package org.apache.jetspeed.security.spi.impl;

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import org.apache.commons.codec.binary.Base64;
import org.apache.jetspeed.security.CredentialPasswordEncoder;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.util.UnixCrypt;

/* loaded from: input_file:org/apache/jetspeed/security/spi/impl/LdapCredentialPasswordEncoder.class */
public class LdapCredentialPasswordEncoder implements CredentialPasswordEncoder {
    private static final long serialVersionUID = -575380709827140201L;
    private final HashMethod hashMethod;
    private final MessageDigest digester;
    private final boolean saltedDigest;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/jetspeed/security/spi/impl/LdapCredentialPasswordEncoder$HashMethod.class */
    public enum HashMethod {
        SHA,
        SSHA,
        MD5,
        SMD5,
        CRYPT
    }

    public LdapCredentialPasswordEncoder(String str) throws NoSuchAlgorithmException {
        if (HashMethod.CRYPT.toString().equals(str)) {
            this.hashMethod = HashMethod.CRYPT;
            this.digester = null;
            this.saltedDigest = false;
            return;
        }
        if (HashMethod.SHA.toString().equals(str)) {
            this.hashMethod = HashMethod.SHA;
            this.digester = MessageDigest.getInstance("SHA");
            this.saltedDigest = false;
            return;
        }
        if (HashMethod.SSHA.toString().equals(str)) {
            this.hashMethod = HashMethod.SSHA;
            this.digester = MessageDigest.getInstance("SHA");
            this.saltedDigest = true;
        } else if (HashMethod.MD5.toString().equals(str)) {
            this.hashMethod = HashMethod.MD5;
            this.digester = MessageDigest.getInstance("MD5");
            this.saltedDigest = false;
        } else {
            if (!HashMethod.SMD5.toString().equals(str)) {
                throw new IllegalArgumentException("Unsupported hashMethod " + str);
            }
            this.hashMethod = HashMethod.SMD5;
            this.digester = MessageDigest.getInstance("MD5");
            this.saltedDigest = true;
        }
    }

    public String encode(String str, String str2) throws SecurityException {
        StringBuffer append = new StringBuffer().append('{').append(this.hashMethod).append('}');
        if (this.hashMethod == HashMethod.CRYPT) {
            byte[] bArr = new byte[2];
            SecureRandom secureRandom = new SecureRandom();
            int nextInt = secureRandom.nextInt(64);
            int nextInt2 = secureRandom.nextInt(64);
            bArr[0] = (byte) (nextInt < 12 ? nextInt + 46 : nextInt < 38 ? (nextInt + 65) - 12 : (nextInt + 97) - 38);
            bArr[1] = (byte) (nextInt2 < 12 ? nextInt2 + 46 : nextInt2 < 38 ? (nextInt2 + 65) - 12 : (nextInt2 + 97) - 38);
            String utf8decode = utf8decode(bArr);
            append.append(utf8decode).append(UnixCrypt.crypt(str2, utf8decode).substring(2));
        } else {
            append.append(digest(str2, this.saltedDigest));
        }
        return append.toString();
    }

    private static byte[] utf8encode(String str) {
        try {
            return str.getBytes("UTF-8");
        } catch (UnsupportedEncodingException e) {
            return str.getBytes();
        }
    }

    private static String utf8decode(byte[] bArr) {
        try {
            return new String(bArr, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            return new String(bArr);
        }
    }

    private String digest(String str, boolean z) {
        byte[] digest;
        byte[] utf8encode = utf8encode(str);
        synchronized (this.digester) {
            this.digester.reset();
            if (z) {
                byte[] bArr = new byte[8];
                new SecureRandom().nextBytes(bArr);
                this.digester.update(utf8encode);
                this.digester.update(bArr);
                byte[] digest2 = this.digester.digest();
                digest = new byte[digest2.length + bArr.length];
                System.arraycopy(digest2, 0, digest, 0, digest2.length);
                System.arraycopy(bArr, 0, digest, digest2.length, bArr.length);
            } else {
                digest = this.digester.digest(utf8encode);
            }
        }
        return utf8decode(Base64.encodeBase64(digest));
    }

    public static void main(String[] strArr) throws Exception {
        if (strArr.length == 2) {
            System.err.println("Encoded password=" + new LdapCredentialPasswordEncoder(strArr[0]).encode(null, strArr[1]));
        } else {
            System.err.println("Usage - java org.apache.jetspeed.security.spi.impl.LdapCredentialPasswordEncoder <CRYPT|SHA|SSHA|MD5|SMD5> <password>");
            System.exit(1);
        }
    }
}
