package com.alipay.api.internal.util;

import com.alipay.api.AlipayApiException;
import com.alipay.api.AlipayConstants;
import com.alipay.api.internal.util.codec.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.StringWriter;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Map;
import java.util.TreeMap;
import javax.crypto.Cipher;
import org.springframework.beans.factory.BeanFactory;

/* loaded from: input_file:WEB-INF/lib/alipay-2.2.6.jar:com/alipay/api/internal/util/AlipaySignature.class */
public class AlipaySignature {
    private static final int MAX_ENCRYPT_BLOCK = 117;
    private static final int MAX_DECRYPT_BLOCK = 128;

    public static String getSignatureContent(RequestParametersHolder requestParametersHolder) {
        return getSignContent(getSortedMap(requestParametersHolder));
    }

    public static Map<String, String> getSortedMap(RequestParametersHolder requestParametersHolder) {
        TreeMap treeMap = new TreeMap();
        AlipayHashMap applicationParams = requestParametersHolder.getApplicationParams();
        if (applicationParams != null && applicationParams.size() > 0) {
            treeMap.putAll(applicationParams);
        }
        AlipayHashMap protocalMustParams = requestParametersHolder.getProtocalMustParams();
        if (protocalMustParams != null && protocalMustParams.size() > 0) {
            treeMap.putAll(protocalMustParams);
        }
        AlipayHashMap protocalOptParams = requestParametersHolder.getProtocalOptParams();
        if (protocalOptParams != null && protocalOptParams.size() > 0) {
            treeMap.putAll(protocalOptParams);
        }
        return treeMap;
    }

    public static String getSignContent(Map<String, String> map) {
        StringBuffer stringBuffer = new StringBuffer();
        ArrayList arrayList = new ArrayList(map.keySet());
        Collections.sort(arrayList);
        int i = 0;
        for (int i2 = 0; i2 < arrayList.size(); i2++) {
            String str = (String) arrayList.get(i2);
            String str2 = map.get(str);
            if (StringUtils.areNotEmpty(str, str2)) {
                stringBuffer.append((i == 0 ? "" : BeanFactory.FACTORY_BEAN_PREFIX) + str + "=" + str2);
                i++;
            }
        }
        return stringBuffer.toString();
    }

    public static String rsaSign(String str, String str2, String str3, String str4) throws AlipayApiException {
        if ("RSA".equals(str4)) {
            return rsaSign(str, str2, str3);
        }
        if (AlipayConstants.SIGN_TYPE_RSA2.equals(str4)) {
            return rsa256Sign(str, str2, str3);
        }
        throw new AlipayApiException("Sign Type is Not Support : signType=" + str4);
    }

    public static String rsa256Sign(String str, String str2, String str3) throws AlipayApiException {
        try {
            PrivateKey privateKeyFromPKCS8 = getPrivateKeyFromPKCS8("RSA", new ByteArrayInputStream(str2.getBytes()));
            Signature signature = Signature.getInstance(AlipayConstants.SIGN_SHA256RSA_ALGORITHMS);
            signature.initSign(privateKeyFromPKCS8);
            if (StringUtils.isEmpty(str3)) {
                signature.update(str.getBytes());
            } else {
                signature.update(str.getBytes(str3));
            }
            return new String(Base64.encodeBase64(signature.sign()));
        } catch (Exception e) {
            throw new AlipayApiException("RSAcontent = " + str + "; charset = " + str3, e);
        }
    }

    public static String rsaSign(String str, String str2, String str3) throws AlipayApiException {
        try {
            PrivateKey privateKeyFromPKCS8 = getPrivateKeyFromPKCS8("RSA", new ByteArrayInputStream(str2.getBytes()));
            Signature signature = Signature.getInstance(AlipayConstants.SIGN_ALGORITHMS);
            signature.initSign(privateKeyFromPKCS8);
            if (StringUtils.isEmpty(str3)) {
                signature.update(str.getBytes());
            } else {
                signature.update(str.getBytes(str3));
            }
            return new String(Base64.encodeBase64(signature.sign()));
        } catch (InvalidKeySpecException e) {
            throw new AlipayApiException("RSA私钥格式不正确，请检查是否正确配置了PKCS8格式的私钥", e);
        } catch (Exception e2) {
            throw new AlipayApiException("RSAcontent = " + str + "; charset = " + str3, e2);
        }
    }

