package com.sap.db.jdbc;

import com.sap.db.annotations.Immutable;
import com.sap.db.jdbc.exceptions.SQLExceptionSapDB;
import com.sap.db.jdbc.trace.Tracer;
import com.sap.db.util.DES;
import com.sap.db.util.MessageKey;
import com.sap.db.util.PlatformUtils;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.io.RandomAccessFile;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.sql.SQLException;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

/* JADX INFO: Access modifiers changed from: package-private */
@Immutable
/* loaded from: input_file:WEB-INF/lib/ngdbc-2.15.12.jar:com/sap/db/jdbc/SecureStore.class */
public final class SecureStore {
    private static final char[] DEFAULT_KEY = new char[24];

    private SecureStore() {
        throw new AssertionError("Non-instantiable class");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getVirtualHostNameFromIniFile(String str) throws SQLException {
        return _getVirtualHostNameFromIniFile(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SecureStoreLoginInformation getLoginInformation(Tracer tracer, String str, String str2) throws SQLException {
        return _getLoginInformation(tracer, str, str2);
    }

    private static String _getVirtualHostNameFromIniFile(String str) throws SQLException {
        if (PlatformUtils.isWindows()) {
            return "";
        }
        String str2 = str + "install/installation.ini";
        String str3 = "";
        BufferedReader bufferedReader = null;
        try {
            bufferedReader = new BufferedReader(new FileReader(str2));
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                if (readLine.contains("Hostname=")) {
                    str3 = readLine;
                    break;
                }
            }
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (IOException e) {
                }
            }
            int indexOf = str3.indexOf("Hostname=");
            if (indexOf == -1) {
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTOREINVALIDINIFILE, str2);
            }
            return str3.substring(indexOf + 9).trim();
        } catch (IOException e2) {
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (IOException e3) {
                    return "";
                }
            }
            return "";
        } catch (Throwable th) {
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (IOException e4) {
                    throw th;
                }
            }
            throw th;
        }
    }

    private static SecureStoreLoginInformation _getLoginInformation(Tracer tracer, String str, String str2) throws SQLException {
        String _getPasswd;
        String str3;
        Map<String, SecureStoreRecord> map = null;
        if (str == null || str.trim().isEmpty()) {
            throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_INVALIDSECURESTOREKEY, str);
        }
        String str4 = "HDB/" + str.toUpperCase(Locale.ENGLISH) + "/";
        String str5 = str4 + "DB_USER";
        String str6 = str4 + "DB_PASSWORD";
        String str7 = str4 + "DB_CON_ENV";
        String str8 = str4 + "DB_DATABASE_NAME";
        String secureStoreUserProfilePath = PlatformUtils.getSecureStoreUserProfilePath(str2);
        if (tracer.on()) {
            tracer.printDebugMessage("The Profile Path is " + secureStoreUserProfilePath);
        }
        String _getKeyFilePath = _getKeyFilePath(secureStoreUserProfilePath);
        String _getDataFilePath = _getDataFilePath(secureStoreUserProfilePath);
        if (tracer.on()) {
            tracer.printDebugMessage("The key file is: " + _getKeyFilePath + "\nThe data file is: " + _getDataFilePath);
        }
        int i = 0;
        while (i < 5) {
            try {
                map = _readDataFile(_getDataFilePath);
                break;
            } catch (IOException e) {
                i++;
                if (i >= 5) {
                    throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_ERROROPENINGSECURESTOREDATAFILE, _getDataFilePath);
                }
                try {
                    Thread.sleep(6000L);
                } catch (InterruptedException e2) {
                    throw SQLExceptionSapDB.newInstance(e2, MessageKey.ERROR_CONNECTION_INTERRUPTEDOPENINGSECURESTOREDATAFILE, new String[0]);
                }
            }
        }
        SecureStoreKey _readKeyFile = _readKeyFile(tracer, _getKeyFilePath);
        SecureStoreRecord secureStoreRecord = map.get(str5);
        if (secureStoreRecord == null) {
            throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTOREUSERNAMENOTFOUND, _getDataFilePath);
        }
        SecureStoreRecord secureStoreRecord2 = map.get(str6);
        if (secureStoreRecord2 == null) {
            throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTOREPASSWDNOTFOUND, _getDataFilePath);
        }
        SecureStoreRecord secureStoreRecord3 = map.get(str7);
        if (secureStoreRecord3 == null) {
            throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTORELOCATIONNOTFOUND, _getDataFilePath);
        }
        SecureStoreRecord secureStoreRecord4 = map.get(str8);
        if (secureStoreRecord.isDeleted() == 1) {
            throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTOREDELETEDUSERNAME, _getDataFilePath);
        }
        String valueOf = String.valueOf(secureStoreRecord.getData());
        if (valueOf == null || valueOf.trim().isEmpty()) {
            throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTORENULLUSERNAME, _getDataFilePath);
        }
        if (secureStoreRecord2.isDeleted() == 1) {
            throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTOREDELETEDPASSWD, _getDataFilePath);
        }
        try {
            _getPasswd = _getPasswd(secureStoreRecord2, _readKeyFile);
        } catch (SQLException e3) {
            if (tracer.on()) {
                tracer.printDebugThrowable(e3, "Caught exception while getting password, trying default key");
            }
            try {
                _getPasswd = _getPasswd(secureStoreRecord2, new SecureStoreKey("", "", "", 1, DEFAULT_KEY));
            } catch (SQLException e4) {
                if (tracer.on()) {
                    tracer.printDebugThrowable(e4, "Could not get the password even with the default key");
                }
                throw SQLExceptionSapDB.newInstance(e4, MessageKey.ERROR_CONNECTION_SECURESTOREDECRYPTIONERROR, _getKeyFilePath);
            }
        }
        if (_getPasswd == null || _getPasswd.trim().isEmpty()) {
            throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTORENULLPASSWD, _getDataFilePath);
        }
        if (secureStoreRecord3.isDeleted() == 1) {
            throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTOREDELETEDLOCATION, _getDataFilePath);
        }
        String valueOf2 = String.valueOf(secureStoreRecord3.getData());
        if (valueOf2 == null || valueOf2.trim().isEmpty()) {
            throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTORENULLLOCATION, _getDataFilePath);
        }
        if (secureStoreRecord4 == null) {
            str3 = "";
        } else {
            if (secureStoreRecord4.isDeleted() == 1) {
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTOREDELETEDDATABASENNAME, _getDataFilePath);
            }
            str3 = String.valueOf(secureStoreRecord4.getData());
            if (str3 == null || str3.trim().isEmpty()) {
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTORENULLDATABASENNAME, _getDataFilePath);
            }
        }
        if (tracer.on()) {
            tracer.printDebugMessage("The username is: " + valueOf + "\nThe location is: " + valueOf2 + (str3.isEmpty() ? "" : "\nThe database is: " + str3));
        }
        return new SecureStoreLoginInformation(valueOf, _getPasswd, valueOf2, str3);
    }

