package org.fisco.bcos.sdk.crypto.keystore;

import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.x509.X509V3CertificateGenerator;
import org.fisco.bcos.sdk.crypto.exceptions.LoadKeyStoreException;
import org.fisco.bcos.sdk.crypto.exceptions.SaveKeyStoreException;

/* loaded from: input_file:org/fisco/bcos/sdk/crypto/keystore/P12KeyStore.class */
public class P12KeyStore extends KeyTool {
    private static final String NAME = "key";
    private KeyStore keyStore;

    public P12KeyStore(String str, String str2) {
        super(str, str2);
    }

    @Override // org.fisco.bcos.sdk.crypto.keystore.KeyTool
    public PublicKey getPublicKey() {
        try {
            return this.keyStore.getCertificate(NAME).getPublicKey();
        } catch (KeyStoreException e) {
            throw new LoadKeyStoreException("getPublicKey from p12 file " + this.keyStoreFile + " failed, error message: " + e.getMessage(), e);
        }
    }

    @Override // org.fisco.bcos.sdk.crypto.keystore.KeyTool
    protected void load(InputStream inputStream) {
        try {
            this.keyStore = KeyStore.getInstance("PKCS12", "BC");
            this.keyStore.load(inputStream, (this.password != null ? this.password : "").toCharArray());
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException e) {
            String str = "load keys from p12 file " + this.keyStoreFile + " failed, error message:" + e.getMessage();
            logger.error(str);
            throw new LoadKeyStoreException(str, e);
        }
    }

    @Override // org.fisco.bcos.sdk.crypto.keystore.KeyTool
    protected PrivateKey getPrivateKey() {
        try {
            return (PrivateKey) this.keyStore.getKey(NAME, this.password.toCharArray());
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            String str = "get private key from " + this.keyStoreFile + " failed for UnrecoverableKeyException, error message" + e.getMessage();
            logger.error(str);
            throw new LoadKeyStoreException(str, e);
        }
    }

    public static void storeKeyPairWithP12Format(String str, String str2, String str3, String str4, String str5) throws SaveKeyStoreException {
        try {
            PrivateKey convertHexedStringToPrivateKey = convertHexedStringToPrivateKey(str, str4);
            KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");
            keyStore.load(null, str2.toCharArray());
            keyStore.setKeyEntry(NAME, convertHexedStringToPrivateKey, str2.toCharArray(), new Certificate[]{generateSelfSignedCertificate(new KeyPair(getPublicKeyFromPrivateKey(convertHexedStringToPrivateKey), convertHexedStringToPrivateKey), str5)});
            keyStore.store(new FileOutputStream(str3), str2.toCharArray());
            storePublicKeyWithPem(convertHexedStringToPrivateKey, str3);
        } catch (IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | CertificateException | LoadKeyStoreException e) {
            throw new SaveKeyStoreException("save private key into " + str3 + " failed, error information: " + e.getMessage(), e);
        }
    }

    public static X509Certificate generateSelfSignedCertificate(KeyPair keyPair, String str) throws NoSuchAlgorithmException, CertificateEncodingException, NoSuchProviderException, InvalidKeyException, SignatureException {
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.setSerialNumber(BigInteger.valueOf(1L));
        x509V3CertificateGenerator.setSubjectDN(new X509Principal("CN=localhost"));
        x509V3CertificateGenerator.setIssuerDN(new X509Principal("CN=localhost"));
        x509V3CertificateGenerator.setPublicKey(keyPair.getPublic());
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar.add(1, 100);
        x509V3CertificateGenerator.setNotBefore(calendar.getTime());
        x509V3CertificateGenerator.setNotAfter(calendar2.getTime());
        x509V3CertificateGenerator.setSignatureAlgorithm(str);
        x509V3CertificateGenerator.setPublicKey(keyPair.getPublic());
        return x509V3CertificateGenerator.generate(keyPair.getPrivate(), "BC");
    }
}
