package com.ibm.websphere.crypto;

import com.ibm.ws.common.internal.encoder.Base64Coder;
import com.ibm.ws.crypto.util.InvalidPasswordCipherException;
import com.ibm.ws.crypto.util.PasswordCipherUtil;
import com.ibm.ws.crypto.util.PasswordHashGenerator;
import com.ibm.wsspi.security.crypto.EncryptedInfo;
import java.io.UnsupportedEncodingException;
import java.util.HashMap;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:lib/com.ibm.ws.crypto.passwordutil.jar:com/ibm/websphere/crypto/PasswordUtil.class */
public class PasswordUtil {
    public static final String PROPERTY_CRYPTO_KEY = "crypto.key";
    public static final String PROPERTY_NO_TRIM = "option.notrim";
    public static final String PROPERTY_HASH_ALGORITHM = "hash.algorithm";
    public static final String PROPERTY_HASH_ITERATION = "hash.iteration";
    public static final String PROPERTY_HASH_SALT = "hash.salt";
    public static final String PROPERTY_HASH_ENCODED = "hash.encoded";
    public static final String PROPERTY_HASH_LENGTH = "hash.length";
    private static final String RB = "com.ibm.ws.crypto.util.internal.resources.Messages";
    private static final String STRING_CONVERSION_CODE = "UTF-8";
    private static final String CRYPTO_ALGORITHM_STARTED = "{";
    private static final String CRYPTO_ALGORITHM_STOPPED = "}";
    private static final String EMPTY_STRING = "";
    private static final Class<?> CLASS_NAME = PasswordUtil.class;
    private static final Logger logger = Logger.getLogger(CLASS_NAME.getCanonicalName(), "com.ibm.ws.crypto.util.internal.resources.Messages");
    private static final byte[] EMPTY_BYTE_ARRAY = new byte[0];

    public static final String getDefaultEncoding() {
        return PasswordCipherUtil.getSupportedCryptoAlgorithms()[0];
    }

    public static String decode(String str) throws InvalidPasswordDecodingException, UnsupportedCryptoAlgorithmException {
        if (str == null) {
            throw new InvalidPasswordDecodingException();
        }
        String cryptoAlgorithm = getCryptoAlgorithm(str);
        if (cryptoAlgorithm == null) {
            throw new InvalidPasswordDecodingException();
        }
        logger.logp(Level.FINEST, PasswordUtil.class.getName(), "decode", "before invoking decode_password : crypto_algorithm : " + cryptoAlgorithm + "\nencoded_string : " + str);
        String decode_password = decode_password(removeCryptoAlgorithmTag(str), cryptoAlgorithm);
        if (decode_password != null) {
            return decode_password;
        }
        if (isValidCryptoAlgorithm(cryptoAlgorithm)) {
            throw new InvalidPasswordDecodingException();
        }
        throw new UnsupportedCryptoAlgorithmException();
    }

    public static String encode(String str) throws InvalidPasswordEncodingException, UnsupportedCryptoAlgorithmException {
        return encode(str, PasswordCipherUtil.getSupportedCryptoAlgorithms()[0], (String) null);
    }

    public static String encode(String str, String str2) throws InvalidPasswordEncodingException, UnsupportedCryptoAlgorithmException {
        return encode(str, str2, (String) null);
    }

    public static String encode(String str, String str2, String str3) throws InvalidPasswordEncodingException, UnsupportedCryptoAlgorithmException {
        HashMap hashMap = new HashMap();
        if (str3 != null) {
            hashMap.put(PROPERTY_CRYPTO_KEY, str3);
        }
        return encode(str, str2, hashMap);
    }

    public static String encode(String str, String str2, Map<String, String> map) throws InvalidPasswordEncodingException, UnsupportedCryptoAlgorithmException {
        if (!isValidCryptoAlgorithm(str2)) {
            throw new UnsupportedCryptoAlgorithmException();
        }
        if (str == null) {
            throw new InvalidPasswordEncodingException();
        }
        String cryptoAlgorithm = getCryptoAlgorithm(str);
        if ((cryptoAlgorithm != null && cryptoAlgorithm.startsWith(str2)) || isHashed(str)) {
            throw new InvalidPasswordEncodingException();
        }
        if (cryptoAlgorithm != null) {
            str = passwordDecode(str);
        }
        if (map == null || !map.containsKey(PROPERTY_NO_TRIM) || !"true".equalsIgnoreCase(map.get(PROPERTY_NO_TRIM))) {
            str = str.trim();
        }
        String encode_password = encode_password(str, str2.trim(), map);
        if (encode_password == null) {
            throw new InvalidPasswordEncodingException();
        }
        return encode_password;
    }

