package com.ibm.ws.security.auth.rsatoken;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ffdc.Manager;
import com.ibm.ws.security.auth.ServerCredSigner;
import com.ibm.ws.security.common.util.AuditConstants;
import com.ibm.ws.ssl.config.ManagementScopeManager;
import java.math.BigInteger;
import java.security.SecureRandom;

/* loaded from: input_file:com/ibm/ws/security/auth/rsatoken/NonceManager.class */
public class NonceManager {
    private static final TraceComponent tc = Tr.register((Class<?>) NonceManager.class, "SASRas", "com.ibm.ISecurityL13SupportImpl.sec");
    private static final String DEFAULT_JCE_PROVIDER = "DEFAULT_JCE_PROVIDER";
    private static final String IBMJCE = "IBMJCE";
    private static final String IBMSEC_RANDOM = "IBMSecureRandom";
    private static final String NONCE_CACHE_SIZE_KEY = "com.ibm.websphere.security.rsatoken.nonceCacheSize";
    private static final int MIN_NONCE_CACHESIZE = 200;
    private NonceCache _cache;
    private SecureRandom _random = null;
    private boolean _bServer = false;
    private long nonceInstance = 0;

    public NonceManager(int i, long j) {
        this._cache = null;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "NonceManager(String int cacheSize[" + i + "],int cacheTimeout[" + j + "],");
        }
        String property = System.getProperty(NONCE_CACHE_SIZE_KEY);
        int i2 = i;
        if (property != null) {
            String trim = property.trim();
            if (trim.length() != 0) {
                try {
                    int parseInt = Integer.parseInt(trim);
                    if (parseInt <= 200) {
                        i2 = i;
                    } else {
                        i2 = parseInt;
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Nonce cache size from system property (com.ibm.websphere.security.rsatoken.nonceCacheSize) = " + i2);
                        }
                    }
                } catch (NumberFormatException e) {
                    Manager.Ffdc.log(e, this, NonceManager.class.getName() + ".NonceManager", "89", new Object[]{this});
                }
            }
        }
        this._cache = new NonceCache(i2, j, true);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Server process: enabled NonceCache");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "NonceManager(int cacheSize, int cacheTimeout)");
        }
    }

    public boolean validate(String str) throws IllegalArgumentException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, AuditConstants.VALIDATE);
        }
        if (str == null || str.equals("")) {
            throw new IllegalArgumentException("Invalid nonce value");
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "validating nonce: ", str);
        }
        boolean z = !this._cache.contains(str);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "validate returns " + z);
        }
        return z;
    }

    public String generate() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "generate()");
        }
        StringBuilder append = new StringBuilder().append(ManagementScopeManager.getInstance().getProcessScopeName()).append(":");
        long j = this.nonceInstance + 1;
        this.nonceInstance = j;
        String sb = append.append(j).append(":").append(System.nanoTime()).append(":").append(Thread.currentThread().getId()).toString();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Nonce string: " + sb);
        }
        byte[] bArr = null;
        try {
            bArr = ServerCredSigner.getInstance().getOneWayHash(sb);
            if (tc.isDebugEnabled() && bArr != null) {
                Tr.debug(tc, "One-way password hash using SHA is: " + new BigInteger(bArr));
            }
        } catch (Exception e) {
            Manager.Ffdc.log(e, this, "com.ibm.ws.security.auth.rsatoken.NonceManager.generate", "132", new Object[]{this});
        }
        if (bArr == null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "generate returns (toBytes): " + sb);
            }
            return sb;
        }
        String bigInteger = new BigInteger(bArr).toString();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "generate returns (onewayhash): " + bigInteger);
        }
        return bigInteger;
    }

    public String toString() {
        return getClass().getName();
    }
}
