package com.intellij.database.remote.util;

import com.intellij.database.remote.jdba.jdbc.dialects.MysqlConsts;
import com.intellij.database.remote.jdbc.helpers.JdbcNativeUtil;
import com.intellij.execution.rmi.ssl.SslEntityReader;
import com.intellij.util.ArrayUtilRt;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PushbackInputStream;
import java.nio.charset.StandardCharsets;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.x509.Certificate;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMDecryptorProvider;
import org.bouncycastle.openssl.PEMEncryptedKeyPair;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.X509TrustedCertificateBlock;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
import org.bouncycastle.operator.InputDecryptorProvider;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
import org.bouncycastle.pkcs.PKCSException;
import org.jetbrains.annotations.NotNull;

/* loaded from: input_file:com/intellij/database/remote/util/BCSslEntityReader.class */
public class BCSslEntityReader extends SslEntityReader {
    private static final BouncyCastleProvider provider = new BouncyCastleProvider();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/intellij/database/remote/util/BCSslEntityReader$BCCertificateEntry.class */
    public static class BCCertificateEntry implements SslEntityReader.CertificateEntity {
        private final X509CertificateHolder myCertificate;

        private BCCertificateEntry(@NotNull X509CertificateHolder x509CertificateHolder) {
            if (x509CertificateHolder == null) {
                $$$reportNull$$$0(0);
            }
            this.myCertificate = x509CertificateHolder;
        }

        public X509Certificate get() throws IOException {
            try {
                return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(this.myCertificate.getEncoded()));
            } catch (CertificateException e) {
                throw new IOException("Failed to read certificate", e);
            }
        }

        private static /* synthetic */ void $$$reportNull$$$0(int i) {
            throw new IllegalArgumentException(String.format("Argument for @NotNull parameter '%s' of %s.%s must not be null", "certificate", "com/intellij/database/remote/util/BCSslEntityReader$BCCertificateEntry", "<init>"));
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/intellij/database/remote/util/BCSslEntityReader$BCEncryptedPairPrivateKeyEntity.class */
    public static class BCEncryptedPairPrivateKeyEntity implements SslEntityReader.EncryptedPrivateKeyEntity {
        private final PEMEncryptedKeyPair myPair;

        private BCEncryptedPairPrivateKeyEntity(PEMEncryptedKeyPair pEMEncryptedKeyPair) {
            this.myPair = pEMEncryptedKeyPair;
        }

        public PrivateKey get(char[] cArr) throws IOException {
            return BCUnencryptedPrivateKeyEntity.convert(this.myPair.decryptKeyPair(getDecryptProvider(cArr == null ? ArrayUtilRt.EMPTY_CHAR_ARRAY : cArr)).getPrivateKeyInfo());
        }

        private static PEMDecryptorProvider getDecryptProvider(char[] cArr) {
            return new JcePEMDecryptorProviderBuilder().setProvider(BCSslEntityReader.provider).build(cArr);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/intellij/database/remote/util/BCSslEntityReader$BCEncryptedPrivateKeyEntity.class */
    public static class BCEncryptedPrivateKeyEntity implements SslEntityReader.EncryptedPrivateKeyEntity {
        private final PKCS8EncryptedPrivateKeyInfo myPrivateKey;

        private BCEncryptedPrivateKeyEntity(@NotNull PKCS8EncryptedPrivateKeyInfo pKCS8EncryptedPrivateKeyInfo) {
            if (pKCS8EncryptedPrivateKeyInfo == null) {
                $$$reportNull$$$0(0);
            }
            this.myPrivateKey = pKCS8EncryptedPrivateKeyInfo;
        }

        public PrivateKey get(char[] cArr) throws IOException {
            char[] cArr2;
            if (cArr == null) {
                try {
                    cArr2 = ArrayUtilRt.EMPTY_CHAR_ARRAY;
                } catch (PKCSException e) {
                    throw new IOException("Failed to decrypt private key", e);
                }
            } else {
                cArr2 = cArr;
            }
            return BCUnencryptedPrivateKeyEntity.convert(this.myPrivateKey.decryptPrivateKeyInfo(getDecryptProvider(cArr2)));
        }

        private static InputDecryptorProvider getDecryptProvider(char[] cArr) throws IOException {
            try {
                return new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider(BCSslEntityReader.provider).build(cArr);
            } catch (OperatorCreationException e) {
                throw new IOException("Failed to create decrypt provider", e);
            }
        }

        private static /* synthetic */ void $$$reportNull$$$0(int i) {
            throw new IllegalArgumentException(String.format("Argument for @NotNull parameter '%s' of %s.%s must not be null", "privateKey", "com/intellij/database/remote/util/BCSslEntityReader$BCEncryptedPrivateKeyEntity", "<init>"));
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/intellij/database/remote/util/BCSslEntityReader$BCUnencryptedPrivateKeyEntity.class */
    public static class BCUnencryptedPrivateKeyEntity implements SslEntityReader.UnencryptedPrivateKeyEntity {
        private final PrivateKeyInfo myPrivateKey;