    public static String getCryptoAlgorithm(String str) {
        int indexOf;
        if (null == str) {
            return null;
        }
        String str2 = null;
        String trim = str.trim();
        if (trim.length() >= 2 && '{' == trim.charAt(0) && (indexOf = trim.indexOf(125, 1)) > 0) {
            str2 = trim.substring(1, indexOf).trim();
        }
        return str2;
    }

    public static String getCryptoAlgorithmTag(String str) {
        if (null == str) {
            return null;
        }
        String str2 = null;
        String trim = str.trim();
        if (trim.length() >= 2 && '{' == trim.charAt(0)) {
            int indexOf = trim.indexOf(125, 1);
            if (indexOf > 0) {
                int i = indexOf + 1;
                str2 = i == trim.length() ? trim : trim.substring(0, i).trim();
            }
        }
        return str2;
    }

    public static boolean isEncrypted(String str) {
        return isValidCryptoAlgorithm(getCryptoAlgorithm(str));
    }

    public static boolean isValidCryptoAlgorithm(String str) {
        if (str == null) {
            return false;
        }
        String trim = str.trim();
        if (trim.length() == 0) {
            return true;
        }
        for (String str2 : PasswordCipherUtil.getSupportedCryptoAlgorithms()) {
            if (trim.startsWith(str2)) {
                return true;
            }
        }
        return false;
    }

    public static boolean isValidCryptoAlgorithmTag(String str) {
        return isValidCryptoAlgorithm(getCryptoAlgorithm(str));
    }

    public static boolean isHashed(String str) {
        return isValidAlgorithm(getCryptoAlgorithm(str), PasswordCipherUtil.getSupportedHashAlgorithms());
    }

    private static boolean isValidAlgorithm(String str, String[] strArr) {
        String trim;
        boolean z = false;
        if (str != null && strArr != null && (trim = str.trim()) != null && trim.length() > 0) {
            int i = 0;
            while (true) {
                if (i >= strArr.length) {
                    break;
                }
                if (trim.startsWith(strArr[i])) {
                    z = true;
                    break;
                }
                i++;
            }
        }
        return z;
    }

    public static String passwordDecode(String str) {
        if (str == null) {
            return null;
        }
        String cryptoAlgorithm = getCryptoAlgorithm(str);
        return cryptoAlgorithm == null ? str : decode_password(removeCryptoAlgorithmTag(str), cryptoAlgorithm);
    }

    public static String passwordEncode(String str) {
        return passwordEncode(str, PasswordCipherUtil.getSupportedCryptoAlgorithms()[0]);
    }

    public static String passwordEncode(String str, String str2) {
        if (str == null) {
            return null;
        }
        String cryptoAlgorithm = getCryptoAlgorithm(str);
        if (cryptoAlgorithm == null || !cryptoAlgorithm.equals(str2)) {
            if (cryptoAlgorithm != null) {
                str = passwordDecode(str);
            }
            return encode_password(str.trim(), str2.trim(), null);
        }
        if (isValidCryptoAlgorithm(cryptoAlgorithm)) {
            return str.trim();
        }
        return null;
    }

    public static String removeCryptoAlgorithmTag(String str) {
        if (null == str) {
            return null;
        }
        String str2 = null;
        String trim = str.trim();
        if (trim.length() >= 2 && '{' == trim.charAt(0)) {
            int indexOf = trim.indexOf(125, 1);
            if (indexOf > 0) {
                int i = indexOf + 1;
                str2 = i == trim.length() ? "" : trim.substring(i).trim();
            }
        }
        return str2;
    }

    private static byte[] convert_to_bytes(String str) {
        if (null == str) {
            return null;
        }
        if (0 == str.length()) {
            return EMPTY_BYTE_ARRAY;
        }
        try {
            return str.getBytes("UTF-8");
        } catch (UnsupportedEncodingException e) {
            logger.logp(Level.SEVERE, PasswordUtil.class.getName(), "convert_to_bytes", "PASSWORDUTIL_UNSUPPORTEDENCODING_EXCEPTION", (Throwable) e);
            return null;
        }
    }

