package com.dbeaver.db.snowflake.model.auth;

import java.io.StringReader;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.security.PrivateKey;
import java.security.Security;
import java.util.Base64;
import java.util.Properties;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
import org.jkiss.code.NotNull;
import org.jkiss.dbeaver.DBException;
import org.jkiss.dbeaver.Log;
import org.jkiss.dbeaver.ext.snowflake.model.auth.SnowflakeAuthModelSnowflake;
import org.jkiss.dbeaver.model.DBPDataSource;
import org.jkiss.dbeaver.model.DBPDataSourceContainer;
import org.jkiss.dbeaver.model.connection.DBPConnectionConfiguration;
import org.jkiss.dbeaver.model.impl.auth.AuthModelDatabaseNativeCredentials;
import org.jkiss.dbeaver.model.runtime.DBRProgressMonitor;
import org.jkiss.dbeaver.runtime.DBWorkbench;
import org.jkiss.utils.CommonUtils;

/* loaded from: input_file:com/dbeaver/db/snowflake/model/auth/SnowflakeAuthModelPrivateKey.class */
public class SnowflakeAuthModelPrivateKey extends SnowflakeAuthModelSnowflake<SnowflakeAuthModelPrivateKeyCredentials> {
    private static final Log log = Log.getLog(SnowflakeAuthModelPrivateKey.class);
    public static final String PROP_AUTH_PRIVATE_KEY = "private-key";
    public static final String PROP_AUTH_PRIVATE_KEY_PASSWORD = "private-ley-password";

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/dbeaver/db/snowflake/model/auth/SnowflakeAuthModelPrivateKey$PrivateKeyReader.class */
    public static class PrivateKeyReader {
        PrivateKeyReader() {
        }

        static PrivateKey get(@NotNull String str, @NotNull String str2) throws Exception {
            PrivateKeyInfo privateKeyInfo;
            Security.addProvider(new BouncyCastleProvider());
            PEMParser pEMParser = new PEMParser(new StringReader(str));
            Object readObject = pEMParser.readObject();
            if (readObject instanceof PKCS8EncryptedPrivateKeyInfo) {
                privateKeyInfo = ((PKCS8EncryptedPrivateKeyInfo) readObject).decryptPrivateKeyInfo(new JceOpenSSLPKCS8DecryptorProviderBuilder().build(str2.toCharArray()));
            } else if (readObject instanceof PEMKeyPair) {
                privateKeyInfo = ((PEMKeyPair) readObject).getPrivateKeyInfo();
            } else {
                if (!(readObject instanceof PrivateKeyInfo)) {
                    throw new DBException("No private key pair found.\nFound: " + String.valueOf(readObject));
                }
                privateKeyInfo = (PrivateKeyInfo) readObject;
            }
            pEMParser.close();
            return new JcaPEMKeyConverter().setProvider("BC").getPrivateKey(privateKeyInfo);
        }
    }

    @NotNull
    /* renamed from: createCredentials, reason: merged with bridge method [inline-methods] */
    public SnowflakeAuthModelPrivateKeyCredentials m11createCredentials() {
        return new SnowflakeAuthModelPrivateKeyCredentials();
    }

    public Object initAuthentication(@NotNull DBRProgressMonitor dBRProgressMonitor, @NotNull DBPDataSource dBPDataSource, @NotNull SnowflakeAuthModelPrivateKeyCredentials snowflakeAuthModelPrivateKeyCredentials, @NotNull DBPConnectionConfiguration dBPConnectionConfiguration, @NotNull Properties properties) throws DBException {
        String decodePrivateKey = (DBWorkbench.isDistributed() || DBWorkbench.getPlatform().getApplication().isMultiuser()) ? decodePrivateKey(snowflakeAuthModelPrivateKeyCredentials.getEncodedPrivateKey()) : getPrivateKeyFromPath(snowflakeAuthModelPrivateKeyCredentials.getEncodedPrivateKey());
        if (CommonUtils.isEmpty(decodePrivateKey)) {
            throw new DBException("Private key is missing");
        }
        try {
            properties.put("privateKey", PrivateKeyReader.get(decodePrivateKey, CommonUtils.notEmpty(snowflakeAuthModelPrivateKeyCredentials.getPassphrase())));
            return super.initAuthentication(dBRProgressMonitor, dBPDataSource, snowflakeAuthModelPrivateKeyCredentials, dBPConnectionConfiguration, properties);
        } catch (Exception e) {
            throw new DBException("Error reading private key from credentials", e);
        }
    }

    @NotNull
    /* renamed from: loadCredentials, reason: merged with bridge method [inline-methods] */
    public SnowflakeAuthModelPrivateKeyCredentials m12loadCredentials(@NotNull DBPDataSourceContainer dBPDataSourceContainer, @NotNull DBPConnectionConfiguration dBPConnectionConfiguration) {
        SnowflakeAuthModelPrivateKeyCredentials snowflakeAuthModelPrivateKeyCredentials = (SnowflakeAuthModelPrivateKeyCredentials) super.loadCredentials(dBPDataSourceContainer, dBPConnectionConfiguration);
        snowflakeAuthModelPrivateKeyCredentials.setEncodedPrivateKey(CommonUtils.notEmpty(dBPConnectionConfiguration.getAuthProperty(PROP_AUTH_PRIVATE_KEY)));
        snowflakeAuthModelPrivateKeyCredentials.setPassphrase(CommonUtils.notEmpty(dBPConnectionConfiguration.getAuthProperty(PROP_AUTH_PRIVATE_KEY_PASSWORD)));
        return snowflakeAuthModelPrivateKeyCredentials;
    }

    public void saveCredentials(@NotNull DBPDataSourceContainer dBPDataSourceContainer, @NotNull DBPConnectionConfiguration dBPConnectionConfiguration, @NotNull SnowflakeAuthModelPrivateKeyCredentials snowflakeAuthModelPrivateKeyCredentials) {
        dBPConnectionConfiguration.setAuthProperty(PROP_AUTH_PRIVATE_KEY, snowflakeAuthModelPrivateKeyCredentials.getEncodedPrivateKey());
        dBPConnectionConfiguration.setAuthProperty(PROP_AUTH_PRIVATE_KEY_PASSWORD, snowflakeAuthModelPrivateKeyCredentials.getPassphrase());
        super.saveCredentials(dBPDataSourceContainer, dBPConnectionConfiguration, snowflakeAuthModelPrivateKeyCredentials);
    }

    public void endAuthentication(@NotNull DBPDataSourceContainer dBPDataSourceContainer, @NotNull DBPConnectionConfiguration dBPConnectionConfiguration, @NotNull Properties properties) {
        super.endAuthentication(dBPDataSourceContainer, dBPConnectionConfiguration, properties);
    }

    protected String getAuthenticator(DBPDataSource dBPDataSource, AuthModelDatabaseNativeCredentials authModelDatabaseNativeCredentials, DBPConnectionConfiguration dBPConnectionConfiguration) {
        return null;
    }

    @NotNull
    private String getPrivateKeyFromPath(String str) throws DBException {
        try {
            return Files.readString(Path.of(str, new String[0]));
        } catch (Exception e) {
            throw new DBException("Error reading private key from '" + str + "'", e);
        }
    }

    @NotNull
    private String decodePrivateKey(@NotNull String str) {
        return new String(Base64.getDecoder().decode(str), StandardCharsets.UTF_8);
    }
}
