package com.citicbank.baselib.crypto.util;

import com.citicbank.baselib.crypto.algorithm.SM2;
import java.io.File;
import java.security.KeyPair;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.Random;
import java.util.Vector;

/* loaded from: input_file:com/citicbank/baselib/crypto/util/ServerUtil.class */
public class ServerUtil {
    public static final String SERVER_PRIVATE_KEY_FILE_NAME = "server.key";
    public static final String SERVER_PRIVATE_KEY_PASSWORD_FILE_NAME = "server.pwd";
    public static final String SERVER_CERTIFICATE_REQUEST_FILE_NAME = "server.csq";
    public static final String SERVER_CERTIFICATE_FILE_NAME = "server.cer";
    public static final String SERVER_CERTIFICATE_PFX_FILE_NAME = "server.pfx";
    public static final String SERVER_PRIVATE_KEY_STORE_PASSWORD = "cncbpwd";
    public static final String SERVER_PRIVATE_KEY_STORE_ALIAS = "server";
    public static final String CLIENT_PRIVATE_KEY_FILE_NAME = "client.key";
    public static final String CLIENT_PRIVATE_KEY_PASSWORD_FILE_NAME = "client.pwd";
    public static final String CLIENT_CERTIFICATE_REQUEST_FILE_NAME = "client.csq";
    public static final String CLIENT_CERTIFICATE_FILE_NAME = "client.cer";
    public static final String CLIENT_CERTIFICATE_PFX_FILE_NAME = "client.pfx";
    public static final String CLIENT_PRIVATE_KEY_STORE_PASSWORD = "cncbpwd";
    public static final String CLIENT_PRIVATE_KEY_STORE_ALIAS = "client";
    public static final String CLIENT_CERTIFICATE_PFX_ENCODE_BASE64 = "BASE64";
    public static final String CLIENT_CERTIFICATE_PFX_ENCODE_DER = "DER";

    public static void main(String[] strArr) {
        HashMap hashMap = new HashMap();
        hashMap.put("pki", Integer.valueOf(String.valueOf(1)));
        hashMap.put("selfsign", Integer.valueOf(String.valueOf(11)));
        if (strArr.length <= 0) {
            usage();
            return;
        }
        switch (((Integer) hashMap.get(strArr[0].toLowerCase())).intValue()) {
            case CSMPCrypt.ENCRYPT_MODE /* 1 */:
                if (strArr.length <= 1) {
                    usage();
                    return;
                }
                switch (((Integer) hashMap.get(strArr[1].toLowerCase())).intValue()) {
                    case 11:
                        Vector vector = new Vector();
                        for (int i = 2; i < strArr.length; i++) {
                            vector.add(strArr[i]);
                        }
                        sign(vector);
                        return;
                    default:
                        usage();
                        return;
                }
            default:
                usage();
                return;
        }
    }

    public static void usage() {
        System.out.println("Usage: （证书生成工具）");
        System.out.println("     ServerUtil PKI SELFSIGN [-ATTRIBUTE=VALUE, [-ATTRIBUTE=VALUE]], 其中ATTRIBUTE定义如下：");
        System.out.println("\t01、subject: 证书主题。默认值为\"CN=CNCB\"。");
        System.out.println("\t02、keyAlgorithm: 密钥算法。默认值为\"RSA\"。");
        System.out.println("\t03、strength: 密钥强度。默认值为1024位。");
        System.out.println("\t04、signatureAlgorithm: 签名算法。默认值为\"SHA1WithRSAEncryption\"。");
        System.out.println("\t05、validity: 证书有效期。默认值为7300天（20年）。");
        System.out.println("\t06、serial: 证书序列号。默认值为0。");
        System.out.println("\t07、privatekeyFile: 私钥文件。默认值为\"ecserver.key\"。");
        System.out.println("\t08、certificateFile: 证书文件。默认值为\"ecserver.cer\"。");
        System.out.println("\t09、passwordFile: 私钥加密密码文件。默认值为\"ecserver.pwd\"。");
        System.out.println("\t10、password:设置私钥加密密码，若为空串则使用随机密码。");
        System.out.println("\t11、pfxfile:PFX格式证书文件。默认值为\"ecserver.pfx\"。");
        System.out.println("\n");
        System.out.println("\tExample: CNCB PKI SELFSIGN -subject=\"CN=wuyuyi,OU=CNCB,C=CN\" -validity=36500");
        System.exit(0);
    }

