package org.apache.shiro.tools.hasher;

import java.io.Console;
import java.io.File;
import java.io.IOException;
import java.util.Arrays;
import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.DefaultParser;
import org.apache.commons.cli.HelpFormatter;
import org.apache.commons.cli.Option;
import org.apache.commons.cli.Options;
import org.apache.shiro.codec.Base64;
import org.apache.shiro.codec.Hex;
import org.apache.shiro.crypto.SecureRandomNumberGenerator;
import org.apache.shiro.crypto.UnknownAlgorithmException;
import org.apache.shiro.crypto.hash.DefaultHashService;
import org.apache.shiro.crypto.hash.Hash;
import org.apache.shiro.crypto.hash.SimpleHashRequest;
import org.apache.shiro.crypto.hash.format.DefaultHashFormatFactory;
import org.apache.shiro.crypto.hash.format.HashFormat;
import org.apache.shiro.crypto.hash.format.HashFormatFactory;
import org.apache.shiro.crypto.hash.format.HexFormat;
import org.apache.shiro.crypto.hash.format.Shiro1CryptFormat;
import org.apache.shiro.io.ResourceUtils;
import org.apache.shiro.util.ByteSource;
import org.apache.shiro.util.JavaEnvironment;
import org.apache.shiro.util.StringUtils;

/* loaded from: input_file:org/apache/shiro/tools/hasher/Hasher.class */
public final class Hasher {
    private static final String HEX_PREFIX = "0x";
    private static final String DEFAULT_ALGORITHM_NAME = "MD5";
    private static final String DEFAULT_PASSWORD_ALGORITHM_NAME = "SHA-256";
    private static final int DEFAULT_GENERATED_SALT_SIZE = 128;
    private static final int DEFAULT_NUM_ITERATIONS = 1;
    private static final int DEFAULT_PASSWORD_NUM_ITERATIONS = 500000;
    private static final Option ALGORITHM;
    private static final Option DEBUG;
    private static final Option FORMAT;
    private static final Option HELP;
    private static final Option ITERATIONS;
    private static final Option PASSWORD;
    private static final Option PASSWORD_NC;
    private static final Option RESOURCE;
    private static final Option SALT;
    private static final Option SALT_BYTES;
    private static final Option SALT_GEN;
    private static final Option NO_SALT_GEN;
    private static final Option SALT_GEN_SIZE;
    private static final Option PRIVATE_SALT;
    private static final Option PRIVATE_SALT_BYTES;
    private static final String SALT_MUTEX_MSG;
    private static final HashFormatFactory HASH_FORMAT_FACTORY;
    static final /* synthetic */ boolean $assertionsDisabled;

