package com.sybase.jdbc4.jdbc;

import com.fasterxml.jackson.annotation.JsonProperty;
import com.sybase.jdbc4.tds.ParamFormat2Token;
import com.sybase.jdbc4.tds.TdsConst;
import java.io.File;
import java.io.IOException;
import java.io.RandomAccessFile;
import java.io.UnsupportedEncodingException;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.sql.SQLException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import java.util.zip.CRC32;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:com/sybase/jdbc4/jdbc/SecureStore.class */
public final class SecureStore {
    private static final String UTF8_CHARSET = "UTF-8";
    private static final String NAMESPACE = ".ase";
    private static final String KEYFILE = "SSFS_ASE.KEY";
    private static final String DATAFILE = "SSFS_ASE.DAT";
    private static final int MIN_RECORD_LENGTH = 176;
    private static final int ENCRYPTED_RECORD_LENGTH_MULTIPLE = 128;
    private static final char[] DEFAULT_KEY = new char[24];
    private static final char[] FALLBACK_KEK = {159, '`', 166, 221, '~', 21, '}', 7, '\f', 195, 'W', 144, 154, 162, 144, 233, '6', 14, 238, 'G', '/', 218, 'G', 'r'};
    private static final int PREAMBLE_LENGTH = 12;
    private static final int RECORD_LENGTH_VALUES_START = 12;
    private static final int RECORD_LENGTH_VALUES_SIZE = 4;
    private static final int RECORD_TYPE_POS = 16;
    private static final int RECORD_IDENTIFIER_START = 24;
    private static final int RECORD_IDENTIFIER_LENGTH = 64;
    private static final int TIMESTAMP_START = 88;
    private static final int TIMESTAMP_LENGTH = 8;
    private static final int USERNAME_START = 96;
    private static final int USERNAME_LENGTH = 24;
    private static final int HOSTNAME_START = 120;
    private static final int HOSTNAME_LENGTH = 24;
    private static final int IS_DELETED_FLAG_POS = 144;
    private static final int IS_PLAINTEXT_FLAG_POS = 145;
    private static final int IS_BINARY_FLAG_POS = 146;
    private static final int HMAC_START = 156;
    private static final int HMAC_LENGTH = 20;
    private static final int DATA_LENGTH_FOR_HMAC = 132;
    private static final int SHA1_LENGTH = 20;
    private static final int DATA_ENCRYPTED_PART1_LENGTH = 12;
    private static final int DATA_ENCRYPTED_PART2_LENGTH = 96;
    private static final int PAYLOAD_LENGTH = 4;
    private static final int PAYLOAD_DATA_START = 32;
    private static final int RANDOM_CONTENT_LENGTH = 8;
    private static final int KEY_PREAMBLE_START = 0;
    private static final int KEY_PREAMBLE_LENGTH = 11;
    private static final int KEY_TYPE_POS = 11;
    private static final int KEY_USERNAME_START = 20;
    private static final int KEY_HOSTNAME_START = 44;
    private static final int KEY_HMAC_START = 106;
    private static final int KEY_CRC32_START = 126;
    private static final int KEY_CRC32_LENGTH = 4;
    private static final int KEY_EK_LENGTH = 24;
    private static final int KEY_ENCRYPTED_DATA_START = 130;
    private static final int KEY_ENCRYPTED_DATA_LENGTH = 57;
    private static final int KEY_DATA_PART1_LENGTH = 106;
    private static final int KEY_DATA_PART2_LENGTH = 57;

