package cn.kinyun.pay.business.service.impl;

import cn.kinyun.pay.business.dto.request.CertValidReq;
import cn.kinyun.pay.business.dto.response.BaseResponse;
import cn.kinyun.pay.business.dto.response.CertResponse;
import cn.kinyun.pay.business.service.PayInnerCertService;
import cn.kinyun.pay.common.utils.DESUtil;
import cn.kinyun.pay.common.utils.DigitalSignatureUtil;
import cn.kinyun.pay.dao.mapper.PayCorpAppMapper;
import com.google.common.base.Preconditions;
import java.nio.charset.Charset;
import java.util.Objects;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.tuple.Pair;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.stereotype.Service;

@Service("payCertService")
/* loaded from: input_file:cn/kinyun/pay/business/service/impl/PayInnerCertServiceImpl.class */
public class PayInnerCertServiceImpl implements PayInnerCertService {
    private static final Logger log = LoggerFactory.getLogger(PayInnerCertServiceImpl.class);

    @Autowired
    @Qualifier("originStringRedisTemplate")
    private StringRedisTemplate originStringRedisTemplate;

    @Autowired
    private PayCorpAppMapper corpAppMapper;

    @Value("${innerCertKey:compt}")
    private String innerCertKey;
    private static final String privateCertField = "privateCert";
    private static final String publicCertField = "publicCert";
    private static final String salt = "jkldsajl";

    public BaseResponse<CertResponse> queryCurrentCert() {
        return BaseResponse.ok(new CertResponse(getPrivateKey()));
    }

    public BaseResponse<Boolean> certValid(CertValidReq certValidReq) {
        Preconditions.checkArgument(Objects.nonNull(certValidReq), "req 不能为空");
        certValidReq.validate();
        boolean z = false;
        try {
            z = StringUtils.equals(getPublicKey(), certValidReq.getPublicKey());
        } catch (Exception e) {
            log.error("解密失败,", e);
        }
        return BaseResponse.ok(Boolean.valueOf(z));
    }

    public String getPublicKey() {
        String str = (String) this.originStringRedisTemplate.opsForHash().get(this.innerCertKey, publicCertField);
        if (StringUtils.isEmpty(str)) {
            return (String) autoGeneratePair().getRight();
        }
        try {
            return DESUtil.decrypt(str, Charset.forName("UTF-8"), salt);
        } catch (Exception e) {
            log.error("解密失败", e);
            return null;
        }
    }

    private String getPrivateKey() {
        String str = (String) this.originStringRedisTemplate.opsForHash().get(this.innerCertKey, privateCertField);
        if (StringUtils.isEmpty(str)) {
            return (String) autoGeneratePair().getLeft();
        }
        try {
            return DESUtil.decrypt(str, Charset.forName("UTF-8"), salt);
        } catch (Exception e) {
            log.error("解密失败", e);
            return null;
        }
    }

    private Pair<String, String> autoGeneratePair() {
        try {
            Pair<String, String> tupleKey = DigitalSignatureUtil.getTupleKey();
            String str = (String) tupleKey.getLeft();
            String str2 = (String) tupleKey.getRight();
            String encrypt = DESUtil.encrypt(str, Charset.forName("UTF-8"), salt);
            String encrypt2 = DESUtil.encrypt(str2, Charset.forName("UTF-8"), salt);
            this.originStringRedisTemplate.opsForHash().put(this.innerCertKey, privateCertField, encrypt);
            this.originStringRedisTemplate.opsForHash().put(this.innerCertKey, publicCertField, encrypt2);
            return tupleKey;
        } catch (Exception e) {
            log.error("generate pri/pub pair fail", e);
            return null;
        }
    }

    public BaseResponse<String> queryAppId(String str) {
        Preconditions.checkArgument(StringUtils.isNotBlank(str), "corpId 不能为空");
        return BaseResponse.ok(this.corpAppMapper.queryAppIdByCorpId(str));
    }
}
