package com.supwisdom.goa.user.passwordencoder.nwpu;

import com.alibaba.fastjson.JSONObject;
import com.supwisdom.goa.common.utils.HttpUtil;
import com.supwisdom.goa.system.domain.KeyStore;
import com.supwisdom.goa.system.repo.KeyStoreRepository;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.TreeSet;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;

/* loaded from: input_file:com/supwisdom/goa/user/passwordencoder/nwpu/SM3HashUtil.class */
public class SM3HashUtil implements InitializingBean {
    private static final Logger log = LoggerFactory.getLogger(SM3HashUtil.class);

    @Autowired
    private KeyStoreRepository keyStoreRepository;

    @Value("${nwpu.sm.server.url:}")
    private String serverUrl;

    @Value("${nwpu.sm.sm3Hash.enabled:false}")
    private Boolean sm3HashEnabled;
    private static final String KEY_TYPE_NWPU_SM3 = "NWPU_SM3";
    private static SM3HashUtil instance;

    @Value("${nwpu.sm.version:1.0}")
    private String version = "1.0";

    @Value("${nwpu.sm.signAlgo:HmacSHA256}")
    private String signAlgo = "HmacSHA256";

    @Value("${nwpu.sm.signKey:0v3AGIl9CQzBq6td3ZfYKMNvne0Ohs94}")
    private String signKey = "0v3AGIl9CQzBq6td3ZfYKMNvne0Ohs94";

    @Value("${nwpu.sm.appId:APP_7CD24B5130C94542A7967E21557F5B5C}")
    private String appId = "APP_7CD24B5130C94542A7967E21557F5B5C";

    @Value("${nwpu.sm.deviceId:DEV_0E37EC8229E04255BA4289231FB053FB}")
    private String deviceId = "DEV_0E37EC8229E04255BA4289231FB053FB";
    private KeyStore curKeyStore = null;
    private Map<String, KeyStore> mapKeyStore = new ConcurrentHashMap();

    public static void main(String[] strArr) {
        System.out.println("KUwFnpe6ErN1cg+lpE4g/uAxGIz2n89HWFNtYdi/60A=$$59f3606c-1823-4bb9-960a-c299f6ad3194".split("\\$\\$")[1]);
        new SM3HashUtil();
        UUID.randomUUID().toString();
        UUID.randomUUID().toString();
        Base64.encodeBase64String("12345678".getBytes());
        Base64.encodeBase64String("kingstar".getBytes());
    }

    public void afterPropertiesSet() throws Exception {
        initKeyStore();
        instance = this;
    }

    private void initKeyStore() {
        if (!this.sm3HashEnabled.booleanValue()) {
            log.warn("SM3HashUtil initKeyStore, skip, sm3 hash disabled.");
            return;
        }
        log.info("SM3HashUtil initKeyStore");
        List<KeyStore> selectByKeyType = this.keyStoreRepository.selectByKeyType(KEY_TYPE_NWPU_SM3);
        if (selectByKeyType != null && selectByKeyType.size() > 0) {
            log.info("SM3HashUtil initKeyStore load");
            for (KeyStore keyStore : selectByKeyType) {
                if (keyStore.getStatus().intValue() == 1) {
                    this.curKeyStore = keyStore;
                }
                if (keyStore.getStatus().intValue() == 1 || keyStore.getStatus().intValue() == 2) {
                    this.mapKeyStore.put(keyStore.getKeyId(), keyStore);
                }
            }
        }
        if (this.curKeyStore == null) {
            log.info("SM3HashUtil initKeyStore init");
            try {
                JSONObject createKey = createKey(this.serverUrl, this.signKey, UUID.randomUUID().toString(), this.version, this.signAlgo, this.appId, this.deviceId, "ENCRYPT/DECRYPT", "SM4_128");
                if (createKey != null && createKey.containsKey("status") && createKey.getIntValue("status") == 200 && createKey.containsKey("data")) {
                    JSONObject jSONObject = createKey.getJSONObject("data");
                    String string = createKey.getJSONObject("data").getString("keyId");
                    KeyStore newKey = this.keyStoreRepository.newKey(KEY_TYPE_NWPU_SM3, UUID.randomUUID().toString(), string, "HMAC_SM3", "西工大密码服务平台", jSONObject.toJSONString());
                    this.curKeyStore = newKey;
                    this.mapKeyStore.put(newKey.getKeyId(), newKey);
                }
            } catch (Exception e) {
                log.error("SM3HashUtil initKeyStore init, error, {}", e.getMessage());
            }
        }
        log.info("SM3HashUtil initKeyStore finish");
    }

