package com.mdsol.mauth.util;

import com.mdsol.mauth.MAuthRequest;
import com.mdsol.mauth.exceptions.MAuthSigningException;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.SequenceInputStream;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.nio.file.Paths;
import java.security.DigestInputStream;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Arrays;
import java.util.UUID;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.lang3.tuple.Pair;
import org.bouncycastle.crypto.CryptoException;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.encodings.PKCS1Encoding;
import org.bouncycastle.crypto.engines.RSAEngine;
import org.bouncycastle.crypto.util.PrivateKeyFactory;
import org.bouncycastle.crypto.util.PublicKeyFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/mdsol/mauth/util/MAuthSignatureHelper.class */
public class MAuthSignatureHelper {
    private static final Logger logger = LoggerFactory.getLogger(MAuthSignatureHelper.class);
    private static final Pattern PATTERN_HEX_LOWCASE = Pattern.compile("%[a-f0-9]{2}");

    @Deprecated
    public static String generateUnencryptedSignature(UUID uuid, String str, String str2, String str3, String str4) {
        logger.debug("Generating String to sign for V1");
        return str + "\n" + str2 + "\n" + str3 + "\n" + uuid.toString() + "\n" + str4;
    }

    @Deprecated
    public static byte[] generateUnencryptedSignature(UUID uuid, String str, String str2, byte[] bArr, String str3) throws IOException {
        logger.debug("Generating byte[] to sign for V1");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        String str4 = "\n" + uuid.toString() + "\n" + str3;
        byteArrayOutputStream.write((str + "\n" + str2 + "\n").getBytes(StandardCharsets.UTF_8));
        byteArrayOutputStream.write(bArr);
        byteArrayOutputStream.write(str4.getBytes(StandardCharsets.UTF_8));
        return byteArrayOutputStream.toByteArray();
    }

    @Deprecated
    public static String generateDigestedMessageV1(MAuthRequest mAuthRequest) throws IOException {
        logger.debug("Digest unencryptedSignature for V1");
        return getHexEncodedDigestedString(createSequenceInputStreamV1(mAuthRequest.getAppUUID(), mAuthRequest.getHttpMethod(), mAuthRequest.getResourcePath(), mAuthRequest.getBodyInputStream(), String.valueOf(mAuthRequest.getRequestTime())));
    }

    @Deprecated
    public static SequenceInputStream createSequenceInputStreamV1(UUID uuid, String str, String str2, InputStream inputStream, String str3) {
        return new SequenceInputStream(new ByteArrayInputStream((str + "\n" + str2 + "\n").getBytes(StandardCharsets.ISO_8859_1)), new SequenceInputStream(inputStream, new ByteArrayInputStream(("\n" + uuid.toString() + "\n" + str3).getBytes(StandardCharsets.ISO_8859_1))));
    }

    public static String generateStringToSignV2(UUID uuid, String str, String str2, String str3, byte[] bArr, String str4) throws MAuthSigningException {
        logger.debug("Generating String to sign for V2");
        return stringToSignV2(uuid, str, str2, str3, getHexEncodedDigestedString(bArr), str4);
    }

    public static String generateStringToSignV2(UUID uuid, String str, String str2, String str3, InputStream inputStream, String str4) throws MAuthSigningException {
        logger.debug("Generating String to sign for V2");
        return stringToSignV2(uuid, str, str2, str3, getHexEncodedDigestedString(inputStream), str4);
    }

    public static String generateStringToSignV2(MAuthRequest mAuthRequest) throws MAuthSigningException {
        logger.debug("Generating String to sign for V2");
        String valueOf = String.valueOf(mAuthRequest.getRequestTime());
        return stringToSignV2(mAuthRequest.getAppUUID(), mAuthRequest.getHttpMethod(), mAuthRequest.getResourcePath(), mAuthRequest.getQueryParameters(), getHexEncodedDigestedString(mAuthRequest.getBodyInputStream()), valueOf);
    }

    private static String stringToSignV2(UUID uuid, String str, String str2, String str3, String str4, String str5) {
        logger.debug("Generating String to sign for V2");
        return str.toUpperCase() + "\n" + normalizePath(str2) + "\n" + str4 + "\n" + uuid.toString() + "\n" + str5 + "\n" + generateEncryptedQueryParams(str3);
    }

    @Deprecated
    public static String encryptSignature(PrivateKey privateKey, String str) throws IOException, CryptoException {
        return encryptSignaturePKCS1(privateKey, getHexEncodedDigestedString(str));
    }

    @Deprecated
    public static String encryptSignature(PrivateKey privateKey, byte[] bArr) throws IOException, CryptoException {
        return encryptSignaturePKCS1(privateKey, getHexEncodedDigestedString(bArr));
    }

    @Deprecated
    public static String encryptSignature(PrivateKey privateKey, InputStream inputStream) throws IOException, CryptoException {
        return encryptSignaturePKCS1(privateKey, getHexEncodedDigestedString(inputStream));
    }

