package com.zjtlcb.fcloud.utils;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import java.io.IOException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.UUID;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.ByteArrayEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.util.EntityUtils;

/* loaded from: input_file:com/zjtlcb/fcloud/utils/SecurityUtil.class */
public class SecurityUtil {
    private static final Log log = LogFactory.getLog(SecurityUtil.class);
    private static String tlHttpUrl = "";
    private static String appID = "";
    private static String appSecretKey = "";
    private static String sm2PrivateKey = "";
    private static String sm2PublicKey = "";
    private static String tlPublicKey = "";
    private static String appAccessToken = null;
    private static Long getTokenTime = 0L;
    private static final Long INTERVALTIME = 3540000L;
    private static boolean isStarted = false;

    private SecurityUtil() {
    }

    public static boolean init(String str, String str2, String str3, String str4, String str5, String str6) {
        tlHttpUrl = str;
        appID = str2;
        appSecretKey = str3;
        sm2PrivateKey = str4;
        sm2PublicKey = str5;
        tlPublicKey = str6;
        if (appAccessToken != null || compareTokenTime()) {
            return true;
        }
        log.error("SecurityUtil初始化失败");
        return false;
    }

    public static String getAppAccessToken() {
        return appAccessToken;
    }

    public static JSONObject toTLBuss(JSONObject jSONObject, String str) {
        try {
            if (!jSONObject.containsKey("reqData")) {
                log.error("reqData业务参数不能空");
                return null;
            }
            if (System.currentTimeMillis() - getTokenTime.longValue() > INTERVALTIME.longValue() && !compareTokenTime()) {
                log.error("更新token接口异常");
                return null;
            }
            jSONObject.put("appID", appID);
            jSONObject.put("seqNO", new SimpleDateFormat("yyyyMMddHHmmsss").format(new Date()));
            jSONObject.put("signMethod", "SM3");
            jSONObject.put("encryptMethod", "SM4");
            jSONObject.put("appAccessToken", appAccessToken);
            log.info("调用服务：" + str);
            log.info("原请求报文：" + jSONObject.toJSONString());
            String md5_ = MD5Util.md5_(UUID.randomUUID().toString());
            jSONObject.put("sm2EncryptData", SM2Util.encryptByPublicKey(md5_, tlPublicKey));
            jSONObject.put("sm2Sign", SM2Util.signByPrivateKey(md5_, sm2PrivateKey, appID));
            jSONObject.put("sign", SM3Util.sign(jSONObject.getString("reqData") + jSONObject.getString("seqNO") + appSecretKey + md5_));
            jSONObject.put("reqData", SM4Util.encrypt(jSONObject.getString("reqData"), jSONObject.getString("seqNO") + jSONObject.getString("appAccessToken") + appSecretKey + md5_));
            log.info("TL请求报文：" + jSONObject.toJSONString());
            String doPost = doPost(jSONObject.toJSONString(), tlHttpUrl + str);
            log.info("TL响应报文：" + doPost);
            JSONObject parseObject = JSON.parseObject(doPost);
            if (!parseObject.containsKey("rspData")) {
                if (parseObject.containsKey("errorCode") && ("000008".equals(parseObject.getString("errorCode")) || "000007".equals(parseObject.getString("errorCode")))) {
                    getTokenTime = 0L;
                }
                log.info("交易异常");
                return parseObject;
            }
            String decryptByPrivateKey = SM2Util.decryptByPrivateKey(parseObject.getString("sm2EncryptData"), sm2PrivateKey);
            parseObject.put("sm2EncryptData", decryptByPrivateKey);
            if (!SM2Util.verifyByPublicKey(parseObject.getString("sm2Sign"), tlPublicKey, appID, decryptByPrivateKey)) {
                log.info("身份认证-SM2验签失败");
                return parseObject;
            }
            String decrypt = SM4Util.decrypt(parseObject.getString("rspData"), parseObject.getString("seqNO") + jSONObject.getString("appAccessToken") + appSecretKey + decryptByPrivateKey);
            if (!SM3Util.verify(decrypt + parseObject.getString("seqNO") + appSecretKey + decryptByPrivateKey, parseObject.getString("sign"))) {
                log.info("报文一致性校验失败");
                return parseObject;
            }
            parseObject.put("rspData", JSONObject.parse(decrypt));
            log.info("解密后报文：" + parseObject.toJSONString());
            return parseObject;
        } catch (Exception e) {
            e.printStackTrace();
            log.error("调用业务接口异常");
            return null;
        }
    }

    public static String getTLToken() {
        try {
            JSONObject jSONObject = new JSONObject();
            String format = new SimpleDateFormat("yyyyMMddHHmmsss").format(new Date());
            jSONObject.put("appID", appID);
            jSONObject.put("seqNO", format);
            jSONObject.put("random", MD5Util.md5_(format));
            log.info("调用服务：approveDev");
            String md5_ = MD5Util.md5_(UUID.randomUUID().toString());
            jSONObject.put("sm2EncryptData", SM2Util.encryptByPublicKey(md5_, tlPublicKey));
            jSONObject.put("sm2Sign", SM2Util.signByPrivateKey(md5_, sm2PrivateKey, appID));
            jSONObject.put("sign", SM3Util.sign(jSONObject.getString("random") + jSONObject.getString("seqNO") + appSecretKey + md5_));
            log.info("TL请求报文：" + jSONObject.toJSONString());
            String doPost = doPost(jSONObject.toJSONString(), tlHttpUrl + "approveDev");
            log.info("TL响应报文：" + doPost);
            JSONObject parseObject = JSON.parseObject(doPost);
            if (!parseObject.getString("errorCode").equals("000000")) {
                log.info("交易异常");
                return null;
            }
            String decryptByPrivateKey = SM2Util.decryptByPrivateKey(parseObject.getString("sm2EncryptData"), sm2PrivateKey);
            if (!SM2Util.verifyByPublicKey(parseObject.getString("sm2Sign"), tlPublicKey, appID, decryptByPrivateKey)) {
                log.info("身份认证-SM2验签失败");
                return null;
            }
            if (!SM3Util.verify(parseObject.getString("random") + parseObject.getString("seqNO") + decryptByPrivateKey + appSecretKey, parseObject.getString("sign"))) {
                log.info("验签失败，报文一致性校验失败");
                return null;
            }
            log.info("获得Token为：" + decryptByPrivateKey);
            if (appAccessToken == null || getTokenTime.longValue() == 0) {
                appAccessToken = decryptByPrivateKey;
                getTokenTime = Long.valueOf(System.currentTimeMillis());
            }
            parseObject.put("appAccessToken", decryptByPrivateKey);
            return decryptByPrivateKey;
        } catch (Exception e) {
            e.printStackTrace();
            log.error("调用获取token接口异常");
            return null;
        }
    }

