package com.liferay.multi.factor.authentication.timebased.otp.web.internal.util;

import com.liferay.petra.string.StringBundler;
import com.liferay.portal.kernel.io.BigEndianCodec;
import com.liferay.portal.kernel.security.SecureRandomUtil;
import com.liferay.portal.kernel.util.StringUtil;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import jodd.util.Base32;

/* loaded from: input_file:com/liferay/multi/factor/authentication/timebased/otp/web/internal/util/MFATimeBasedOTPUtil.class */
public class MFATimeBasedOTPUtil {
    public static final String MFA_TIMEBASED_OTP_ALGORITHM = "HmacSHA1";
    public static final int MFA_TIMEBASED_OTP_COUNTER = 30000;
    public static final int MFA_TIMEBASED_OTP_DIGITS = 6;

    public static String generateSharedSecret(int i) {
        int ceil = (int) Math.ceil(i / 8.0d);
        byte[] bArr = new byte[ceil * 8];
        for (int i2 = 0; i2 < ceil; i2++) {
            BigEndianCodec.putLong(bArr, i2 * 8, SecureRandomUtil.nextLong());
        }
        byte[] bArr2 = new byte[i];
        System.arraycopy(bArr, 0, bArr2, 0, i);
        return Base32.encode(bArr2);
    }

    public static boolean verifyTimeBasedOTP(long j, String str, String str2) {
        long currentTimeMillis = (System.currentTimeMillis() - j) / 30000;
        long currentTimeMillis2 = (System.currentTimeMillis() + j) / 30000;
        long j2 = currentTimeMillis;
        while (true) {
            long j3 = j2;
            if (j3 > currentTimeMillis2) {
                return false;
            }
            if (str2.equals(_generateTimeBasedOTP(Base32.decode(str), _getTimeCountHex(j3)))) {
                return true;
            }
            j2 = j3 + 1;
        }
    }

    private static byte[] _generateHMAC(byte[] bArr, String str) {
        try {
            Mac mac = Mac.getInstance(MFA_TIMEBASED_OTP_ALGORITHM);
            mac.init(new SecretKeySpec(bArr, "RAW"));
            byte[] byteArray = new BigInteger("10" + str, 16).toByteArray();
            return mac.doFinal(Arrays.copyOfRange(byteArray, 1, byteArray.length));
        } catch (InvalidKeyException e) {
            throw new IllegalArgumentException("Invalid secret key for algorithm HmacSHA1", e);
        } catch (NoSuchAlgorithmException e2) {
            throw new IllegalArgumentException("Invalid algorithm HmacSHA1", e2);
        }
    }

    private static String _generateTimeBasedOTP(byte[] bArr, String str) {
        byte[] _generateHMAC = _generateHMAC(bArr, str);
        int i = _generateHMAC[_generateHMAC.length - 1] & 15;
        return String.format(StringBundler.concat(new Object[]{"%0", 6, "d"}), Integer.valueOf((((((_generateHMAC[i] & Byte.MAX_VALUE) << 24) | ((_generateHMAC[i + 1] & 255) << 16)) | ((_generateHMAC[i + 2] & 255) << 8)) | (_generateHMAC[i + 3] & 255)) % ((int) Math.pow(10.0d, 6.0d))));
    }

    private static String _getTimeCountHex(long j) {
        String upperCase = StringUtil.toUpperCase(Long.toHexString(j));
        return upperCase.length() > 16 ? upperCase : StringUtil.replace(String.format("%16s", upperCase), ' ', '0');
    }
}
