package com.baidu.unionloan.file.service;

import com.baidu.unionloan.common.util.Security;
import com.baidu.unionloan.file.service.decryption.DecryptParam;
import com.baidu.unionloan.file.service.decryption.DecryptResult;
import com.baidu.unionloan.file.service.encryption.EncryptParam;
import com.baidu.unionloan.file.service.encryption.EncryptResult;
import java.io.File;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.List;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/baidu/unionloan/file/service/FileEncryptDecrypt.class */
public class FileEncryptDecrypt {
    public static final int KEY_GEN_INIT = 128;
    public static final int IV_RANDOM_INIT_SIZE = 16;
    public static final String KEY_FILE_DEFAULT_NAME = "key";

    public DecryptResult decryptFile(DecryptParam decryptParam) {
        DecryptResult decryptResult = new DecryptResult();
        preHandleDecrypt(decryptParam);
        String[] sortedFiles = Security.getSortedFiles(decryptParam.getEncryptDir(), decryptParam.getFileSuffix());
        KeyFactory rSAKeyFactory = Security.getRSAKeyFactory();
        PublicKey x509EncodedKeySpec = Security.getX509EncodedKeySpec(rSAKeyFactory, decryptParam.getPublicKeyPartner());
        PrivateKey pKCS8EncodedKeySpec = Security.getPKCS8EncodedKeySpec(rSAKeyFactory, decryptParam.getPrivateKeyLocal());
        if (!verify(decryptParam, sortedFiles, x509EncodedKeySpec)) {
            decryptResult.setFailFlow("验签");
            decryptResult.setFailReason("验签结果不一致");
            return decryptResult;
        }
        byte[] bArr = new byte[0];
        try {
            String decryptRSA = Security.decryptRSA(pKCS8EncodedKeySpec, decryptParam.getKey());
            String decryptRSA2 = Security.decryptRSA(pKCS8EncodedKeySpec, decryptParam.getIv());
            try {
                Security.decryptfile(new SecretKeySpec(Base64.decodeBase64(decryptRSA), Security.AES), new IvParameterSpec(Base64.decodeBase64(decryptRSA2)), decryptParam.getEncryptDir(), decryptParam.getDecryptDir(), sortedFiles);
                return decryptResult;
            } catch (Exception e) {
                throw new EncryptDecryptException(e, e.getMessage(), "解密文件");
            }
        } catch (Exception e2) {
            throw new EncryptDecryptException(e2, e2.getMessage(), "key&iv解密");
        }
    }

    public boolean verify(DecryptParam decryptParam, String[] strArr, PublicKey publicKey) {
        String str = decryptParam.getKey() + decryptParam.getIv();
        try {
            for (String str2 : strArr) {
                str = str + Security.sha256file(decryptParam.getEncryptDir() + File.separator + str2);
            }
            try {
                return Security.verify(publicKey, str, decryptParam.getSign());
            } catch (Exception e) {
                throw new EncryptDecryptException(e, e.getMessage(), "验签");
            }
        } catch (Exception e2) {
            throw new EncryptDecryptException(e2, e2.getMessage(), "摘要");
        }
    }

    public static void preHanleEncrypt(EncryptParam encryptParam) {
        Security.checkDecryptDir(encryptParam.getSourceDir());
        Security.initFileDir(encryptParam.getTargetDir());
        if (StringUtils.isEmpty(encryptParam.getKeyFileName())) {
            encryptParam.setKeyFileName(KEY_FILE_DEFAULT_NAME);
        }
    }

    public void preHandleDecrypt(DecryptParam decryptParam) {
        if (decryptParam.isNeedUnTar()) {
            Security.doUnTarGZip(decryptParam.getEncryptDir(), decryptParam.getEncryptDir(), decryptParam.getTarFileName());
        }
        if (decryptParam.isNeedReadKEYFile()) {
            readKEYFile(decryptParam);
        }
        Security.initFileDir(decryptParam.getDecryptDir());
    }

    private DecryptParam readKEYFile(DecryptParam decryptParam) {
        try {
            List readLines = FileUtils.readLines(new File(decryptParam.getEncryptDir() + File.separator + decryptParam.getKeyFileName()), Charset.forName(Security.CHARSET));
            if (readLines.size() > 0) {
                decryptParam.setKey((String) readLines.get(0));
            }
            if (readLines.size() > 1) {
                decryptParam.setIv((String) readLines.get(1));
            }
            if (readLines.size() > 2) {
                decryptParam.setSign((String) readLines.get(2));
            }
            return decryptParam;
        } catch (IOException e) {
            throw new EncryptDecryptException(e, "读KEY文件异常", "KEY文件处理");
        } catch (IndexOutOfBoundsException e2) {
            throw new EncryptDecryptException(e2, "读取KEY文件指定行异常，读取行数超过实际最大行数", "KEY文件处理");
        }
    }

    public static EncryptResult encryptFile(EncryptParam encryptParam) {
        EncryptResult encryptResult = new EncryptResult();
        preHanleEncrypt(encryptParam);
        KeyFactory rSAKeyFactory = Security.getRSAKeyFactory();
        PublicKey x509EncodedKeySpec = Security.getX509EncodedKeySpec(rSAKeyFactory, encryptParam.getPublicKeyPartner());
        PrivateKey pKCS8EncodedKeySpec = Security.getPKCS8EncodedKeySpec(rSAKeyFactory, encryptParam.getPrivateKeyLocal());
        KeyGenerator aESKeyGenerator = Security.getAESKeyGenerator();
        aESKeyGenerator.init(KEY_GEN_INIT);
        SecretKey generateKey = aESKeyGenerator.generateKey();
        SecretKeySpec secretKeySpec = new SecretKeySpec(generateKey.getEncoded(), Security.AES);
        String encodeBase64String = Base64.encodeBase64String(generateKey.getEncoded());
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        String encodeBase64String2 = Base64.encodeBase64String(bArr);
        String[] encryptFiles = Security.encryptFiles(secretKeySpec, new IvParameterSpec(bArr), encryptParam.getSourceDir(), encryptParam.getTargetDir(), encryptParam.getTargetFileSuffix());
        String encryptRSA = Security.encryptRSA(x509EncodedKeySpec, encodeBase64String);
        String encryptRSA2 = Security.encryptRSA(x509EncodedKeySpec, encodeBase64String2);
        String str = encryptRSA + encryptRSA2;
        for (String str2 : encryptFiles) {
            str = str + Security.sha256file(encryptParam.getTargetDir() + File.separator + str2);
        }
        Security.createKeyFile(encryptParam.getTargetDir(), encryptParam.getKeyFileName(), encryptRSA, encryptRSA2, Security.sign(pKCS8EncodedKeySpec, str));
        if (encryptParam.isNeedTar()) {
            Security.doTarGZip(encryptParam.getTargetDir(), encryptParam.getKeyFileName(), encryptFiles, encryptParam.getTarFileName());
            Security.geneMd5(encryptParam.getTargetDir(), encryptParam.getTarFileName());
        }
        return encryptResult;
    }
}
