package cn.qmso.wxPay.base;

import cn.hutool.core.util.StrUtil;
import cn.hutool.http.ContentType;
import cn.hutool.json.JSONUtil;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.lang.reflect.Field;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Base64;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.json.JSONObject;
import okhttp3.HttpUrl;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;

/* loaded from: input_file:cn/qmso/wxPay/base/Pay.class */
public class Pay {
    private static final String charset = "UTF-8";
    private static final Map<String, Certificate> CERTIFICATE_MAP = new ConcurrentHashMap();

    protected static String getToken(String str, HttpUrl httpUrl, String str2, String str3, String str4, String str5) throws Exception {
        String replace = UUID.randomUUID().toString().replace("-", "");
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        return "mchid=\"" + str2 + "\",nonce_str=\"" + replace + "\",timestamp=\"" + currentTimeMillis + "\",serial_no=\"" + str3 + "\",signature=\"" + sign(buildMessage(str, httpUrl, currentTimeMillis, replace, str5).getBytes(charset), str4) + "\"";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String sign(byte[] bArr, String str) throws Exception {
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(getPrivateKey(str));
        signature.update(bArr);
        return Base64.getEncoder().encodeToString(signature.sign());
    }

    static String buildMessage(String str, HttpUrl httpUrl, long j, String str2, String str3) {
        String encodedPath = httpUrl.encodedPath();
        if (httpUrl.encodedQuery() != null) {
            encodedPath = encodedPath + "?" + httpUrl.encodedQuery();
        }
        return str + "\n" + encodedPath + "\n" + j + "\n" + str2 + "\n" + str3 + "\n";
    }

    protected static JSONObject getCertificates(String str, String str2, String str3, String str4, String str5, String str6) throws Exception {
        JSONObject jSONObject = null;
        CloseableHttpClient createDefault = HttpClients.createDefault();
        HttpGet httpGet = new HttpGet(str + str2);
        String token = getToken("GET", HttpUrl.parse(str + str2), str3, str4, str5, "");
        httpGet.setHeader("Content-type", "application/json");
        httpGet.setHeader("User-Agent", "https://zh.wikipedia.org/wiki/User_agent");
        httpGet.setHeader("Accept", "application/json");
        httpGet.setHeader("Authorization", "WECHATPAY2-SHA256-RSA2048 " + token);
        CloseableHttpResponse execute = createDefault.execute(httpGet);
        HttpEntity entity = execute.getEntity();
        if (entity != null) {
            jSONObject = JSONObject.fromObject(EntityUtils.toString(entity, charset));
        }
        EntityUtils.consume(entity);
        execute.close();
        return jSONObject;
    }

    private static void refreshCertificate(String str, String str2, String str3, String str4, String str5, String str6) throws Exception {
        Iterator it = getCertificates(str, str2, str3, str4, str5, str6).getJSONArray("data").iterator();
        while (it.hasNext()) {
            JSONObject fromObject = JSONObject.fromObject(it.next());
            JSONObject jSONObject = fromObject.getJSONObject("encrypt_certificate");
            Certificate certificate = null;
            try {
                certificate = CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(decryptResponseBody(str6, jSONObject.getString("associated_data"), jSONObject.getString("nonce"), jSONObject.getString("ciphertext")).getBytes(StandardCharsets.UTF_8)));
            } catch (CertificateException e) {
                e.printStackTrace();
            }
            String string = fromObject.getString("serial_no");
            CERTIFICATE_MAP.clear();
            CERTIFICATE_MAP.put(string, certificate);
        }
    }

    public static Map<String, Certificate> getCertificate(String str, String str2, String str3, String str4, String str5, String str6) throws Exception {
        if (CERTIFICATE_MAP.isEmpty()) {
            refreshCertificate(str, str2, str3, str4, str5, str6);
        }
        return CERTIFICATE_MAP;
    }

    public static String decryptResponseBody(String str, String str2, String str3, String str4) {
        try {
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(2, new SecretKeySpec(str.getBytes(StandardCharsets.UTF_8), "AES"), new GCMParameterSpec(128, str3.getBytes(StandardCharsets.UTF_8)));
            cipher.updateAAD(str2.getBytes(StandardCharsets.UTF_8));
            try {
                return new String(cipher.doFinal(Base64.getDecoder().decode(str4)), StandardCharsets.UTF_8);
            } catch (GeneralSecurityException e) {
                throw new IllegalArgumentException(e);
            }
        } catch (InvalidAlgorithmParameterException | InvalidKeyException e2) {
            throw new IllegalArgumentException(e2);
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e3) {
            throw new IllegalStateException(e3);
        }
    }

    public static String rsaEncryptOAEP(String str, PublicKey publicKey) throws IllegalBlockSizeException, IOException {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-1AndMGF1Padding");
            cipher.init(1, publicKey);
            return Base64.getEncoder().encodeToString(cipher.doFinal(str.getBytes("utf-8")));
        } catch (InvalidKeyException e) {
            throw new IllegalArgumentException("无效的证书", e);
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e2) {
            throw new RuntimeException("当前Java环境不支持RSA v1.5/OAEP", e2);
        } catch (BadPaddingException | IllegalBlockSizeException e3) {
            throw new IllegalBlockSizeException("加密原串的长度不能超过214字节");
        }
    }

