package org.gephi.com.mysql.cj.sasl;

import org.gephi.com.mysql.cj.util.SaslPrep;
import org.gephi.com.mysql.cj.util.StringUtils;
import org.gephi.java.lang.Enum;
import org.gephi.java.lang.IllegalStateException;
import org.gephi.java.lang.Integer;
import org.gephi.java.lang.NoSuchFieldError;
import org.gephi.java.lang.Object;
import org.gephi.java.lang.String;
import org.gephi.java.lang.StringBuilder;
import org.gephi.java.lang.Throwable;
import org.gephi.java.security.MessageDigest;
import org.gephi.java.security.SecureRandom;
import org.gephi.java.util.Base64;
import org.gephi.java.util.HashMap;
import org.gephi.java.util.Map;
import org.gephi.javax.security.sasl.SaslClient;
import org.gephi.javax.security.sasl.SaslException;

/* loaded from: input_file:org/gephi/com/mysql/cj/sasl/ScramShaSaslClient.class */
public abstract class ScramShaSaslClient extends Object implements SaslClient {
    protected static final int MINIMUM_ITERATIONS = 4096;
    protected static final String GS2_CBIND_FLAG = "n";
    protected static final byte[] CLIENT_KEY = "Client Key".getBytes();
    protected static final byte[] SERVER_KEY = "Server Key".getBytes();
    protected String authorizationId;
    protected String authenticationId;
    protected String password;
    protected ScramExchangeStage scramStage;
    protected String cNonce;
    protected String gs2Header;
    protected String clientFirstMessageBare;
    protected byte[] serverSignature;

    /* renamed from: org.gephi.com.mysql.cj.sasl.ScramShaSaslClient$1, reason: invalid class name */
    /* loaded from: input_file:org/gephi/com/mysql/cj/sasl/ScramShaSaslClient$1.class */
    static /* synthetic */ class AnonymousClass1 extends Object {
        static final /* synthetic */ int[] $SwitchMap$com$mysql$cj$sasl$ScramShaSaslClient$ScramExchangeStage = new int[ScramExchangeStage.values().length];

        static {
            try {
                $SwitchMap$com$mysql$cj$sasl$ScramShaSaslClient$ScramExchangeStage[ScramExchangeStage.CLIENT_FIRST.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$mysql$cj$sasl$ScramShaSaslClient$ScramExchangeStage[ScramExchangeStage.SERVER_FIRST_CLIENT_FINAL.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$mysql$cj$sasl$ScramShaSaslClient$ScramExchangeStage[ScramExchangeStage.SERVER_FINAL.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    /* loaded from: input_file:org/gephi/com/mysql/cj/sasl/ScramShaSaslClient$ScramExchangeStage.class */
    protected enum ScramExchangeStage extends Enum<ScramExchangeStage> {
        private ScramExchangeStage next;
        public static final ScramExchangeStage TERMINATED = new ScramExchangeStage("TERMINATED", 0, null);
        public static final ScramExchangeStage SERVER_FINAL = new ScramExchangeStage("SERVER_FINAL", 1, TERMINATED);
        public static final ScramExchangeStage SERVER_FIRST_CLIENT_FINAL = new ScramExchangeStage("SERVER_FIRST_CLIENT_FINAL", 2, SERVER_FINAL);
        public static final ScramExchangeStage CLIENT_FIRST = new ScramExchangeStage("CLIENT_FIRST", 3, SERVER_FIRST_CLIENT_FINAL);
        private static final /* synthetic */ ScramExchangeStage[] $VALUES = {TERMINATED, SERVER_FINAL, SERVER_FIRST_CLIENT_FINAL, CLIENT_FIRST};

        /* JADX WARN: Multi-variable type inference failed */
        public static ScramExchangeStage[] values() {
            return (ScramExchangeStage[]) $VALUES.clone();
        }

        public static ScramExchangeStage valueOf(String string) {
            return (ScramExchangeStage) Enum.valueOf(ScramExchangeStage.class, string);
        }

        private ScramExchangeStage(String string, int i, ScramExchangeStage scramExchangeStage) {
            super(string, i);
            this.next = scramExchangeStage;
        }

        public ScramExchangeStage getNext() {
            return this.next == null ? this : this.next;
        }
    }

    public ScramShaSaslClient(String string, String string2, String string3) throws SaslException {
        this.scramStage = ScramExchangeStage.CLIENT_FIRST;
        this.authorizationId = StringUtils.isNullOrEmpty(string) ? "" : string;
        this.authenticationId = StringUtils.isNullOrEmpty(string2) ? this.authorizationId : string2;
        if (StringUtils.isNullOrEmpty(this.authenticationId)) {
            throw new SaslException("The authenticationId cannot be null or empty.");
        }
        this.password = StringUtils.isNullOrEmpty(string3) ? "" : string3;
        this.scramStage = ScramExchangeStage.CLIENT_FIRST;
    }

    abstract String getIanaMechanismName();

