package org.xipki.security.shell;

import org.apache.karaf.shell.api.action.Command;
import org.apache.karaf.shell.api.action.Completion;
import org.apache.karaf.shell.api.action.Option;
import org.apache.karaf.shell.api.action.lifecycle.Service;
import org.apache.karaf.shell.support.completers.FileCompleter;
import org.xipki.password.OBFPasswordService;
import org.xipki.password.PBEAlgo;
import org.xipki.password.PBEPasswordService;
import org.xipki.security.shell.Actions;
import org.xipki.shell.IllegalCmdParamException;
import org.xipki.util.Args;
import org.xipki.util.IoUtil;
import org.xipki.util.StringUtil;

/* loaded from: input_file:org/xipki/security/shell/PasswordActions.class */
public class PasswordActions {

    @Service
    @Command(scope = "xi", name = "deobfuscate", description = "deobfuscate password")
    /* loaded from: input_file:org/xipki/security/shell/PasswordActions$Deobfuscate.class */
    public static class Deobfuscate extends Actions.SecurityAction {

        @Option(name = "--password", description = "obfuscated password, starts with OBF:\nexactly one of password and password-file must be specified")
        private String passwordHint;

        @Option(name = "--password-file", description = "file containing the obfuscated password")
        @Completion(FileCompleter.class)
        private String passwordFile;

        @Option(name = "--out", description = "where to save the password")
        @Completion(FileCompleter.class)
        private String outFile;

        protected Object execute0() throws Exception {
            if ((this.passwordHint == null) == (this.passwordFile == null)) {
                throw new IllegalCmdParamException("exactly one of password and password-file must be specified");
            }
            if (this.passwordHint == null) {
                this.passwordHint = StringUtil.toUtf8String(IoUtil.read(this.passwordFile));
            }
            if (!StringUtil.startsWithIgnoreCase(this.passwordHint, "OBF:")) {
                throw new IllegalCmdParamException("encrypted password '" + this.passwordHint + "' does not start with OBF:");
            }
            String deobfuscate = OBFPasswordService.deobfuscate(this.passwordHint);
            if (this.outFile != null) {
                saveVerbose("saved the password to file", this.outFile, StringUtil.toUtf8Bytes(deobfuscate));
                return null;
            }
            println("the password is: '" + deobfuscate + "'");
            return null;
        }
    }

    @Service
    @Command(scope = "xi", name = "obfuscate", description = "obfuscate password")
    /* loaded from: input_file:org/xipki/security/shell/PasswordActions$Obfuscate.class */
    public static class Obfuscate extends Actions.SecurityAction {

        @Option(name = "--out", description = "where to save the encrypted password")
        @Completion(FileCompleter.class)
        private String outFile;

        @Option(name = "-k", description = "quorum of the password parts")
        private Integer quorum = 1;

        /* JADX WARN: Type inference failed for: r0v10, types: [char[], char[][]] */
        protected Object execute0() throws Exception {
            char[] merge;
            Args.range(this.quorum.intValue(), "k", 1, 10);
            if (this.quorum.intValue() == 1) {
                merge = readPassword("Password");
            } else {
                ?? r0 = new char[this.quorum.intValue()];
                for (int i = 0; i < this.quorum.intValue(); i++) {
                    r0[i] = readPassword("Password " + (i + 1) + "/" + this.quorum);
                }
                merge = StringUtil.merge((char[][]) r0);
            }
            String obfuscate = OBFPasswordService.obfuscate(new String(merge));
            if (this.outFile != null) {
                saveVerbose("saved the obfuscated password to file", this.outFile, StringUtil.toUtf8Bytes(obfuscate));
                return null;
            }
            println("the obfuscated password is: '" + obfuscate + "'");
            return null;
        }
    }

    @Service
    @Command(scope = "xi", name = "pbe-dec", description = "decrypt password with master password")
    /* loaded from: input_file:org/xipki/security/shell/PasswordActions$PbeDec.class */
    public static class PbeDec extends Actions.SecurityAction {

        @Option(name = "--password", description = "encrypted password, starts with PBE:\nexactly one of password and password-file must be specified")
        private String passwordHint;

        @Option(name = "--password-file", description = "file containing the encrypted password")
        @Completion(FileCompleter.class)
        private String passwordFile;

        @Option(name = "--mpassword-file", description = "file containing the (obfuscated) master password")
        @Completion(FileCompleter.class)
        private String masterPasswordFile;

        @Option(name = "--mk", description = "quorum of the master password parts")
        private Integer mquorum = 1;

        @Option(name = "--out", description = "where to save the password")
        @Completion(FileCompleter.class)
        private String outFile;

