package fun.tusi.sign.util;

import cn.hutool.core.lang.Assert;
import cn.hutool.core.util.HexUtil;
import cn.hutool.core.util.RandomUtil;
import cn.hutool.crypto.SecureUtil;
import cn.hutool.crypto.asymmetric.SignAlgorithm;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.StringUtils;

/* loaded from: input_file:fun/tusi/sign/util/ApiSignUtils4Asymmetric.class */
public class ApiSignUtils4Asymmetric {
    private static final Logger log = LoggerFactory.getLogger(ApiSignUtils4Asymmetric.class);
    public static final String PATH_KEY = "path";
    public static final String CONTENT_MD5_KEY = "content-md5";
    public static final String METHOD_KEY = "method";
    public static final String TIMESTAMP_KEY = "timestamp";
    public static final String NONCE_KEY = "nonce";
    public static final String SIGN_KEY = "sign";

    public Map<String, String> sign(String str, String str2, SignAlgorithm signAlgorithm, String str3, String str4, Map<String, String> map) {
        log.info("ApiSignUtils4Asymmetric > sign > 入参 publicKey=" + str + ", privateKey=" + str2 + ", algorithm=" + signAlgorithm + ", method=" + str3 + ", path=" + str4 + ", requestParams=" + map);
        HashMap hashMap = new HashMap();
        hashMap.put("timestamp", String.valueOf(System.currentTimeMillis() / 1000));
        hashMap.put("nonce", RandomUtil.randomString(16));
        Map<String, String> hashMap2 = map != null ? new HashMap<>(map) : new HashMap<>();
        hashMap2.putAll(hashMap);
        hashMap2.put("method", str3);
        hashMap2.put("path", str4);
        hashMap.put("sign", genSign(str, str2, signAlgorithm, hashMap2));
        return hashMap;
    }

    public Boolean verify(String str, SignAlgorithm signAlgorithm, String str2, String str3, String str4, Map<String, String> map) {
        log.info("验证签名: sign = " + str2 + ", nonce = " + str3 + ", timestamp = " + str4 + ", params = " + map);
        Assert.isTrue(StringUtils.hasText(str2), "验证签名: sign不合法", new Object[0]);
        Assert.isTrue(StringUtils.hasText(str3), "验证签名: nonce不合法", new Object[0]);
        HashMap hashMap = new HashMap(map);
        hashMap.put("nonce", str3);
        hashMap.put("timestamp", str4);
        try {
            return Boolean.valueOf(SecureUtil.sign(signAlgorithm, (String) null, str).verify(buildSignPlaintext(hashMap).getBytes(), HexUtil.decodeHex(str2)));
        } catch (Exception e) {
            log.error("验证签名: 执行值验证异常 = {}", e.getMessage());
            throw new IllegalArgumentException("验证签名: sign格式有误，必须为16进制字符");
        }
    }

    private String genSign(String str, String str2, SignAlgorithm signAlgorithm, Map<String, String> map) {
        log.info("计算签名: signBody = " + map);
        return HexUtil.encodeHexStr(SecureUtil.sign(signAlgorithm, str2, str).sign(buildSignPlaintext(map).getBytes()));
    }

    public static String buildSignPlaintext(Map<String, String> map) {
        map.remove("sign");
        ArrayList<String> arrayList = new ArrayList(map.keySet());
        Collections.sort(arrayList);
        StringBuilder sb = new StringBuilder();
        for (String str : arrayList) {
            String str2 = map.get(str);
            if (StringUtils.hasText(str2)) {
                sb.append(str).append(str2);
            }
        }
        log.info("ApiSignUtils > buildSignPlaintext = {}", sb);
        return sb.toString();
    }
}
