package cn.wjee.commons.crypto;

import cn.wjee.commons.constants.Strings;
import cn.wjee.commons.enums.ApiStatusEnum;
import cn.wjee.commons.exception.BusinessException;
import cn.wjee.commons.io.IOUtils;
import cn.wjee.commons.lang.StringUtils;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cn/wjee/commons/crypto/RSA.class */
public class RSA {
    private static final Logger log = LoggerFactory.getLogger(RSA.class);
    public static final String PUBLIC_KEY = "PublicKey";
    public static final String PRIVATE_KEY = "PrivateKey";
    private RsaType rsaType;

    public RSA(RsaType rsaType) {
        this.rsaType = RsaType.RSA;
        this.rsaType = rsaType;
    }

    public static RSA newRSA() {
        return new RSA(RsaType.RSA);
    }

    public static RSA newRSA2() {
        return new RSA(RsaType.RSA2);
    }

    public Map<String, String> newRsaKeys() throws NoSuchAlgorithmException {
        HashMap hashMap = new HashMap();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(this.rsaType.keyAlgorithm);
        keyPairGenerator.initialize(this.rsaType.keySize);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        RSAPublicKey rSAPublicKey = (RSAPublicKey) generateKeyPair.getPublic();
        RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) generateKeyPair.getPrivate();
        String encodeToString = Base64.getEncoder().encodeToString(rSAPublicKey.getEncoded());
        String encodeToString2 = Base64.getEncoder().encodeToString(rSAPrivateKey.getEncoded());
        log.info("RSA::PrivateKey::{}", encodeToString2);
        log.info("RSA::PublicKey::{}", encodeToString);
        hashMap.put(PUBLIC_KEY, encodeToString);
        hashMap.put(PRIVATE_KEY, encodeToString2);
        return hashMap;
    }

    public String decryptByPrivateKey(String str, String str2) throws Exception {
        byte[] decode = Base64.getDecoder().decode(str);
        PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(str2));
        KeyFactory keyFactory = KeyFactory.getInstance(this.rsaType.keyAlgorithm);
        PrivateKey generatePrivate = keyFactory.generatePrivate(pKCS8EncodedKeySpec);
        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
        cipher.init(2, generatePrivate);
        return EncodeUtils.getString(doFinalBySegment(cipher, decode, false));
    }

    public String encryptByPublicKey(String str, String str2) throws Exception {
        byte[] bytes = EncodeUtils.getBytes(str);
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(Base64.getDecoder().decode(str2));
        KeyFactory keyFactory = KeyFactory.getInstance(this.rsaType.keyAlgorithm);
        PublicKey generatePublic = keyFactory.generatePublic(x509EncodedKeySpec);
        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
        cipher.init(1, generatePublic);
        return Base64.getEncoder().encodeToString(doFinalBySegment(cipher, bytes, true));
    }

    public String sign(String str, String str2) throws Exception {
        PrivateKey generatePrivate = KeyFactory.getInstance(this.rsaType.keyAlgorithm).generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(str2)));
        Signature signature = Signature.getInstance(this.rsaType.signatureAlgorithm);
        signature.initSign(generatePrivate);
        signature.update(EncodeUtils.getBytes(str));
        return Base64.getEncoder().encodeToString(signature.sign());
    }

    public boolean verifySign(String str, String str2, String str3) throws Exception {
        PublicKey generatePublic = KeyFactory.getInstance(this.rsaType.keyAlgorithm).generatePublic(new X509EncodedKeySpec(Base64.getDecoder().decode(str3)));
        Signature signature = Signature.getInstance(this.rsaType.signatureAlgorithm);
        signature.initVerify(generatePublic);
        signature.update(EncodeUtils.getBytes(str));
        return signature.verify(Base64.getDecoder().decode(str2));
    }

    private byte[] doFinalBySegment(Cipher cipher, byte[] bArr, boolean z) throws Exception {
        try {
            int i = z ? this.rsaType.maxEncryptBlock : this.rsaType.maxDecryptBlock;
            if (bArr.length <= i) {
                byte[] doFinal = cipher.doFinal(bArr);
                IOUtils.closeQuietly(null);
                return doFinal;
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            int i2 = 0;
            int i3 = 0;
            int length = bArr.length;
            while (length - i3 > 0) {
                byte[] doFinal2 = cipher.doFinal(bArr, i3, Math.min(length - i3, i));
                byteArrayOutputStream.write(doFinal2, 0, doFinal2.length);
                i2++;
                i3 = i2 * i;
            }
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            IOUtils.closeQuietly(byteArrayOutputStream);
            return byteArray;
        } catch (Throwable th) {
            IOUtils.closeQuietly(null);
            throw th;
        }
    }

    public void generateJks(String str, String str2) throws IOException {
        if (!StringUtils.endsWith(str, ".jks")) {
            throw new BusinessException(ApiStatusEnum.FAILURE_500.getCode(), "保存路径不正确");
        }
        String name = new File(str).getName();
        Runtime.getRuntime().exec("keytool -genkey -v -alias " + StringUtils.substring(name, 0, name.lastIndexOf(Strings.DOT)) + " -keyalg RSA -keysize " + this.rsaType.keySize + " -validity 36500 -keystore " + str + " -keypass " + str2 + " -storepass " + str2 + " -dname \"CN=CN,OU=CN,O=CN,L=CN,ST=CN,C=zh_CN\" -deststoretype pkcs12");
    }
}