        private BCUnencryptedPrivateKeyEntity(@NotNull PrivateKeyInfo privateKeyInfo) {
            if (privateKeyInfo == null) {
                $$$reportNull$$$0(0);
            }
            this.myPrivateKey = privateKeyInfo;
        }

        public PrivateKey get() throws IOException {
            return convert(this.myPrivateKey);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static PrivateKey convert(@NotNull PrivateKeyInfo privateKeyInfo) throws IOException {
            if (privateKeyInfo == null) {
                $$$reportNull$$$0(1);
            }
            return new JcaPEMKeyConverter().getPrivateKey(privateKeyInfo);
        }

        private static /* synthetic */ void $$$reportNull$$$0(int i) {
            Object[] objArr = new Object[3];
            switch (i) {
                case MysqlConsts.FETCH_STRATEGY_AUTO /* 0 */:
                default:
                    objArr[0] = "privateKey";
                    break;
                case MysqlConsts.FETCH_STRATEGY_ROW /* 1 */:
                    objArr[0] = "key";
                    break;
            }
            objArr[1] = "com/intellij/database/remote/util/BCSslEntityReader$BCUnencryptedPrivateKeyEntity";
            switch (i) {
                case MysqlConsts.FETCH_STRATEGY_AUTO /* 0 */:
                default:
                    objArr[2] = "<init>";
                    break;
                case MysqlConsts.FETCH_STRATEGY_ROW /* 1 */:
                    objArr[2] = "convert";
                    break;
            }
            throw new IllegalArgumentException(String.format("Argument for @NotNull parameter '%s' of %s.%s must not be null", objArr));
        }
    }

    @NotNull
    public List<? extends SslEntityReader.Entity> read(@NotNull InputStream inputStream) throws IOException {
        if (inputStream == null) {
            $$$reportNull$$$0(0);
        }
        PushbackInputStream pushbackInputStream = new PushbackInputStream(inputStream);
        try {
            int read = pushbackInputStream.read();
            pushbackInputStream.unread(read);
            if (read == 48) {
                List<? extends SslEntityReader.Entity> readDer = readDer(pushbackInputStream);
                pushbackInputStream.close();
                if (readDer == null) {
                    $$$reportNull$$$0(1);
                }
                return readDer;
            }
            List<? extends SslEntityReader.Entity> readPem = readPem(pushbackInputStream);
            pushbackInputStream.close();
            if (readPem == null) {
                $$$reportNull$$$0(2);
            }
            return readPem;
        } catch (Throwable th) {
            try {
                pushbackInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @NotNull
    private static List<? extends SslEntityReader.Entity> readPem(@NotNull InputStream inputStream) throws IOException {
        if (inputStream == null) {
            $$$reportNull$$$0(3);
        }
        PEMParser pEMParser = new PEMParser(new InputStreamReader(inputStream, StandardCharsets.UTF_8));
        try {
            ArrayList arrayList = new ArrayList();
            while (true) {
                Object readObject = pEMParser.readObject();
                if (readObject == null) {
                    break;
                }
                if (readObject instanceof X509CertificateHolder) {
                    arrayList.add(new BCCertificateEntry((X509CertificateHolder) readObject));
                } else if (readObject instanceof X509TrustedCertificateBlock) {
                    arrayList.add(new BCCertificateEntry(((X509TrustedCertificateBlock) readObject).getCertificateHolder()));
                } else if (readObject instanceof PrivateKeyInfo) {
                    arrayList.add(new BCUnencryptedPrivateKeyEntity((PrivateKeyInfo) readObject));
                } else if (readObject instanceof PEMKeyPair) {
                    arrayList.add(new BCUnencryptedPrivateKeyEntity(((PEMKeyPair) readObject).getPrivateKeyInfo()));
                } else if (readObject instanceof PKCS8EncryptedPrivateKeyInfo) {
                    arrayList.add(new BCEncryptedPrivateKeyEntity((PKCS8EncryptedPrivateKeyInfo) readObject));
                } else if (readObject instanceof PEMEncryptedKeyPair) {
                    arrayList.add(new BCEncryptedPairPrivateKeyEntity((PEMEncryptedKeyPair) readObject));
                } else {
                    JdbcNativeUtil.logWarn("Unknown entity: " + readObject, null);
                }
            }
            pEMParser.close();
            if (arrayList == null) {
                $$$reportNull$$$0(4);
            }
            return arrayList;
        } catch (Throwable th) {
            try {
                pEMParser.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @NotNull
    private static List<? extends SslEntityReader.Entity> readDer(@NotNull InputStream inputStream) throws IOException {
        if (inputStream == null) {
            $$$reportNull$$$0(5);
        }
        ASN1InputStream aSN1InputStream = new ASN1InputStream(inputStream);
        try {
            ASN1Primitive readObject = aSN1InputStream.readObject();
            SslEntityReader.Entity parseDerEntity = readObject == null ? null : parseDerEntity(readObject);
            if (parseDerEntity != null) {
                List<? extends SslEntityReader.Entity> singletonList = Collections.singletonList(parseDerEntity);
                aSN1InputStream.close();
                if (singletonList == null) {
                    $$$reportNull$$$0(6);
                }
                return singletonList;
            }
            aSN1InputStream.close();
            List<? extends SslEntityReader.Entity> emptyList = Collections.emptyList();
            if (emptyList == null) {
                $$$reportNull$$$0(7);
            }
            return emptyList;
        } catch (Throwable th) {
            try {
                aSN1InputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private static SslEntityReader.Entity parseDerEntity(ASN1Primitive aSN1Primitive) {
        try {
            BCCertificateEntry bCCertificateEntry = new BCCertificateEntry(new X509CertificateHolder(Certificate.getInstance(aSN1Primitive)));
            bCCertificateEntry.get();
            return bCCertificateEntry;
        } catch (Throwable th) {
            try {
                BCUnencryptedPrivateKeyEntity bCUnencryptedPrivateKeyEntity = new BCUnencryptedPrivateKeyEntity(PrivateKeyInfo.getInstance(aSN1Primitive));
                bCUnencryptedPrivateKeyEntity.get();
                return bCUnencryptedPrivateKeyEntity;
            } catch (Throwable th2) {
                try {
                    return new BCEncryptedPrivateKeyEntity(new PKCS8EncryptedPrivateKeyInfo(EncryptedPrivateKeyInfo.getInstance(aSN1Primitive)));
                } catch (Throwable th3) {
                    return null;
                }
            }
        }
    }

