package com.buildforge.services.common.security;

import com.buildforge.services.common.dbo.MessageDBO;
import com.buildforge.services.common.dbo.UserDBO;
import com.buildforge.services.common.text.StringConverter;
import com.buildforge.services.common.text.TextUtils;
import com.buildforge.services.common.util.Base64;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.atomic.AtomicReference;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:lib/com.ibm.rational.buildforge.services.client.java_7.1.3.4110010.jar:com/buildforge/services/common/security/PasswordManager.class */
public class PasswordManager {
    private static final String PASSWORD_MANAGER_SERVER_CONFIG_CLASS = "com.buildforge.services.server.security.PasswordManagerServerConfig";
    static final char CRYPTO_ALGORITHM_STARTED = '{';
    static final char CRYPTO_ALGORITHM_STOPPED = '}';
    static final char CRYPTO_ALGORITHM_SEPARATOR = ':';
    private final PasswordManagerConfig config;
    private static final AtomicReference<Boolean> CACHED_IS_SERVER = new AtomicReference<>();
    private static final Logger log = Logger.getLogger(PasswordManager.class.getName());
    private static final String ME = PasswordManager.class.getName();
    private static AtomicReference<PasswordManager> globalInstance = new AtomicReference<>();
    private static Map<String, PasswordManager> instanceMap = new HashMap();
    private static Map<String, PasswordManagerConfig> configMap = new HashMap();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:lib/com.ibm.rational.buildforge.services.client.java_7.1.3.4110010.jar:com/buildforge/services/common/security/PasswordManager$EncryptedPassword.class */
    public static class EncryptedPassword {
        private final String algorithmName;
        private final String algorithmInfo;
        private final byte[] data;

        String getAlgorithmName() {
            return this.algorithmName;
        }

        String getAlgorithmInfo() {
            return this.algorithmInfo;
        }

        byte[] getData() {
            return Base64.base64Decode(this.data);
        }

        private EncryptedPassword(String str, String str2, String str3) {
            this.algorithmName = str;
            this.algorithmInfo = str2;
            this.data = StringConverter.get().toUtf8Bytes(str3);
        }

        static EncryptedPassword parse(String str) {
            int indexOf;
            if (str == null) {
                return null;
            }
            String trim = str.trim();
            if (trim.length() < 2 || trim.charAt(0) != '{' || (indexOf = trim.indexOf(125, 1)) == -1 || indexOf + 1 == trim.length()) {
                return null;
            }
            int indexOf2 = trim.indexOf(PasswordManager.CRYPTO_ALGORITHM_SEPARATOR, 1);
            return (indexOf2 == -1 || indexOf2 > indexOf) ? new EncryptedPassword(trim.substring(1, indexOf), UserDBO.UID_SYSTEM, trim.substring(indexOf + 1)) : new EncryptedPassword(trim.substring(1, indexOf2), trim.substring(indexOf2 + 1, indexOf), trim.substring(indexOf + 1));
        }
    }

    public boolean isInitialized() {
        return this.config != null && this.config.isInitialized();
    }

    public static PasswordManager getInstance() {
        if (!isServer()) {
            return new PasswordManager("default");
        }
        PasswordManager passwordManager = globalInstance.get();
        if (passwordManager != null) {
            return passwordManager;
        }
        PasswordManager passwordManager2 = new PasswordManager("default");
        while (!globalInstance.compareAndSet(null, passwordManager2)) {
            PasswordManager passwordManager3 = globalInstance.get();
            if (passwordManager3 != null) {
                return passwordManager3;
            }
        }
        return passwordManager2;
    }

    public static PasswordManager getInstance(URL url) {
        PasswordManager passwordManager;
        String url2 = url != null ? url.toString() : null;
        synchronized (instanceMap) {
            PasswordManager passwordManager2 = instanceMap.get(url2);
            if (passwordManager2 == null) {
                passwordManager2 = new PasswordManager(url);
                instanceMap.put(url2, passwordManager2);
            }
            passwordManager = passwordManager2;
        }
        return passwordManager;
    }

    private PasswordManager() {
        this.config = null;
    }

    private PasswordManager(String str) {
        PasswordManagerConfig passwordManagerConfig;
        try {
            passwordManagerConfig = isServer() ? initializeServerConfig() : initializeClientConfig(null);
        } catch (Exception e) {
            MessageDBO messageDBO = new MessageDBO(MessageDBO.Severity.WARNING, "PWCryptConfigInitError", new String[0]);
            if (log.isLoggable(Level.WARNING)) {
                log.log(Level.WARNING, messageDBO.translate(), (Throwable) e);
            }
            passwordManagerConfig = null;
        }
        this.config = passwordManagerConfig;
    }

