package com.jxdinfo.hussar.support.secure.encrypt.utils;

import com.jxdinfo.hussar.encrypt.util.SM2Util;
import com.jxdinfo.hussar.encrypt.util.SM3Util;
import com.jxdinfo.hussar.encrypt.util.SM4Util;
import com.jxdinfo.hussar.platform.core.utils.HussarUtils;
import com.jxdinfo.hussar.platform.core.utils.JsonUtil;
import com.jxdinfo.hussar.support.cache.util.HussarFixedCacheUtil;
import com.jxdinfo.hussar.support.exception.HussarException;
import com.jxdinfo.hussar.support.secure.encrypt.core.dto.SecurityEncryptDTO;
import com.jxdinfo.hussar.support.secure.encrypt.core.enums.EncryptExceptionEnum;
import com.jxdinfo.hussar.support.secure.encrypt.core.exception.HussarEncryptExecption;
import com.jxdinfo.hussar.support.secure.encrypt.properties.SecureEncryptProperties;
import com.jxdinfo.hussar.support.secure.encrypt.support.message.DecryptHttpInputMessage;
import java.io.ByteArrayInputStream;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpInputMessage;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.Assert;
import org.springframework.web.context.request.NativeWebRequest;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.springframework.web.context.request.ServletWebRequest;

/* loaded from: input_file:com/jxdinfo/hussar/support/secure/encrypt/utils/EncryptUtils.class */
public class EncryptUtils {
    public static void initSMKey() {
        String str = (String) HussarFixedCacheUtil.get("encrypt_cache", "encrypt_back_pri", String.class);
        String str2 = (String) HussarFixedCacheUtil.get("encrypt_cache", "encrypt_back_pub", String.class);
        String str3 = (String) HussarFixedCacheUtil.get("encrypt_cache", "encrypt_front_pri", String.class);
        String str4 = (String) HussarFixedCacheUtil.get("encrypt_cache", "encrypt_front_pub", String.class);
        if (HussarUtils.isNotBlank(str) && HussarUtils.isNotBlank(str2) && HussarUtils.isNotBlank(str3) && HussarUtils.isNotBlank(str4)) {
            return;
        }
        Map generateKeyPair = SM2Util.generateKeyPair();
        Map generateKeyPair2 = SM2Util.generateKeyPair();
        String str5 = (String) generateKeyPair2.get("pubKey");
        String str6 = (String) generateKeyPair.get("priKey");
        String str7 = (String) generateKeyPair.get("pubKey");
        String str8 = (String) generateKeyPair2.get("priKey");
        HussarFixedCacheUtil.put("encrypt_cache", "encrypt_back_pri", str6);
        HussarFixedCacheUtil.put("encrypt_cache", "encrypt_back_pub", str7);
        HussarFixedCacheUtil.put("encrypt_cache", "encrypt_front_pri", str8);
        HussarFixedCacheUtil.put("encrypt_cache", "encrypt_front_pub", str5);
    }

    public static Object encryptData(String str, Object obj, SecureEncryptProperties secureEncryptProperties) {
        try {
            String str2 = (String) HussarFixedCacheUtil.get("encrypt_cache", "encrypt_front_pub", String.class);
            String str3 = (String) HussarFixedCacheUtil.get("encrypt_cache", "encrypt_back_pri", String.class);
            HussarException.throwBy(HussarUtils.isAnyBlank(new CharSequence[]{str2, str3}), EncryptExceptionEnum.ENCRYPT_KEY_NULL.getExceptionCode(), EncryptExceptionEnum.ENCRYPT_KEY_NULL.getMessage());
            String randomKey = SM4Util.getRandomKey();
            Boolean enableEncryptCbcMode = secureEncryptProperties.getEnableEncryptCbcMode();
            String randomKey2 = enableEncryptCbcMode.booleanValue() ? SM4Util.getRandomKey() : "";
            String json = JsonUtil.toJson(obj);
            String encrypt = enableEncryptCbcMode.booleanValue() ? SM4CbcUtil.encrypt(json, randomKey, randomKey2) : SM4Util.encrypt(json, randomKey);
            String encrypt2 = SM2Util.encrypt(randomKey, str2);
            String encrypt3 = enableEncryptCbcMode.booleanValue() ? SM2Util.encrypt(randomKey2, str2) : "";
            String str4 = "";
            if (secureEncryptProperties.getEnabledEncryptSign().booleanValue()) {
                str4 = SM2Util.sign(str, str3, SM3Util.digest(enableEncryptCbcMode.booleanValue() ? encrypt + encrypt2 + encrypt3 : encrypt + encrypt2));
                HussarException.throwBy(HussarUtils.isEmpty(str4), EncryptExceptionEnum.ENCRYPT_SIGN_EXCEPTION.getExceptionCode(), EncryptExceptionEnum.ENCRYPT_SIGN_EXCEPTION.getMessage());
            }
            HashMap hashMap = new HashMap(3);
            hashMap.put(secureEncryptProperties.getData(), encrypt);
            hashMap.put(secureEncryptProperties.getSign(), str4);
            hashMap.put(secureEncryptProperties.getKey(), encrypt2);
            if (enableEncryptCbcMode.booleanValue()) {
                hashMap.put(secureEncryptProperties.getIv(), encrypt3);
            }
            return hashMap;
        } catch (Exception e) {
            e.printStackTrace();
            throw new HussarEncryptExecption("加密组件：解密时出现错误");
        }
    }

