package com.jddglobal.open.support.security;

import com.jddglobal.open.support.constant.Constants;
import java.io.ByteArrayOutputStream;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.StringUtils;

/* loaded from: input_file:com/jddglobal/open/support/security/SecurityUtils.class */
public class SecurityUtils {
    public static final String RSA = "RSA";

    public static String encryptByPublicKey(byte[] bArr, byte[] bArr2, Constants.EncryptAlgorithmType encryptAlgorithmType) throws Exception {
        if (encryptAlgorithmType == Constants.EncryptAlgorithmType.RSA) {
            return Base64.encodeBase64String(subEncryptByPublicKey(bArr, bArr2));
        }
        throw new IllegalArgumentException("Asymmetric encrypt algorithm error.");
    }

    public static String decryptByPrivateKey(byte[] bArr, byte[] bArr2, Constants.EncryptAlgorithmType encryptAlgorithmType) throws Exception {
        if (encryptAlgorithmType == Constants.EncryptAlgorithmType.RSA) {
            return StringUtils.newStringUtf8(subDecryptByPrivateKey(bArr, bArr2)).trim();
        }
        throw new IllegalArgumentException("Asymmetric decrypt algorithm error.");
    }

    public static String decryptByPrivateKeyNoSub(byte[] bArr, byte[] bArr2, Constants.EncryptAlgorithmType encryptAlgorithmType) throws Exception {
        if (encryptAlgorithmType == Constants.EncryptAlgorithmType.RSA) {
            return Base64.encodeBase64String(doInnerDecryptByPrivateKey(bArr, bArr2)).trim();
        }
        throw new IllegalArgumentException("Asymmetric decrypt algorithm error.");
    }

    public static String syEncrypt(String str, String str2, Constants.EncryptAlgorithmType encryptAlgorithmType) throws Exception {
        if (encryptAlgorithmType == Constants.EncryptAlgorithmType.TRIPLE_DES) {
            return doSyEncrypt2Base64(str, str2);
        }
        throw new IllegalArgumentException("Symmetric encrypt algorithm error.");
    }

    public static String syDecrypt(String str, String str2, Constants.EncryptAlgorithmType encryptAlgorithmType) throws Exception {
        if (encryptAlgorithmType == Constants.EncryptAlgorithmType.TRIPLE_DES) {
            return doSyDecrypt4Base64(str, str2);
        }
        throw new IllegalArgumentException("Symmetric decrypt algorithm error.");
    }

    public static String sign(byte[] bArr, byte[] bArr2, byte[] bArr3, Constants.DigestAlgorithmType digestAlgorithmType) throws Exception {
        String encodeBase64String;
        if (digestAlgorithmType == Constants.DigestAlgorithmType.MD5_RSA) {
            encodeBase64String = Base64.encodeBase64String(doSign(StringUtils.getBytesUtf8(doMd5(bArr, bArr3)), bArr2));
        } else if (digestAlgorithmType == Constants.DigestAlgorithmType.SHA1withRSA) {
            encodeBase64String = Base64.encodeBase64String(signWithAlgorithm(bArr, bArr2, digestAlgorithmType.name()));
        } else {
            if (digestAlgorithmType != Constants.DigestAlgorithmType.SHA256withRSA) {
                throw new IllegalArgumentException("Digest algorithm sign error.");
            }
            encodeBase64String = Base64.encodeBase64String(signWithAlgorithm(bArr, bArr2, digestAlgorithmType.name()));
        }
        return encodeBase64String;
    }

    public static boolean verify(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, Constants.DigestAlgorithmType digestAlgorithmType) throws Exception {
        boolean verifyWithAlgorithm;
        if (digestAlgorithmType == Constants.DigestAlgorithmType.MD5_RSA) {
            verifyWithAlgorithm = doVerify(StringUtils.getBytesUtf8(doMd5(bArr, bArr4)), bArr2, bArr3);
        } else {
            if (digestAlgorithmType != Constants.DigestAlgorithmType.SHA1withRSA) {
                throw new IllegalArgumentException("Digest algorithm verify error.");
            }
            verifyWithAlgorithm = verifyWithAlgorithm(bArr, bArr2, bArr3, digestAlgorithmType.name());
        }
        return verifyWithAlgorithm;
    }

    public static String generate3DesKey() throws NoSuchAlgorithmException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede");
        keyGenerator.init(168);
        return Base64.encodeBase64String(keyGenerator.generateKey().getEncoded());
    }

    public static String generateSm4Key() throws NoSuchProviderException, NoSuchAlgorithmException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("SM4", "BC");
        keyGenerator.init(128, new SecureRandom());
        return Base64.encodeBase64String(keyGenerator.generateKey().getEncoded());
    }