    public static String rsaSign(Map<String, String> map, String str, String str2) throws AlipayApiException {
        return rsaSign(getSignContent(map), str, str2);
    }

    public static PrivateKey getPrivateKeyFromPKCS8(String str, InputStream inputStream) throws Exception {
        if (inputStream == null || StringUtils.isEmpty(str)) {
            return null;
        }
        return KeyFactory.getInstance(str).generatePrivate(new PKCS8EncodedKeySpec(Base64.decodeBase64(StreamUtil.readText(inputStream).getBytes())));
    }

    public static String getSignCheckContentV1(Map<String, String> map) {
        if (map == null) {
            return null;
        }
        map.remove(AlipayConstants.SIGN);
        map.remove(AlipayConstants.SIGN_TYPE);
        StringBuffer stringBuffer = new StringBuffer();
        ArrayList arrayList = new ArrayList(map.keySet());
        Collections.sort(arrayList);
        int i = 0;
        while (i < arrayList.size()) {
            String str = (String) arrayList.get(i);
            stringBuffer.append((i == 0 ? "" : BeanFactory.FACTORY_BEAN_PREFIX) + str + "=" + map.get(str));
            i++;
        }
        return stringBuffer.toString();
    }

    public static String getSignCheckContentV2(Map<String, String> map) {
        if (map == null) {
            return null;
        }
        map.remove(AlipayConstants.SIGN);
        StringBuffer stringBuffer = new StringBuffer();
        ArrayList arrayList = new ArrayList(map.keySet());
        Collections.sort(arrayList);
        int i = 0;
        while (i < arrayList.size()) {
            String str = (String) arrayList.get(i);
            stringBuffer.append((i == 0 ? "" : BeanFactory.FACTORY_BEAN_PREFIX) + str + "=" + map.get(str));
            i++;
        }
        return stringBuffer.toString();
    }

    public static boolean rsaCheckV1(Map<String, String> map, String str, String str2) throws AlipayApiException {
        return rsaCheckContent(getSignCheckContentV1(map), map.get(AlipayConstants.SIGN), str, str2);
    }

    public static boolean rsaCheckV1(Map<String, String> map, String str, String str2, String str3) throws AlipayApiException {
        return rsaCheck(getSignCheckContentV1(map), map.get(AlipayConstants.SIGN), str, str2, str3);
    }

    public static boolean rsaCheckV2(Map<String, String> map, String str, String str2) throws AlipayApiException {
        return rsaCheckContent(getSignCheckContentV2(map), map.get(AlipayConstants.SIGN), str, str2);
    }

    public static boolean rsaCheckV2(Map<String, String> map, String str, String str2, String str3) throws AlipayApiException {
        return rsaCheck(getSignCheckContentV2(map), map.get(AlipayConstants.SIGN), str, str2, str3);
    }

    public static boolean rsaCheck(String str, String str2, String str3, String str4, String str5) throws AlipayApiException {
        if ("RSA".equals(str5)) {
            return rsaCheckContent(str, str2, str3, str4);
        }
        if (AlipayConstants.SIGN_TYPE_RSA2.equals(str5)) {
            return rsa256CheckContent(str, str2, str3, str4);
        }
        throw new AlipayApiException("Sign Type is Not Support : signType=" + str5);
    }

