package org.apache.ofbiz.base.crypto;

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.lang.RandomStringUtils;
import org.apache.ofbiz.base.util.Debug;
import org.apache.ofbiz.base.util.GeneralRuntimeException;
import org.apache.ofbiz.base.util.StringUtil;
import org.apache.ofbiz.base.util.UtilIO;
import org.apache.ofbiz.base.util.UtilProperties;
import org.apache.ofbiz.base.util.UtilValidate;
import org.apache.ofbiz.base.util.string.FlexibleStringExpander;
import org.apache.ofbiz.webapp.control.LoginWorker;

/* loaded from: input_file:org/apache/ofbiz/base/crypto/HashCrypt.class */
public class HashCrypt {
    public static final String CRYPT_CHAR_SET = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./";
    private static final String PBKDF2_SHA1 = "PBKDF2-SHA1";
    private static final String PBKDF2_SHA256 = "PBKDF2-SHA256";
    private static final String PBKDF2_SHA384 = "PBKDF2-SHA384";
    private static final String PBKDF2_SHA512 = "PBKDF2-SHA512";
    public static final String module = HashCrypt.class.getName();
    private static final int PBKDF2_ITERATIONS = UtilProperties.getPropertyAsInteger(LoginWorker.securityProperties, "password.encrypt.pbkdf2.iterations", 10000).intValue();

    public static MessageDigest getMessageDigest(String str) {
        try {
            return MessageDigest.getInstance(str);
        } catch (NoSuchAlgorithmException e) {
            throw new GeneralRuntimeException("Could not load digestor(" + str + ")", e);
        }
    }

    public static boolean comparePassword(String str, String str2, String str3) {
        return str.startsWith("{PBKDF2") ? doComparePbkdf2(str, str3) : str.startsWith("{") ? doCompareTypePrefix(str, str2, str3.getBytes(UtilIO.getUtf8())) : str.startsWith("$") ? doComparePosix(str, str2, str3.getBytes(UtilIO.getUtf8())) : doCompareBare(str, str2, str3.getBytes(UtilIO.getUtf8()));
    }

    private static boolean doCompareTypePrefix(String str, String str2, byte[] bArr) {
        int indexOf = str.indexOf(FlexibleStringExpander.closeBracket);
        String substring = str.substring(1, indexOf);
        String substring2 = str.substring(indexOf + 1);
        MessageDigest messageDigest = getMessageDigest(substring);
        messageDigest.update(bArr);
        byte[] digest = messageDigest.digest();
        String str3 = new String(Hex.encodeHex(digest));
        if (substring2.equals(str3)) {
            return true;
        }
        if (!substring2.equals(oldFunnyHex(digest))) {
            return false;
        }
        Debug.logWarning("Warning: detected oldFunnyHex password prefixed with a hashType; this is not valid, please update the value in the database with ({%s}%s)", module, substring, str3);
        return true;
    }

    private static boolean doComparePosix(String str, String str2, byte[] bArr) {
        int indexOf = str.indexOf("$", 1);
        int indexOf2 = str.indexOf("$", indexOf + 1);
        return str.substring(indexOf2 + 1).equals(getCryptedBytes(str.substring(1, indexOf), str.substring(indexOf + 1, indexOf2), bArr));
    }

    private static boolean doCompareBare(String str, String str2, byte[] bArr) {
        MessageDigest messageDigest = getMessageDigest(str2);
        messageDigest.update(bArr);
        return str.equals(oldFunnyHex(messageDigest.digest()));
    }

    @Deprecated
    public static String cryptPassword(String str, String str2, String str3) {
        if (str.startsWith("PBKDF2")) {
            if (str3 != null) {
                return pbkdf2HashCrypt(str, str2, str3);
            }
            return null;
        }
        if (str3 != null) {
            return cryptBytes(str, str2, str3.getBytes(UtilIO.getUtf8()));
        }
        return null;
    }

    public static String cryptUTF8(String str, String str2, String str3) {
        if (str.startsWith("PBKDF2")) {
            if (str3 != null) {
                return pbkdf2HashCrypt(str, str2, str3);
            }
            return null;
        }
        if (str3 != null) {
            return cryptBytes(str, str2, str3.getBytes(UtilIO.getUtf8()));
        }
        return null;
    }

