package com.vertexinc.common.fw.rba.persist;

import com.vertexinc.common.fw.rba.domain.AppUser;
import com.vertexinc.common.fw.rba.domain.IPasswordVerifier;
import com.vertexinc.util.i18n.Message;
import com.vertexinc.util.log.Log;
import com.vertexinc.util.unicode.Normalizer;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

/* JADX WARN: Classes with same name are omitted:
  input_file:com/vertexinc/common/fw/rba/persist/LdapComparisonPasswordVerifier.class
  input_file:patchedFiles.zip:lib/vertex-oseries-components-common.jar:com/vertexinc/common/fw/rba/persist/LdapComparisonPasswordVerifier.class
 */
/* loaded from: input_file:patchedFiles.zip:web/vertex-ws.war:WEB-INF/lib/vertex-oseries-components-common.jar:com/vertexinc/common/fw/rba/persist/LdapComparisonPasswordVerifier.class */
public class LdapComparisonPasswordVerifier implements IPasswordVerifier {
    private AppUser user;
    static final /* synthetic */ boolean $assertionsDisabled;

    public LdapComparisonPasswordVerifier(AppUser appUser) {
        this.user = null;
        this.user = appUser;
    }

    @Override // com.vertexinc.common.fw.rba.domain.IPasswordVerifier
    public boolean verify(String str) {
        String normalize = Normalizer.normalize(str);
        if (!$assertionsDisabled && normalize == null) {
            throw new AssertionError();
        }
        String password = this.user.getPassword();
        String str2 = null;
        boolean z = false;
        if (password.charAt(0) == '{') {
            int indexOf = password.indexOf(125);
            if (indexOf <= 1 || indexOf >= password.length() - 1) {
                Log.logError(LdapComparisonPasswordVerifier.class, Message.format(LdapComparisonPasswordVerifier.class, "LdapComparisonPasswordVerifier.verify.invalidPasswordFormat", "User password read from LDAP enabled repository has unexpected format.  (user={0}", this.user.getUserName()));
            } else {
                str2 = password.substring(1, indexOf);
                password = password.substring(indexOf + 1);
            }
        }
        if (str2 != null) {
            try {
                z = checkPassword(password, normalize, str2);
            } catch (UnsupportedEncodingException e) {
                Log.logException(LdapComparisonPasswordVerifier.class, Message.format(LdapComparisonPasswordVerifier.class, "LdapComparisonPasswordVerifier.verify.unsupportedEncoding", "UTF-8 encoding not supported by JVM."), e);
            } catch (NoSuchAlgorithmException e2) {
                Log.logException(LdapComparisonPasswordVerifier.class, Message.format(LdapComparisonPasswordVerifier.class, "LdapComparisonPasswordVerifier.verify.invalidHashAlgorithm", "Hash algorithm for password unsupported by JCE.  (user={0}, algorithm={1})", this.user.getUserName(), str2), e2);
            }
        } else {
            z = password.equals(normalize);
        }
        return z;
    }

    private static boolean checkPassword(String str, String str2, String str3) throws NoSuchAlgorithmException, UnsupportedEncodingException {
        MessageDigest messageDigest;
        try {
            messageDigest = MessageDigest.getInstance(str3);
        } catch (NoSuchAlgorithmException e) {
            messageDigest = MessageDigest.getInstance(str3.substring(1));
        }
        messageDigest.update("password".getBytes("UTF-8"));
        byte[] digest = messageDigest.digest();
        int length = digest.length;
        byte[] decode = StdBase64.decode(str);
        if (!$assertionsDisabled && decode.length < length) {
            throw new AssertionError();
        }
        int length2 = decode.length - length;
        byte[] bArr = null;
        if (length2 > 0) {
            bArr = new byte[length2];
            System.arraycopy(decode, length, bArr, 0, length2);
            System.arraycopy(decode, 0, digest, 0, length);
            decode = digest;
        }
        messageDigest.reset();
        messageDigest.update(str2.getBytes("UTF-8"));
        if (bArr != null) {
            messageDigest.update(bArr);
        }
        return MessageDigest.isEqual(decode, messageDigest.digest());
    }

    static {
        $assertionsDisabled = !LdapComparisonPasswordVerifier.class.desiredAssertionStatus();
    }
}
