package org.gephi.com.microsoft.sqlserver.jdbc;

import org.gephi.java.io.FileInputStream;
import org.gephi.java.io.FileNotFoundException;
import org.gephi.java.io.IOException;
import org.gephi.java.io.InputStream;
import org.gephi.java.lang.Object;
import org.gephi.java.lang.String;
import org.gephi.java.lang.System;
import org.gephi.java.nio.ByteBuffer;
import org.gephi.java.nio.ByteOrder;
import org.gephi.java.nio.charset.StandardCharsets;
import org.gephi.java.security.InvalidKeyException;
import org.gephi.java.security.Key;
import org.gephi.java.security.KeyStore;
import org.gephi.java.security.KeyStoreException;
import org.gephi.java.security.MessageDigest;
import org.gephi.java.security.NoSuchAlgorithmException;
import org.gephi.java.security.Signature;
import org.gephi.java.security.SignatureException;
import org.gephi.java.security.UnrecoverableKeyException;
import org.gephi.java.security.cert.CertificateException;
import org.gephi.java.security.cert.X509Certificate;
import org.gephi.java.text.MessageFormat;
import org.gephi.java.util.logging.Level;
import org.gephi.java.util.logging.Logger;
import org.gephi.javax.crypto.BadPaddingException;
import org.gephi.javax.crypto.Cipher;
import org.gephi.javax.crypto.IllegalBlockSizeException;
import org.gephi.javax.crypto.NoSuchPaddingException;

/* loaded from: input_file:org/gephi/com/microsoft/sqlserver/jdbc/SQLServerColumnEncryptionJavaKeyStoreProvider.class */
public class SQLServerColumnEncryptionJavaKeyStoreProvider extends SQLServerColumnEncryptionKeyStoreProvider {
    String name = "MSSQL_JAVA_KEYSTORE";
    String keyStorePath;
    char[] keyStorePwd;
    private static final Logger javaKeyStoreLogger = Logger.getLogger("org.gephi.com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionJavaKeyStoreProvider");

    @Override // org.gephi.com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionKeyStoreProvider
    public void setName(String string) {
        this.name = string;
    }

    @Override // org.gephi.com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionKeyStoreProvider
    public String getName() {
        return this.name;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v16, types: [org.gephi.java.lang.Object] */
    /* JADX WARN: Type inference failed for: r0v8, types: [org.gephi.java.lang.Object[], org.gephi.java.lang.Object] */
    /* JADX WARN: Type inference failed for: r2v8, types: [org.gephi.java.lang.Object, char[]] */
    public SQLServerColumnEncryptionJavaKeyStoreProvider(String string, char[] cArr) throws SQLServerException {
        this.keyStorePath = null;
        this.keyStorePwd = null;
        javaKeyStoreLogger.entering(SQLServerColumnEncryptionJavaKeyStoreProvider.class.getName(), "SQLServerColumnEncryptionJavaKeyStoreProvider");
        if (null == string || 0 == string.length()) {
            throw new SQLServerException(new MessageFormat(SQLServerException.getErrString("R_InvalidConnectionSetting")).format((Object) new Object[]{"keyStoreLocation", string}), null);
        }
        this.keyStorePath = string;
        if (javaKeyStoreLogger.isLoggable(Level.FINE)) {
            javaKeyStoreLogger.fine("Path of key store provider is set.");
        }
        cArr = null == cArr ? "".toCharArray() : cArr;
        this.keyStorePwd = new char[cArr.length];
        System.arraycopy(cArr, 0, (Object) this.keyStorePwd, 0, cArr.length);
        if (javaKeyStoreLogger.isLoggable(Level.FINE)) {
            javaKeyStoreLogger.fine("Password for key store provider is set.");
        }
        javaKeyStoreLogger.exiting(SQLServerColumnEncryptionJavaKeyStoreProvider.class.getName(), "SQLServerColumnEncryptionJavaKeyStoreProvider");
    }

