package com.baidu.unionloan.common.util;

import com.baidu.unionloan.file.service.EncryptDecryptException;
import com.baidu.unionloan.file.service.FileEncryptDecrypt;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.security.DigestInputStream;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.TreeMap;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.compress.archivers.tar.TarArchiveEntry;
import org.apache.commons.compress.archivers.tar.TarArchiveInputStream;
import org.apache.commons.compress.archivers.tar.TarArchiveOutputStream;
import org.apache.commons.compress.compressors.gzip.GzipCompressorInputStream;
import org.apache.commons.compress.compressors.gzip.GzipCompressorOutputStream;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.RandomUtils;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/baidu/unionloan/common/util/Security.class */
public class Security {
    public static final String SIGN_ALGORITHM = "SHA256withRSA";
    public static final String CHARSET = "UTF-8";
    public static final String AES_ALGORITHM_CFB_PKCS5 = "AES/CFB/PKCS5Padding";
    public static final String RSA_ALGORITHM_ECB_PKCS1 = "RSA/ECB/PKCS1Padding";
    public static final String AES_ALGORITHM_ECB_PKCS5 = "AES/ECB/PKCS5Padding";
    public static final String RSA = "RSA";
    public static final String AES = "AES";
    private static final int KEY_SIZE = 2048;
    private static final String EQUAL = "=";
    private static final String AND = "&";

    /* loaded from: input_file:com/baidu/unionloan/common/util/Security$KEY.class */
    public enum KEY {
        PUBLICKEY,
        PRIVATEKEY
    }

    public static KeyFactory getRSAKeyFactory() {
        try {
            return KeyFactory.getInstance(RSA);
        } catch (NoSuchAlgorithmException e) {
            throw new EncryptDecryptException(e, "没有这个算法：RSA", "密钥初始化");
        }
    }

    public static KeyGenerator getAESKeyGenerator() {
        try {
            return KeyGenerator.getInstance(AES);
        } catch (NoSuchAlgorithmException e) {
            throw new EncryptDecryptException(e, "没有这个算法：AES", "密钥初始化");
        }
    }

    public static String generateIv() {
        return Base64.encodeBase64String(RandomUtils.nextBytes(16));
    }

    public static String generateKey() throws Exception {
        KeyGenerator aESKeyGenerator = getAESKeyGenerator();
        aESKeyGenerator.init(FileEncryptDecrypt.KEY_GEN_INIT);
        return Base64.encodeBase64String(aESKeyGenerator.generateKey().getEncoded());
    }

    public static PublicKey getX509EncodedKeySpec(KeyFactory keyFactory, String str) {
        try {
            return keyFactory.generatePublic(new X509EncodedKeySpec(Base64.decodeBase64(str)));
        } catch (InvalidKeySpecException e) {
            throw new EncryptDecryptException(e, "公钥非法", "密钥初始化");
        }
    }

    public static PrivateKey getPKCS8EncodedKeySpec(KeyFactory keyFactory, String str) {
        try {
            return keyFactory.generatePrivate(new PKCS8EncodedKeySpec(Base64.decodeBase64(str)));
        } catch (InvalidKeySpecException e) {
            throw new EncryptDecryptException(e, "私钥非法", "密钥初始化");
        }
    }

    public static String encryptRSA(PublicKey publicKey, String str) {
        try {
            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM_ECB_PKCS1);
            cipher.init(1, publicKey);
            return Base64.encodeBase64String(cipher.doFinal(str.getBytes(CHARSET)));
        } catch (Exception e) {
            throw new EncryptDecryptException(e, e.getMessage(), "根据公钥和原始内容产生加密内容.");
        }
    }

    public static String encryptRSA(String str, String str2) throws Exception {
        try {
            PublicKey generatePublic = KeyFactory.getInstance(RSA).generatePublic(new X509EncodedKeySpec(Base64.decodeBase64(str2)));
            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM_ECB_PKCS1);
            cipher.init(1, generatePublic);
            return Base64.encodeBase64String(cipher.doFinal(str.getBytes(CHARSET)));
        } catch (Exception e) {
            throw new Exception("加密过程失败, EncryptContent = " + str, e);
        }
    }

