package com.bill99.crypto.utils;

import cfca.org.slf4j.Logger;
import cfca.org.slf4j.LoggerFactory;
import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.org.bouncycastle.jce.provider.BouncyCastleProvider;
import cfca.sadk.x509.certificate.X509Cert;
import com.bill99.crypto.config.CryptoConfig;
import com.bill99.crypto.entity.Bill99CertConfig;
import com.bill99.crypto.entity.KeyPair;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;

/* loaded from: input_file:com/bill99/crypto/utils/Bill99CertLoader.class */
public class Bill99CertLoader {
    private static final Logger logger = LoggerFactory.getLogger(Bill99CertLoader.class);
    private static Provider BC = new BouncyCastleProvider();

    public static CryptoConfig loadCryptoConfig(Bill99CertConfig bill99CertConfig) throws Exception {
        CryptoConfig cryptoConfig = new CryptoConfig();
        KeyPair loadMerchantKeyStore = loadMerchantKeyStore(bill99CertConfig.getMerchantDefaultPrivatePath(), bill99CertConfig.getMerchantDefaultPrivatePassword());
        if (loadMerchantKeyStore != null) {
            cryptoConfig.setSigMerchantCert(loadMerchantKeyStore.getCert());
            cryptoConfig.setSigMerchantKey(loadMerchantKeyStore.getPrivateKey());
        }
        KeyPair loadMerchantKeyStore2 = loadMerchantKeyStore(bill99CertConfig.getMerchantDefaultPrivatePath(), bill99CertConfig.getMerchantDefaultPrivatePassword());
        if (loadMerchantKeyStore2 != null) {
            cryptoConfig.setDecMerchantCert(loadMerchantKeyStore2.getCert());
            cryptoConfig.setDecMerchantKey(loadMerchantKeyStore2.getPrivateKey());
        }
        X509Cert loadBill99PublicCert = loadBill99PublicCert(bill99CertConfig.getBill99DefaultPublicPath());
        cryptoConfig.setEncKqCert(loadBill99PublicCert);
        cryptoConfig.setVfyKqCert(loadBill99PublicCert);
        KeyPair loadMerchantKeyStore3 = loadMerchantKeyStore(bill99CertConfig.getMerchantAlternatePrivatePath(), bill99CertConfig.getMerchantAlternatePrivatePassword());
        if (loadMerchantKeyStore3 != null) {
            cryptoConfig.setAltDecMerchantCert(loadMerchantKeyStore3.getCert());
            cryptoConfig.setAltDecMerchantKey(loadMerchantKeyStore3.getPrivateKey());
        }
        cryptoConfig.setAltVfyKqCert(loadBill99PublicCert(bill99CertConfig.getBill99AlternatePublicPath()));
        return cryptoConfig;
    }

    private static KeyPair loadMerchantKeyStore(String str, String str2) throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, PKIException {
        if (StringHelp.isNullOrEmpty(str).booleanValue()) {
            return null;
        }
        InputStream certFileStream = FileLoader.getCertFileStream(str);
        if (null == certFileStream) {
            logger.info("load private cert file not exists! location = {}", str);
        }
        logger.info("load private cert file success. location = {}", str);
        KeyStore keyStore = KeyStore.getInstance("PKCS12", BC);
        keyStore.load(certFileStream, str2.toCharArray());
        return new KeyPair(new X509Cert(keyStore.getCertificate(keyStore.aliases().nextElement()).getEncoded()), (PrivateKey) keyStore.getKey(keyStore.aliases().nextElement(), str2.toCharArray()));
    }

    private static X509Cert loadBill99PublicCert(String str) throws FileNotFoundException, CertificateException, PKIException {
        if (StringHelp.isNullOrEmpty(str).booleanValue()) {
            return null;
        }
        InputStream certFileStream = FileLoader.getCertFileStream(str);
        if (null == certFileStream) {
            logger.info("load 99bill cert file not exists! location = {}", str);
        }
        logger.info("load 99bill public cert file success. location = {}", str);
        return new X509Cert(CertificateFactory.getInstance("X509", BC).generateCertificate(certFileStream).getEncoded());
    }
}