    @Override // org.gephi.com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionKeyStoreProvider
    public byte[] decryptColumnEncryptionKey(String string, String string2, byte[] bArr) throws SQLServerException {
        javaKeyStoreLogger.entering(SQLServerColumnEncryptionJavaKeyStoreProvider.class.getName(), "decryptColumnEncryptionKey", "Decrypting Column Encryption Key.");
        KeyStoreProviderCommon.validateNonEmptyMasterKeyPath(string);
        byte[] decryptColumnEncryptionKey = KeyStoreProviderCommon.decryptColumnEncryptionKey(string, string2, bArr, getCertificateDetails(string));
        javaKeyStoreLogger.exiting(SQLServerColumnEncryptionJavaKeyStoreProvider.class.getName(), "decryptColumnEncryptionKey", "Finished decrypting Column Encryption Key.");
        return decryptColumnEncryptionKey;
    }

    /* JADX WARN: Type inference failed for: r0v10, types: [org.gephi.java.lang.Object[], org.gephi.java.lang.Object] */
    /* JADX WARN: Type inference failed for: r0v27, types: [org.gephi.java.lang.Object[], org.gephi.java.lang.Object] */
    private CertificateDetails getCertificateDetails(String string) throws SQLServerException {
        KeyStore keyStore;
        InputStream inputStream = null;
        try {
            if (null != string) {
                try {
                    if (0 != string.length()) {
                        try {
                            keyStore = KeyStore.getInstance("JKS");
                            inputStream = new FileInputStream(this.keyStorePath);
                            keyStore.load(inputStream, this.keyStorePwd);
                        } catch (IOException e) {
                            if (null != inputStream) {
                                inputStream.close();
                            }
                            keyStore = KeyStore.getInstance("PKCS12");
                            inputStream = new FileInputStream(this.keyStorePath);
                            keyStore.load(inputStream, this.keyStorePwd);
                        }
                        CertificateDetails certificateDetailsByAlias = getCertificateDetailsByAlias(keyStore, string);
                        if (null != inputStream) {
                            try {
                                inputStream.close();
                            } catch (IOException e2) {
                            }
                        }
                        if (certificateDetailsByAlias == null) {
                            throw new SQLServerException((Object) this, new MessageFormat(SQLServerException.getErrString("R_CertificateError")).format((Object) new Object[]{string, this.name}), (String) null, 0, false);
                        }
                        return certificateDetailsByAlias;
                    }
                } catch (IOException | CertificateException | NoSuchAlgorithmException | KeyStoreException e3) {
                    throw new SQLServerException(new MessageFormat(SQLServerException.getErrString("R_invalidKeyStoreFile")).format((Object) new Object[]{this.keyStorePath}), e3);
                } catch (FileNotFoundException e4) {
                    throw new SQLServerException((Object) this, SQLServerException.getErrString("R_KeyStoreNotFound"), (String) null, 0, false);
                }
            }
            throw new SQLServerException((Object) null, SQLServerException.getErrString("R_InvalidMasterKeyDetails"), (String) null, 0, false);
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    inputStream.close();
                } catch (IOException e5) {
                    throw th;
                }
            }
            throw th;
        }
    }

