package org.opends.server.extensions;

import java.util.List;
import org.forgerock.i18n.LocalizableMessage;
import org.forgerock.i18n.LocalizableMessageDescriptor;
import org.forgerock.i18n.slf4j.LocalizedLogger;
import org.forgerock.opendj.config.server.ConfigChangeResult;
import org.forgerock.opendj.config.server.ConfigException;
import org.forgerock.opendj.config.server.ConfigurationChangeListener;
import org.forgerock.opendj.ldap.ByteSequence;
import org.forgerock.opendj.ldap.ByteString;
import org.forgerock.opendj.ldap.ResultCode;
import org.forgerock.opendj.server.config.server.BcryptPasswordStorageSchemeCfg;
import org.opends.messages.ExtensionMessages;
import org.opends.server.api.PasswordStorageScheme;
import org.opends.server.types.DirectoryException;
import org.opends.server.types.InitializationException;

/* loaded from: input_file:WEB-INF/lib/opendj.jar:org/opends/server/extensions/BcryptPasswordStorageScheme.class */
public class BcryptPasswordStorageScheme extends PasswordStorageScheme<BcryptPasswordStorageSchemeCfg> implements ConfigurationChangeListener<BcryptPasswordStorageSchemeCfg> {
    private static final LocalizedLogger logger = LocalizedLogger.getLoggerForThisClass();
    private volatile BcryptPasswordStorageSchemeCfg config;

    @Override // org.opends.server.api.PasswordStorageScheme
    public void initializePasswordStorageScheme(BcryptPasswordStorageSchemeCfg bcryptPasswordStorageSchemeCfg) throws ConfigException, InitializationException {
        this.config = bcryptPasswordStorageSchemeCfg;
        this.config.addBcryptChangeListener(this);
    }

    @Override // org.opends.server.api.PasswordStorageScheme
    public String getStorageSchemeName() {
        return ExtensionsConstants.STORAGE_SCHEME_NAME_BCRYPT;
    }

    /* renamed from: isConfigurationChangeAcceptable, reason: avoid collision after fix types in other method */
    public boolean isConfigurationChangeAcceptable2(BcryptPasswordStorageSchemeCfg bcryptPasswordStorageSchemeCfg, List<LocalizableMessage> list) {
        return true;
    }

    @Override // org.forgerock.opendj.config.server.ConfigurationChangeListener
    public ConfigChangeResult applyConfigurationChange(BcryptPasswordStorageSchemeCfg bcryptPasswordStorageSchemeCfg) {
        this.config = bcryptPasswordStorageSchemeCfg;
        return new ConfigChangeResult();
    }

    @Override // org.opends.server.api.PasswordStorageScheme
    public ByteString encodePassword(ByteSequence byteSequence) throws DirectoryException {
        return ByteString.valueOfUtf8(BCrypt.hashpw(byteSequence.toByteArray(), BCrypt.gensalt(this.config.getBcryptCost())));
    }

    @Override // org.opends.server.api.PasswordStorageScheme
    public ByteString encodePasswordWithScheme(ByteSequence byteSequence) throws DirectoryException {
        return ByteString.valueOfUtf8('{' + getStorageSchemeName() + '}' + encodePassword(byteSequence));
    }

    @Override // org.opends.server.api.PasswordStorageScheme
    public boolean passwordMatches(ByteSequence byteSequence, ByteSequence byteSequence2) {
        try {
            return BCrypt.checkpw(byteSequence.toString(), byteSequence2.toString());
        } catch (IllegalArgumentException e) {
            logger.traceException(e);
            logger.error((LocalizableMessageDescriptor.Arg1<LocalizableMessageDescriptor.Arg1<Object>>) ExtensionMessages.ERR_PWSCHEME_INVALID_STORED_PASSWORD, (LocalizableMessageDescriptor.Arg1<Object>) e);
            return false;
        }
    }

    @Override // org.opends.server.api.PasswordStorageScheme
    public boolean isReversible() {
        return false;
    }

    @Override // org.opends.server.api.PasswordStorageScheme
    public ByteString getPlaintextValue(ByteSequence byteSequence) throws DirectoryException {
        throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, ExtensionMessages.ERR_PWSCHEME_NOT_REVERSIBLE.get(getStorageSchemeName()));
    }

    @Override // org.opends.server.api.PasswordStorageScheme
    public boolean supportsAuthPasswordSyntax() {
        return false;
    }

    @Override // org.opends.server.api.PasswordStorageScheme
    public ByteString encodeAuthPassword(ByteSequence byteSequence) throws DirectoryException {
        throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM, ExtensionMessages.ERR_PWSCHEME_DOES_NOT_SUPPORT_AUTH_PASSWORD.get(getStorageSchemeName()));
    }

    @Override // org.opends.server.api.PasswordStorageScheme
    public boolean authPasswordMatches(ByteSequence byteSequence, String str, String str2) {
        return false;
    }

    @Override // org.opends.server.api.PasswordStorageScheme
    public ByteString getAuthPasswordPlaintextValue(String str, String str2) throws DirectoryException {
        throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM, ExtensionMessages.ERR_PWSCHEME_DOES_NOT_SUPPORT_AUTH_PASSWORD.get(getStorageSchemeName()));
    }

    @Override // org.opends.server.api.PasswordStorageScheme
    public boolean isStorageSchemeSecure() {
        return true;
    }

    @Override // org.forgerock.opendj.config.server.ConfigurationChangeListener
    public /* bridge */ /* synthetic */ boolean isConfigurationChangeAcceptable(BcryptPasswordStorageSchemeCfg bcryptPasswordStorageSchemeCfg, List list) {
        return isConfigurationChangeAcceptable2(bcryptPasswordStorageSchemeCfg, (List<LocalizableMessage>) list);
    }
}