    public static byte[] doDecryptService(SecurityEncryptDTO securityEncryptDTO, SecureEncryptProperties secureEncryptProperties) {
        if (HussarUtils.isEmpty(securityEncryptDTO) || HussarUtils.isEmpty(securityEncryptDTO.getData()) || HussarUtils.isEmpty(securityEncryptDTO.getKey())) {
            return null;
        }
        try {
            String data = securityEncryptDTO.getData();
            String sign = securityEncryptDTO.getSign();
            String key = securityEncryptDTO.getKey();
            String iv = securityEncryptDTO.getIv();
            String str = (String) HussarFixedCacheUtil.get("encrypt_cache", "encrypt_front_pub", String.class);
            String str2 = (String) HussarFixedCacheUtil.get("encrypt_cache", "encrypt_back_pri", String.class);
            HussarException.throwBy(HussarUtils.isAnyBlank(new CharSequence[]{str, str2}), EncryptExceptionEnum.ENCRYPT_KEY_NULL.getExceptionCode(), EncryptExceptionEnum.ENCRYPT_KEY_NULL.getMessage());
            Boolean enableEncryptCbcMode = secureEncryptProperties.getEnableEncryptCbcMode();
            if (secureEncryptProperties.getEnabledEncryptSign().booleanValue()) {
                HussarException.throwBy(HussarUtils.isEmpty(sign), EncryptExceptionEnum.ENCRYPT_SIGN_EXCEPTION.getExceptionCode(), "签名不可为空");
                HussarException.throwBy(!SM2Util.verifySign(securityEncryptDTO.getClientId(), str, SM3Util.digest(enableEncryptCbcMode.booleanValue() ? new StringBuilder().append(data).append(key).append(iv).toString() : new StringBuilder().append(data).append(key).toString()), sign), EncryptExceptionEnum.ENCRYPT_SIGN_EXCEPTION.getExceptionCode(), "数据完整性被破坏");
            }
            String decrypt = SM2Util.decrypt(key, str2);
            String decrypt2 = enableEncryptCbcMode.booleanValue() ? SM4CbcUtil.decrypt(data, decrypt, SM2Util.decrypt(iv, str2)) : SM4Util.decrypt(data, decrypt);
            if (decrypt2.startsWith("\"") && decrypt2.endsWith("\"")) {
                decrypt2 = decrypt2.substring(1, decrypt2.length() - 1);
            }
            return decrypt2.getBytes(StandardCharsets.UTF_8);
        } catch (Exception e) {
            e.printStackTrace();
            throw new HussarEncryptExecption("解密组件，解密参数出现错误");
        }
    }

    public static <T> T decryptGetData(SecurityEncryptDTO securityEncryptDTO, SecureEncryptProperties secureEncryptProperties, Class<T> cls) {
        byte[] doDecryptService = doDecryptService(securityEncryptDTO, secureEncryptProperties);
        if (HussarUtils.isEmpty(doDecryptService)) {
            return null;
        }
        return (T) JsonUtil.readValue(doDecryptService, cls);
    }

    public static SecurityEncryptDTO getSecurityEncryptDTOByRequest(HttpServletRequest httpServletRequest, SecureEncryptProperties secureEncryptProperties) {
        SecurityEncryptDTO securityEncryptDTO = new SecurityEncryptDTO();
        String parameter = httpServletRequest.getParameter(secureEncryptProperties.getData());
        String parameter2 = httpServletRequest.getParameter(secureEncryptProperties.getSign());
        String parameter3 = httpServletRequest.getParameter(secureEncryptProperties.getIv());
        String parameter4 = httpServletRequest.getParameter(secureEncryptProperties.getKey());
        if (HussarUtils.isEmpty(parameter) || HussarUtils.isEmpty(parameter3) || HussarUtils.isEmpty(parameter4)) {
            return null;
        }
        securityEncryptDTO.setData(parameter);
        securityEncryptDTO.setIv(parameter3);
        securityEncryptDTO.setSign(parameter2);
        securityEncryptDTO.setKey(parameter4);
        securityEncryptDTO.setClientId(httpServletRequest.getHeader("client-id"));
        return securityEncryptDTO;
    }

