package org.apache.derby.impl.jdbc.authentication;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.sql.SQLException;
import java.util.Properties;
import org.apache.derby.authentication.UserAuthenticator;
import org.apache.derby.iapi.error.StandardException;
import org.apache.derby.iapi.reference.Attribute;
import org.apache.derby.iapi.reference.Property;
import org.apache.derby.iapi.services.monitor.Monitor;
import org.apache.derby.iapi.services.property.PropertyUtil;
import org.apache.derby.iapi.sql.dictionary.PasswordHasher;
import org.apache.derby.iapi.util.StringUtil;
import org.apache.derby.impl.jdbc.Util;
import org.apache.derby.shared.common.reference.SQLState;

/* loaded from: input_file:WEB-INF/lib/derby-10.14.2.0.jar:org/apache/derby/impl/jdbc/authentication/BasicAuthenticationServiceImpl.class */
public final class BasicAuthenticationServiceImpl extends AuthenticationServiceBase implements UserAuthenticator {
    @Override // org.apache.derby.iapi.services.monitor.ModuleSupportable
    public boolean canSupport(Properties properties) {
        if (!requireAuthentication(properties)) {
            return false;
        }
        String propertyFromSet = PropertyUtil.getPropertyFromSet(properties, Property.AUTHENTICATION_PROVIDER_PARAMETER);
        return propertyFromSet == null || propertyFromSet.length() == 0 || StringUtil.SQLEqualsIgnoreCase(propertyFromSet, Property.AUTHENTICATION_PROVIDER_BUILTIN);
    }

    @Override // org.apache.derby.impl.jdbc.authentication.AuthenticationServiceBase, org.apache.derby.iapi.services.monitor.ModuleControl
    public void boot(boolean z, Properties properties) throws StandardException {
        super.boot(z, properties);
        try {
            MessageDigest.getInstance("SHA-1").reset();
            setAuthenticationService(this);
        } catch (NoSuchAlgorithmException e) {
            throw Monitor.exceptionStartingModule(e);
        }
    }

    @Override // org.apache.derby.authentication.UserAuthenticator
    public boolean authenticateUser(String str, String str2, String str3, Properties properties) throws SQLException {
        String str4;
        int i = 0;
        if (str == null) {
            return false;
        }
        String property = properties.getProperty(Attribute.DRDA_SECMEC);
        if (property != null) {
            i = Integer.parseInt(property);
        }
        String concat = Property.USER_PROPERTY_PREFIX.concat(str);
        String databaseProperty = getDatabaseProperty(concat);
        if (databaseProperty == null) {
            try {
                Properties databaseProperties = getDatabaseProperties();
                if (databaseProperties != null) {
                    hashUsingDefaultAlgorithm(str, str2, databaseProperties);
                }
                databaseProperty = getSystemProperty(concat);
                str4 = str2;
                if (databaseProperty != null && i == 8) {
                    databaseProperty = substitutePassword(str, databaseProperty, properties, false);
                }
            } catch (StandardException e) {
                throw Util.generateCsSQLException(e);
            }
        } else if (i != 8) {
            try {
                str4 = hashPasswordUsingStoredAlgorithm(str, str2, databaseProperty);
            } catch (StandardException e2) {
                throw Util.generateCsSQLException(e2);
            }
        } else {
            databaseProperty = substitutePassword(str, databaseProperty, properties, true);
            str4 = str2;
        }
        boolean z = databaseProperty != null && databaseProperty.equals(str4);
        if (z || i != 8) {
            return z;
        }
        throw Util.generateCsSQLException(SQLState.NET_CONNECT_SECMEC_INCOMPATIBLE_SCHEME, new Object[0]);
    }

    private String hashPasswordUsingStoredAlgorithm(String str, String str2, String str3) throws StandardException {
        return str3.startsWith(PasswordHasher.ID_PATTERN_SHA1_SCHEME) ? hashPasswordSHA1Scheme(str2) : new PasswordHasher(str3).hashAndEncode(str, str2);
    }
}
