package com.mysql.cj.protocol.a.authentication;

import com.mysql.cj.Messages;
import com.mysql.cj.callback.MysqlCallbackHandler;
import com.mysql.cj.callback.UsernameCallback;
import com.mysql.cj.conf.PropertyKey;
import com.mysql.cj.conf.PropertySet;
import com.mysql.cj.conf.RuntimeProperty;
import com.mysql.cj.exceptions.CJException;
import com.mysql.cj.exceptions.ExceptionFactory;
import com.mysql.cj.exceptions.ExceptionInterceptor;
import com.mysql.cj.exceptions.UnableToConnectException;
import com.mysql.cj.exceptions.WrongArgumentException;
import com.mysql.cj.protocol.AuthenticationPlugin;
import com.mysql.cj.protocol.ExportControlled;
import com.mysql.cj.protocol.Protocol;
import com.mysql.cj.protocol.Security;
import com.mysql.cj.protocol.a.NativeConstants;
import com.mysql.cj.protocol.a.NativePacketPayload;
import com.mysql.cj.util.StringUtils;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.util.List;
import org.apache.pdfbox.contentstream.operator.OperatorName;

/* loaded from: input_file:WEB-INF/lib/lucee.jar:extensions/7E673D15-D87C-41A6-8B5F1956528C605F-8.4.0.lex:jars/mysql-connector-j-8.4.0.jar:com/mysql/cj/protocol/a/authentication/Sha256PasswordPlugin.class */
public class Sha256PasswordPlugin implements AuthenticationPlugin<NativePacketPayload> {
    public static String PLUGIN_NAME = "sha256_password";
    protected Protocol<NativePacketPayload> protocol = null;
    protected MysqlCallbackHandler usernameCallbackHandler = null;
    protected String password = null;
    protected String seed = null;
    protected boolean publicKeyRequested = false;
    protected String publicKeyString = null;
    protected RuntimeProperty<String> serverRSAPublicKeyFile = null;

    @Override // com.mysql.cj.protocol.AuthenticationPlugin
    public void init(Protocol<NativePacketPayload> protocol, MysqlCallbackHandler mysqlCallbackHandler) {
        this.protocol = protocol;
        this.usernameCallbackHandler = mysqlCallbackHandler;
        this.serverRSAPublicKeyFile = this.protocol.getPropertySet().getStringProperty(PropertyKey.serverRSAPublicKeyFile);
        String value = this.serverRSAPublicKeyFile.getValue();
        if (value != null) {
            this.publicKeyString = readRSAKey(value, this.protocol.getPropertySet(), this.protocol.getExceptionInterceptor());
        }
    }

    @Override // com.mysql.cj.protocol.AuthenticationPlugin
    public void destroy() {
        reset();
        this.protocol = null;
        this.usernameCallbackHandler = null;
        this.password = null;
        this.seed = null;
        this.publicKeyRequested = false;
        this.publicKeyString = null;
        this.serverRSAPublicKeyFile = null;
    }

    @Override // com.mysql.cj.protocol.AuthenticationPlugin
    public String getProtocolPluginName() {
        return PLUGIN_NAME;
    }

    @Override // com.mysql.cj.protocol.AuthenticationPlugin
    public boolean requiresConfidentiality() {
        return false;
    }

    @Override // com.mysql.cj.protocol.AuthenticationPlugin
    public boolean isReusable() {
        return true;
    }

