package com.ibm.ISecurityUtilityImpl;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ffdc.Manager;
import com.ibm.ws.webservices.wsdl.toJava.JavaGeneratorFactory;
import com.ibm.wsspi.security.crypto.EncryptedInfo;
import com.ibm.wsspi.security.crypto.PasswordEncryptException;
import java.io.ByteArrayOutputStream;
import java.io.PrintStream;
import java.io.UnsupportedEncodingException;

/* loaded from: input_file:lib/com.ibm.ws.webservices.thinclient_8.5.0.jar:com/ibm/ISecurityUtilityImpl/PasswordUtil.class */
public class PasswordUtil {
    public static final String STRING_CONVERSION_CODE = "UTF8";
    private static final String CRYPTO_ALGORITHM_STARTED = "{";
    private static final String CRYPTO_ALGORITHM_STOPPED = "}";
    private static final TraceComponent tc = Tr.register(PasswordUtil.class, "SASRas", "com.ibm.ejs.resources.security");
    private static final String EMPTY_STRING = new String("");
    private static final byte[] EMPTY_BYTE_ARRAY = new byte[0];
    private static final Class<?> thisClass = PasswordUtil.class;
    private static String passwordEncoderDebug = null;
    private static final String[] SUPPORTED_CRYPTO_ALGORITHMS = PasswordCipherUtil.getSupportedCryptoAlgorithms();
    public static final String DEFAULT_CRYPTO_ALGORITHM = SUPPORTED_CRYPTO_ALGORITHMS[0];
    private static final byte[] BASE64_ENCODE_MAP = {65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 43, 47};
    private static final byte[] BASE64_DECODE_MAP = new byte[128];

    public static String decode(String str) throws InvalidPasswordDecodingException, UnsupportedCryptoAlgorithmException {
        if (str == null) {
            throw new InvalidPasswordDecodingException();
        }
        String cryptoAlgorithm = getCryptoAlgorithm(str);
        if (cryptoAlgorithm == null) {
            throw new InvalidPasswordDecodingException();
        }
        if (!isValidCryptoAlgorithm(cryptoAlgorithm)) {
            throw new UnsupportedCryptoAlgorithmException();
        }
        String decode_password = decode_password(removeCryptoAlgorithmTag(str), cryptoAlgorithm);
        if (decode_password == null) {
            throw new InvalidPasswordDecodingException();
        }
        return decode_password;
    }

    public static String encode(String str) throws InvalidPasswordEncodingException, UnsupportedCryptoAlgorithmException {
        return encode(str, DEFAULT_CRYPTO_ALGORITHM);
    }

    public static String encode(String str, String str2) throws InvalidPasswordEncodingException, UnsupportedCryptoAlgorithmException {
        if (!isValidCryptoAlgorithm(str2)) {
            throw new UnsupportedCryptoAlgorithmException();
        }
        if (str == null) {
            throw new InvalidPasswordEncodingException();
        }
        String cryptoAlgorithm = getCryptoAlgorithm(str);
        if (cryptoAlgorithm != null && cryptoAlgorithm.startsWith(str2)) {
            throw new InvalidPasswordEncodingException();
        }
        if (cryptoAlgorithm != null) {
            str = passwordDecode(str);
        }
        String encode_password = encode_password(str.trim(), str2.trim());
        if (encode_password == null) {
            throw new InvalidPasswordEncodingException();
        }
        return encode_password;
    }

    public static String getCryptoAlgorithm(String str) {
        int i;
        int indexOf;
        String str2 = null;
        if (str != null) {
            String trim = str.trim();
            if (trim.length() >= 2) {
                int indexOf2 = trim.indexOf(CRYPTO_ALGORITHM_STARTED);
                if (indexOf2 == 0 && (indexOf = trim.indexOf(CRYPTO_ALGORITHM_STOPPED, (i = indexOf2 + 1))) > 0) {
                    str2 = i < indexOf ? trim.substring(i, indexOf).trim() : EMPTY_STRING;
                }
            }
        }
        return str2;
    }