    public static JSONObject decrypt(JSONObject jSONObject) {
        try {
            log.info("待解密报文：" + jSONObject);
            if (!jSONObject.getString("appID").equals(appID)) {
                log.error("报文有误，appID参数不一致");
                return null;
            }
            if (!jSONObject.containsKey("reqData")) {
                log.info("报文缺少reqData,交易异常");
                return jSONObject;
            }
            String decryptByPrivateKey = SM2Util.decryptByPrivateKey(jSONObject.getString("sm2EncryptData"), sm2PrivateKey);
            jSONObject.put("sm2EncryptData", decryptByPrivateKey);
            if (!SM2Util.verifyByPublicKey(jSONObject.getString("sm2Sign"), tlPublicKey, appID, decryptByPrivateKey)) {
                log.info("身份认证-SM2验签失败");
                return jSONObject;
            }
            String decrypt = SM4Util.decrypt(jSONObject.getString("reqData"), jSONObject.getString("seqNO") + jSONObject.getString("appAccessToken") + appSecretKey + decryptByPrivateKey);
            if (!SM3Util.verify(decrypt + jSONObject.getString("seqNO") + appSecretKey + decryptByPrivateKey, jSONObject.getString("sign"))) {
                log.info("报文一致性校验失败");
                return jSONObject;
            }
            jSONObject.put("reqData", JSONObject.parse(decrypt));
            log.info("解密后报文：" + jSONObject.toJSONString());
            return jSONObject;
        } catch (Exception e) {
            e.printStackTrace();
            log.error("调用解密方法异常");
            return null;
        }
    }

    public static JSONObject encrypt(JSONObject jSONObject) {
        try {
            if (!jSONObject.containsKey("rspData") || !jSONObject.getJSONObject("rspData").containsKey("head")) {
                log.error("rspData参数及head参数不能空");
                return null;
            }
            String string = jSONObject.getJSONObject("rspData").getJSONObject("head").getString("errorCode");
            if (string == null) {
                log.error("errorCode参数不能空");
                return null;
            }
            jSONObject.put("appID", appID);
            jSONObject.put("seqNO", new SimpleDateFormat("yyyyMMddHHmmsss").format(new Date()));
            jSONObject.put("signMethod", "SM3");
            jSONObject.put("encryptMethod", "SM4");
            jSONObject.put("appAccessToken", "");
            jSONObject.put("errorCode", string);
            jSONObject.put("errorMsg", jSONObject.getJSONObject("rspData").getJSONObject("head").getString("errorMsg"));
            log.info("待加密报文：" + jSONObject);
            String md5_ = MD5Util.md5_(UUID.randomUUID().toString());
            jSONObject.put("sm2EncryptData", SM2Util.encryptByPublicKey(md5_, tlPublicKey));
            jSONObject.put("sm2Sign", SM2Util.signByPrivateKey(md5_, sm2PrivateKey, appID));
            jSONObject.put("sign", SM3Util.sign(jSONObject.getString("rspData") + jSONObject.getString("seqNO") + appSecretKey + md5_));
            jSONObject.put("rspData", SM4Util.encrypt(jSONObject.getString("rspData"), jSONObject.getString("seqNO") + "" + appSecretKey + md5_));
            log.info("加密后报文：" + jSONObject.toJSONString());
            return jSONObject;
        } catch (Exception e) {
            e.printStackTrace();
            log.error("调用加密方法异常");
            return null;
        }
    }

    private static String doPost(String str, String str2) throws IOException {
        CloseableHttpClient build = HttpClientBuilder.create().build();
        HttpPost httpPost = new HttpPost(str2);
        httpPost.setEntity(new ByteArrayEntity(str.getBytes()));
        httpPost.addHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
        HttpEntity entity = build.execute(httpPost).getEntity();
        if (entity != null) {
            return new String(EntityUtils.toByteArray(entity), "UTF-8");
        }
        return null;
    }

    @Deprecated
    private static void getTokenSchedule() {
        Executors.newSingleThreadScheduledExecutor().scheduleAtFixedRate(new Runnable() { // from class: com.zjtlcb.fcloud.utils.SecurityUtil.1
            @Override // java.lang.Runnable
            public void run() {
                String unused = SecurityUtil.appAccessToken = SecurityUtil.getTLToken();
            }
        }, 0L, 59L, TimeUnit.MINUTES);
    }

    private static synchronized boolean compareTokenTime() {
        if (System.currentTimeMillis() - getTokenTime.longValue() <= INTERVALTIME.longValue()) {
            return true;
        }
        getTokenTime = 0L;
        return getTLToken() != null;
    }
}
