package com.opentech.cloud.server.component.api.sdk.http;

import com.opentech.cloud.server.component.api.sdk.Environment;
import com.opentech.cloud.server.component.api.sdk.ProtocolMappings;
import com.opentech.cloud.server.component.api.sdk.utils.RSAUtils;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Map;
import java.util.TreeMap;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:com/opentech/cloud/server/component/api/sdk/http/Signer.class */
public class Signer {
    private static final Log logger = LogFactory.getLog(Signer.class);

    public static void sign(Environment environment, HttpRequest httpRequest) {
        httpRequest.addHeader(ProtocolMappings.PROTOCOL_SIGN, sign(environment.clientPrivateKey, httpRequest.getUrl().toString(), httpRequest.getHeaders(), httpRequest.getBody()));
    }

    public static String sign(PrivateKey privateKey, String str, Map<String, String> map, String str2) {
        StringBuilder sb = new StringBuilder(32);
        sb.append(str);
        TreeMap treeMap = new TreeMap();
        for (Map.Entry<String, String> entry : map.entrySet()) {
            if (StringUtils.startsWith(entry.getKey(), ProtocolMappings.PROTOCOL_HEADER_PREFIX)) {
                treeMap.put(entry.getKey(), entry.getValue());
            }
        }
        for (Map.Entry entry2 : treeMap.entrySet()) {
            sb.append("&").append((String) entry2.getKey()).append("=").append((String) entry2.getValue());
        }
        if (StringUtils.isNotBlank(str2)) {
            sb.append("&").append(str2);
        }
        try {
            Signature signature = Signature.getInstance("SHA1withRSA");
            signature.initSign(privateKey);
            signature.update(sb.toString().getBytes(Environment.charset));
            return new String(Base64.encodeBase64(signature.sign()), Environment.charset);
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        } catch (InvalidKeyException e2) {
            throw new RuntimeException(e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new RuntimeException(e3);
        } catch (SignatureException e4) {
            throw new RuntimeException(e4);
        }
    }

    public static final boolean validateSign(byte[] bArr, PublicKey publicKey, String str, Map<String, String> map, String str2) {
        StringBuilder sb = new StringBuilder(128);
        sb.append(str);
        TreeMap treeMap = new TreeMap(map);
        for (String str3 : treeMap.keySet()) {
            if (StringUtils.startsWith(str3, ProtocolMappings.PROTOCOL_HEADER_PREFIX)) {
                sb.append("&").append(str3).append("=").append((String) treeMap.get(str3));
            }
        }
        if (StringUtils.isNotBlank(str2)) {
            sb.append("&");
            sb.append(str2);
        }
        try {
            boolean validateSign = RSAUtils.validateSign(publicKey, sb.toString().getBytes(Environment.charset), bArr, "SHA1withRSA");
            if (!validateSign) {
                logger.error("Wrong Sign-------------> server sign: " + Base64.encodeBase64String(bArr));
                logger.error("Wrong Sign-------------> client data: " + sb.toString());
            }
            return validateSign;
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }
}