    public static String getCryptoAlgorithmTag(String str) {
        String str2 = null;
        String cryptoAlgorithm = getCryptoAlgorithm(str);
        if (cryptoAlgorithm != null) {
            StringBuffer stringBuffer = new StringBuffer(CRYPTO_ALGORITHM_STARTED);
            if (cryptoAlgorithm.length() > 0) {
                stringBuffer.append(cryptoAlgorithm);
            }
            stringBuffer.append(CRYPTO_ALGORITHM_STOPPED);
            str2 = stringBuffer.toString();
        }
        return str2;
    }

    public static boolean isEncrypted(String str) {
        String cryptoAlgorithm = getCryptoAlgorithm(str);
        return cryptoAlgorithm != null && isValidCryptoAlgorithm(cryptoAlgorithm);
    }

    public static boolean isValidCryptoAlgorithm(String str) {
        if (str == null) {
            return false;
        }
        String trim = str.trim();
        if (trim.length() == 0) {
            return true;
        }
        for (int i = 0; i < SUPPORTED_CRYPTO_ALGORITHMS.length; i++) {
            if (trim.startsWith(SUPPORTED_CRYPTO_ALGORITHMS[i])) {
                return true;
            }
        }
        return false;
    }

    public static boolean isValidCryptoAlgorithmTag(String str) {
        return isValidCryptoAlgorithm(getCryptoAlgorithm(str));
    }

    public static String passwordDecode(String str) {
        if (str == null) {
            return null;
        }
        String cryptoAlgorithm = getCryptoAlgorithm(str);
        if (cryptoAlgorithm == null) {
            return str;
        }
        if (isValidCryptoAlgorithm(cryptoAlgorithm)) {
            return decode_password(removeCryptoAlgorithmTag(str), cryptoAlgorithm);
        }
        return null;
    }

    public static String passwordEncode(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "passwordEncode");
        }
        String property = System.getProperty("com.ibm.wsspi.security.crypto.customPasswordEncryptionEnabled");
        if (property == null || !property.equalsIgnoreCase("true")) {
            debugMessage("calling passwordEncode with defaultlt algorithm");
            return passwordEncode(str, DEFAULT_CRYPTO_ALGORITHM);
        }
        debugMessage("calling passwordEncode with custom algorithm");
        return passwordEncode(str, JavaGeneratorFactory.CUSTOM);
    }

    public static String passwordEncode(String str, String str2) {
        debugMessage("passwordEncode entry -  crypto_algorithm " + str2);
        if (!isValidCryptoAlgorithm(str2)) {
            debugMessage("crypto_algorithm is not valid. Returning null");
            return null;
        }
        if (str == null) {
            debugMessage("input string for encoding is null. Returning null");
            return null;
        }
        String cryptoAlgorithm = getCryptoAlgorithm(str);
        debugMessage("current_crypto_algorithm=" + cryptoAlgorithm);
        if (cryptoAlgorithm != null && cryptoAlgorithm.equals(str2)) {
            debugMessage("current algorithm matches the string's algorithm. Just returning the input string");
            if (isValidCryptoAlgorithm(cryptoAlgorithm)) {
                return str.trim();
            }
            return null;
        }
        if (cryptoAlgorithm != null) {
            debugMessage("current algorithm is specified but not matching the specified algorithm. Trying to decode first....");
            str = passwordDecode(str);
        }
        debugMessage("calling encode with crypto_algorithm " + str2);
        return encode_password(str.trim(), str2.trim());
    }

    public static String removeCryptoAlgorithmTag(String str) {
        String str2 = null;
        if (str != null) {
            String trim = str.trim();
            if (trim.length() >= 2) {
                int indexOf = trim.indexOf(CRYPTO_ALGORITHM_STARTED);
                if (indexOf == 0) {
                    int indexOf2 = trim.indexOf(CRYPTO_ALGORITHM_STOPPED, indexOf + 1);
                    if (indexOf2 > 0) {
                        int i = indexOf2 + 1;
                        str2 = i < trim.length() ? trim.substring(i).trim() : EMPTY_STRING;
                    }
                }
            }
        }
        return str2;
    }

