package org.apache.syncope.core.util;

import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Properties;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.lang.ArrayUtils;
import org.apache.syncope.common.types.CipherAlgorithm;
import org.jasypt.commons.CommonUtils;
import org.jasypt.digest.StandardStringDigester;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.crypto.bcrypt.BCrypt;
import org.springframework.security.crypto.codec.Base64;

/* loaded from: input_file:WEB-INF/classes/org/apache/syncope/core/util/PasswordEncoder.class */
public final class PasswordEncoder {
    private static final Logger LOG = LoggerFactory.getLogger(PasswordEncoder.class);
    private static SecretKeySpec keySpec;

    public static String encode(String str, CipherAlgorithm cipherAlgorithm) throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        String str2 = null;
        if (str != null) {
            if (cipherAlgorithm == null || cipherAlgorithm == CipherAlgorithm.AES) {
                byte[] bytes = str.getBytes("UTF8");
                Cipher cipher = Cipher.getInstance(CipherAlgorithm.AES.getAlgorithm());
                cipher.init(1, keySpec);
                str2 = new String(Base64.encode(cipher.doFinal(bytes)));
            } else {
                str2 = cipherAlgorithm == CipherAlgorithm.BCRYPT ? BCrypt.hashpw(str, BCrypt.gensalt()) : getDigester(cipherAlgorithm).digest(str);
            }
        }
        return str2;
    }

    public static boolean verify(String str, CipherAlgorithm cipherAlgorithm, String str2) {
        boolean z = false;
        if (str != null) {
            if (cipherAlgorithm != null) {
                try {
                    if (cipherAlgorithm != CipherAlgorithm.AES) {
                        z = cipherAlgorithm == CipherAlgorithm.BCRYPT ? BCrypt.checkpw(str, str2) : getDigester(cipherAlgorithm).matches(str, str2);
                    }
                } catch (Exception e) {
                    LOG.error("Could not verify password", (Throwable) e);
                }
            }
            z = encode(str, cipherAlgorithm).equals(str2);
        }
        return z;
    }

    public static String decode(String str, CipherAlgorithm cipherAlgorithm) throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        String str2 = null;
        if (str != null && cipherAlgorithm == CipherAlgorithm.AES) {
            byte[] bytes = str.getBytes("UTF8");
            Cipher cipher = Cipher.getInstance(CipherAlgorithm.AES.getAlgorithm());
            cipher.init(2, keySpec);
            str2 = new String(cipher.doFinal(Base64.decode(bytes)));
        }
        return str2;
    }

    private static StandardStringDigester getDigester(CipherAlgorithm cipherAlgorithm) {
        StandardStringDigester standardStringDigester = new StandardStringDigester();
        if (cipherAlgorithm.getAlgorithm().startsWith("S-")) {
            standardStringDigester.setAlgorithm(cipherAlgorithm.getAlgorithm().replaceFirst("S\\-", ""));
            standardStringDigester.setIterations(100000);
            standardStringDigester.setSaltSizeBytes(16);
        } else {
            standardStringDigester.setAlgorithm(cipherAlgorithm.getAlgorithm());
            standardStringDigester.setIterations(1);
            standardStringDigester.setSaltSizeBytes(0);
        }
        standardStringDigester.setStringOutputType(CommonUtils.STRING_OUTPUT_TYPE_HEXADECIMAL);
        return standardStringDigester;
    }

    private PasswordEncoder() {
    }

    static {
        String str = null;
        InputStream inputStream = null;
        try {
            try {
                inputStream = PasswordEncoder.class.getResourceAsStream("/security.properties");
                Properties properties = new Properties();
                properties.load(inputStream);
                str = properties.getProperty("secretKey");
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e) {
                        LOG.error("While closing property stream", (Throwable) e);
                    }
                }
            } catch (Exception e2) {
                LOG.error("Could not read secretKey", (Throwable) e2);
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e3) {
                        LOG.error("While closing property stream", (Throwable) e3);
                    }
                }
            }
            if (str == null) {
                str = "1abcdefghilmnopqrstuvz2!";
                LOG.debug("secretKey not found, reverting to default");
            }
            if (str.length() < 16) {
                StringBuilder sb = new StringBuilder(str);
                for (int i = 0; i < 16 - str.length(); i++) {
                    sb.append('0');
                }
                str = sb.toString();
                LOG.debug("secretKey too short, adding some random characters");
            }
            try {
                keySpec = new SecretKeySpec(ArrayUtils.subarray(str.getBytes("UTF8"), 0, 16), "AES");
            } catch (Exception e4) {
                LOG.error("Error during key specification", (Throwable) e4);
            }
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e5) {
                    LOG.error("While closing property stream", (Throwable) e5);
                }
            }
            throw th;
        }
    }
}
