package com.tls.tls_sigature;

import com.tls.base64_url.base64_url;
import java.io.CharArrayReader;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.util.zip.DataFormatException;
import java.util.zip.Deflater;
import java.util.zip.Inflater;
import org.apache.http.HttpHeaders;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.encoders.Base64;
import org.json.JSONObject;

/* loaded from: input_file:BOOT-INF/lib/tls-sig-api-1.0.jar:com/tls/tls_sigature/tls_sigature.class */
public class tls_sigature {

    /* loaded from: input_file:BOOT-INF/lib/tls-sig-api-1.0.jar:com/tls/tls_sigature/tls_sigature$CheckTLSSignatureResult.class */
    public static class CheckTLSSignatureResult {
        public String errMessage = "";
        public boolean verifyResult = false;
        public int expireTime;
        public int initTime;
    }

    /* loaded from: input_file:BOOT-INF/lib/tls-sig-api-1.0.jar:com/tls/tls_sigature/tls_sigature$GenTLSSignatureResult.class */
    public static class GenTLSSignatureResult {
        public String errMessage = "";
        public String urlSig = "";
        public int expireTime;
        public int initTime;
    }

    @Deprecated
    public static GenTLSSignatureResult GenTLSSignature(long j, String str, long j2, String str2, long j3, String str3) {
        GenTLSSignatureResult genTLSSignatureResult = new GenTLSSignatureResult();
        Security.addProvider(new BouncyCastleProvider());
        CharArrayReader charArrayReader = new CharArrayReader(str3.toCharArray());
        JcaPEMKeyConverter jcaPEMKeyConverter = new JcaPEMKeyConverter();
        PEMParser pEMParser = new PEMParser(charArrayReader);
        try {
            Object readObject = pEMParser.readObject();
            pEMParser.close();
            PrivateKey privateKey = jcaPEMKeyConverter.getPrivateKey((PrivateKeyInfo) readObject);
            String str4 = "{\"TLS.account_type\":\"" + j3 + "\",\"TLS.identifier\":\"" + str2 + "\",\"TLS.appid_at_3rd\":\"" + str + "\",\"TLS.sdk_appid\":\"" + j2 + "\",\"TLS.expire_after\":\"" + j + "\"}";
            String valueOf = String.valueOf(System.currentTimeMillis() / 1000);
            String str5 = "TLS.appid_at_3rd:" + str + "\nTLS.account_type:" + j3 + "\nTLS.identifier:" + str2 + "\nTLS.sdk_appid:" + j2 + "\nTLS.time:" + valueOf + "\nTLS.expire_after:" + j + "\n";
            try {
                Signature signature = Signature.getInstance("SHA256withECDSA", BouncyCastleProvider.PROVIDER_NAME);
                signature.initSign(privateKey);
                signature.update(str5.getBytes(Charset.forName("UTF-8")));
                String base64String = Base64.toBase64String(signature.sign());
                JSONObject jSONObject = new JSONObject(str4);
                jSONObject.put("TLS.sig", base64String);
                jSONObject.put("TLS.time", valueOf);
                String jSONObject2 = jSONObject.toString();
                Deflater deflater = new Deflater();
                deflater.setInput(jSONObject2.getBytes(Charset.forName("UTF-8")));
                deflater.finish();
                byte[] bArr = new byte[512];
                int deflate = deflater.deflate(bArr);
                deflater.end();
                genTLSSignatureResult.urlSig = new String(base64_url.base64EncodeUrl(Arrays.copyOfRange(bArr, 0, deflate)));
            } catch (Exception e) {
                e.printStackTrace();
                genTLSSignatureResult.errMessage = e.getMessage();
            }
            return genTLSSignatureResult;
        } catch (IOException e2) {
            genTLSSignatureResult.errMessage = "read pem error:" + e2.getMessage();
            return genTLSSignatureResult;
        }
    }