    public static String decryptRSA(String str, String str2) throws Exception {
        try {
            PrivateKey generatePrivate = KeyFactory.getInstance(RSA).generatePrivate(new PKCS8EncodedKeySpec(Base64.decodeBase64(str2)));
            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM_ECB_PKCS1);
            cipher.init(2, generatePrivate);
            return new String(cipher.doFinal(Base64.decodeBase64(str)), CHARSET);
        } catch (Exception e) {
            throw new Exception("解密过程失败, EncodeContent = " + str, e);
        }
    }

    public static String decryptRSA(PrivateKey privateKey, String str) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException {
        Cipher cipher = Cipher.getInstance(RSA_ALGORITHM_ECB_PKCS1);
        cipher.init(2, privateKey);
        return new String(cipher.doFinal(Base64.decodeBase64(str)), CHARSET);
    }

    public static String sha256file(String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            try {
                DigestInputStream digestInputStream = new DigestInputStream(new BufferedInputStream(new FileInputStream(str)), messageDigest);
                do {
                    try {
                    } catch (IOException e) {
                        throw new EncryptDecryptException(e, e.getMessage(), "计算文件sha256摘要");
                    }
                } while (digestInputStream.read() != -1);
                digestInputStream.close();
                return Base64.encodeBase64String(messageDigest.digest());
            } catch (FileNotFoundException e2) {
                throw new EncryptDecryptException(e2, "sha256file error, " + str + " file not found!", "计算文件sha256摘要");
            }
        } catch (NoSuchAlgorithmException e3) {
            throw new EncryptDecryptException(e3, e3.getMessage(), "计算文件sha256摘要");
        }
    }

    public static String[] encryptFiles(SecretKeySpec secretKeySpec, IvParameterSpec ivParameterSpec, String str, String str2, String str3) {
        String[] sortedFiles = getSortedFiles(str, str3);
        for (String str4 : sortedFiles) {
            encryptFileAES(secretKeySpec, new File(str + File.separator + str4), new File(str2 + File.separator + str4), ivParameterSpec);
        }
        return sortedFiles;
    }

    public static String[] getSortedFiles(String str, String str2) {
        String[] list = new File(str).list();
        return list == null ? new String[0] : filterAndSortFiles(list, str2);
    }

    public static boolean verify(PublicKey publicKey, String str, String str2) {
        try {
            Signature signature = Signature.getInstance(SIGN_ALGORITHM);
            signature.initVerify(publicKey);
            signature.update(str.getBytes(CHARSET));
            return signature.verify(Base64.decodeBase64(str2));
        } catch (Exception e) {
            throw new EncryptDecryptException(e, e.getMessage(), "根据公钥进行验签.");
        }
    }

    public static void doTarGZip(String str, String str2, String[] strArr, String str3) {
        try {
            TarArchiveOutputStream tarArchiveOutputStream = new TarArchiveOutputStream(new GzipCompressorOutputStream(new BufferedOutputStream(new FileOutputStream(new File(str + File.separator + str3)))));
            for (String str4 : strArr) {
                File file = new File(str + File.separator + str4);
                TarArchiveEntry tarArchiveEntry = new TarArchiveEntry(str4);
                tarArchiveEntry.setSize(file.length());
                tarArchiveOutputStream.putArchiveEntry(tarArchiveEntry);
                FileInputStream fileInputStream = new FileInputStream(file);
                copy(fileInputStream, tarArchiveOutputStream);
                fileInputStream.close();
                tarArchiveOutputStream.closeArchiveEntry();
            }
            File file2 = new File(str + File.separator + str2);
            TarArchiveEntry tarArchiveEntry2 = new TarArchiveEntry(str2);
            tarArchiveEntry2.setSize(file2.length());
            tarArchiveOutputStream.putArchiveEntry(tarArchiveEntry2);
            FileInputStream fileInputStream2 = new FileInputStream(file2);
            copy(fileInputStream2, tarArchiveOutputStream);
            fileInputStream2.close();
            tarArchiveOutputStream.closeArchiveEntry();
            tarArchiveOutputStream.close();
        } catch (IOException e) {
            throw new EncryptDecryptException(e, e.getMessage(), "打包加密文件");
        }
    }

