package org.owasp.esapi.crypto;

import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.eclipse.core.runtime.internal.adaptor.EclipseCommandProvider;
import org.opensaml.security.crypto.JCAConstants;
import org.owasp.esapi.ESAPI;
import org.owasp.esapi.Logger;
import org.owasp.esapi.errors.ConfigurationException;
import org.owasp.esapi.errors.EncryptionException;
import org.owasp.esapi.reference.DefaultSecurityConfiguration;
import org.owasp.esapi.util.ByteConversionUtil;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/opensaml-3.3.1.wso2v1.jar:esapi-2.1.0.1.jar:org/owasp/esapi/crypto/KeyDerivationFunction.class
 */
/* loaded from: input_file:WEB-INF/lib/esapi-2.1.0.1.jar:org/owasp/esapi/crypto/KeyDerivationFunction.class */
public class KeyDerivationFunction {
    public static final int originalVersion = 20110203;
    public static final int kdfVersion = 20130830;
    private static final long serialVersionUID = 20130830;
    private static final Logger logger;
    private String prfAlg_;
    private int version_ = 20130830;
    private String context_ = "";
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/lib/opensaml-3.3.1.wso2v1.jar:esapi-2.1.0.1.jar:org/owasp/esapi/crypto/KeyDerivationFunction$PRF_ALGORITHMS.class
     */
    /* loaded from: input_file:WEB-INF/lib/esapi-2.1.0.1.jar:org/owasp/esapi/crypto/KeyDerivationFunction$PRF_ALGORITHMS.class */
    public enum PRF_ALGORITHMS {
        HmacSHA1(0, 160, "HmacSHA1"),
        HmacSHA256(1, 256, "HmacSHA256"),
        HmacSHA384(2, 384, JCAConstants.HMAC_SHA384),
        HmacSHA512(3, 512, JCAConstants.HMAC_SHA512);

        private final byte value;
        private final short bits;
        private final String algName;

        PRF_ALGORITHMS(int i, int i2, String str) {
            this.value = (byte) i;
            this.bits = (short) i2;
            this.algName = str;
        }

        public byte getValue() {
            return this.value;
        }

        public short getBits() {
            return this.bits;
        }

        public String getAlgName() {
            return this.algName;
        }
    }

    public KeyDerivationFunction(PRF_ALGORITHMS prf_algorithms) {
        this.prfAlg_ = null;
        this.prfAlg_ = prf_algorithms.getAlgName();
    }

    public KeyDerivationFunction() {
        this.prfAlg_ = null;
        String kDFPseudoRandomFunction = ESAPI.securityConfiguration().getKDFPseudoRandomFunction();
        if (!isValidPRF(kDFPseudoRandomFunction)) {
            throw new ConfigurationException("Algorithm name " + kDFPseudoRandomFunction + " not a valid algorithm name for property " + DefaultSecurityConfiguration.KDF_PRF_ALG);
        }
        this.prfAlg_ = kDFPseudoRandomFunction;
    }

    public String getPRFAlgName() {
        return this.prfAlg_;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int getDefaultPRFSelection() {
        String kDFPseudoRandomFunction = ESAPI.securityConfiguration().getKDFPseudoRandomFunction();
        for (PRF_ALGORITHMS prf_algorithms : PRF_ALGORITHMS.values()) {
            if (prf_algorithms.getAlgName().equals(kDFPseudoRandomFunction)) {
                return prf_algorithms.getValue();
            }
        }
        throw new ConfigurationException("Algorithm name " + kDFPseudoRandomFunction + " not a valid algorithm name for property " + DefaultSecurityConfiguration.KDF_PRF_ALG);
    }

    public void setVersion(int i) throws IllegalArgumentException {
        CryptoHelper.isValidKDFVersion(i, false, true);
        this.version_ = i;
    }

    public int getVersion() {
        return this.version_;
    }

    public void setContext(String str) {
        if (str == null) {
            throw new IllegalArgumentException("Context may not be null.");
        }
        this.context_ = str;
    }

