package com.microsoft.sqlserver.jdbc;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;

/* loaded from: input_file:drivers/mssql/new/mssql-jdbc-8.2.0.jre8.jar:com/microsoft/sqlserver/jdbc/ISQLServerEnclaveProvider.class */
public interface ISQLServerEnclaveProvider {
    public static final String SDPE1 = "EXEC sp_describe_parameter_encryption ?,?";
    public static final String SDPE2 = "EXEC sp_describe_parameter_encryption ?,?,?";

    default byte[] getEnclavePackage(String str, ArrayList<byte[]> arrayList) throws SQLServerException {
        EnclaveSession enclaveSession = getEnclaveSession();
        if (null == enclaveSession) {
            return null;
        }
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byteArrayOutputStream.write(enclaveSession.getSessionID());
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            byte[] bArr = new byte[16];
            SecureRandom.getInstanceStrong().nextBytes(bArr);
            byteArrayOutputStream2.write(bArr);
            byteArrayOutputStream2.write(ByteBuffer.allocate(8).order(ByteOrder.LITTLE_ENDIAN).putLong(enclaveSession.getCounter()).array());
            byteArrayOutputStream2.write(MessageDigest.getInstance("SHA-256").digest(str.getBytes(StandardCharsets.UTF_16LE)));
            Iterator<byte[]> it = arrayList.iterator();
            while (it.hasNext()) {
                byteArrayOutputStream2.write(it.next());
            }
            arrayList.clear();
            byteArrayOutputStream.write(new SQLServerAeadAes256CbcHmac256Algorithm(new SQLServerAeadAes256CbcHmac256EncryptionKey(enclaveSession.getSessionSecret(), "AEAD_AES_256_CBC_HMAC_SHA256"), SQLServerEncryptionType.Randomized, (byte) 1).encryptData(byteArrayOutputStream2.toByteArray()));
            return byteArrayOutputStream.toByteArray();
        } catch (SQLServerException | IOException | GeneralSecurityException e) {
            SQLServerException.makeFromDriverError(null, this, e.getLocalizedMessage(), "0", false);
            return null;
        }
    }

    default ResultSet executeSDPEv2(PreparedStatement preparedStatement, String str, String str2, BaseAttestationRequest baseAttestationRequest) throws SQLException, IOException {
        ((SQLServerPreparedStatement) preparedStatement).isInternalEncryptionQuery = true;
        preparedStatement.setNString(1, str);
        if (str2 == null || str2.length() == 0) {
            preparedStatement.setNString(2, StringUtils.EMPTY);
        } else {
            preparedStatement.setNString(2, str2);
        }
        preparedStatement.setBytes(3, baseAttestationRequest.getBytes());
        return ((SQLServerPreparedStatement) preparedStatement).executeQueryInternal();
    }

    default ResultSet executeSDPEv1(PreparedStatement preparedStatement, String str, String str2) throws SQLException {
        ((SQLServerPreparedStatement) preparedStatement).isInternalEncryptionQuery = true;
        preparedStatement.setNString(1, str);
        if (str2 == null || str2.length() == 0) {
            preparedStatement.setNString(2, StringUtils.EMPTY);
        } else {
            preparedStatement.setNString(2, str2);
        }
        return ((SQLServerPreparedStatement) preparedStatement).executeQueryInternal();
    }

