package work.gaigeshen.tripartite.pay.wechat.config;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
import java.util.Objects;
import javax.crypto.Cipher;

/* loaded from: input_file:work/gaigeshen/tripartite/pay/wechat/config/DefaultWechatPrivateKey.class */
public class DefaultWechatPrivateKey implements WechatPrivateKey {
    private final PrivateKey privateKey;
    private final String certSerialNumber;

    public DefaultWechatPrivateKey(PrivateKey privateKey, String str) {
        if (Objects.isNull(privateKey)) {
            throw new IllegalArgumentException("private key cannot be null");
        }
        if (Objects.isNull(str)) {
            throw new IllegalArgumentException("certificate serial number cannot be null");
        }
        this.privateKey = privateKey;
        this.certSerialNumber = str;
    }

    public static DefaultWechatPrivateKey load(String str, String str2) throws WechatPrivateKeyException {
        if (Objects.isNull(str)) {
            throw new IllegalArgumentException("private key content cannot be null");
        }
        if (Objects.isNull(str2)) {
            throw new IllegalArgumentException("certificate serial number cannot be null");
        }
        try {
            return new DefaultWechatPrivateKey(KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(str))), str2);
        } catch (NoSuchAlgorithmException e) {
            throw new WechatPrivateKeyException("'RSA' is not supported", e);
        } catch (InvalidKeySpecException e2) {
            throw new WechatPrivateKeyException("could not generate private key", e2);
        }
    }

    public static DefaultWechatPrivateKey load(InputStream inputStream, String str) throws WechatPrivateKeyException {
        if (Objects.isNull(inputStream)) {
            throw new IllegalArgumentException("private key input stream cannot be null");
        }
        if (Objects.isNull(str)) {
            throw new IllegalArgumentException("certificate serial number cannot be null");
        }
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            Throwable th = null;
            try {
                byte[] bArr = new byte[4096];
                while (true) {
                    int read = inputStream.read(bArr);
                    if (read == -1) {
                        break;
                    }
                    byteArrayOutputStream.write(bArr, 0, read);
                }
                DefaultWechatPrivateKey load = load(byteArrayOutputStream.toString("utf-8"), str);
                if (byteArrayOutputStream != null) {
                    if (0 != 0) {
                        try {
                            byteArrayOutputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        byteArrayOutputStream.close();
                    }
                }
                return load;
            } finally {
            }
        } catch (IOException e) {
            throw new WechatPrivateKeyException("could not read private key", e);
        }
    }

    public static DefaultWechatPrivateKey loadClasspath(String str, String str2) throws WechatPrivateKeyException {
        if (Objects.isNull(str)) {
            throw new IllegalArgumentException("classpath cannot be null");
        }
        if (Objects.isNull(str2)) {
            throw new IllegalArgumentException("certificate serial number cannot be null");
        }
        try {
            InputStream resourceAsStream = DefaultWechatPrivateKey.class.getClassLoader().getResourceAsStream(str);
            Throwable th = null;
            try {
                if (Objects.isNull(resourceAsStream)) {
                    throw new WechatPrivateKeyException("could not read resource: " + str);
                }
                DefaultWechatPrivateKey load = load(resourceAsStream, str2);
                if (resourceAsStream != null) {
                    if (0 != 0) {
                        try {
                            resourceAsStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        resourceAsStream.close();
                    }
                }
                return load;
            } finally {
            }
        } catch (IOException e) {
            throw new WechatPrivateKeyException("could not load from classpath: " + str, e);
        }
    }

    public static DefaultWechatPrivateKey loadFile(String str, String str2) throws WechatPrivateKeyException {
        if (Objects.isNull(str)) {
            throw new IllegalArgumentException("filename cannot be null");
        }
        if (Objects.isNull(str2)) {
            throw new IllegalArgumentException("certificate serial number cannot be null");
        }
        Path path = Paths.get(str, new String[0]);
        if (!Files.isReadable(path)) {
            throw new IllegalArgumentException("file not readable: " + str);
        }
        try {
            InputStream newInputStream = Files.newInputStream(path, new OpenOption[0]);
            Throwable th = null;
            try {
                try {
                    DefaultWechatPrivateKey load = load(newInputStream, str2);
                    if (newInputStream != null) {
                        if (0 != 0) {
                            try {
                                newInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            newInputStream.close();
                        }
                    }
                    return load;
                } finally {
                }
            } finally {
            }
        } catch (IOException e) {
            throw new WechatPrivateKeyException("could not load from file: " + str, e);
        }
    }

    @Override // work.gaigeshen.tripartite.pay.wechat.config.WechatPrivateKey
    public String sign(byte[] bArr) throws WechatPrivateKeyException {
        if (Objects.isNull(bArr)) {
            throw new IllegalArgumentException("content cannot be null");
        }
        try {
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initSign(this.privateKey);
            signature.update(bArr);
            return Base64.getEncoder().encodeToString(signature.sign());
        } catch (InvalidKeyException e) {
            throw new WechatPrivateKeyException("private key is invalid", e);
        } catch (GeneralSecurityException e2) {
            throw new WechatPrivateKeySigningException("failed to calculate signature", e2);
        }
    }

    @Override // work.gaigeshen.tripartite.pay.wechat.config.WechatPrivateKey
    public byte[] decrypt(String str) throws WechatPrivateKeyException {
        if (Objects.isNull(str)) {
            throw new IllegalArgumentException("cipher text cannot be null");
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-1AndMGF1Padding");
            cipher.init(2, this.privateKey);
            return cipher.doFinal(Base64.getDecoder().decode(str));
        } catch (InvalidKeyException e) {
            throw new WechatPrivateKeyException("private key is invalid", e);
        } catch (GeneralSecurityException e2) {
            throw new WechatPrivateKeyDecryptionException("could not decrypt", e2);
        }
    }

    @Override // work.gaigeshen.tripartite.pay.wechat.config.WechatPrivateKey
    public String getCertSerialNumber() {
        return this.certSerialNumber;
    }
}