    public static void main(String[] strArr) {
        Object file;
        DefaultParser defaultParser = new DefaultParser();
        Options options = new Options();
        options.addOption(HELP).addOption(DEBUG).addOption(ALGORITHM).addOption(ITERATIONS);
        options.addOption(RESOURCE).addOption(PASSWORD).addOption(PASSWORD_NC);
        options.addOption(SALT).addOption(SALT_BYTES).addOption(SALT_GEN).addOption(SALT_GEN_SIZE).addOption(NO_SALT_GEN);
        options.addOption(PRIVATE_SALT).addOption(PRIVATE_SALT_BYTES);
        options.addOption(FORMAT);
        boolean z = false;
        boolean z2 = DEFAULT_NUM_ITERATIONS;
        boolean z3 = false;
        int i = DEFAULT_GENERATED_SALT_SIZE;
        char[] cArr = null;
        try {
            try {
                try {
                    CommandLine parse = defaultParser.parse(options, strArr);
                    if (parse.hasOption(HELP.getOpt())) {
                        printHelpAndExit(options, null, false, 0);
                    }
                    boolean z4 = parse.hasOption(DEBUG.getOpt()) ? DEFAULT_NUM_ITERATIONS : false;
                    String optionValue = parse.hasOption(ALGORITHM.getOpt()) ? parse.getOptionValue(ALGORITHM.getOpt()) : null;
                    int requiredPositiveInt = parse.hasOption(ITERATIONS.getOpt()) ? getRequiredPositiveInt(parse, ITERATIONS) : 0;
                    if (parse.hasOption(PASSWORD.getOpt())) {
                        z = DEFAULT_NUM_ITERATIONS;
                        z3 = DEFAULT_NUM_ITERATIONS;
                    }
                    boolean z5 = parse.hasOption(RESOURCE.getOpt()) ? DEFAULT_NUM_ITERATIONS : false;
                    if (parse.hasOption(PASSWORD_NC.getOpt())) {
                        z = DEFAULT_NUM_ITERATIONS;
                        z3 = DEFAULT_NUM_ITERATIONS;
                        z2 = false;
                    }
                    String optionValue2 = parse.hasOption(SALT.getOpt()) ? parse.getOptionValue(SALT.getOpt()) : null;
                    String optionValue3 = parse.hasOption(SALT_BYTES.getOpt()) ? parse.getOptionValue(SALT_BYTES.getOpt()) : null;
                    if (parse.hasOption(NO_SALT_GEN.getOpt())) {
                        z3 = false;
                    }
                    if (parse.hasOption(SALT_GEN.getOpt())) {
                        z3 = DEFAULT_NUM_ITERATIONS;
                    }
                    if (parse.hasOption(SALT_GEN_SIZE.getOpt())) {
                        z3 = DEFAULT_NUM_ITERATIONS;
                        i = getRequiredPositiveInt(parse, SALT_GEN_SIZE);
                        if (i % 8 != 0) {
                            throw new IllegalArgumentException("Generated salt size must be a multiple of 8 (e.g. 128, 192, 256, 512, etc).");
                        }
                    }
                    String optionValue4 = parse.hasOption(PRIVATE_SALT.getOpt()) ? parse.getOptionValue(PRIVATE_SALT.getOpt()) : null;
                    String optionValue5 = parse.hasOption(PRIVATE_SALT_BYTES.getOpt()) ? parse.getOptionValue(PRIVATE_SALT_BYTES.getOpt()) : null;
                    String optionValue6 = parse.hasOption(FORMAT.getOpt()) ? parse.getOptionValue(FORMAT.getOpt()) : null;
                    if (z) {
                        cArr = readPassword(z2);
                        file = cArr;
                    } else {
                        String[] args = parse.getArgs();
                        if (args == null || args.length != DEFAULT_NUM_ITERATIONS) {
                            printHelpAndExit(options, null, z4, -1);
                        }
                        if (!$assertionsDisabled && args == null) {
                            throw new AssertionError();
                        }
                        String hasher = toString(args);
                        file = z5 ? !ResourceUtils.hasResourcePrefix(hasher) ? toFile(hasher) : ResourceUtils.getInputStreamForPath(hasher) : hasher;
                    }
                    if (optionValue == null) {
                        optionValue = z ? DEFAULT_PASSWORD_ALGORITHM_NAME : DEFAULT_ALGORITHM_NAME;
                    }
                    if (requiredPositiveInt < DEFAULT_NUM_ITERATIONS) {
                        requiredPositiveInt = z ? DEFAULT_PASSWORD_NUM_ITERATIONS : DEFAULT_NUM_ITERATIONS;
                    }
                    ByteSource salt = getSalt(optionValue2, optionValue3, z3, i);
                    ByteSource salt2 = getSalt(optionValue4, optionValue5, false, i);
                    SimpleHashRequest simpleHashRequest = new SimpleHashRequest(optionValue, ByteSource.Util.bytes(file), salt, requiredPositiveInt);
                    DefaultHashService defaultHashService = new DefaultHashService();
                    defaultHashService.setPrivateSalt(salt2);
                    Hash computeHash = defaultHashService.computeHash(simpleHashRequest);
                    if (optionValue6 == null) {
                        optionValue6 = z ? Shiro1CryptFormat.class.getName() : HexFormat.class.getName();
                    }
                    HashFormat hashFormatFactory = HASH_FORMAT_FACTORY.getInstance(optionValue6);
                    if (hashFormatFactory == null) {
                        throw new IllegalArgumentException("Unrecognized hash format '" + optionValue6 + "'.");
                    }
                    System.out.println(hashFormatFactory.format(computeHash));
                    if (cArr == null || cArr.length <= 0) {
                        return;
                    }
                    for (int i2 = 0; i2 < cArr.length; i2 += DEFAULT_NUM_ITERATIONS) {
                        cArr[i2] = ' ';
                    }
                } catch (IllegalArgumentException e) {
                    exit(e, false);
                    if (0 == 0 || cArr.length <= 0) {
                        return;
                    }
                    for (int i3 = 0; i3 < cArr.length; i3 += DEFAULT_NUM_ITERATIONS) {
                        cArr[i3] = ' ';
                    }
                } catch (Exception e2) {
                    printHelpAndExit(options, e2, false, -1);
                    if (0 == 0 || cArr.length <= 0) {
                        return;
                    }
                    for (int i4 = 0; i4 < cArr.length; i4 += DEFAULT_NUM_ITERATIONS) {
                        cArr[i4] = ' ';
                    }
                }
            } catch (IOException e3) {
                exit(e3, false);
                if (0 == 0 || cArr.length <= 0) {
                    return;
                }
                for (int i5 = 0; i5 < cArr.length; i5 += DEFAULT_NUM_ITERATIONS) {
                    cArr[i5] = ' ';
                }
            } catch (UnknownAlgorithmException e4) {
                exit(e4, false);
                if (0 == 0 || cArr.length <= 0) {
                    return;
                }
                for (int i6 = 0; i6 < cArr.length; i6 += DEFAULT_NUM_ITERATIONS) {
                    cArr[i6] = ' ';
                }
            }
        } catch (Throwable th) {
            if (0 != 0 && cArr.length > 0) {
                for (int i7 = 0; i7 < cArr.length; i7 += DEFAULT_NUM_ITERATIONS) {
                    cArr[i7] = ' ';
                }
            }
            throw th;
        }
    }