    private static /* synthetic */ void $$$reportNull$$$0(int i) {
        String str;
        int i2;
        switch (i) {
            case MysqlConsts.FETCH_STRATEGY_AUTO /* 0 */:
            case 3:
            case 5:
            default:
                str = "Argument for @NotNull parameter '%s' of %s.%s must not be null";
                break;
            case MysqlConsts.FETCH_STRATEGY_ROW /* 1 */:
            case MysqlConsts.FETCH_STRATEGY_WHOLE /* 2 */:
            case 4:
            case 6:
            case 7:
                str = "@NotNull method %s.%s must not return null";
                break;
        }
        switch (i) {
            case MysqlConsts.FETCH_STRATEGY_AUTO /* 0 */:
            case 3:
            case 5:
            default:
                i2 = 3;
                break;
            case MysqlConsts.FETCH_STRATEGY_ROW /* 1 */:
            case MysqlConsts.FETCH_STRATEGY_WHOLE /* 2 */:
            case 4:
            case 6:
            case 7:
                i2 = 2;
                break;
        }
        Object[] objArr = new Object[i2];
        switch (i) {
            case MysqlConsts.FETCH_STRATEGY_AUTO /* 0 */:
            case 3:
            case 5:
            default:
                objArr[0] = "stream";
                break;
            case MysqlConsts.FETCH_STRATEGY_ROW /* 1 */:
            case MysqlConsts.FETCH_STRATEGY_WHOLE /* 2 */:
            case 4:
            case 6:
            case 7:
                objArr[0] = "com/intellij/database/remote/util/BCSslEntityReader";
                break;
        }
        switch (i) {
            case MysqlConsts.FETCH_STRATEGY_AUTO /* 0 */:
            case 3:
            case 5:
            default:
                objArr[1] = "com/intellij/database/remote/util/BCSslEntityReader";
                break;
            case MysqlConsts.FETCH_STRATEGY_ROW /* 1 */:
            case MysqlConsts.FETCH_STRATEGY_WHOLE /* 2 */:
                objArr[1] = "read";
                break;
            case 4:
                objArr[1] = "readPem";
                break;
            case 6:
            case 7:
                objArr[1] = "readDer";
                break;
        }
        switch (i) {
            case MysqlConsts.FETCH_STRATEGY_AUTO /* 0 */:
            default:
                objArr[2] = "read";
                break;
            case MysqlConsts.FETCH_STRATEGY_ROW /* 1 */:
            case MysqlConsts.FETCH_STRATEGY_WHOLE /* 2 */:
            case 4:
            case 6:
            case 7:
                break;
            case 3:
                objArr[2] = "readPem";
                break;
            case 5:
                objArr[2] = "readDer";
                break;
        }
        String format = String.format(str, objArr);
        switch (i) {
            case MysqlConsts.FETCH_STRATEGY_AUTO /* 0 */:
            case 3:
            case 5:
            default:
                throw new IllegalArgumentException(format);
            case MysqlConsts.FETCH_STRATEGY_ROW /* 1 */:
            case MysqlConsts.FETCH_STRATEGY_WHOLE /* 2 */:
            case 4:
            case 6:
            case 7:
                throw new IllegalStateException(format);
        }
    }
}
