package org.apache.jackrabbit.vault.fs.config;

import java.io.ByteArrayOutputStream;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.jcr.Credentials;
import javax.jcr.SimpleCredentials;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamWriter;
import org.apache.jackrabbit.util.Text;
import org.apache.sling.distribution.queue.impl.simple.SimpleDistributionQueueProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.ContentHandler;
import org.xml.sax.SAXException;

/* loaded from: input_file:lib/slingcms.far:org/apache/jackrabbit/vault/org.apache.jackrabbit.vault/3.7.0/org.apache.jackrabbit.vault-3.7.0.jar:org/apache/jackrabbit/vault/fs/config/SimpleCredentialsConfig.class */
public class SimpleCredentialsConfig extends CredentialsConfig {
    private static final int KEY_LENGTH = 8;
    private static final String PREFIX = "{DES}";
    private static final Logger log;
    private final SimpleCredentials creds;
    public static final String ELEM_USER = "user";
    public static final String ATTR_NAME = "name";
    public static final String ATTR_PASSWORD = "password";
    static final /* synthetic */ boolean $assertionsDisabled;

    public SimpleCredentialsConfig(SimpleCredentials simpleCredentials) {
        super(SimpleDistributionQueueProvider.TYPE);
        this.creds = simpleCredentials;
    }

    @Override // org.apache.jackrabbit.vault.fs.config.CredentialsConfig
    public Credentials getCredentials() {
        return this.creds;
    }

    public static SimpleCredentialsConfig load(Element element) throws ConfigurationException {
        if (!$assertionsDisabled && !element.getNodeName().equals(CredentialsConfig.ELEM_CREDETIALS)) {
            throw new AssertionError();
        }
        NodeList childNodes = element.getChildNodes();
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            if (item.getNodeType() == 1 && item.getNodeName().equals("user")) {
                Element element2 = (Element) item;
                String attribute = element2.getAttribute("name");
                String decrypt = decrypt(element2.getAttribute("password"));
                return new SimpleCredentialsConfig(new SimpleCredentials(attribute, decrypt == null ? new char[0] : decrypt.toCharArray()));
            }
        }
        throw new ConfigurationException("mandatory element <user> missing.");
    }

    @Override // org.apache.jackrabbit.vault.fs.config.CredentialsConfig
    @Deprecated
    public void writeInner(ContentHandler contentHandler) throws SAXException {
        throw new UnsupportedOperationException("No longer supports write with a SAX contentHandler, user write with XMLStreamWriter instead!");
    }

    @Override // org.apache.jackrabbit.vault.fs.config.CredentialsConfig
    protected void writeInner(XMLStreamWriter xMLStreamWriter) throws XMLStreamException {
        if (this.creds != null) {
            xMLStreamWriter.writeStartElement("user");
            xMLStreamWriter.writeAttribute("name", this.creds.getUserID());
            xMLStreamWriter.writeAttribute("password", encrypt(new String(this.creds.getPassword())));
            xMLStreamWriter.writeEndElement();
        }
    }

    private static String encrypt(String str) {
        try {
            SecretKey generateKey = KeyGenerator.getInstance("DES").generateKey();
            Cipher cipher = Cipher.getInstance("DES");
            byte[] encoded = generateKey.getEncoded();
            byte[] bytes = str.getBytes("utf-8");
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(encoded.length + bytes.length);
            byteArrayOutputStream.write(encoded);
            cipher.init(1, generateKey);
            byteArrayOutputStream.write(cipher.update(bytes));
            byteArrayOutputStream.write(cipher.doFinal());
            StringBuilder sb = new StringBuilder(PREFIX);
            for (byte b : byteArrayOutputStream.toByteArray()) {
                sb.append(Text.hexTable[(b >> 4) & 15]).append(Text.hexTable[b & 15]);
            }
            return sb.toString();
        } catch (Exception e) {
            log.warn("Unable to encrypt string: " + e);
            return null;
        }
    }

    private static String decrypt(String str) {
        if (str == null || !str.startsWith(PREFIX)) {
            return str;
        }
        try {
            byte[] bArr = new byte[(str.length() - PREFIX.length()) / 2];
            int length = PREFIX.length();
            int i = 0;
            while (length < str.length()) {
                bArr[i] = (byte) (Integer.parseInt(str.substring(length, length + 2), 16) & 255);
                length += 2;
                i++;
            }
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, 0, 8, "DES");
            Cipher cipher = Cipher.getInstance("DES");
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(bArr.length);
            try {
                cipher.init(2, secretKeySpec);
                byteArrayOutputStream.write(cipher.update(bArr, 8, bArr.length - 8));
                byteArrayOutputStream.write(cipher.doFinal());
                String byteArrayOutputStream2 = byteArrayOutputStream.toString("utf-8");
                byteArrayOutputStream.close();
                return byteArrayOutputStream2;
            } finally {
            }
        } catch (Exception e) {
            log.warn("Unable to decrypt data: " + e);
            return null;
        }
    }

    static {
        $assertionsDisabled = !SimpleCredentialsConfig.class.desiredAssertionStatus();
        log = LoggerFactory.getLogger((Class<?>) SimpleCredentialsConfig.class);
    }
}