    /* JADX WARN: Type inference failed for: r0v19, types: [org.gephi.java.lang.Object[], org.gephi.java.lang.Object] */
    /* JADX WARN: Type inference failed for: r0v2, types: [org.gephi.java.lang.Object[], org.gephi.java.lang.Object] */
    /* JADX WARN: Type inference failed for: r0v6, types: [org.gephi.java.lang.Object[], org.gephi.java.lang.Object] */
    private CertificateDetails getCertificateDetailsByAlias(KeyStore keyStore, String string) throws SQLServerException {
        try {
            X509Certificate certificate = keyStore.getCertificate(string);
            Key key = keyStore.getKey(string, this.keyStorePwd);
            if (null == certificate) {
                throw new SQLServerException((Object) this, new MessageFormat(SQLServerException.getErrString("R_CertificateNotFoundForAlias")).format((Object) new Object[]{string, "MSSQL_JAVA_KEYSTORE"}), (String) null, 0, false);
            }
            if (null == key) {
                throw new UnrecoverableKeyException();
            }
            return new CertificateDetails(certificate, key);
        } catch (NoSuchAlgorithmException | KeyStoreException e) {
            throw new SQLServerException(new MessageFormat(SQLServerException.getErrString("R_CertificateError")).format((Object) new Object[]{string, this.name}), e);
        } catch (UnrecoverableKeyException e2) {
            throw new SQLServerException((Object) this, new MessageFormat(SQLServerException.getErrString("R_UnrecoverableKeyAE")).format((Object) new Object[]{string}), (String) null, 0, false);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v1, types: [org.gephi.java.lang.Object, byte[]] */
    /* JADX WARN: Type inference failed for: r0v11, types: [org.gephi.java.lang.Object, byte[]] */
    /* JADX WARN: Type inference failed for: r0v14, types: [org.gephi.java.lang.Object, byte[]] */
    /* JADX WARN: Type inference failed for: r0v16, types: [org.gephi.java.lang.Object, byte[]] */
    /* JADX WARN: Type inference failed for: r0v23, types: [org.gephi.java.lang.Object, byte[]] */
    /* JADX WARN: Type inference failed for: r0v38, types: [org.gephi.java.lang.Object, byte[]] */
    /* JADX WARN: Type inference failed for: r0v47, types: [org.gephi.java.lang.Object, byte[]] */
    /* JADX WARN: Type inference failed for: r0v9, types: [org.gephi.java.lang.Object, byte[]] */
    @Override // org.gephi.com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionKeyStoreProvider
    public byte[] encryptColumnEncryptionKey(String string, String string2, byte[] bArr) throws SQLServerException {
        javaKeyStoreLogger.entering(SQLServerColumnEncryptionJavaKeyStoreProvider.class.getName(), "encryptColumnEncryptionKey", "Encrypting Column Encryption Key.");
        ?? r0 = KeyStoreProviderCommon.version;
        KeyStoreProviderCommon.validateNonEmptyMasterKeyPath(string);
        if (null == bArr) {
            throw new SQLServerException((Object) null, SQLServerException.getErrString("R_NullColumnEncryptionKey"), (String) null, 0, false);
        }
        if (0 == bArr.length) {
            throw new SQLServerException((Object) null, SQLServerException.getErrString("R_EmptyColumnEncryptionKey"), (String) null, 0, false);
        }
        KeyStoreProviderCommon.validateEncryptionAlgorithm(string2, true);
        CertificateDetails certificateDetails = getCertificateDetails(string);
        ?? encryptRSAOAEP = encryptRSAOAEP(bArr, certificateDetails);
        ?? littleEndianBytesFromShort = getLittleEndianBytesFromShort((short) encryptRSAOAEP.length);
        ?? bytes = string.toLowerCase().getBytes(StandardCharsets.UTF_16LE);
        ?? littleEndianBytesFromShort2 = getLittleEndianBytesFromShort((short) bytes.length);
        ?? r02 = new byte[r0.length + littleEndianBytesFromShort2.length + littleEndianBytesFromShort.length + bytes.length + encryptRSAOAEP.length];
        int length = r0.length;
        System.arraycopy((Object) r0, 0, (Object) r02, 0, r0.length);
        System.arraycopy((Object) littleEndianBytesFromShort2, 0, (Object) r02, length, littleEndianBytesFromShort2.length);
        int length2 = length + littleEndianBytesFromShort2.length;
        System.arraycopy((Object) littleEndianBytesFromShort, 0, (Object) r02, length2, littleEndianBytesFromShort.length);
        int length3 = length2 + littleEndianBytesFromShort.length;
        System.arraycopy((Object) bytes, 0, (Object) r02, length3, bytes.length);
        System.arraycopy((Object) encryptRSAOAEP, 0, (Object) r02, length3 + bytes.length, encryptRSAOAEP.length);
        ?? rsaSignHashedData = rsaSignHashedData(r02, certificateDetails);
        ?? r03 = new byte[r0.length + littleEndianBytesFromShort.length + littleEndianBytesFromShort2.length + encryptRSAOAEP.length + bytes.length + rsaSignHashedData.length];
        System.arraycopy((Object) r0, 0, (Object) r03, 0, r0.length);
        int length4 = 0 + r0.length;
        System.arraycopy((Object) littleEndianBytesFromShort2, 0, (Object) r03, length4, littleEndianBytesFromShort2.length);
        int length5 = length4 + littleEndianBytesFromShort2.length;
        System.arraycopy((Object) littleEndianBytesFromShort, 0, (Object) r03, length5, littleEndianBytesFromShort.length);
        int length6 = length5 + littleEndianBytesFromShort.length;
        System.arraycopy((Object) bytes, 0, (Object) r03, length6, bytes.length);
        int length7 = length6 + bytes.length;
        System.arraycopy((Object) encryptRSAOAEP, 0, (Object) r03, length7, encryptRSAOAEP.length);
        System.arraycopy((Object) rsaSignHashedData, 0, (Object) r03, length7 + encryptRSAOAEP.length, rsaSignHashedData.length);
        javaKeyStoreLogger.exiting(SQLServerColumnEncryptionJavaKeyStoreProvider.class.getName(), "encryptColumnEncryptionKey", "Finished encrypting Column Encryption Key.");
        return r03;
    }

