package com.liferay.portal.kernel.security.pwd;

import com.liferay.osgi.service.tracker.collections.map.ServiceTrackerMap;
import com.liferay.osgi.service.tracker.collections.map.ServiceTrackerMapFactory;
import com.liferay.petra.string.StringBundler;
import com.liferay.petra.string.StringPool;
import com.liferay.portal.kernel.exception.PwdEncryptorException;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.module.util.SystemBundleUtil;
import com.liferay.portal.kernel.util.ClassUtil;
import com.liferay.portal.kernel.util.GetterUtil;
import com.liferay.portal.kernel.util.PropsKeys;
import com.liferay.portal.kernel.util.PropsUtil;
import com.liferay.portal.kernel.util.StringUtil;
import com.liferay.portal.kernel.util.Validator;

/* loaded from: input_file:com/liferay/portal/kernel/security/pwd/PasswordEncryptorUtil.class */
public class PasswordEncryptorUtil {
    private static final String _PASSWORDS_ENCRYPTION_ALGORITHM = StringUtil.toUpperCase(GetterUtil.getString(PropsUtil.get(PropsKeys.PASSWORDS_ENCRYPTION_ALGORITHM)));
    private static final Log _log = LogFactoryUtil.getLog((Class<?>) PasswordEncryptorUtil.class);
    private static final ServiceTrackerMap<String, PasswordEncryptor> _serviceTrackerMap = ServiceTrackerMapFactory.openSingleValueMap(SystemBundleUtil.getBundleContext(), PasswordEncryptor.class, "type");

    public static String encrypt(String str) throws PwdEncryptorException {
        return encrypt(str, null);
    }

    public static String encrypt(String str, String str2) throws PwdEncryptorException {
        long j = 0;
        if (_log.isDebugEnabled()) {
            j = System.currentTimeMillis();
        }
        try {
            String encrypt = encrypt(_PASSWORDS_ENCRYPTION_ALGORITHM, str, str2);
            if (_log.isDebugEnabled()) {
                _log.debug("Password encrypted in " + (System.currentTimeMillis() - j) + "ms");
            }
            return encrypt;
        } catch (Throwable th) {
            if (_log.isDebugEnabled()) {
                _log.debug("Password encrypted in " + (System.currentTimeMillis() - j) + "ms");
            }
            throw th;
        }
    }

    public static String encrypt(String str, String str2, boolean z) throws PwdEncryptorException {
        if (z) {
            str2 = null;
        }
        return _encrypt(null, str, str2, z);
    }

    public static String encrypt(String str, String str2, String str3) throws PwdEncryptorException {
        return _encrypt(str, str2, str3, false);
    }

    private static String _encrypt(String str, String str2, String str3, boolean z) throws PwdEncryptorException {
        int indexOf;
        if (Validator.isNull(str2)) {
            throw new PwdEncryptorException("Unable to _encrypt blank password");
        }
        boolean z2 = true;
        if (z) {
            str = _PASSWORDS_ENCRYPTION_ALGORITHM;
            str3 = null;
        } else {
            String _getEncryptedPasswordAlgorithm = _getEncryptedPasswordAlgorithm(str3);
            if (Validator.isNotNull(_getEncryptedPasswordAlgorithm)) {
                str = _getEncryptedPasswordAlgorithm;
            }
            if (Validator.isNotNull(str3) && str3.charAt(0) != '{') {
                z2 = false;
            } else if (Validator.isNotNull(str3) && str3.charAt(0) == '{' && (indexOf = str3.indexOf(125)) > 0) {
                str3 = str3.substring(indexOf + 1);
            }
            if (Validator.isNull(str)) {
                str = _PASSWORDS_ENCRYPTION_ALGORITHM;
            }
        }
        String encrypt = _select(str).encrypt(str, str2, str3, false);
        if (z2) {
            if (_log.isDebugEnabled()) {
                _log.debug("Generated password with algorithm prefix using " + str);
            }
            return StringBundler.concat(StringPool.OPEN_CURLY_BRACE, _getAlgorithmName(str), StringPool.CLOSE_CURLY_BRACE, encrypt);
        }
        if (_log.isDebugEnabled()) {
            _log.debug("Generated password without algorithm prefix using " + str);
        }
        return encrypt;
    }

    private static String _getAlgorithmName(String str) {
        int indexOf = str.indexOf(47);
        return indexOf > 0 ? str.substring(0, indexOf) : str;
    }

    private static String _getEncryptedPasswordAlgorithm(String str) {
        int indexOf;
        String string = GetterUtil.getString(PropsUtil.get(PropsKeys.PASSWORDS_ENCRYPTION_ALGORITHM_LEGACY));
        if (_log.isDebugEnabled() && Validator.isNotNull(string)) {
            if (Validator.isNull(str)) {
                _log.debug(StringBundler.concat("Using legacy detection scheme for algorithm ", string, " with empty password"));
            } else {
                _log.debug(StringBundler.concat("Using legacy detection scheme for algorithm ", string, " with provided password"));
            }
        }
        if (Validator.isNotNull(str) && str.charAt(0) != '{') {
            if (_log.isDebugEnabled()) {
                _log.debug("Using legacy algorithm " + string);
            }
            return Validator.isNotNull(string) ? string : _PASSWORDS_ENCRYPTION_ALGORITHM;
        }
        if (!Validator.isNotNull(str) || str.charAt(0) != '{' || (indexOf = str.indexOf(125)) <= 0) {
            return null;
        }
        String substring = str.substring(1, indexOf);
        if (_log.isDebugEnabled()) {
            _log.debug("Upgraded password to use algorithm " + substring);
        }
        return substring;
    }

    private static PasswordEncryptor _select(String str) {
        if (Validator.isNull(str)) {
            throw new IllegalArgumentException("Invalid algorithm");
        }
        PasswordEncryptor service = str.startsWith(PasswordEncryptor.TYPE_BCRYPT) ? _serviceTrackerMap.getService(PasswordEncryptor.TYPE_BCRYPT) : str.startsWith(PasswordEncryptor.TYPE_PBKDF2) ? _serviceTrackerMap.getService(PasswordEncryptor.TYPE_PBKDF2) : str.indexOf(47) > 0 ? _serviceTrackerMap.getService(str.substring(0, str.indexOf(47))) : _serviceTrackerMap.getService(str);
        if (service == null) {
            if (_log.isDebugEnabled()) {
                _log.debug("No password encryptor found for " + str);
            }
            service = _serviceTrackerMap.getService("DEFAULT");
        }
        if (_log.isDebugEnabled()) {
            _log.debug(StringBundler.concat("Found ", ClassUtil.getClassName(service), " to _encrypt password using ", str));
        }
        return service;
    }
}
