package org.openid4java.association;

import java.io.Serializable;
import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.util.Date;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:WEB-INF/lib/openid4java.jar:org/openid4java/association/Association.class */
public class Association implements Serializable {
    private static Log _log = LogFactory.getLog(Association.class);
    private static final boolean DEBUG = _log.isDebugEnabled();
    public static final String FAILED_ASSOC_HANDLE = " ";
    public static final String TYPE_HMAC_SHA1 = "HMAC-SHA1";
    public static final String TYPE_HMAC_SHA256 = "HMAC-SHA256";
    public static final String HMAC_SHA1_ALGORITHM = "HmacSHA1";
    public static final String HMAC_SHA256_ALGORITHM = "HmacSHA256";
    public static final int HMAC_SHA1_KEYSIZE = 160;
    public static final int HMAC_SHA256_KEYSIZE = 256;
    private String _type;
    private String _handle;
    private SecretKey _macKey;
    private Date _expiry;

    private Association(String str, String str2, SecretKey secretKey, Date date) {
        if (DEBUG) {
            _log.debug("Creating association, type: " + str + " handle: " + str2 + " expires: " + date);
        }
        this._type = str;
        this._handle = str2;
        this._macKey = secretKey;
        this._expiry = date;
    }

    private Association(String str, String str2, SecretKey secretKey, int i) {
        this(str, str2, secretKey, new Date(System.currentTimeMillis() + (i * 1000)));
    }

    public static Association getFailedAssociation(Date date) {
        return new Association((String) null, " ", (SecretKey) null, date);
    }

    public static Association getFailedAssociation(int i) {
        return getFailedAssociation(new Date(System.currentTimeMillis() + (i * 1000)));
    }

    public static Association generate(String str, String str2, int i) throws AssociationException {
        if (TYPE_HMAC_SHA1.equals(str)) {
            return generateHmacSha1(str2, i);
        }
        if (TYPE_HMAC_SHA256.equals(str)) {
            return generateHmacSha256(str2, i);
        }
        throw new AssociationException("Unknown association type: " + str);
    }

    public static Association generateHmacSha1(String str, int i) {
        SecretKey generateMacSha1Key = generateMacSha1Key();
        if (DEBUG) {
            _log.debug("Generated SHA1 MAC key: " + generateMacSha1Key);
        }
        return new Association(TYPE_HMAC_SHA1, str, generateMacSha1Key, i);
    }

    public static Association createHmacSha1(String str, byte[] bArr, int i) {
        return new Association(TYPE_HMAC_SHA1, str, createMacKey("HmacSHA1", bArr), i);
    }

    public static Association createHmacSha1(String str, byte[] bArr, Date date) {
        return new Association(TYPE_HMAC_SHA1, str, createMacKey("HmacSHA1", bArr), date);
    }

    public static Association generateHmacSha256(String str, int i) {
        SecretKey generateMacSha256Key = generateMacSha256Key();
        if (DEBUG) {
            _log.debug("Generated SHA256 MAC key: " + generateMacSha256Key);
        }
        return new Association(TYPE_HMAC_SHA256, str, generateMacSha256Key, i);
    }

    public static Association createHmacSha256(String str, byte[] bArr, int i) {
        return new Association(TYPE_HMAC_SHA256, str, createMacKey(HMAC_SHA256_ALGORITHM, bArr), i);
    }

    public static Association createHmacSha256(String str, byte[] bArr, Date date) {
        return new Association(TYPE_HMAC_SHA256, str, createMacKey(HMAC_SHA256_ALGORITHM, bArr), date);
    }

    protected static SecretKey generateMacKey(String str, int i) {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(str);
            keyGenerator.init(i);
            return keyGenerator.generateKey();
        } catch (NoSuchAlgorithmException e) {
            _log.error("Unsupported algorithm: " + str + ", size: " + i, e);
            return null;
        }
    }

    protected static SecretKey generateMacSha1Key() {
        return generateMacKey("HmacSHA1", 160);
    }

    protected static SecretKey generateMacSha256Key() {
        return generateMacKey(HMAC_SHA256_ALGORITHM, 256);
    }

    public static boolean isHmacSupported(String str) {
        String str2;
        if (TYPE_HMAC_SHA1.equals(str)) {
            str2 = "HmacSHA1";
        } else {
            if (!TYPE_HMAC_SHA256.equals(str)) {
                return false;
            }
            str2 = HMAC_SHA256_ALGORITHM;
        }
        try {
            KeyGenerator.getInstance(str2);
            return true;
        } catch (NoSuchAlgorithmException e) {
            return false;
        }
    }

    public static boolean isHmacSha256Supported() {
        try {
            KeyGenerator.getInstance(HMAC_SHA256_ALGORITHM);
            return true;
        } catch (NoSuchAlgorithmException e) {
            return false;
        }
    }

    public static boolean isHmacSha1Supported() {
        try {
            KeyGenerator.getInstance("HmacSHA1");
            return true;
        } catch (NoSuchAlgorithmException e) {
            return false;
        }
    }

    protected static SecretKey createMacKey(String str, byte[] bArr) {
        return new SecretKeySpec(bArr, str);
    }

    public String getType() {
        return this._type;
    }

    public String getHandle() {
        return this._handle;
    }

    public SecretKey getMacKey() {
        return this._macKey;
    }

    public Date getExpiry() {
        return this._expiry;
    }

    public boolean hasExpired() {
        return this._expiry.before(new Date());
    }

    protected byte[] sign(byte[] bArr) throws AssociationException {
        try {
            Mac mac = Mac.getInstance(this._macKey.getAlgorithm());
            mac.init(this._macKey);
            return mac.doFinal(bArr);
        } catch (GeneralSecurityException e) {
            throw new AssociationException("Cannot sign!", e);
        }
    }

    public String sign(String str) throws AssociationException {
        if (DEBUG) {
            _log.debug("Computing signature for input data:\n" + str);
        }
        try {
            String str2 = new String(Base64.encodeBase64(sign(str.getBytes("utf-8"))), "utf-8");
            if (DEBUG) {
                _log.debug("Calculated signature: " + str2);
            }
            return str2;
        } catch (UnsupportedEncodingException e) {
            throw new AssociationException("Unsupported encoding for signed text.", e);
        }
    }

    public boolean verifySignature(String str, String str2) throws AssociationException {
        if (DEBUG) {
            _log.debug("Verifying signature: " + str2);
        }
        return str2.equals(sign(str));
    }
}
