package com.tunshugongshe.client.webchat.core;

import com.tunshugongshe.client.webchat.core.auth.Credential;
import com.tunshugongshe.client.webchat.core.auth.Validator;
import com.tunshugongshe.client.webchat.core.auth.WechatPay2Credential;
import com.tunshugongshe.client.webchat.core.auth.WechatPay2Validator;
import com.tunshugongshe.client.webchat.core.certificate.CertificateProvider;
import com.tunshugongshe.client.webchat.core.certificate.InMemoryCertificateProvider;
import com.tunshugongshe.client.webchat.core.cipher.PrivacyDecryptor;
import com.tunshugongshe.client.webchat.core.cipher.PrivacyEncryptor;
import com.tunshugongshe.client.webchat.core.cipher.RSAPrivacyDecryptor;
import com.tunshugongshe.client.webchat.core.cipher.RSAPrivacyEncryptor;
import com.tunshugongshe.client.webchat.core.cipher.RSASigner;
import com.tunshugongshe.client.webchat.core.cipher.RSAVerifier;
import com.tunshugongshe.client.webchat.core.util.PemUtil;
import java.security.PrivateKey;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;

/* loaded from: classes2.dex */
public final class RSAConfig implements Config {
    private final CertificateProvider certificateProvider;
    private final X509Certificate latestWechatPayCertificate;
    private final String merchantId;
    private final String merchantSerialNumber;
    private final PrivateKey privateKey;

    /* loaded from: classes2.dex */
    public static class Builder {
        private String merchantId;
        private String merchantSerialNumber;
        private PrivateKey privateKey;
        private List<X509Certificate> wechatPayCertificates;

        public RSAConfig build() {
            Objects.requireNonNull(this.privateKey);
            Objects.requireNonNull(this.merchantSerialNumber);
            Objects.requireNonNull(this.merchantId);
            Objects.requireNonNull(this.wechatPayCertificates);
            if (this.wechatPayCertificates.isEmpty()) {
                throw new IllegalArgumentException("Build RSAConfig, wechatPayCertificates is empty.Please call wechatPayCertificates() or wechatPayCertificatesFromPath() method.");
            }
            X509Certificate x509Certificate = null;
            Iterator<X509Certificate> it = this.wechatPayCertificates.iterator();
            while (true) {
                X509Certificate x509Certificate2 = x509Certificate;
                while (it.hasNext()) {
                    x509Certificate = it.next();
                    if (x509Certificate2 == null || x509Certificate.getNotBefore().after(x509Certificate2.getNotBefore())) {
                    }
                }
                try {
                    x509Certificate2.checkValidity();
                    return new RSAConfig(this.merchantId, this.privateKey, this.merchantSerialNumber, new InMemoryCertificateProvider(this.wechatPayCertificates), x509Certificate2);
                } catch (CertificateExpiredException | CertificateNotYetValidException e) {
                    throw new IllegalArgumentException("Build RSAConfig, The latest WechatPay certificate is not valid or has expired.", e);
                }
            }
        }

        public Builder merchantId(String str) {
            this.merchantId = str;
            return this;
        }

        public Builder merchantSerialNumber(String str) {
            this.merchantSerialNumber = str;
            return this;
        }

        public Builder merchantSerialNumberFromCertificate(String str) {
            this.merchantSerialNumber = PemUtil.loadX509FromString(str).getSerialNumber().toString(16);
            return this;
        }

        public Builder merchantSerialNumberFromCertificate(X509Certificate x509Certificate) {
            this.merchantSerialNumber = x509Certificate.getSerialNumber().toString(16);
            return this;
        }

        public Builder merchantSerialNumberFromPath(String str) {
            this.merchantSerialNumber = PemUtil.loadX509FromPath(str).getSerialNumber().toString(16);
            return this;
        }

        public Builder privateKey(String str) {
            this.privateKey = PemUtil.loadPrivateKeyFromString(str);
            return this;
        }

        public Builder privateKey(PrivateKey privateKey) {
            this.privateKey = privateKey;
            return this;
        }

        public Builder privateKeyFromPath(String str) {
            this.privateKey = PemUtil.loadPrivateKeyFromPath(str);
            return this;
        }

        public Builder wechatPayCertificates(String... strArr) {
            this.wechatPayCertificates = new ArrayList();
            for (String str : strArr) {
                X509Certificate loadX509FromString = PemUtil.loadX509FromString(str);
                if (loadX509FromString != null) {
                    this.wechatPayCertificates.add(loadX509FromString);
                }
            }
            return this;
        }

        public Builder wechatPayCertificates(X509Certificate... x509CertificateArr) {
            this.wechatPayCertificates = Arrays.asList(x509CertificateArr);
            return this;
        }

        public Builder wechatPayCertificatesFromPath(String... strArr) {
            this.wechatPayCertificates = new ArrayList();
            for (String str : strArr) {
                X509Certificate loadX509FromPath = PemUtil.loadX509FromPath(str);
                if (loadX509FromPath != null) {
                    this.wechatPayCertificates.add(loadX509FromPath);
                }
            }
            return this;
        }
    }

    private RSAConfig(String str, PrivateKey privateKey, String str2, CertificateProvider certificateProvider, X509Certificate x509Certificate) {
        this.merchantId = str;
        this.privateKey = privateKey;
        this.merchantSerialNumber = str2;
        this.certificateProvider = certificateProvider;
        this.latestWechatPayCertificate = x509Certificate;
    }

    @Override // com.tunshugongshe.client.webchat.core.Config
    public Credential createCredential() {
        return new WechatPay2Credential(this.merchantId, new RSASigner(this.merchantSerialNumber, this.privateKey));
    }

    @Override // com.tunshugongshe.client.webchat.core.Config
    public PrivacyDecryptor createDecryptor() {
        return new RSAPrivacyDecryptor(this.privateKey);
    }

    @Override // com.tunshugongshe.client.webchat.core.Config
    public PrivacyEncryptor createEncryptor() {
        return new RSAPrivacyEncryptor(this.latestWechatPayCertificate.getPublicKey(), this.latestWechatPayCertificate.getSerialNumber().toString(16));
    }

    @Override // com.tunshugongshe.client.webchat.core.Config
    public Validator createValidator() {
        return new WechatPay2Validator(new RSAVerifier(this.certificateProvider));
    }
}