    private static String convert_to_string(byte[] bArr) {
        if (null == bArr) {
            return null;
        }
        if (0 == bArr.length) {
            return "";
        }
        try {
            return new String(bArr, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            logger.logp(Level.SEVERE, PasswordUtil.class.getName(), "convert_to_string", "PASSWORDUTIL_UNSUPPORTEDENCODING_EXCEPTION", (Throwable) e);
            return null;
        }
    }

    private static byte[] convert_viewable_to_bytes(String str) {
        if (null == str) {
            return null;
        }
        return 0 == str.length() ? EMPTY_BYTE_ARRAY : Base64Coder.base64Decode(convert_to_bytes(str));
    }

    private static String convert_viewable_to_string(byte[] bArr) {
        String str = null;
        if (bArr != null) {
            str = bArr.length == 0 ? "" : convert_to_string(Base64Coder.base64Encode(bArr));
        }
        return str;
    }

    private static String decode_password(String str, String str2) {
        StringBuilder sb = new StringBuilder();
        if (str2.length() == 0) {
            sb.append(str);
        } else {
            String str3 = null;
            if (str.length() > 0) {
                byte[] convert_viewable_to_bytes = convert_viewable_to_bytes(str);
                logger.logp(Level.FINEST, PasswordUtil.class.getName(), "decode_password", "byte array before decoding\n" + PasswordHashGenerator.hexDump(convert_viewable_to_bytes));
                if (convert_viewable_to_bytes == null) {
                    logger.logp(Level.SEVERE, PasswordUtil.class.getName(), "decode_password", "PASSWORDUTIL_INVALID_BASE64_STRING");
                    return null;
                }
                if (convert_viewable_to_bytes.length > 0) {
                    try {
                        byte[] decipher = PasswordCipherUtil.decipher(convert_viewable_to_bytes, str2);
                        if (decipher != null && decipher.length > 0) {
                            str3 = convert_to_string(decipher);
                        }
                    } catch (UnsupportedCryptoAlgorithmException e) {
                        logger.logp(Level.SEVERE, PasswordUtil.class.getName(), "decode_password", "PASSWORDUTIL_UNKNOWN_ALGORITHM_EXCEPTION", (Throwable) e);
                        return null;
                    } catch (InvalidPasswordCipherException e2) {
                        logger.logp(Level.SEVERE, PasswordUtil.class.getName(), "decode_password", "PASSWORDUTIL_CYPHER_EXCEPTION", (Throwable) e2);
                        return null;
                    }
                }
            }
            if (str3 != null && str3.length() > 0) {
                sb.append(str3);
            }
        }
        return sb.toString();
    }

    public static String encode_password(String str, String str2, Map<String, String> map) {
        StringBuilder sb = new StringBuilder();
        sb.append(CRYPTO_ALGORITHM_STARTED);
        if (str2.length() == 0) {
            sb.append("}").append(str);
        } else {
            String str3 = null;
            EncryptedInfo encryptedInfo = null;
            if (str.length() > 0) {
                byte[] convert_to_bytes = convert_to_bytes(str);
                if (convert_to_bytes.length > 0) {
                    byte[] bArr = null;
                    for (boolean z = false; !z; z = true) {
                        try {
                            encryptedInfo = PasswordCipherUtil.encipher_internal(convert_to_bytes, str2, map);
                            if (encryptedInfo != null) {
                                bArr = encryptedInfo.getEncryptedBytes();
                            }
                        } catch (UnsupportedCryptoAlgorithmException e) {
                            logger.logp(Level.SEVERE, PasswordUtil.class.getName(), "encode_password", "PASSWORDUTIL_UNKNOWN_ALGORITHM_EXCEPTION", (Throwable) e);
                            return null;
                        } catch (InvalidPasswordCipherException e2) {
                            logger.logp(Level.SEVERE, PasswordUtil.class.getName(), "encode_password", "PASSWORDUTIL_CYPHER_EXCEPTION", (Throwable) e2);
                            return null;
                        }
                    }
                    if (bArr != null && bArr.length > 0) {
                        str3 = convert_viewable_to_string(bArr);
                        if (str3 == null) {
                            return null;
                        }
                    }
                }
            }
            sb.append(str2);
            String keyAlias = null == encryptedInfo ? null : encryptedInfo.getKeyAlias();
            if (keyAlias != null && 0 < keyAlias.length()) {
                sb.append(':').append(keyAlias);
            }
            sb.append("}");
            if (str3 != null && str3.length() > 0) {
                sb.append(str3);
            }
        }
        return sb.toString();
    }
}
