package mymkmp.lib.net;

import android.util.Base64;
import cn.wandersnail.commons.util.m;
import cn.wandersnail.commons.util.t;
import com.alipay.sdk.m.s.a;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import java.security.Key;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import kotlin.collections.CollectionsKt__MutableCollectionsJVMKt;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.SourceDebugExtension;
import kotlin.text.Charsets;
import mymkmp.lib.utils.CompressUtil;
import x.d;
import x.e;

/* compiled from: ApiSecurityProcessor.kt */
@SourceDebugExtension({"SMAP\nApiSecurityProcessor.kt\nKotlin\n*S Kotlin\n*F\n+ 1 ApiSecurityProcessor.kt\nmymkmp/lib/net/ApiSecurityProcessor\n+ 2 _Collections.kt\nkotlin/collections/CollectionsKt___CollectionsKt\n*L\n1#1,136:1\n1855#2,2:137\n*S KotlinDebug\n*F\n+ 1 ApiSecurityProcessor.kt\nmymkmp/lib/net/ApiSecurityProcessor\n*L\n78#1:137,2\n*E\n"})
/* loaded from: classes4.dex */
public final class ApiSecurityProcessor {

    @d
    public static final String AES_CIPHER_ALGORITHM = "AES/CBC/PKCS5Padding";

    @d
    public static final Companion Companion = new Companion(null);

    @d
    private static final String SIGN_ALGORITHM = "HmacSHA256";
    private SecretKey aesKey;
    public DynamicSignKeyProvider dynamicSignKeyProvider;
    private String encryptedAesKey;

    @d
    private final Gson gson;
    private String kitsId;
    private PublicKey publicKey;
    private SecretKey signKey;

    /* compiled from: ApiSecurityProcessor.kt */
    /* loaded from: classes4.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    /* compiled from: ApiSecurityProcessor.kt */
    /* loaded from: classes4.dex */
    public interface DynamicSignKeyProvider {
        @d
        byte[] getKey(@d String str, @d String str2, int i2);
    }

    public ApiSecurityProcessor() {
        Gson create = new GsonBuilder().disableHtmlEscaping().create();
        Intrinsics.checkNotNullExpressionValue(create, "GsonBuilder().disableHtmlEscaping().create()");
        this.gson = create;
    }

    public static /* synthetic */ Map createEncryptParams$default(ApiSecurityProcessor apiSecurityProcessor, Map map, Object obj, boolean z2, int i2, Object obj2) throws Exception {
        if ((i2 & 4) != 0) {
            z2 = true;
        }
        return apiSecurityProcessor.createEncryptParams(map, obj, z2);
    }

    public static /* synthetic */ Map createSignedParams$default(ApiSecurityProcessor apiSecurityProcessor, Map map, Map map2, boolean z2, int i2, Object obj) {
        if ((i2 & 4) != 0) {
            z2 = true;
        }
        return apiSecurityProcessor.createSignedParams(map, map2, z2);
    }

    @d
    public final Map<String, Object> createEncryptParams(@d Map<String, String> headers, @e Object obj, boolean z2) throws Exception {
        Intrinsics.checkNotNullParameter(headers, "headers");
        if (!isReady()) {
            throw new Exception("接口加密处理器未初始化");
        }
        Cipher cipher = Cipher.getInstance(AES_CIPHER_ALGORITHM);
        SecretKey secretKey = this.aesKey;
        String str = null;
        if (secretKey == null) {
            Intrinsics.throwUninitializedPropertyAccessException("aesKey");
            secretKey = null;
        }
        cipher.init(1, secretKey);
        String iv = Base64.encodeToString(cipher.getIV(), 2);
        HashMap hashMap = new HashMap();
        String str2 = this.encryptedAesKey;
        if (str2 == null) {
            Intrinsics.throwUninitializedPropertyAccessException("encryptedAesKey");
        } else {
            str = str2;
        }
        hashMap.put("encryptedKey", str);
        if (obj != null) {
            String json = this.gson.toJson(obj);
            Intrinsics.checkNotNullExpressionValue(json, "gson.toJson(data)");
            byte[] bytes = json.getBytes(Charsets.UTF_8);
            Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
            String encryptedData = Base64.encodeToString(cipher.doFinal(bytes), 2);
            Intrinsics.checkNotNullExpressionValue(encryptedData, "encryptedData");
            hashMap.put("encryptedData", encryptedData);
        }
        Intrinsics.checkNotNullExpressionValue(iv, "iv");
        hashMap.put("iv", iv);
        createSignedParams(headers, hashMap, z2);
        return hashMap;
    }