    public static boolean rsa256CheckContent(String str, String str2, String str3, String str4) throws AlipayApiException {
        try {
            PublicKey publicKeyFromX509 = getPublicKeyFromX509("RSA", new ByteArrayInputStream(str3.getBytes()));
            Signature signature = Signature.getInstance(AlipayConstants.SIGN_SHA256RSA_ALGORITHMS);
            signature.initVerify(publicKeyFromX509);
            if (StringUtils.isEmpty(str4)) {
                signature.update(str.getBytes());
            } else {
                signature.update(str.getBytes(str4));
            }
            return signature.verify(Base64.decodeBase64(str2.getBytes()));
        } catch (Exception e) {
            throw new AlipayApiException("RSAcontent = " + str + ",sign=" + str2 + ",charset = " + str4, e);
        }
    }

    public static boolean rsaCheckContent(String str, String str2, String str3, String str4) throws AlipayApiException {
        try {
            PublicKey publicKeyFromX509 = getPublicKeyFromX509("RSA", new ByteArrayInputStream(str3.getBytes()));
            Signature signature = Signature.getInstance(AlipayConstants.SIGN_ALGORITHMS);
            signature.initVerify(publicKeyFromX509);
            if (StringUtils.isEmpty(str4)) {
                signature.update(str.getBytes());
            } else {
                signature.update(str.getBytes(str4));
            }
            return signature.verify(Base64.decodeBase64(str2.getBytes()));
        } catch (Exception e) {
            throw new AlipayApiException("RSAcontent = " + str + ",sign=" + str2 + ",charset = " + str4, e);
        }
    }

    public static PublicKey getPublicKeyFromX509(String str, InputStream inputStream) throws Exception {
        KeyFactory keyFactory = KeyFactory.getInstance(str);
        StringWriter stringWriter = new StringWriter();
        StreamUtil.io(new InputStreamReader(inputStream), stringWriter);
        return keyFactory.generatePublic(new X509EncodedKeySpec(Base64.decodeBase64(stringWriter.toString().getBytes())));
    }

    public static String checkSignAndDecrypt(Map<String, String> map, String str, String str2, boolean z, boolean z2) throws AlipayApiException {
        String str3 = map.get("charset");
        String str4 = map.get(AlipayConstants.BIZ_CONTENT_KEY);
        if (!z || rsaCheckV2(map, str, str3)) {
            return z2 ? rsaDecrypt(str4, str2, str3) : str4;
        }
        throw new AlipayApiException("rsaCheck failure:rsaParams=" + map);
    }

    public static String checkSignAndDecrypt(Map<String, String> map, String str, String str2, boolean z, boolean z2, String str3) throws AlipayApiException {
        String str4 = map.get("charset");
        String str5 = map.get(AlipayConstants.BIZ_CONTENT_KEY);
        if (!z || rsaCheckV2(map, str, str4, str3)) {
            return z2 ? rsaDecrypt(str5, str2, str4) : str5;
        }
        throw new AlipayApiException("rsaCheck failure:rsaParams=" + map);
    }

    public static String encryptAndSign(String str, String str2, String str3, String str4, boolean z, boolean z2) throws AlipayApiException {
        StringBuilder sb = new StringBuilder();
        if (StringUtils.isEmpty(str4)) {
            str4 = AlipayConstants.CHARSET_GBK;
        }
        sb.append("<?xml version=\"1.0\" encoding=\"" + str4 + "\"?>");
        if (z) {
            sb.append("<alipay>");
            String rsaEncrypt = rsaEncrypt(str, str2, str4);
            sb.append("<response>" + rsaEncrypt + "</response>");
            sb.append("<encryption_type>RSA</encryption_type>");
            if (z2) {
                sb.append("<sign>" + rsaSign(rsaEncrypt, str3, str4) + "</sign>");
                sb.append("<sign_type>RSA</sign_type>");
            }
            sb.append("</alipay>");
        } else if (z2) {
            sb.append("<alipay>");
            sb.append("<response>" + str + "</response>");
            sb.append("<sign>" + rsaSign(str, str3, str4) + "</sign>");
            sb.append("<sign_type>RSA</sign_type>");
            sb.append("</alipay>");
        } else {
            sb.append(str);
        }
        return sb.toString();
    }