    private static String _getKeyFilePath(String str) {
        return str + "SSFS_HDB.KEY";
    }

    private static String _getDataFilePath(String str) {
        return str + "SSFS_HDB.DAT";
    }

    private static SecureStoreKey _readKeyFile(Tracer tracer, String str) throws SQLException {
        File file = new File(str);
        FileInputStream fileInputStream = null;
        try {
            try {
                fileInputStream = new FileInputStream(file);
                byte[] bArr = new byte[(int) file.length()];
                if (fileInputStream.read(bArr) == -1) {
                    if (tracer.on()) {
                        tracer.printDebugMessage("Unable to read the Secure Store key file: " + str + " ,will use default key");
                    }
                    SecureStoreKey secureStoreKey = new SecureStoreKey("", "", "", 1, DEFAULT_KEY);
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException e) {
                        }
                    }
                    return secureStoreKey;
                }
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e2) {
                    }
                }
                if (bArr.length != 92) {
                    throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTORECORRUPTKEYFILELENGTH, str);
                }
                char[] cArr = new char[24];
                String str2 = new String(bArr, 0, 11, StandardCharsets.UTF_8);
                byte b = bArr[11];
                if (!_checkKeyFile(str2, b)) {
                    throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTORECORRUPTKEYFILE, str);
                }
                int i = 0;
                int i2 = 12;
                while (i < 24) {
                    cArr[i] = (char) bArr[i2];
                    i++;
                    i2++;
                }
                return new SecureStoreKey(str2, new String(bArr, 44, 24, StandardCharsets.UTF_8).trim(), new String(bArr, 67, 24, StandardCharsets.UTF_8).trim(), b, cArr);
            } catch (IOException e3) {
                if (tracer.on()) {
                    tracer.printDebugMessage("Unable to read the Secure Store key file: " + str + " ,will use default key");
                }
                SecureStoreKey secureStoreKey2 = new SecureStoreKey("", "", "", 1, DEFAULT_KEY);
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e4) {
                        return secureStoreKey2;
                    }
                }
                return secureStoreKey2;
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e5) {
                    throw th;
                }
            }
            throw th;
        }
    }

