package com.vortex.cloud.vfs.lite.crypto.impl;

import cn.hutool.core.codec.Base64;
import cn.hutool.core.util.StrUtil;
import com.alibaba.fastjson.JSONObject;
import com.coc.utils.YmlUtil;
import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import com.vortex.cloud.vfs.lite.crypto.Crypto;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import java.util.concurrent.TimeUnit;

/* loaded from: input_file:com/vortex/cloud/vfs/lite/crypto/impl/SwxaXsjpsCrypto.class */
public class SwxaXsjpsCrypto implements Crypto {
    private static final String SUCCESS_STATUS = "200";
    private final String host;
    private final String tenantCode;
    private final String appCode;
    private final String appSecret;
    private final String publicKeyName;
    private final String publicKeyId;
    private final String privateKeyName;
    private final String privateKeyId;
    private final Cache<String, String> tokenCache;

    public SwxaXsjpsCrypto() {
        Properties outConfigPathYml = YmlUtil.getOutConfigPathYml("application-custom");
        this.host = outConfigPathYml.getProperty("swxaxsjps.host", "https://secsrv2.xiaoshan.gov.cn:8867");
        this.tenantCode = outConfigPathYml.getProperty("swxaxsjps.tenantCode", "xsqzhcgptxt");
        this.appCode = outConfigPathYml.getProperty("swxaxsjps.appCode", "xsjps");
        this.appSecret = outConfigPathYml.getProperty("swxaxsjps.appSecret", "Vortex@2025");
        this.publicKeyName = outConfigPathYml.getProperty("swxaxsjps.publicKeyName", "public_xsjps_sm2");
        this.publicKeyId = outConfigPathYml.getProperty("swxaxsjps.publicKeyId", "Publ69a3c8a9-000c-4ea6-9349-644ab461290d");
        this.privateKeyName = outConfigPathYml.getProperty("swxaxsjps.privateKeyName", "xsjps_sm2");
        this.privateKeyId = outConfigPathYml.getProperty("swxaxsjps.privateKeyId", "Priv93ffbacd-222a-4d97-a260-bbfb481e6eab");
        this.tokenCache = CacheBuilder.newBuilder().expireAfterWrite(30L, TimeUnit.SECONDS).build();
    }

    @Override // com.vortex.cloud.vfs.lite.crypto.Crypto
    public String encryptStr(String str) {
        if (StrUtil.isBlank(str)) {
            return str;
        }
        String token = getToken();
        HashMap hashMap = new HashMap(3);
        hashMap.put("keyName", this.publicKeyName);
        hashMap.put("keyId", this.publicKeyId);
        hashMap.put("inData", Base64.encode(str));
        JSONObject postConnection = postConnection(this.host + "/pki/api/v6/encrypt/internal/sm2", hashMap, getHeaders(token));
        if (SUCCESS_STATUS.equals(postConnection.getString("status"))) {
            return postConnection.getJSONObject("result").getString("outData");
        }
        throw new RuntimeException("encryptStr: " + String.valueOf(postConnection));
    }

    @Override // com.vortex.cloud.vfs.lite.crypto.Crypto
    public String decryptStr(String str) {
        if (StrUtil.isBlank(str)) {
            return str;
        }
        String token = getToken();
        HashMap hashMap = new HashMap(3);
        hashMap.put("keyName", this.privateKeyName);
        hashMap.put("keyId", this.privateKeyId);
        hashMap.put("inData", str);
        JSONObject postConnection = postConnection(this.host + "/pki/api/v6/decrypt/internal/sm2", hashMap, getHeaders(token));
        if (SUCCESS_STATUS.equals(postConnection.getString("status"))) {
            return Base64.decodeStr(postConnection.getJSONObject("result").getString("outData"));
        }
        throw new RuntimeException("encryptStr: " + String.valueOf(postConnection));
    }

    @Override // com.vortex.cloud.vfs.lite.crypto.Crypto
    public String createHmac(String str) {
        if (StrUtil.isBlank(str)) {
            return str;
        }
        String token = getToken();
        String digest = getDigest(str, token);
        HashMap hashMap = new HashMap(3);
        hashMap.put("keyName", this.privateKeyName);
        hashMap.put("keyId", this.privateKeyId);
        hashMap.put("inData", digest);
        JSONObject postConnection = postConnection(this.host + "/pki/api/v6/sign/internal/sm2", hashMap, getHeaders(token));
        if (SUCCESS_STATUS.equals(postConnection.getString("status"))) {
            return postConnection.getJSONObject("result").getString("outData");
        }
        throw new RuntimeException("createHmac.sign: " + String.valueOf(postConnection));
    }