    public static SM3HashUtil instance() {
        return instance;
    }

    public String encode(CharSequence charSequence) {
        if (this.sm3HashEnabled.booleanValue()) {
            String encodeByKeyStore = encodeByKeyStore(charSequence, this.curKeyStore);
            return encodeByKeyStore != null ? encodeByKeyStore : charSequence.toString();
        }
        log.warn("SM3HashUtil encode, skip, sm3 hash disabled.");
        return charSequence.toString();
    }

    public boolean matches(CharSequence charSequence, String str) {
        String encodeByKeyStore;
        if (!this.sm3HashEnabled.booleanValue()) {
            log.warn("SM3HashUtil matches, skip, sm3 hash disabled.");
            return str.equals(charSequence.toString());
        }
        if (str.indexOf("$$") <= 0) {
            return str.equals(charSequence.toString());
        }
        String str2 = str.split("\\$\\$")[1];
        if (!this.mapKeyStore.containsKey(str2) || (encodeByKeyStore = encodeByKeyStore(charSequence, this.mapKeyStore.get(str2))) == null) {
            return false;
        }
        return str.equals(encodeByKeyStore);
    }

    private String encodeByKeyStore(CharSequence charSequence, KeyStore keyStore) {
        JSONObject hmac = hmac(this.serverUrl, this.signKey, UUID.randomUUID().toString(), this.version, this.signAlgo, this.appId, this.deviceId, keyStore.getKey(), Base64.encodeBase64String(charSequence.toString().getBytes()));
        if (hmac == null || !hmac.containsKey("status") || !"200".equals(hmac.getString("status")) || !hmac.containsKey("data")) {
            return null;
        }
        return hmac.getJSONObject("data").getString("hmac") + "$$" + keyStore.getKeyId();
    }

    public static String HMACSHA256(String str, String str2) {
        byte[] bArr = null;
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(new SecretKeySpec(str2.getBytes(), "HmacSHA256"));
            bArr = mac.doFinal(str.getBytes("UTF-8"));
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        } catch (IllegalStateException e2) {
            e2.printStackTrace();
        } catch (InvalidKeyException e3) {
            e3.printStackTrace();
        } catch (NoSuchAlgorithmException e4) {
            e4.printStackTrace();
        }
        if (bArr == null) {
            return null;
        }
        try {
            return Base64.encodeBase64String(bArr);
        } catch (Exception e5) {
            e5.printStackTrace();
            return null;
        }
    }

    @Deprecated
    public static JSONObject generateKeyPair(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, Integer num) {
        TreeSet treeSet = new TreeSet();
        treeSet.add("transId=" + str3);
        treeSet.add("version=" + str4);
        treeSet.add("signAlgo=" + str5);
        treeSet.add("appId=" + str6);
        treeSet.add("deviceId=" + str7);
        treeSet.add("keyStore=" + str8);
        treeSet.add("keyType=" + str9);
        treeSet.add("keyLength=" + num);
        String HMACSHA256 = HMACSHA256(StringUtils.join(treeSet, "&"), str2);
        JSONObject jSONObject = null;
        String str10 = str + "/chiron/v1/system/generateKeyPair";
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        hashMap2.put("Content-Type", "application/json;charset=UTF-8");
        HashMap hashMap3 = new HashMap();
        hashMap3.put("transId", str3);
        hashMap3.put("version", str4);
        hashMap3.put("signAlgo", str5);
        hashMap3.put("appId", str6);
        hashMap3.put("deviceId", str7);
        hashMap3.put("signature", HMACSHA256);
        hashMap3.put("keyStore", str8);
        hashMap3.put("keyType", str9);
        hashMap3.put("keyLength", num);
        String jSONString = JSONObject.toJSONString(hashMap3);
        try {
            log.debug("curl -i -s -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '" + jSONString + "' '" + str10 + "'");
            String parseHttpResponse = HttpUtil.parseHttpResponse(HttpUtil.execute(str10, "POST", (String) null, (String) null, hashMap, hashMap2, jSONString));
            log.debug(parseHttpResponse);
            jSONObject = JSONObject.parseObject(parseHttpResponse);
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (jSONObject == null) {
            return null;
        }
        log.debug(JSONObject.toJSONString(jSONObject));
        return jSONObject;
    }

