package fr.paris.lutece.plugins.paybox;

import fr.paris.lutece.plugins.paybox.item.PayboxUrlItem;
import fr.paris.lutece.plugins.paybox.util.PayboxConstants;
import fr.paris.lutece.plugins.paybox.util.PayboxUserProperties;
import fr.paris.lutece.portal.service.util.AppLogService;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Map;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.lang.StringUtils;
import org.bouncycastle.util.io.pem.PemReader;
import org.joda.time.DateTime;
import org.joda.time.format.ISODateTimeFormat;

/* loaded from: input_file:fr/paris/lutece/plugins/paybox/PayboxUtil.class */
public final class PayboxUtil {
    private static final String CHARSET = "utf-8";
    private static final String ENCRYPTION_ALGORITHM = "RSA";
    private static final String HASH_ENCRYPTION_ALGORITHM = "SHA1withRSA";
    private static final String HASH_METHOD = "Sha512";
    private static final String HMAC_METHOD = "HmacSHA512";

    private PayboxUtil() {
    }

    private static String addKeyValueElement(boolean z, Map.Entry<String, String> entry) {
        StringBuilder sb = new StringBuilder();
        sb.append(entry.getKey());
        sb.append('=');
        if (z) {
            try {
                sb.append(URLEncoder.encode(entry.getValue(), CHARSET));
            } catch (UnsupportedEncodingException e) {
                AppLogService.error(e);
            }
        } else {
            sb.append(entry.getValue());
        }
        return sb.toString();
    }

    public static String buildPayboxUrl(Long l, String str, String str2) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put(PayboxConstants.PBX_SITE, PayboxUserProperties.SITE);
        linkedHashMap.put(PayboxConstants.PBX_RANG, PayboxUserProperties.RANG);
        linkedHashMap.put(PayboxConstants.PBX_IDENTIFIANT, PayboxUserProperties.IDENTIFIANT);
        linkedHashMap.put(PayboxConstants.PBX_PAYBOX, PayboxUserProperties.PAYBOX);
        linkedHashMap.put(PayboxConstants.PBX_BACKUP1, PayboxUserProperties.BACKUP1);
        linkedHashMap.put(PayboxConstants.PBX_BACKUP2, PayboxUserProperties.BACKUP2);
        linkedHashMap.put(PayboxConstants.PBX_TOTAL, String.valueOf(l));
        linkedHashMap.put(PayboxConstants.PBX_DEVISE, PayboxUserProperties.DEVISE);
        linkedHashMap.put(PayboxConstants.PBX_CMD, str);
        linkedHashMap.put(PayboxConstants.PBX_PORTEUR, str2);
        linkedHashMap.put(PayboxConstants.PBX_RETOUR, PayboxUserProperties.RETOUR);
        linkedHashMap.put(PayboxConstants.PBX_EFFECTUE, PayboxUserProperties.EFFECTUE);
        linkedHashMap.put(PayboxConstants.PBX_REFUSE, PayboxUserProperties.REFUSE);
        linkedHashMap.put(PayboxConstants.PBX_ANNULE, PayboxUserProperties.ANNULE);
        linkedHashMap.put(PayboxConstants.PBX_REPONDRE_A, PayboxUserProperties.REPONDRA);
        return buildPayboxUrl(PayboxUserProperties.URL, linkedHashMap);
    }

    public static String buildPayboxUrl(PayboxUrlItem payboxUrlItem) {
        return buildPayboxUrl(payboxUrlItem.getAmountInCents(), payboxUrlItem.getOrderReference(), payboxUrlItem.getEmail());
    }

    public static String buildPayboxUrl(String str, LinkedHashMap<String, String> linkedHashMap) {
        linkedHashMap.remove(PayboxConstants.PBX_TIME);
        linkedHashMap.remove(PayboxConstants.PBX_HASH);
        linkedHashMap.remove(PayboxConstants.PBX_HMAC);
        linkedHashMap.put(PayboxConstants.PBX_TIME, ISODateTimeFormat.dateHourMinuteSecond().print(new DateTime()));
        linkedHashMap.put(PayboxConstants.PBX_HASH, HASH_METHOD);
        linkedHashMap.put(PayboxConstants.PBX_HMAC, generateHMAC(join(linkedHashMap, false)));
        return str + '?' + join(linkedHashMap, true);
    }

    public static boolean checkSignature(String str) {
        String[] split = str.split("&");
        String[] strArr = new String[split.length - 1];
        for (int i = 0; i < split.length - 1; i++) {
            strArr[i] = split[i];
        }
        return checkSignature(StringUtils.join(strArr, "&"), split[split.length - 1].split("=")[1], PayboxUserProperties.PUBLIC_KEY_PATH);
    }

    public static boolean checkSignature(String str, String str2, String str3) {
        boolean z;
        try {
            z = verify(str, str2, getKey(str3));
        } catch (FileNotFoundException e) {
            z = false;
            AppLogService.error(e);
        } catch (IOException e2) {
            z = false;
            AppLogService.error(e2);
        } catch (InvalidKeyException e3) {
            z = false;
            AppLogService.error(e3);
        } catch (NoSuchAlgorithmException e4) {
            z = false;
            AppLogService.error(e4);
        } catch (SignatureException e5) {
            z = false;
            AppLogService.error(e5);
        } catch (InvalidKeySpecException e6) {
            z = false;
            AppLogService.error(e6);
        }
        return z;
    }

    private static String generateHMAC(String str) {
        String str2;
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(DatatypeConverter.parseHexBinary(PayboxUserProperties.KEY), HMAC_METHOD);
            Mac mac = Mac.getInstance(HMAC_METHOD);
            mac.init(secretKeySpec);
            str2 = new String(new Hex().encode(mac.doFinal(str.getBytes(CHARSET))), CHARSET);
        } catch (UnsupportedEncodingException e) {
            str2 = "";
            AppLogService.error(e);
        } catch (InvalidKeyException e2) {
            str2 = "";
            AppLogService.error(e2);
        } catch (NoSuchAlgorithmException e3) {
            str2 = "";
            AppLogService.error(e3);
        }
        return str2.toUpperCase();
    }

    private static PublicKey getKey(String str) throws NoSuchAlgorithmException, IOException, InvalidKeySpecException {
        KeyFactory keyFactory = KeyFactory.getInstance(ENCRYPTION_ALGORITHM);
        PemReader pemReader = new PemReader(new FileReader(str));
        PublicKey generatePublic = keyFactory.generatePublic(new X509EncodedKeySpec(pemReader.readPemObject().getContent()));
        pemReader.close();
        return generatePublic;
    }

    private static String join(LinkedHashMap<String, String> linkedHashMap, boolean z) {
        String[] strArr = new String[linkedHashMap.size()];
        int i = 0;
        Iterator<Map.Entry<String, String>> it = linkedHashMap.entrySet().iterator();
        while (it.hasNext()) {
            int i2 = i;
            i++;
            strArr[i2] = addKeyValueElement(z, it.next());
        }
        return StringUtils.join(strArr, '&');
    }

    private static boolean verify(String str, String str2, PublicKey publicKey) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, UnsupportedEncodingException {
        Signature signature = Signature.getInstance(HASH_ENCRYPTION_ALGORITHM);
        signature.initVerify(publicKey);
        signature.update(str.getBytes(CHARSET));
        return signature.verify(new Base64().decode(URLDecoder.decode(str2, CHARSET).getBytes(CHARSET)));
    }
}
