package com.ibm.jsdt.authentication;

import com.ibm.as400.access.PrintObject;
import com.ibm.db2.jcc.c.qg;
import com.ibm.db2.jcc.t2zos.m;
import com.ibm.eec.pit.encryption.SimpleEncryption;
import com.ibm.jsdt.common.BeanUtils;
import com.ibm.jsdt.common.FipsLoader;
import com.ibm.jsdt.common.JSDTMessageLogger;
import com.ibm.jsdt.common.TraceLoggerAspect;
import com.ibm.jsdt.main.MainManager;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.reflect.Factory;

/* loaded from: input_file:DJT_ibmnsit.jar:com/ibm/jsdt/authentication/AuthenticationCipher.class */
public class AuthenticationCipher extends AuthenticationBase {
    private static final String copyright = "(C) Copyright IBM Corporation 2005, 2007.";
    public static final String SE_AES_PREFIX = "iru_z|";
    public static final String IIA_RSA_PREFIX = "iru_y|";
    private final int RSA_KEY_SIZE = 1024;
    private final int CIPHER_ITERATIONS = 5;
    private final String PBE_ALGORITHM = "PBEWithSHA1AndDES";
    private final String HASH_ALOGRITHM = "SHA";
    private final int SALT_LENGTH = 8;
    private byte[] hashSalt;
    private PrivateKey iiaPrivateKey;
    private SimpleEncryption simpleEncryption;
    private char[] DEFAULT_PBE_CIPHER_KEY;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_0;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_1;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_2;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_3;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_4;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_5;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_6;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_7;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_8;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_9;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_10;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_11;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_12;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_13;

    public AuthenticationCipher() {
        try {
            TraceLoggerAspect.aspectOf().ajc$before$com_ibm_jsdt_common_TraceLoggerAspect$3$88d2d64a(ajc$tjp_0);
            this.RSA_KEY_SIZE = 1024;
            this.CIPHER_ITERATIONS = 5;
            this.PBE_ALGORITHM = "PBEWithSHA1AndDES";
            this.HASH_ALOGRITHM = "SHA";
            this.SALT_LENGTH = 8;
            this.DEFAULT_PBE_CIPHER_KEY = new char[]{'P', '#', 'G', '^', 'T', '%', ')', 'Y', '&', 's', 'F', 'k', '0', 'T', 'P', 'X', '!', 'l', '*', 'j', '7', '6', '-', '!', '#', '#', '~', '~', 'f', '0', '@', 'H', 'W', '}', ';', 'T', '\"', 'x', '.', '5', ']', '9', 'g', '[', 'n', 'c', 'U', '(', '}', '?', 'c', '=', '&', 'o', '\"', 'Q', 'p', 'i', 'P', '4', '%', 'K', 's', 'J', 'X', '|', 'Q', '-', 'S', '&', 'C', 'r', 'E', '@', 't', 'P', '4', '%', 'S', 's', 'W', '0', '*', 'r', 'D', '1', '2', '6', '0', '0', 'n', 'r', '!', 'e', '^', 'b', 'n', '(', 'u', '2', 'M', '#', 'y', '-', '0', 'g', 'n', 'j', '!', 'e', '^', 'b', '#', 'x', 'r', 'l', 'S', '&', 'h', 'r', 'k', 't', 'P', '4', '%', 'S', 's', 'Q'};
            FipsLoader.getInstance().ensureIbmJceFipsIsLoaded();
        } finally {
            TraceLoggerAspect.aspectOf().ajc$after$com_ibm_jsdt_common_TraceLoggerAspect$9$88d2d64a(ajc$tjp_0);
        }
    }

    public byte[] rsaEncrypt(byte[] bArr, PublicKey publicKey) {
        byte[] bArr2 = null;
        try {
            SecureRandom secureRandom = SecureRandom.getInstance("IBMSecureRandom", "IBMJCEFIPS");
            Cipher cipher = Cipher.getInstance(AuthenticationBase.REVISED_KEYPAIR_ALGORITHM);
            cipher.init(1, publicKey, secureRandom);
            bArr2 = cipher.doFinal(bArr);
        } catch (Exception e) {
            TraceLoggerAspect.aspectOf().ajc$before$com_ibm_jsdt_common_TraceLoggerAspect$1$3d4955b4(e, ajc$tjp_1);
            JSDTMessageLogger.logMessage("", e);
        }
        return bArr2;
    }

