package com.yeepay.g3.sdk.yop.utils;

import com.yeepay.g3.sdk.yop.encrypt.DigestAlgEnum;
import com.yeepay.g3.sdk.yop.encrypt.DigitalEnvelopeDTO;
import com.yeepay.g3.sdk.yop.encrypt.DigitalSignatureDTO;
import com.yeepay.g3.sdk.yop.encrypt.Encodes;
import com.yeepay.g3.sdk.yop.encrypt.RSA;
import com.yeepay.g3.sdk.yop.encrypt.SymmetricEncryptAlgEnum;
import com.yeepay.g3.sdk.yop.encrypt.SymmetricEncryption;
import com.yeepay.g3.sdk.yop.encrypt.SymmetricEncryptionFactory;
import com.yeepay.g3.sdk.yop.exception.VerifySignFailedException;
import com.yeepay.shade.com.google.common.base.Charsets;
import com.yeepay.shade.org.apache.commons.lang3.StringUtils;
import java.security.PrivateKey;
import java.security.PublicKey;

/* loaded from: input_file:com/yeepay/g3/sdk/yop/utils/DigitalEnvelopeUtils.class */
public final class DigitalEnvelopeUtils {
    public static final String SEPERATOR = "$";

    public static DigitalEnvelopeDTO encrypt(DigitalEnvelopeDTO digitalEnvelopeDTO, PrivateKey privateKey, PublicKey publicKey) {
        String plainText = digitalEnvelopeDTO.getPlainText();
        byte[] bytes = plainText.getBytes(Charsets.UTF_8);
        SymmetricEncryptAlgEnum symmetricEncryptAlg = digitalEnvelopeDTO.getSymmetricEncryptAlg();
        SymmetricEncryption symmetricEncryption = SymmetricEncryptionFactory.getSymmetricEncryption(symmetricEncryptAlg);
        byte[] generateRandomKey = symmetricEncryption.generateRandomKey();
        DigestAlgEnum digestAlg = digitalEnvelopeDTO.getDigestAlg();
        String encodeUrlSafeBase64 = Encodes.encodeUrlSafeBase64(symmetricEncryption.encrypt((plainText + SEPERATOR + Encodes.encodeUrlSafeBase64(RSA.sign(bytes, privateKey, digestAlg))).getBytes(Charsets.UTF_8), generateRandomKey));
        digitalEnvelopeDTO.setCipherText(Encodes.encodeUrlSafeBase64(RSA.encrypt(generateRandomKey, publicKey)) + SEPERATOR + encodeUrlSafeBase64 + SEPERATOR + symmetricEncryptAlg.getValue() + SEPERATOR + digestAlg.getValue());
        return digitalEnvelopeDTO;
    }

    public static DigitalEnvelopeDTO decrypt(DigitalEnvelopeDTO digitalEnvelopeDTO, PrivateKey privateKey, PublicKey publicKey) {
        String cipherText = digitalEnvelopeDTO.getCipherText();
        String[] split = cipherText.split("\\$");
        if (split.length != 4) {
            throw new RuntimeException("source invalid : " + cipherText);
        }
        String str = split[0];
        String str2 = split[1];
        SymmetricEncryptAlgEnum parse = SymmetricEncryptAlgEnum.parse(split[2]);
        DigestAlgEnum parse2 = DigestAlgEnum.parse(split[3]);
        digitalEnvelopeDTO.setSymmetricEncryptAlg(parse);
        SymmetricEncryption symmetricEncryption = SymmetricEncryptionFactory.getSymmetricEncryption(parse);
        digitalEnvelopeDTO.setDigestAlg(parse2);
        String str3 = new String(symmetricEncryption.decrypt(Encodes.decodeBase64(str2), RSA.decrypt(Encodes.decodeBase64(str), privateKey)), Charsets.UTF_8);
        String substringBeforeLast = StringUtils.substringBeforeLast(str3, SEPERATOR);
        if (!RSA.verifySign(substringBeforeLast, StringUtils.substringAfterLast(str3, SEPERATOR), publicKey, parse2)) {
            throw new VerifySignFailedException("verifySign fail!");
        }
        digitalEnvelopeDTO.setPlainText(substringBeforeLast);
        return digitalEnvelopeDTO;
    }

    public static DigitalSignatureDTO sign(DigitalSignatureDTO digitalSignatureDTO, PrivateKey privateKey) {
        digitalSignatureDTO.setSignature(sign0(digitalSignatureDTO, privateKey));
        return digitalSignatureDTO;
    }

    public static DigitalSignatureDTO verify(DigitalSignatureDTO digitalSignatureDTO, PublicKey publicKey) {
        verify0(digitalSignatureDTO, publicKey);
        return digitalSignatureDTO;
    }

    public static String sign0(DigitalSignatureDTO digitalSignatureDTO, PrivateKey privateKey) {
        byte[] bytes = digitalSignatureDTO.getPlainText().getBytes(Charsets.UTF_8);
        DigestAlgEnum digestAlg = digitalSignatureDTO.getDigestAlg();
        return Encodes.encodeUrlSafeBase64(RSA.sign(bytes, privateKey, digestAlg)) + SEPERATOR + digestAlg.getValue();
    }

    public static void verify0(DigitalSignatureDTO digitalSignatureDTO, PublicKey publicKey) {
        String signature = digitalSignatureDTO.getSignature();
        String[] split = signature.split("\\$");
        if (split.length != 2) {
            throw new RuntimeException("signature invalid : " + signature);
        }
        String str = split[0];
        DigestAlgEnum parse = DigestAlgEnum.parse(split[1]);
        digitalSignatureDTO.setDigestAlg(parse);
        if (!RSA.verifySign(digitalSignatureDTO.getPlainText(), str, publicKey, parse)) {
            throw new VerifySignFailedException("verifySign fail!");
        }
    }
}
