package com.dbeaver.net.auth.iam;

import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.time.Instant;
import java.time.ZoneId;
import java.time.format.DateTimeFormatter;
import java.util.Arrays;
import java.util.List;
import java.util.TreeMap;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.jkiss.dbeaver.model.exec.DBCException;
import software.amazon.awssdk.auth.signer.internal.SigningAlgorithm;
import software.amazon.awssdk.utils.BinaryUtils;

/* loaded from: input_file:com/dbeaver/net/auth/iam/IAMUtils.class */
public class IAMUtils {
    private static String algorithm = "AWS4-HMAC-SHA256";
    private static String serviceName = "rds-db";
    private static DateTimeFormatter sdf0 = DateTimeFormatter.ofPattern("yyyyMMdd").withZone(ZoneId.of("UTC"));
    private static DateTimeFormatter sdf = DateTimeFormatter.ofPattern("yyyyMMdd'T'HHmmss").withZone(ZoneId.of("UTC"));
    private static String expiryMinutes = "899";

    public static String generateIamPassword(String str, String str2, int i, String str3, String str4, String str5) throws DBCException {
        Instant now = Instant.now();
        String format = sdf.format(now);
        String format2 = sdf0.format(now);
        List<String> prepareStrings = prepareStrings(str3, str4, format2, format, str, expiryMinutes, str2, Integer.toString(i));
        return appendSignature(prepareStrings.get(0), BinaryUtils.toHex(calculateSignature(createStringToSign(format, prepareStrings.get(1), str4, format2, str), newSigningKey(str5, format2, str, serviceName))));
    }

    private static List<String> prepareStrings(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) throws DBCException {
        TreeMap treeMap = new TreeMap();
        treeMap.put("Action", "connect");
        treeMap.put("DBUser", str);
        treeMap.put("X-Amz-Algorithm", "AWS4-HMAC-SHA256");
        treeMap.put("X-Amz-Credential", String.valueOf(str2) + "%2F" + str3 + "%2F" + str5 + "%2Frds-db%2Faws4_request");
        treeMap.put("X-Amz-Date", str4);
        treeMap.put("X-Amz-Expires", str6);
        treeMap.put("X-Amz-SignedHeaders", "host");
        String str9 = "";
        while (!treeMap.isEmpty()) {
            String str10 = (String) treeMap.firstKey();
            str9 = String.valueOf(str9) + str10 + "=" + ((String) treeMap.remove(str10));
            if (!str10.equals("X-Amz-SignedHeaders")) {
                str9 = String.valueOf(str9) + "&";
            }
        }
        return Arrays.asList(String.valueOf(str7) + ":" + str8 + "/?" + str9, "GET\n/\n" + str9 + '\n' + ("host:" + str7 + ":" + str8 + '\n') + "\nhost\n" + BinaryUtils.toHex(hash("")));
    }

    private static byte[] hash(String str) throws DBCException {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(str.getBytes("UTF8"));
            return messageDigest.digest();
        } catch (Exception e) {
            throw new DBCException("Unable to compute hash while signing request: " + e.getMessage(), e);
        }
    }

    private static String createStringToSign(String str, String str2, String str3, String str4, String str5) throws DBCException {
        return String.valueOf(algorithm) + '\n' + str + '\n' + (String.valueOf(str4) + "/" + str5 + "/" + serviceName + "/aws4_request") + '\n' + BinaryUtils.toHex(hash(str2));
    }

    private static byte[] calculateSignature(String str, byte[] bArr) throws DBCException {
        return sign(str.getBytes(Charset.forName("UTF-8")), bArr, SigningAlgorithm.HmacSHA256);
    }

    private static byte[] sign(byte[] bArr, byte[] bArr2, SigningAlgorithm signingAlgorithm) throws DBCException {
        try {
            Mac mac = signingAlgorithm.getMac();
            mac.init(new SecretKeySpec(bArr2, signingAlgorithm.toString()));
            return mac.doFinal(bArr);
        } catch (Exception e) {
            throw new DBCException("Unable to calculate a request signature: " + e.getMessage(), e);
        }
    }

    private static byte[] sign(String str, byte[] bArr, SigningAlgorithm signingAlgorithm) throws DBCException {
        try {
            return sign(str.getBytes(StandardCharsets.UTF_8), bArr, signingAlgorithm);
        } catch (Exception e) {
            throw new DBCException("Unable to calculate a request signature: " + e.getMessage(), e);
        }
    }

    private static byte[] newSigningKey(String str, String str2, String str3, String str4) throws DBCException {
        return sign("aws4_request", sign(str4, sign(str3, sign(str2, ("AWS4" + str).getBytes(Charset.forName("UTF-8")), SigningAlgorithm.HmacSHA256), SigningAlgorithm.HmacSHA256), SigningAlgorithm.HmacSHA256), SigningAlgorithm.HmacSHA256);
    }

    private static String appendSignature(String str, String str2) {
        return String.valueOf(str) + "&X-Amz-Signature=" + str2;
    }
}
