package cn.com.infosec.netsign.manager;

import cn.com.infosec.netsign.base.util.NetSignImpl;
import cn.com.infosec.netsign.frame.config.ConfigManager;
import cn.com.infosec.netsign.frame.config.Key;
import cn.com.infosec.netsign.frame.config.KeyStoreConfig;
import cn.com.infosec.netsign.frame.util.JKSFile;
import java.io.ByteArrayInputStream;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.util.HashMap;

/* loaded from: input_file:cn/com/infosec/netsign/manager/JKSManager.class */
public class JKSManager {
    private static JKSFile jksFile;
    private static HashMap privateKeys;
    private static HashMap certificates;
    private static HashMap certChains = new HashMap();

    public static void initJKS() throws Exception {
        KeyStoreConfig keyStore = ConfigManager.getKeyStore();
        if (keyStore != null) {
            String storeFile = keyStore.getStoreFile();
            String storePwd = keyStore.getStorePwd();
            if (storeFile == null) {
                return;
            }
            privateKeys = new HashMap();
            certificates = new HashMap();
            jksFile = new JKSFile(storeFile, storePwd);
            Key[] keys = keyStore.getKeys();
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509FX", NetSignImpl.PROVIDER_INFOSEC);
            for (Key key : keys) {
                if (key.getAlias() != null) {
                    RSAPrivateKey privateKey = jksFile.getPrivateKey(key.getAlias(), key.getPwd());
                    if (privateKey != null) {
                        privateKeys.put(key.getAlias(), privateKey);
                    }
                    X509Certificate certificate = jksFile.getCertificate(key.getAlias());
                    if (certificate != null) {
                        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(certificate.getEncoded());
                        certificates.put(key.getAlias(), certificateFactory.generateCertificate(byteArrayInputStream));
                        byteArrayInputStream.close();
                    }
                    Certificate[] certChain = jksFile.getCertChain(key.getAlias());
                    if (certChain != null) {
                        X509Certificate[] x509CertificateArr = new X509Certificate[certChain.length];
                        int length = certChain.length;
                        for (int i = 0; i < length; i++) {
                            ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(certChain[i].getEncoded());
                            x509CertificateArr[i] = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream2);
                            byteArrayInputStream2.close();
                        }
                        certChains.put(key.getAlias(), x509CertificateArr);
                    } else if (certificate != null) {
                        certChains.put(key.getAlias(), new X509Certificate[]{certificate});
                    }
                }
            }
        }
    }

    public static RSAPrivateKey getPriKey(String str) {
        return (RSAPrivateKey) privateKeys.get(str);
    }

    public static X509Certificate getCertificate(String str) {
        return (X509Certificate) certificates.get(str);
    }

    public static X509Certificate[] getCertChain(String str) {
        return (X509Certificate[]) certChains.get(str);
    }

    public static JKSFile getJKSFile() {
        return jksFile;
    }
}