    @Deprecated
    public static CheckTLSSignatureResult CheckTLSSignature(String str, String str2, long j, String str3, long j2, String str4) {
        String string;
        String string2;
        CheckTLSSignatureResult checkTLSSignatureResult = new CheckTLSSignatureResult();
        Security.addProvider(new BouncyCastleProvider());
        new Base64();
        byte[] base64DecodeUrl = base64_url.base64DecodeUrl(str.getBytes(Charset.forName("UTF-8")));
        Inflater inflater = new Inflater();
        inflater.setInput(base64DecodeUrl, 0, base64DecodeUrl.length);
        byte[] bArr = new byte[1024];
        try {
            int inflate = inflater.inflate(bArr);
            inflater.end();
            JSONObject jSONObject = new JSONObject(new String(Arrays.copyOfRange(bArr, 0, inflate)));
            byte[] decode = Base64.decode(jSONObject.getString("TLS.sig").getBytes(Charset.forName("UTF-8")));
            try {
                string = jSONObject.getString("TLS.time");
                string2 = jSONObject.getString("TLS.expire_after");
            } catch (Exception e) {
                e.printStackTrace();
                checkTLSSignatureResult.errMessage = "Failed in checking sig";
            }
            if ((System.currentTimeMillis() / 1000) - Long.parseLong(string) > Long.parseLong(string2)) {
                checkTLSSignatureResult.errMessage = new String("TLS sig is out of date ");
                System.out.println(HttpHeaders.TIMEOUT);
                return checkTLSSignatureResult;
            }
            String str5 = "TLS.appid_at_3rd:" + str2 + "\nTLS.account_type:" + j2 + "\nTLS.identifier:" + str3 + "\nTLS.sdk_appid:" + j + "\nTLS.time:" + string + "\nTLS.expire_after:" + string2 + "\n";
            PEMParser pEMParser = new PEMParser(new CharArrayReader(str4.toCharArray()));
            JcaPEMKeyConverter jcaPEMKeyConverter = new JcaPEMKeyConverter();
            Object readObject = pEMParser.readObject();
            pEMParser.close();
            PublicKey publicKey = jcaPEMKeyConverter.getPublicKey((SubjectPublicKeyInfo) readObject);
            Signature signature = Signature.getInstance("SHA256withECDSA", BouncyCastleProvider.PROVIDER_NAME);
            signature.initVerify(publicKey);
            signature.update(str5.getBytes(Charset.forName("UTF-8")));
            checkTLSSignatureResult.verifyResult = signature.verify(decode);
            return checkTLSSignatureResult;
        } catch (DataFormatException e2) {
            checkTLSSignatureResult.errMessage = "uncompress data error:" + e2.getMessage();
            return checkTLSSignatureResult;
        }
    }

    public static GenTLSSignatureResult GenTLSSignatureEx(long j, String str, String str2) {
        return GenTLSSignatureEx(j, str, str2, 15552000L);
    }

    public static GenTLSSignatureResult GenTLSSignatureEx(long j, String str, String str2, long j2) {
        return GenTLSSignature(j2, "0", j, str, 0L, str2);
    }

    public static CheckTLSSignatureResult CheckTLSSignatureEx(String str, long j, String str2, String str3) throws DataFormatException {
        String string;
        String string2;
        String string3;
        CheckTLSSignatureResult checkTLSSignatureResult = new CheckTLSSignatureResult();
        Security.addProvider(new BouncyCastleProvider());
        new Base64();
        byte[] base64DecodeUrl = base64_url.base64DecodeUrl(str.getBytes(Charset.forName("UTF-8")));
        Inflater inflater = new Inflater();
        inflater.setInput(base64DecodeUrl, 0, base64DecodeUrl.length);
        byte[] bArr = new byte[1024];
        int inflate = inflater.inflate(bArr);
        inflater.end();
        JSONObject jSONObject = new JSONObject(new String(Arrays.copyOfRange(bArr, 0, inflate)));
        byte[] decode = Base64.decode(jSONObject.getString("TLS.sig").getBytes(Charset.forName("UTF-8")));
        try {
            string = jSONObject.getString("TLS.sdk_appid");
            string2 = jSONObject.getString("TLS.time");
            string3 = jSONObject.getString("TLS.expire_after");
        } catch (Exception e) {
            e.printStackTrace();
            checkTLSSignatureResult.errMessage = "Failed in checking sig";
        }
        if (Integer.parseInt(string) != j) {
            checkTLSSignatureResult.errMessage = new String("sdkappid " + string + " in tls sig not equal sdkappid " + j + " in request");
            return checkTLSSignatureResult;
        }
        if ((System.currentTimeMillis() / 1000) - Long.parseLong(string2) > Long.parseLong(string3)) {
            checkTLSSignatureResult.errMessage = new String("TLS sig is out of date");
            return checkTLSSignatureResult;
        }
        String str4 = "TLS.appid_at_3rd:0\nTLS.account_type:0\nTLS.identifier:" + str2 + "\nTLS.sdk_appid:" + j + "\nTLS.time:" + string2 + "\nTLS.expire_after:" + string3 + "\n";
        PEMParser pEMParser = new PEMParser(new CharArrayReader(str3.toCharArray()));
        JcaPEMKeyConverter jcaPEMKeyConverter = new JcaPEMKeyConverter();
        Object readObject = pEMParser.readObject();
        pEMParser.close();
        PublicKey publicKey = jcaPEMKeyConverter.getPublicKey((SubjectPublicKeyInfo) readObject);
        Signature signature = Signature.getInstance("SHA256withECDSA", BouncyCastleProvider.PROVIDER_NAME);
        signature.initVerify(publicKey);
        signature.update(str4.getBytes(Charset.forName("UTF-8")));
        boolean verify = signature.verify(decode);
        checkTLSSignatureResult.expireTime = Integer.parseInt(string3);
        checkTLSSignatureResult.initTime = Integer.parseInt(string2);
        checkTLSSignatureResult.verifyResult = verify;
        return checkTLSSignatureResult;
    }
}
