package com.github.binarywang.wxpay.v3.util;

import com.github.binarywang.wxpay.exception.WxPayException;
import com.github.binarywang.wxpay.v3.SpecEncrypt;
import java.lang.reflect.Field;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Base64;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;

/* loaded from: input_file:com/github/binarywang/wxpay/v3/util/RsaCryptoUtil.class */
public class RsaCryptoUtil {
    static String JAVA_LANG_STRING = "java.lang.String";

    public static void encryptFields(Object obj, X509Certificate x509Certificate) throws WxPayException {
        try {
            encryptField(obj, x509Certificate);
        } catch (IllegalAccessException | IllegalBlockSizeException e) {
            throw new WxPayException("敏感信息加密失败", e);
        } catch (Exception e2) {
            throw new WxPayException("敏感信息加密失败", e2);
        }
    }

    private static void encryptField(Object obj, X509Certificate x509Certificate) throws IllegalAccessException, IllegalBlockSizeException {
        for (Field field : obj.getClass().getDeclaredFields()) {
            if (field.isAnnotationPresent(SpecEncrypt.class)) {
                if (field.getType().getTypeName().equals(JAVA_LANG_STRING)) {
                    field.setAccessible(true);
                    Object obj2 = field.get(obj);
                    if (obj2 != null) {
                        String str = (String) obj2;
                        if (!str.trim().equals("'")) {
                            field.set(obj, encryptOAEP(str, x509Certificate));
                        }
                    }
                } else {
                    field.setAccessible(true);
                    if (field.get(obj) != null) {
                        encryptField(field.get(obj), x509Certificate);
                    }
                }
            }
        }
    }

    public static String encryptOAEP(String str, X509Certificate x509Certificate) throws IllegalBlockSizeException {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-1AndMGF1Padding");
            cipher.init(1, x509Certificate.getPublicKey());
            return Base64.getEncoder().encodeToString(cipher.doFinal(str.getBytes(StandardCharsets.UTF_8)));
        } catch (InvalidKeyException e) {
            throw new IllegalArgumentException("无效的证书", e);
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e2) {
            throw new RuntimeException("当前Java环境不支持RSA v1.5/OAEP", e2);
        } catch (BadPaddingException | IllegalBlockSizeException e3) {
            throw new IllegalBlockSizeException("加密原串的长度不能超过214字节");
        }
    }

    public static String decryptOAEP(String str, PrivateKey privateKey) throws BadPaddingException {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-1AndMGF1Padding");
            cipher.init(2, privateKey);
            return new String(cipher.doFinal(Base64.getDecoder().decode(str)), StandardCharsets.UTF_8);
        } catch (InvalidKeyException e) {
            throw new IllegalArgumentException("无效的私钥", e);
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e2) {
            throw new RuntimeException("当前Java环境不支持RSA v1.5/OAEP", e2);
        } catch (BadPaddingException | IllegalBlockSizeException e3) {
            throw new BadPaddingException("解密失败");
        }
    }
}
