package kd.bos.mc.kms;

import java.lang.reflect.Method;
import java.nio.charset.Charset;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.KeyGenerator;
import kd.bos.dataentity.entity.DynamicObject;
import kd.bos.dataentity.resource.ResManager;
import kd.bos.encrypt.Encrypter;
import kd.bos.encrypt.impl.RSAEncrypterUtil;
import kd.bos.mc.common.log.LoggerBuilder;
import kd.bos.mc.entity.KmsEntity;
import kd.bos.mc.service.ArchiveKeyService;
import kd.bos.util.ExceptionUtils;
import kd.bos.util.StringUtils;
import org.slf4j.Logger;

/* loaded from: input_file:kd/bos/mc/kms/KmsHelper.class */
public class KmsHelper {
    private Encrypter encrypter;
    private Method encodeMethod;
    private Method decodeMethod;
    private static final String RANDOM_ALGORITHM = "NativePRNGNonBlocking";
    private static final String ENCRYPT_KEY_ALGORITHM = "RSA";
    private static final String DATA_KEY_ALGORITHM = "AES";
    private static final int ENCRYPT_KEY_SIZE = 2048;
    private static final int DATA_KEY_SIZE = 256;
    private static final Base64.Encoder BASE64_ENCODER = Base64.getEncoder();
    private static final Map<String, String> ENCRYPT_MAP = new HashMap();
    private static final Logger LOGGER = LoggerBuilder.getLogger(KmsHelper.class);

    public KmsHelper(DynamicObject dynamicObject) throws ClassNotFoundException, IllegalAccessException, InstantiationException, NoSuchMethodException {
        String string = dynamicObject.getString(KmsEntity.ENCRYPT);
        if (StringUtils.isEmpty(string)) {
            return;
        }
        Class<?> cls = Class.forName(ENCRYPT_MAP.get(string));
        this.encrypter = (Encrypter) cls.newInstance();
        Class<? super Object> superclass = cls.getSuperclass();
        this.encodeMethod = superclass.getDeclaredMethod("encode", String.class);
        this.decodeMethod = superclass.getDeclaredMethod("decode", String.class);
    }

    public static KeyPair generateEncryptKey(long j) {
        try {
            SecureRandom secureRandom = getSecureRandom();
            secureRandom.setSeed(j + System.currentTimeMillis());
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ENCRYPT_KEY_ALGORITHM);
            keyPairGenerator.initialize(ENCRYPT_KEY_SIZE, secureRandom);
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            LOGGER.error(ExceptionUtils.getExceptionStackTraceMessage(e));
            return null;
        }
    }

    public static String generateDataKey(long j, long j2, String str, int i) {
        try {
            SecureRandom secureRandom = getSecureRandom();
            secureRandom.setSeed((j + ArchiveKeyService.ARCHIVE_KEY_SEPARATOR + j2 + ArchiveKeyService.ARCHIVE_KEY_SEPARATOR + str).getBytes(Charset.defaultCharset()));
            KeyGenerator keyGenerator = KeyGenerator.getInstance(DATA_KEY_ALGORITHM);
            if (i == 0) {
                i = DATA_KEY_SIZE;
            }
            keyGenerator.init(i, secureRandom);
            return BASE64_ENCODER.encodeToString(keyGenerator.generateKey().getEncoded());
        } catch (Exception e) {
            LOGGER.error(ExceptionUtils.getExceptionStackTraceMessage(e));
            return null;
        }
    }

    private static SecureRandom getSecureRandom() throws Exception {
        try {
            return SecureRandom.getInstance(RANDOM_ALGORITHM);
        } catch (Exception e) {
            LOGGER.error(String.format(ResManager.loadKDString("无法初始化随机数对象，已切换模式。error：%s", "KmsHelper_0", "bos-mc-core", new Object[0]), e.getMessage()));
            return SecureRandom.getInstanceStrong();
        }
    }

    public static String getDecryptedSchemaId(PrivateKey privateKey, String str) {
        try {
            return RSAEncrypterUtil.decrypt(str, privateKey);
        } catch (Exception e) {
            LOGGER.error(ExceptionUtils.getExceptionStackTraceMessage(e));
            return null;
        }
    }

    public static String getEncryptedDataKeyId(String str, long j) {
        try {
            return RSAEncrypterUtil.encrypt(String.valueOf(j), RSAEncrypterUtil.getPrivateKey(str));
        } catch (Exception e) {
            LOGGER.error(ExceptionUtils.getExceptionStackTraceMessage(e));
            return null;
        }
    }

    static {
        ENCRYPT_MAP.put("aes256", "kd.bos.encrypt.impl.KAESEncrypter");
        ENCRYPT_MAP.put("sm4", "kd.bos.encrypt.impl.KSM4Encrypter");
    }
}