    private static String createMutexMessage(Option... optionArr) {
        StringBuilder sb = new StringBuilder();
        sb.append("The ");
        for (int i = 0; i < optionArr.length; i += DEFAULT_NUM_ITERATIONS) {
            if (i > 0) {
                sb.append(", ");
            }
            Option option = optionArr[0];
            sb.append("-").append(option.getOpt()).append("/--").append(option.getLongOpt());
        }
        sb.append(" and generated salt options are mutually exclusive.  Only one of them may be used at a time");
        return sb.toString();
    }

    private static void exit(Exception exc, boolean z) {
        printException(exc, z);
        System.exit(-1);
    }

    private static int getRequiredPositiveInt(CommandLine commandLine, Option option) {
        try {
            return Integer.parseInt(commandLine.getOptionValue(option.getOpt()));
        } catch (NumberFormatException e) {
            throw new IllegalArgumentException("'" + option.getLongOpt() + "' value must be a positive integer.", e);
        }
    }

    private static ByteSource getSalt(String str, String str2, boolean z, int i) {
        if (str != null) {
            if (z || str2 != null) {
                throw new IllegalArgumentException(SALT_MUTEX_MSG);
            }
            return ByteSource.Util.bytes(str);
        }
        if (str2 == null) {
            if (z) {
                return new SecureRandomNumberGenerator().nextBytes(i / 8);
            }
            return null;
        }
        if (z) {
            throw new IllegalArgumentException(SALT_MUTEX_MSG);
        }
        String str3 = str2;
        boolean z2 = DEFAULT_NUM_ITERATIONS;
        if (str2.startsWith(HEX_PREFIX)) {
            z2 = false;
            str3 = str3.substring(HEX_PREFIX.length());
        }
        return ByteSource.Util.bytes(z2 ? Base64.decode(str3) : Hex.decode(str3));
    }