    private SecureStore() {
        throw new AssertionError("Non-instantiable class");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static SecureStoreLoginInformation getLoginInformation(String str) throws SQLException {
        String str2;
        if (str == null || str.trim().isEmpty()) {
            ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_NULL_KEY);
        }
        String str3 = TdsConst.ASE_SERVER_PROGRAM_NAME + "/" + str.toUpperCase(Locale.ENGLISH) + "/";
        String str4 = str3 + "DB_USER";
        String str5 = str3 + "DB_PASSWORD";
        String str6 = str3 + "DB_CON_ENV";
        String str7 = str3 + "DB_DATABASE_NAME";
        String property = System.getProperty("user.home");
        try {
            str2 = InetAddress.getLocalHost().getHostName();
        } catch (UnknownHostException e) {
            str2 = "localhost";
        }
        String str8 = property + File.separator + NAMESPACE + File.separator + str2 + File.separator + KEYFILE;
        String str9 = property + File.separator + NAMESPACE + File.separator + str2 + File.separator + DATAFILE;
        if (!checkFile(str8) || !checkFile(str9)) {
            ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_INVALID_FILE);
        }
        Map<String, SecureStoreRecord> readDataFile = readDataFile(str9);
        SecureStoreKey readKeyFile = readKeyFile(str8);
        SecureStoreRecord secureStoreRecord = readDataFile.get(str4);
        SecureStoreRecord secureStoreRecord2 = readDataFile.get(str5);
        SecureStoreRecord secureStoreRecord3 = readDataFile.get(str6);
        SecureStoreRecord secureStoreRecord4 = readDataFile.get(str7);
        String str10 = null;
        char[] cArr = null;
        String str11 = null;
        warnOnMissingKey(secureStoreRecord);
        String valueOf = String.valueOf(secureStoreRecord.getData());
        if (valueOf.equals(JsonProperty.USE_DEFAULT_NAME)) {
            ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_MISSING_KEY);
        }
        if (secureStoreRecord2 != null) {
            cArr = getSecureStorePwd(secureStoreRecord2, readKeyFile);
        }
        if (secureStoreRecord3 != null) {
            str11 = String.valueOf(secureStoreRecord3.getData());
        }
        if (secureStoreRecord4 != null) {
            str10 = String.valueOf(secureStoreRecord4.getData());
        }
        return new SecureStoreLoginInformation(valueOf, cArr, str11, str10);
    }

    private static void warnOnMissingKey(SecureStoreRecord secureStoreRecord) throws SQLException {
        if (secureStoreRecord == null) {
            ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_MISSING_KEY);
        }
    }

    private static boolean checkFile(String str) throws SQLException {
        try {
            return new File(str).exists();
        } catch (Exception e) {
            return false;
        }
    }

    private static char[] getSecureStorePwd(SecureStoreRecord secureStoreRecord, SecureStoreKey secureStoreKey) throws SQLException {
        char[] key = secureStoreKey.getKey();
        char[] data = secureStoreRecord.getData();
        DES.RSecPDecrypt(key, data, data.length);
        if (data.length == 0 || data.length % 128 != 0) {
            ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_INVALID_FILE);
        }
        if (!checkSha1EncryptedRecord(data)) {
            ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_INVALID_FILE);
        }
        char[] cArr = new char[4];
        for (int i = 0; i < 4; i++) {
            cArr[i] = data[i + 8];
        }
        int recordLength = getRecordLength(cArr);
        char[] cArr2 = new char[recordLength];
        System.arraycopy(data, 32, cArr2, 0, recordLength);
        Arrays.fill(data, (char) 0);
        return cArr2;
    }

    private static boolean checkSha1EncryptedRecord(char[] cArr) throws SQLException {
        byte[] bArr = new byte[cArr.length];
        for (int i = 0; i < bArr.length; i++) {
            bArr[i] = (byte) cArr[i];
        }
        byte[] bArr2 = new byte[cArr.length - 20];
        System.arraycopy(bArr, 0, bArr2, 0, 12);
        System.arraycopy(bArr, 32, bArr2, 12, 96);
        MessageDigest messageDigest = null;
        try {
            messageDigest = MessageDigest.getInstance("SHA-1");
        } catch (NoSuchAlgorithmException e) {
            ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_GENERIC);
        }
        byte[] digest = messageDigest.digest(bArr2);
        for (int i2 = 0; i2 < 20; i2++) {
            if (digest[i2] != bArr[i2 + 12]) {
                return false;
            }
        }
        return true;
    }

    private static void readFile(File file, byte[] bArr) throws SQLException {
        RandomAccessFile randomAccessFile = null;
        try {
            try {
                randomAccessFile = new RandomAccessFile(file, "r");
                if (randomAccessFile.read(bArr) == -1) {
                    ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_INVALID_FILE);
                }
                if (randomAccessFile != null) {
                    try {
                        randomAccessFile.close();
                    } catch (IOException e) {
                    }
                }
            } catch (IOException e2) {
                ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_INVALID_FILE);
                if (randomAccessFile != null) {
                    try {
                        randomAccessFile.close();
                    } catch (IOException e3) {
                    }
                }
            }
        } catch (Throwable th) {
            if (randomAccessFile != null) {
                try {
                    randomAccessFile.close();
                } catch (IOException e4) {
                }
            }
            throw th;
        }
    }

