package org.sonatype.security.realms.tools;

import javax.enterprise.inject.Typed;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.apache.shiro.authc.credential.DefaultPasswordService;
import org.apache.shiro.authc.credential.HashingPasswordService;
import org.apache.shiro.authc.credential.PasswordService;
import org.apache.shiro.crypto.hash.DefaultHashService;
import org.apache.shiro.crypto.hash.Hash;
import org.sonatype.security.configuration.SecurityConfigurationManager;

@Singleton
@Typed({PasswordService.class})
@Named("default")
/* loaded from: input_file:WEB-INF/lib/nexus-security-realms-2.14.20-02.jar:org/sonatype/security/realms/tools/DefaultSecurityPasswordService.class */
public class DefaultSecurityPasswordService implements HashingPasswordService {
    private static final String DEFAULT_HASH_ALGORITHM = "SHA-512";
    private final SecurityConfigurationManager securityConfiguration;
    private final DefaultPasswordService passwordService = new DefaultPasswordService();
    private final PasswordService legacyPasswordService;

    @Inject
    public DefaultSecurityPasswordService(SecurityConfigurationManager securityConfigurationManager, @Named("legacy") PasswordService passwordService) {
        this.securityConfiguration = securityConfigurationManager;
        this.legacyPasswordService = passwordService;
        DefaultHashService defaultHashService = new DefaultHashService();
        defaultHashService.setHashAlgorithmName("SHA-512");
        defaultHashService.setHashIterations(this.securityConfiguration.getHashIterations());
        defaultHashService.setGeneratePublicSalt(true);
        this.passwordService.setHashService(defaultHashService);
    }

    @Override // org.apache.shiro.authc.credential.PasswordService
    public String encryptPassword(Object obj) throws IllegalArgumentException {
        return this.passwordService.encryptPassword(obj);
    }

    @Override // org.apache.shiro.authc.credential.PasswordService
    public boolean passwordsMatch(Object obj, String str) {
        return this.passwordService.passwordsMatch(obj, str) || this.legacyPasswordService.passwordsMatch(obj, str);
    }

    @Override // org.apache.shiro.authc.credential.HashingPasswordService
    public Hash hashPassword(Object obj) throws IllegalArgumentException {
        return this.passwordService.hashPassword(obj);
    }

    @Override // org.apache.shiro.authc.credential.HashingPasswordService
    public boolean passwordsMatch(Object obj, Hash hash) {
        return this.passwordService.passwordsMatch(obj, hash);
    }
}
