package com.cntp;

import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
import com.sun.org.apache.xml.internal.security.utils.Base64;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.net.URLEncoder;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Map;
import javax.crypto.Cipher;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:com/cntp/AuthenticationTools.class */
public class AuthenticationTools {
    protected static final String X509 = "X.509";
    protected static final int MAX_ENCRYPT_BLOCK = 117;
    protected static final int MAX_DECRYPT_BLOCK = 128;
    protected static final String APP_SESSION_ID = "ssoRequestId";
    protected static final String REQUESTID = "requestId";
    protected static final String RESPONSETOKEN = "requestToken";
    protected static final String RESPONSEKEY = "responseToken";
    protected static final String TOKEN_SERVER_CERT_PATH = "tokenServerCertPath";
    protected static final String APP_KEYSTORE_PATH = "appKeyStorePath";
    protected static final String APP_KEYSTORE_ALIAS = "appKeyStoreAlias";
    protected static final String APP_KEYSTORE_ALIAS_PWD = "appKeyStoreAliasPwd";
    protected static final String KEYSTORE_TYPE = "keyStoreType";

    protected static boolean decryptSign(byte[] bArr, byte[] bArr2, String str) throws Exception {
        X509Certificate x509Certificate = (X509Certificate) getCertificate(str);
        PublicKey publicKey = x509Certificate.getPublicKey();
        Signature signature = Signature.getInstance(x509Certificate.getSigAlgName());
        signature.initVerify(publicKey);
        signature.update(bArr2);
        return signature.verify(bArr);
    }

    protected static byte[] decryptByKey(byte[] bArr, String str, String str2, String str3, String str4) throws Exception {
        PrivateKey privateKey = getPrivateKey(str, str2, str3, str4);
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(2, privateKey);
        int length = bArr.length;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        int i = 0;
        int i2 = 0;
        while (length - i > 0) {
            byte[] doFinal = length - i > MAX_DECRYPT_BLOCK ? cipher.doFinal(bArr, i, MAX_DECRYPT_BLOCK) : cipher.doFinal(bArr, i, length - i);
            byteArrayOutputStream.write(doFinal, 0, doFinal.length);
            i2++;
            i = i2 * MAX_DECRYPT_BLOCK;
        }
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.close();
        return byteArray;
    }

    protected static byte[] decodeBase64(String str) throws Base64DecodingException {
        return Base64.decode(str);
    }

    protected static byte[] decryptByPublicKey(byte[] bArr, String str) throws Exception {
        PublicKey publicKey = getPublicKey(str);
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(2, publicKey);
        int length = bArr.length;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        int i = 0;
        int i2 = 0;
        while (length - i > 0) {
            byte[] doFinal = length - i > MAX_DECRYPT_BLOCK ? cipher.doFinal(bArr, i, MAX_DECRYPT_BLOCK) : cipher.doFinal(bArr, i, length - i);
            byteArrayOutputStream.write(doFinal, 0, doFinal.length);
            i2++;
            i = i2 * MAX_DECRYPT_BLOCK;
        }
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.close();
        return byteArray;
    }

    protected static byte[] encryptByKey(String str, String str2) throws Exception {
        byte[] bytes = str.getBytes();
        PublicKey publicKey = getPublicKey(str2);
        Cipher cipher = Cipher.getInstance(publicKey.getAlgorithm());
        cipher.init(1, publicKey);
        int length = bytes.length;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        int i = 0;
        int i2 = 0;
        while (length - i > 0) {
            byte[] doFinal = length - i > MAX_ENCRYPT_BLOCK ? cipher.doFinal(bytes, i, MAX_ENCRYPT_BLOCK) : cipher.doFinal(bytes, i, length - i);
            byteArrayOutputStream.write(doFinal, 0, doFinal.length);
            i2++;
            i = i2 * MAX_ENCRYPT_BLOCK;
        }
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.close();
        return byteArray;
    }

    protected static byte[] encryptSign(byte[] bArr, String str, String str2, String str3, String str4) throws Exception {
        X509Certificate x509Certificate = (X509Certificate) getCertificate(str, str2, str3, str4);
        PrivateKey privateKey = (PrivateKey) getKeyStore(str, str3, str4).getKey(str2, str3.toCharArray());
        Signature signature = Signature.getInstance(x509Certificate.getSigAlgName());
        signature.initSign(privateKey);
        signature.update(bArr);
        return signature.sign();
    }

    protected static String encodeBase64(byte[] bArr) throws Exception {
        return Base64.encode(bArr);
    }

    protected static byte[] encryptByPrivateKey(String str, String str2, String str3, String str4, String str5) throws Exception {
        byte[] bytes = str.getBytes();
        PrivateKey privateKey = getPrivateKey(str2, str3, str4, str5);
        Cipher cipher = Cipher.getInstance(privateKey.getAlgorithm());
        cipher.init(1, privateKey);
        int length = bytes.length;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        int i = 0;
        int i2 = 0;
        while (length - i > 0) {
            byte[] doFinal = length - i > MAX_ENCRYPT_BLOCK ? cipher.doFinal(bytes, i, MAX_ENCRYPT_BLOCK) : cipher.doFinal(bytes, i, length - i);
            byteArrayOutputStream.write(doFinal, 0, doFinal.length);
            i2++;
            i = i2 * MAX_ENCRYPT_BLOCK;
        }
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.close();
        return byteArray;
    }

    protected static PublicKey getPublicKey(String str) throws Exception {
        return getCertificate(str).getPublicKey();
    }

