package org.tomitribe.tomcat.ldap;

import org.apache.catalina.realm.JNDIRealm;
import tomitribe.org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
import tomitribe.org.jasypt.exceptions.EncryptionOperationNotPossibleException;
import tomitribe.org.jasypt.iv.RandomIvGenerator;

/* loaded from: input_file:org/tomitribe/tomcat/ldap/EncryptedJNDIRealm.class */
public class EncryptedJNDIRealm extends JNDIRealm {
    protected String encryptedConnectionPassword;
    protected String algorithm;

    public String getAlgorithm() {
        return this.algorithm;
    }

    public void setAlgorithm(String str) {
        this.algorithm = str;
    }

    public String getEncryptedConnectionPassword() {
        return this.encryptedConnectionPassword;
    }

    public void setEncryptedConnectionPassword(String str) {
        this.encryptedConnectionPassword = str;
        String str2 = System.getenv("TOMCAT_ENCRYPTION_PASSWORD");
        if (str2 == null) {
            return;
        }
        StandardPBEStringEncryptor standardPBEStringEncryptor = new StandardPBEStringEncryptor();
        standardPBEStringEncryptor.setPassword(str2);
        if (this.algorithm != null) {
            standardPBEStringEncryptor.setAlgorithm(this.algorithm);
            if (this.algorithm.startsWith("PBE") && this.algorithm.contains("AES")) {
                standardPBEStringEncryptor.setIvGenerator(new RandomIvGenerator());
            }
        }
        try {
            setConnectionPassword(standardPBEStringEncryptor.decrypt(str));
        } catch (EncryptionOperationNotPossibleException e) {
            throw new RuntimeException("ERROR: Text cannot be decrypted, check your input and password and try again!", e);
        }
    }
}
