package com.github.jasync.sql.db.mysql.encoder.auth;

import com.github.jasync.sql.db.SSLConfiguration;
import com.github.jasync.sql.db.mysql.message.server.ServerMessage;
import com.github.jasync.sql.db.util.CollectionsUtilsKt;
import java.nio.charset.Charset;
import java.nio.file.Files;
import java.nio.file.Path;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import javax.crypto.Cipher;
import kotlin.Metadata;
import kotlin.collections.ArraysKt;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;
import kotlin.text.Regex;
import mu.KLogger;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* compiled from: Sha256PasswordAuthentication.kt */
@Metadata(mv = {1, 6, ServerMessage.Ok}, k = 1, xi = 48, d1 = {"��<\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0012\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\bÆ\u0002\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J4\u0010\u0007\u001a\u00020\u00042\u0006\u0010\b\u001a\u00020\t2\b\u0010\n\u001a\u0004\u0018\u00010\u000b2\u0006\u0010\f\u001a\u00020\u00042\u0006\u0010\r\u001a\u00020\u000e2\b\u0010\u000f\u001a\u0004\u0018\u00010\u0010H\u0016J\u0010\u0010\u0011\u001a\u00020\u00122\u0006\u0010\u0013\u001a\u00020\u0010H\u0002R\u000e\u0010\u0003\u001a\u00020\u0004X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0005\u001a\u00020\u0006X\u0082\u0004¢\u0006\u0002\n��¨\u0006\u0014"}, d2 = {"Lcom/github/jasync/sql/db/mysql/encoder/auth/Sha256PasswordAuthentication;", "Lcom/github/jasync/sql/db/mysql/encoder/auth/AuthenticationMethod;", "()V", "EmptyArray", "", "RsaHeaderRegex", "Lkotlin/text/Regex;", "generateAuthentication", "charset", "Ljava/nio/charset/Charset;", "password", "", "seed", "sslConfiguration", "Lcom/github/jasync/sql/db/SSLConfiguration;", "rsaPublicKey", "Ljava/nio/file/Path;", "getPublicKey", "Ljava/security/PublicKey;", "path", "jasync-mysql"})
/* loaded from: input_file:com/github/jasync/sql/db/mysql/encoder/auth/Sha256PasswordAuthentication.class */
public final class Sha256PasswordAuthentication implements AuthenticationMethod {

    @NotNull
    public static final Sha256PasswordAuthentication INSTANCE = new Sha256PasswordAuthentication();

    @NotNull
    private static final byte[] EmptyArray = new byte[0];

    @NotNull
    private static final Regex RsaHeaderRegex = new Regex("(-+BEGIN PUBLIC KEY-+|-+END PUBLIC KEY-+|\\r?\\n)");

    private Sha256PasswordAuthentication() {
    }

    @Override // com.github.jasync.sql.db.mysql.encoder.auth.AuthenticationMethod
    @NotNull
    public byte[] generateAuthentication(@NotNull Charset charset, @Nullable String str, @NotNull byte[] bArr, @NotNull SSLConfiguration sSLConfiguration, @Nullable final Path path) {
        KLogger kLogger;
        Intrinsics.checkNotNullParameter(charset, "charset");
        Intrinsics.checkNotNullParameter(bArr, "seed");
        Intrinsics.checkNotNullParameter(sSLConfiguration, "sslConfiguration");
        if (str == null) {
            return EmptyArray;
        }
        byte[] bytes = str.getBytes(charset);
        Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
        byte[] bArr2 = new byte[CollectionsUtilsKt.getLength(bytes) + 1];
        ArraysKt.copyInto$default(bytes, bArr2, 0, 0, 0, 14, (Object) null);
        if (sSLConfiguration.getMode() != SSLConfiguration.Mode.Disable) {
            return bArr2;
        }
        if (path == null) {
            throw new IllegalStateException("Authentication is not possible over an unsafe connection. Please use SSL or specify 'rsaPublicKey'");
        }
        int length = bArr2.length;
        for (int i = 0; i < length; i++) {
            int i2 = i;
            bArr2[i2] = (byte) (bArr2[i] ^ bArr[i2 % CollectionsUtilsKt.getLength(bArr)]);
        }
        try {
            PublicKey publicKey = getPublicKey(path);
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-1AndMGF1Padding");
            cipher.init(1, publicKey);
            byte[] doFinal = cipher.doFinal(bArr2);
            Intrinsics.checkNotNullExpressionValue(doFinal, "cipher.doFinal(result)");
            return doFinal;
        } catch (Exception e) {
            kLogger = Sha256PasswordAuthenticationKt.logger;
            kLogger.error(e, new Function0<Object>() { // from class: com.github.jasync.sql.db.mysql.encoder.auth.Sha256PasswordAuthentication$generateAuthentication$publicKey$1
                /* JADX INFO: Access modifiers changed from: package-private */
                /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                {
                    super(0);
                }

                @Nullable
                public final Object invoke() {
                    return "Unable to read the RSA public key at '" + path + '\'';
                }
            });
            throw e;
        }
    }

    private final PublicKey getPublicKey(Path path) {
        byte[] readAllBytes = Files.readAllBytes(path);
        Intrinsics.checkNotNullExpressionValue(readAllBytes, "readAllBytes(path)");
        PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64.getDecoder().decode(RsaHeaderRegex.replace(new String(readAllBytes, Charsets.UTF_8), ""))));
        Intrinsics.checkNotNullExpressionValue(generatePublic, "factory.generatePublic(keySpec)");
        return generatePublic;
    }
}