    private PasswordManager(URL url) {
        PasswordManagerConfig passwordManagerConfig = null;
        try {
            passwordManagerConfig = initializeClientConfig(url);
        } catch (Exception e) {
            MessageDBO messageDBO = new MessageDBO(MessageDBO.Severity.WARNING, "PWCryptConfigInitError", new String[0]);
            if (log.isLoggable(Level.WARNING)) {
                log.log(Level.WARNING, messageDBO.translate(), (Throwable) e);
            }
        }
        this.config = passwordManagerConfig;
    }

    public static boolean isServer() {
        Boolean bool = CACHED_IS_SERVER.get();
        if (bool != null) {
            return bool.booleanValue();
        }
        try {
            if (!Boolean.TRUE.equals(Class.forName("com.buildforge.services.server.Main").getMethod("checkInitialized", new Class[0]).invoke(null, new Object[0]))) {
                return false;
            }
            CACHED_IS_SERVER.set(Boolean.TRUE);
            return true;
        } catch (ClassNotFoundException e) {
            CACHED_IS_SERVER.set(Boolean.FALSE);
            return false;
        } catch (Exception e2) {
            log.log(Level.FINEST, "Unexpected error determining server/client status", (Throwable) e2);
            return false;
        } catch (NoClassDefFoundError e3) {
            CACHED_IS_SERVER.set(Boolean.FALSE);
            return false;
        }
    }

    protected PasswordManagerConfig initializeClientConfig(URL url) throws Exception {
        PasswordManagerConfig passwordManagerConfig;
        String url2 = url != null ? url.toString() : null;
        synchronized (configMap) {
            PasswordManagerConfig passwordManagerConfig2 = configMap.get(url2);
            if (passwordManagerConfig2 == null) {
                passwordManagerConfig2 = PasswordManagerConfig.initializeClientConfig(url);
                configMap.put(url2, passwordManagerConfig2);
            }
            passwordManagerConfig = passwordManagerConfig2;
        }
        return passwordManagerConfig;
    }

    public void createKeyFile(String str) throws Exception {
        if (log.isLoggable(Level.FINE)) {
            log.log(Level.FINE, "Specified file location: " + str);
        }
        if (this.config != null && this.config.getPrimaryPE() != null) {
            this.config.getPrimaryPE().createKeyFile(str);
        } else {
            log.fine("Using BfCrypt to create key file");
            new BfCrypt().createKeyFile(str);
        }
    }

    public void generateKey() throws Exception {
        log.fine("Generating a new password encryption key.");
        if (this.config != null && this.config.getPrimaryPE() != null) {
            this.config.getPrimaryPE().generateKey();
        } else {
            log.fine("Using BfCrypt to generate key");
            new BfCrypt().generateKey();
        }
    }

    public void exportKeyFile(String str) throws Exception {
        if (log.isLoggable(Level.FINE)) {
            log.log(Level.FINE, "Specified file location: " + str);
        }
        if (this.config == null || this.config.getPrimaryPE() == null) {
            throw new IllegalStateException("Cannot export keys until password encryption runtime is initialized.");
        }
        this.config.getPrimaryPE().exportKeyFile(str);
    }

    private PasswordManagerConfig initializeServerConfig() throws Exception {
        Class<?> cls = Class.forName(PASSWORD_MANAGER_SERVER_CONFIG_CLASS);
        return (PasswordManagerConfig) cls.getMethod("initializeServerConfig", new Class[0]).invoke(cls.newInstance(), new Object[0]);
    }

    public String encrypt(String str) throws PasswordEncryptException {
        log.entering(ME, "encrypt");
        if (TextUtils.isEmpty(str)) {
            log.exiting(ME, "Password was null; returning (some KeyStore passwords are null by design).");
            return str;
        }
        try {
            try {
                str = decrypt(str);
            } catch (Exception e) {
                String translate = new MessageDBO(MessageDBO.Severity.ERROR, "PWCryptEncryptException", this.config.getPrimaryPE().getName()).translate();
                log.severe(translate);
                if (e instanceof PasswordEncryptException) {
                    throw ((PasswordEncryptException) e);
                }
                throw new PasswordEncryptException(translate, e);
            }
        } catch (PasswordDecryptException e2) {
        }
        if (this.config == null || !this.config.isInitialized() || this.config.getPrimaryPE() == null || !this.config.isPassword_encryption_enabled()) {
            log.exiting(ME, "encrypt (bf)");
            return TextUtils.bf_encrypt(str);
        }
        EncryptedInfo encrypt = this.config.getPrimaryPE().encrypt(StringConverter.get().toUtf8Bytes(str));
        if (encrypt == null) {
            String translate2 = new MessageDBO(MessageDBO.Severity.ERROR, "PWCryptNullEncryptReturned", this.config.getPrimaryPE().getName()).translate();
            log.severe(translate2);
            throw new PasswordEncryptException(translate2);
        }
        String name = this.config.getPrimaryPE().getName();
        String buildCipherTextString = buildCipherTextString(name, encrypt.getKeyInfo(), encrypt.getEncryptedBytes());
        if (log.isLoggable(Level.FINER)) {
            log.exiting(ME, "encrypt (" + name + ')');
        }
        return buildCipherTextString;
    }