    static PrivateKey getPrivateKey(String str) throws IOException {
        try {
            return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(new String(Files.readAllBytes(Paths.get(str, new String[0])), charset).replace("-----BEGIN PRIVATE KEY-----", "").replace("-----END PRIVATE KEY-----", "").replaceAll("\\s+", ""))));
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("当前Java环境不支持RSA", e);
        } catch (InvalidKeySpecException e2) {
            throw new RuntimeException("无效的密钥格式");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String buildSignMessage(ArrayList<String> arrayList) {
        if (arrayList == null || arrayList.size() <= 0) {
            return null;
        }
        StringBuilder sb = new StringBuilder();
        Iterator<String> it = arrayList.iterator();
        while (it.hasNext()) {
            sb.append(it.next()).append("\n");
        }
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String verifyNotify(String str, String str2) throws Exception {
        cn.hutool.json.JSONObject jSONObject = JSONUtil.parseObj(str).getJSONObject("resource");
        String str3 = jSONObject.getStr("ciphertext");
        String str4 = jSONObject.getStr("nonce");
        return new AesUtil(str2.getBytes(StandardCharsets.UTF_8)).decryptToString(jSONObject.getStr("associated_data").getBytes(StandardCharsets.UTF_8), str4.getBytes(StandardCharsets.UTF_8), str3);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String readData(HttpServletRequest httpServletRequest) {
        BufferedReader bufferedReader = null;
        try {
            try {
                StringBuilder sb = new StringBuilder();
                bufferedReader = httpServletRequest.getReader();
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    if (sb.length() > 0) {
                        sb.append("\n");
                    }
                    sb.append(readLine);
                }
                String sb2 = sb.toString();
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }
                return sb2;
            } catch (IOException e2) {
                throw new RuntimeException(e2);
            }
        } catch (Throwable th) {
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (IOException e3) {
                    e3.printStackTrace();
                }
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Object getRequest(String str, String str2, Object obj, String str3, String str4, String str5) throws Exception {
        CloseableHttpClient createDefault = HttpClients.createDefault();
        ArrayList arrayList = new ArrayList();
        if (obj != null) {
            for (Field field : obj.getClass().getDeclaredFields()) {
                field.setAccessible(true);
                arrayList.add(new BasicNameValuePair(field.getName(), field.get(obj).toString()));
            }
        }
        URIBuilder uRIBuilder = new URIBuilder(str + str2);
        uRIBuilder.setParameters(arrayList);
        HttpGet httpGet = new HttpGet(uRIBuilder.build());
        String token = getToken("GET", HttpUrl.parse(str + str2 + "?" + httpGet.getURI().getQuery()), str3, str4, str5, "");
        httpGet.setHeader("Content-type", "application/json");
        httpGet.setHeader("User-Agent", "Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt)");
        httpGet.setHeader("Accept", "application/json");
        httpGet.setHeader("Authorization", "WECHATPAY2-SHA256-RSA2048 " + token);
        CloseableHttpResponse execute = createDefault.execute(httpGet);
        HttpEntity entity = execute.getEntity();
        JSONObject fromObject = entity != null ? JSONObject.fromObject(EntityUtils.toString(entity, charset)) : null;
        EntityUtils.consume(entity);
        execute.close();
        return fromObject;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Object postRequest(String str, String str2, String str3, String str4, String str5, String str6, String str7) throws Exception {
        CloseableHttpClient createDefault = HttpClients.createDefault();
        HttpPost httpPost = new HttpPost(str + str2);
        httpPost.setEntity(new StringEntity(str7, charset));
        String token = getToken("POST", HttpUrl.parse(str + str2), str3, str4, str6, str7);
        httpPost.setHeader("Content-type", "application/json");
        httpPost.setHeader("User-Agent", "Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt)");
        httpPost.setHeader("Accept", "application/json");
        httpPost.setHeader("Authorization", "WECHATPAY2-SHA256-RSA2048 " + token);
        if (StringUtils.isNotEmpty(str5)) {
            httpPost.setHeader("Wechatpay-Serial", str5);
        }
        CloseableHttpResponse execute = createDefault.execute(httpPost);
        HttpEntity entity = execute.getEntity();
        String entityUtils = entity != null ? EntityUtils.toString(entity, charset) : "";
        EntityUtils.consume(entity);
        execute.close();
        return entityUtils;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void sendMessage(HttpServletResponse httpServletResponse, String str) throws Exception {
        HashMap hashMap = new HashMap(12);
        if (StrUtil.isNotEmpty(str)) {
            httpServletResponse.setStatus(200);
            hashMap.put("code", "SUCCESS");
            hashMap.put("message", "SUCCESS");
        } else {
            httpServletResponse.setStatus(500);
            hashMap.put("code", "ERROR");
            hashMap.put("message", "签名错误");
        }
        httpServletResponse.setHeader("Content-type", ContentType.JSON.toString());
        httpServletResponse.getOutputStream().write(JSONUtil.toJsonStr(hashMap).getBytes(StandardCharsets.UTF_8));
        httpServletResponse.flushBuffer();
    }
}
