package cn.herodotus.engine.rest.crypto.enhance;

import cn.herodotus.engine.rest.crypto.domain.SecretKey;
import cn.herodotus.engine.rest.crypto.exception.SessionInvalidException;
import cn.herodotus.engine.rest.crypto.stamp.SecretKeyStampManager;
import cn.hutool.core.codec.Base64;
import cn.hutool.core.util.IdUtil;
import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.SecureUtil;
import cn.hutool.crypto.asymmetric.KeyType;
import java.nio.charset.StandardCharsets;
import java.time.Duration;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cn/herodotus/engine/rest/crypto/enhance/InterfaceCryptoProcessor.class */
public class InterfaceCryptoProcessor {
    private static final Logger log = LoggerFactory.getLogger(InterfaceCryptoProcessor.class);
    private static final String PKCS8_PUBLIC_KEY_BEGIN = "-----BEGIN PUBLIC KEY-----";
    private static final String PKCS8_PUBLIC_KEY_END = "-----END PUBLIC KEY-----";
    private SecretKeyStampManager secretKeyStampManager;

    public void setSecretKeyStampManager(SecretKeyStampManager secretKeyStampManager) {
        this.secretKeyStampManager = secretKeyStampManager;
    }

    private boolean isSessionValid(String str) {
        return this.secretKeyStampManager.containKey(str);
    }

    private SecretKey getSecretKey(String str) throws SessionInvalidException {
        if (isSessionValid(str)) {
            return (SecretKey) this.secretKeyStampManager.get(str);
        }
        throw new SessionInvalidException("Session key is expired!");
    }

    private Duration getExpire(Integer num) {
        return num.intValue() == 0 ? Duration.ofHours(2L) : Duration.ofSeconds(num.longValue());
    }

    public SecretKey createSecretKey(String str, Integer num) {
        if (StringUtils.isBlank(str)) {
            str = IdUtil.fastUUID();
        }
        return (SecretKey) this.secretKeyStampManager.create(str, getExpire(num));
    }

    public String exchange(String str, String str2) throws SessionInvalidException {
        SecretKey secretKey = getSecretKey(str);
        return encryptBackendAesKey(secretKey, decryptFrontendPublicKey(secretKey, str2));
    }

    private String decryptFrontendPublicKey(SecretKey secretKey, String str) {
        String str2 = StrUtil.str(SecureUtil.rsa(secretKey.getPrivateKeyBase64(), (String) null).decrypt(Base64.decode(str), KeyType.PrivateKey), StandardCharsets.UTF_8);
        log.debug("[Herodotus] |- Decrypt frontend public key, value is : [{}]", str2);
        return str2;
    }

    private String encryptBackendAesKey(SecretKey secretKey, String str) {
        String encode = Base64.encode(SecureUtil.rsa((String) null, removePkcs8Padding(str)).encrypt(secretKey.getAesKey(), KeyType.PublicKey));
        log.debug("[Herodotus] |- Encrypt aes key use frontend public key, value is : [{}]", encode);
        return encode;
    }

    private String removePkcs8Padding(String str) {
        String[] split = StringUtils.split(StringUtils.replace(str, "\n", ""), "-----");
        return ArrayUtils.isNotEmpty(split) ? split[1] : str;
    }

    public String convertPublicKeyToPkcs8Padding(String str) {
        return "-----BEGIN PUBLIC KEY-----\n" + str + "\n" + PKCS8_PUBLIC_KEY_END;
    }

    public byte[] encrypt(String str, String str2) {
        try {
            return SecureUtil.aes(StrUtil.bytes(getSecretKey(str).getAesKey(), StandardCharsets.UTF_8)).encrypt(str2);
        } catch (Exception e) {
            log.warn("[Herodotus] |- Aes can not Encrypt content [{}], Skip!", str2);
            return StrUtil.bytes(str2, StandardCharsets.UTF_8);
        }
    }

    public String encryptToString(String str, String str2) {
        String str3 = StrUtil.str(encrypt(str, str2), StandardCharsets.UTF_8);
        log.debug("[Herodotus] |- Encrypt content from [{}] to [{}].", str2, str3);
        return str3;
    }

    public byte[] decrypt(String str, String str2) {
        try {
            return SecureUtil.aes(StrUtil.bytes(getSecretKey(str).getAesKey(), StandardCharsets.UTF_8)).decrypt(Base64.decode(StrUtil.bytes(str2, StandardCharsets.UTF_8)));
        } catch (Exception e) {
            log.warn("[Herodotus] |- Aes can not Decrypt content [{}], Skip!", str2);
            return StrUtil.bytes(str2, StandardCharsets.UTF_8);
        }
    }

    public String decryptToString(String str, String str2) {
        String str3 = StrUtil.str(decrypt(str, str2), StandardCharsets.UTF_8);
        log.debug("[Herodotus] |- Decrypt content from [{}] to [{}].", str2, str3);
        return str3;
    }
}
