package com.ajaxjs.util.cryptography;

import com.ajaxjs.util.BytesHelper;
import com.ajaxjs.util.CollUtils;
import com.ajaxjs.util.EncodeTools;
import com.ajaxjs.util.StrUtil;
import com.ajaxjs.util.io.Resources;
import com.ajaxjs.util.io.StreamHelper;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:com/ajaxjs/util/cryptography/CommonUtil.class */
public class CommonUtil {
    private static String privateKeyContent;

    public static byte[] doCipher(String str, int i, Key key, byte[] bArr) {
        return doCipher(str, i, key, bArr, null);
    }

    public static byte[] doCipher(String str, int i, Key key, byte[] bArr, AlgorithmParameterSpec algorithmParameterSpec) {
        try {
            Cipher cipher = Cipher.getInstance(str);
            if (algorithmParameterSpec != null) {
                cipher.init(i, key, algorithmParameterSpec);
            } else {
                cipher.init(i, key);
            }
            return cipher.doFinal(bArr);
        } catch (InvalidAlgorithmParameterException e) {
            throw new IllegalArgumentException("无效的算法参数", e);
        } catch (InvalidKeyException e2) {
            throw new IllegalArgumentException("无效的证书", e2);
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e3) {
            throw new RuntimeException("当前 Java 环境不支持 RSA v1.5/OAEP", e3);
        } catch (BadPaddingException | IllegalBlockSizeException e4) {
            throw new RuntimeException("加密原串的长度不能超过214字节", e4);
        }
    }

    public static String doCipher(String str, int i, byte[] bArr, AlgorithmParameterSpec algorithmParameterSpec, String str2, byte[] bArr2) {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        try {
            Cipher cipher = Cipher.getInstance(str);
            if (algorithmParameterSpec != null) {
                cipher.init(i, secretKeySpec, algorithmParameterSpec);
            } else {
                cipher.init(i, secretKeySpec);
            }
            if (bArr2 != null) {
                cipher.updateAAD(bArr2);
            }
            return StrUtil.byte2String(cipher.doFinal(EncodeTools.base64Decode(str2)));
        } catch (InvalidAlgorithmParameterException e) {
            throw new IllegalArgumentException("无效的算法参数", e);
        } catch (InvalidKeyException e2) {
            throw new IllegalArgumentException("无效的证书", e2);
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e3) {
            throw new RuntimeException("当前 Java 环境不支持 " + str, e3);
        } catch (BadPaddingException | IllegalBlockSizeException e4) {
            throw new RuntimeException("加密原串的长度不能超过214字节", e4);
        }
    }

    public static String XOR_encode(String str, String str2) {
        byte[] bytes = str.getBytes();
        for (int i = 0; i < bytes.length; i++) {
            bytes[i] = (byte) (bytes[i] ^ str2.hashCode());
        }
        return BytesHelper.bytesToHexStr(bytes);
    }

    public static String XOR_decode(String str, String str2) {
        byte[] parseHexStr2Byte = BytesHelper.parseHexStr2Byte(str);
        for (int i = 0; i < ((byte[]) Objects.requireNonNull(parseHexStr2Byte)).length; i++) {
            parseHexStr2Byte[i] = (byte) (parseHexStr2Byte[i] ^ str2.hashCode());
        }
        return new String(parseHexStr2Byte);
    }

    public static int XOR(int i, String str) {
        return i ^ str.hashCode();
    }

    public static PrivateKey loadPrivateKeyByPath(String str) {
        if (privateKeyContent == null) {
            privateKeyContent = Resources.getResourceText(str);
        }
        return loadPrivateKey(privateKeyContent);
    }

    public static PrivateKey loadPrivateKey(String str) {
        Objects.requireNonNull(str, "没有私钥内容");
        try {
            return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(str.replace("-----BEGIN PRIVATE KEY-----", StrUtil.EMPTY_STRING).replace("-----END PRIVATE KEY-----", StrUtil.EMPTY_STRING).replaceAll("\\s+", StrUtil.EMPTY_STRING))));
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("当前 Java 环境不支持 RSA", e);
        } catch (InvalidKeySpecException e2) {
            throw new RuntimeException("无效的密钥格式", e2);
        }
    }

    public static PrivateKey loadPrivateKey(InputStream inputStream) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(2048);
        byte[] bArr = new byte[StreamHelper.BUFFER_SIZE];
        while (true) {
            try {
                int read = inputStream.read(bArr);
                if (read == -1) {
                    return loadPrivateKey(byteArrayOutputStream.toString(EncodeTools.UTF8_SYMBOL));
                }
                byteArrayOutputStream.write(bArr, 0, read);
            } catch (IOException e) {
                throw new IllegalArgumentException("无效的密钥", e);
            }
        }
    }

    public static Map<BigInteger, X509Certificate> deserializeToCerts(String str, Map<String, Object> map) {
        byte[] uTF8_Bytes = StrUtil.getUTF8_Bytes(str);
        List list = (List) map.get("data");
        HashMap hashMap = new HashMap();
        if (!CollUtils.isEmpty(list)) {
            Iterator it = list.iterator();
            while (it.hasNext()) {
                Map map2 = (Map) ((Map) it.next()).get("encrypt_certificate");
                try {
                    X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(WeiXinCrypto.aesDecryptToString(uTF8_Bytes, StrUtil.getUTF8_Bytes(remove(map2.get("associated_data"))), StrUtil.getUTF8_Bytes(remove(map2.get("nonce"))), remove(map2.get("ciphertext"))).getBytes(StandardCharsets.UTF_8)));
                    x509Certificate.checkValidity();
                    hashMap.put(x509Certificate.getSerialNumber(), x509Certificate);
                } catch (CertificateExpiredException | CertificateNotYetValidException e) {
                } catch (CertificateException e2) {
                    throw new RuntimeException("当证书过期或尚未生效时", e2);
                }
            }
        }
        return hashMap;
    }

    private static String remove(Object obj) {
        return obj.toString().replace("\"", StrUtil.EMPTY_STRING);
    }
}
