package com.alipay.chainstack.ittest.mychain.chain;

import com.alipay.chainstack.providers.mychainx.option.ClientOption;
import com.alipay.mychain.sdk.crypto.keyoperator.Pkcs8KeyOperator;
import com.alipay.mychain.sdk.crypto.keypair.KeyTypeEnum;
import com.github.dockerjava.api.DockerClient;
import com.github.dockerjava.core.DockerClientBuilder;
import java.io.IOException;
import java.util.Arrays;
import java.util.Collections;

/* loaded from: input_file:com/alipay/chainstack/ittest/mychain/chain/TeeSimContainerChain.class */
public class TeeSimContainerChain extends ContainerChain {
    private static final String DEFAULT_KMS_AGENT_PATH = "/home/mychain/deployed/node0/bin/tee_package/kms_agent";
    private static final String SEAL_RSA_PUB_KEY = String.format("%s/test_rsa_seal_pubkey.pem", DEFAULT_KMS_AGENT_PATH);
    private static final String SEAL_EC_PUB_KEY = String.format("%s/test_ec_seal_pubkey.pem", DEFAULT_KMS_AGENT_PATH);
    protected static final String DEFAULT_KMS_AGENT_PROCESS = "./kms_agent";
    protected static final String DEFAULT_DOCKER_REPO = "reg.docker.alibaba-inc.com/chainstack-container-chain/mychain-tee-sim";
    private KeyTypeEnum sealAlgorithm;

    public TeeSimContainerChain() throws IOException {
        this.sealAlgorithm = KeyTypeEnum.KEY_RSA2048_PKCS8;
    }

    public TeeSimContainerChain(String str) throws IOException {
        super(str);
        this.sealAlgorithm = KeyTypeEnum.KEY_RSA2048_PKCS8;
    }

    public TeeSimContainerChain(String str, String str2) throws IOException {
        super(str, str2);
        this.sealAlgorithm = KeyTypeEnum.KEY_RSA2048_PKCS8;
    }

    public TeeSimContainerChain(String str, String str2, DockerClient dockerClient) throws IOException {
        super(str, str2, dockerClient);
        this.sealAlgorithm = KeyTypeEnum.KEY_RSA2048_PKCS8;
    }

    public TeeSimContainerChain(KeyTypeEnum keyTypeEnum) throws IOException {
        this("latest", keyTypeEnum);
    }

    public TeeSimContainerChain(String str, KeyTypeEnum keyTypeEnum) throws IOException {
        this((String) null, str, keyTypeEnum);
    }

    public TeeSimContainerChain(String str, String str2, KeyTypeEnum keyTypeEnum) throws IOException {
        this(str, str2, str == null ? DockerClientBuilder.getInstance().build() : DockerClientBuilder.getInstance(str).build(), keyTypeEnum);
    }

    public TeeSimContainerChain(String str, String str2, DockerClient dockerClient, KeyTypeEnum keyTypeEnum) throws IOException {
        super(str2, str, dockerClient);
        this.sealAlgorithm = KeyTypeEnum.KEY_RSA2048_PKCS8;
        if (KeyTypeEnum.KEY_ECCK1_PKCS8 != keyTypeEnum && KeyTypeEnum.KEY_RSA2048_PKCS8 != keyTypeEnum) {
            throw new RuntimeException(String.format("unsupported tee algorithm %s", keyTypeEnum.name()));
        }
        this.sealAlgorithm = keyTypeEnum;
    }

    public byte[] getSealPubKey() throws IOException {
        byte[] bArr = null;
        if (this.sealAlgorithm == KeyTypeEnum.KEY_ECCK1_PKCS8) {
            bArr = loadFileFromContainer(SEAL_EC_PUB_KEY);
        } else if (this.sealAlgorithm == KeyTypeEnum.KEY_RSA2048_PKCS8) {
            bArr = loadFileFromContainer(SEAL_RSA_PUB_KEY);
        }
        return new Pkcs8KeyOperator().loadPubkey(bArr).getPubkeyEncoded();
    }

    public KeyTypeEnum getSealAlgorithm() {
        return this.sealAlgorithm;
    }

    @Override // com.alipay.chainstack.ittest.mychain.chain.ContainerChain
    public ClientOption getMychainOption() throws IOException {
        return super.getMychainOption().setEnvelopeSealKeys(Collections.singletonList(getSealPubKey()));
    }

    @Override // com.alipay.chainstack.ittest.mychain.chain.ContainerChain
    public void checkChainStatus() {
        checkProcessesAliveness(Arrays.asList("/home/mychain/deployed/node0/bin/mychain", DEFAULT_KMS_AGENT_PROCESS));
    }

    @Override // com.alipay.chainstack.ittest.mychain.chain.ContainerChain
    public String getDockerImageName() {
        return DEFAULT_DOCKER_REPO;
    }
}