    public static String cryptValue(String str, String str2, String str3) {
        if (str.startsWith("PBKDF2")) {
            if (str3 != null) {
                return pbkdf2HashCrypt(str, str2, str3);
            }
            return null;
        }
        if (str3 != null) {
            return cryptBytes(str, str2, str3.getBytes(UtilIO.getUtf8()));
        }
        return null;
    }

    public static String cryptBytes(String str, String str2, byte[] bArr) {
        if (str == null) {
            str = "SHA";
        }
        if (str2 == null) {
            str2 = RandomStringUtils.random(new SecureRandom().nextInt(15) + 1, CRYPT_CHAR_SET);
        }
        StringBuilder sb = new StringBuilder();
        sb.append("$").append(str).append("$").append(str2).append("$");
        sb.append(getCryptedBytes(str, str2, bArr));
        return sb.toString();
    }

    private static String getCryptedBytes(String str, String str2, byte[] bArr) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(str2.getBytes(UtilIO.getUtf8()));
            messageDigest.update(bArr);
            return Base64.encodeBase64URLSafeString(messageDigest.digest()).replace('+', '.');
        } catch (NoSuchAlgorithmException e) {
            throw new GeneralRuntimeException("Error while comparing password", e);
        }
    }

    public static String pbkdf2HashCrypt(String str, String str2, String str3) {
        String str4;
        char[] charArray = str3.toCharArray();
        if (UtilValidate.isEmpty(str2)) {
            str2 = getSalt();
        }
        try {
            byte[] encodeBase64 = Base64.encodeBase64(SecretKeyFactory.getInstance(str).generateSecret(new PBEKeySpec(charArray, str2.getBytes(UtilIO.getUtf8()), PBKDF2_ITERATIONS, 256)).getEncoded());
            boolean z = -1;
            switch (str.hashCode()) {
                case -1973470519:
                    if (str.equals("PBKDF2WithHmacSHA1")) {
                        z = false;
                        break;
                    }
                    break;
                case 1870378731:
                    if (str.equals("PBKDF2WithHmacSHA256")) {
                        z = true;
                        break;
                    }
                    break;
                case 1870379783:
                    if (str.equals("PBKDF2WithHmacSHA384")) {
                        z = 2;
                        break;
                    }
                    break;
                case 1870381486:
                    if (str.equals("PBKDF2WithHmacSHA512")) {
                        z = 3;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    str4 = PBKDF2_SHA1;
                    break;
                case true:
                    str4 = PBKDF2_SHA256;
                    break;
                case true:
                    str4 = PBKDF2_SHA384;
                    break;
                case true:
                    str4 = PBKDF2_SHA512;
                    break;
                default:
                    str4 = PBKDF2_SHA1;
                    break;
            }
            StringBuilder sb = new StringBuilder();
            sb.append("{").append(str4).append(FlexibleStringExpander.closeBracket);
            sb.append(PBKDF2_ITERATIONS).append("$");
            sb.append(org.apache.ofbiz.base.util.Base64.base64Encode(str2)).append("$");
            sb.append(new String(encodeBase64));
            return sb.toString();
        } catch (NoSuchAlgorithmException e) {
            throw new GeneralRuntimeException("Error while computing SecretKeyFactory", e);
        } catch (InvalidKeySpecException e2) {
            throw new GeneralRuntimeException("Error while creating SecretKey", e2);
        }
    }

