package me.chanjar.weixin.common.util.crypto;

import java.io.StringReader;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Random;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.commons.codec.binary.Base64;
import org.xml.sax.InputSource;

/* loaded from: input_file:me/chanjar/weixin/common/util/crypto/WxCryptUtil.class */
public class WxCryptUtil {
    private static final Base64 BASE64 = new Base64();
    private static final Charset CHARSET = StandardCharsets.UTF_8;
    private static final ThreadLocal<DocumentBuilder> BUILDER_LOCAL = new ThreadLocal<DocumentBuilder>() { // from class: me.chanjar.weixin.common.util.crypto.WxCryptUtil.1
        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.lang.ThreadLocal
        public DocumentBuilder initialValue() {
            try {
                DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
                newInstance.setExpandEntityReferences(false);
                newInstance.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
                return newInstance.newDocumentBuilder();
            } catch (ParserConfigurationException e) {
                throw new IllegalArgumentException(e);
            }
        }
    };
    protected byte[] aesKey;
    protected String token;
    protected String appidOrCorpid;

    public WxCryptUtil() {
    }

    public WxCryptUtil(String str, String str2, String str3) {
        this.token = str;
        this.appidOrCorpid = str3;
        this.aesKey = Base64.decodeBase64(str2 + "=");
    }

    private static String extractEncryptPart(String str) {
        try {
            return BUILDER_LOCAL.get().parse(new InputSource(new StringReader(str))).getDocumentElement().getElementsByTagName("Encrypt").item(0).getTextContent();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private static byte[] number2BytesInNetworkOrder(int i) {
        return new byte[]{(byte) ((i >> 24) & 255), (byte) ((i >> 16) & 255), (byte) ((i >> 8) & 255), (byte) (i & 255)};
    }

    private static int bytesNetworkOrder2Number(byte[] bArr) {
        int i = 0;
        for (int i2 = 0; i2 < 4; i2++) {
            i = (i << 8) | (bArr[i2] & 255);
        }
        return i;
    }

    private static String genRandomStr() {
        Random random = new Random();
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < 16; i++) {
            sb.append("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789".charAt(random.nextInt("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789".length())));
        }
        return sb.toString();
    }

    private static String generateXml(String str, String str2, String str3, String str4) {
        return String.format("<xml>\n<Encrypt><![CDATA[%1$s]]></Encrypt>\n<MsgSignature><![CDATA[%2$s]]></MsgSignature>\n<TimeStamp>%3$s</TimeStamp>\n<Nonce><![CDATA[%4$s]]></Nonce>\n</xml>", str, str2, str3, str4);
    }

    public String encrypt(String str) {
        String encrypt = encrypt(genRandomStr(), str);
        String l = Long.toString(System.currentTimeMillis() / 1000);
        String genRandomStr = genRandomStr();
        return generateXml(encrypt, SHA1.gen(this.token, l, genRandomStr, encrypt), l, genRandomStr);
    }

    protected String encrypt(String str, String str2) {
        ByteGroup byteGroup = new ByteGroup();
        byte[] bytes = str.getBytes(CHARSET);
        byte[] bytes2 = str2.getBytes(CHARSET);
        byte[] number2BytesInNetworkOrder = number2BytesInNetworkOrder(bytes2.length);
        byte[] bytes3 = this.appidOrCorpid.getBytes(CHARSET);
        byteGroup.addBytes(bytes);
        byteGroup.addBytes(number2BytesInNetworkOrder);
        byteGroup.addBytes(bytes2);
        byteGroup.addBytes(bytes3);
        byteGroup.addBytes(PKCS7Encoder.encode(byteGroup.size()));
        byte[] bytes4 = byteGroup.toBytes();
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            cipher.init(1, new SecretKeySpec(this.aesKey, "AES"), new IvParameterSpec(this.aesKey, 0, 16));
            return BASE64.encodeToString(cipher.doFinal(bytes4));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public String decrypt(String str, String str2, String str3, String str4) {
        String extractEncryptPart = extractEncryptPart(str4);
        if (SHA1.gen(this.token, str2, str3, extractEncryptPart).equals(str)) {
            return decrypt(extractEncryptPart);
        }
        throw new RuntimeException("加密消息签名校验失败");
    }

    public String decrypt(String str) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            cipher.init(2, new SecretKeySpec(this.aesKey, "AES"), new IvParameterSpec(Arrays.copyOfRange(this.aesKey, 0, 16)));
            try {
                byte[] decode = PKCS7Encoder.decode(cipher.doFinal(Base64.decodeBase64(str)));
                int bytesNetworkOrder2Number = bytesNetworkOrder2Number(Arrays.copyOfRange(decode, 16, 20));
                String str2 = new String(Arrays.copyOfRange(decode, 20, 20 + bytesNetworkOrder2Number), CHARSET);
                if (new String(Arrays.copyOfRange(decode, 20 + bytesNetworkOrder2Number, decode.length), CHARSET).equals(this.appidOrCorpid)) {
                    return str2;
                }
                throw new RuntimeException("AppID不正确，请核实！");
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }
}