    public static void doTarGZip(String str, String[] strArr, String str2) {
        TarArchiveOutputStream tarArchiveOutputStream = null;
        try {
            try {
                tarArchiveOutputStream = new TarArchiveOutputStream(new GzipCompressorOutputStream(new BufferedOutputStream(new FileOutputStream(new File(str + File.separator + str2)))));
                for (String str3 : strArr) {
                    File file = new File(str + File.separator + str3);
                    TarArchiveEntry tarArchiveEntry = new TarArchiveEntry(str3);
                    tarArchiveEntry.setSize(file.length());
                    tarArchiveOutputStream.putArchiveEntry(tarArchiveEntry);
                    FileInputStream fileInputStream = new FileInputStream(file);
                    copy(fileInputStream, tarArchiveOutputStream);
                    fileInputStream.close();
                    tarArchiveOutputStream.closeArchiveEntry();
                }
                if (tarArchiveOutputStream != null) {
                    IOUtils.closeQuietly(tarArchiveOutputStream);
                }
            } catch (IOException e) {
                throw new EncryptDecryptException(e, e.getMessage(), "打包加密文件");
            }
        } catch (Throwable th) {
            if (tarArchiveOutputStream != null) {
                IOUtils.closeQuietly(tarArchiveOutputStream);
            }
            throw th;
        }
    }

    public static void doUnTarGZip(String str, String str2, String str3) {
        try {
            TarArchiveInputStream tarArchiveInputStream = new TarArchiveInputStream(new GzipCompressorInputStream(new BufferedInputStream(new FileInputStream(new File(str + File.separator + str3)))));
            while (true) {
                TarArchiveEntry nextEntry = tarArchiveInputStream.getNextEntry();
                if (nextEntry == null) {
                    tarArchiveInputStream.close();
                    return;
                }
                File file = new File(str2 + File.separator + nextEntry.getName());
                byte[] bArr = new byte[1024];
                FileOutputStream fileOutputStream = new FileOutputStream(file);
                while (true) {
                    int read = tarArchiveInputStream.read(bArr, 0, 1024);
                    if (read != -1) {
                        fileOutputStream.write(bArr, 0, read);
                    }
                }
                fileOutputStream.close();
            }
        } catch (IOException e) {
            throw new EncryptDecryptException(e, e.getMessage(), "解包加密文件");
        }
    }

    public static void copy(InputStream inputStream, OutputStream outputStream) {
        byte[] bArr = new byte[1024];
        while (true) {
            try {
                int read = inputStream.read(bArr);
                if (read == -1) {
                    return;
                } else {
                    outputStream.write(bArr, 0, read);
                }
            } catch (IOException e) {
                throw new EncryptDecryptException(e, e.getMessage(), "文件拷贝");
            }
        }
    }

    public static void encryptFileAES(SecretKey secretKey, File file, File file2, IvParameterSpec ivParameterSpec) {
        try {
            Cipher cipher = Cipher.getInstance(AES_ALGORITHM_CFB_PKCS5);
            cipher.init(1, secretKey, ivParameterSpec);
            try {
                FileInputStream fileInputStream = new FileInputStream(file);
                try {
                    CipherOutputStream cipherOutputStream = new CipherOutputStream(new FileOutputStream(file2), cipher);
                    copy(fileInputStream, cipherOutputStream);
                    try {
                        fileInputStream.close();
                        cipherOutputStream.close();
                    } catch (Exception e) {
                        throw new EncryptDecryptException(e, e.getMessage(), "根据AES的key和IV加密文件");
                    }
                } catch (FileNotFoundException e2) {
                    throw new EncryptDecryptException(e2, "encryptFileAES error, " + file2.getName() + " not found", "根据AES的key和IV加密文件");
                }
            } catch (FileNotFoundException e3) {
                throw new EncryptDecryptException(e3, "encryptFileAES error, " + file.getName() + " not found", "根据AES的key和IV加密文件");
            }
        } catch (Exception e4) {
            throw new EncryptDecryptException(e4, e4.getMessage(), "根据AES的key和IV加密文件");
        }
    }

    public static String encryptAES(String str, String str2, String str3) {
        try {
            Cipher cipher = Cipher.getInstance(AES_ALGORITHM_CFB_PKCS5);
            cipher.init(1, getKey(str2), getIv(str3));
            return Base64.encodeBase64String(cipher.doFinal(str.getBytes(CHARSET)));
        } catch (Exception e) {
            throw new RuntimeException("AES encrypt error", e);
        }
    }

