package com.fr.security;

import com.fr.log.FineLoggerFactory;
import com.fr.security.encryption.smx.BCECUtil;
import com.fr.security.encryption.smx.SM2Util;
import com.fr.security.encryption.smx.SM3Util;
import com.fr.security.encryption.smx.SM4Util;
import com.fr.security.encryption.storage.keys.impl.RSASecurityKey;
import com.fr.security.encryption.storage.keys.impl.SM2SecurityKey;
import com.fr.stable.ArrayUtils;
import com.fr.stable.StringUtils;
import com.fr.third.org.bouncycastle.crypto.InvalidCipherTextException;
import com.fr.third.org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import com.fr.third.org.bouncycastle.pqc.math.linearalgebra.ByteUtils;
import com.fr.zip4j.util.InternalZipConstants;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:com/fr/security/SecurityToolbox.class */
public class SecurityToolbox {
    private static final int FRAGMENT_LENGTH = 245;
    private static final int FRAGMENT_LENGTH_DECRYPT = 256;
    private static final int AES_KEY_LENGTH = 16;

    public static SecretKey getPrivateSHA256TokenKey() {
        try {
            return new SecretKeySpec(SecurityConfig.getInstance().getPrivateSHA256TokenKey().getBytes("UTF-8"), "HmacSHA256");
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    public static String encrypt(String str) {
        return encrypt(str, SecurityConfig.getInstance().getPublicKey());
    }

    public static String defaultEncrypt(String str) {
        return encrypt(str, RSASecurityKey.getInstance().getDefaultEncodeKey());
    }

    public static String encrypt(String str, String str2) {
        return StringUtils.isEmpty(str2) ? encrypt(str, string2PublicKey(RSASecurityKey.getInstance().getDefaultEncodeKey())) : encrypt(str, string2PublicKey(str2));
    }

    public static String encrypt(String str, Key key) {
        return StringUtils.isEmpty(str) ? str : byte2Base64(encrypt(str.getBytes(StandardCharsets.UTF_8), key));
    }

    public static String decrypt(String str) {
        return decrypt(str, SecurityConfig.getInstance().getPrivateKey());
    }

    public static String defaultDecrypt(String str) {
        return decrypt(str, RSASecurityKey.getInstance().getDefaultDecodeKey());
    }

    public static String decrypt(String str, String str2) {
        if (StringUtils.isEmpty(str)) {
            return str;
        }
        if (!StringUtils.isEmpty(str2) && !StringUtils.equals(str2, RSASecurityKey.getInstance().getDecodeKey())) {
            return decrypt(str, string2PrivateKey(str2));
        }
        try {
            return decryptWithException(str, string2PrivateKey(RSASecurityKey.getInstance().getDecodeKey()));
        } catch (Exception e) {
            if (RSASecurityKey.getInstance().isLoadedFromFile()) {
                try {
                    return decryptWithException(str, string2PrivateKey(RSASecurityKey.getInstance().getDefaultDecodeKey()));
                } catch (Exception e2) {
                    FineLoggerFactory.getLogger().warn(e.getMessage(), e);
                    FineLoggerFactory.getLogger().error("Decrypt failed:" + e.getMessage());
                    return null;
                }
            }
            FineLoggerFactory.getLogger().warn(e.getMessage(), e);
            FineLoggerFactory.getLogger().error("Decrypt failed:" + e.getMessage());
            return null;
        }
    }

    public static String decrypt(String str, Key key) {
        try {
            return decryptWithException(str, key);
        } catch (Exception e) {
            FineLoggerFactory.getLogger().warn(e.getMessage(), e);
            FineLoggerFactory.getLogger().error("Decrypt failed:" + e.getMessage());
            return null;
        }
    }

    private static String decryptWithException(String str, Key key) throws Exception {
        return StringUtils.isEmpty(str) ? str : new String(decryptWithException(base642Byte(str), key), StandardCharsets.UTF_8);
    }

    public static byte[] encrypt(byte[] bArr) {
        return encrypt(bArr, string2PublicKey(SecurityConfig.getInstance().getPublicKey()));
    }

    public static byte[] encrypt(byte[] bArr, Key key) {
        if (ArrayUtils.isEmpty(bArr)) {
            return bArr;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA");
            cipher.init(1, key);
            return dealEncryptFragment(bArr, cipher);
        } catch (Exception e) {
            FineLoggerFactory.getLogger().warn(e.getMessage(), e);
            FineLoggerFactory.getLogger().error("Encrypt failed:" + e.getMessage());
            return null;
        }
    }

    private static byte[] dealEncryptFragment(byte[] bArr, Cipher cipher) throws IllegalBlockSizeException, BadPaddingException {
        byte[] bArr2 = new byte[0];
        for (int i = 0; i < bArr.length; i += FRAGMENT_LENGTH) {
            bArr2 = ArrayUtils.addAll(bArr2, cipher.doFinal(ArrayUtils.subarray(bArr, i, i + FRAGMENT_LENGTH)));
        }
        return bArr2;
    }