    @Override // com.vortex.cloud.vfs.lite.crypto.Crypto
    public boolean validateHmac(String str, String str2) {
        if (StrUtil.isBlank(str)) {
            return StrUtil.isBlank(str2);
        }
        String token = getToken();
        String digest = getDigest(str, token);
        HashMap hashMap = new HashMap(4);
        hashMap.put("keyName", this.publicKeyName);
        hashMap.put("keyId", this.publicKeyId);
        hashMap.put("plaintext", digest);
        hashMap.put("signature", str2);
        JSONObject postConnection = postConnection(this.host + "/pki/api/v6/verify/internal/sm2", hashMap, getHeaders(token));
        if (SUCCESS_STATUS.equals(postConnection.getString("status"))) {
            return postConnection.getJSONObject("result").getBoolean("outData").booleanValue();
        }
        throw new RuntimeException("validateHmac: " + String.valueOf(postConnection));
    }

    private String getDigest(String str, String str2) {
        HashMap hashMap = new HashMap(2);
        hashMap.put("algType", "SM3");
        hashMap.put("inData", Base64.encode(str));
        JSONObject postConnection = postConnection(this.host + "/pki/api/v6/doDigest", hashMap, getHeaders(str2));
        if (SUCCESS_STATUS.equals(postConnection.getString("status"))) {
            return postConnection.getJSONObject("result").getString("outData");
        }
        throw new RuntimeException("getDigest: " + String.valueOf(postConnection));
    }

    private String getToken() {
        String str = (String) this.tokenCache.getIfPresent("token");
        if (StrUtil.isBlank(str)) {
            String str2 = this.tenantCode + "@" + this.appCode;
            HashMap hashMap = new HashMap(2);
            hashMap.put("username", str2);
            hashMap.put("password", this.appSecret);
            JSONObject postConnection = postConnection(this.host + "/ccsp/auth/app/v1/token", hashMap, null);
            if (!Boolean.TRUE.equals(postConnection.getBoolean("success"))) {
                throw new RuntimeException("getToken: " + String.valueOf(postConnection));
            }
            str = postConnection.getJSONObject("data").getString("accessToken");
            this.tokenCache.put("token", str);
        }
        return str;
    }

    private Map<String, String> getHeaders(String str) {
        HashMap hashMap = new HashMap(3);
        hashMap.put("X-SW-Authorization-Token", str);
        hashMap.put("X-SW-Authorization-TenantCode", this.tenantCode);
        hashMap.put("X-SW-Authorization-AppCode", this.appCode);
        return hashMap;
    }

    private JSONObject postConnection(String str, Map<String, Object> map, Map<String, String> map2) {
        HttpURLConnection httpURLConnection = null;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            try {
                httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
                httpURLConnection.setDoOutput(true);
                httpURLConnection.setRequestMethod("POST");
                httpURLConnection.setRequestProperty("Content-Type", "application/json");
                if (map2 != null) {
                    for (Map.Entry<String, String> entry : map2.entrySet()) {
                        httpURLConnection.setRequestProperty(entry.getKey(), entry.getValue());
                    }
                }
                OutputStream outputStream = httpURLConnection.getOutputStream();
                outputStream.write(JSONObject.toJSONString(map).getBytes(StandardCharsets.UTF_8));
                outputStream.flush();
                outputStream.close();
                InputStream inputStream = httpURLConnection.getInputStream();
                byte[] bArr = new byte[1024];
                for (int read = inputStream.read(bArr, 0, 1024); read != -1; read = inputStream.read(bArr, 0, 1024)) {
                    byteArrayOutputStream.write(bArr, 0, read);
                }
                JSONObject jSONObject = (JSONObject) JSONObject.parseObject(byteArrayOutputStream.toString("UTF-8"), JSONObject.class);
                try {
                    byteArrayOutputStream.close();
                    if (httpURLConnection != null) {
                        httpURLConnection.disconnect();
                    }
                    return jSONObject;
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }
            } catch (Exception e2) {
                throw new RuntimeException(e2);
            }
        } catch (Throwable th) {
            try {
                byteArrayOutputStream.close();
                if (httpURLConnection != null) {
                    httpURLConnection.disconnect();
                }
                throw th;
            } catch (Exception e3) {
                throw new RuntimeException(e3);
            }
        }
    }
}
