package org.xwiki.crypto.passwd.internal;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.Properties;
import javax.inject.Inject;
import javax.inject.Singleton;
import org.xwiki.component.annotation.Component;
import org.xwiki.crypto.internal.Convert;
import org.xwiki.crypto.internal.SerializationUtils;
import org.xwiki.crypto.passwd.KeyDerivationFunction;
import org.xwiki.crypto.passwd.PasswordCiphertext;
import org.xwiki.crypto.passwd.PasswordCryptoService;
import org.xwiki.crypto.passwd.PasswordCryptoServiceConfiguration;
import org.xwiki.crypto.passwd.PasswordVerificationFunction;

@Singleton
@Component
/* loaded from: input_file:WEB-INF/lib/xwiki-platform-crypto-5.0.3.jar:org/xwiki/crypto/passwd/internal/DefaultPasswordCryptoService.class */
public class DefaultPasswordCryptoService implements PasswordCryptoService {
    private final String ciphertextHeader = "-----BEGIN PASSWORD CIPHERTEXT-----\n";
    private final String ciphertextFooter = "-----END PASSWORD CIPHERTEXT-----";

    @Inject
    private PasswordCryptoServiceConfiguration config;

    @Override // org.xwiki.crypto.passwd.PasswordCryptoService
    public synchronized String encryptText(String str, String str2) throws GeneralSecurityException {
        byte[] stringToBytes = Convert.stringToBytes(str);
        StringBuilder sb = new StringBuilder();
        getClass();
        StringBuilder append = sb.append("-----BEGIN PASSWORD CIPHERTEXT-----\n").append(Convert.toChunkedBase64String(encryptBytes(stringToBytes, str2)));
        getClass();
        return append.append("-----END PASSWORD CIPHERTEXT-----").toString();
    }

    @Override // org.xwiki.crypto.passwd.PasswordCryptoService
    public synchronized String decryptText(String str, String str2) throws GeneralSecurityException {
        getClass();
        getClass();
        byte[] decryptBytes = decryptBytes(Convert.fromBase64String(str, "-----BEGIN PASSWORD CIPHERTEXT-----\n", "-----END PASSWORD CIPHERTEXT-----"), str2);
        if (decryptBytes == null) {
            return null;
        }
        return Convert.bytesToString(decryptBytes);
    }

    @Override // org.xwiki.crypto.passwd.PasswordCryptoService
    public byte[] encryptBytes(byte[] bArr, String str) throws GeneralSecurityException {
        try {
            KeyDerivationFunction newInstance = this.config.getKeyDerivationFunctionClassForEncryption().newInstance();
            Properties keyDerivationFunctionPropertiesForEncryption = this.config.getKeyDerivationFunctionPropertiesForEncryption();
            PasswordCiphertext newInstance2 = this.config.getCipherClass().newInstance();
            keyDerivationFunctionPropertiesForEncryption.setProperty("derivedKeyLength", Integer.valueOf(newInstance2.getRequiredKeySize()).toString());
            newInstance.init(keyDerivationFunctionPropertiesForEncryption);
            newInstance2.init(bArr, str, newInstance);
            return newInstance2.serialize();
        } catch (IOException e) {
            throw new GeneralSecurityException("Failed to serialize ciphertext", e);
        } catch (Exception e2) {
            throw new GeneralSecurityException("Failed to encrypt text", e2);
        }
    }

    @Override // org.xwiki.crypto.passwd.PasswordCryptoService
    public byte[] decryptBytes(byte[] bArr, String str) throws GeneralSecurityException {
        try {
            return ((PasswordCiphertext) SerializationUtils.deserialize(bArr)).decrypt(str);
        } catch (IOException e) {
            throw new GeneralSecurityException("Failed to deserialize ciphertext", e);
        } catch (ClassNotFoundException e2) {
            throw new GeneralSecurityException("Apparently this ciphertext was encrypted using a cipher which is not available on this installation, was this imported from a newer version?", e2);
        }
    }

    @Override // org.xwiki.crypto.passwd.PasswordCryptoService
    public String protectPassword(String str) throws GeneralSecurityException {
        try {
            KeyDerivationFunction newInstance = this.config.getKeyDerivationFunctionClassForPasswordVerification().newInstance();
            newInstance.init(this.config.getKeyDerivationFunctionPropertiesForPasswordVerification());
            PasswordVerificationFunction newInstance2 = this.config.getPasswordVerificationFunctionClass().newInstance();
            newInstance2.init(newInstance, Convert.stringToBytes(str));
            return Convert.toBase64String(newInstance2.serialize());
        } catch (Exception e) {
            throw new GeneralSecurityException("Unable to protect password", e);
        }
    }

    @Override // org.xwiki.crypto.passwd.PasswordCryptoService
    public boolean isPasswordCorrect(String str, String str2) throws GeneralSecurityException {
        try {
            return ((PasswordVerificationFunction) SerializationUtils.deserialize(Convert.fromBase64String(str2))).isPasswordCorrect(Convert.stringToBytes(str));
        } catch (Exception e) {
            throw new GeneralSecurityException("Unable to verify password", e);
        }
    }
}