    @Deprecated
    public static JSONObject sdfexHash(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, String str10, String str11) {
        TreeSet treeSet = new TreeSet();
        treeSet.add("transId=" + str3);
        treeSet.add("version=" + str4);
        treeSet.add("signAlgo=" + str5);
        treeSet.add("appId=" + str6);
        treeSet.add("deviceId=" + str7);
        treeSet.add("algID=" + str8);
        treeSet.add("publicKey=" + str9);
        treeSet.add("userId=" + str10);
        treeSet.add("source=" + str11);
        String HMACSHA256 = HMACSHA256(StringUtils.join(treeSet, "&"), str2);
        JSONObject jSONObject = null;
        String str12 = str + "/mops-server/sdfexHash";
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        hashMap2.put("Content-Type", "application/json;charset=UTF-8");
        HashMap hashMap3 = new HashMap();
        hashMap3.put("transId", str3);
        hashMap3.put("version", str4);
        hashMap3.put("signAlgo", str5);
        hashMap3.put("appId", str6);
        hashMap3.put("deviceId", str7);
        hashMap3.put("signature", HMACSHA256);
        hashMap3.put("algID", str8);
        hashMap3.put("publicKey", str9);
        hashMap3.put("userId", str10);
        hashMap3.put("source", str11);
        String jSONString = JSONObject.toJSONString(hashMap3);
        try {
            log.debug("curl -i -s -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '" + jSONString + "' '" + str12 + "'");
            String parseHttpResponse = HttpUtil.parseHttpResponse(HttpUtil.execute(str12, "POST", (String) null, (String) null, hashMap, hashMap2, jSONString));
            log.debug(parseHttpResponse);
            jSONObject = JSONObject.parseObject(parseHttpResponse);
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (jSONObject == null) {
            return null;
        }
        log.debug(JSONObject.toJSONString(jSONObject));
        return jSONObject;
    }

    public static JSONObject createKey(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9) {
        TreeSet treeSet = new TreeSet();
        treeSet.add("transId=" + str3);
        treeSet.add("version=" + str4);
        treeSet.add("signAlgo=" + str5);
        treeSet.add("appId=" + str6);
        treeSet.add("deviceId=" + str7);
        treeSet.add("keyUsage=" + str8);
        treeSet.add("keySpec=" + str9);
        String HMACSHA256 = HMACSHA256(StringUtils.join(treeSet, "&"), str2);
        JSONObject jSONObject = null;
        String str10 = str + "/chiron/v1/system/createKey";
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        hashMap2.put("Content-Type", "application/json;charset=UTF-8");
        HashMap hashMap3 = new HashMap();
        hashMap3.put("transId", str3);
        hashMap3.put("version", str4);
        hashMap3.put("signAlgo", str5);
        hashMap3.put("appId", str6);
        hashMap3.put("deviceId", str7);
        hashMap3.put("signature", HMACSHA256);
        hashMap3.put("keyUsage", str8);
        hashMap3.put("keySpec", str9);
        String jSONString = JSONObject.toJSONString(hashMap3);
        try {
            log.debug("curl -i -s -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '" + jSONString + "' '" + str10 + "'");
            String parseHttpResponse = HttpUtil.parseHttpResponse(HttpUtil.execute(str10, "POST", (String) null, (String) null, hashMap, hashMap2, jSONString));
            log.debug(parseHttpResponse);
            jSONObject = JSONObject.parseObject(parseHttpResponse);
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (jSONObject == null) {
            return null;
        }
        log.debug(JSONObject.toJSONString(jSONObject));
        return jSONObject;
    }

    public static JSONObject hmac(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9) {
        TreeSet treeSet = new TreeSet();
        treeSet.add("transId=" + str3);
        treeSet.add("version=" + str4);
        treeSet.add("signAlgo=" + str5);
        treeSet.add("appId=" + str6);
        treeSet.add("deviceId=" + str7);
        treeSet.add("keyId=" + str8);
        treeSet.add("source=" + str9);
        String HMACSHA256 = HMACSHA256(StringUtils.join(treeSet, "&"), str2);
        JSONObject jSONObject = null;
        String str10 = str + "/cmk/v1/hmac";
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        hashMap2.put("Content-Type", "application/json;charset=UTF-8");
        HashMap hashMap3 = new HashMap();
        hashMap3.put("transId", str3);
        hashMap3.put("version", str4);
        hashMap3.put("signAlgo", str5);
        hashMap3.put("appId", str6);
        hashMap3.put("deviceId", str7);
        hashMap3.put("signature", HMACSHA256);
        hashMap3.put("keyId", str8);
        hashMap3.put("source", str9);
        String jSONString = JSONObject.toJSONString(hashMap3);
        try {
            log.debug("curl -i -s -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '" + jSONString + "' '" + str10 + "'");
            String parseHttpResponse = HttpUtil.parseHttpResponse(HttpUtil.execute(str10, "POST", (String) null, (String) null, hashMap, hashMap2, jSONString));
            log.debug(parseHttpResponse);
            jSONObject = JSONObject.parseObject(parseHttpResponse);
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (jSONObject == null) {
            return null;
        }
        log.debug(JSONObject.toJSONString(jSONObject));
        return jSONObject;
    }
}
