package com.gitee.cliveyuan.tools.codec;

import com.gitee.cliveyuan.tools.Assert;
import com.gitee.cliveyuan.tools.bean.rsa.GenerateKeyPairReq;
import com.gitee.cliveyuan.tools.bean.rsa.RSAKeyPair;
import com.gitee.cliveyuan.tools.bean.rsa.RSARequest;
import com.gitee.cliveyuan.tools.bean.rsa.RSASignReq;
import com.gitee.cliveyuan.tools.bean.rsa.RSAVerifySignReq;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Objects;
import javax.crypto.Cipher;
import org.apache.commons.codec.binary.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/gitee/cliveyuan/tools/codec/RSATools.class */
public class RSATools {
    private static final int DEFAULT_KEY_SIZE = 2048;
    private static final String DEFAULT_ALGORITHM = "RSA";
    private static final String DEFAULT_SIGNATURE_ALGORITHM = "SHA256withRSA";
    private static final Logger log = LoggerFactory.getLogger(RSATools.class);
    private static final String DEFAULT_CHARSET = StandardCharsets.UTF_8.displayName();

    public static RSAKeyPair generateKeyPair() {
        try {
            return generateKeyPair(GenerateKeyPairReq.builder().build());
        } catch (NoSuchAlgorithmException e) {
            log.error("verifySign Exception", e);
            throw new IllegalArgumentException("NoSuchAlgorithmException");
        }
    }

    public static RSAKeyPair generateKeyPair(GenerateKeyPairReq generateKeyPairReq) throws NoSuchAlgorithmException {
        Assert.notNull(generateKeyPairReq);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(Objects.nonNull(generateKeyPairReq.getKeyAlgorithm()) ? generateKeyPairReq.getKeyAlgorithm() : DEFAULT_ALGORITHM);
        keyPairGenerator.initialize(Objects.nonNull(generateKeyPairReq.getKeySize()) ? generateKeyPairReq.getKeySize().intValue() : DEFAULT_KEY_SIZE);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        return RSAKeyPair.builder().publicKey(new String(Base64.encodeBase64(generateKeyPair.getPublic().getEncoded(), false))).privateKey(new String(Base64.encodeBase64(generateKeyPair.getPrivate().getEncoded(), false))).build();
    }

    public static boolean verifySign(String str, String str2, String str3) {
        return verifySign(RSAVerifySignReq.builder().data(str).sign(str2).publicKeyString(str3).build());
    }

    public static boolean verifySign(RSAVerifySignReq rSAVerifySignReq) {
        Assert.notNull(rSAVerifySignReq);
        Assert.notNull(rSAVerifySignReq.getData(), "data is required");
        Assert.notNull(rSAVerifySignReq.getSign(), "sign is required");
        Assert.notNull(rSAVerifySignReq.getPublicKeyString(), "publicKeyString is required");
        try {
            PublicKey generatePublic = KeyFactory.getInstance(Objects.nonNull(rSAVerifySignReq.getKeyAlgorithm()) ? rSAVerifySignReq.getKeyAlgorithm() : DEFAULT_ALGORITHM).generatePublic(new X509EncodedKeySpec(Base64.decodeBase64(rSAVerifySignReq.getPublicKeyString().getBytes())));
            Signature signature = Signature.getInstance(Objects.nonNull(rSAVerifySignReq.getSignatureAlgorithm()) ? rSAVerifySignReq.getSignatureAlgorithm() : DEFAULT_SIGNATURE_ALGORITHM);
            signature.initVerify(generatePublic);
            signature.update(rSAVerifySignReq.getData().getBytes(Objects.nonNull(rSAVerifySignReq.getCharset()) ? rSAVerifySignReq.getCharset() : DEFAULT_CHARSET));
            return signature.verify(Base64.decodeBase64(rSAVerifySignReq.getSign().getBytes()));
        } catch (Exception e) {
            log.error("verifySign Exception", e);
            return false;
        }
    }