    public static void sign(Vector vector) {
        String str = "CN=CNCB SERVER, O=CHINA CITIC BANK CORPORATION LIMITED";
        String str2 = "RSA";
        String str3 = "2048";
        String str4 = "SHA1WithRSAEncryption";
        String str5 = "7300";
        String str6 = "0";
        String str7 = "server.key";
        String str8 = "server.cer";
        String str9 = "server.pwd";
        String str10 = null;
        String str11 = "server.pfx";
        HashMap hashMap = new HashMap();
        for (int i = 0; i < vector.size(); i++) {
            String str12 = (String) vector.get(i);
            if (str12.charAt(0) != '-' || str12.indexOf("=") <= 1) {
                usage();
            } else {
                String lowerCase = str12.substring(1, str12.indexOf("=")).toLowerCase();
                String substring = str12.substring(str12.indexOf("=") + 1);
                hashMap.put(lowerCase, substring);
                if ("subject".equalsIgnoreCase(lowerCase)) {
                    str = substring;
                } else if ("keyAlgorithm".equalsIgnoreCase(lowerCase)) {
                    str2 = substring;
                } else if ("strength".equalsIgnoreCase(lowerCase)) {
                    str3 = substring;
                } else if ("signatureAlgorithm".equalsIgnoreCase(lowerCase)) {
                    str4 = substring;
                } else if ("validity".equalsIgnoreCase(lowerCase)) {
                    str5 = substring;
                } else if ("serial".equalsIgnoreCase(lowerCase)) {
                    str6 = substring;
                } else if ("privatekeyFile".equalsIgnoreCase(lowerCase)) {
                    str7 = substring;
                } else if ("certificateFile".equalsIgnoreCase(lowerCase)) {
                    str8 = substring;
                } else if ("passwordFile".equalsIgnoreCase(lowerCase)) {
                    str9 = substring;
                } else if ("password".equalsIgnoreCase(lowerCase)) {
                    str10 = substring;
                } else if ("pfxfile".equalsIgnoreCase(lowerCase)) {
                    str11 = substring;
                }
            }
        }
        System.out.print("Operating ...");
        if (!hashMap.containsKey("signer")) {
            try {
                if ("RSA".equalsIgnoreCase(str2)) {
                    KeyPair generateKeyPair = CryptUtil.generateKeyPair(str2, str3, "BC");
                    X509Certificate generateSelfSignedCertificate = CryptUtil.generateSelfSignedCertificate(generateKeyPair, str, str6.getBytes(), str4, str5, "BC");
                    Random random = new Random();
                    String str13 = "";
                    for (int i2 = 0; i2 < 7; i2++) {
                        str13 = str13 + "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ".charAt(random.nextInt("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ".length()));
                    }
                    if ("".equals(str10)) {
                        str10 = str13;
                    }
                    byte[] create = str10 == null ? StoreUtil.create(new X509Certificate[]{generateSelfSignedCertificate}, generateKeyPair.getPrivate(), "server", null, "".toCharArray(), "PKCS12", "BC") : StoreUtil.create(new X509Certificate[]{generateSelfSignedCertificate}, generateKeyPair.getPrivate(), "server", str10.toCharArray(), str10.toCharArray(), "PKCS12", "BC");
                    byte[] encoded = str10 == null ? generateKeyPair.getPrivate().getEncoded() : CryptUtil.encryptPrivateKey(generateKeyPair.getPrivate(), str10.toCharArray());
                    String format = new SimpleDateFormat("yyyyMMddHHmmss").format(new Date());
                    if (str10 != null) {
                        File file = new File(str9);
                        File file2 = new File(str9 + "." + format);
                        if (file.exists()) {
                            file.renameTo(file2);
                        }
                        FileUtil.save2file(str10.getBytes(), str9);
                    }
                    File file3 = new File(str8);
                    File file4 = new File(str8 + "." + format);
                    if (file3.exists()) {
                        file3.renameTo(file4);
                    }
                    FileUtil.save2file(Base64.encode(generateSelfSignedCertificate.getEncoded()), str8);
                    File file5 = new File(str7);
                    File file6 = new File(str7 + "." + format);
                    if (file5.exists()) {
                        file5.renameTo(file6);
                    }
                    FileUtil.save2file(Base64.encode(encoded), str7);
                    File file7 = new File(str11);
                    File file8 = new File(str11 + "." + format);
                    if (file7.exists()) {
                        file7.renameTo(file8);
                    }
                    FileUtil.save2file(create, str11);
                } else {
                    if (!"SM2".equalsIgnoreCase(str2)) {
                        usage();
                        return;
                    }
                    KeyPair generateKeyPair2 = SM2.generateKeyPair();
                    byte[] generateSM2Certificate = SM2CrtUtil.generateSM2Certificate(str, str, generateKeyPair2.getPublic(), generateKeyPair2.getPrivate(), str4, str6, new Date(System.currentTimeMillis()), new Date(System.currentTimeMillis() + (86400000 * Integer.valueOf(str5).intValue())));
                    Random random2 = new Random();
                    String str14 = "";
                    for (int i3 = 0; i3 < 16; i3++) {
                        str14 = str14 + "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ".charAt(random2.nextInt("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ".length()));
                    }
                    if ("".equals(str10)) {
                        str10 = str14;
                    }
                    byte[] saveToSM2PFX = str10 == null ? null : SM2CrtUtil.saveToSM2PFX(SM2CrtUtil.generateSM2Certificate(new String(Base64.encode(generateSM2Certificate))), generateKeyPair2.getPrivate(), str10);
                    byte[] dByBytesWithPublicKey = str10 == null ? generateKeyPair2.getPrivate().getDByBytesWithPublicKey() : CryptUtil.encryptPrivateKey(generateKeyPair2.getPrivate(), str10.toCharArray());
                    String format2 = new SimpleDateFormat("yyyyMMddHHmmss").format(new Date());
                    if (str10 != null) {
                        File file9 = new File(str9);
                        File file10 = new File(str9 + "." + format2);
                        if (file9.exists()) {
                            file9.renameTo(file10);
                        }
                        FileUtil.save2file(str10.getBytes(), str9);
                    }
                    File file11 = new File(str8);
                    File file12 = new File(str8 + "." + format2);
                    if (file11.exists()) {
                        file11.renameTo(file12);
                    }
                    FileUtil.save2file(Base64.encode(generateSM2Certificate), str8);
                    File file13 = new File(str7);
                    File file14 = new File(str7 + "." + format2);
                    if (file13.exists()) {
                        file13.renameTo(file14);
                    }
                    FileUtil.save2file(Base64.encode(dByBytesWithPublicKey), str7);
                    if (saveToSM2PFX != null) {
                        File file15 = new File(str11);
                        File file16 = new File(str11 + "." + format2);
                        if (file15.exists()) {
                            file15.renameTo(file16);
                        }
                        FileUtil.save2file(saveToSM2PFX, str11);
                    }
                }
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        System.out.println("ok");
    }
}