    private static void printException(Exception exc, boolean z) {
        if (exc != null) {
            System.out.println();
            if (z) {
                System.out.println("Error: ");
                exc.printStackTrace(System.out);
                System.out.println(exc.getMessage());
            } else {
                System.out.println("Error: " + exc.getMessage());
                System.out.println();
                System.out.println("Specify -d or --debug for more information.");
            }
        }
    }

    private static void printHelp(Options options, Exception exc, boolean z) {
        HelpFormatter helpFormatter = new HelpFormatter();
        String str = "\n<value> is optional only when hashing passwords (see below).  It is\nrequired all other times.\n\nPassword Hashing:\n---------------------------------\nSpecify the -p/--password option and DO NOT enter a <value>.  You will\nbe prompted for a password and characters will not echo as you type.\n\nSalting:\n---------------------------------\nSpecifying a salt:\n\nYou may specify a salt using the -s/--salt option followed by the salt\nvalue.  If the salt value is a base64 or hex string representing a\nbyte array, you must specify the -sb/--saltbytes option to indicate this,\notherwise the text value bytes will be used directly.\n\nWhen using -sb/--saltbytes, the -s/--salt value is expected to be a\nbase64-encoded string by default.  If the value is a hex-encoded string,\nyou must prefix the string with 0x (zero x) to indicate a hex value.\n\nGenerating a salt:\n\nUse the -sg/--saltgenerated option if you don't want to specify a salt,\nbut want a strong random salt to be generated and used during hashing.\nThe generated salt size defaults to 128 bits.  You may specify\na different size by using the -sgs/--saltgeneratedsize option followed by\na positive integer (size is in bits, not bytes).\n\nBecause a salt must be specified if computing the\nhash later, generated salts will be printed, defaulting to base64\nencoding.  If you prefer to use hex encoding, additionally use the\n-sgh/--saltgeneratedhex option.\n\nSpecifying a private salt:\n\nYou may specify a private salt using the -ps/--privatesalt option followed\nby the private salt value.  If the private salt value is a base64 or hex \nstring representing a byte array, you must specify the -psb/--privatesaltbytes\noption to indicate this, otherwise the text value bytes will be used directly.\n\nWhen using -psb/--privatesaltbytes, the -ps/--privatesalt value is expected to\nbe a base64-encoded string by default.  If the value is a hex-encoded string,\nyou must prefix the string with 0x (zero x) to indicate a hex value.\n\nFiles, URLs and classpath resources:\n---------------------------------\nIf using the -r/--resource option, the <value> represents a resource path.\nBy default this is expected to be a file path, but you may specify\nclasspath or URL resources by using the classpath: or url: prefix\nrespectively.\n\nSome examples:\n\n<command> -r fileInCurrentDirectory.txt\n<command> -r ../../relativePathFile.xml\n<command> -r ~/documents/myfile.pdf\n<command> -r /usr/local/logs/absolutePathFile.log\n<command> -r url:http://foo.com/page.html\n<command> -r classpath:/WEB-INF/lib/something.jar\n\nOutput Format:\n---------------------------------\nSpecify the -f/--format option followed by either 1) the format ID (as defined\nby the " + DefaultHashFormatFactory.class.getName() + "\nJavaDoc) or 2) the fully qualified " + HashFormat.class.getName() + "\nimplementation class name to instantiate and use for formatting.\n\nThe default output format is 'shiro1' which is a Modular Crypt Format (MCF)\nthat shows all relevant information as a dollar-sign ($) delimited string.\nThis format is ideal for use in Shiro's text-based user configuration (e.g.\nshiro.ini or a properties file).";
        printException(exc, z);
        System.out.println();
        helpFormatter.printHelp("java -jar shiro-tools-hasher-<version>.jar [options] [<value>]", "\nPrint a cryptographic hash (aka message digest) of the specified <value>.\n--\nOptions:", options, (String) null);
        System.out.println(str);
    }

