package org.rapidoid.crypto;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.xml.bind.DatatypeConverter;
import org.netnix.AES;
import org.rapidoid.RapidoidThing;
import org.rapidoid.commons.Str;
import org.rapidoid.config.Conf;
import org.rapidoid.log.Log;
import org.rapidoid.u.U;
import org.rapidoid.util.Constants;

/* loaded from: input_file:org/rapidoid/crypto/Crypto.class */
public class Crypto extends RapidoidThing {
    private static volatile byte[] secretKey;
    public static final SecureRandom RANDOM = new SecureRandom();
    private static final byte[] DEFAULT_PBKDF2_SALT = {0, -3, -76, 48, 23, 1, 43, -41, -120, 45, -92, -113, -100, 70, -68, -46, 96, -93, 15, 99};

    public static void reset() {
        secretKey = null;
    }

    public static MessageDigest digest(String str) {
        try {
            return MessageDigest.getInstance(str);
        } catch (NoSuchAlgorithmException e) {
            throw U.rte("Cannot find crypto algorithm: " + str);
        }
    }

    public static Cipher cipher(String str) {
        try {
            return Cipher.getInstance(str);
        } catch (NoSuchAlgorithmException e) {
            throw U.rte("Cannot find crypto algorithm: " + str);
        } catch (NoSuchPaddingException e2) {
            throw U.rte("No such padding: " + str);
        }
    }

    public static String bytesAsText(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (byte b : bArr) {
            sb.append(Integer.toString((b & 255) + 256, 16).substring(1));
        }
        return sb.toString();
    }

    public static byte[] md5Bytes(byte[] bArr) {
        MessageDigest digest = digest("MD5");
        digest.update(bArr);
        return digest.digest();
    }

    public static String md5(byte[] bArr) {
        return bytesAsText(md5Bytes(bArr));
    }

    public static String md5(String str) {
        return md5(str.getBytes());
    }

    public static byte[] sha1Bytes(byte[] bArr) {
        MessageDigest digest = digest("SHA-1");
        digest.update(bArr);
        return digest.digest();
    }

    public static String sha1(byte[] bArr) {
        return bytesAsText(sha1Bytes(bArr));
    }

    public static String sha1(String str) {
        return sha1(str.getBytes());
    }

    public static byte[] sha512Bytes(byte[] bArr) {
        MessageDigest digest = digest("SHA-512");
        digest.update(bArr);
        return digest.digest();
    }

    public static String sha512(byte[] bArr) {
        return bytesAsText(sha512Bytes(bArr));
    }

    public static String sha512(String str) {
        return sha512(str.getBytes());
    }

    public static synchronized byte[] getSecretKey() {
        if (secretKey == null) {
            initSecret();
        }
        U.notNull(secretKey, "app secret key", new Object[0]);
        return secretKey;
    }

    private static synchronized void initSecret() {
        String orNull = Conf.ROOT.entry("secret").str().getOrNull();
        if (orNull != null) {
            secretKey = pbkdf2(orNull);
            return;
        }
        Log.warn("!Application secret was not specified, generating random secret!");
        byte[] bArr = new byte[Constants.UTF8_CONTINUATION];
        RANDOM.nextBytes(bArr);
        secretKey = pbkdf2(Str.toHex(bArr));
    }

    public static byte[] randomBytes(int i) {
        byte[] bArr = new byte[i];
        RANDOM.nextBytes(bArr);
        return bArr;
    }

    public static String randomStr(int i) {
        return DatatypeConverter.printHexBinary(randomBytes(i));
    }

    public static byte[] encrypt(byte[] bArr, byte[] bArr2) {
        try {
            return AES.encrypt(bArr, bArr2);
        } catch (Exception e) {
            throw U.rte(e);
        }
    }

    public static byte[] decrypt(byte[] bArr, byte[] bArr2) {
        try {
            return AES.decrypt(bArr, bArr2);
        } catch (Exception e) {
            throw U.rte(e);
        }
    }

    public static byte[] encrypt(byte[] bArr) {
        return encrypt(bArr, getSecretKey());
    }

    public static byte[] decrypt(byte[] bArr) {
        return decrypt(bArr, getSecretKey());
    }

    public static byte[] pbkdf2(String str, byte[] bArr, int i, int i2) {
        try {
            return AES.generateKey(str, bArr, i, i2);
        } catch (Exception e) {
            throw U.rte(e);
        }
    }

    public static byte[] pbkdf2(String str) {
        return pbkdf2(str, DEFAULT_PBKDF2_SALT, 100000, 256);
    }

    public static String passwordHash(String str) {
        return passwordHash(str, 100000);
    }

    public static String passwordHash(String str, int i) {
        return passwordHash(str, i, randomSalt());
    }

    public static String passwordHash(String str, int i, byte[] bArr) {
        return Str.toBase64(pbkdf2(str, bArr, i, 256)) + "$" + Str.toBase64(bArr) + "$" + i;
    }

    public static boolean passwordMatches(String str, String str2) {
        String[] split = str2.split("\\$");
        if (split.length != 3) {
            return false;
        }
        try {
            return Arrays.equals(Str.fromBase64(split[0]), pbkdf2(str, Str.fromBase64(split[1]), U.num(split[2]), 256));
        } catch (Exception e) {
            return false;
        }
    }

    public static byte[] randomSalt() {
        byte[] bArr = new byte[20];
        RANDOM.nextBytes(bArr);
        return bArr;
    }
}
