package org.jasig.cas3.extensions.clearpass;

import java.nio.charset.Charset;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.util.Collection;
import java.util.Map;
import java.util.Set;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.validation.constraints.NotNull;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:WEB-INF/lib/clearpass-impl-1.0.7.GA.jar:org/jasig/cas3/extensions/clearpass/EncryptedMapDecorator.class */
public final class EncryptedMapDecorator implements Map<String, String> {
    public static final String DEFAULT_HASH_ALGORITHM = "SHA-512";
    public static final String DEFAULT_ENCRYPTION_ALGORITHM = "AES";
    private static final char[] HEX_DIGITS = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
    private final Log log;

    @NotNull
    private final Map<String, String> decoratedMap;

    @NotNull
    private final MessageDigest messageDigest;

    @NotNull
    private final byte[] salt;

    @NotNull
    private final Key key;

    @NotNull
    private final String cipherAlgorithm;
    private boolean cloneNotSupported;

    public EncryptedMapDecorator(Map<String, String> map) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException {
        this(map, getRandomSalt(8), getRandomSalt(32));
    }

    public EncryptedMapDecorator(Map<String, String> map, String str, String str2) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException {
        this(map, DEFAULT_HASH_ALGORITHM, str, DEFAULT_ENCRYPTION_ALGORITHM, str2);
    }

    public EncryptedMapDecorator(Map<String, String> map, String str, String str2, String str3, String str4) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException {
        this(map, str, str2.getBytes(), str3, SecretKeyFactory.getInstance(str3).generateSecret(new DESKeySpec(str4.getBytes())));
    }

    public EncryptedMapDecorator(Map<String, String> map, String str, byte[] bArr, String str2, Key key) throws NoSuchAlgorithmException {
        this.log = LogFactory.getLog(getClass());
        this.decoratedMap = map;
        this.key = key;
        this.salt = bArr;
        this.cipherAlgorithm = str2;
        this.messageDigest = MessageDigest.getInstance(str);
    }

    private static String getRandomSalt(int i) {
        byte[] bArr = new byte[i];
        new SecureRandom().nextBytes(bArr);
        return getFormattedText(bArr);
    }

    @Override // java.util.Map
    public int size() {
        return this.decoratedMap.size();
    }

    @Override // java.util.Map
    public boolean isEmpty() {
        return this.decoratedMap.isEmpty();
    }

    @Override // java.util.Map
    public boolean containsKey(Object obj) {
        return this.decoratedMap.containsKey(constructHashedKey(obj.toString()));
    }

    @Override // java.util.Map
    public boolean containsValue(Object obj) {
        if (!(obj instanceof String)) {
            return false;
        }
        return this.decoratedMap.containsValue(encrypt((String) obj));
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // java.util.Map
    public String get(Object obj) {
        return decrypt(this.decoratedMap.get(constructHashedKey(obj == null ? null : obj.toString())));
    }

    @Override // java.util.Map
    public String put(String str, String str2) {
        return decrypt(this.decoratedMap.put(constructHashedKey(str), encrypt(str2)));
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // java.util.Map
    public String remove(Object obj) {
        return decrypt(this.decoratedMap.remove(constructHashedKey(obj.toString())));
    }

    @Override // java.util.Map
    public void putAll(Map<? extends String, ? extends String> map) {
        for (Map.Entry<? extends String, ? extends String> entry : map.entrySet()) {
            put(entry.getKey(), entry.getValue());
        }
    }

    @Override // java.util.Map
    public void clear() {
        this.decoratedMap.clear();
    }

    @Override // java.util.Map
    public Set<String> keySet() {
        throw new UnsupportedOperationException();
    }

    @Override // java.util.Map
    public Collection<String> values() {
        throw new UnsupportedOperationException();
    }

    @Override // java.util.Map
    public Set<Map.Entry<String, String>> entrySet() {
        throw new UnsupportedOperationException();
    }

    protected String constructHashedKey(String str) {
        if (str == null) {
            return null;
        }
        MessageDigest messageDigest = getMessageDigest();
        messageDigest.update(this.salt);
        messageDigest.update(str.getBytes());
        String formattedText = getFormattedText(messageDigest.digest());
        if (this.log.isDebugEnabled()) {
            this.log.debug(String.format("Generated hash of value [%s] for key [%s].", formattedText, str));
        }
        return formattedText;
    }

    protected String decrypt(String str) {
        if (str == null) {
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance(this.cipherAlgorithm);
            cipher.init(2, this.key);
            return byte2char(cipher.doFinal(char2byte(str)));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    protected String encrypt(String str) {
        if (str == null) {
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance(this.cipherAlgorithm);
            cipher.init(1, this.key);
            return byte2char(cipher.doFinal(char2byte(str)));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    protected String byte2char(byte[] bArr) {
        return new String(bArr, Charset.forName("UTF-8"));
    }

    protected byte[] char2byte(String str) {
        return str.getBytes(Charset.forName("UTF-8"));
    }

    protected MessageDigest getMessageDigest() {
        if (this.cloneNotSupported) {
            String algorithm = this.messageDigest.getAlgorithm();
            try {
                return MessageDigest.getInstance(algorithm);
            } catch (NoSuchAlgorithmException e) {
                throw new IllegalStateException("MessageDigest algorithm '" + algorithm + "' was supported when " + getClass().getSimpleName() + " was created but is not now. This should not be possible.", e);
            }
        }
        try {
            return (MessageDigest) this.messageDigest.clone();
        } catch (CloneNotSupportedException e2) {
            this.cloneNotSupported = true;
            this.log.warn("Could not clone MessageDigest using algorithm '" + this.messageDigest.getAlgorithm() + "'. MessageDigest.getInstance will be used from now on which will be much more expensive.", e2);
            return getMessageDigest();
        }
    }

    private static String getFormattedText(byte[] bArr) {
        StringBuilder sb = new StringBuilder(bArr.length * 2);
        for (byte b : bArr) {
            sb.append(HEX_DIGITS[(b >> 4) & 15]);
            sb.append(HEX_DIGITS[b & 15]);
        }
        return sb.toString();
    }
}