    public static String decryptAES(String str, String str2, String str3) {
        try {
            Cipher cipher = Cipher.getInstance(AES_ALGORITHM_CFB_PKCS5);
            cipher.init(2, getKey(str2), getIv(str3));
            return new String(cipher.doFinal(Base64.decodeBase64(str.getBytes(CHARSET))), CHARSET);
        } catch (Exception e) {
            throw new RuntimeException("AES decrypt error", e);
        }
    }

    public static boolean responseCheckSign(TreeMap<String, String> treeMap, String str, String str2) {
        String str3 = null;
        try {
            str3 = map2str(treeMap);
            System.out.println("map2str:" + str3);
            return rsa256CheckContent(str3, str, str2);
        } catch (Exception e) {
            throw new RuntimeException(" outside agencies response check sign error,str:{" + str3 + "},sign:{" + str + "} ", e);
        }
    }

    public static boolean rsa256CheckContent(String str, String str2, String str3) {
        try {
            PublicKey generatePublic = KeyFactory.getInstance(RSA).generatePublic(new X509EncodedKeySpec(Base64.decodeBase64(str3)));
            Signature signature = Signature.getInstance(SIGN_ALGORITHM);
            signature.initVerify(generatePublic);
            signature.update(str.getBytes(CHARSET));
            return signature.verify(Base64.decodeBase64(str2));
        } catch (Exception e) {
            throw new RuntimeException("验签失败, RSAcontent = " + str + ",sign=" + str2, e);
        }
    }

    private static String map2str(TreeMap<String, String> treeMap) {
        ArrayList arrayList = new ArrayList();
        for (String str : treeMap.keySet()) {
            arrayList.add(str + EQUAL + treeMap.get(str));
        }
        return StringUtils.join(arrayList, AND);
    }

    public static String requestSign(TreeMap<String, String> treeMap, String str) {
        String str2 = null;
        try {
            str2 = map2str(treeMap);
            return rsa256Sign(str2, str);
        } catch (Exception e) {
            throw new RuntimeException("request outside agencies sign error.str:{" + str2 + "} ", e);
        }
    }

    public static String rsa256Sign(String str, String str2) {
        try {
            PrivateKey generatePrivate = KeyFactory.getInstance(RSA).generatePrivate(new PKCS8EncodedKeySpec(Base64.decodeBase64(str2)));
            Signature signature = Signature.getInstance(SIGN_ALGORITHM);
            signature.initSign(generatePrivate);
            signature.update(str.getBytes(CHARSET));
            return Base64.encodeBase64String(signature.sign());
        } catch (Exception e) {
            throw new RuntimeException("签名失败, RSAcontent = " + str, e);
        }
    }

    private static AlgorithmParameterSpec getIv(String str) {
        return new IvParameterSpec(Base64.decodeBase64(str));
    }

    private static Key getKey(String str) {
        return new SecretKeySpec(Base64.decodeBase64(str.getBytes()), AES);
    }

    public static String sign(PrivateKey privateKey, String str) {
        try {
            Signature signature = Signature.getInstance(SIGN_ALGORITHM);
            signature.initSign(privateKey);
            signature.update(str.getBytes(CHARSET));
            return Base64.encodeBase64String(signature.sign());
        } catch (Exception e) {
            throw new EncryptDecryptException(e, e.getMessage(), "根据私钥和数据内容产生签名, base64编码");
        }
    }

    public static String[] filterAndSortFiles(String[] strArr, final String str) {
        List<String> asList = Arrays.asList(strArr);
        ArrayList arrayList = new ArrayList();
        for (String str2 : asList) {
            if (str2.endsWith(str)) {
                arrayList.add(str2);
            }
        }
        Collections.sort(arrayList, new Comparator<String>() { // from class: com.baidu.unionloan.common.util.Security.1
            @Override // java.util.Comparator
            public int compare(String str3, String str4) {
                return str3.substring(0, str3.length() - str.length()).compareTo(str4.substring(0, str4.length() - str.length()));
            }
        });
        return (String[]) arrayList.toArray(new String[0]);
    }