    @Override // com.mysql.cj.protocol.AuthenticationPlugin
    public void setAuthenticationParameters(String str, String str2) {
        this.password = str2;
        if (str != null || this.usernameCallbackHandler == null) {
            return;
        }
        this.usernameCallbackHandler.handle(new UsernameCallback(System.getProperty("user.name")));
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.mysql.cj.protocol.AuthenticationPlugin
    public boolean nextAuthenticationStep(NativePacketPayload nativePacketPayload, List<NativePacketPayload> list) {
        list.clear();
        if (this.password == null || this.password.length() == 0 || nativePacketPayload == null) {
            list.add(new NativePacketPayload(new byte[]{0}));
            return true;
        }
        try {
            if (this.protocol.getSocketConnection().isSSLEstablished()) {
                NativePacketPayload nativePacketPayload2 = new NativePacketPayload(StringUtils.getBytes(this.password, this.protocol.getServerSession().getCharsetSettings().getPasswordCharacterEncoding()));
                nativePacketPayload2.setPosition(nativePacketPayload2.getPayloadLength());
                nativePacketPayload2.writeInteger(NativeConstants.IntegerDataType.INT1, 0L);
                nativePacketPayload2.setPosition(0);
                list.add(nativePacketPayload2);
            } else if (this.serverRSAPublicKeyFile.getValue() != null) {
                this.seed = nativePacketPayload.readString(NativeConstants.StringSelfDataType.STRING_TERM, null);
                list.add(new NativePacketPayload(encryptPassword()));
            } else {
                if (!this.protocol.getPropertySet().getBooleanProperty(PropertyKey.allowPublicKeyRetrieval).getValue().booleanValue()) {
                    throw ((UnableToConnectException) ExceptionFactory.createException(UnableToConnectException.class, Messages.getString("Sha256PasswordPlugin.2"), this.protocol.getExceptionInterceptor()));
                }
                if (!this.publicKeyRequested || nativePacketPayload.getPayloadLength() <= 21) {
                    this.seed = nativePacketPayload.readString(NativeConstants.StringSelfDataType.STRING_TERM, null);
                    list.add(new NativePacketPayload(new byte[]{1}));
                    this.publicKeyRequested = true;
                } else {
                    this.publicKeyString = nativePacketPayload.readString(NativeConstants.StringSelfDataType.STRING_TERM, null);
                    list.add(new NativePacketPayload(encryptPassword()));
                    this.publicKeyRequested = false;
                }
            }
            return true;
        } catch (CJException e) {
            throw ExceptionFactory.createException(e.getMessage(), e, this.protocol.getExceptionInterceptor());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] encryptPassword() {
        return encryptPassword("RSA/ECB/OAEPWithSHA-1AndMGF1Padding");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] encryptPassword(String str) {
        byte[] bytesNullTerminated = this.password != null ? StringUtils.getBytesNullTerminated(this.password, this.protocol.getServerSession().getCharsetSettings().getPasswordCharacterEncoding()) : new byte[]{0};
        byte[] bArr = new byte[bytesNullTerminated.length];
        Security.xorString(bytesNullTerminated, bArr, this.seed.getBytes(), bytesNullTerminated.length);
        return ExportControlled.encryptWithRSAPublicKey(bArr, ExportControlled.decodeRSAPublicKey(this.publicKeyString), str);
    }

    protected static String readRSAKey(String str, PropertySet propertySet, ExceptionInterceptor exceptionInterceptor) {
        byte[] bArr = new byte[2048];
        BufferedInputStream bufferedInputStream = null;
        try {
            try {
                bufferedInputStream = new BufferedInputStream(new FileInputStream(new File(str).getCanonicalPath()));
                StringBuilder sb = new StringBuilder();
                while (true) {
                    int read = bufferedInputStream.read(bArr);
                    if (read == -1) {
                        break;
                    }
                    sb.append(StringUtils.toAsciiString(bArr, 0, read));
                }
                String sb2 = sb.toString();
                if (bufferedInputStream != null) {
                    try {
                        bufferedInputStream.close();
                    } catch (IOException e) {
                        throw ExceptionFactory.createException(Messages.getString("Sha256PasswordPlugin.1"), e, exceptionInterceptor);
                    }
                }
                return sb2;
            } catch (IOException e2) {
                throw ((WrongArgumentException) ExceptionFactory.createException(WrongArgumentException.class, Messages.getString("Sha256PasswordPlugin.0", propertySet.getBooleanProperty(PropertyKey.paranoid).getValue().booleanValue() ? new Object[]{""} : new Object[]{OperatorName.SHOW_TEXT_LINE + str + OperatorName.SHOW_TEXT_LINE}), exceptionInterceptor));
            }
        } catch (Throwable th) {
            if (bufferedInputStream != null) {
                try {
                    bufferedInputStream.close();
                } catch (IOException e3) {
                    throw ExceptionFactory.createException(Messages.getString("Sha256PasswordPlugin.1"), e3, exceptionInterceptor);
                }
            }
            throw th;
        }
    }
}
