package blackboard.platform.security.algorithm;

import blackboard.data.ValidationException;
import blackboard.platform.log.LogServiceFactory;
import blackboard.util.Base64Codec;
import blackboard.util.StringUtil;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;

/* loaded from: input_file:blackboard/platform/security/algorithm/PBKDF2Algorithm.class */
public class PBKDF2Algorithm extends PBKDF2AlgorithmManager {
    public static final String ALGORITHM_PREFIX = "{PBKDF2}";
    private static final String DEFAULT_SALTING_ALGORITHM = "HmacSHA512";
    private static final String DEFAULT_PBK_ALGORITHM = "PBKDF2WithHmacSHA1";
    private static final int DEFAULT_HASH_LENGTH = 24;
    private static final int DEFAULT_PBK_ITERATIONS = 1500;
    private KeyGenerator _keyGenerator;
    private SecretKeyFactory _secretKeyFactory;
    private String _saltingAlgorithm = DEFAULT_SALTING_ALGORITHM;
    private String _stretchAlgorithm = DEFAULT_PBK_ALGORITHM;
    private int _hashLength = DEFAULT_HASH_LENGTH;
    private int _iterations = DEFAULT_PBK_ITERATIONS;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:blackboard/platform/security/algorithm/PBKDF2Algorithm$Settings.class */
    public static final class Settings {
        private String _saltingAlgorithm;
        private String _stretchAlgorithm;
        private int _hashLength;
        private int _iterations;
        private String _salt;
        private String _hash;

        public Settings(String str, String str2, int i, int i2, byte[] bArr, byte[] bArr2) {
            this(str, str2, i, i2, Base64Codec.encode(bArr), Base64Codec.encode(bArr2));
        }

        private Settings(String str, String str2, int i, int i2, String str3, String str4) {
            this._saltingAlgorithm = str;
            this._stretchAlgorithm = str2;
            this._hashLength = i;
            this._iterations = i2;
            this._salt = str3;
            this._hash = str4;
        }

        public static Settings fromString(String str) {
            String[] split = str.split(":");
            if (split.length != 6) {
                return null;
            }
            try {
                return new Settings(split[0], split[1], Integer.parseInt(split[2]), Integer.parseInt(split[3]), split[4], split[5]);
            } catch (Exception e) {
                return null;
            }
        }

        public String getSaltingAlgorithm() {
            return this._saltingAlgorithm;
        }

        public String getStretchAlgorithm() {
            return this._stretchAlgorithm;
        }

        public int getHashLength() {
            return this._hashLength;
        }

        public int getIterations() {
            return this._iterations;
        }

        public byte[] getSalt() throws Exception {
            return Base64Codec.decodeString(this._salt);
        }

        public byte[] getHash() throws Exception {
            return Base64Codec.decodeString(this._hash);
        }

        public String toString() {
            return PBKDF2Algorithm.ALGORITHM_PREFIX + this._saltingAlgorithm + ":" + this._stretchAlgorithm + ":" + this._hashLength + ":" + this._iterations + ":" + this._salt + ":" + this._hash;
        }
    }

    public PBKDF2Algorithm() {
        try {
            this._keyGenerator = initializeKeyGenerator(this._saltingAlgorithm);
            this._secretKeyFactory = initializeKeyFactory(this._stretchAlgorithm);
        } catch (NoSuchAlgorithmException e) {
            LogServiceFactory.getInstance().logWarning(e.getMessage(), e);
            throw new RuntimeException(e);
        }
    }

    @Override // blackboard.platform.security.algorithm.PBKDF2AlgorithmManager
    public void updateSettings(String str, String str2, int i, int i2) throws NoSuchAlgorithmException, InstantiationException, ValidationException {
        updateSettings(new PBKDF2Algorithm(), str, str2, i, i2);
        updateSettings(this, str, str2, i, i2);
    }

    private static void updateSettings(PBKDF2Algorithm pBKDF2Algorithm, String str, String str2, int i, int i2) throws ValidationException, NoSuchAlgorithmException, InstantiationException {
        pBKDF2Algorithm.setSaltingAlgorithm(str);
        pBKDF2Algorithm.setStretchAlgorithm(str2);
        pBKDF2Algorithm.setHashLength(i);
        pBKDF2Algorithm.setIterations(i2);
        pBKDF2Algorithm.validate();
    }

    private void setHashLength(int i) throws InstantiationException {
        if (i <= 0) {
            throw new InstantiationException("Invalid hash length value: " + i);
        }
        this._hashLength = i;
    }

    @Override // blackboard.platform.security.algorithm.PBKDF2AlgorithmManager
    public int getHashLength() {
        return this._hashLength;
    }

    private void setIterations(int i) throws InstantiationException {
        if (i <= 0) {
            throw new InstantiationException("Invalid iterations value: " + i);
        }
        this._iterations = i;
    }

