package com.yeepay.g3.utils.common.encrypt.pki;

import com.yeepay.g3.utils.common.CheckUtils;
import com.yeepay.g3.utils.common.encrypt.AES;
import com.yeepay.g3.utils.common.encrypt.Base64;
import com.yeepay.g3.utils.common.encrypt.HmacSign;
import java.io.UnsupportedEncodingException;
import java.security.PrivateKey;
import java.security.PublicKey;

/* loaded from: input_file:com/yeepay/g3/utils/common/encrypt/pki/DigitalEnvelopeUtils.class */
public class DigitalEnvelopeUtils {
    public static String encrypt(String str, PrivateKey privateKey, PublicKey publicKey) {
        CheckUtils.notEmpty(str, "source data");
        CheckUtils.notEmpty(privateKey, "privateKey");
        CheckUtils.notEmpty(publicKey, "publicKey");
        try {
            byte[] bytes = str.getBytes("UTF-8");
            byte[] genarateRandomKey = AES.genarateRandomKey();
            String str2 = new String(Base64.encode(RSA.encrypt(genarateRandomKey, publicKey))) + "$" + new String(Base64.encode(AES.encrypt(bytes, genarateRandomKey))) + "$" + new String(Base64.encode(RSA.sign(bytes, privateKey)));
            try {
                return str2 + "$" + new String(Base64.encode(HmacSign.sign(str2.getBytes("UTF-8"), genarateRandomKey)));
            } catch (UnsupportedEncodingException e) {
                throw new RuntimeException("encrypt fail!", e);
            }
        } catch (UnsupportedEncodingException e2) {
            throw new RuntimeException("encrypt fail!", e2);
        }
    }

    public static String decrypt(String str, PrivateKey privateKey, PublicKey publicKey) {
        CheckUtils.notEmpty(str, "source data");
        CheckUtils.notEmpty(privateKey, "privateKey");
        CheckUtils.notEmpty(publicKey, "publicKey");
        String[] split = str.split("\\$");
        if (split.length != 4) {
            throw new RuntimeException("source invalid : " + str);
        }
        String str2 = split[0];
        String str3 = split[1];
        String str4 = split[2];
        String str5 = split[3];
        if (CheckUtils.isEmpty(str2) || CheckUtils.isEmpty(str3) || CheckUtils.isEmpty(str4) || CheckUtils.isEmpty(str5)) {
            throw new RuntimeException("source invalid : " + str);
        }
        byte[] decrypt = RSA.decrypt(Base64.decode(str2.getBytes()), privateKey);
        try {
            if (!new String(Base64.encode(HmacSign.sign((str2 + "$" + str3 + "$" + str4).getBytes("UTF-8"), decrypt))).equals(str5)) {
                throw new RuntimeException("verify hmacsign fail!");
            }
            byte[] decrypt2 = AES.decrypt(Base64.decode(str3.getBytes()), decrypt);
            if (!RSA.verifySign(decrypt2, Base64.decode(str4.getBytes()), publicKey)) {
                throw new RuntimeException("verifySign fail!");
            }
            try {
                return new String(decrypt2, "UTF-8");
            } catch (UnsupportedEncodingException e) {
                throw new RuntimeException("decrypt fail!");
            }
        } catch (UnsupportedEncodingException e2) {
            throw new RuntimeException("decrypt fail!", e2);
        }
    }
}