    private static byte[] convert_to_bytes(String str) {
        byte[] bArr = null;
        if (str != null) {
            if (str.length() == 0) {
                bArr = EMPTY_BYTE_ARRAY;
            } else {
                try {
                    bArr = str.getBytes("UTF8");
                } catch (UnsupportedEncodingException e) {
                    Manager.Ffdc.log(e, thisClass, "com.ibm.ISecurityUtilityImpl.PasswordUtil.convert_to_bytes", "537");
                    bArr = null;
                }
            }
        }
        return bArr;
    }

    private static String convert_to_string(byte[] bArr) {
        String str = null;
        if (bArr != null) {
            if (bArr.length == 0) {
                str = EMPTY_STRING;
            } else {
                try {
                    str = new String(bArr, "UTF8");
                } catch (UnsupportedEncodingException e) {
                    Manager.Ffdc.log(e, thisClass, "com.ibm.ISecurityUtilityImpl.PasswordUtil.convert_to_string", "568");
                    str = null;
                }
            }
        }
        return str;
    }

    private static byte[] convert_viewable_to_bytes(String str) {
        byte[] bArr = null;
        if (str != null) {
            if (str.length() == 0) {
                bArr = EMPTY_BYTE_ARRAY;
            } else {
                try {
                    bArr = base64Decode(convert_to_bytes(str));
                } catch (Exception e) {
                    Manager.Ffdc.log(e, thisClass, "com.ibm.ISecurityUtilityImpl.PasswordUtil.convert_viewable_to_bytes", "600");
                    bArr = null;
                }
            }
        }
        return bArr;
    }

    private static byte[] base64Decode(byte[] bArr) {
        int length = bArr.length;
        do {
            length--;
        } while (bArr[length] == 61);
        byte[] bArr2 = new byte[(length + 1) - (bArr.length / 4)];
        for (int i = 0; i < bArr.length; i++) {
            bArr[i] = BASE64_DECODE_MAP[bArr[i]];
        }
        int length2 = bArr2.length - 2;
        int i2 = 0;
        int i3 = 0;
        while (i2 < length2) {
            bArr2[i2] = (byte) (((bArr[i3] << 2) & 255) | ((bArr[i3 + 1] >>> 4) & 3));
            bArr2[i2 + 1] = (byte) (((bArr[i3 + 1] << 4) & 255) | ((bArr[i3 + 2] >>> 2) & 15));
            bArr2[i2 + 2] = (byte) (((bArr[i3 + 2] << 6) & 255) | (bArr[i3 + 3] & 63));
            i2 += 3;
            i3 += 4;
        }
        if (i2 < bArr2.length) {
            int i4 = i2;
            int i5 = i2 + 1;
            bArr2[i4] = (byte) (((bArr[i3] << 2) & 255) | ((bArr[i3 + 1] >>> 4) & 3));
            if (i5 < bArr2.length) {
                bArr2[i5] = (byte) (((bArr[i3 + 1] << 4) & 255) | ((bArr[i3 + 2] >>> 2) & 15));
            }
        }
        return bArr2;
    }

    private static String convert_viewable_to_string(byte[] bArr) {
        String str = null;
        if (bArr != null) {
            if (bArr.length == 0) {
                str = EMPTY_STRING;
            } else {
                try {
                    str = convert_to_string(base64Encode(bArr));
                } catch (Exception e) {
                    Manager.Ffdc.log(e, thisClass, "com.ibm.ISecurityUtilityImpl.PasswordUtil.convert_viewable_to_string", "676");
                    str = null;
                }
            }
        }
        return str;
    }

