package com.fshows.ysepay.util;

import com.fshows.sdk.core.exception.FsApiException;
import com.fshows.sdk.core.util.LogUtil;
import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.FileReader;
import java.io.IOException;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.CertificateFactory;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Map;
import javax.crypto.Cipher;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/fshows/ysepay/util/YsepaySignatureUtil.class */
public class YsepaySignatureUtil {
    private static final Logger log = LoggerFactory.getLogger(YsepaySignatureUtil.class);
    private static final String SIGN_TYPE_RSA = "RSA";
    private static final String SIGN_TYPE_SM = "SM";
    private static final String SIGN_ALGORITHMS = "SHA1WithRSA";
    private static final String CHARSET_UTF8 = "UTF-8";
    private static final String ALGORITHM_PKCS1PADDING = "RSA/ECB/PKCS1Padding";
    private static final String ALGORITHM = "SHA256withRSA";

    public static String sign(Map<String, String> map, String str) throws FsApiException {
        try {
            String signContent = getSignContent(map);
            LogUtil.info(log, "ysepay 待签名内容: " + signContent);
            PrivateKey privateKey = getPrivateKey(str);
            Signature signature = Signature.getInstance("SHA1withRSA");
            signature.initSign(privateKey);
            signature.update(signContent.getBytes(CHARSET_UTF8));
            String encodeBase64String = Base64.encodeBase64String(signature.sign());
            LogUtil.info(log, "ysepay 签名结果: " + encodeBase64String);
            return encodeBase64String;
        } catch (Exception e) {
            LogUtil.error(log, "ysepay RSA签名失败", e);
            throw new FsApiException("RSA签名失败", e);
        }
    }

    public static String sign(Map<String, String> map, PrivateKey privateKey) throws FsApiException {
        try {
            String signContent = getSignContent(map);
            LogUtil.info(log, "ysepay 待签名内容: " + signContent);
            Signature signature = Signature.getInstance("SHA1withRSA");
            signature.initSign(privateKey);
            signature.update(signContent.getBytes(CHARSET_UTF8));
            String encodeBase64String = Base64.encodeBase64String(signature.sign());
            LogUtil.info(log, "ysepay 签名结果: " + encodeBase64String);
            return encodeBase64String;
        } catch (Exception e) {
            LogUtil.error(log, "ysepay RSA签名失败", e);
            throw new FsApiException("ysepay RSA签名失败", e);
        }
    }

    public static String sign(String str, PrivateKey privateKey) throws FsApiException {
        try {
            LogUtil.info(log, "ysepay 待签名内容: " + str);
            Signature signature = Signature.getInstance("SHA1withRSA");
            signature.initSign(privateKey);
            signature.update(str.getBytes(CHARSET_UTF8));
            String encodeBase64String = Base64.encodeBase64String(signature.sign());
            LogUtil.info(log, "ysepay 签名结果: " + encodeBase64String);
            return encodeBase64String;
        } catch (Exception e) {
            LogUtil.error(log, "ysepay RSA签名失败", e);
            throw new FsApiException("ysepay RSA签名失败", e);
        }
    }

    public static String signWithRsa256(String str, PrivateKey privateKey) throws FsApiException {
        try {
            LogUtil.info(log, "ysepay 待签名内容: " + str);
            Signature signature = Signature.getInstance(ALGORITHM);
            signature.initSign(privateKey);
            signature.update(str.getBytes(CHARSET_UTF8));
            String encodeBase64String = Base64.encodeBase64String(signature.sign());
            LogUtil.info(log, "ysepay 签名结果: " + encodeBase64String);
            return encodeBase64String;
        } catch (Exception e) {
            LogUtil.error(log, "ysepay RSA签名失败", e);
            throw new FsApiException("ysepay RSA签名失败", e);
        }
    }

    public static boolean verifyResponse(String str, String str2, String str3) throws FsApiException {
        try {
            LogUtil.info(log, "ysepay 验签内容：" + str);
            LogUtil.info(log, "ysepay 签名值：" + str2);
            PublicKey publicKeyFromCert = getPublicKeyFromCert(str3);
            Signature signature = Signature.getInstance(SIGN_ALGORITHMS);
            signature.initVerify(publicKeyFromCert);
            signature.update(str.getBytes(CHARSET_UTF8));
            LogUtil.info(log, "ysepay 公钥算法：" + publicKeyFromCert.getAlgorithm());
            LogUtil.info(log, "ysepay 公钥格式：" + publicKeyFromCert.getFormat());
            return signature.verify(Base64.decodeBase64(str2.getBytes(CHARSET_UTF8)));
        } catch (Exception e) {
            LogUtil.error(log, "ysepay RSA验签失败", e);
            throw new FsApiException("ysepay RSA验签失败", e);
        }
    }

    public static boolean validateSignBySoft(PublicKey publicKey, byte[] bArr, byte[] bArr2) throws Exception {
        Signature signature = Signature.getInstance(ALGORITHM);
        signature.initVerify(publicKey);
        signature.update(bArr2);
        return signature.verify(bArr);
    }

