package co.pishfa.security;

import co.pishfa.accelerate.resource.ResourceUtils;
import co.pishfa.accelerate.utility.StrUtils;
import co.pishfa.accelerate.utility.UriUtils;
import co.pishfa.security.entity.audit.AuditLevel;
import co.pishfa.security.service.AuditService;
import java.security.GeneralSecurityException;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang3.StringEscapeUtils;
import org.owasp.validator.html.AntiSamy;
import org.owasp.validator.html.Policy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:co/pishfa/security/SecurityUtils.class */
public final class SecurityUtils {
    private static final Logger log = LoggerFactory.getLogger(SecurityUtils.class);
    private static Cipher tokenCipher = null;
    private static AntiSamy antiSamy;

    public static String hash(String str) {
        return DigestUtils.sha1Hex(str);
    }

    public static Cipher getCommonCipher() {
        if (tokenCipher == null) {
            try {
                SecretKeySpec secretKeySpec = new SecretKeySpec("post@Post_984375!".getBytes(), "AES");
                tokenCipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
                tokenCipher.init(1, secretKeySpec);
            } catch (Exception e) {
                log.error("Error init the token cipher", e);
            }
        }
        return tokenCipher;
    }

    public static String encrypt(String str) throws GeneralSecurityException {
        return new String(getCommonCipher().doFinal(str.getBytes()));
    }

    public static String escapeHtml(String str) {
        return StringEscapeUtils.escapeHtml4(str);
    }

    public static String removeHtml(String str) {
        if (str == null) {
            return null;
        }
        return str.replaceAll("\\<([a-zA-Z]|/){1}?.*?\\>", "");
    }

    public static String removeXSS(String str, boolean z) {
        if (StrUtils.isEmpty(str)) {
            return str;
        }
        try {
            if (antiSamy == null) {
                antiSamy = new AntiSamy(Policy.getInstance(ResourceUtils.getResource("antisamy.xml")));
            }
            String cleanHTML = antiSamy.scan(str, AntiSamy.SAX).getCleanHTML();
            if (z && !str.equals(cleanHTML)) {
                AuditService.getInstance().audit(str, "injecting", cleanHTML, AuditLevel.WARN);
            }
            return cleanHTML;
        } catch (Exception e) {
            log.error("", e);
            return null;
        }
    }

    public static String sanitizeUri(String str) {
        return UriUtils.sanitizeUri(str);
    }
}