    public static boolean doComparePbkdf2(String str, String str2) {
        String str3;
        try {
            int indexOf = str.indexOf(FlexibleStringExpander.closeBracket);
            String substring = str.substring(1, indexOf);
            String[] split = str.split("\\$");
            int parseInt = Integer.parseInt(split[0].substring(indexOf + 1));
            byte[] bytes = org.apache.ofbiz.base.util.Base64.base64Decode(split[1]).getBytes(UtilIO.getUtf8());
            byte[] decodeBase64 = Base64.decodeBase64(split[2].getBytes(UtilIO.getUtf8()));
            PBEKeySpec pBEKeySpec = new PBEKeySpec(str2.toCharArray(), bytes, parseInt, decodeBase64.length * 8);
            String substring2 = substring.substring(substring.indexOf("-") + 1);
            boolean z = -1;
            switch (substring2.hashCode()) {
                case -1850268089:
                    if (substring2.equals("SHA256")) {
                        z = false;
                        break;
                    }
                    break;
                case -1850267037:
                    if (substring2.equals("SHA384")) {
                        z = true;
                        break;
                    }
                    break;
                case -1850265334:
                    if (substring2.equals("SHA512")) {
                        z = 2;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    str3 = "PBKDF2WithHmacSHA256";
                    break;
                case true:
                    str3 = "PBKDF2WithHmacSHA384";
                    break;
                case true:
                    str3 = "PBKDF2WithHmacSHA512";
                    break;
                default:
                    str3 = "PBKDF2WithHmacSHA1";
                    break;
            }
            byte[] encoded = SecretKeyFactory.getInstance(str3).generateSecret(pBEKeySpec).getEncoded();
            int length = decodeBase64.length ^ encoded.length;
            for (int i = 0; i < decodeBase64.length && i < encoded.length; i++) {
                length |= decodeBase64[i] ^ encoded[i];
            }
            return length == 0;
        } catch (NoSuchAlgorithmException e) {
            throw new GeneralRuntimeException("Error while computing SecretKeyFactory", e);
        } catch (InvalidKeySpecException e2) {
            throw new GeneralRuntimeException("Error while creating SecretKey", e2);
        }
    }

    private static String getSalt() {
        try {
            byte[] bArr = new byte[16];
            SecureRandom.getInstance("SHA1PRNG").nextBytes(bArr);
            return Arrays.toString(bArr);
        } catch (NoSuchAlgorithmException e) {
            throw new GeneralRuntimeException("Error while creating salt", e);
        }
    }

    public static String digestHash(String str, String str2, String str3) {
        if (str3 == null) {
            return null;
        }
        try {
            return digestHash(str, str2 == null ? str3.getBytes(UtilIO.getUtf8()) : str3.getBytes(str2));
        } catch (UnsupportedEncodingException e) {
            throw new GeneralRuntimeException("Error while computing hash of type " + str, e);
        }
    }

    public static String digestHash(String str, byte[] bArr) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(bArr);
            char[] encodeHex = Hex.encodeHex(messageDigest.digest());
            StringBuilder sb = new StringBuilder();
            sb.append("{").append(str).append(FlexibleStringExpander.closeBracket);
            sb.append(encodeHex, 0, encodeHex.length);
            return sb.toString();
        } catch (NoSuchAlgorithmException e) {
            throw new GeneralRuntimeException("Error while computing hash of type " + str, e);
        }
    }

    public static String digestHash64(String str, byte[] bArr) {
        if (str == null) {
            str = "SHA";
        }
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(bArr);
            byte[] digest = messageDigest.digest();
            StringBuilder sb = new StringBuilder();
            sb.append("{").append(str).append(FlexibleStringExpander.closeBracket);
            sb.append(Base64.encodeBase64URLSafeString(digest).replace('+', '.'));
            return sb.toString();
        } catch (NoSuchAlgorithmException e) {
            throw new GeneralRuntimeException("Error while computing hash of type " + str, e);
        }
    }

    @Deprecated
    public static String getHashTypeFromPrefix(String str) {
        if (UtilValidate.isEmpty(str) || str.charAt(0) != '{') {
            return null;
        }
        return str.substring(1, str.indexOf(125));
    }

    @Deprecated
    public static String removeHashTypePrefix(String str) {
        return (UtilValidate.isEmpty(str) || str.charAt(0) != '{') ? str : str.substring(str.indexOf(125) + 1);
    }

    @Deprecated
    public static String getDigestHashOldFunnyHexEncode(String str, String str2) {
        return digestHashOldFunnyHex(str2, str);
    }

    public static String digestHashOldFunnyHex(String str, String str2) {
        if (UtilValidate.isEmpty(str)) {
            str = "SHA";
        }
        if (str2 == null) {
            return null;
        }
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(str2.getBytes(UtilIO.getUtf8()));
            return oldFunnyHex(messageDigest.digest());
        } catch (Exception e) {
            Debug.logError(e, "Error while computing hash of type " + str, module);
            return str2;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v18, types: [int] */
    private static String oldFunnyHex(byte[] bArr) {
        int i = 0;
        char[] cArr = new char[bArr.length * 2];
        for (byte b : bArr) {
            if (b < 0) {
                b = 127 + (b * (-1));
            }
            StringUtil.encodeInt(b, i, cArr);
            i += 2;
        }
        return new String(cArr);
    }
}