    private static void getBytesInChar(byte[] bArr, char[] cArr, int i, int i2) {
        for (int i3 = 0; i3 < i2; i3++) {
            cArr[i3] = (char) bArr[i3 + i];
        }
    }

    private static Map<String, SecureStoreRecord> readDataFile(String str) throws SQLException {
        char[] charArray;
        File file = new File(str);
        byte[] bArr = new byte[(int) file.length()];
        HashMap hashMap = new HashMap();
        readFile(file, bArr);
        if (bArr.length < MIN_RECORD_LENGTH) {
            ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_INVALID_FILE);
        }
        int i = 0;
        while (i < bArr.length) {
            try {
                String trim = new String(bArr, i, 12, UTF8_CHARSET).trim();
                char[] cArr = new char[4];
                getBytesInChar(bArr, cArr, i + 12, 4);
                int recordLength = getRecordLength(cArr);
                byte b = bArr[i + 16];
                if (!checkDataFile(trim, b, recordLength)) {
                    ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_INVALID_FILE);
                }
                String str2 = new String(bArr, i + 24, 64, UTF8_CHARSET);
                byte[] bArr2 = new byte[8];
                for (int i2 = 0; i2 < 8; i2++) {
                    bArr2[i2] = bArr[i + i2 + 88];
                }
                String str3 = new String(bArr, i + 96, 24, UTF8_CHARSET);
                String str4 = new String(bArr, i + 120, 24, UTF8_CHARSET);
                byte b2 = bArr[i + IS_DELETED_FLAG_POS];
                byte b3 = bArr[i + IS_PLAINTEXT_FLAG_POS];
                byte b4 = bArr[i + IS_BINARY_FLAG_POS];
                byte[] bArr3 = new byte[20];
                System.arraycopy(bArr, i + HMAC_START, bArr3, 0, bArr3.length);
                if (b2 != 1) {
                    if (b3 == 1 || b4 == 1) {
                        charArray = new String(bArr, i + MIN_RECORD_LENGTH, recordLength - MIN_RECORD_LENGTH, UTF8_CHARSET).toCharArray();
                    } else {
                        charArray = new char[recordLength - MIN_RECORD_LENGTH];
                        int i3 = recordLength - MIN_RECORD_LENGTH;
                        if (i3 % 128 != 0) {
                            ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_INVALID_FILE);
                        }
                        int i4 = 0;
                        while (i3 > 0) {
                            charArray[i4] = (char) bArr[i + MIN_RECORD_LENGTH + i4];
                            i3--;
                            i4++;
                        }
                    }
                    if (!checkHMAC(bArr3, bArr, i, charArray)) {
                        ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_INVALID_FILE);
                    }
                    hashMap.put(str2.trim(), new SecureStoreRecord(trim, bArr2, str3, str4, b, recordLength, str2, b2, b3, b4, bArr3, recordLength - MIN_RECORD_LENGTH, charArray));
                }
                i += recordLength;
            } catch (UnsupportedEncodingException e) {
                ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_GENERIC);
            }
        }
        return hashMap;
    }

    private static boolean checkDataFile(String str, int i, int i2) {
        return str.equals("RSecSSFsData") && i == 1 && i2 >= MIN_RECORD_LENGTH && i2 <= 98640;
    }

    private static boolean checkHMAC(byte[] bArr, byte[] bArr2, int i, char[] cArr) throws SQLException {
        char[] cArr2 = {3, 'A', 5, 'W', 23, 196, 23, 'A', ',', '`', '[', 'z', 213, 5, 243, 3};
        byte[] bArr3 = new byte[cArr2.length];
        byte[] bArr4 = new byte[132 + cArr.length];
        System.arraycopy(bArr2, i + 24, bArr4, 0, 132);
        for (int i2 = 0; i2 < cArr.length; i2++) {
            bArr4[132 + i2] = (byte) cArr[i2];
        }
        DES.rsecedv1_encode_default_v1(cArr2, cArr2.length);
        for (int i3 = 0; i3 < cArr2.length; i3++) {
            bArr3[i3] = (byte) cArr2[i3];
        }
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr3, "HmacSHA1");
        Mac mac = null;
        try {
            mac = Mac.getInstance("HmacSHA1");
            mac.init(secretKeySpec);
        } catch (InvalidKeyException e) {
            ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_GENERIC);
        } catch (NoSuchAlgorithmException e2) {
            ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_GENERIC);
        }
        byte[] doFinal = mac.doFinal(bArr4);
        for (int i4 = 0; i4 < doFinal.length; i4++) {
            if (doFinal[i4] != bArr[i4]) {
                return false;
            }
        }
        return true;
    }