    public static byte[] decrypt(byte[] bArr) {
        return ArrayUtils.isEmpty(bArr) ? bArr : decrypt(bArr, string2PrivateKey(SecurityConfig.getInstance().getPrivateKey()));
    }

    public static byte[] decrypt(byte[] bArr, Key key) {
        try {
            return decryptWithException(bArr, key);
        } catch (Exception e) {
            FineLoggerFactory.getLogger().warn(e.getMessage(), e);
            FineLoggerFactory.getLogger().error("Decrypt failed:" + e.getMessage());
            return null;
        }
    }

    private static byte[] decryptWithException(byte[] bArr, Key key) throws Exception {
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(2, key);
        return dealDecryptFragment(bArr, cipher);
    }

    private static byte[] dealDecryptFragment(byte[] bArr, Cipher cipher) throws IllegalBlockSizeException, BadPaddingException {
        byte[] bArr2 = new byte[0];
        for (int i = 0; i < bArr.length; i += 256) {
            bArr2 = ArrayUtils.addAll(bArr2, cipher.doFinal(ArrayUtils.subarray(bArr, i, i + 256)));
        }
        return bArr2;
    }

    public static String sha256(String str) {
        if (StringUtils.isEmpty(str)) {
            return str;
        }
        try {
            return byteArrayToHexString(sha256(str.getBytes("UTF-8")));
        } catch (UnsupportedEncodingException e) {
            FineLoggerFactory.getLogger().error(e.getMessage(), e);
            return str;
        }
    }

    private static byte[] sha256(byte[] bArr) {
        if (bArr == null || ArrayUtils.isEmpty(bArr)) {
            return bArr;
        }
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(bArr);
            return messageDigest.digest();
        } catch (Exception e) {
            FineLoggerFactory.getLogger().warn(e.getMessage(), e);
            FineLoggerFactory.getLogger().error("SHA256 hash failed:" + e.getMessage());
            return bArr;
        }
    }

    public static String sha256Hmac(String str) {
        return sha256Hmac(str, SecurityConfig.getInstance().getPrivateSHA256Key());
    }

    public static String sha256Hmac(String str, String str2) {
        String str3 = StringUtils.EMPTY;
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(new SecretKeySpec(str2.getBytes("UTF-8"), "HmacSHA256"));
            str3 = byteArrayToHexString(mac.doFinal(str.getBytes("UTF-8")));
        } catch (Exception e) {
            FineLoggerFactory.getLogger().warn(e.getMessage(), e);
            FineLoggerFactory.getLogger().error("SHA256Hmac failed:" + e.getMessage());
        }
        return str3;
    }

    public static String byteArrayToHexString(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (int i = 0; bArr != null && i < bArr.length; i++) {
            String hexString = Integer.toHexString(bArr[i] & 255);
            if (hexString.length() == 1) {
                sb.append('0');
            }
            sb.append(hexString);
        }
        return sb.toString().toLowerCase();
    }

    public static KeyPair getKeyPair() throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(InternalZipConstants.UFT8_NAMES_FLAG);
        return keyPairGenerator.generateKeyPair();
    }

    public static String getPublicKey(KeyPair keyPair) {
        return byte2Base64(keyPair.getPublic().getEncoded());
    }

    public static String getPrivateKey(KeyPair keyPair) {
        return byte2Base64(keyPair.getPrivate().getEncoded());
    }

    public static PublicKey string2PublicKey(String str) {
        try {
            return KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(base642Byte(str)));
        } catch (Exception e) {
            FineLoggerFactory.getLogger().warn(e.getMessage(), e);
            return null;
        }
    }

    public static PrivateKey string2PrivateKey(String str) {
        try {
            return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(base642Byte(str)));
        } catch (Exception e) {
            FineLoggerFactory.getLogger().warn(e.getMessage(), e);
            return null;
        }
    }

    public static String byte2Base64(byte[] bArr) {
        return new BASE64Encoder().encode(bArr);
    }

    public static byte[] base642Byte(String str) throws IOException {
        return new BASE64Decoder().decodeBuffer(str);
    }

    public static String aesEncrypt(String str, String str2) {
        Key easKey = getEasKey(str2);
        try {
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(1, easKey);
            return byte2Base64(cipher.doFinal(str.getBytes("UTF-8")));
        } catch (Exception e) {
            FineLoggerFactory.getLogger().error(e.getMessage(), e);
            return null;
        }
    }

    public static String aesDecrypt(String str, String str2) {
        try {
            Key easKey = getEasKey(str2);
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(2, easKey);
            return new String(cipher.doFinal(base642Byte(str)), "UTF-8");
        } catch (Exception e) {
            FineLoggerFactory.getLogger().error(e.getMessage(), e);
            return null;
        }
    }