    @Deprecated
    private static String encryptSignaturePKCS1(PrivateKey privateKey, String str) throws IOException, CryptoException {
        PKCS1Encoding pKCS1Encoding = new PKCS1Encoding(new RSAEngine());
        pKCS1Encoding.init(true, PrivateKeyFactory.createKey(privateKey.getEncoded()));
        return new String(Base64.encodeBase64(pKCS1Encoding.processBlock(str.getBytes(), 0, str.getBytes().length)), StandardCharsets.UTF_8);
    }

    @Deprecated
    public static byte[] decryptSignature(PublicKey publicKey, String str) {
        try {
            byte[] decodeBase64 = Base64.decodeBase64(str);
            PKCS1Encoding pKCS1Encoding = new PKCS1Encoding(new RSAEngine());
            pKCS1Encoding.init(false, PublicKeyFactory.createKey(publicKey.getEncoded()));
            return pKCS1Encoding.processBlock(decodeBase64, 0, decodeBase64.length);
        } catch (InvalidCipherTextException | IOException e) {
            logger.error("Couldn't decrypt the signature using given public key.", e);
            throw new MAuthSigningException("Couldn't decrypt the signature using given public key.", e);
        }
    }

    public static String getHexEncodedDigestedString(String str) {
        return getHexEncodedDigestedString(str.getBytes(StandardCharsets.UTF_8));
    }

    public static String getHexEncodedDigestedString(byte[] bArr) {
        try {
            return Hex.encodeHexString(MessageDigest.getInstance("SHA-512").digest(bArr));
        } catch (NoSuchAlgorithmException e) {
            logger.error("Invalid algorithm or security provider.", e);
            throw new MAuthSigningException("Invalid algorithm or security provider.", e);
        }
    }

    public static String getHexEncodedDigestedString(InputStream inputStream) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-512");
            try {
                DigestInputStream digestInputStream = new DigestInputStream(inputStream, messageDigest);
                do {
                    try {
                    } catch (Throwable th) {
                        try {
                            digestInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                        throw th;
                    }
                } while (digestInputStream.read() != -1);
                String encodeHexString = Hex.encodeHexString(messageDigest.digest());
                digestInputStream.close();
                return encodeHexString;
            } catch (IOException e) {
                logger.error("Invalid MessageDigestInputStream.", e);
                throw new MAuthSigningException("Invalid MessageDigestInputStream.", e);
            }
        } catch (NoSuchAlgorithmException e2) {
            logger.error("Invalid algorithm or security provider.", e2);
            throw new MAuthSigningException("Invalid algorithm or security provider.", e2);
        }
    }

    public static String generateEncryptedQueryParams(String str) {
        return (str == null || str.isEmpty()) ? "" : (String) Arrays.stream(str.split("&")).filter(str2 -> {
            return !str2.isEmpty();
        }).map(str3 -> {
            String[] split = str3.split("=");
            return Pair.of(urlDecodeValue(split[0]), urlDecodeValue(split.length > 1 ? split[1] : ""));
        }).sorted().map(pair -> {
            return urlEncodeValue((String) pair.getKey()) + "=" + urlEncodeValue((String) pair.getValue());
        }).collect(Collectors.joining("&"));
    }

    private static String urlEncodeValue(String str) {
        if (str == null || str.isEmpty()) {
            return str;
        }
        try {
            return URLEncoder.encode(str, StandardCharsets.UTF_8.toString()).replace("+", "%20").replace("%7E", "~").replace("*", "%2A");
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e.getCause());
        }
    }

    private static String urlDecodeValue(String str) {
        if (str == null || str.isEmpty()) {
            return str;
        }
        try {
            return URLDecoder.decode(str.replaceAll("%(?![0-9a-fA-F]{2})", "%25").replaceAll("\\+", " "), StandardCharsets.UTF_8.toString());
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e.getCause());
        }
    }

    public static String normalizePath(String str) {
        if (str == null || str.isEmpty()) {
            return "";
        }
        Matcher matcher = PATTERN_HEX_LOWCASE.matcher(str);
        StringBuffer stringBuffer = new StringBuffer();
        while (matcher.find()) {
            matcher.appendReplacement(stringBuffer, matcher.group().toUpperCase());
        }
        matcher.appendTail(stringBuffer);
        String path = Paths.get(stringBuffer.toString(), new String[0]).normalize().toString();
        if (!path.endsWith("/") && (str.endsWith("/") || str.endsWith("/.") || str.endsWith("/.."))) {
            path = path.concat("/");
        }
        return path;
    }

    public static String encryptSignatureRSA(PrivateKey privateKey, String str) throws InvalidKeyException, NoSuchAlgorithmException, SignatureException {
        Signature signature = Signature.getInstance("SHA512WithRSA");
        signature.initSign(privateKey);
        signature.update(str.getBytes(StandardCharsets.UTF_8));
        return new String(Base64.encodeBase64(signature.sign()), StandardCharsets.UTF_8);
    }

    public static boolean verifyRSA(String str, String str2, PublicKey publicKey) throws Exception {
        Signature signature = Signature.getInstance("SHA512withRSA");
        signature.initVerify(publicKey);
        signature.update(str.getBytes(StandardCharsets.UTF_8));
        return signature.verify(Base64.decodeBase64(str2.getBytes()));
    }
}