    public static String encryptAndSign(String str, String str2, String str3, String str4, boolean z, boolean z2, String str5) throws AlipayApiException {
        StringBuilder sb = new StringBuilder();
        if (StringUtils.isEmpty(str4)) {
            str4 = AlipayConstants.CHARSET_GBK;
        }
        sb.append("<?xml version=\"1.0\" encoding=\"" + str4 + "\"?>");
        if (z) {
            sb.append("<alipay>");
            String rsaEncrypt = rsaEncrypt(str, str2, str4);
            sb.append("<response>" + rsaEncrypt + "</response>");
            sb.append("<encryption_type>RSA</encryption_type>");
            if (z2) {
                sb.append("<sign>" + rsaSign(rsaEncrypt, str3, str4, str5) + "</sign>");
                sb.append("<sign_type>");
                sb.append(str5);
                sb.append("</sign_type>");
            }
            sb.append("</alipay>");
        } else if (z2) {
            sb.append("<alipay>");
            sb.append("<response>" + str + "</response>");
            sb.append("<sign>" + rsaSign(str, str3, str4, str5) + "</sign>");
            sb.append("<sign_type>");
            sb.append(str5);
            sb.append("</sign_type>");
            sb.append("</alipay>");
        } else {
            sb.append(str);
        }
        return sb.toString();
    }

    public static String rsaEncrypt(String str, String str2, String str3) throws AlipayApiException {
        try {
            PublicKey publicKeyFromX509 = getPublicKeyFromX509("RSA", new ByteArrayInputStream(str2.getBytes()));
            Cipher cipher = Cipher.getInstance("RSA");
            cipher.init(1, publicKeyFromX509);
            byte[] bytes = StringUtils.isEmpty(str3) ? str.getBytes() : str.getBytes(str3);
            int length = bytes.length;
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            int i = 0;
            int i2 = 0;
            while (length - i > 0) {
                byte[] doFinal = length - i > 117 ? cipher.doFinal(bytes, i, 117) : cipher.doFinal(bytes, i, length - i);
                byteArrayOutputStream.write(doFinal, 0, doFinal.length);
                i2++;
                i = i2 * 117;
            }
            byte[] encodeBase64 = Base64.encodeBase64(byteArrayOutputStream.toByteArray());
            byteArrayOutputStream.close();
            return StringUtils.isEmpty(str3) ? new String(encodeBase64) : new String(encodeBase64, str3);
        } catch (Exception e) {
            throw new AlipayApiException("EncryptContent = " + str + ",charset = " + str3, e);
        }
    }

    public static String rsaDecrypt(String str, String str2, String str3) throws AlipayApiException {
        try {
            PrivateKey privateKeyFromPKCS8 = getPrivateKeyFromPKCS8("RSA", new ByteArrayInputStream(str2.getBytes()));
            Cipher cipher = Cipher.getInstance("RSA");
            cipher.init(2, privateKeyFromPKCS8);
            byte[] decodeBase64 = StringUtils.isEmpty(str3) ? Base64.decodeBase64(str.getBytes()) : Base64.decodeBase64(str.getBytes(str3));
            int length = decodeBase64.length;
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            int i = 0;
            int i2 = 0;
            while (length - i > 0) {
                byte[] doFinal = length - i > 128 ? cipher.doFinal(decodeBase64, i, 128) : cipher.doFinal(decodeBase64, i, length - i);
                byteArrayOutputStream.write(doFinal, 0, doFinal.length);
                i2++;
                i = i2 * 128;
            }
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            byteArrayOutputStream.close();
            return StringUtils.isEmpty(str3) ? new String(byteArray) : new String(byteArray, str3);
        } catch (Exception e) {
            throw new AlipayApiException("EncodeContent = " + str + ",charset = " + str3, e);
        }
    }
}