    public boolean hasInitialResponse() {
        return true;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public byte[] evaluateChallenge(byte[] bArr) throws SaslException {
        try {
            try {
                switch (AnonymousClass1.$SwitchMap$com$mysql$cj$sasl$ScramShaSaslClient$ScramExchangeStage[this.scramStage.ordinal()]) {
                    case 1:
                        this.gs2Header = new StringBuilder().append("n,").append(StringUtils.isNullOrEmpty(this.authorizationId) ? "" : new StringBuilder().append("a=").append(prepUserName(this.authorizationId)).toString()).append(",").toString();
                        this.cNonce = generateRandomPrintableAsciiString(32);
                        this.clientFirstMessageBare = new StringBuilder().append("n=").append(prepUserName(this.authenticationId)).append(",r=").append(this.cNonce).toString();
                        byte[] bytes = StringUtils.getBytes(new StringBuilder().append(this.gs2Header).append(this.clientFirstMessageBare).toString(), (String) "UTF-8");
                        this.scramStage = this.scramStage.getNext();
                        return bytes;
                    case 2:
                        String stringUtils = StringUtils.toString(bArr, "UTF-8");
                        Map<String, String> parseChallenge = parseChallenge(stringUtils);
                        if (!parseChallenge.containsKey("r") || !parseChallenge.containsKey("s") || !parseChallenge.containsKey("i")) {
                            throw new SaslException("Missing required SCRAM attribute from server first message.");
                        }
                        String string = parseChallenge.get("r");
                        if (!string.startsWith(this.cNonce)) {
                            throw new SaslException(new StringBuilder().append("Invalid server nonce for ").append(getIanaMechanismName()).append(" authentication.").toString());
                        }
                        byte[] decode = Base64.getDecoder().decode(parseChallenge.get("s"));
                        int parseInt = Integer.parseInt(parseChallenge.get("i"));
                        if (parseInt < 4096) {
                            throw new SaslException(new StringBuilder().append("Announced ").append(getIanaMechanismName()).append(" iteration count is too low.").toString());
                        }
                        String stringBuilder = new StringBuilder().append("c=").append(Base64.getEncoder().encodeToString(StringUtils.getBytes(this.gs2Header, (String) "UTF-8"))).append(",r=").append(string).toString();
                        byte[] hi = hi(SaslPrep.prepare(this.password, SaslPrep.StringType.STORED), decode, parseInt);
                        byte[] hmac = hmac(hi, CLIENT_KEY);
                        byte[] h = h(hmac);
                        String stringBuilder2 = new StringBuilder().append(this.clientFirstMessageBare).append(",").append(stringUtils).append(",").append(stringBuilder).toString();
                        byte[] hmac2 = hmac(h, StringUtils.getBytes(stringBuilder2, (String) "UTF-8"));
                        byte[] bArr2 = (byte[]) hmac.clone();
                        xorInPlace(bArr2, hmac2);
                        String stringBuilder3 = new StringBuilder().append(stringBuilder).append(",p=").append(Base64.getEncoder().encodeToString(bArr2)).toString();
                        this.serverSignature = hmac(hmac(hi, SERVER_KEY), StringUtils.getBytes(stringBuilder2, (String) "UTF-8"));
                        byte[] bytes2 = StringUtils.getBytes(stringBuilder3, (String) "UTF-8");
                        this.scramStage = this.scramStage.getNext();
                        return bytes2;
                    case 3:
                        Map<String, String> parseChallenge2 = parseChallenge(StringUtils.toString(bArr, "UTF-8"));
                        if (parseChallenge2.containsKey("e")) {
                            throw new SaslException(new StringBuilder().append("Authentication failed due to server error '").append(parseChallenge2.get("e")).append("'.").toString());
                        }
                        if (!parseChallenge2.containsKey("v")) {
                            throw new SaslException("Missing required SCRAM attribute from server final message.");
                        }
                        if (MessageDigest.isEqual(this.serverSignature, Base64.getDecoder().decode(parseChallenge2.get("v")))) {
                            return null;
                        }
                        throw new SaslException(new StringBuilder().append(getIanaMechanismName()).append(" server signature could not be verified.").toString());
                    default:
                        throw new SaslException("Unexpected SCRAM authentication message.");
                }
            } catch (Throwable e) {
                this.scramStage = ScramExchangeStage.TERMINATED;
                throw e;
            }
        } finally {
            this.scramStage = this.scramStage.getNext();
        }
    }

    public boolean isComplete() {
        return this.scramStage == ScramExchangeStage.TERMINATED;
    }

    public byte[] unwrap(byte[] bArr, int i, int i2) throws SaslException {
        throw new IllegalStateException("Integrity and/or privacy has not been negotiated.");
    }

    public byte[] wrap(byte[] bArr, int i, int i2) throws SaslException {
        throw new IllegalStateException("Integrity and/or privacy has not been negotiated.");
    }

    public Object getNegotiatedProperty(String string) {
        return null;
    }

    public void dispose() throws SaslException {
    }

    private String prepUserName(String string) {
        return SaslPrep.prepare(string, SaslPrep.StringType.QUERY).replace("=", "=2D").replace(",", "=2C");
    }

    private Map<String, String> parseChallenge(String string) {
        HashMap hashMap = new HashMap();
        for (String string2 : string.split(",")) {
            Object[] split = string2.split("=", 2);
            hashMap.put(split[0], split[1]);
        }
        return hashMap;
    }

    private String generateRandomPrintableAsciiString(int i) {
        SecureRandom secureRandom = new SecureRandom();
        char[] cArr = new char[i];
        int i2 = 0;
        while (i2 < i) {
            int nextInt = secureRandom.nextInt(93) + 33;
            if (nextInt != 44) {
                int i3 = i2;
                i2++;
                cArr[i3] = (char) nextInt;
            }
        }
        return new String(cArr);
    }

    abstract byte[] h(byte[] bArr);

    abstract byte[] hmac(byte[] bArr, byte[] bArr2);

    abstract byte[] hi(String string, byte[] bArr, int i);

    byte[] xorInPlace(byte[] bArr, byte[] bArr2) {
        for (int i = 0; i < bArr.length; i++) {
            int i2 = i;
            bArr[i2] = (byte) (bArr[i2] ^ bArr2[i]);
        }
        return bArr;
    }
}