    protected static Certificate getCertificate(String str) throws Exception {
        CertificateFactory certificateFactory = CertificateFactory.getInstance(X509);
        FileInputStream fileInputStream = new FileInputStream(str);
        Certificate generateCertificate = certificateFactory.generateCertificate(fileInputStream);
        fileInputStream.close();
        return generateCertificate;
    }

    protected static PrivateKey getPrivateKey(String str, String str2, String str3, String str4) throws Exception {
        return (PrivateKey) getKeyStore(str, str3, str4).getKey(str2, str3.toCharArray());
    }

    protected static KeyStore getKeyStore(String str, String str2, String str3) throws Exception {
        FileInputStream fileInputStream = new FileInputStream(str);
        KeyStore keyStore = KeyStore.getInstance(str3);
        keyStore.load(fileInputStream, str2.toCharArray());
        fileInputStream.close();
        return keyStore;
    }

    protected static Certificate getCertificate(String str, String str2, String str3, String str4) throws Exception {
        return getKeyStore(str, str3, str4).getCertificate(str2);
    }

    public String encryptData(JSONObject jSONObject, String str, String str2, String str3, String str4, String str5) {
        String str6 = "";
        try {
            byte[] encryptByKey = encryptByKey(jSONObject.toString(), str);
            str6 = String.valueOf(encodeBase64(encryptByKey)) + "@" + encodeBase64(encryptSign(encryptByKey, str2, str3, str4, str5));
        } catch (Exception e) {
            System.out.println(e.getMessage());
        }
        return str6;
    }

    public JSONObject decryptData(String str, String str2, String str3, String str4, String str5, String str6) {
        JSONObject jSONObject = null;
        try {
            byte[] decodeBase64 = decodeBase64(str.split("@")[0]);
            jSONObject = new JSONObject(decryptSign(decodeBase64(str.split("@")[1]), decodeBase64, str2) ? new String(decryptByKey(decodeBase64, str3, str4, str5, str6)) : "");
        } catch (Exception e) {
            System.out.println(e.getMessage());
        }
        return jSONObject;
    }

    public String encryptCookie(JSONObject jSONObject, String str, String str2, String str3, String str4) {
        String str5 = "";
        try {
            byte[] encryptByPrivateKey = encryptByPrivateKey(jSONObject.toString(), str, str2, str3, str4);
            str5 = String.valueOf(encodeBase64(encryptByPrivateKey)) + "@" + encodeBase64(encryptSign(encryptByPrivateKey, str, str2, str3, str4));
        } catch (Exception e) {
            System.out.println(e.getMessage());
        }
        return str5;
    }

    public JSONObject cookieAcquisition(String str, String str2) {
        JSONObject jSONObject = new JSONObject();
        if (str == null || "".equals(str)) {
            return null;
        }
        try {
            jSONObject.put("CNTPAuth", "CNTPAuth");
        } catch (Exception e) {
        }
        return jSONObject;
    }

    public void ssoAuth(JSONObject jSONObject, Map map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        try {
            String str2 = new RandomGUID().valueAfterMD5;
            httpServletRequest.getSession().setAttribute(APP_SESSION_ID, str2);
            jSONObject.put(REQUESTID, str2);
            httpServletResponse.sendRedirect(String.valueOf(str) + "?" + RESPONSETOKEN + "=" + URLEncoder.encode(encryptData(jSONObject, map.get(TOKEN_SERVER_CERT_PATH).toString(), map.get(APP_KEYSTORE_PATH).toString(), map.get(APP_KEYSTORE_ALIAS).toString(), map.get(APP_KEYSTORE_ALIAS_PWD).toString(), map.get(KEYSTORE_TYPE).toString())));
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public JSONObject userAcquisition(HttpServletRequest httpServletRequest, Map map) {
        if (httpServletRequest.getParameter(RESPONSEKEY) == null || "".equals(httpServletRequest.getParameter(RESPONSEKEY))) {
            return null;
        }
        JSONObject decryptData = decryptData(httpServletRequest.getParameter(RESPONSEKEY), map.get(TOKEN_SERVER_CERT_PATH).toString(), map.get(APP_KEYSTORE_PATH).toString(), map.get(APP_KEYSTORE_ALIAS).toString(), map.get(APP_KEYSTORE_ALIAS_PWD).toString(), map.get(KEYSTORE_TYPE).toString());
        if (decryptData == null) {
            return null;
        }
        try {
            String string = decryptData.getString(REQUESTID);
            if (httpServletRequest.getSession().getAttribute(APP_SESSION_ID) == null || "".equals(httpServletRequest.getSession().getAttribute(APP_SESSION_ID))) {
                return null;
            }
            String obj = httpServletRequest.getSession().getAttribute(APP_SESSION_ID).toString();
            if (string != obj && !obj.equals(obj)) {
                return null;
            }
            decryptData.remove(REQUESTID);
            return decryptData;
        } catch (JSONException e) {
            return null;
        }
    }

    public void ssoDistory(JSONObject jSONObject, Map map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        try {
            httpServletResponse.sendRedirect(String.valueOf(str) + "?" + RESPONSETOKEN + "=" + URLEncoder.encode(encryptData(jSONObject, map.get(TOKEN_SERVER_CERT_PATH).toString(), map.get(APP_KEYSTORE_PATH).toString(), map.get(APP_KEYSTORE_ALIAS).toString(), map.get(APP_KEYSTORE_ALIAS_PWD).toString(), map.get(KEYSTORE_TYPE).toString())));
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