    public byte[] rsaDecrypt(byte[] bArr, PrivateKey privateKey) {
        byte[] bArr2 = null;
        try {
            Cipher cipher = Cipher.getInstance(AuthenticationBase.REVISED_KEYPAIR_ALGORITHM);
            cipher.init(2, privateKey);
            bArr2 = cipher.doFinal(bArr);
        } catch (Exception e) {
            TraceLoggerAspect.aspectOf().ajc$before$com_ibm_jsdt_common_TraceLoggerAspect$1$3d4955b4(e, ajc$tjp_2);
            if (privateKey == null) {
                e.initCause(new NullPointerException("privateKey"));
            }
            JSDTMessageLogger.logMessage("", e);
        }
        return bArr2;
    }

    public String pbeDecrypt(byte[] bArr, Key key, boolean z) {
        String str = null;
        try {
            char[] charArray = key == null ? this.DEFAULT_PBE_CIPHER_KEY : byteArrayToHexString(key.getEncoded()).toCharArray();
            byte[] bArr2 = new byte[8];
            System.arraycopy(bArr, 0, bArr2, 0, 8);
            PBEKeySpec pBEKeySpec = new PBEKeySpec(charArray, bArr2, 5);
            SecretKey generateSecret = SecretKeyFactory.getInstance("PBEWithSHA1AndDES").generateSecret(pBEKeySpec);
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr2, 5);
            Cipher cipher = Cipher.getInstance("PBEWithSHA1AndDES");
            cipher.init(2, generateSecret, pBEParameterSpec);
            byte[] doFinal = cipher.doFinal(bArr, 8, bArr.length - 8);
            pBEKeySpec.clearPassword();
            str = new String(doFinal, m.e);
        } catch (Exception e) {
            TraceLoggerAspect.aspectOf().ajc$before$com_ibm_jsdt_common_TraceLoggerAspect$1$3d4955b4(e, ajc$tjp_3);
            if (z) {
                JSDTMessageLogger.logMessage("", e);
            }
        }
        return str;
    }

    public byte[] hashPassword(char[] cArr) {
        return hashPassword(new String(cArr));
    }

    public byte[] hashPassword(String str) {
        byte[] bArr = null;
        try {
            bArr = hashPassword(str.getBytes(m.e));
        } catch (Exception e) {
            TraceLoggerAspect.aspectOf().ajc$before$com_ibm_jsdt_common_TraceLoggerAspect$1$3d4955b4(e, ajc$tjp_4);
            JSDTMessageLogger.logMessage("", e);
        }
        return bArr;
    }

    public byte[] hashPassword(byte[] bArr) {
        byte[] bArr2 = null;
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA");
            messageDigest.update(getHashSalt());
            bArr2 = messageDigest.digest(bArr);
        } catch (Exception e) {
            TraceLoggerAspect.aspectOf().ajc$before$com_ibm_jsdt_common_TraceLoggerAspect$1$3d4955b4(e, ajc$tjp_5);
            JSDTMessageLogger.logMessage("", e);
        }
        return bArr2;
    }

    private byte[] getHashSalt() {
        if (this.hashSalt == null) {
            try {
                this.hashSalt = new byte[8];
                long hashCode = "AuthenticationCipher".hashCode();
                System.arraycopy(String.valueOf(hashCode * hashCode).getBytes(m.e), 0, this.hashSalt, 0, 8);
            } catch (Exception e) {
                TraceLoggerAspect.aspectOf().ajc$before$com_ibm_jsdt_common_TraceLoggerAspect$1$3d4955b4(e, ajc$tjp_6);
                JSDTMessageLogger.logMessage("", e);
            }
        }
        return this.hashSalt;
    }

    public String byteArrayToHexString(byte[] bArr) {
        String str = null;
        if (bArr != null) {
            StringBuffer stringBuffer = new StringBuffer();
            for (byte b : bArr) {
                int i = b & 255;
                stringBuffer.append(i < 16 ? "0" : "");
                stringBuffer.append(Integer.toHexString(i));
            }
            str = stringBuffer.toString();
        }
        return str;
    }

    public byte[] hexStringToByteArray(String str) {
        byte[] bArr = new byte[str.length() / 2];
        for (int i = 0; i < bArr.length; i++) {
            int i2 = i * 2;
            bArr[i] = (byte) Integer.parseInt(str.substring(i2, i2 + 2), 16);
        }
        return bArr;
    }

    public String getMaskedValue(String str) {
        String str2 = str;
        if (str != null) {
            str2 = SE_AES_PREFIX + aesEncryptToHexString(str);
        }
        return str2;
    }

    public String getUnmaskedValue(String str) {
        return getUnmaskedValue(str, true);
    }

    public String getUnmaskedValue(String str, boolean z) {
        PrivateKey privateKey = null;
        if (BeanUtils.isInstallationAgent() && str != null && str.startsWith(IIA_RSA_PREFIX)) {
            privateKey = getIiaPrivateKey();
        }
        return getUnmaskedValue(str, privateKey, z);
    }