    private static byte[] base64Encode(byte[] bArr) {
        byte[] bArr2 = new byte[((bArr.length + 2) / 3) * 4];
        int i = 0;
        int i2 = 0;
        while (i < bArr.length - 2) {
            int i3 = i2;
            int i4 = i2 + 1;
            bArr2[i3] = BASE64_ENCODE_MAP[(bArr[i] >>> 2) & 63];
            int i5 = i4 + 1;
            bArr2[i4] = BASE64_ENCODE_MAP[((bArr[i + 1] >>> 4) & 15) | ((bArr[i] << 4) & 63)];
            int i6 = i5 + 1;
            bArr2[i5] = BASE64_ENCODE_MAP[((bArr[i + 2] >>> 6) & 3) | ((bArr[i + 1] << 2) & 63)];
            i2 = i6 + 1;
            bArr2[i6] = BASE64_ENCODE_MAP[bArr[i + 2] & 63];
            i += 3;
        }
        if (i < bArr.length) {
            int i7 = i2;
            int i8 = i2 + 1;
            bArr2[i7] = BASE64_ENCODE_MAP[(bArr[i] >>> 2) & 63];
            if (i < bArr.length - 1) {
                int i9 = i8 + 1;
                bArr2[i8] = BASE64_ENCODE_MAP[((bArr[i + 1] >>> 4) & 15) | ((bArr[i] << 4) & 63)];
                i2 = i9 + 1;
                bArr2[i9] = BASE64_ENCODE_MAP[(bArr[i + 1] << 2) & 63];
            } else {
                i2 = i8 + 1;
                bArr2[i8] = BASE64_ENCODE_MAP[(bArr[i] << 4) & 63];
            }
        }
        while (i2 < bArr2.length) {
            bArr2[i2] = 61;
            i2++;
        }
        return bArr2;
    }

