package cn.cliveyuan.tools.common;

import cn.cliveyuan.tools.common.bean.rsa.GenerateKeyPairReq;
import cn.cliveyuan.tools.common.bean.rsa.RSAKeyPair;
import cn.cliveyuan.tools.common.bean.rsa.RsaKeyTypeEnum;
import cn.cliveyuan.tools.common.bean.rsa.RsaRequest;
import cn.cliveyuan.tools.common.bean.rsa.RsaResponse;
import cn.cliveyuan.tools.common.bean.rsa.RsaSignRequest;
import cn.cliveyuan.tools.common.bean.rsa.RsaSignResponse;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Objects;
import javax.crypto.Cipher;
import org.apache.commons.codec.binary.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cn/cliveyuan/tools/common/RSATools.class */
public class RSATools {
    private static final Logger log = LoggerFactory.getLogger(RSATools.class);

    public static RSAKeyPair generateKeyPair() {
        return generateKeyPair(GenerateKeyPairReq.builder().build());
    }

    public static RSAKeyPair generateKeyPair(GenerateKeyPairReq generateKeyPairReq) {
        try {
            AssertTools.notNull(generateKeyPairReq, "param is required");
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(generateKeyPairReq.getKeyAlgorithm());
            keyPairGenerator.initialize(generateKeyPairReq.getKeySize().intValue());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            return RSAKeyPair.builder().publicKey(Base64.encodeBase64String(generateKeyPair.getPublic().getEncoded())).privateKey(Base64.encodeBase64String(generateKeyPair.getPrivate().getEncoded())).build();
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    public static boolean verifySign(String str, String str2, String str3) {
        RsaSignResponse doSign = doSign(RsaSignRequest.builder().data(str.getBytes()).key(Base64.decodeBase64(str3)).isVerifySign(true).sign(Base64.decodeBase64(str2)).build());
        if (doSign.isSuccess()) {
            return doSign.isVerifySignResult();
        }
        return false;
    }

    public static String sign(String str, String str2) {
        RsaSignResponse doSign = doSign(RsaSignRequest.builder().data(str.getBytes()).key(Base64.decodeBase64(str2)).build());
        if (doSign.isSuccess()) {
            return Base64.encodeBase64String(doSign.getSign());
        }
        return null;
    }

    public static RsaSignResponse doSign(RsaSignRequest rsaSignRequest) {
        AssertTools.notNull(rsaSignRequest, "request is required");
        AssertTools.notNull(rsaSignRequest.getKey(), "key is required");
        AssertTools.notNull(rsaSignRequest.getData(), "data is required");
        try {
            Signature signature = Signature.getInstance(rsaSignRequest.getSignatureAlgorithm());
            KeyFactory keyFactory = KeyFactory.getInstance(rsaSignRequest.getKeyAlgorithm());
            if (rsaSignRequest.isVerifySign()) {
                signature.initVerify(keyFactory.generatePublic(new X509EncodedKeySpec(rsaSignRequest.getKey())));
                signature.update(rsaSignRequest.getData());
                return RsaSignResponse.builder().success(true).verifySignResult(signature.verify(rsaSignRequest.getSign())).build();
            }
            signature.initSign(keyFactory.generatePrivate(new PKCS8EncodedKeySpec(rsaSignRequest.getKey())));
            signature.update(rsaSignRequest.getData());
            return RsaSignResponse.builder().success(true).sign(signature.sign()).build();
        } catch (Exception e) {
            if (rsaSignRequest.isPrintErrorLog()) {
                log.error("doSign", e);
            }
            return RsaSignResponse.builder().success(false).msg(e.getMessage()).build();
        }
    }

    public static RsaResponse encrypt(RsaRequest rsaRequest) {
        rsaRequest.setRsaKeyTypeEnum(RsaKeyTypeEnum.PUBLIC_KEY);
        return cipher(rsaRequest, 1);
    }

    public static RsaResponse decrypt(RsaRequest rsaRequest) {
        rsaRequest.setRsaKeyTypeEnum(RsaKeyTypeEnum.PRIVATE_KEY);
        return cipher(rsaRequest, 2);
    }

    public static RsaResponse cipher(RsaRequest rsaRequest, int i) {
        KeyFactory keyFactory;
        Cipher cipher;
        validate(rsaRequest);
        try {
            String keyAlgorithm = rsaRequest.getKeyAlgorithm();
            String cipherAlgorithm = rsaRequest.getCipherAlgorithm();
            if (Objects.nonNull(rsaRequest.getProvider())) {
                keyFactory = KeyFactory.getInstance(keyAlgorithm, rsaRequest.getProvider());
                cipher = Cipher.getInstance(cipherAlgorithm, rsaRequest.getProvider());
            } else {
                keyFactory = KeyFactory.getInstance(keyAlgorithm);
                cipher = Cipher.getInstance(cipherAlgorithm);
            }
            cipher.init(i, getKey(rsaRequest, keyFactory));
            return RsaResponse.builder().success(true).data(cipher.doFinal(rsaRequest.getData())).build();
        } catch (Exception e) {
            if (rsaRequest.isPrintErrorLog()) {
                log.error("decrypt Exception", e);
            }
            return RsaResponse.builder().success(false).msg(e.getMessage()).build();
        }
    }

    public static String encrypt(String str, String str2) {
        return encryptBase64(str, str2);
    }

    public static String decrypt(String str, String str2) {
        return decryptBase64(str, str2);
    }

    public static String encryptBase64(String str, String str2) {
        RsaResponse encrypt = encrypt(RsaRequest.builder().data(str.getBytes()).key(Base64.decodeBase64(str2)).build());
        if (encrypt.isSuccess()) {
            return Base64.encodeBase64String(encrypt.getData());
        }
        return null;
    }

    public static String decryptBase64(String str, String str2) {
        RsaResponse decrypt = decrypt(RsaRequest.builder().data(Base64.decodeBase64(str)).key(Base64.decodeBase64(str2)).build());
        if (decrypt.isSuccess()) {
            return new String(decrypt.getData(), StandardCharsets.UTF_8);
        }
        return null;
    }

    private static Key getKey(RsaRequest rsaRequest, KeyFactory keyFactory) throws InvalidKeySpecException {
        switch (rsaRequest.getRsaKeyTypeEnum()) {
            case PUBLIC_KEY:
                return keyFactory.generatePublic(new X509EncodedKeySpec(rsaRequest.getKey()));
            case PRIVATE_KEY:
                return keyFactory.generatePrivate(new PKCS8EncodedKeySpec(rsaRequest.getKey()));
            default:
                throw new RuntimeException("Not support key type: " + rsaRequest.getRsaKeyTypeEnum());
        }
    }

    private static void validate(RsaRequest rsaRequest) {
        AssertTools.notNull(rsaRequest);
        AssertTools.notNull(rsaRequest.getKey(), "key is required");
        AssertTools.notNull(rsaRequest.getData(), "data is required");
        AssertTools.notNull(rsaRequest.getRsaKeyTypeEnum(), "rsaKeyType is required");
    }
}
