package cn.pconline.payment.unionpay.apple.sdk;

import cn.pconline.payment.PayConfig;
import cn.pconline.payment.exception.PayException;
import cn.pconline.payment.log.SocketLogger;
import java.io.File;
import java.io.FileInputStream;
import java.io.FilenameFilter;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:cn/pconline/payment/unionpay/apple/sdk/CertUtil.class */
public class CertUtil {
    private static KeyStore keyStore = null;
    private static X509Certificate encryptCert = null;
    private static X509Certificate validateCert = null;
    private static Map<String, X509Certificate> certMap = new HashMap();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:cn/pconline/payment/unionpay/apple/sdk/CertUtil$CerFilter.class */
    public static class CerFilter implements FilenameFilter {
        CerFilter() {
        }

        public boolean isCer(String str) {
            return str.toLowerCase().endsWith(".cer");
        }

        @Override // java.io.FilenameFilter
        public boolean accept(File file, String str) {
            return isCer(str);
        }
    }

    public static String getSignCertId(String str) {
        try {
            initSignCert(str);
            initEncryptCert(str);
            Enumeration<String> aliases = keyStore.aliases();
            String str2 = null;
            if (aliases.hasMoreElements()) {
                str2 = aliases.nextElement();
            }
            return ((X509Certificate) keyStore.getCertificate(str2)).getSerialNumber().toString();
        } catch (Exception e) {
            return null;
        }
    }

    public static void initSignCert(String str) {
        if (null != keyStore) {
            return;
        }
        try {
            keyStore = getKeyInfo(PayConfig.getValue(str, "unionpay.signCert.path"), PayConfig.getValue(str, "unionpay.signCert.pwd"));
            SocketLogger.debugInfo("unionpay加载证书成功。");
        } catch (Exception e) {
            SocketLogger.debugInfo("unionpay加载证书失败。");
            e.printStackTrace();
        }
    }

    private static void initEncryptCert(String str) throws Exception {
        String value = PayConfig.getValue(str, "unionpay.encryptCert.path");
        if (null == encryptCert) {
            SocketLogger.debugInfo("加载敏感信息加密证书==>" + value);
            if (StringUtils.isBlank(value)) {
                SocketLogger.debugInfo("WARN: acpsdk.encryptCert.path is empty");
            } else {
                encryptCert = initCert(value);
                SocketLogger.debugInfo("LoadEncryptCert Successful");
            }
        }
    }

    private static void initValidateCertFromDir(String str) throws PayException, Exception {
        certMap.clear();
        String value = PayConfig.getValue(str, "unionpay.validateCert.dir");
        SocketLogger.debugInfo("加载验证签名证书目录==>" + value);
        if (StringUtils.isBlank(value)) {
            SocketLogger.debugInfo("ERROR: acpsdk.validateCert.dir is empty");
            return;
        }
        FileInputStream fileInputStream = null;
        try {
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                for (File file : new File(value).listFiles(new CerFilter())) {
                    fileInputStream = new FileInputStream(file.getAbsolutePath());
                    validateCert = (X509Certificate) certificateFactory.generateCertificate(fileInputStream);
                    certMap.put(validateCert.getSerialNumber().toString(), validateCert);
                    SocketLogger.debugInfo("[" + file.getAbsolutePath() + "][CertId=" + validateCert.getSerialNumber().toString() + "]");
                }
                SocketLogger.debugInfo("LoadVerifyCert Successful");
                if (null != fileInputStream) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                        SocketLogger.debugInfo(e.toString());
                    }
                }
            } catch (Exception e2) {
                throw e2;
            }
        } catch (Throwable th) {
            if (null != fileInputStream) {
                try {
                    fileInputStream.close();
                } catch (IOException e3) {
                    SocketLogger.debugInfo(e3.toString());
                }
            }
            throw th;
        }
    }

    public static KeyStore getKeyInfo(String str, String str2) throws Exception {
        FileInputStream fileInputStream = null;
        try {
            try {
                String property = System.getProperty("java.vm.vendor");
                System.getProperty("java.version");
                if (null == property || !property.startsWith("IBM")) {
                    Security.addProvider(new BouncyCastleProvider());
                } else {
                    Security.insertProviderAt(new BouncyCastleProvider(), 1);
                }
                KeyStore keyStore2 = KeyStore.getInstance("PKCS12");
                fileInputStream = new FileInputStream(str);
                char[] charArray = (null == str2 || "".equals(str2.trim())) ? null : str2.toCharArray();
                if (null != keyStore2) {
                    keyStore2.load(fileInputStream, charArray);
                }
                if (null != fileInputStream) {
                    fileInputStream.close();
                }
                return keyStore2;
            } catch (Exception e) {
                if (e instanceof KeyStoreException) {
                    Security.removeProvider("BC");
                }
                throw e;
            }
        } catch (Throwable th) {
            if (null != fileInputStream) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    public static PrivateKey getSignCertPrivateKey(String str) throws Exception {
        try {
            Enumeration<String> aliases = keyStore.aliases();
            String str2 = null;
            if (aliases.hasMoreElements()) {
                str2 = aliases.nextElement();
            }
            return (PrivateKey) keyStore.getKey(str2, PayConfig.getValue(str, "unionpay.signCert.pwd").toCharArray());
        } catch (Exception e) {
            throw e;
        }
    }

    public static PublicKey getValidateKey(String str, String str2) throws PayException, Exception {
        if (certMap.containsKey(str)) {
            return certMap.get(str).getPublicKey();
        }
        initValidateCertFromDir(str2);
        if (certMap.containsKey(str)) {
            return certMap.get(str).getPublicKey();
        }
        SocketLogger.debugInfo("缺少certId=[" + str + "]对应的验签证书.");
        return null;
    }

    private static X509Certificate initCert(String str) throws Exception {
        FileInputStream fileInputStream = null;
        try {
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                fileInputStream = new FileInputStream(str);
                X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(fileInputStream);
                SocketLogger.debugInfo("[" + str + "][CertId=" + x509Certificate.getSerialNumber().toString() + "]");
                if (null != fileInputStream) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                        throw e;
                    }
                }
                return x509Certificate;
            } catch (Exception e2) {
                throw e2;
            }
        } catch (Throwable th) {
            if (null != fileInputStream) {
                try {
                    fileInputStream.close();
                } catch (IOException e3) {
                    throw e3;
                }
            }
            throw th;
        }
    }
}