    public String getUnmaskedValue(String str, PrivateKey privateKey, boolean z) {
        String str2 = null;
        if (str == null || str.equals("")) {
            str2 = str;
        } else if (str.startsWith(SE_AES_PREFIX)) {
            String substring = str.substring(SE_AES_PREFIX.length());
            try {
                str2 = isHexString(substring) ? new String(aesDecryptFromHexString(substring), m.e) : substring;
            } catch (Exception e) {
                TraceLoggerAspect.aspectOf().ajc$before$com_ibm_jsdt_common_TraceLoggerAspect$1$3d4955b4(e, ajc$tjp_7);
                JSDTMessageLogger.logMessage("", e);
            }
        } else if (str.startsWith(IIA_RSA_PREFIX)) {
            if (privateKey == null && BeanUtils.isInstallationAgent() && str.startsWith(IIA_RSA_PREFIX)) {
                privateKey = getIiaPrivateKey();
            }
            String substring2 = str.substring(IIA_RSA_PREFIX.length());
            try {
                str2 = isHexString(substring2) ? new String(rsaDecrypt(hexStringToByteArray(substring2), privateKey), m.e) : substring2;
            } catch (Exception e2) {
                TraceLoggerAspect.aspectOf().ajc$before$com_ibm_jsdt_common_TraceLoggerAspect$1$3d4955b4(e2, ajc$tjp_8);
                JSDTMessageLogger.logMessage("", e2);
            }
        } else {
            str2 = isHexString(str) ? pbeDecrypt(hexStringToByteArray(str), null, z) : str;
        }
        return str2;
    }

    public KeyPair generateKeyPair(String str) {
        KeyPair keyPair = null;
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str, "IBMJCEFIPS");
            keyPairGenerator.initialize(1024, SecureRandom.getInstance("IBMSecureRandom", "IBMJCEFIPS"));
            keyPair = keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            TraceLoggerAspect.aspectOf().ajc$before$com_ibm_jsdt_common_TraceLoggerAspect$1$3d4955b4(e, ajc$tjp_9);
            JSDTMessageLogger.logMessage("", e);
        }
        return keyPair;
    }

    public String aesEncryptToHexString(String str) {
        String str2 = str;
        if (str != null) {
            try {
                str2 = byteArrayToHexString(aesEncrypt(str.getBytes(m.e)));
            } catch (Exception e) {
                TraceLoggerAspect.aspectOf().ajc$before$com_ibm_jsdt_common_TraceLoggerAspect$1$3d4955b4(e, ajc$tjp_10);
                JSDTMessageLogger.logMessage("", e);
            }
        }
        return str2;
    }

    public byte[] aesEncrypt(byte[] bArr) {
        byte[] encrypt;
        synchronized (SimpleEncryption.class) {
            encrypt = getSimpleEncryption().encrypt(this.DEFAULT_PBE_CIPHER_KEY, bArr);
        }
        return encrypt;
    }

    public byte[] aesDecryptFromHexString(String str) {
        if (str.startsWith(SE_AES_PREFIX)) {
            str = str.substring(SE_AES_PREFIX.length());
        }
        return aesDecrypt(hexStringToByteArray(str));
    }

    public byte[] aesDecrypt(byte[] bArr) {
        byte[] bArr2 = null;
        try {
            synchronized (SimpleEncryption.class) {
                bArr2 = getSimpleEncryption().decrypt(this.DEFAULT_PBE_CIPHER_KEY, bArr);
            }
        } catch (Exception e) {
            TraceLoggerAspect.aspectOf().ajc$before$com_ibm_jsdt_common_TraceLoggerAspect$1$3d4955b4(e, ajc$tjp_11);
            JSDTMessageLogger.logMessage("", e);
        }
        return bArr2;
    }

    public String rsaEncryptToHexString(String str, PublicKey publicKey) {
        String str2 = str;
        if (str != null) {
            try {
                str2 = byteArrayToHexString(rsaEncrypt(str.getBytes(m.e), publicKey));
            } catch (Exception e) {
                TraceLoggerAspect.aspectOf().ajc$before$com_ibm_jsdt_common_TraceLoggerAspect$1$3d4955b4(e, ajc$tjp_12);
                JSDTMessageLogger.logMessage("", e);
            }
        }
        return str2;
    }

    public byte[] rsaDecryptFromHexString(String str, PrivateKey privateKey) {
        if (str.startsWith(IIA_RSA_PREFIX)) {
            str = str.substring(IIA_RSA_PREFIX.length());
        }
        return rsaDecrypt(hexStringToByteArray(str), privateKey);
    }