    public static <T> T decryptGetData(NativeWebRequest nativeWebRequest, SecureEncryptProperties secureEncryptProperties, Class<T> cls) {
        try {
            String parameter = nativeWebRequest.getParameter(secureEncryptProperties.getData());
            String parameter2 = nativeWebRequest.getParameter(secureEncryptProperties.getSign());
            String parameter3 = nativeWebRequest.getParameter(secureEncryptProperties.getIv());
            String parameter4 = nativeWebRequest.getParameter(secureEncryptProperties.getKey());
            if (HussarUtils.isEmpty(parameter) || HussarUtils.isEmpty(parameter3) || HussarUtils.isEmpty(parameter4)) {
                return null;
            }
            SecurityEncryptDTO securityEncryptDTO = new SecurityEncryptDTO();
            securityEncryptDTO.setData(parameter);
            securityEncryptDTO.setIv(parameter3);
            securityEncryptDTO.setSign(parameter2);
            securityEncryptDTO.setKey(parameter4);
            securityEncryptDTO.setClientId(nativeWebRequest.getHeader("client-id"));
            return (T) decryptGetData(securityEncryptDTO, secureEncryptProperties, cls);
        } catch (Exception e) {
            e.printStackTrace();
            throw new HussarEncryptExecption("加密组件：get请求进行解密出现错误");
        }
    }

    public static DecryptHttpInputMessage decryptPostData(SecurityEncryptDTO securityEncryptDTO, SecureEncryptProperties secureEncryptProperties, HttpInputMessage httpInputMessage) {
        byte[] doDecryptService = doDecryptService(securityEncryptDTO, secureEncryptProperties);
        if (HussarUtils.isEmpty(doDecryptService)) {
            return null;
        }
        return new DecryptHttpInputMessage(new ByteArrayInputStream(doDecryptService), httpInputMessage.getHeaders());
    }

    public static boolean enableEncrypt(HttpHeaders httpHeaders, SecureEncryptProperties secureEncryptProperties) {
        if (HussarUtils.isEmpty(httpHeaders) || !httpHeaders.containsKey(secureEncryptProperties.getHeaderEncrypt())) {
            return false;
        }
        String first = httpHeaders.getFirst(secureEncryptProperties.getHeaderEncrypt());
        if (HussarUtils.isEmpty(first) || HussarUtils.equals(first, "0")) {
            return false;
        }
        return HussarUtils.equals(first, "1");
    }

    public static boolean validateEncryptByHeader(String str) {
        if (HussarUtils.isEmpty(str) || HussarUtils.equals(str, "0")) {
            return false;
        }
        return HussarUtils.equals(str, "1");
    }

    public static NativeWebRequest getWebRequest() {
        ServletRequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
        Assert.state(requestAttributes instanceof ServletRequestAttributes, "No ServletRequestAttributes");
        return new ServletWebRequest(requestAttributes.getRequest());
    }

    protected static boolean matchPath(String str, SecureEncryptProperties secureEncryptProperties) {
        List<String> ignoreEncryptUrls = secureEncryptProperties.getIgnoreEncryptUrls();
        if (HussarUtils.isEmpty(ignoreEncryptUrls)) {
            return true;
        }
        boolean z = true;
        AntPathMatcher antPathMatcher = new AntPathMatcher();
        Iterator<String> it = ignoreEncryptUrls.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (antPathMatcher.match(it.next(), str)) {
                z = false;
                break;
            }
        }
        return z;
    }

    public static boolean enableEncrypt(NativeWebRequest nativeWebRequest, SecureEncryptProperties secureEncryptProperties) {
        return enableEncrypt((HttpServletRequest) nativeWebRequest.getNativeRequest(HttpServletRequest.class), secureEncryptProperties);
    }

    public static boolean enableEncrypt(HttpServletRequest httpServletRequest, SecureEncryptProperties secureEncryptProperties) {
        return validateEncryptByHeader(httpServletRequest.getHeader(secureEncryptProperties.getHeaderEncrypt())) && matchPath(httpServletRequest.getRequestURI(), secureEncryptProperties);
    }

    public static void main(String[] strArr) {
        System.out.println("SM4Key= " + SM4Util.getRandomKey());
        Map generateKeyPair = SM2Util.generateKeyPair();
        Map generateKeyPair2 = SM2Util.generateKeyPair();
        String str = (String) generateKeyPair2.get("pubKey");
        String str2 = (String) generateKeyPair.get("priKey");
        String str3 = (String) generateKeyPair.get("pubKey");
        String str4 = (String) generateKeyPair2.get("priKey");
        System.out.println("frontPubKey=" + str);
        System.out.println("backedPriKey=" + str2);
        System.out.println("backedPubKey=" + str3);
        System.out.println("frontPriKey=" + str4);
    }
}
