package net.inveed.gwt.server.auth;

import java.security.interfaces.RSAPrivateKey;
import java.util.Arrays;
import java.util.Base64;
import net.inveed.commons.NumberedException;
import net.inveed.commons.utils.ByteArrayConvertor;
import net.inveed.commons.utils.CryptoUtil;
import net.inveed.gwt.editor.shared.auth.AuthorizationResponse;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.encodings.PKCS1Encoding;
import org.bouncycastle.crypto.engines.RSAEngine;
import org.bouncycastle.crypto.params.RSAKeyParameters;

/* loaded from: input_file:net/inveed/gwt/server/auth/SecurityProvider.class */
public class SecurityProvider {
    private final ICredentialProvider credentialProvider;
    private final RSAPrivateKey pkey;

    public SecurityProvider(ICredentialProvider iCredentialProvider, RSAPrivateKey rSAPrivateKey) {
        this.credentialProvider = iCredentialProvider;
        this.pkey = rSAPrivateKey;
    }

    public AuthorizationResponse authorize(String str, String str2, String str3, String str4) throws NumberedException, InvalidCipherTextException {
        if (str == null) {
            throw new NullPointerException("username");
        }
        if (str2 == null) {
            throw new NullPointerException("pwdHash");
        }
        if (str3 == null) {
            throw new NullPointerException("rnd");
        }
        if (str4 == null) {
            throw new NullPointerException("rnd");
        }
        String lowerCase = str.trim().toLowerCase();
        if (lowerCase.length() == 0) {
            throw new NullPointerException("username");
        }
        byte[] decode = Base64.getDecoder().decode(str3);
        byte[] decode2 = Base64.getDecoder().decode(str2);
        byte[] decode3 = Base64.getDecoder().decode(str4);
        RSAKeyParameters rSAKeyParameters = new RSAKeyParameters(true, this.pkey.getModulus(), this.pkey.getPrivateExponent());
        PKCS1Encoding pKCS1Encoding = new PKCS1Encoding(new RSAEngine());
        pKCS1Encoding.init(false, rSAKeyParameters);
        byte[] processBlock = pKCS1Encoding.processBlock(decode, 0, decode.length);
        byte[] copyOfRange = Arrays.copyOfRange(processBlock, 0, 16);
        byte[] copyOfRange2 = Arrays.copyOfRange(processBlock, 16, 32);
        byte[] decryptAESCBC_PKCS7Padding = CryptoUtil.decryptAESCBC_PKCS7Padding(decode2, copyOfRange, copyOfRange2);
        long byteArrayToLong = ByteArrayConvertor.byteArrayToLong(CryptoUtil.decryptAESCBC_PKCS7Padding(decode3, copyOfRange, copyOfRange2));
        long currentTimeMillis = System.currentTimeMillis();
        if ((currentTimeMillis > byteArrayToLong ? currentTimeMillis - byteArrayToLong : byteArrayToLong - currentTimeMillis) > 120000) {
            return new AuthorizationResponse(-20);
        }
        IUserCredential userCredential = this.credentialProvider.getUserCredential(lowerCase, new String(decryptAESCBC_PKCS7Padding));
        return userCredential == null ? new AuthorizationResponse(-1) : userCredential.authorize();
    }
}
