package org.eclipse.equinox.internal.security.win32;

import com.sun.jna.platform.win32.Crypt32Util;
import com.sun.jna.platform.win32.WinCrypt;
import java.io.IOException;
import java.security.SecureRandom;
import javax.crypto.spec.PBEKeySpec;
import org.eclipse.equinox.internal.security.auth.AuthPlugin;
import org.eclipse.equinox.internal.security.auth.nls.SecAuthMessages;
import org.eclipse.equinox.internal.security.storage.Base64;
import org.eclipse.equinox.internal.security.win32.nls.WinCryptoMessages;
import org.eclipse.equinox.security.storage.ISecurePreferences;
import org.eclipse.equinox.security.storage.StorageException;
import org.eclipse.equinox.security.storage.provider.IPreferencesContainer;
import org.eclipse.equinox.security.storage.provider.PasswordProvider;

/* loaded from: input_file:org/eclipse/equinox/internal/security/win32/WindowsPasswordProvider.class */
public class WindowsPasswordProvider extends PasswordProvider {
    private static final String WIN_PROVIDER_NODE = "/org.eclipse.equinox.secure.storage/windows64";
    private static final String PASSWORD_KEY = "encryptedPassword";
    private static final int PASSWORD_LENGTH = 250;

    private static byte[] windecrypt(byte[] bArr) {
        return Crypt32Util.cryptUnprotectData(bArr);
    }

    private static byte[] winencrypt(byte[] bArr) {
        return Crypt32Util.cryptProtectData(bArr, (byte[]) null, 0, "Equinox", (WinCrypt.CRYPTPROTECT_PROMPTSTRUCT) null);
    }

    public PBEKeySpec getPassword(IPreferencesContainer iPreferencesContainer, int i) {
        byte[] encryptedPassword = (i & 1) == 0 ? getEncryptedPassword(iPreferencesContainer) : null;
        if (encryptedPassword != null) {
            byte[] windecrypt = windecrypt(encryptedPassword);
            if (windecrypt != null) {
                return new PBEKeySpec(new String(windecrypt).toCharArray());
            }
            AuthPlugin.getDefault().logError(WinCryptoMessages.decryptPasswordFailed, new StorageException(2, WinCryptoMessages.decryptPasswordFailed));
            return null;
        }
        AuthPlugin.getDefault().logMessage(WinCryptoMessages.newPasswordGenerated);
        byte[] bArr = new byte[PASSWORD_LENGTH];
        SecureRandom secureRandom = new SecureRandom();
        secureRandom.setSeed(System.currentTimeMillis());
        secureRandom.nextBytes(bArr);
        String encode = Base64.encode(bArr);
        if (savePassword(encode, iPreferencesContainer)) {
            return new PBEKeySpec(encode.toCharArray());
        }
        return null;
    }

    private byte[] getEncryptedPassword(IPreferencesContainer iPreferencesContainer) {
        try {
            String str = iPreferencesContainer.getPreferences().node(WIN_PROVIDER_NODE).get(PASSWORD_KEY, (String) null);
            if (str != null) {
                return Base64.decode(str);
            }
            return null;
        } catch (StorageException e) {
            AuthPlugin.getDefault().logError(WinCryptoMessages.decryptPasswordFailed, e);
            return null;
        }
    }

    private boolean savePassword(String str, IPreferencesContainer iPreferencesContainer) {
        byte[] winencrypt = winencrypt(str.getBytes());
        if (winencrypt == null) {
            AuthPlugin.getDefault().logError(WinCryptoMessages.encryptPasswordFailed, new StorageException(2, WinCryptoMessages.encryptPasswordFailed));
            return false;
        }
        String encode = Base64.encode(winencrypt);
        ISecurePreferences node = iPreferencesContainer.getPreferences().node(WIN_PROVIDER_NODE);
        try {
            node.put(PASSWORD_KEY, encode, false);
            try {
                node.flush();
                return true;
            } catch (IOException e) {
                AuthPlugin.getDefault().logError(SecAuthMessages.errorOnSave, e);
                return false;
            }
        } catch (StorageException e2) {
            AuthPlugin.getDefault().logError(SecAuthMessages.errorOnSave, e2);
            return false;
        }
    }

    public boolean retryOnError(Exception exc, IPreferencesContainer iPreferencesContainer) {
        return false;
    }
}
