package org.apache.catalina.realm;

import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Random;
import org.apache.catalina.CredentialHandler;
import org.apache.juli.logging.Log;
import org.apache.tomcat.util.buf.HexUtils;
import org.apache.tomcat.util.res.StringManager;

/* loaded from: input_file:WEB-INF/lib/tomcat-embed-core-8.5.34.jar:org/apache/catalina/realm/DigestCredentialHandlerBase.class */
public abstract class DigestCredentialHandlerBase implements CredentialHandler {
    protected static final StringManager sm = StringManager.getManager((Class<?>) DigestCredentialHandlerBase.class);
    public static final int DEFAULT_SALT_LENGTH = 32;
    private int iterations = getDefaultIterations();
    private int saltLength = getDefaultSaltLength();
    private final Object randomLock = new Object();
    private volatile Random random = null;
    private boolean logInvalidStoredCredentials = false;

    public int getIterations() {
        return this.iterations;
    }

    public void setIterations(int i) {
        this.iterations = i;
    }

    public int getSaltLength() {
        return this.saltLength;
    }

    public void setSaltLength(int i) {
        this.saltLength = i;
    }

    public boolean getLogInvalidStoredCredentials() {
        return this.logInvalidStoredCredentials;
    }

    public void setLogInvalidStoredCredentials(boolean z) {
        this.logInvalidStoredCredentials = z;
    }

    @Override // org.apache.catalina.CredentialHandler
    public String mutate(String str) {
        byte[] bArr = null;
        int iterations = getIterations();
        int saltLength = getSaltLength();
        if (saltLength == 0) {
            bArr = new byte[0];
        } else if (saltLength > 0) {
            if (this.random == null) {
                synchronized (this.randomLock) {
                    if (this.random == null) {
                        this.random = new SecureRandom();
                    }
                }
            }
            bArr = new byte[saltLength];
            this.random.nextBytes(bArr);
        }
        String mutate = mutate(str, bArr, iterations);
        if (mutate == null) {
            return null;
        }
        if (saltLength == 0 && iterations == 1) {
            return mutate;
        }
        StringBuilder sb = new StringBuilder((saltLength << 1) + 10 + mutate.length() + 2);
        sb.append(HexUtils.toHexString(bArr));
        sb.append('$');
        sb.append(iterations);
        sb.append('$');
        sb.append(mutate);
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean matchesSaltIterationsEncoded(String str, String str2) {
        if (str2 == null) {
            logInvalidStoredCredentials(null);
            return false;
        }
        int indexOf = str2.indexOf(36);
        int indexOf2 = str2.indexOf(36, indexOf + 1);
        if (indexOf < 0 || indexOf2 < 0) {
            logInvalidStoredCredentials(str2);
            return false;
        }
        String substring = str2.substring(0, indexOf);
        int parseInt = Integer.parseInt(str2.substring(indexOf + 1, indexOf2));
        String substring2 = str2.substring(indexOf2 + 1);
        try {
            String mutate = mutate(str, HexUtils.fromHexString(substring), parseInt, HexUtils.fromHexString(substring2).length * 8);
            if (mutate == null) {
                return false;
            }
            return substring2.equalsIgnoreCase(mutate);
        } catch (IllegalArgumentException e) {
            logInvalidStoredCredentials(str2);
            return false;
        }
    }

    private void logInvalidStoredCredentials(String str) {
        if (this.logInvalidStoredCredentials) {
            getLog().warn(sm.getString("credentialHandler.invalidStoredCredential", str));
        }
    }

    protected int getDefaultSaltLength() {
        return 32;
    }

    protected abstract String mutate(String str, byte[] bArr, int i);

    protected String mutate(String str, byte[] bArr, int i, int i2) {
        return mutate(str, bArr, i);
    }

    public abstract void setAlgorithm(String str) throws NoSuchAlgorithmException;

    public abstract String getAlgorithm();

    protected abstract int getDefaultIterations();

    protected abstract Log getLog();
}