    public String getContext() {
        return this.context_;
    }

    public SecretKey computeDerivedKey(SecretKey secretKey, int i, String str) throws NoSuchAlgorithmException, InvalidKeyException, EncryptionException {
        byte[] doFinal;
        if (!$assertionsDisabled && secretKey == null) {
            throw new AssertionError("Key derivation key cannot be null.");
        }
        if (!$assertionsDisabled && i < 56) {
            throw new AssertionError("Key has size of " + i + ", which is less than minimum of 56-bits.");
        }
        if (!$assertionsDisabled && i % 8 != 0) {
            throw new AssertionError("Key size (" + i + ") must be a even multiple of 8-bits.");
        }
        if (!$assertionsDisabled && (str == null || str.equals(""))) {
            throw new AssertionError("Purpose may not be null or empty.");
        }
        int calcKeySize = calcKeySize(i);
        byte[] bArr = new byte[calcKeySize];
        try {
            byte[] bytes = str.getBytes("UTF-8");
            byte[] bytes2 = this.context_.getBytes("UTF-8");
            SecretKeySpec secretKeySpec = new SecretKeySpec(secretKey.getEncoded(), "HmacSHA1");
            try {
                Mac mac = Mac.getInstance("HmacSHA1");
                mac.init(secretKeySpec);
                int i2 = 1;
                int i3 = 0;
                int i4 = 0;
                do {
                    int i5 = i2;
                    i2++;
                    mac.update(ByteConversionUtil.fromInt(i5));
                    mac.update(bytes);
                    mac.update((byte) 0);
                    mac.update(bytes2);
                    doFinal = mac.doFinal(ByteConversionUtil.fromInt(calcKeySize));
                    int min = doFinal.length >= calcKeySize ? calcKeySize : Math.min(doFinal.length, calcKeySize - i3);
                    System.arraycopy(doFinal, 0, bArr, i4, min);
                    bytes = doFinal;
                    i3 += doFinal.length;
                    i4 += min;
                } while (i3 < calcKeySize);
                for (int i6 = 0; i6 < doFinal.length; i6++) {
                    doFinal[i6] = 0;
                }
                return new SecretKeySpec(bArr, secretKey.getAlgorithm());
            } catch (InvalidKeyException e) {
                logger.error(Logger.SECURITY_FAILURE, "Created HmacSHA1 Mac but SecretKey sk has alg " + secretKeySpec.getAlgorithm(), e);
                throw e;
            }
        } catch (UnsupportedEncodingException e2) {
            throw new EncryptionException("Encryption failure (internal encoding error: UTF-8)", "UTF-8 encoding is NOT supported as a standard byte encoding: " + e2.getMessage(), e2);
        }
    }

    public static boolean isValidPRF(String str) {
        for (PRF_ALGORITHMS prf_algorithms : PRF_ALGORITHMS.values()) {
            if (prf_algorithms.getAlgName().equals(str)) {
                return true;
            }
        }
        return false;
    }

    public static PRF_ALGORITHMS convertNameToPRF(String str) {
        for (PRF_ALGORITHMS prf_algorithms : PRF_ALGORITHMS.values()) {
            if (prf_algorithms.getAlgName().equals(str)) {
                return prf_algorithms;
            }
        }
        throw new IllegalArgumentException("Algorithm name " + str + " not a valid PRF algorithm name for the ESAPI KDF.");
    }

    public static PRF_ALGORITHMS convertIntToPRF(int i) {
        for (PRF_ALGORITHMS prf_algorithms : PRF_ALGORITHMS.values()) {
            if (prf_algorithms.getValue() == i) {
                return prf_algorithms;
            }
        }
        throw new IllegalArgumentException("No KDF PRF algorithm found for value name " + i);
    }

    private static int calcKeySize(int i) {
        if (!$assertionsDisabled && i <= 0) {
            throw new AssertionError("Key size must be > 0 bits.");
        }
        int i2 = i / 8;
        return i % 8 == 0 ? i2 : i2 + 1;
    }

    public static final void main(String[] strArr) {
        System.out.println("Supported pseudo-random functions for KDF (version: 20130830)");
        System.out.println("Enum Name\tAlgorithm\t# bits");
        for (PRF_ALGORITHMS prf_algorithms : PRF_ALGORITHMS.values()) {
            System.out.println(prf_algorithms + EclipseCommandProvider.TAB + prf_algorithms.getAlgName() + EclipseCommandProvider.TAB + ((int) prf_algorithms.getBits()));
        }
    }

    static {
        $assertionsDisabled = !KeyDerivationFunction.class.desiredAssertionStatus();
        logger = ESAPI.getLogger("KeyDerivationFunction");
    }
}
