package com.fuhouyu.framework.security.core.passwordencoder;

import cn.hutool.crypto.SmUtil;
import com.fuhouyu.framework.common.utils.LoggerUtil;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.util.Objects;
import lombok.Generated;
import org.apache.hc.client5.http.utils.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.crypto.password.PasswordEncoder;

/* loaded from: input_file:com/fuhouyu/framework/security/core/passwordencoder/Sm3PasswordEncoder.class */
public class Sm3PasswordEncoder implements PasswordEncoder {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(Sm3PasswordEncoder.class);
    private static final char[] RANDOM_CHAR = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./".toCharArray();
    private static final String DEFAULT_SM3_PREFIX = "$3m";
    private final String prefix;
    private final SecureRandom random;

    public Sm3PasswordEncoder() {
        this(DEFAULT_SM3_PREFIX, null);
    }

    public Sm3PasswordEncoder(String str) {
        this(str, null);
    }

    public Sm3PasswordEncoder(SecureRandom secureRandom) {
        this(DEFAULT_SM3_PREFIX, secureRandom);
    }

    public Sm3PasswordEncoder(String str, SecureRandom secureRandom) {
        this.prefix = str;
        this.random = secureRandom;
    }

    public String encode(CharSequence charSequence) {
        if (Objects.isNull(charSequence)) {
            throw new IllegalArgumentException("rawPassword cannot be null");
        }
        String salt = getSalt();
        return salt + hashPw(salt, charSequence.toString());
    }

    public boolean matches(CharSequence charSequence, String str) {
        if (str.startsWith(this.prefix)) {
            String substring = str.substring(0, 25);
            return MessageDigest.isEqual((substring + hashPw(substring, charSequence.toString())).getBytes(StandardCharsets.UTF_8), str.getBytes(StandardCharsets.UTF_8));
        }
        LoggerUtil.error(log, "encodedPassword is {}, 非sm3国密编码", new Object[]{charSequence, str});
        return false;
    }

    private String hashPw(String str, String str2) {
        return Base64.encodeBase64String(SmUtil.sm3WithSalt(str.getBytes(StandardCharsets.UTF_8)).digest(str2.getBytes(StandardCharsets.UTF_8))).replace("=", "");
    }

    private String getSalt() {
        StringBuilder sb = new StringBuilder();
        byte[] bArr = new byte[16];
        SecureRandom secureRandom = Objects.isNull(this.random) ? new SecureRandom() : this.random;
        for (int i = 0; i < 16; i++) {
            bArr[i] = (byte) RANDOM_CHAR[secureRandom.nextInt(RANDOM_CHAR.length)];
        }
        sb.append("$3").append(this.prefix.charAt(2));
        sb.append(Base64.encodeBase64String(bArr).replace("=", ""));
        return sb.toString();
    }
}