    private static byte[] subEncryptByPublicKey(byte[] bArr, byte[] bArr2) throws Exception {
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(bArr2);
        KeyFactory keyFactory = KeyFactory.getInstance(RSA);
        PublicKey generatePublic = keyFactory.generatePublic(x509EncodedKeySpec);
        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
        cipher.init(1, generatePublic);
        int length = bArr.length;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        int i = 0;
        int i2 = 0;
        while (length - i > 0) {
            byte[] doFinal = length - i > Constants.ONCE_RSA_SIZE.intValue() ? cipher.doFinal(bArr, i, Constants.ONCE_RSA_SIZE.intValue()) : cipher.doFinal(bArr, i, length - i);
            byteArrayOutputStream.write(doFinal, 0, doFinal.length);
            i2++;
            i = i2 * Constants.ONCE_RSA_SIZE.intValue();
        }
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.close();
        return byteArray;
    }

    private static byte[] subDecryptByPrivateKey(byte[] bArr, byte[] bArr2) throws Exception {
        PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(bArr2);
        KeyFactory keyFactory = KeyFactory.getInstance(RSA);
        PrivateKey generatePrivate = keyFactory.generatePrivate(pKCS8EncodedKeySpec);
        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
        cipher.init(2, generatePrivate);
        int length = bArr.length;
        byte[] bArr3 = new byte[((bArr.length / 128) + 1) * Constants.ONCE_RSA_SIZE.intValue()];
        int i = 0;
        int i2 = 0;
        int i3 = 0;
        while (length - i > 0) {
            byte[] doFinal = length - i > 128 ? cipher.doFinal(bArr, i, 128) : cipher.doFinal(bArr, i, length - i);
            i2++;
            i = i2 * 128;
            byte[] bArr4 = doFinal;
            int length2 = doFinal.length;
            for (int i4 = 0; i4 < length2; i4++) {
                int i5 = i3;
                i3++;
                bArr3[i5] = bArr4[i4];
            }
        }
        return bArr3;
    }

    private static byte[] doInnerDecryptByPrivateKey(byte[] bArr, byte[] bArr2) throws Exception {
        PrivateKey generatePrivate = KeyFactory.getInstance(RSA).generatePrivate(new PKCS8EncodedKeySpec(bArr2));
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(2, generatePrivate);
        return cipher.doFinal(bArr);
    }

    private static String doSyEncrypt2Base64(String str, String str2) throws Exception {
        SecretKeySpec secretKeySpec = new SecretKeySpec(Base64.decodeBase64(str2), "DESede");
        Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
        cipher.init(1, secretKeySpec);
        return Base64.encodeBase64String(cipher.doFinal(StringUtils.getBytesUtf8(str)));
    }

    private static String doSyDecrypt4Base64(String str, String str2) throws Exception {
        SecretKeySpec secretKeySpec = new SecretKeySpec(Base64.decodeBase64(str2), "DESede");
        Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
        cipher.init(2, secretKeySpec);
        return StringUtils.newStringUtf8(cipher.doFinal(Base64.decodeBase64(str)));
    }

    private static boolean doVerify(byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception {
        PublicKey generatePublic = KeyFactory.getInstance(RSA).generatePublic(new X509EncodedKeySpec(bArr3));
        Signature signature = Signature.getInstance("NONEwithRSA");
        signature.initVerify(generatePublic);
        signature.update(bArr);
        return signature.verify(bArr2);
    }

    private static byte[] doSign(byte[] bArr, byte[] bArr2) throws Exception {
        PrivateKey generatePrivate = KeyFactory.getInstance(RSA).generatePrivate(new PKCS8EncodedKeySpec(bArr2));
        Signature signature = Signature.getInstance("NONEwithRSA");
        signature.initSign(generatePrivate);
        signature.update(bArr);
        return signature.sign();
    }

    private static String doMd5(byte[] bArr, byte[] bArr2) throws Exception {
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
        System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
        MessageDigest messageDigest = MessageDigest.getInstance("MD5");
        messageDigest.update(bArr3);
        byte[] digest = messageDigest.digest();
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < digest.length; i++) {
            if ((digest[i] & 255) < 16) {
                sb.append("0");
            }
            sb.append(Long.toString(digest[i] & 255, 16));
        }
        return sb.toString();
    }

    private SecurityUtils() {
        throw new AssertionError();
    }

    public static byte[] signWithAlgorithm(byte[] bArr, byte[] bArr2, String str) throws Exception {
        PrivateKey generatePrivate = KeyFactory.getInstance(RSA).generatePrivate(new PKCS8EncodedKeySpec(bArr2));
        Signature signature = Signature.getInstance(str);
        signature.initSign(generatePrivate);
        signature.update(bArr);
        return signature.sign();
    }

    public static boolean verifyWithAlgorithm(byte[] bArr, byte[] bArr2, byte[] bArr3, String str) throws Exception {
        PublicKey generatePublic = KeyFactory.getInstance(RSA).generatePublic(new X509EncodedKeySpec(bArr3));
        Signature signature = Signature.getInstance(str);
        signature.initVerify(generatePublic);
        signature.update(bArr);
        return signature.verify(bArr2);
    }
}