    public static String sign(String str, String str2) {
        return sign(RSASignReq.builder().data(str).privateKeyString(str2).build());
    }

    public static String sign(RSASignReq rSASignReq) {
        Assert.notNull(rSASignReq);
        Assert.notNull(rSASignReq.getData(), "data is required");
        Assert.notNull(rSASignReq.getPrivateKeyString(), "privateKeyString is required");
        try {
            PrivateKey generatePrivate = KeyFactory.getInstance(Objects.nonNull(rSASignReq.getKeyAlgorithm()) ? rSASignReq.getKeyAlgorithm() : DEFAULT_ALGORITHM).generatePrivate(new PKCS8EncodedKeySpec(Base64.decodeBase64(rSASignReq.getPrivateKeyString().getBytes())));
            Signature signature = Signature.getInstance(Objects.nonNull(rSASignReq.getSignatureAlgorithm()) ? rSASignReq.getSignatureAlgorithm() : DEFAULT_SIGNATURE_ALGORITHM);
            signature.initSign(generatePrivate);
            signature.update(rSASignReq.getData().getBytes(Objects.nonNull(rSASignReq.getCharset()) ? rSASignReq.getCharset() : DEFAULT_CHARSET));
            return new String(Base64.encodeBase64(signature.sign()));
        } catch (Exception e) {
            log.error("sign Exception", e);
            return null;
        }
    }

    public static byte[] encrypt(RSARequest rSARequest) {
        Assert.notNull(rSARequest);
        Assert.notNull(rSARequest.getData(), "data is required");
        Assert.notNull(rSARequest.getKeyString(), "publicKeyString is required");
        try {
            X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(decodeBase64(rSARequest.getKeyString()));
            KeyFactory keyFactory = KeyFactory.getInstance(Objects.nonNull(rSARequest.getKeyAlgorithm()) ? rSARequest.getKeyAlgorithm() : DEFAULT_ALGORITHM);
            PublicKey generatePublic = keyFactory.generatePublic(x509EncodedKeySpec);
            Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
            cipher.init(1, generatePublic);
            return cipher.doFinal(rSARequest.getData());
        } catch (Exception e) {
            log.error("encrypt Exception", e);
            return null;
        }
    }

    public static String encrypt(String str, String str2) {
        try {
            return Base64.encodeBase64String(encrypt(RSARequest.builder().data(str.getBytes()).keyString(str2).build()));
        } catch (Exception e) {
            log.error("encrypt Exception", e);
            return null;
        }
    }

    public static byte[] decrypt(RSARequest rSARequest) {
        Assert.notNull(rSARequest);
        Assert.notNull(rSARequest.getData(), "data is required");
        Assert.notNull(rSARequest.getKeyString(), "privateKeyString is required");
        try {
            PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(decodeBase64(rSARequest.getKeyString()));
            KeyFactory keyFactory = KeyFactory.getInstance(Objects.nonNull(rSARequest.getKeyAlgorithm()) ? rSARequest.getKeyAlgorithm() : DEFAULT_ALGORITHM);
            PrivateKey generatePrivate = keyFactory.generatePrivate(pKCS8EncodedKeySpec);
            Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
            cipher.init(2, generatePrivate);
            return cipher.doFinal(rSARequest.getData());
        } catch (Exception e) {
            log.error("decrypt Exception", e);
            return null;
        }
    }

    public static String decrypt(String str, String str2) {
        try {
            byte[] decrypt = decrypt(RSARequest.builder().data(Base64.decodeBase64(str)).keyString(str2).build());
            if (Objects.isNull(decrypt)) {
                return null;
            }
            return new String(decrypt);
        } catch (Exception e) {
            log.error("decrypt Exception", e);
            return null;
        }
    }

    private static byte[] decodeBase64(String str) {
        return Base64.decodeBase64(str);
    }

    private static String encodeBase64(byte[] bArr) {
        return new String(Base64.encodeBase64(bArr));
    }
}