    private PrivateKey getIiaPrivateKey() {
        if (this.iiaPrivateKey == null && BeanUtils.isInstallationAgent()) {
            this.iiaPrivateKey = new InstallationAgentAuthenticationBroker().getInstallationAgentKeyStore().getIiaPrivateKey();
        }
        return this.iiaPrivateKey;
    }

    private synchronized SimpleEncryption getSimpleEncryption() {
        if (this.simpleEncryption == null) {
            try {
                this.simpleEncryption = MainManager.getMainManager().getSimpleEncryption();
            } catch (Exception e) {
                TraceLoggerAspect.aspectOf().ajc$before$com_ibm_jsdt_common_TraceLoggerAspect$1$3d4955b4(e, ajc$tjp_13);
                synchronized (SimpleEncryption.class) {
                    this.simpleEncryption = new SimpleEncryption();
                }
            }
        }
        return this.simpleEncryption;
    }

    private boolean isHexString(String str) {
        return str != null && str.matches("[0-9a-fA-F]+");
    }

    static {
        Factory factory = new Factory("AuthenticationCipher.java", Class.forName("com.ibm.jsdt.authentication.AuthenticationCipher"));
        ajc$tjp_0 = factory.makeSJP(JoinPoint.CONSTRUCTOR_EXECUTION, factory.makeConstructorSig("1", "com.ibm.jsdt.authentication.AuthenticationCipher", "", "", ""), 65);
        ajc$tjp_1 = factory.makeSJP(JoinPoint.EXCEPTION_HANDLER, factory.makeCatchClauseSig("com.ibm.jsdt.authentication.AuthenticationCipher", "java.lang.Exception:", "ex:"), 111);
        ajc$tjp_10 = factory.makeSJP(JoinPoint.EXCEPTION_HANDLER, factory.makeCatchClauseSig("com.ibm.jsdt.authentication.AuthenticationCipher", "java.lang.Exception:", "ex:"), 487);
        ajc$tjp_11 = factory.makeSJP(JoinPoint.EXCEPTION_HANDLER, factory.makeCatchClauseSig("com.ibm.jsdt.authentication.AuthenticationCipher", "java.lang.Exception:", "ex:"), 543);
        ajc$tjp_12 = factory.makeSJP(JoinPoint.EXCEPTION_HANDLER, factory.makeCatchClauseSig("com.ibm.jsdt.authentication.AuthenticationCipher", "java.lang.Exception:", "ex:"), 566);
        ajc$tjp_13 = factory.makeSJP(JoinPoint.EXCEPTION_HANDLER, factory.makeCatchClauseSig("com.ibm.jsdt.authentication.AuthenticationCipher", "java.lang.Exception:", "ex:"), 630);
        ajc$tjp_2 = factory.makeSJP(JoinPoint.EXCEPTION_HANDLER, factory.makeCatchClauseSig("com.ibm.jsdt.authentication.AuthenticationCipher", "java.lang.Exception:", "ex:"), 139);
        ajc$tjp_3 = factory.makeSJP(JoinPoint.EXCEPTION_HANDLER, factory.makeCatchClauseSig("com.ibm.jsdt.authentication.AuthenticationCipher", "java.lang.Exception:", "ex:"), 184);
        ajc$tjp_4 = factory.makeSJP(JoinPoint.EXCEPTION_HANDLER, factory.makeCatchClauseSig("com.ibm.jsdt.authentication.AuthenticationCipher", "java.lang.Exception:", "ex:"), 226);
        ajc$tjp_5 = factory.makeSJP(JoinPoint.EXCEPTION_HANDLER, factory.makeCatchClauseSig("com.ibm.jsdt.authentication.AuthenticationCipher", "java.lang.Exception:", "ex:"), 252);
        ajc$tjp_6 = factory.makeSJP(JoinPoint.EXCEPTION_HANDLER, factory.makeCatchClauseSig("com.ibm.jsdt.authentication.AuthenticationCipher", "java.lang.Exception:", "ex:"), PrintObject.ATTR_DBCS_FNT_SIZE);
        ajc$tjp_7 = factory.makeSJP(JoinPoint.EXCEPTION_HANDLER, factory.makeCatchClauseSig("com.ibm.jsdt.authentication.AuthenticationCipher", "java.lang.Exception:", "ex:"), 415);
        ajc$tjp_8 = factory.makeSJP(JoinPoint.EXCEPTION_HANDLER, factory.makeCatchClauseSig("com.ibm.jsdt.authentication.AuthenticationCipher", "java.lang.Exception:", "ex:"), 432);
        ajc$tjp_9 = factory.makeSJP(JoinPoint.EXCEPTION_HANDLER, factory.makeCatchClauseSig("com.ibm.jsdt.authentication.AuthenticationCipher", "java.lang.Exception:", "ex:"), qg.ab);
    }
}
