package com.agfa.pacs.listtext.otp;

import com.agfa.pacs.config.ConfigurationProviderFactory;
import com.agfa.pacs.config.IConfigurationProvider;
import com.agfa.pacs.logging.ALogger;
import com.eatthepath.otp.TimeBasedOneTimePasswordGenerator;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Date;
import java.util.Locale;
import java.util.Objects;
import java.util.concurrent.TimeUnit;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:com/agfa/pacs/listtext/otp/OneTimePassword.class */
public class OneTimePassword {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/agfa/pacs/listtext/otp/OneTimePassword$OneTimePasswordConfig.class */
    public static class OneTimePasswordConfig {
        private static final String BASE_PATH = "listtext.otp.";
        private static final IConfigurationProvider rootConfig = ConfigurationProviderFactory.getConfig();
        private static final String PASSWORD_LENGTH_PATH = "listtext.otp.passwordLength";
        private static final int passwordLength = (int) rootConfig.getLong(PASSWORD_LENGTH_PATH);
        private static final String PASSWORD_ALGORITHM_PATH = "listtext.otp.passwordAlgorithm";
        private static final String passwordAlgorithm = rootConfig.getString(PASSWORD_ALGORITHM_PATH);
        private static final String TIMESLOT_MILLIS_PATH = "listtext.otp.timeslotMillis";
        private static final long timeslotMillis = rootConfig.getLong(TIMESLOT_MILLIS_PATH);
        private static final String TIMESLOT_TOLERANCE_COUNTER_PATH = "listtext.otp.timeslotToleranceCounter";
        private static final int timeslotToleranceCounter = (int) rootConfig.getLong(TIMESLOT_TOLERANCE_COUNTER_PATH);

        private OneTimePasswordConfig() {
        }

        public static int getPasswordLength() {
            return passwordLength;
        }

        public static String getPasswordAlgorithm() {
            return passwordAlgorithm;
        }

        public static long getTimeslotMillis() {
            return timeslotMillis;
        }

        public static int getTimeslotToleranceCounter() {
            return timeslotToleranceCounter;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/agfa/pacs/listtext/otp/OneTimePassword$OneTimePasswordHelper.class */
    public static class OneTimePasswordHelper {
        private static OneTimePasswordHelper instance;
        private TimeBasedOneTimePasswordGenerator generator = new TimeBasedOneTimePasswordGenerator(OneTimePasswordConfig.getTimeslotMillis(), TimeUnit.MILLISECONDS, OneTimePasswordConfig.getPasswordLength(), OneTimePasswordConfig.getPasswordAlgorithm());

        private OneTimePasswordHelper() throws NoSuchAlgorithmException {
        }

        public static synchronized OneTimePasswordHelper getInstance() throws NoSuchAlgorithmException {
            if (instance == null) {
                instance = new OneTimePasswordHelper();
            }
            return instance;
        }

        public String generate(String str, Date date) throws NoSuchAlgorithmException, InvalidKeyException {
            return formatPassword(this.generator.generateOneTimePassword(toSecretKey(str), date));
        }

        public boolean verify(String str, String str2) throws NoSuchAlgorithmException, InvalidKeyException {
            long currentTimeMillis = System.currentTimeMillis();
            long timeStep = this.generator.getTimeStep(TimeUnit.MILLISECONDS);
            int timeslotToleranceCounter = OneTimePasswordConfig.getTimeslotToleranceCounter();
            for (int i = 0; i <= timeslotToleranceCounter; i++) {
                if (Objects.equals(str2, generate(str, new Date(currentTimeMillis - (i * timeStep)))) || Objects.equals(str2, generate(str, new Date(currentTimeMillis + (i * timeStep))))) {
                    return true;
                }
            }
            return false;
        }

        public String newKey() throws NoSuchAlgorithmException {
            byte[] bArr = new byte[10];
            SecureRandom.getInstanceStrong().nextBytes(bArr);
            return org.apache.commons.lang3.StringUtils.remove(new Base32().encodeAsString(bArr), "=");
        }

        private SecretKey toSecretKey(String str) throws NoSuchAlgorithmException {
            return new SecretKeySpec(new Base32().decode(str), this.generator.getAlgorithm());
        }

        private String formatPassword(int i) {
            return String.format("%0" + this.generator.getPasswordLength() + 'd', Integer.valueOf(i));
        }
    }

    public static String generate(String str, Date date) throws NoSuchAlgorithmException, InvalidKeyException {
        return OneTimePasswordHelper.getInstance().generate(str, date);
    }

    public static String generate(String str) throws NoSuchAlgorithmException, InvalidKeyException {
        return generate(str, new Date());
    }

    public static boolean verify(String str, String str2) throws NoSuchAlgorithmException, InvalidKeyException {
        return OneTimePasswordHelper.getInstance().verify(str, str2);
    }

    public static String validateSharedPassword(String str) {
        String upperCase = str.toUpperCase(Locale.ENGLISH);
        if (new Base32().isInAlphabet(upperCase)) {
            return upperCase;
        }
        ALogger.getLogger(OneTimePassword.class).error("Provided sharedPassword is not valid. Contains characters outside of A-Z0-7:" + upperCase);
        return "";
    }

    public static String newKey() throws NoSuchAlgorithmException {
        return OneTimePasswordHelper.getInstance().newKey();
    }

    public static String removeInvalidCharacters(String str) {
        String remove = org.apache.commons.lang3.StringUtils.remove(org.apache.commons.lang3.StringUtils.remove(org.apache.commons.lang3.StringUtils.remove(org.apache.commons.lang3.StringUtils.remove(str.toUpperCase(Locale.ENGLISH), '_'), '-'), '8'), '9');
        if (new Base32().isInAlphabet(remove)) {
            return remove;
        }
        ALogger.getLogger(OneTimePassword.class).error("Invalid characters in windows user:" + remove);
        return "";
    }
}