    private static void printHelpAndExit(Options options, Exception exc, boolean z, int i) {
        printHelp(options, exc, z);
        System.exit(i);
    }

    private static char[] readPassword(boolean z) {
        if (!JavaEnvironment.isAtLeastVersion16()) {
            throw new IllegalArgumentException("Password hashing (prompt without echo) uses the java.io.Console to read passwords safely.  This is only available on Java 1.6 platforms and later.");
        }
        Console console = System.console();
        if (console == null) {
            throw new IllegalStateException("java.io.Console is not available on the current JVM.  Cannot read passwords.");
        }
        char[] readPassword = console.readPassword("%s", "Password to hash: ");
        if (readPassword == null || readPassword.length == 0) {
            throw new IllegalArgumentException("No password specified.");
        }
        if (!z || Arrays.equals(readPassword, console.readPassword("%s", "Password to hash (confirm): "))) {
            return readPassword;
        }
        throw new IllegalArgumentException("Password entries do not match.");
    }

    private static File toFile(String str) {
        String str2 = str;
        if (str.startsWith("~/") || str.startsWith("~\\")) {
            str2 = str.replaceFirst("\\~", System.getProperty("user.home"));
        }
        return new File(str2);
    }

    private static String toString(String[] strArr) {
        if ((strArr != null ? strArr.length : 0) == 0) {
            return null;
        }
        return StringUtils.toDelimitedString(strArr, " ");
    }

    static {
        $assertionsDisabled = !Hasher.class.desiredAssertionStatus();
        ALGORITHM = new Option("a", "algorithm", true, "hash algorithm name.  Defaults to SHA-256 when password hashing, MD5 otherwise.");
        DEBUG = new Option("d", "debug", false, "show additional error (stack trace) information.");
        FORMAT = new Option("f", "format", true, "hash output format.  Defaults to 'shiro1' when password hashing, 'hex' otherwise.  See below for more information.");
        HELP = new Option("help", "help", false, "show this help message.");
        ITERATIONS = new Option("i", "iterations", true, "number of hash iterations.  Defaults to 500000 when password hashing, 1 otherwise.");
        PASSWORD = new Option("p", "password", false, "hash a password (disable typing echo)");
        PASSWORD_NC = new Option("pnc", "pnoconfirm", false, "hash a password (disable typing echo) but disable password confirmation prompt.");
        RESOURCE = new Option("r", "resource", false, "read and hash the resource located at <value>.  See below for more information.");
        SALT = new Option("s", "salt", true, "use the specified salt.  <arg> is plaintext.");
        SALT_BYTES = new Option("sb", "saltbytes", true, "use the specified salt bytes.  <arg> is hex or base64 encoded text.");
        SALT_GEN = new Option("gs", "gensalt", false, "generate and use a random salt. Defaults to true when password hashing, false otherwise.");
        NO_SALT_GEN = new Option("ngs", "nogensalt", false, "do NOT generate and use a random salt (valid during password hashing).");
        SALT_GEN_SIZE = new Option("gss", "gensaltsize", true, "the number of salt bits (not bytes!) to generate.  Defaults to 128.");
        PRIVATE_SALT = new Option("ps", "privatesalt", true, "use the specified private salt.  <arg> is plaintext.");
        PRIVATE_SALT_BYTES = new Option("psb", "privatesaltbytes", true, "use the specified private salt bytes.  <arg> is hex or base64 encoded text.");
        SALT_MUTEX_MSG = createMutexMessage(SALT, SALT_BYTES);
        HASH_FORMAT_FACTORY = new DefaultHashFormatFactory();
        ALGORITHM.setArgName("name");
        SALT_GEN_SIZE.setArgName("numBits");
        ITERATIONS.setArgName("num");
        SALT.setArgName("sval");
        SALT_BYTES.setArgName("encTxt");
    }
}
