package com.ibm.ws.crypto.util;

import com.ibm.wsspi.security.crypto.CustomPasswordEncryption;
import com.ibm.wsspi.security.crypto.EncryptedInfo;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:resources/server_runtime/lib/com.ibm.ws.crypto.passwordutil_1.0.jar:com/ibm/ws/crypto/util/PasswordCipherUtil.class */
public class PasswordCipherUtil {
    private static final Class<?> CLASS_NAME = PasswordCipherUtil.class;
    private static final Logger logger = Logger.getLogger(CLASS_NAME.getCanonicalName());
    private static final String CUSTOM = "custom";
    private static final String XOR = "xor";
    private static final byte XOR_MASK = 95;
    private static final String DEFAULT_CUSTOM_CRYPTO_CLASS = "com.ibm.wsspi.security.crypto.CustomPasswordEncryptionImpl";
    private static final String CUSTOM_CRYPTO_CLASS_PROPERTY = "com.ibm.wsspi.security.crypto.customPasswordEncryptionClass";
    private static final String CUSTOM_CRYPTO_ENABLE_PROPERTY = "com.ibm.wsspi.security.crypto.customPasswordEncryptionEnabled";
    private static CustomPasswordEncryption CUSTOM_CRYPTO_OBJECT;
    private static String[] SUPPORTED_CRYPTO_ALGORITHMS;

    private static CustomPasswordEncryption createCustomPasswordEncryptionObject(String str) {
        CustomPasswordEncryption customPasswordEncryption = null;
        if (str != null) {
            try {
                customPasswordEncryption = (CustomPasswordEncryption) Class.forName(str).newInstance();
                if (logger.isLoggable(Level.FINE)) {
                    logger.fine("Successfully loaded the custom encryption class: " + str);
                }
            } catch (Exception e) {
                logger.logp(Level.WARNING, PasswordCipherUtil.class.getName(), "createCustomPasswordEncryptionObject", "Could not load specified class", (Throwable) e);
            }
        }
        return customPasswordEncryption;
    }

    public static byte[] decipher(byte[] bArr, String str) throws InvalidPasswordCipherException, UnsupportedCryptoAlgorithmException {
        if (str == null) {
            throw new UnsupportedCryptoAlgorithmException();
        }
        byte[] bArr2 = null;
        if (str.equalsIgnoreCase(XOR)) {
            bArr2 = xor(bArr);
        } else {
            if (!str.startsWith("custom")) {
                throw new UnsupportedCryptoAlgorithmException();
            }
            try {
                if (CUSTOM_CRYPTO_OBJECT != null) {
                    int indexOf = str.indexOf(58);
                    String str2 = null;
                    if (indexOf != -1) {
                        str2 = str.substring(indexOf + 1);
                    }
                    bArr2 = CUSTOM_CRYPTO_OBJECT.decrypt(new EncryptedInfo(bArr, str2));
                    if (logger.isLoggable(Level.FINE)) {
                        logger.fine("Successfully decrypted password using custom encryption plug point.");
                    }
                }
            } catch (Exception e) {
                logger.logp(Level.SEVERE, PasswordCipherUtil.class.getName(), "decipher", "Password decryption error during custom decryption", (Throwable) e);
                throw new InvalidPasswordCipherException();
            }
        }
        if (bArr2 == null) {
            throw new InvalidPasswordCipherException();
        }
        return bArr2;
    }

    public static byte[] encipher(byte[] bArr, String str) throws InvalidPasswordCipherException, UnsupportedCryptoAlgorithmException {
        return encipher_internal(bArr, str).getEncryptedBytes();
    }

    public static EncryptedInfo encipher_internal(byte[] bArr, String str) throws InvalidPasswordCipherException, UnsupportedCryptoAlgorithmException {
        if (str == null) {
            throw new UnsupportedCryptoAlgorithmException();
        }
        EncryptedInfo encryptedInfo = null;
        if (str.equalsIgnoreCase(XOR)) {
            byte[] xor = xor(bArr);
            if (xor != null) {
                encryptedInfo = new EncryptedInfo(xor, "");
            }
        } else {
            if (!str.startsWith("custom")) {
                throw new UnsupportedCryptoAlgorithmException();
            }
            try {
                if (CUSTOM_CRYPTO_OBJECT != null) {
                    encryptedInfo = CUSTOM_CRYPTO_OBJECT.encrypt(bArr);
                    if (logger.isLoggable(Level.FINE)) {
                        logger.fine("Successfully encrypted password using custom encryption plug point.");
                    }
                } else {
                    byte[] xor2 = xor(bArr);
                    if (xor2 != null) {
                        encryptedInfo = new EncryptedInfo(xor2, "");
                    }
                }
            } catch (Exception e) {
                logger.logp(Level.SEVERE, PasswordCipherUtil.class.getName(), "decipher", "A password was received that is encrypted with a custom algorithm that is not currently configured", (Throwable) e);
                return new EncryptedInfo(xor(bArr), "");
            }
        }
        if (encryptedInfo == null) {
            throw new InvalidPasswordCipherException();
        }
        return encryptedInfo;
    }

    public static String[] getSupportedCryptoAlgorithms() {
        return (String[]) SUPPORTED_CRYPTO_ALGORITHMS.clone();
    }

    public static String getFailSafeCryptoAlgorithm() {
        return XOR;
    }

    private static byte[] xor(byte[] bArr) {
        byte[] bArr2 = null;
        if (bArr != null) {
            bArr2 = new byte[bArr.length];
            for (int i = 0; i < bArr.length; i++) {
                bArr2[i] = (byte) (95 ^ bArr[i]);
            }
        }
        return bArr2;
    }

    static {
        boolean z;
        CUSTOM_CRYPTO_OBJECT = null;
        SUPPORTED_CRYPTO_ALGORITHMS = new String[]{XOR};
        if (Boolean.getBoolean(CUSTOM_CRYPTO_ENABLE_PROPERTY)) {
            String property = System.getProperty(CUSTOM_CRYPTO_ENABLE_PROPERTY);
            String property2 = System.getProperty(CUSTOM_CRYPTO_CLASS_PROPERTY, DEFAULT_CUSTOM_CRYPTO_CLASS);
            CUSTOM_CRYPTO_OBJECT = createCustomPasswordEncryptionObject(property2);
            if (CUSTOM_CRYPTO_OBJECT == null) {
                z = false;
            } else if (property == null) {
                z = property2 == DEFAULT_CUSTOM_CRYPTO_CLASS;
            } else {
                z = property.equalsIgnoreCase("yes") || property.equalsIgnoreCase("true");
            }
            if (CUSTOM_CRYPTO_OBJECT == null) {
                SUPPORTED_CRYPTO_ALGORITHMS = new String[]{XOR};
            } else if (z) {
                SUPPORTED_CRYPTO_ALGORITHMS = new String[]{"custom", XOR};
            } else {
                SUPPORTED_CRYPTO_ALGORITHMS = new String[]{XOR, "custom"};
            }
            if (logger.isLoggable(Level.FINE)) {
                logger.fine("com.ibm.wsspi.security.crypto.customPasswordEncryptionClass = " + property2);
                logger.fine("com.ibm.wsspi.security.crypto.customPasswordEncryptionEnabled = " + property);
                logger.fine("Custom encryption enabled = " + z);
            }
        }
    }
}
