package org.picketlink.idm.credential.util;

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import org.apache.commons.configuration.tree.DefaultExpressionEngine;
import org.picketlink.common.constants.LDAPConstants;
import org.picketlink.common.util.Base64;
import org.picketlink.idm.credential.Digest;
import org.picketlink.idm.credential.DigestValidationException;

/* loaded from: input_file:WEB-INF/lib/picketlink-idm-api-2.5.4.SP1-redhat-1.jar:org/picketlink/idm/credential/util/DigestUtil.class */
public class DigestUtil {
    private static final String UTF8 = "UTF-8";
    private static final String MD5_ALGORITHM = "MD5";

    public static String userName(String str) {
        if (str.startsWith("Digest")) {
            str = str.substring(7).trim();
        }
        return extract(str, "username=");
    }

    public static byte[] md5(String str) {
        try {
            return getMessageDigest().digest(str.getBytes("UTF-8"));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static String calculate(Digest digest, char[] cArr) {
        try {
            MessageDigest messageDigest = getMessageDigest();
            byte[] calculateA1 = calculateA1(digest.getUsername(), digest.getRealm(), cArr);
            byte[] calculateA2 = calculateA2(digest.getMethod(), digest.getUri());
            messageDigest.update(convertBytesToHex(calculateA1).getBytes("UTF-8"));
            messageDigest.update((byte) 58);
            messageDigest.update(digest.getNonce().getBytes("UTF-8"));
            messageDigest.update((byte) 58);
            messageDigest.update(digest.getNonceCount().getBytes("UTF-8"));
            messageDigest.update((byte) 58);
            messageDigest.update(digest.getClientNonce().getBytes("UTF-8"));
            messageDigest.update((byte) 58);
            messageDigest.update(digest.getQop().getBytes("UTF-8"));
            messageDigest.update((byte) 58);
            messageDigest.update(convertBytesToHex(calculateA2).getBytes("UTF-8"));
            return convertBytesToHex(messageDigest.digest());
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static String calculateDigest(Digest digest, byte[] bArr, byte[] bArr2) {
        try {
            MessageDigest messageDigest = getMessageDigest();
            messageDigest.update(convertBytesToHex(bArr).getBytes("UTF-8"));
            messageDigest.update((byte) 58);
            messageDigest.update(digest.getNonce().getBytes("UTF-8"));
            messageDigest.update((byte) 58);
            messageDigest.update(digest.getNonceCount().getBytes("UTF-8"));
            messageDigest.update((byte) 58);
            messageDigest.update(digest.getClientNonce().getBytes("UTF-8"));
            messageDigest.update((byte) 58);
            messageDigest.update(digest.getQop().getBytes("UTF-8"));
            messageDigest.update((byte) 58);
            messageDigest.update(convertBytesToHex(bArr2).getBytes("UTF-8"));
            return convertBytesToHex(messageDigest.digest());
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private static MessageDigest getMessageDigest() throws NoSuchAlgorithmException {
        return MessageDigest.getInstance(MD5_ALGORITHM);
    }

    public static byte[] calculateA1(String str, String str2, char[] cArr) {
        try {
            MessageDigest messageDigest = getMessageDigest();
            messageDigest.update(str.getBytes("UTF-8"));
            messageDigest.update((byte) 58);
            messageDigest.update(str2.getBytes("UTF-8"));
            messageDigest.update((byte) 58);
            messageDigest.update(String.valueOf(cArr).getBytes("UTF-8"));
            return messageDigest.digest();
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException("Unsupported encoding.", e);
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException("Invalid algorithm.", e2);
        }
    }

    public static byte[] calculateA2(String str, String str2) {
        try {
            MessageDigest messageDigest = getMessageDigest();
            messageDigest.update(str.getBytes("UTF-8"));
            messageDigest.update((byte) 58);
            messageDigest.update(str2.getBytes("UTF-8"));
            return messageDigest.digest();
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException("Unsupported encoding.", e);
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException("Invalid algorithm.", e2);
        }
    }

    public static boolean matchCredential(Digest digest, char[] cArr) {
        return calculate(digest, cArr).equalsIgnoreCase(digest.getDigest());
    }

    public static String convertBytesToHex(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (byte b : bArr) {
            int i = 255 & b;
            int i2 = 48 + ((i / 16) % 16);
            if (i2 > 57) {
                i2 = 97 + ((i2 - 48) - 10);
            }
            sb.append((char) i2);
            int i3 = 48 + (i % 16);
            if (i3 > 57) {
                i3 = 97 + ((i3 - 48) - 10);
            }
            sb.append((char) i3);
        }
        return sb.toString();
    }

    public static String extract(String str, String str2) {
        String str3 = null;
        if (str.startsWith(str2)) {
            str3 = str.substring(str.indexOf(LDAPConstants.EQUAL) + 1);
            if (str3.startsWith("\"")) {
                str3 = str3.substring(1);
            }
            if (str3.endsWith("\"")) {
                str3 = str3.substring(0, str3.length() - 1);
            }
        }
        return str3;
    }

    public void validate(Digest digest, String str, String str2) throws DigestValidationException {
        if (digest.getRealm() == null) {
            throw new DigestValidationException("Mandatory field 'realm' not specified");
        }
        if (digest.getNonce() == null) {
            throw new DigestValidationException("Mandatory field 'nonce' not specified");
        }
        if (digest.getUri() == null) {
            throw new DigestValidationException("Mandatory field 'uri' not specified");
        }
        if (digest.getClientNonce() == null) {
            throw new DigestValidationException("Mandatory field 'response' not specified");
        }
        if ("auth".equals(digest.getQop())) {
            if (digest.getNonceCount() == null) {
                throw new DigestValidationException("Mandatory field 'nc' not specified");
            }
            if (digest.getClientNonce() == null) {
                throw new DigestValidationException("Mandatory field 'cnonce' not specified");
            }
        }
        String str3 = new String(Base64.decode(digest.getNonce()));
        String[] split = str3.split(":");
        if (split.length != 2) {
            throw new DigestValidationException("Nonce should provide two tokens - nonce received: " + digest.getNonce());
        }
        if (!str.equals(digest.getRealm())) {
            throw new DigestValidationException("Realm name [" + digest.getRealm() + "] does not match system realm name [" + str + DefaultExpressionEngine.DEFAULT_ATTRIBUTE_END);
        }
        try {
            long longValue = new Long(split[0]).longValue();
            if (longValue < System.currentTimeMillis()) {
                throw new DigestValidationException("Nonce has expired", true);
            }
            if (!new String(md5(longValue + ":" + str2)).equals(split[1])) {
                throw new DigestValidationException("Nonce token invalid: " + str3);
            }
        } catch (NumberFormatException e) {
            throw new DigestValidationException("First nonce token should be numeric, but was: " + split[0]);
        }
    }
}