    @Override // blackboard.platform.security.algorithm.PBKDF2AlgorithmManager
    public int getIterations() {
        return this._iterations;
    }

    private void setSaltingAlgorithm(String str) throws NoSuchAlgorithmException {
        try {
            KeyGenerator initializeKeyGenerator = initializeKeyGenerator(str);
            this._saltingAlgorithm = str;
            this._keyGenerator = initializeKeyGenerator;
        } catch (NoSuchAlgorithmException e) {
            LogServiceFactory.getInstance().logWarning(String.format("Invalid salting algorithm specified: %s", str), e);
            throw e;
        }
    }

    @Override // blackboard.platform.security.algorithm.PBKDF2AlgorithmManager
    public String getSaltingAlgorithm() {
        return this._saltingAlgorithm;
    }

    private void setStretchAlgorithm(String str) throws NoSuchAlgorithmException {
        try {
            SecretKeyFactory initializeKeyFactory = initializeKeyFactory(str);
            this._stretchAlgorithm = str;
            this._secretKeyFactory = initializeKeyFactory;
        } catch (NoSuchAlgorithmException e) {
            LogServiceFactory.getInstance().logWarning(String.format("Invalid key stretch algorithm specified: %s", str), e);
            throw e;
        }
    }

    @Override // blackboard.platform.security.algorithm.PBKDF2AlgorithmManager
    public String getStretchAlgorithm() {
        return this._stretchAlgorithm;
    }

    private KeyGenerator initializeKeyGenerator(String str) throws NoSuchAlgorithmException {
        KeyGenerator keyGenerator;
        try {
            keyGenerator = KeyGenerator.getInstance(str, "SunJCE");
        } catch (NoSuchProviderException e) {
            keyGenerator = KeyGenerator.getInstance(str);
        }
        keyGenerator.init(new SecureRandom());
        return keyGenerator;
    }

    private SecretKeyFactory initializeKeyFactory(String str) throws NoSuchAlgorithmException {
        SecretKeyFactory secretKeyFactory;
        try {
            secretKeyFactory = SecretKeyFactory.getInstance(str, "SunJCE");
        } catch (NoSuchProviderException e) {
            secretKeyFactory = SecretKeyFactory.getInstance(str);
        }
        return secretKeyFactory;
    }

    @Override // blackboard.platform.security.algorithm.CryptoAlgorithm
    public String encode(String str) throws GeneralSecurityException {
        byte[] randomSeed = getRandomSeed();
        return new Settings(this._saltingAlgorithm, this._stretchAlgorithm, this._hashLength, this._iterations, randomSeed, pbkdf2(str.toCharArray(), this._iterations, randomSeed, this._hashLength)).toString();
    }

    private byte[] pbkdf2(char[] cArr, int i, byte[] bArr, int i2) throws InvalidKeySpecException {
        return this._secretKeyFactory.generateSecret(new PBEKeySpec(cArr, bArr, i, i2 * 8)).getEncoded();
    }

    @Override // blackboard.platform.security.algorithm.CryptoAlgorithm
    public boolean isUsingCurrentSettings(String str) {
        if (str.startsWith(ALGORITHM_PREFIX)) {
            str = str.substring(ALGORITHM_PREFIX.length());
        }
        boolean z = false;
        Settings fromString = Settings.fromString(str);
        if (null != fromString) {
            z = (fromString.getHashLength() == this._hashLength) & (fromString.getIterations() == this._iterations) & StringUtil.isEqual(fromString.getSaltingAlgorithm(), this._saltingAlgorithm) & StringUtil.isEqual(fromString.getStretchAlgorithm(), this._stretchAlgorithm);
        }
        return z;
    }

    @Override // blackboard.platform.security.algorithm.CryptoAlgorithm
    public boolean validatePassword(String str, String str2) {
        try {
            if (str2.startsWith(ALGORITHM_PREFIX)) {
                str2 = str2.substring(ALGORITHM_PREFIX.length());
            }
            Settings fromString = Settings.fromString(str2);
            return constantTimeEquals(fromString.getHash(), getHashValue(str.toCharArray(), fromString));
        } catch (Exception e) {
            LogServiceFactory.getInstance().logDebug("Unable to determine PBKDF2 settings from password: " + str2, e);
            return false;
        }
    }

    protected static byte[] getHashValue(char[] cArr, Settings settings) throws Exception {
        int iterations = settings.getIterations();
        int hashLength = settings.getHashLength();
        byte[] salt = settings.getSalt();
        PBKDF2Algorithm pBKDF2Algorithm = new PBKDF2Algorithm();
        pBKDF2Algorithm.setSaltingAlgorithm(settings.getSaltingAlgorithm());
        pBKDF2Algorithm.setStretchAlgorithm(settings.getStretchAlgorithm());
        return pBKDF2Algorithm.pbkdf2(cArr, iterations, salt, hashLength);
    }

    byte[] getRandomSeed() {
        return this._keyGenerator.generateKey().getEncoded();
    }
}