    @d
    public final Map<String, Object> createSignedParams(@d Map<String, String> headers, @d Map<String, Object> params, boolean z2) {
        Intrinsics.checkNotNullParameter(headers, "headers");
        Intrinsics.checkNotNullParameter(params, "params");
        String nonce = t.b();
        String valueOf = String.valueOf(System.currentTimeMillis() / 1000);
        Key key = null;
        if (isReady()) {
            String str = this.kitsId;
            if (str == null) {
                Intrinsics.throwUninitializedPropertyAccessException("kitsId");
                str = null;
            }
            params.put("kitsId", str);
        }
        ArrayList<String> arrayList = new ArrayList(params.keySet());
        CollectionsKt__MutableCollectionsJVMKt.sort(arrayList);
        StringBuilder sb = new StringBuilder();
        for (String str2 : arrayList) {
            sb.append(str2);
            sb.append("=");
            sb.append(String.valueOf(params.get(str2)));
            sb.append(a.f12280n);
        }
        sb.append("nonce=");
        sb.append(nonce);
        sb.append("&timestamp=");
        sb.append(valueOf);
        Intrinsics.checkNotNullExpressionValue(nonce, "nonce");
        headers.put("SSpl-Nonce", nonce);
        headers.put("SSpl-Timestamp", valueOf);
        try {
            Mac mac = Mac.getInstance(SIGN_ALGORITHM);
            if (z2) {
                Key key2 = this.signKey;
                if (key2 == null) {
                    Intrinsics.throwUninitializedPropertyAccessException("signKey");
                } else {
                    key = key2;
                }
            } else {
                key = new SecretKeySpec(getDynamicSignKeyProvider().getKey(nonce, valueOf, 32), SIGN_ALGORITHM);
            }
            mac.init(key);
            String sb2 = sb.toString();
            Intrinsics.checkNotNullExpressionValue(sb2, "sb.toString()");
            byte[] bytes = sb2.getBytes(Charsets.UTF_8);
            Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
            String n2 = t.n(mac.doFinal(bytes), "");
            Intrinsics.checkNotNullExpressionValue(n2, "toHex(mac.doFinal(sb.toS…ing().toByteArray()), \"\")");
            String lowerCase = n2.toLowerCase(Locale.ROOT);
            Intrinsics.checkNotNullExpressionValue(lowerCase, "this as java.lang.String).toLowerCase(Locale.ROOT)");
            headers.put("SSpl-Sign", lowerCase);
        } catch (Exception e2) {
            m.g("MKMP-API ApiSecurityProcessor", "参数签名异常", e2);
        }
        return params;
    }

    @d
    public final String decryptData(@d String encryptedData, @d String iv, boolean z2) throws Exception {
        Intrinsics.checkNotNullParameter(encryptedData, "encryptedData");
        Intrinsics.checkNotNullParameter(iv, "iv");
        if (!isReady()) {
            m.f("MKMP-API ApiSecurityProcessor", "接口加密处理器未初始化");
            return "";
        }
        Cipher cipher = Cipher.getInstance(AES_CIPHER_ALGORITHM);
        SecretKey secretKey = this.aesKey;
        if (secretKey == null) {
            Intrinsics.throwUninitializedPropertyAccessException("aesKey");
            secretKey = null;
        }
        cipher.init(2, secretKey, new IvParameterSpec(Base64.decode(iv, 2)));
        byte[] decryptedData = cipher.doFinal(Base64.decode(encryptedData, 2));
        if (!z2) {
            Intrinsics.checkNotNullExpressionValue(decryptedData, "decryptedData");
            return new String(decryptedData, Charsets.UTF_8);
        }
        byte[] decompressByGZIP = CompressUtil.decompressByGZIP(decryptedData);
        Intrinsics.checkNotNullExpressionValue(decompressByGZIP, "decompressByGZIP(decryptedData)");
        return new String(decompressByGZIP, Charsets.UTF_8);
    }

    @d
    public final DynamicSignKeyProvider getDynamicSignKeyProvider() {
        DynamicSignKeyProvider dynamicSignKeyProvider = this.dynamicSignKeyProvider;
        if (dynamicSignKeyProvider != null) {
            return dynamicSignKeyProvider;
        }
        Intrinsics.throwUninitializedPropertyAccessException("dynamicSignKeyProvider");
        return null;
    }

    public final boolean init$base_release(@d String kitsId, @d byte[] publicKeyBytes, @d byte[] signKeyBytes) {
        Intrinsics.checkNotNullParameter(kitsId, "kitsId");
        Intrinsics.checkNotNullParameter(publicKeyBytes, "publicKeyBytes");
        Intrinsics.checkNotNullParameter(signKeyBytes, "signKeyBytes");
        this.kitsId = kitsId;
        try {
            PublicKey generatePublic = KeyFactory.getInstance(com.alipay.sdk.m.n.d.f12139a).generatePublic(new X509EncodedKeySpec(publicKeyBytes));
            Intrinsics.checkNotNullExpressionValue(generatePublic, "factory.generatePublic(X…dKeySpec(publicKeyBytes))");
            this.publicKey = generatePublic;
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(256);
            SecretKey generateKey = keyGenerator.generateKey();
            Intrinsics.checkNotNullExpressionValue(generateKey, "keyGenerator.generateKey()");
            this.aesKey = generateKey;
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            PublicKey publicKey = this.publicKey;
            SecretKey secretKey = null;
            if (publicKey == null) {
                Intrinsics.throwUninitializedPropertyAccessException("publicKey");
                publicKey = null;
            }
            cipher.init(1, publicKey);
            SecretKey secretKey2 = this.aesKey;
            if (secretKey2 == null) {
                Intrinsics.throwUninitializedPropertyAccessException("aesKey");
            } else {
                secretKey = secretKey2;
            }
            String encodeToString = Base64.encodeToString(cipher.doFinal(secretKey.getEncoded()), 2);
            Intrinsics.checkNotNullExpressionValue(encodeToString, "encodeToString(cipher.do…encoded), Base64.NO_WRAP)");
            this.encryptedAesKey = encodeToString;
            this.signKey = new SecretKeySpec(signKeyBytes, SIGN_ALGORITHM);
            m.d("MKMP-API ApiSecurityProcessor", "接口加密处理器初始化成功");
            return true;
        } catch (Exception e2) {
            m.g("MKMP-API ApiSecurityProcessor", "接口加密处理器初始化失败", e2);
            return false;
        }
    }

    public final boolean isReady() {
        return (this.publicKey == null || this.aesKey == null || this.encryptedAesKey == null || this.signKey == null || this.dynamicSignKeyProvider == null) ? false : true;
    }

    public final void setDynamicSignKeyProvider(@d DynamicSignKeyProvider dynamicSignKeyProvider) {
        Intrinsics.checkNotNullParameter(dynamicSignKeyProvider, "<set-?>");
        this.dynamicSignKeyProvider = dynamicSignKeyProvider;
    }
}
