package org.apache.directory.server.kerberos.shared.crypto.encryption;

import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.directory.api.ldap.model.constants.LdapSecurityConstants;
import org.apache.directory.api.ldap.model.constants.Loggers;
import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
import org.apache.directory.shared.kerberos.components.EncryptedData;
import org.apache.directory.shared.kerberos.components.EncryptionKey;
import org.apache.directory.shared.kerberos.exceptions.ErrorType;
import org.apache.directory.shared.kerberos.exceptions.KerberosException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX WARN: Classes with same name are omitted:
  input_file:hadoop-hdfs-httpfs-2.6.5/share/hadoop/httpfs/tomcat/webapps/webhdfs/WEB-INF/lib/apacheds-kerberos-codec-2.0.0-M15.jar:org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.class
  input_file:webhdfs/WEB-INF/lib/apacheds-kerberos-codec-2.0.0-M15.jar:org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.class
 */
/* loaded from: input_file:webhdfs.war:WEB-INF/lib/apacheds-kerberos-codec-2.0.0-M15.jar:org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.class */
class DesCbcMd5Encryption extends EncryptionEngine {
    private static final Logger LOG_KRB = LoggerFactory.getLogger(Loggers.KERBEROS_LOG.getName());
    private static final byte[] iv = {0, 0, 0, 0, 0, 0, 0, 0};

    DesCbcMd5Encryption() {
    }

    @Override // org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionEngine
    public EncryptionType getEncryptionType() {
        return EncryptionType.DES_CBC_MD5;
    }

    @Override // org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionEngine
    public int getConfounderLength() {
        return 8;
    }

    @Override // org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionEngine
    public int getChecksumLength() {
        return 16;
    }

    @Override // org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionEngine
    public byte[] calculateIntegrity(byte[] bArr, byte[] bArr2, KeyUsage keyUsage) {
        try {
            return MessageDigest.getInstance(LdapSecurityConstants.HASH_METHOD_MD5.getAlgorithm()).digest(bArr);
        } catch (NoSuchAlgorithmException e) {
            return null;
        }
    }

    @Override // org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionEngine
    public byte[] getDecryptedData(EncryptionKey encryptionKey, EncryptedData encryptedData, KeyUsage keyUsage) throws KerberosException {
        LOG_KRB.debug("Decrypting data using {}", encryptionKey);
        byte[] decrypt = decrypt(encryptedData.getCipher(), encryptionKey.getKeyValue());
        byte[] bArr = new byte[getChecksumLength()];
        System.arraycopy(decrypt, getConfounderLength(), bArr, 0, bArr.length);
        for (int confounderLength = getConfounderLength(); confounderLength < getConfounderLength() + getChecksumLength(); confounderLength++) {
            decrypt[confounderLength] = 0;
        }
        if (Arrays.equals(bArr, calculateIntegrity(decrypt, encryptionKey.getKeyValue(), keyUsage))) {
            return removeLeadingBytes(decrypt, getConfounderLength(), getChecksumLength());
        }
        throw new KerberosException(ErrorType.KRB_AP_ERR_BAD_INTEGRITY);
    }

    @Override // org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionEngine
    public EncryptedData getEncryptedData(EncryptionKey encryptionKey, byte[] bArr, KeyUsage keyUsage) {
        byte[] padString = padString(concatenateBytes(getRandomBytes(getConfounderLength()), concatenateBytes(new byte[getChecksumLength()], bArr)));
        byte[] calculateIntegrity = calculateIntegrity(padString, null, keyUsage);
        for (int confounderLength = getConfounderLength(); confounderLength < getConfounderLength() + getChecksumLength(); confounderLength++) {
            padString[confounderLength] = calculateIntegrity[confounderLength - getConfounderLength()];
        }
        return new EncryptedData(getEncryptionType(), encryptionKey.getKeyVersion(), encrypt(padString, encryptionKey.getKeyValue()));
    }

    @Override // org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionEngine
    public byte[] encrypt(byte[] bArr, byte[] bArr2) {
        return processCipher(true, bArr, bArr2);
    }

    @Override // org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionEngine
    public byte[] decrypt(byte[] bArr, byte[] bArr2) {
        return processCipher(false, bArr, bArr2);
    }

    private byte[] processCipher(boolean z, byte[] bArr, byte[] bArr2) {
        try {
            Cipher cipher = Cipher.getInstance("DES/CBC/NoPadding");
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr2, "DES");
            IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
            if (z) {
                cipher.init(1, secretKeySpec, ivParameterSpec);
            } else {
                cipher.init(2, secretKeySpec, ivParameterSpec);
            }
            return cipher.doFinal(bArr);
        } catch (GeneralSecurityException e) {
            e.printStackTrace();
            return null;
        }
    }
}
