package com.upay.sdk.reader;

import com.upay.sdk.ConfigurationUtils;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/upay/sdk/reader/PathCertificateReader.class */
public class PathCertificateReader implements CertificateReader {
    private static PathCertificateReader instance;
    private String serverPublicKey;
    static final Logger LOGGER = LoggerFactory.getLogger(PathCertificateReader.class);
    static final Map<String, String> cache = new ConcurrentHashMap();
    private final Base64 base64 = new Base64();
    private final Lock lock = new ReentrantLock();

    public static PathCertificateReader getInstance() {
        if (instance == null) {
            synchronized (PathCertificateReader.class) {
                if (instance == null) {
                    instance = new PathCertificateReader();
                }
            }
        }
        return instance;
    }

    private PathCertificateReader() {
    }

    @Override // com.upay.sdk.reader.CertificateReader
    public String readPrivateKey(String str) throws Exception {
        if (cache.containsKey(str)) {
            return cache.get(str);
        }
        this.lock.lock();
        try {
            if (cache.containsKey(str)) {
                String str2 = cache.get(str);
                this.lock.unlock();
                return str2;
            }
            String clientPrivateKeyPath = ConfigurationUtils.getClientPrivateKeyPath(str);
            if (StringUtils.isBlank(clientPrivateKeyPath)) {
                throw new IllegalArgumentException("no private key configuration , merchantId:[" + str + "]");
            }
            String loadCertificateString = loadCertificateString(clientPrivateKeyPath, getPasswordChars(ConfigurationUtils.getClientPrivateKeyPassword(str)));
            cache.put(str, loadCertificateString);
            this.lock.unlock();
            return loadCertificateString;
        } catch (Throwable th) {
            this.lock.unlock();
            throw th;
        }
    }

    @Override // com.upay.sdk.reader.CertificateReader
    public String readOldPrivateKey(String str) throws Exception {
        String str2 = str + "_old";
        if (cache.containsKey(str2)) {
            return cache.get(str2);
        }
        this.lock.lock();
        try {
            if (cache.containsKey(str2)) {
                String str3 = cache.get(str2);
                this.lock.unlock();
                return str3;
            }
            String oldClientPrivateKeyPath = ConfigurationUtils.getOldClientPrivateKeyPath(str);
            if (StringUtils.isBlank(oldClientPrivateKeyPath)) {
                throw new IllegalArgumentException("no old private key configuration , merchantId:[" + str + "] ,example:[" + str + ".client.old.private.key.path]");
            }
            String loadCertificateString = loadCertificateString(oldClientPrivateKeyPath, getPasswordChars(ConfigurationUtils.getOldClientPrivateKeyPassword(str)));
            cache.put(str2, loadCertificateString);
            this.lock.unlock();
            return loadCertificateString;
        } catch (Throwable th) {
            this.lock.unlock();
            throw th;
        }
    }

    @Override // com.upay.sdk.reader.CertificateReader
    public String readPublicKey() throws Exception {
        return readPublicKey(null);
    }

    @Override // com.upay.sdk.reader.CertificateReader
    public String readPublicKey(String str) throws Exception {
        if (StringUtils.isNotBlank(this.serverPublicKey)) {
            return this.serverPublicKey;
        }
        this.lock.lock();
        try {
            if (StringUtils.isNotBlank(this.serverPublicKey)) {
                return this.serverPublicKey;
            }
            this.serverPublicKey = new String(this.base64.encode(parsePublicKey(str).getPublicKey().getEncoded()));
            return this.serverPublicKey;
        } finally {
            this.lock.unlock();
        }
    }

    private X509Certificate parsePublicKey(String str) throws Exception {
        X509Certificate x509Certificate = null;
        InputStream inputStream = null;
        String serverPublicKey = ConfigurationUtils.getServerPublicKey(str);
        if (StringUtils.isBlank(serverPublicKey)) {
            throw new IllegalArgumentException("no server public key configuration");
        }
        try {
            inputStream = new FileInputStream(serverPublicKey);
        } catch (FileNotFoundException e) {
            LOGGER.warn("not found server public key file in the absolute path , try the relative path , keyPath:[" + serverPublicKey + "]");
        }
        if (null == inputStream) {
            inputStream = getClass().getResourceAsStream(serverPublicKey);
        }
        if (null == inputStream) {
            throw new IllegalArgumentException("not found server public key file, keyPath:[" + serverPublicKey + "]");
        }
        try {
            try {
                x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inputStream);
                if (x509Certificate != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e2) {
                        e2.printStackTrace();
                    }
                }
                return x509Certificate;
            } catch (Exception e3) {
                throw e3;
            }
        } catch (Throwable th) {
            if (x509Certificate != null) {
                try {
                    inputStream.close();
                } catch (IOException e4) {
                    e4.printStackTrace();
                }
            }
            throw th;
        }
    }

    private KeyStore loadCertificate(String str, char[] cArr) throws Exception {
        InputStream inputStream = null;
        if (StringUtils.isBlank(str)) {
            throw new IllegalArgumentException("no private key configuration , keyPath:[" + str + "]");
        }
        try {
            inputStream = new FileInputStream(str);
        } catch (Exception e) {
            LOGGER.warn("not found private key file in the absolute path , try the relative path , keyPath:[" + str + "] keyPath:[" + str + "]");
        }
        if (null == inputStream) {
            inputStream = getClass().getResourceAsStream(str);
        }
        try {
            if (null == inputStream) {
                throw new IllegalArgumentException("not found private key file, keyPath:[" + str + "] keyPath:[" + str + "]");
            }
            try {
                KeyStore keyStore = KeyStore.getInstance("PKCS12");
                keyStore.load(inputStream, cArr);
                return keyStore;
            } catch (Exception e2) {
                throw e2;
            }
        } finally {
            try {
                inputStream.close();
            } catch (IOException e3) {
                e3.printStackTrace();
            }
        }
    }

    private String loadCertificateString(String str, char[] cArr) throws Exception {
        KeyStore loadCertificate = loadCertificate(str, cArr);
        Enumeration<String> aliases = loadCertificate.aliases();
        String str2 = null;
        if (aliases.hasMoreElements()) {
            str2 = aliases.nextElement();
        }
        return new String(this.base64.encode(((PrivateKey) loadCertificate.getKey(str2, cArr)).getEncoded()));
    }

    private char[] getPasswordChars(String str) {
        if (StringUtils.isNotBlank(str)) {
            return str.toCharArray();
        }
        return null;
    }
}