    private static Key getEasKey(String str) {
        try {
            byte[] bytes = str.getBytes("UTF-8");
            byte[] bArr = new byte[16];
            for (int i = 0; i < bytes.length && i < bArr.length; i++) {
                bArr[i] = bytes[i];
            }
            return new SecretKeySpec(bArr, "AES");
        } catch (Exception e) {
            FineLoggerFactory.getLogger().error(e.getMessage(), e);
            return null;
        }
    }

    public static String sm2Encrypt(String str) {
        return sm2Encrypt(str, SM2SecurityKey.getInstance().getDecodeKey());
    }

    public static String sm2Encrypt(String str, String str2) {
        try {
            return sm2EncryptWithException(str, str2);
        } catch (Exception e) {
            FineLoggerFactory.getLogger().warn(e.getMessage(), e);
            FineLoggerFactory.getLogger().error("Decrypt failed:" + e.getMessage());
            return null;
        }
    }

    public static String sm2EncryptWithException(String str, String str2) throws InvalidCipherTextException, IOException, NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException {
        return StringUtils.isEmpty(str) ? str : byte2Base64(SM2Util.encrypt(BCECUtil.buildECPublicKeyByPrivateKey(BCECUtil.convertSEC1ToECPrivateKey(ByteUtils.fromHexString(new String(base642Byte(str2), StandardCharsets.UTF_8)))), str.getBytes()));
    }

    public static String sm2Decrypt(String str) {
        return sm2Decrypt(str, SM2SecurityKey.getInstance().getDecodeKey());
    }

    public static String sm2Decrypt(String str, String str2) {
        if (StringUtils.isEmpty(str)) {
            return str;
        }
        if (!StringUtils.isEmpty(str2) && !StringUtils.equals(str2, SM2SecurityKey.getInstance().getDecodeKey())) {
            return sm2Decrypt(str, key2ECPrivateKeyParameters(str2));
        }
        try {
            return sm2DecryptWithException(str, key2ECPrivateKeyParameters(str2));
        } catch (Exception e) {
            if (!SM2SecurityKey.getInstance().isLoadedFromFile()) {
                return null;
            }
            try {
                return sm2DecryptWithException(str, key2ECPrivateKeyParameters(SM2SecurityKey.getInstance().getDefaultDecodeKey()));
            } catch (Exception e2) {
                return null;
            }
        }
    }

    public static String sm2Decrypt(String str, ECPrivateKeyParameters eCPrivateKeyParameters) {
        if (eCPrivateKeyParameters == null) {
            return null;
        }
        try {
            return sm2DecryptWithException(str, eCPrivateKeyParameters);
        } catch (Exception e) {
            FineLoggerFactory.getLogger().warn(e.getMessage(), e);
            FineLoggerFactory.getLogger().error("Decrypt failed:" + e.getMessage());
            return null;
        }
    }

    public static String sm2DecryptWithException(String str, ECPrivateKeyParameters eCPrivateKeyParameters) throws IOException, InvalidCipherTextException, NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException {
        return new String(SM2Util.decrypt(eCPrivateKeyParameters, base642Byte(str)), StandardCharsets.UTF_8);
    }

    public static ECPrivateKeyParameters key2ECPrivateKeyParameters(String str) {
        try {
            return BCECUtil.convertSEC1ToECPrivateKey(ByteUtils.fromHexString(new String(base642Byte(str), StandardCharsets.UTF_8)));
        } catch (Exception e) {
            FineLoggerFactory.getLogger().warn(e.getMessage(), e);
            return null;
        }
    }

    public static String sm3Encrypt(String str) {
        if (StringUtils.isEmpty(str)) {
            return str;
        }
        try {
            return byteArrayToHexString(SM3Util.hash(str.getBytes("UTF-8")));
        } catch (UnsupportedEncodingException e) {
            FineLoggerFactory.getLogger().error(e.getMessage(), e);
            return str;
        }
    }

    public static String sm4Encrypt(String str, String str2) {
        return byte2Base64(SM4Util.encryptData_ECB(str, str2));
    }

    public static String sm4Decrypt(String str, String str2) {
        return new String(SM4Util.decryptData_ECB(str, str2), StandardCharsets.UTF_8);
    }

    public static String convertX509Key(String str) throws IOException {
        ECPrivateKeyParameters eCPrivateKeyParameters = new ECPrivateKeyParameters(new BigInteger(ByteUtils.fromHexString(str)), SM2Util.DOMAIN_PARAMS);
        return byte2Base64(ByteUtils.toHexString(BCECUtil.convertECPrivateKeyToSEC1(eCPrivateKeyParameters, BCECUtil.buildECPublicKeyByPrivateKey(eCPrivateKeyParameters))).getBytes());
    }
}
