package top.jiaojinxin.sign.util;

import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.regex.Pattern;
import org.springframework.util.StringUtils;
import top.jiaojinxin.core.exception.BizException;
import top.jiaojinxin.core.exception.SysException;
import top.jiaojinxin.sign.ClientPublicKeyHolder;
import top.jiaojinxin.sign.model.SignDTO;
import top.jiaojinxin.sign.properties.SignProperties;

/* loaded from: input_file:top/jiaojinxin/sign/util/SignUtil.class */
public class SignUtil {
    private static final Pattern TIMESTAMP_PATTERN = Pattern.compile("^\\d+$");
    private static final String SIGNATURE_ALGORITHM = "SHA256withRSA";
    private static final String RSA_ALGORITHM = "RSA";
    private static SignProperties signProperties;
    private static ClientPublicKeyHolder clientPublicKeyHolder;

    private SignUtil() {
    }

    public static String sign(SignDTO signDTO) {
        validated(signDTO);
        return Base64.getEncoder().encodeToString(sign(signDTO.getByteArray(), privateKey(signProperties.getClientPrivateKey())));
    }

    public static boolean verify(SignDTO signDTO, String str) {
        validated(signDTO);
        PublicKey publicKey = publicKey(clientPublicKeyHolder.clientPublicKey(signDTO.getClientCode()));
        return verify(signDTO.getByteArray(), Base64.getDecoder().decode(str), publicKey);
    }

    private static byte[] sign(byte[] bArr, PrivateKey privateKey) {
        try {
            Signature signature = getSignature();
            signature.initSign(privateKey);
            signature.update(bArr);
            return signature.sign();
        } catch (InvalidKeyException | SignatureException e) {
            throw new SysException(signProperties.getExceptionCode().getSignError(), e);
        }
    }

    private static boolean verify(byte[] bArr, byte[] bArr2, PublicKey publicKey) {
        try {
            Signature signature = getSignature();
            signature.initVerify(publicKey);
            signature.update(bArr);
            return signature.verify(bArr2);
        } catch (InvalidKeyException | SignatureException e) {
            throw new SysException(signProperties.getExceptionCode().getVerifyError(), e);
        }
    }

    private static void validated(SignDTO signDTO) {
        if (signDTO == null || !StringUtils.hasText(signDTO.getClientCode()) || !StringUtils.hasText(signDTO.getTimestamp()) || !TIMESTAMP_PATTERN.matcher(signDTO.getTimestamp()).find() || !StringUtils.hasText(signDTO.getUid()) || !StringUtils.hasText(signDTO.getContent()) || !StringUtils.hasText(signDTO.getAlgorithm()) || !StringUtils.hasText(signDTO.getSalt())) {
            throw new BizException(signProperties.getExceptionCode().getIllegalRequest());
        }
    }

    private static Signature getSignature() {
        try {
            return Signature.getInstance(SIGNATURE_ALGORITHM);
        } catch (NoSuchAlgorithmException e) {
            throw new SysException(signProperties.getExceptionCode().getNoSuchAlgorithm(), e);
        }
    }

    private static PrivateKey privateKey(String str) {
        try {
            return keyFactory().generatePrivate(new PKCS8EncodedKeySpec(decodeSecretKey(str)));
        } catch (InvalidKeySpecException e) {
            throw new SysException(signProperties.getExceptionCode().getGeneratePrivateKeyError(), e);
        }
    }

    private static PublicKey publicKey(String str) {
        try {
            return keyFactory().generatePublic(new X509EncodedKeySpec(decodeSecretKey(str)));
        } catch (InvalidKeySpecException e) {
            throw new SysException(signProperties.getExceptionCode().getGeneratePublicKeyError(), e);
        }
    }

    private static KeyFactory keyFactory() {
        try {
            return KeyFactory.getInstance(RSA_ALGORITHM);
        } catch (NoSuchAlgorithmException e) {
            throw new SysException(signProperties.getExceptionCode().getNoSuchAlgorithm(), e);
        }
    }

    private static byte[] decodeSecretKey(String str) {
        return Base64.getDecoder().decode(str);
    }

    public static void setSignProperties(SignProperties signProperties2) {
        signProperties = signProperties2;
    }

    public static void setClientPublicKeyHolder(ClientPublicKeyHolder clientPublicKeyHolder2) {
        clientPublicKeyHolder = clientPublicKeyHolder2;
    }
}
