package cc.lechun.framework.common.utils.sign;

import ch.qos.logback.core.net.ssl.SSL;
import ch.qos.logback.core.rolling.helper.DateTokenConverter;
import java.math.BigInteger;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.util.Random;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import org.apache.catalina.realm.SecretKeyCredentialHandler;

/* loaded from: input_file:BOOT-INF/lib/common-1.2.11-SNAPSHOT.jar:cc/lechun/framework/common/utils/sign/PasswordUtils.class */
public class PasswordUtils {
    public static String generateStorngPasswordHash(String str) throws NoSuchAlgorithmException, InvalidKeySpecException {
        int nextInt = (new Random().nextInt(3000) % ((3000 - 500) + 1)) + 500;
        char[] charArray = str.toCharArray();
        byte[] bytes = getSalt().getBytes();
        return nextInt + ":" + toHex(bytes) + ":" + toHex(SecretKeyFactory.getInstance(SecretKeyCredentialHandler.DEFAULT_ALGORITHM).generateSecret(new PBEKeySpec(charArray, bytes, nextInt, 512)).getEncoded());
    }

    private static String getSalt() throws NoSuchAlgorithmException {
        byte[] bArr = new byte[16];
        SecureRandom.getInstance(SSL.DEFAULT_SECURE_RANDOM_ALGORITHM).nextBytes(bArr);
        return bArr.toString();
    }

    private static String toHex(byte[] bArr) throws NoSuchAlgorithmException {
        String bigInteger = new BigInteger(1, bArr).toString(16);
        int length = (bArr.length * 2) - bigInteger.length();
        return length > 0 ? String.format("%0" + length + DateTokenConverter.CONVERTER_KEY, 0) + bigInteger : bigInteger;
    }

    public static boolean validatePassword(String str, String str2) throws NoSuchAlgorithmException, InvalidKeySpecException {
        String[] split = str2.split(":");
        int parseInt = Integer.parseInt(split[0]);
        byte[] fromHex = fromHex(split[1]);
        byte[] fromHex2 = fromHex(split[2]);
        byte[] encoded = SecretKeyFactory.getInstance(SecretKeyCredentialHandler.DEFAULT_ALGORITHM).generateSecret(new PBEKeySpec(str.toCharArray(), fromHex, parseInt, fromHex2.length * 8)).getEncoded();
        int length = fromHex2.length ^ encoded.length;
        for (int i = 0; i < fromHex2.length && i < encoded.length; i++) {
            length |= fromHex2[i] ^ encoded[i];
        }
        return length == 0;
    }

    private static byte[] fromHex(String str) throws NoSuchAlgorithmException {
        byte[] bArr = new byte[str.length() / 2];
        for (int i = 0; i < bArr.length; i++) {
            bArr[i] = (byte) Integer.parseInt(str.substring(2 * i, (2 * i) + 2), 16);
        }
        return bArr;
    }
}
