package fr.xephi.authme.security.crypts;

import com.google.common.escape.Escaper;
import com.google.common.io.BaseEncoding;
import com.google.common.net.UrlEscapers;
import com.google.common.primitives.Ints;
import fr.xephi.authme.ConsoleLogger;
import fr.xephi.authme.output.ConsoleLoggerFactory;
import fr.xephi.authme.security.crypts.description.HasSalt;
import fr.xephi.authme.security.crypts.description.Recommendation;
import fr.xephi.authme.security.crypts.description.SaltType;
import fr.xephi.authme.security.crypts.description.Usage;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Calendar;
import java.util.concurrent.TimeUnit;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

@Recommendation(Usage.DOES_NOT_WORK)
@HasSalt(SaltType.NONE)
/* loaded from: input_file:fr/xephi/authme/security/crypts/TwoFactor.class */
public class TwoFactor extends UnsaltedMethod {
    private static final int SCRET_BYTE = 10;
    private static final int SCRATCH_CODES = 5;
    private static final int BYTES_PER_SCRATCH_CODE = 4;
    private static final int TIME_PRECISION = 3;
    private static final String CRYPTO_ALGO = "HmacSHA1";
    private final ConsoleLogger logger = ConsoleLoggerFactory.get(TwoFactor.class);

    public static String getQrBarcodeUrl(String str, String str2, String str3) {
        Escaper urlFragmentEscaper = UrlEscapers.urlFragmentEscaper();
        return String.format("https://www.google.com/chart?chs=130x130&chld=M%%7C0&cht=qr&chl=otpauth://totp/%s@%s%%3Fsecret%%3D%s", urlFragmentEscaper.escape(str), urlFragmentEscaper.escape(str2), str3);
    }

    @Override // fr.xephi.authme.security.crypts.UnsaltedMethod
    public String computeHash(String str) {
        byte[] bArr = new byte[30];
        new SecureRandom().nextBytes(bArr);
        return BaseEncoding.base32().encode(Arrays.copyOf(bArr, SCRET_BYTE));
    }

    @Override // fr.xephi.authme.security.crypts.UnsaltedMethod, fr.xephi.authme.security.crypts.EncryptionMethod
    public boolean comparePassword(String str, HashedPassword hashedPassword, String str2) {
        try {
            return checkPassword(hashedPassword.getHash(), str);
        } catch (Exception e) {
            this.logger.logException("Failed to verify two auth code:", e);
            return false;
        }
    }

    private boolean checkPassword(String str, String str2) throws NoSuchAlgorithmException, InvalidKeyException {
        if (Ints.tryParse(str2) == null) {
            return false;
        }
        return checkCode(str, r0.intValue(), Calendar.getInstance().getTimeInMillis() / TimeUnit.SECONDS.toMillis(30L));
    }

    private boolean checkCode(String str, long j, long j2) throws NoSuchAlgorithmException, InvalidKeyException {
        byte[] decode = BaseEncoding.base32().decode(str);
        for (int i = -TIME_PRECISION; i <= TIME_PRECISION; i++) {
            if (verifyCode(decode, j2 + i) == j) {
                return true;
            }
        }
        return false;
    }

    private int verifyCode(byte[] bArr, long j) throws NoSuchAlgorithmException, InvalidKeyException {
        byte[] bArr2 = new byte[8];
        long j2 = j;
        int i = 8;
        while (true) {
            int i2 = i;
            i--;
            if (i2 <= 0) {
                break;
            }
            bArr2[i] = (byte) j2;
            j2 >>>= 8;
        }
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, CRYPTO_ALGO);
        Mac mac = Mac.getInstance(CRYPTO_ALGO);
        mac.init(secretKeySpec);
        int i3 = mac.doFinal(bArr2)[19] & 15;
        long j3 = 0;
        for (int i4 = 0; i4 < 4; i4++) {
            j3 = (j3 << 8) | (r0[i3 + i4] & 255);
        }
        return (int) ((j3 & 2147483647L) % 1000000);
    }
}
