package org.picketlink.idm.credential.encoder;

import ch.qos.logback.core.rolling.helper.DateTokenConverter;
import java.math.BigInteger;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import org.picketlink.idm.credential.util.BCrypt;

/* loaded from: input_file:WEB-INF/lib/picketlink-2.7.1.Final.jar:org/picketlink/idm/credential/encoder/PBKDF2PasswordEncoder.class */
public class PBKDF2PasswordEncoder implements PasswordEncoder {
    private final byte[] salt;
    private final int keyLength;
    private final int iterationCount;
    public static final String ALGO = "PBKDF2WithHmacSHA1";

    public PBKDF2PasswordEncoder(byte[] bArr, int i, int i2) {
        this.salt = bArr;
        this.iterationCount = i;
        this.keyLength = i2;
    }

    @Override // org.picketlink.idm.credential.encoder.PasswordEncoder
    public String encode(String str) {
        return encode(str, generateSalt().getBytes(), true);
    }

    public String encode(String str, byte[] bArr, boolean z) {
        try {
            try {
                SecretKey generateSecret = SecretKeyFactory.getInstance(ALGO).generateSecret(new PBEKeySpec(str.toCharArray(), bArr, this.iterationCount, this.keyLength));
                return z ? new String(generateSecret.getEncoded()) + ":" + toHex(bArr) : new String(generateSecret.getEncoded());
            } catch (InvalidKeySpecException e) {
                throw new RuntimeException(e);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException(e2);
        }
    }

    @Override // org.picketlink.idm.credential.encoder.PasswordEncoder
    public boolean verify(String str, String str2) {
        int lastIndexOf = str2.lastIndexOf(":");
        return lastIndexOf != -1 ? encode(str, fromHex(str2.substring(lastIndexOf + 1)), true).equals(str2) : encode(str, this.salt, false).equals(str2);
    }

    protected byte[] fromHex(String str) {
        byte[] bArr = new byte[str.length() / 2];
        for (int i = 0; i < bArr.length; i++) {
            bArr[i] = (byte) Integer.parseInt(str.substring(2 * i, (2 * i) + 2), 16);
        }
        return bArr;
    }

    protected String toHex(byte[] bArr) {
        String bigInteger = new BigInteger(1, bArr).toString(16);
        int length = (bArr.length * 2) - bigInteger.length();
        return length > 0 ? String.format("%0" + length + DateTokenConverter.CONVERTER_KEY, 0) + bigInteger : bigInteger;
    }

    protected String generateSalt() {
        return BCrypt.gensalt();
    }
}