    public String decrypt(String str) throws PasswordDecryptException {
        if (log.isLoggable(Level.FINER)) {
            log.entering(ME, "decrypt (" + getImplementationNameFromString(str) + ")");
        }
        if (TextUtils.isEmpty(str)) {
            log.exiting(ME, "Password was null, returning (some KeyStore passwords are null by design).");
            return str;
        }
        EncryptedPassword parse = EncryptedPassword.parse(str);
        if (parse != null) {
            try {
                if (isValidImplementationName(parse.getAlgorithmName())) {
                    String algorithmName = parse.getAlgorithmName();
                    IPasswordEncryption iPasswordEncryption = this.config.getValidationPEs().get(algorithmName);
                    if (iPasswordEncryption == null) {
                        String translate = new MessageDBO(MessageDBO.Severity.ERROR, "PWCryptDecryptImplNameNotFound", algorithmName).translate();
                        log.severe(translate);
                        throw new PasswordDecryptException(translate);
                    }
                    EncryptedInfo encryptedInfo = new EncryptedInfo(parse.getData(), parse.getAlgorithmInfo());
                    if (log.isLoggable(Level.FINE)) {
                        log.log(Level.FINE, "Using the following EncryptedInfo to decrypt: " + encryptedInfo.getKeyInfo());
                    }
                    byte[] decrypt = iPasswordEncryption.decrypt(encryptedInfo);
                    if (decrypt == null || decrypt.length == 0) {
                        String translate2 = new MessageDBO(MessageDBO.Severity.ERROR, "PWCryptNullDecryptReturned", algorithmName).translate();
                        log.severe(translate2);
                        throw new PasswordDecryptException(translate2);
                    }
                    if (log.isLoggable(Level.FINE)) {
                        log.exiting(ME, "decrypt (" + algorithmName + ")");
                    }
                    return StringConverter.get().fromUtf8(decrypt);
                }
            } catch (Exception e) {
                String translate3 = new MessageDBO(MessageDBO.Severity.ERROR, "PWCryptDecryptException", null).translate();
                log.severe(translate3);
                if (e instanceof PasswordDecryptException) {
                    throw ((PasswordDecryptException) e);
                }
                throw new PasswordDecryptException(translate3, e);
            }
        }
        if (str == null || str.length() >= 50) {
            log.exiting(ME, "decrypt (BF)");
            return TextUtils.bf_decrypt(str);
        }
        log.exiting(ME, "decrypt (already plaintext?)");
        return str;
    }

    private String buildCipherTextString(String str, String str2, byte[] bArr) throws UnsupportedEncodingException {
        return new StringBuilder(128).append('{').append(str).append(':').append(str2).append('}').append(StringConverter.get().fromUtf8(Base64.base64Encode(bArr))).toString();
    }

    private boolean isValidImplementationName(String str) {
        Map<String, IPasswordEncryption> validationPEs;
        if (this.config == null || str == null) {
            return false;
        }
        String trim = str.trim();
        if (trim.length() == 0 || (validationPEs = this.config.getValidationPEs()) == null || validationPEs.isEmpty() || validationPEs.get(trim) == null) {
            return false;
        }
        if (!log.isLoggable(Level.FINE)) {
            return true;
        }
        log.logp(Level.FINE, ME, "isValidImplementationName", "Found validation password encryption implementation from name: " + trim);
        return true;
    }

    private String getImplementationNameFromString(String str) {
        EncryptedPassword parse = EncryptedPassword.parse(str);
        return parse != null ? parse.getAlgorithmName() : UserDBO.UID_SYSTEM;
    }

    public static void reset() {
        globalInstance.set(null);
        CACHED_IS_SERVER.set(null);
    }

    public static void main(String[] strArr) throws Exception {
        if (strArr.length != 1 || strArr[0].length() == 0) {
            log.info("Command syntax: java com.buildforge.services.common.security.PasswordManager key_file_path");
            return;
        }
        try {
            getInstance().createKeyFile(strArr[0]);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