        /* JADX WARN: Type inference failed for: r0v21, types: [char[], char[][]] */
        protected Object execute0() throws Exception {
            char[] merge;
            Args.range(this.mquorum.intValue(), "mk", 1, 10);
            if ((this.passwordHint == null) == (this.passwordFile == null)) {
                throw new IllegalCmdParamException("exactly one of password and password-file must be specified");
            }
            if (this.passwordHint == null) {
                this.passwordHint = StringUtil.toUtf8String(IoUtil.read(this.passwordFile));
            }
            if (!StringUtil.startsWithIgnoreCase(this.passwordHint, "PBE:")) {
                throw new IllegalCmdParamException("encrypted password '" + this.passwordHint + "' does not start with PBE:");
            }
            if (this.masterPasswordFile != null) {
                String utf8String = StringUtil.toUtf8String(IoUtil.read(this.masterPasswordFile));
                if (utf8String.startsWith("OBF:") || utf8String.startsWith("obf:")) {
                    utf8String = OBFPasswordService.deobfuscate(utf8String);
                }
                merge = utf8String.toCharArray();
            } else if (this.mquorum.intValue() == 1) {
                merge = readPassword("Master password");
            } else {
                ?? r0 = new char[this.mquorum.intValue()];
                for (int i = 0; i < this.mquorum.intValue(); i++) {
                    r0[i] = readPassword("Master password (part " + (i + 1) + "/" + this.mquorum + ")");
                }
                merge = StringUtil.merge((char[][]) r0);
            }
            char[] decryptPassword = PBEPasswordService.decryptPassword(merge, this.passwordHint);
            if (this.outFile != null) {
                saveVerbose("saved the password to file", this.outFile, StringUtil.toUtf8Bytes(new String(decryptPassword)));
                return null;
            }
            println("the password is: '" + new String(decryptPassword) + "'");
            return null;
        }
    }

    @Service
    @Command(scope = "xi", name = "pbe-enc", description = "encrypt password with master password")
    /* loaded from: input_file:org/xipki/security/shell/PasswordActions$PbeEnc.class */
    public static class PbeEnc extends Actions.SecurityAction {

        @Option(name = "--out", description = "where to save the encrypted password")
        @Completion(FileCompleter.class)
        private String outFile;

        @Option(name = "--mpassword-file", description = "file containing the (obfuscated) master password")
        @Completion(FileCompleter.class)
        private String masterPasswordFile;

        @Option(name = "--iteration-count", aliases = {"-n"}, description = "iteration count, between 1 and 65535")
        private int iterationCount = 2000;

        @Option(name = "-k", description = "quorum of the password parts")
        private Integer quorum = 1;

        @Option(name = "--mk", description = "quorum of the master password parts")
        private Integer mquorum = 1;

        /* JADX WARN: Type inference failed for: r0v19, types: [char[], char[][]] */
        /* JADX WARN: Type inference failed for: r0v33, types: [char[], char[][]] */
        protected Object execute0() throws Exception {
            char[] merge;
            char[] merge2;
            Args.range(this.iterationCount, "iterationCount", 1, 65535);
            Args.range(this.quorum.intValue(), "k", 1, 10);
            Args.range(this.mquorum.intValue(), "mk", 1, 10);
            if (this.masterPasswordFile != null) {
                String utf8String = StringUtil.toUtf8String(IoUtil.read(this.masterPasswordFile));
                if (utf8String.startsWith("OBF:") || utf8String.startsWith("obf:")) {
                    utf8String = OBFPasswordService.deobfuscate(utf8String);
                }
                merge = utf8String.toCharArray();
            } else if (this.mquorum.intValue() == 1) {
                merge = readPassword("Master password");
            } else {
                ?? r0 = new char[this.mquorum.intValue()];
                for (int i = 0; i < this.mquorum.intValue(); i++) {
                    r0[i] = readPassword("Master password (part " + (i + 1) + "/" + this.mquorum + ")");
                }
                merge = StringUtil.merge((char[][]) r0);
            }
            if (this.quorum.intValue() == 1) {
                merge2 = readPassword("Password");
            } else {
                ?? r02 = new char[this.quorum.intValue()];
                for (int i2 = 0; i2 < this.quorum.intValue(); i2++) {
                    r02[i2] = readPassword("Password (part " + (i2 + 1) + "/" + this.quorum + ")");
                }
                merge2 = StringUtil.merge((char[][]) r02);
            }
            String encryptPassword = PBEPasswordService.encryptPassword(PBEAlgo.PBEWithHmacSHA256AndAES_256, this.iterationCount, merge, merge2);
            if (this.outFile != null) {
                saveVerbose("saved the encrypted password to file", this.outFile, StringUtil.toUtf8Bytes(encryptPassword));
                return null;
            }
            println("the encrypted password is: '" + encryptPassword + "'");
            return null;
        }
    }
}
