package com.biuqu.hsm;

import com.biuqu.annotation.EncryptionSecurityAnn;
import com.biuqu.annotation.FileDataSecurityAnn;
import com.biuqu.annotation.FileSecurityAnn;
import com.biuqu.annotation.HashSecurityAnn;
import com.biuqu.annotation.IntegritySecurityAnn;
import com.biuqu.errcode.ErrCodeEnum;
import com.biuqu.exception.CommonException;
import com.biuqu.hsm.facade.HsmFacade;
import com.biuqu.model.BaseSecurity;
import com.biuqu.utils.FileUtil;
import com.biuqu.utils.ReflectionUtil;
import java.lang.annotation.Annotation;
import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.nio.charset.StandardCharsets;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.ReflectionUtils;

/* loaded from: input_file:com/biuqu/hsm/BizHsmFacade.class */
public final class BizHsmFacade {
    private static final Logger log = LoggerFactory.getLogger(BizHsmFacade.class);
    private static final String STRING_TYPE = "java.lang.String";
    private static final String BYTE_ARRAY_TYPE = "byte[]";
    private static final String INTEGRITY_KEY = "toIntegrity";
    private final HsmFacade hsm;

    public BizHsmFacade(HsmFacade hsmFacade) {
        this.hsm = hsmFacade;
    }

    public <T extends BaseSecurity> void before(T t) {
        beforeEncryption(t, EncryptionSecurityAnn.class);
        beforeEncryption(t, FileSecurityAnn.class);
        beforeEncryption(t, HashSecurityAnn.class);
        beforeIntegrity(t, IntegritySecurityAnn.class);
    }

    public <T extends BaseSecurity> void before(List<T> list) {
        Iterator<T> it = list.iterator();
        while (it.hasNext()) {
            before((BizHsmFacade) it.next());
        }
    }

    public <T extends BaseSecurity> void beforeIntegrity(List<T> list) {
        Iterator<T> it = list.iterator();
        while (it.hasNext()) {
            beforeIntegrity(it.next(), IntegritySecurityAnn.class);
        }
    }

    public <T extends BaseSecurity> void after(T t) {
        afterIntegrity(t, IntegritySecurityAnn.class);
        afterEncryption(t, EncryptionSecurityAnn.class);
        afterEncryption(t, FileSecurityAnn.class);
    }

    public <T extends BaseSecurity> void after(List<T> list) {
        Iterator<T> it = list.iterator();
        while (it.hasNext()) {
            after((BizHsmFacade) it.next());
        }
    }

    public <T extends BaseSecurity> void afterIntegrity(List<T> list) {
        Iterator<T> it = list.iterator();
        while (it.hasNext()) {
            afterIntegrity(it.next(), IntegritySecurityAnn.class);
        }
    }

    private <T extends BaseSecurity, A extends Annotation> void beforeEncryption(T t, Class<A> cls) {
        for (Field field : ReflectionUtil.getFields(t.getClass(), cls)) {
            Object field2 = ReflectionUtil.getField(t, field.getName());
            if (!(field2 instanceof String)) {
                return;
            }
            String obj = field2.toString();
            if (cls == FileSecurityAnn.class) {
                beforeFileEncryption(t, field.getName());
                return;
            } else if (cls == EncryptionSecurityAnn.class) {
                ReflectionUtil.updateField(t, field.getName(), this.hsm.encrypt(obj));
            } else if (cls == HashSecurityAnn.class) {
                ReflectionUtil.updateField(t, field.getName(), this.hsm.hash(obj));
            }
        }
    }

    private <T extends BaseSecurity, A extends Annotation> void beforeIntegrity(T t, Class<A> cls) {
        Iterator<Method> it = ReflectionUtil.getMethods(t.getClass(), cls).iterator();
        while (it.hasNext()) {
            if (INTEGRITY_KEY.equalsIgnoreCase(it.next().getName())) {
                t.setSecKey(this.hsm.sign(t.toIntegrity()));
            }
        }
    }

    private <T extends BaseSecurity> void beforeFileEncryption(T t, String str) {
        encryptFile((String) ReflectionUtil.getField(t, str), ReflectionUtil.getField(t, ReflectionUtil.getFields(t.getClass(), FileSecurityAnn.class, FileDataSecurityAnn.class).get(str)));
    }

    private <T extends BaseSecurity> void afterFileEncryption(T t, String str) {
        Map<String, String> fields = ReflectionUtil.getFields(t.getClass(), FileSecurityAnn.class, FileDataSecurityAnn.class);
        String str2 = (String) ReflectionUtil.getField(t, str);
        Field findField = ReflectionUtils.findField(t.getClass(), fields.get(str));
        ReflectionUtil.updateField(t, findField.getName(), decryptFile(str2, findField.getGenericType().getTypeName()));
        ReflectionUtil.updateField(t, str, null);
    }

    private <T extends BaseSecurity, A extends Annotation> void afterEncryption(T t, Class<A> cls) {
        for (Field field : ReflectionUtil.getFields(t.getClass(), cls)) {
            Object field2 = ReflectionUtil.getField(t, field.getName());
            if (!(field2 instanceof String)) {
                return;
            }
            String obj = field2.toString();
            if (cls == FileSecurityAnn.class) {
                afterFileEncryption(t, field.getName());
                return;
            } else if (cls == EncryptionSecurityAnn.class) {
                ReflectionUtil.updateField(t, field.getName(), this.hsm.decrypt(obj));
            }
        }
    }

    private <T extends BaseSecurity, A extends Annotation> void afterIntegrity(T t, Class<A> cls) {
        Iterator<Method> it = ReflectionUtil.getMethods(t.getClass(), cls).iterator();
        while (it.hasNext()) {
            if (INTEGRITY_KEY.equalsIgnoreCase(it.next().getName())) {
                if (!this.hsm.verify(t.toIntegrity(), t.getSecKey())) {
                    throw new CommonException(ErrCodeEnum.SIGNATURE_ERROR.getCode());
                }
                t.setSecKey(null);
            }
        }
    }

    private void encryptFile(String str, Object obj) {
        if (obj == null) {
            log.error("No data to encrypt:{}.", str);
            return;
        }
        byte[] bArr = null;
        if (obj instanceof byte[]) {
            bArr = (byte[]) obj;
        } else if (obj instanceof String) {
            bArr = obj.toString().getBytes(StandardCharsets.UTF_8);
        }
        if (bArr == null) {
            log.error("encrypt file error:{}.", str);
        } else {
            FileUtil.write(this.hsm.getEncryptHsm().encrypt(bArr), str);
        }
    }

    private Object decryptFile(String str, String str2) {
        byte[] decrypt = this.hsm.getEncryptHsm().decrypt(FileUtil.read(str));
        if (STRING_TYPE.equalsIgnoreCase(str2)) {
            return new String(decrypt);
        }
        if (BYTE_ARRAY_TYPE.equalsIgnoreCase(str2)) {
            return decrypt;
        }
        return null;
    }
}