    private static String decode_password(String str, String str2) {
        StringBuffer stringBuffer = new StringBuffer();
        if (str2.length() == 0) {
            stringBuffer.append(str);
        } else {
            String str3 = null;
            if (str.length() > 0) {
                byte[] convert_viewable_to_bytes = convert_viewable_to_bytes(str);
                if (convert_viewable_to_bytes == null) {
                    return null;
                }
                if (convert_viewable_to_bytes.length > 0) {
                    try {
                        byte[] decipher = PasswordCipherUtil.decipher(convert_viewable_to_bytes, str2);
                        if (decipher != null && decipher.length > 0) {
                            str3 = convert_to_string(decipher);
                        }
                    } catch (InvalidPasswordCipherException e) {
                        Manager.Ffdc.log(e, thisClass, "com.ibm.ISecurityUtilityImpl.PasswordUtil.decode_password", "779");
                        return null;
                    } catch (UnsupportedCryptoAlgorithmException e2) {
                        Manager.Ffdc.log(e2, thisClass, "com.ibm.ISecurityUtilityImpl.PasswordUtil.decode_password", "784");
                        return null;
                    }
                }
            }
            if (str3 != null && str3.length() > 0) {
                stringBuffer.append(str3);
            }
        }
        return stringBuffer.toString();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r14v1, types: [java.lang.Throwable, com.ibm.ISecurityUtilityImpl.InvalidPasswordCipherException] */
    private static String encode_password(String str, String str2) {
        debugMessage("Entering encode_password.  crypto_algorithm=" + str2);
        StringBuffer stringBuffer = new StringBuffer(CRYPTO_ALGORITHM_STARTED);
        if (str2.length() == 0) {
            stringBuffer.append(CRYPTO_ALGORITHM_STOPPED).append(str);
        } else {
            String str3 = null;
            EncryptedInfo encryptedInfo = null;
            if (str.length() > 0) {
                byte[] convert_to_bytes = convert_to_bytes(str);
                debugMessage("decrypted_bytes:" + convert_to_bytes);
                if (convert_to_bytes.length > 0) {
                    byte[] bArr = null;
                    boolean z = false;
                    while (!z) {
                        try {
                            try {
                                encryptedInfo = PasswordCipherUtil.encipher_internal(convert_to_bytes, str2);
                                if (encryptedInfo != null) {
                                    bArr = encryptedInfo.getEncryptedBytes();
                                    debugMessage("encrypted_bytes:" + bArr);
                                }
                                z = true;
                            } catch (PasswordEncryptException e) {
                                debugMessage("PasswordEncryptException: " + e.getMessage());
                                Manager.Ffdc.log(e, thisClass, "com.ibm.ISecurityUtilityImpl.PasswordUtil.encode_password", "871");
                                throw new InvalidPasswordCipherException();
                                break;
                            }
                        } catch (InvalidPasswordCipherException e2) {
                            if (!System.getProperty("os.name").equals("OS/400")) {
                                debugMessage("InvalidPasswordCipherException: " + e2.getMessage());
                                Manager.Ffdc.log(e2, thisClass, "com.ibm.ISecurityUtilityImpl.PasswordUtil.encode_password", "894");
                                return null;
                            }
                            String failSafeCryptoAlgorithm = PasswordCipherUtil.getFailSafeCryptoAlgorithm();
                            if (str2.equalsIgnoreCase(failSafeCryptoAlgorithm)) {
                                debugMessage("InvalidPasswordCipherException with IBM i: " + e2.getMessage());
                                Manager.Ffdc.log(e2, thisClass, "com.ibm.ISecurityUtilityImpl.PasswordUtil.encode_password", "883");
                                return null;
                            }
                            str2 = failSafeCryptoAlgorithm;
                        } catch (UnsupportedCryptoAlgorithmException e3) {
                            Manager.Ffdc.log(e3, thisClass, "com.ibm.ISecurityUtilityImpl.PasswordUtil.encode_password", "900");
                            return null;
                        }
                    }
                    if (bArr != null && bArr.length > 0) {
                        str3 = convert_viewable_to_string(bArr);
                        if (str3 == null) {
                            return null;
                        }
                    }
                }
            }
            if (encryptedInfo == null || encryptedInfo.getKeyAlias() == null || encryptedInfo.getKeyAlias().equals("")) {
                stringBuffer.append(str2).append(CRYPTO_ALGORITHM_STOPPED);
            } else {
                stringBuffer.append(str2).append(":").append(encryptedInfo.getKeyAlias()).append(CRYPTO_ALGORITHM_STOPPED);
            }
            if (str3 != null && str3.length() > 0) {
                stringBuffer.append(str3);
            }
        }
        return stringBuffer.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void debugMessage(String str) {
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, str);
        }
        if (passwordEncoderDebug == null) {
            passwordEncoderDebug = System.getProperty("com.ibm.websphere.security.passwordEncoderDebug");
            if (passwordEncoderDebug != null && !passwordEncoderDebug.equalsIgnoreCase("true")) {
                passwordEncoderDebug = "false";
            }
        }
        if (passwordEncoderDebug == null || !passwordEncoderDebug.equalsIgnoreCase("true")) {
            return;
        }
        System.out.println("DEBUG:" + str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void debugMessage(Exception exc) {
        if (exc == null) {
            debugMessage("Exception is null");
            return;
        }
        StringBuffer stringBuffer = new StringBuffer("---DEBUG: Exception stacktrace---");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        exc.printStackTrace(new PrintStream(byteArrayOutputStream));
        stringBuffer.append("\n");
        stringBuffer.append(byteArrayOutputStream);
        stringBuffer.append("---End of stacktrace----");
        debugMessage(stringBuffer.toString());
    }

    static {
        for (int i = 0; i < BASE64_DECODE_MAP.length; i++) {
            BASE64_DECODE_MAP[i] = -1;
        }
        for (int i2 = 0; i2 < BASE64_ENCODE_MAP.length; i2++) {
            BASE64_DECODE_MAP[BASE64_ENCODE_MAP[i2]] = (byte) i2;
        }
    }
}
