package org.owasp.esapi.reference;

import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.util.Date;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import org.owasp.esapi.ESAPI;
import org.owasp.esapi.Encryptor;
import org.owasp.esapi.errors.EncryptionException;
import org.owasp.esapi.errors.IntegrityException;

/* loaded from: classes.dex */
public class JavaEncryptor implements Encryptor {
    String encoding;
    String encryptAlgorithm;
    String hashAlgorithm;
    PBEParameterSpec parameterSpec;
    PrivateKey privateKey;
    PublicKey publicKey;
    String randomAlgorithm;
    SecretKey secretKey;
    String signatureAlgorithm;

    public JavaEncryptor() {
        this.privateKey = null;
        this.publicKey = null;
        this.parameterSpec = null;
        this.secretKey = null;
        this.encryptAlgorithm = "PBEWithMD5AndDES";
        this.signatureAlgorithm = "SHAwithDSA";
        this.hashAlgorithm = "SHA-512";
        this.randomAlgorithm = "SHA1PRNG";
        this.encoding = "UTF-8";
        byte[] masterSalt = ESAPI.securityConfiguration().getMasterSalt();
        char[] masterPassword = ESAPI.securityConfiguration().getMasterPassword();
        this.encryptAlgorithm = ESAPI.securityConfiguration().getEncryptionAlgorithm();
        this.signatureAlgorithm = ESAPI.securityConfiguration().getDigitalSignatureAlgorithm();
        this.randomAlgorithm = ESAPI.securityConfiguration().getRandomAlgorithm();
        this.hashAlgorithm = ESAPI.securityConfiguration().getHashAlgorithm();
        try {
            this.parameterSpec = new PBEParameterSpec(masterSalt, 20);
            this.secretKey = SecretKeyFactory.getInstance(this.encryptAlgorithm).generateSecret(new PBEKeySpec(masterPassword));
            this.encoding = ESAPI.securityConfiguration().getCharacterEncoding();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DSA");
            SecureRandom secureRandom = SecureRandom.getInstance(this.randomAlgorithm);
            secureRandom.setSeed(hash(new String(masterPassword), new String(masterSalt)).getBytes());
            keyPairGenerator.initialize(1024, secureRandom);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            this.privateKey = generateKeyPair.getPrivate();
            this.publicKey = generateKeyPair.getPublic();
        } catch (Exception e) {
            new EncryptionException("Encryption failure", "Error creating Encryptor", e);
        }
    }

    @Override // org.owasp.esapi.Encryptor
    public String decrypt(String str) throws EncryptionException {
        try {
            Cipher cipher = Cipher.getInstance(this.encryptAlgorithm);
            cipher.init(2, this.secretKey, this.parameterSpec);
            return new String(cipher.doFinal(ESAPI.encoder().decodeFromBase64(str)), this.encoding);
        } catch (Exception e) {
            throw new EncryptionException("Decryption failed", new StringBuffer("Decryption problem: ").append(e.getMessage()).toString(), e);
        }
    }

    @Override // org.owasp.esapi.Encryptor
    public String encrypt(String str) throws EncryptionException {
        try {
            Cipher cipher = Cipher.getInstance(this.encryptAlgorithm);
            cipher.init(1, this.secretKey, this.parameterSpec);
            return ESAPI.encoder().encodeForBase64(cipher.doFinal(str.getBytes(this.encoding)), false);
        } catch (Exception e) {
            throw new EncryptionException("Encryption failure", new StringBuffer("Encryption problem: ").append(e.getMessage()).toString(), e);
        }
    }

    @Override // org.owasp.esapi.Encryptor
    public long getRelativeTimeStamp(long j) {
        return new Date().getTime() + j;
    }

    @Override // org.owasp.esapi.Encryptor
    public long getTimeStamp() {
        return new Date().getTime();
    }

    @Override // org.owasp.esapi.Encryptor
    public String hash(String str, String str2) throws EncryptionException {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(this.hashAlgorithm);
            messageDigest.reset();
            messageDigest.update(ESAPI.securityConfiguration().getMasterSalt());
            messageDigest.update(str2.getBytes());
            messageDigest.update(str.getBytes());
            byte[] digest = messageDigest.digest();
            for (int i = 0; i < 1024; i++) {
                messageDigest.reset();
                digest = messageDigest.digest(digest);
            }
            return ESAPI.encoder().encodeForBase64(digest, false);
        } catch (NoSuchAlgorithmException e) {
            throw new EncryptionException("Internal error", new StringBuffer("Can't find hash algorithm ").append(this.hashAlgorithm).toString(), e);
        }
    }

    @Override // org.owasp.esapi.Encryptor
    public String seal(String str, long j) throws IntegrityException {
        try {
            return encrypt(new StringBuffer(String.valueOf(j)).append(":").append(ESAPI.randomizer().getRandomString(10, DefaultEncoder.CHAR_ALPHANUMERICS)).append(":").append(str).toString());
        } catch (EncryptionException e) {
            throw new IntegrityException(e.getUserMessage(), e.getLogMessage(), e);
        }
    }

    @Override // org.owasp.esapi.Encryptor
    public String sign(String str) throws EncryptionException {
        try {
            Signature signature = Signature.getInstance("SHAwithDSA");
            signature.initSign(this.privateKey);
            signature.update(str.getBytes());
            return ESAPI.encoder().encodeForBase64(signature.sign(), true);
        } catch (Exception e) {
            throw new EncryptionException("Signature failure", new StringBuffer("Can't find signature algorithm ").append("SHAwithDSA").toString(), e);
        }
    }

    @Override // org.owasp.esapi.Encryptor
    public String unseal(String str) throws EncryptionException {
        try {
            String decrypt = decrypt(str);
            int indexOf = decrypt.indexOf(":");
            if (indexOf == -1) {
                throw new EncryptionException("Invalid seal", "Seal did not contain properly formatted separator");
            }
            if (new Date().getTime() > Long.parseLong(decrypt.substring(0, indexOf))) {
                throw new EncryptionException("Invalid seal", "Seal expiration date has expired");
            }
            return decrypt.substring(decrypt.indexOf(":", indexOf + 1) + 1);
        } catch (EncryptionException e) {
            throw new EncryptionException("Invalid seal", "Seal did not decrypt properly", e);
        }
    }

    @Override // org.owasp.esapi.Encryptor
    public boolean verifySeal(String str) {
        try {
            unseal(str);
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    @Override // org.owasp.esapi.Encryptor
    public boolean verifySignature(String str, String str2) {
        try {
            byte[] decodeFromBase64 = ESAPI.encoder().decodeFromBase64(str);
            Signature signature = Signature.getInstance(this.signatureAlgorithm);
            signature.initVerify(this.publicKey);
            signature.update(str2.getBytes());
            return signature.verify(decodeFromBase64);
        } catch (Exception e) {
            new EncryptionException("Invalid signature", new StringBuffer("Problem verifying signature: ").append(e.getMessage()).toString(), e);
            return false;
        }
    }
}
