package org.apache.servicecomb.foundation.common.utils;

import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/foundation-common-1.2.1.jar:org/apache/servicecomb/foundation/common/utils/RSAUtils.class */
public class RSAUtils {
    private static final String RSA_ALG = "RSA";
    private static final String SIGN_ALG = "SHA256withRSA";
    private static final int KEY_SIZE = 2048;
    private static KeyFactory kf;
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) RSAUtils.class);
    private static Base64.Encoder encoder = Base64.getEncoder();
    private static Base64.Decoder decoder = Base64.getDecoder();

    public static RSAKeyPairEntry generateRSAKeyPair() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA_ALG);
            keyPairGenerator.initialize(2048, new SecureRandom());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            PublicKey publicKey = generateKeyPair.getPublic();
            return new RSAKeyPairEntry(generateKeyPair.getPrivate(), publicKey, encoder.encodeToString(publicKey.getEncoded()));
        } catch (NoSuchAlgorithmException e) {
            LOGGER.error("generate rsa keypair faild");
            throw new IllegalStateException("perhaps error occurred on jre");
        }
    }

    public static String sign(String str, PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeySpecException, SignatureException, InvalidKeyException {
        Signature signature = Signature.getInstance(SIGN_ALG);
        signature.initSign(privateKey);
        signature.update(str.getBytes());
        return encoder.encodeToString(signature.sign());
    }

    public static boolean verify(String str, String str2, String str3) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, SignatureException {
        if (null == kf) {
            throw new NoSuchAlgorithmException("RSA KeyFactory not available");
        }
        PublicKey generatePublic = kf.generatePublic(new X509EncodedKeySpec(decoder.decode(str)));
        Signature signature = Signature.getInstance(SIGN_ALG);
        signature.initVerify(generatePublic);
        signature.update(str3.getBytes());
        return signature.verify(decoder.decode(str2));
    }

    static {
        kf = null;
        try {
            kf = KeyFactory.getInstance(RSA_ALG);
        } catch (NoSuchAlgorithmException e) {
            LOGGER.error("init keyfactory error");
        }
    }
}