    public static boolean verifyResponse(String str, String str2, PublicKey publicKey) throws FsApiException {
        try {
            LogUtil.info(log, "ysepay 验签内容：" + str);
            LogUtil.info(log, "ysepay 签名值：" + str2);
            Signature signature = Signature.getInstance(SIGN_ALGORITHMS);
            signature.initVerify(publicKey);
            signature.update(str.getBytes(CHARSET_UTF8));
            LogUtil.info(log, "ysepay 公钥算法：" + publicKey.getAlgorithm());
            LogUtil.info(log, "ysepay 公钥格式：" + publicKey.getFormat());
            return signature.verify(Base64.decodeBase64(str2.getBytes(CHARSET_UTF8)));
        } catch (Exception e) {
            LogUtil.error(log, "ysepay RSA验签失败", e);
            throw new FsApiException("ysepay RSA验签失败", e);
        }
    }

    public static byte[] encrypt(PublicKey publicKey, byte[] bArr) throws Exception {
        Cipher cipher = Cipher.getInstance(ALGORITHM_PKCS1PADDING);
        cipher.init(1, publicKey);
        return cipher.doFinal(bArr);
    }

    private static String getSignContent(Map<String, String> map) {
        String str;
        if (map == null) {
            return null;
        }
        StringBuilder sb = new StringBuilder();
        ArrayList<String> arrayList = new ArrayList(map.keySet());
        Collections.sort(arrayList);
        int i = 0;
        for (String str2 : arrayList) {
            if (!"sign".equals(str2) && (str = map.get(str2)) != null && StringUtils.isNotBlank(str)) {
                sb.append(i == 0 ? "" : "&").append(str2).append("=").append(str);
                i++;
            }
        }
        return sb.toString();
    }

    public static PrivateKey getPrivateKey(String str) throws Exception {
        try {
            return KeyFactory.getInstance(SIGN_TYPE_RSA).generatePrivate(new PKCS8EncodedKeySpec(Base64.decodeBase64(readKey(str).replaceAll("-----BEGIN PRIVATE KEY-----", "").replaceAll("-----END PRIVATE KEY-----", "").replaceAll("-----BEGIN RSA PRIVATE KEY-----", "").replaceAll("-----END RSA PRIVATE KEY-----", "").replaceAll("\n", "").replaceAll("\r", "").trim())));
        } catch (Exception e) {
            try {
                FileInputStream fileInputStream = new FileInputStream(str);
                Throwable th = null;
                try {
                    try {
                        byte[] bArr = new byte[fileInputStream.available()];
                        fileInputStream.read(bArr);
                        PrivateKey generatePrivate = KeyFactory.getInstance(SIGN_TYPE_RSA).generatePrivate(new PKCS8EncodedKeySpec(bArr));
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                        return generatePrivate;
                    } finally {
                    }
                } finally {
                }
            } catch (Exception e2) {
                throw new FsApiException("ysepay 私钥格式不正确", e2);
            }
        }
    }

    public static PublicKey getPublicKeyFromCert(String str) throws Exception {
        FileInputStream fileInputStream = new FileInputStream(str);
        try {
            try {
                PublicKey publicKey = CertificateFactory.getInstance("X.509").generateCertificate(fileInputStream).getPublicKey();
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                return publicKey;
            } catch (Exception e) {
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                throw e;
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    public static byte[] encrypt(String str, byte[] bArr) throws Exception {
        Cipher cipher = Cipher.getInstance(ALGORITHM_PKCS1PADDING);
        cipher.init(1, CertUtil.getValidateCert(str).getPublicKey());
        return cipher.doFinal(bArr);
    }

    private static PublicKey getPublicKey(String str) throws Exception {
        return KeyFactory.getInstance(SIGN_TYPE_RSA).generatePublic(new X509EncodedKeySpec(Base64.decodeBase64(readKey(str).replace("-----BEGIN PUBLIC KEY-----", "").replace("-----END PUBLIC KEY-----", "").replaceAll("\\s+", ""))));
    }

    private static String readKey(String str) throws IOException {
        StringBuilder sb = new StringBuilder();
        BufferedReader bufferedReader = new BufferedReader(new FileReader(str));
        Throwable th = null;
        while (true) {
            try {
                try {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    sb.append(readLine);
                    sb.append("\n");
                } finally {
                }
            } catch (Throwable th2) {
                if (bufferedReader != null) {
                    if (th != null) {
                        try {
                            bufferedReader.close();
                        } catch (Throwable th3) {
                            th.addSuppressed(th3);
                        }
                    } else {
                        bufferedReader.close();
                    }
                }
                throw th2;
            }
        }
        if (bufferedReader != null) {
            if (0 != 0) {
                try {
                    bufferedReader.close();
                } catch (Throwable th4) {
                    th.addSuppressed(th4);
                }
            } else {
                bufferedReader.close();
            }
        }
        return sb.toString();
    }

    public static String getSignDataStr1(Map<String, String> map) {
        ArrayList<String> arrayList = new ArrayList(map.keySet());
        Collections.sort(arrayList);
        StringBuilder sb = new StringBuilder();
        for (String str : arrayList) {
            if (!"sign".equals(str) && !"$jacocoData".equals(str)) {
                sb.append(str).append("=");
                sb.append(map.get(str));
                sb.append("&");
            }
        }
        if (sb.length() > 0) {
            sb.setLength(sb.length() - 1);
        }
        return sb.toString();
    }
}
