package org.sakaiproject.user.impl;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import java.util.Base64;
import java.util.Random;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/sakaiproject/user/impl/PasswordService.class */
public class PasswordService {
    private static final Logger log = LoggerFactory.getLogger(PasswordService.class);
    public static final String MD5_SALT_SHA256 = "MD5-SALT-SHA256:";
    public static final String MD5TRUNC_SALT_SHA256 = "MD5TRUNC-SALT-SHA256:";
    public static final String PBKDF2 = "PBKDF2:";
    private Random saltSource = new SecureRandom();
    private int saltLength = 16;
    private String saltDelim = ":";

    public boolean check(String str, String str2) {
        if (str == null || str2 == null) {
            return false;
        }
        int length = str2.length();
        if (length == 20 || length == 24) {
            String hash = hash(str, "MD5");
            if (hash != null) {
                if (length == 20) {
                    hash = hash.substring(0, 20);
                }
                return str2.equals(hash);
            }
        }
        return str2.startsWith(PBKDF2) ? checkPbkdf2(str, str2) : checkLegacy(str, str2);
    }

    private boolean checkLegacy(String str, String str2) {
        String str3 = str;
        String str4 = str2;
        if (str2.startsWith(MD5_SALT_SHA256)) {
            str3 = hash(str, "MD5");
            str4 = str2.substring(MD5_SALT_SHA256.length());
        }
        if (str2.startsWith(MD5TRUNC_SALT_SHA256)) {
            str3 = hash(str, "MD5");
            if (str3 != null && str3.length() > 20) {
                str3 = str3.substring(0, 20);
            }
            str4 = str2.substring(MD5TRUNC_SALT_SHA256.length());
        }
        int indexOf = str4.indexOf(this.saltDelim);
        String str5 = str3;
        if (indexOf != -1) {
            String substring = str4.substring(0, indexOf);
            str4 = str4.substring(indexOf + 1);
            str5 = substring + str3;
        }
        return str4.equals(hash(str5, "SHA-256"));
    }

    private boolean checkPbkdf2(String str, String str2) {
        String substring = str2.substring(PBKDF2.length());
        int indexOf = substring.indexOf(this.saltDelim);
        if (indexOf == -1) {
            return false;
        }
        String substring2 = substring.substring(0, indexOf);
        String substring3 = substring.substring(indexOf + 1);
        Base64.Decoder decoder = Base64.getDecoder();
        return Arrays.equals(decoder.decode(substring3), encrypt(decoder.decode(substring2), str));
    }

    public String encrypt(String str) {
        byte[] salt = salt(this.saltLength);
        Base64.Encoder encoder = Base64.getEncoder();
        return PBKDF2 + encoder.encodeToString(salt) + this.saltDelim + encoder.encodeToString(encrypt(salt, str));
    }

    public byte[] encrypt(byte[] bArr, String str) {
        try {
            return SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512").generateSecret(new PBEKeySpec(str.toCharArray(), bArr, 8192, 128)).getEncoded();
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new RuntimeException("Failed to encrypt password.", e);
        }
    }

    public String oldEncrpt(String str) {
        String encodeToString = Base64.getEncoder().encodeToString(salt(this.saltLength));
        return encodeToString + this.saltDelim + hash(encodeToString + str, "SHA-256");
    }

    String hash(String str, String str2) {
        try {
            return Base64.getEncoder().encodeToString(MessageDigest.getInstance(str2).digest(str.getBytes("UTF-8")));
        } catch (Exception e) {
            log.warn("Failed with " + str2, e);
            return null;
        }
    }

    private byte[] salt(int i) {
        byte[] bArr = new byte[i];
        this.saltSource.nextBytes(bArr);
        return bArr;
    }

    public void setSaltLength(int i) {
        this.saltLength = i;
    }

    public void setSaltDelim(String str) {
        this.saltDelim = str;
    }
}
