKey(ConfigFile.PRIVATEKEY);
        } catch (Exception e) {
            if (log.isErrorEnabled()) {
                log.error("生成三方私钥对象异常", e);
            }
            throw new SDKException(SDKExceptionEnums.INITIALIZE_KEYSTORE_ERROR);
        }
    }

    private void createGMPublicKey() throws SDKException {
        try {
            this.openPublicKey = KeyUtils.createPublicKey(ConfigFile.PUBLICKEY);
        } catch (Exception e) {
            if (log.isErrorEnabled()) {
                log.error("生成开放银行公钥对象异常", e);
            }
            throw new SDKException(SDKExceptionEnums.INITIALIZE_KEYSTORE_ERROR);
        }
    }

    private void createSSLContext() throws SDKException {
        try {
            this.sslcontext = SSLContext.getInstance(Constants.HTTPMANAGER_SSL);
            this.keyStore = KeyStore.getInstance(Constants.KEYSTORE_TYPE_PKCS12);
            FileInputStream fileInputStream = new FileInputStream(ConfigFile.KEYPATH);
            this.keyStore.load(fileInputStream, ConfigFile.KEYPWD.toCharArray());
            fileInputStream.close();
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(Constants.KEYSTORE_ALGORITHM_SUN);
            keyManagerFactory.init(this.keyStore, ConfigFile.KEYPWD.toCharArray());
            this.sslcontext.init(keyManagerFactory.getKeyManagers(), new TrustManager[]{new TrustAnyTrustManager()}, new SecureRandom());
        } catch (Exception e) {
            if (log.isErrorEnabled()) {
                log.error("加载证书异常", e);
            }
            throw new SDKException(SDKExceptionEnums.INITIALIZE_KEYSTORE_ERROR);
        }
    }

    private void ignoreSSLContext() {
        try {
            this.sslcontext = SSLContext.getInstance(Constants.HTTPMANAGER_TLS);
            this.sslcontext.init(null, new X509TrustManager[]{new MyX509TrustManager()}, new SecureRandom());
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    private void ignoreHostnameVerifier() {
        this.trustAnyHostnameVerifier = new TrustAnyHostnameVerifier();
    }

    private void createCCBSSLContext() throws SDKException {
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            this.sslcontext = SSLContext.getInstance(Constants.HTTPMANAGER_TLS);
            this.keyStore = KeyStore.getInstance(Constants.KEYSTORE_TYPE_JKS);
            FileInputStream fileInputStream = new FileInputStream(ConfigFile.KEYPATH);
            Certificate generateCertificate = certificateFactory.generateCertificate(fileInputStream);
            this.keyStore.load(null, null);
            this.keyStore.setKeyEntry("mykey", this.merchantPrivatekey, "".toCharArray(), new Certificate[]{generateCertificate});
            fileInputStream.close();
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(Constants.KEYSTORE_ALGORITHM_SUN);
            keyManagerFactory.init(this.keyStore, "".toCharArray());
            KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
            FileInputStream fileInputStream2 = new FileInputStream(ConfigFile.CAPATH);
            Certificate generateCertificate2 = certificateFactory.generateCertificate(fileInputStream2);
            fileInputStream2.close();
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            keyStore.setCertificateEntry("CA", generateCertificate2);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            this.sslcontext.init(keyManagers, trustManagerFactory.getTrustManagers(), new SecureRandom());
        } catch (Exception e) {
            if (log.isErrorEnabled()) {
                log.error("加载证书异常", e);
            }
            throw new SDKException(SDKExceptionEnums.INITIALIZE_KEYSTORE_ERROR);
        }
    }

    private void createCcbPrivateKey() throws SDKException {
        try {
            this.merchantPrivatekey = getPrivateKey(ConfigFile.PRIVATEKEY);
        } catch (Exception e) {
            if (log.isErrorEnabled()) {
                log.error("生成三方私钥对象异常", e);
            }
            throw new SDKException(SDKExceptionEnums.INITIALIZE_KEYSTORE_ERROR);
        }
    }

    private void createPublicKey() throws SDKException {
        try {
            this.openPublicKey = KeyFactory.getInstance(Constants.RSA).generatePublic(new X509EncodedKeySpec(SecurityUtils.decryptByBASE64(ConfigFile.PUBLICKEY)));
        } catch (Exception e) {
            if (log.isErrorEnabled()) {
                log.error("生成开放银行公钥对象异常", e);
            }
            throw new SDKException(SDKExceptionEnums.INITIALIZE_KEYSTORE_ERROR);
        }
    }

    private static PrivateKey getPrivateKey(String str) throws Exception {
        return KeyFactory.getInstance(Constants.RSA).generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(str)));
    }

    public SSLContext getSslcontext() {
        return this.sslcontext;
    }

    public Map<String, Object> getTokenMap() {
        return this.tokenMap;
    }

    public void setTokenMap(Map<String, Object> map) {
        this.tokenMap = map;
    }

    public PrivateKey getmerchantPrivatekey() {
        return this.merchantPrivatekey;
    }

    public void setmerchantPrivatekey(PrivateKey privateKey) {
        this.merchantPrivatekey = privateKey;
    }

    public PublicKey getOpenPublicKey() {
        return this.openPublicKey;
    }

    public void setOpenPublicKey(PublicKey publicKey) {
        this.openPublicKey = publicKey;
    }

    public TrustAnyHostnameVerifier getTrustAnyHostnameVerifier() {
        return this.trustAnyHostnameVerifier;
    }

    public boolean checkTokenVaild(String str, String str2) {
        long currentTimeMillis = System.currentTimeMillis();
        try {
            long parseLong = Long.parseLong(str);
            if (parseLong - currentTimeMillis >= Long.parseLong(str2) || parseLong - currentTimeMillis <= 0) {
                return parseLong - currentTimeMillis >= 0;
            }
            return false;
        } catch (Exception e) {
            return true;
        }
    }
}