    private static int getRecordLength(char[] cArr) {
        return (cArr[0] << 24) | ((cArr[1] & 255) << 16) | ((cArr[2] & 255) << 8) | (cArr[3] & 255);
    }

    private static SecureStoreKey readKeyFile(String str) throws SQLException {
        File file = new File(str);
        byte[] bArr = new byte[(int) file.length()];
        readFile(file, bArr);
        char[] cArr = new char[24];
        try {
            String str2 = new String(bArr, 0, 11, UTF8_CHARSET);
            byte b = bArr[11];
            if (!_checkKeyFile(str2, b)) {
                ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_INVALID_FILE);
            }
            String trim = new String(bArr, 20, 24, UTF8_CHARSET).trim();
            String trim2 = new String(bArr, 44, 24, UTF8_CHARSET).trim();
            byte[] bArr2 = new byte[20];
            System.arraycopy(bArr, 106, bArr2, 0, 20);
            if (!checkHMACKey(bArr2, bArr)) {
                ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_INVALID_FILE);
            }
            byte[] bArr3 = new byte[4];
            System.arraycopy(bArr, 126, bArr3, 0, 4);
            if (!verifyCRC32(bArr, bArr3)) {
                ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_INVALID_FILE);
            }
            char[] cArr2 = new char[57];
            char[] charArray = new String(bArr, 130, 57, "ISO-8859-1").toCharArray();
            DES.RSecPDecrypt(FALLBACK_KEK, charArray, charArray.length);
            System.arraycopy(charArray, 33, cArr, 0, 24);
            return new SecureStoreKey(str2, trim, trim2, b, cArr);
        } catch (UnsupportedEncodingException e) {
            return new SecureStoreKey(JsonProperty.USE_DEFAULT_NAME, JsonProperty.USE_DEFAULT_NAME, JsonProperty.USE_DEFAULT_NAME, 1, DEFAULT_KEY);
        }
    }

    private static boolean checkHMACKey(byte[] bArr, byte[] bArr2) throws SQLException {
        char[] cArr = {159, '`', 166, 221, '~', 21, '}', 7, '\f', 195, 'W', 144, 154, 162, 144, 233, '6', 14, 238, 'G', '/', 218, 'G', 'r'};
        byte[] bArr3 = new byte[cArr.length];
        byte[] bArr4 = new byte[163];
        System.arraycopy(bArr2, 0, bArr4, 0, 106);
        System.arraycopy(bArr2, 130, bArr4, 106, 57);
        for (int i = 0; i < cArr.length; i++) {
            bArr3[i] = (byte) cArr[i];
        }
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr3, "HmacSHA1");
        Mac mac = null;
        try {
            mac = Mac.getInstance("HmacSHA1");
            mac.init(secretKeySpec);
        } catch (InvalidKeyException e) {
            ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_GENERIC);
        } catch (NoSuchAlgorithmException e2) {
            ErrorMessage.raiseError(ErrorMessage.ERR_SECSTORE_GENERIC);
        }
        byte[] doFinal = mac.doFinal(bArr4);
        for (int i2 = 0; i2 < doFinal.length; i2++) {
            if (doFinal[i2] != bArr[i2]) {
                return false;
            }
        }
        return true;
    }

    private static boolean verifyCRC32(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[183];
        System.arraycopy(bArr, 0, bArr3, 0, 126);
        System.arraycopy(bArr, 130, bArr3, 126, 57);
        CRC32 crc32 = new CRC32();
        crc32.update(bArr3);
        return crc32.getValue() == (((long) ByteBuffer.wrap(bArr2).order(ByteOrder.BIG_ENDIAN).getInt()) & ParamFormat2Token.MAX_PARAMFMT2_LENGTH);
    }

    private static boolean _checkKeyFile(String str, int i) {
        return str.equals("RSecSSFsKey") && i == 2;
    }
}
