package org.exoplatform.web.security.hash;

import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import org.exoplatform.container.PortalContainer;
import org.exoplatform.web.security.security.SecureRandomService;
import org.gatein.common.logging.Logger;
import org.gatein.common.logging.LoggerFactory;

/* loaded from: input_file:org/exoplatform/web/security/hash/JCASaltedHashService.class */
public class JCASaltedHashService implements SaltedHashService {
    public static final String PBKDF2_WITH_HMAC_SHA1 = "PBKDF2WithHmacSHA1";
    public static final int DEFAULT_SALT_BYTE_LENGTH = 9;
    public static final int DEFAULT_HASH_BYTE_LENGTH = 9;
    public static final int DEFAULT_ITERATION_COUNT = 1000;
    private int iterationCount;
    private int saltByteLength;
    private int hashByteLength;
    private String algorithm;
    private SaltedHashCodec codec;
    private final Logger log;

    public JCASaltedHashService(String str, int i, int i2, int i3, SaltedHashCodec saltedHashCodec) {
        this.log = LoggerFactory.getLogger(JCASaltedHashService.class);
        this.algorithm = str;
        this.iterationCount = i;
        this.saltByteLength = i2;
        this.hashByteLength = i3;
        this.codec = saltedHashCodec;
    }

    public JCASaltedHashService() {
        this(PBKDF2_WITH_HMAC_SHA1, DEFAULT_ITERATION_COUNT, 9, 9, XmlSafeSaltedHashCodec.INSTANCE);
    }

    @Override // org.exoplatform.web.security.hash.SaltedHashService
    public String getSaltedHash(String str) throws SaltedHashException {
        try {
            byte[] bArr = new byte[this.saltByteLength];
            ((SecureRandomService) PortalContainer.getInstance().getComponentInstanceOfType(SecureRandomService.class)).getSecureRandom().nextBytes(bArr);
            return this.codec.encode(new SaltedHash(this.algorithm, this.iterationCount, bArr, hash(this.algorithm, str, bArr, this.iterationCount, this.hashByteLength)));
        } catch (NoSuchAlgorithmException e) {
            throw new SaltedHashException("Could not create salted hash from password.", e);
        } catch (InvalidKeySpecException e2) {
            throw new SaltedHashException("Could not create salted hash from password.", e2);
        }
    }

    @Override // org.exoplatform.web.security.hash.SaltedHashService
    public boolean validate(String str, String str2) throws SaltedHashException {
        try {
            SaltedHash decode = this.codec.decode(str2);
            byte[] hash = hash(decode.getAlgorithm(), str, decode.getSalt(), decode.getIterationCount(), decode.getHash().length);
            if (this.log.isDebugEnabled()) {
                this.log.debug("About to validate submitted hash " + Arrays.toString(hash) + " against stored hash " + Arrays.toString(decode.getHash()));
            }
            return Arrays.equals(hash, decode.getHash());
        } catch (NoSuchAlgorithmException e) {
            throw new SaltedHashException("Could not validate password against salted hash.", e);
        } catch (InvalidKeySpecException e2) {
            throw new SaltedHashException("Could not validate password against salted hash.", e2);
        }
    }

    private static byte[] hash(String str, String str2, byte[] bArr, int i, int i2) throws InvalidKeySpecException, NoSuchAlgorithmException {
        return SecretKeyFactory.getInstance(str).generateSecret(new PBEKeySpec(str2.toCharArray(), bArr, i, i2 * 8)).getEncoded();
    }

    public int getIterationCount() {
        return this.iterationCount;
    }

    public void setIterationCount(int i) {
        this.iterationCount = i;
    }

    public int getSaltByteLength() {
        return this.saltByteLength;
    }

    public void setSaltLength(int i) {
        this.saltByteLength = i;
    }

    public int getHashByteLength() {
        return this.hashByteLength;
    }

    public void setHashLength(int i) {
        this.hashByteLength = i;
    }

    public String getAlgorithm() {
        return this.algorithm;
    }

    public void setAlgorithm(String str) {
        this.algorithm = str;
    }

    public SaltedHashCodec getCodec() {
        return this.codec;
    }

    public void setCodec(SaltedHashCodec saltedHashCodec) {
        this.codec = saltedHashCodec;
    }
}
