package org.apache.wss4j.common.util;

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/wss4j-ws-security-common-2.3.4.jar:org/apache/wss4j/common/util/UsernameTokenUtil.class */
public final class UsernameTokenUtil {
    public static final int DEFAULT_ITERATION = 1000;
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) UsernameTokenUtil.class);

    private UsernameTokenUtil() {
    }

    public static byte[] generateDerivedKey(byte[] bArr, byte[] bArr2, int i) throws WSSecurityException {
        byte[] bArr3 = new byte[bArr2.length + bArr.length];
        System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
        System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
            byte[] digest = messageDigest.digest(bArr3);
            int i2 = i;
            if (i2 <= 0) {
                i2 = 1000;
            }
            for (int i3 = 1; i3 < i2; i3++) {
                digest = messageDigest.digest(digest);
            }
            return digest;
        } catch (NoSuchAlgorithmException e) {
            LOG.debug(e.getMessage(), (Throwable) e);
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e, "decoding.general");
        }
    }

    public static byte[] generateDerivedKey(String str, byte[] bArr, int i) throws WSSecurityException {
        return generateDerivedKey(str.getBytes(StandardCharsets.UTF_8), bArr, i);
    }

    public static byte[] generateSalt(boolean z) {
        try {
            byte[] generateNonce = generateNonce(16);
            if (z) {
                generateNonce[0] = 1;
            } else {
                generateNonce[0] = 2;
            }
            return generateNonce;
        } catch (WSSecurityException e) {
            LOG.debug(e.getMessage(), (Throwable) e);
            return null;
        }
    }

    private static byte[] generateNonce(int i) throws WSSecurityException {
        try {
            return XMLSecurityConstants.generateBytes(i);
        } catch (Exception e) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e, "empty", new Object[]{"Error in generating nonce of length " + i});
        }
    }

    public static String doPasswordDigest(byte[] bArr, String str, String str2) throws WSSecurityException {
        return doPasswordDigest(bArr, str, str2.getBytes(StandardCharsets.UTF_8));
    }

    public static String doPasswordDigest(byte[] bArr, String str, byte[] bArr2) throws WSSecurityException {
        return org.apache.xml.security.utils.XMLUtils.encodeToString(doRawPasswordDigest(bArr, str, bArr2));
    }

    public static byte[] doRawPasswordDigest(byte[] bArr, String str, byte[] bArr2) throws WSSecurityException {
        byte[] bArr3;
        if (bArr != null) {
            bArr3 = bArr;
        } else {
            try {
                bArr3 = new byte[0];
            } catch (Exception e) {
                LOG.debug(e.getMessage(), (Throwable) e);
                throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e, "decoding.general");
            }
        }
        byte[] bArr4 = bArr3;
        byte[] bytes = str != null ? str.getBytes(StandardCharsets.UTF_8) : new byte[0];
        byte[] bArr5 = new byte[bArr4.length + bytes.length + bArr2.length];
        System.arraycopy(bArr4, 0, bArr5, 0, bArr4.length);
        int length = 0 + bArr4.length;
        System.arraycopy(bytes, 0, bArr5, length, bytes.length);
        System.arraycopy(bArr2, 0, bArr5, length + bytes.length, bArr2.length);
        return KeyUtils.generateDigest(bArr5);
    }

    public static String getRawPassword(CallbackHandler callbackHandler, String str, String str2, String str3) throws WSSecurityException {
        if (callbackHandler == null) {
            LOG.debug("CallbackHandler is null");
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
        }
        WSPasswordCallback wSPasswordCallback = new WSPasswordCallback(str, str2, str3, 2);
        try {
            callbackHandler.handle(new Callback[]{wSPasswordCallback});
            return wSPasswordCallback.getPassword();
        } catch (IOException | UnsupportedCallbackException e) {
            LOG.debug(e.getMessage(), (Throwable) e);
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION, e);
        }
    }
}
