package work.gaigeshen.tripartite.pay.alipay.config;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.Signature;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
import java.util.Objects;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:work/gaigeshen/tripartite/pay/alipay/config/DefaultAlipayPrivateKey.class */
public class DefaultAlipayPrivateKey implements AlipayPrivateKey {
    private final PrivateKey privateKey;
    private final String certSerialNumber;

    public DefaultAlipayPrivateKey(PrivateKey privateKey, String str) {
        if (Objects.isNull(privateKey)) {
            throw new IllegalArgumentException("private key cannot be null");
        }
        if (Objects.isNull(str)) {
            throw new IllegalArgumentException("certificate serial number cannot be null");
        }
        this.privateKey = privateKey;
        this.certSerialNumber = str;
    }

    public static DefaultAlipayPrivateKey load(String str, String str2) throws AlipayPrivateKeyException, AlipayCertificateException {
        if (Objects.isNull(str)) {
            throw new IllegalArgumentException("private key content cannot be null");
        }
        if (Objects.isNull(str2)) {
            throw new IllegalArgumentException("certificate content cannot be null");
        }
        return new DefaultAlipayPrivateKey(genPrivateKey(str), getCertSerialNumber(new ByteArrayInputStream(str2.getBytes(StandardCharsets.UTF_8))));
    }

    public static DefaultAlipayPrivateKey loadClasspath(String str, String str2) throws AlipayPrivateKeyException, AlipayCertificateException {
        if (Objects.isNull(str)) {
            throw new IllegalArgumentException("private key classpath cannot be null");
        }
        if (Objects.isNull(str2)) {
            throw new IllegalArgumentException("certificate classpath cannot be null");
        }
        try {
            InputStream resourceAsStream = DefaultAlipayPrivateKey.class.getClassLoader().getResourceAsStream(str);
            try {
                if (Objects.isNull(resourceAsStream)) {
                    throw new AlipayPrivateKeyException("could not read resource: " + str);
                }
                String iOUtils = IOUtils.toString(resourceAsStream, StandardCharsets.UTF_8);
                if (resourceAsStream != null) {
                    resourceAsStream.close();
                }
                try {
                    resourceAsStream = DefaultAlipayPrivateKey.class.getClassLoader().getResourceAsStream(str2);
                    try {
                        if (Objects.isNull(resourceAsStream)) {
                            throw new AlipayCertificateException("could not read resource: " + str2);
                        }
                        String iOUtils2 = IOUtils.toString(resourceAsStream, StandardCharsets.UTF_8);
                        if (resourceAsStream != null) {
                            resourceAsStream.close();
                        }
                        return load(iOUtils, iOUtils2);
                    } finally {
                        if (resourceAsStream != null) {
                            try {
                                resourceAsStream.close();
                            } catch (Throwable th) {
                                th.addSuppressed(th);
                            }
                        }
                    }
                } catch (IOException e) {
                    throw new AlipayCertificateException(e.getMessage(), e);
                }
            } finally {
            }
        } catch (IOException e2) {
            throw new AlipayPrivateKeyException(e2.getMessage(), e2);
        }
    }

    public static DefaultAlipayPrivateKey loadFile(String str, String str2) throws AlipayPrivateKeyException, AlipayCertificateException {
        if (Objects.isNull(str)) {
            throw new IllegalArgumentException("private key filename cannot be null");
        }
        if (Objects.isNull(str2)) {
            throw new IllegalArgumentException("certificate filename cannot be null");
        }
        Path path = Paths.get(str, new String[0]);
        if (!Files.isReadable(path)) {
            throw new IllegalArgumentException("file not readable: " + str);
        }
        Path path2 = Paths.get(str2, new String[0]);
        if (!Files.isReadable(path2)) {
            throw new IllegalArgumentException("file not readable: " + str2);
        }
        try {
            return load(new String(Files.readAllBytes(path), StandardCharsets.UTF_8), new String(Files.readAllBytes(path2), StandardCharsets.UTF_8));
        } catch (IOException e) {
            throw new AlipayCertificateException(e.getMessage(), e);
        }
    }

    private static PrivateKey genPrivateKey(String str) throws AlipayPrivateKeyException {
        if (Objects.isNull(str)) {
            throw new IllegalArgumentException("private key content cannot be null");
        }
        try {
            return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(str)));
        } catch (NoSuchAlgorithmException e) {
            throw new AlipayPrivateKeyException("'RSA' is not supported", e);
        } catch (InvalidKeySpecException e2) {
            throw new AlipayPrivateKeyException("could not generate private key", e2);
        }
    }

    private static String getCertSerialNumber(InputStream inputStream) throws AlipayCertificateException {
        if (Objects.isNull(inputStream)) {
            throw new IllegalArgumentException("certificate input stream cannot be null");
        }
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(inputStream);
            return StringUtils.leftPad(new BigInteger(1, DigestUtils.md5(x509Certificate.getIssuerX500Principal().getName() + x509Certificate.getSerialNumber())).toString(16), 32, "0");
        } catch (GeneralSecurityException e) {
            throw new AlipayCertificateException("could not generate certificate", e);
        }
    }

    @Override // work.gaigeshen.tripartite.pay.alipay.config.AlipayPrivateKey
    public String sign(byte[] bArr) throws AlipayPrivateKeyException {
        if (Objects.isNull(bArr)) {
            throw new IllegalArgumentException("content cannot be null");
        }
        try {
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initSign(this.privateKey);
            signature.update(bArr);
            return Base64.getEncoder().encodeToString(signature.sign());
        } catch (InvalidKeyException e) {
            throw new AlipayPrivateKeyException("private key is invalid", e);
        } catch (GeneralSecurityException e2) {
            throw new AlipayPrivateKeySigningException("failed to calculate signature", e2);
        }
    }

    @Override // work.gaigeshen.tripartite.pay.alipay.config.AlipayPrivateKey
    public String getCertSerialNumber() {
        return this.certSerialNumber;
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
