package org.dspace.eperson;

import java.nio.charset.Charset;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import org.apache.axiom.om.util.DigestGenerator;
import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Hex;
import org.dspace.services.ConfigurationService;
import org.dspace.utils.DSpace;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/dspace-api-4.0.jar:org/dspace/eperson/PasswordHash.class */
public class PasswordHash {
    private static final String DEFAULT_DIGEST_ALGORITHM = "SHA-512";
    private static final String ALGORITHM_PROPERTY = "authentication-password.digestAlgorithm";
    private static final int SALT_BYTES = 16;
    private static final int HASH_ROUNDS = 1024;
    private static final int SEED_BYTES = 64;
    private static final int RESEED_INTERVAL = 100;
    private static int rngUses;
    private String algorithm;
    private byte[] salt;
    private byte[] hash;
    private static final Logger log = LoggerFactory.getLogger(PasswordHash.class);
    private static final ConfigurationService config = new DSpace().getConfigurationService();
    private static final Charset UTF_8 = Charset.forName("UTF-8");
    private static SecureRandom rng = null;

    private PasswordHash() {
    }

    public PasswordHash(String str, byte[] bArr, byte[] bArr2) {
        if (null == str || !str.isEmpty()) {
            this.algorithm = str;
        } else {
            this.algorithm = null;
        }
        this.salt = bArr;
        this.hash = bArr2;
    }

    public PasswordHash(String str, String str2, String str3) throws DecoderException {
        if (null == str || !str.isEmpty()) {
            this.algorithm = str;
        } else {
            this.algorithm = null;
        }
        if (null == str2) {
            this.salt = null;
        } else {
            this.salt = Hex.decodeHex(str2.toCharArray());
        }
        if (null == str3) {
            this.hash = null;
        } else {
            this.hash = Hex.decodeHex(str3.toCharArray());
        }
    }

    public PasswordHash(String str) {
        this.salt = generateSalt();
        this.algorithm = (String) config.getPropertyAsType(ALGORITHM_PROPERTY, DEFAULT_DIGEST_ALGORITHM);
        try {
            this.hash = digest(this.salt, this.algorithm, str);
        } catch (NoSuchAlgorithmException e) {
            log.error(e.getMessage());
            this.hash = new byte[]{0};
        }
    }

    public boolean matches(String str) {
        try {
            return Arrays.equals(digest(this.salt, this.algorithm, str), this.hash);
        } catch (NoSuchAlgorithmException e) {
            log.error(e.getMessage());
            return false;
        }
    }

    public byte[] getHash() {
        return this.hash;
    }

    public String getHashString() {
        if (null != this.hash) {
            return new String(Hex.encodeHex(this.hash));
        }
        return null;
    }

    public byte[] getSalt() {
        return this.salt;
    }

    public String getSaltString() {
        if (null != this.salt) {
            return new String(Hex.encodeHex(this.salt));
        }
        return null;
    }

    public String getAlgorithm() {
        return this.algorithm;
    }

    public static String getDefaultAlgorithm() {
        return DEFAULT_DIGEST_ALGORITHM;
    }

    private synchronized byte[] generateSalt() {
        if (null == rng) {
            rng = new SecureRandom();
            log.info("Initialized a random number stream using {} provided by {}", rng.getAlgorithm(), rng.getProvider());
            rngUses = 0;
        }
        int i = rngUses;
        rngUses = i + 1;
        if (i > 100) {
            log.debug("Re-seeding the RNG");
            rng.setSeed(rng.generateSeed(64));
            rngUses = 0;
        }
        this.salt = new byte[16];
        rng.nextBytes(this.salt);
        return this.salt;
    }

    private byte[] digest(byte[] bArr, String str, String str2) throws NoSuchAlgorithmException {
        if (null == str2) {
            str2 = "";
        }
        if (null == str) {
            MessageDigest messageDigest = MessageDigest.getInstance(DigestGenerator.md5DigestAlgorithm);
            messageDigest.update(str2.getBytes(UTF_8));
            return messageDigest.digest();
        }
        MessageDigest messageDigest2 = MessageDigest.getInstance(str);
        if (null != bArr) {
            messageDigest2.update(bArr);
        }
        messageDigest2.update(str2.getBytes(UTF_8));
        for (int i = 1; i < 1024; i++) {
            byte[] digest = messageDigest2.digest();
            messageDigest2.reset();
            messageDigest2.update(digest);
        }
        return messageDigest2.digest();
    }
}