    /* JADX WARN: Type inference failed for: r0v3, types: [org.gephi.java.lang.Object[], org.gephi.java.lang.Object] */
    private byte[] encryptRSAOAEP(byte[] bArr, CertificateDetails certificateDetails) throws SQLServerException {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-1AndMGF1Padding");
            cipher.init(1, certificateDetails.certificate.getPublicKey());
            cipher.update(bArr);
            return cipher.doFinal();
        } catch (InvalidKeyException | NoSuchAlgorithmException | IllegalBlockSizeException | NoSuchPaddingException | BadPaddingException e) {
            throw new SQLServerException((Object) this, new MessageFormat(SQLServerException.getErrString("R_EncryptionFailed")).format((Object) new Object[]{e.getMessage()}), (String) null, 0, false);
        }
    }

    /* JADX WARN: Type inference failed for: r0v3, types: [org.gephi.java.lang.Object[], org.gephi.java.lang.Object] */
    private byte[] rsaSignHashedData(byte[] bArr, CertificateDetails certificateDetails) throws SQLServerException {
        try {
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initSign(certificateDetails.privateKey);
            signature.update(bArr);
            return signature.sign();
        } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e) {
            throw new SQLServerException((Object) this, new MessageFormat(SQLServerException.getErrString("R_EncryptionFailed")).format((Object) new Object[]{e.getMessage()}), (String) null, 0, false);
        }
    }

    private byte[] getLittleEndianBytesFromShort(short s) {
        ByteBuffer allocate = ByteBuffer.allocate(2);
        allocate.order(ByteOrder.LITTLE_ENDIAN);
        return allocate.putShort(s).array();
    }

    /* JADX WARN: Type inference failed for: r0v2, types: [org.gephi.java.lang.Object[], org.gephi.java.lang.Object] */
    private boolean rsaVerifySignature(byte[] bArr, byte[] bArr2, CertificateDetails certificateDetails) throws SQLServerException {
        try {
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initSign(certificateDetails.privateKey);
            signature.update(bArr);
            byte[] sign = signature.sign();
            signature.initVerify(certificateDetails.certificate.getPublicKey());
            signature.update(bArr);
            return signature.verify(sign);
        } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e) {
            throw new SQLServerException((Object) this, new MessageFormat(SQLServerException.getErrString("R_VerifySignatureFailed")).format((Object) new Object[]{e.getMessage()}), (String) null, 0, false);
        }
    }

    @Override // org.gephi.com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionKeyStoreProvider
    public boolean verifyColumnMasterKeyMetadata(String string, boolean z, byte[] bArr) throws SQLServerException {
        if (!z) {
            return false;
        }
        KeyStoreProviderCommon.validateNonEmptyMasterKeyPath(string);
        CertificateDetails certificateDetails = getCertificateDetails(string);
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(this.name.toLowerCase().getBytes(StandardCharsets.UTF_16LE));
            messageDigest.update(string.toLowerCase().getBytes(StandardCharsets.UTF_16LE));
            messageDigest.update("true".getBytes(StandardCharsets.UTF_16LE));
            return rsaVerifySignature(messageDigest.digest(), bArr, certificateDetails);
        } catch (NoSuchAlgorithmException e) {
            throw new SQLServerException(SQLServerException.getErrString("R_NoSHA256Algorithm"), e);
        }
    }
}