    default void processSDPEv1(String str, String str2, Parameter[] parameterArr, ArrayList<String> arrayList, SQLServerConnection sQLServerConnection, PreparedStatement preparedStatement, ResultSet resultSet, ArrayList<byte[]> arrayList2) throws SQLException {
        CekTableEntry cekTableEntry;
        HashMap hashMap = new HashMap();
        boolean z = false;
        while (resultSet.next()) {
            int i = resultSet.getInt(DescribeParameterEncryptionResultSet1.KeyOrdinal.value());
            if (hashMap.containsKey(Integer.valueOf(i))) {
                cekTableEntry = (CekTableEntry) hashMap.get(Integer.valueOf(i));
            } else {
                cekTableEntry = new CekTableEntry(i);
                hashMap.put(Integer.valueOf(cekTableEntry.ordinal), cekTableEntry);
            }
            String string = resultSet.getString(DescribeParameterEncryptionResultSet1.ProviderName.value());
            String string2 = resultSet.getString(DescribeParameterEncryptionResultSet1.KeyEncryptionAlgorithm.value());
            String string3 = resultSet.getString(DescribeParameterEncryptionResultSet1.KeyPath.value());
            int i2 = resultSet.getInt(DescribeParameterEncryptionResultSet1.DbId.value());
            byte[] bytes = resultSet.getBytes(DescribeParameterEncryptionResultSet1.KeyMdVersion.value());
            int i3 = resultSet.getInt(DescribeParameterEncryptionResultSet1.KeyId.value());
            byte[] bytes2 = resultSet.getBytes(DescribeParameterEncryptionResultSet1.EncryptedKey.value());
            cekTableEntry.add(bytes2, i2, i3, resultSet.getInt(DescribeParameterEncryptionResultSet1.KeyVersion.value()), bytes, string3, string, string2);
            if (ColumnEncryptionVersion.AE_v2.value() <= sQLServerConnection.getServerColumnEncryptionVersion().value()) {
                z = resultSet.getBoolean(DescribeParameterEncryptionResultSet1.IsRequestedByEnclave.value());
            }
            if (z) {
                SQLServerSecurityUtility.verifyColumnMasterKeyMetadata(sQLServerConnection, string, string3, sQLServerConnection.getTrustedServerNameAE(), z, resultSet.getBytes(DescribeParameterEncryptionResultSet1.EnclaveCMKSignature.value()));
                ByteBuffer allocate = ByteBuffer.allocate(46);
                allocate.order(ByteOrder.LITTLE_ENDIAN).putInt(i2);
                allocate.put(bytes);
                allocate.putShort((short) i3);
                allocate.put(sQLServerConnection.getColumnEncryptionKeyStoreProvider(string).decryptColumnEncryptionKey(string3, string2, bytes2));
                arrayList2.add(allocate.array());
            }
        }
        if (!preparedStatement.getMoreResults()) {
            throw new SQLServerException((Object) null, SQLServerException.getErrString("R_UnexpectedDescribeParamFormat"), (String) null, 0, false);
        }
        SQLServerResultSet sQLServerResultSet = (SQLServerResultSet) preparedStatement.getResultSet();
        while (sQLServerResultSet.next() && null != parameterArr) {
            int indexOf = arrayList.indexOf(sQLServerResultSet.getString(DescribeParameterEncryptionResultSet2.ParameterName.value()));
            int i4 = sQLServerResultSet.getInt(DescribeParameterEncryptionResultSet2.ColumnEncryptionKeyOrdinal.value());
            CekTableEntry cekTableEntry2 = (CekTableEntry) hashMap.get(Integer.valueOf(i4));
            if (null != cekTableEntry2 && hashMap.size() < i4) {
                throw new SQLServerException((Object) null, new MessageFormat(SQLServerException.getErrString("R_InvalidEncryptionKeyOrdinal")).format(new Object[]{Integer.valueOf(i4), Integer.valueOf(cekTableEntry2.getSize())}), (String) null, 0, false);
            }
            SQLServerEncryptionType of = SQLServerEncryptionType.of((byte) sQLServerResultSet.getInt(DescribeParameterEncryptionResultSet2.ColumnEncrytionType.value()));
            if (SQLServerEncryptionType.PlainText != of) {
                parameterArr[indexOf].cryptoMeta = new CryptoMetadata(cekTableEntry2, (short) i4, (byte) sQLServerResultSet.getInt(DescribeParameterEncryptionResultSet2.ColumnEncryptionAlgorithm.value()), null, of.value, (byte) sQLServerResultSet.getInt(DescribeParameterEncryptionResultSet2.NormalizationRuleVersion.value()));
                SQLServerSecurityUtility.decryptSymmetricKey(parameterArr[indexOf].cryptoMeta, sQLServerConnection);
            } else if (parameterArr[indexOf].getForceEncryption()) {
                SQLServerException.makeFromDriverError(null, sQLServerConnection, new MessageFormat(SQLServerException.getErrString("R_ForceEncryptionTrue_HonorAETrue_UnencryptedColumn")).format(new Object[]{str, Integer.valueOf(indexOf + 1)}), "0", true);
            }
        }
    }

    void getAttestationParameters(String str) throws SQLServerException;

    ArrayList<byte[]> createEnclaveSession(SQLServerConnection sQLServerConnection, String str, String str2, Parameter[] parameterArr, ArrayList<String> arrayList) throws SQLServerException;

    void invalidateEnclaveSession();

    EnclaveSession getEnclaveSession();
}