    public static void copyFile(String str, String str2, String str3) {
        initFileDir(str2);
        try {
            FileUtils.copyFileToDirectory(new File(str + File.separator + str3), new File(str2));
        } catch (IOException e) {
            throw new EncryptDecryptException(e, e.getMessage(), "文件从一个目录拷贝到另外一个目录");
        }
    }

    public static void initFileDir(String str) {
        File file = new File(str);
        if (!file.exists() && !file.mkdirs()) {
            throw new EncryptDecryptException(null, str + "创建失败", "新建目录");
        }
    }

    public static void checkDecryptDir(String str) {
        if (!new File(str).exists()) {
            throw new EncryptDecryptException(null, str + " source file not exists: ", "检查原文件目录");
        }
    }

    public static void decryptfile(SecretKeySpec secretKeySpec, IvParameterSpec ivParameterSpec, String str, String str2, String[] strArr) {
        for (String str3 : strArr) {
            decryptFileAES(secretKeySpec, new File(str + File.separator + str3), new File(str2 + File.separator + str3), ivParameterSpec);
        }
    }

    public static void decryptFileAES(SecretKey secretKey, File file, File file2, IvParameterSpec ivParameterSpec) {
        CipherInputStream cipherInputStream = null;
        FileOutputStream fileOutputStream = null;
        try {
            try {
                Cipher cipher = Cipher.getInstance(AES_ALGORITHM_CFB_PKCS5);
                cipher.init(2, secretKey, ivParameterSpec);
                cipherInputStream = new CipherInputStream(new FileInputStream(file), cipher);
                fileOutputStream = new FileOutputStream(file2);
                copy(cipherInputStream, fileOutputStream);
                if (cipherInputStream != null) {
                    try {
                        cipherInputStream.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (IOException e2) {
                        e2.printStackTrace();
                    }
                }
            } catch (Exception e3) {
                throw new EncryptDecryptException(e3, e3.getMessage(), "根据AES的key和IV, 解密文件.");
            }
        } catch (Throwable th) {
            if (cipherInputStream != null) {
                try {
                    cipherInputStream.close();
                } catch (IOException e4) {
                    e4.printStackTrace();
                }
            }
            if (fileOutputStream != null) {
                try {
                    fileOutputStream.close();
                } catch (IOException e5) {
                    e5.printStackTrace();
                }
            }
            throw th;
        }
    }

    public static void createKeyFile(String str, String str2, String str3, String str4, String str5) {
        try {
            FileWriter fileWriter = new FileWriter(new File(str + File.separator + str2));
            fileWriter.write(str3);
            fileWriter.write("\n");
            fileWriter.write(str4);
            fileWriter.write("\n");
            fileWriter.write(str5);
            fileWriter.close();
        } catch (IOException e) {
            throw new EncryptDecryptException(e, e.getMessage(), "创建key文件, 并将key, iv, sign按行写入");
        }
    }

    public static void geneMd5(String str, String str2) {
        File file = new File(str + File.separator + str2);
        if (file.exists()) {
            try {
                FileUtils.write(new File(str + File.separator + str2.split("\\.")[0] + ".md5"), generateMD5(file), CHARSET);
            } catch (Exception e) {
                throw new EncryptDecryptException(e, "SecurityUtil generate md5 file error!", "检查原文件目录");
            }
        }
    }

    public static String generateMD5(File file) throws Exception {
        FileInputStream fileInputStream = null;
        try {
            fileInputStream = new FileInputStream(file);
            String md5Hex = DigestUtils.md5Hex(fileInputStream);
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            return md5Hex;
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    public static Map<KEY, String> getRSAKeys() throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA);
        keyPairGenerator.initialize(KEY_SIZE);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        RSAPublicKey rSAPublicKey = (RSAPublicKey) generateKeyPair.getPublic();
        RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) generateKeyPair.getPrivate();
        HashMap hashMap = new HashMap();
        hashMap.put(KEY.PUBLICKEY, Base64.encodeBase64String(rSAPublicKey.getEncoded()));
        hashMap.put(KEY.PRIVATEKEY, Base64.encodeBase64String(rSAPrivateKey.getEncoded()));
        return hashMap;
    }
}