    private static boolean _checkKeyFile(String str, int i) {
        return str.equals("RSecSSFsKey") && i == 1;
    }

    private static Map<String, SecureStoreRecord> _readDataFile(String str) throws IOException, SQLException {
        char[] charArray;
        File file = new File(str);
        byte[] bArr = new byte[(int) file.length()];
        if (!file.exists()) {
            throw new FileNotFoundException("Secure Store data file not found: " + str);
        }
        HashMap hashMap = new HashMap();
        RandomAccessFile randomAccessFile = new RandomAccessFile(file, "r");
        try {
            try {
                if (randomAccessFile.read(bArr) == -1) {
                    throw new IOException("Cannot read the Secure Store data file: " + str);
                }
                if (bArr.length < 176) {
                    throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTORECORRUPTDATAFILELENGTH, str);
                }
                int i = 0;
                int length = bArr.length;
                char[] cArr = new char[4];
                while (i < bArr.length) {
                    if (length < 176) {
                        throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTORECORRUPTDATAFILERECORDLENGTH, str);
                    }
                    String trim = new String(bArr, i, 12, StandardCharsets.UTF_8).trim();
                    for (int i2 = 0; i2 < 4; i2++) {
                        cArr[i2] = (char) bArr[i + i2 + 12];
                    }
                    int _getRecordLength = _getRecordLength(cArr);
                    byte b = bArr[i + 16];
                    if (!_checkDataFile(trim, b, _getRecordLength)) {
                        throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTORECORRUPTDATAFILE, str);
                    }
                    String str2 = new String(bArr, i + 24, 64, StandardCharsets.UTF_8);
                    byte[] bArr2 = new byte[8];
                    for (int i3 = 0; i3 < 8; i3++) {
                        bArr2[i3] = bArr[i + i3 + 88];
                    }
                    String str3 = new String(bArr, i + 96, 24, StandardCharsets.UTF_8);
                    String str4 = new String(bArr, i + 120, 24, StandardCharsets.UTF_8);
                    byte b2 = bArr[i + 144];
                    byte b3 = bArr[i + 145];
                    byte b4 = bArr[i + 146];
                    byte[] bArr3 = new byte[20];
                    System.arraycopy(bArr, i + 156, bArr3, 0, bArr3.length);
                    if (b2 != 1) {
                        if (b3 == 1 || b4 == 1) {
                            charArray = new String(bArr, i + 176, _getRecordLength - 176, StandardCharsets.UTF_8).toCharArray();
                        } else {
                            charArray = new char[_getRecordLength - 176];
                            int i4 = _getRecordLength - 176;
                            if (i4 % 128 != 0) {
                                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTORECORRUPTDATAFILEENCRYPTEDLENGTH, str);
                            }
                            int i5 = 0;
                            while (i4 > 0) {
                                charArray[i5] = (char) bArr[i + 176 + i5];
                                i4--;
                                i5++;
                            }
                        }
                        if (!_checkHmac(bArr3, bArr, i, charArray)) {
                            throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTORECORRUPTDATAFILEHMAC, str);
                        }
                        hashMap.put(str2.trim(), new SecureStoreRecord(trim, bArr2, str3, str4, b, _getRecordLength, str2, b2, b3, b4, bArr3, _getRecordLength - 176, charArray));
                    }
                    i += _getRecordLength;
                    length -= _getRecordLength;
                }
                return hashMap;
            } catch (IOException e) {
                throw new IOException("Cannot read the Secure Store data file: " + str);
            }
        } finally {
            if (randomAccessFile != null) {
                try {
                    randomAccessFile.close();
                } catch (IOException e2) {
                }
            }
        }
    }

    private static boolean _checkDataFile(String str, int i, int i2) {
        return str.equals("RSecSSFsData") && i == 1 && i2 >= 176 && i2 <= 98640;
    }

    private static boolean _checkHmac(byte[] bArr, byte[] bArr2, int i, char[] cArr) throws SQLException {
        char[] cArr2 = {3, 'A', 5, 'W', 23, 196, 23, 'A', ',', '`', '[', 'z', 213, 5, 243, 3};
        byte[] bArr3 = new byte[cArr2.length];
        byte[] bArr4 = new byte[132 + cArr.length];
        System.arraycopy(bArr2, i + 24, bArr4, 0, 132);
        for (int i2 = 0; i2 < cArr.length; i2++) {
            bArr4[132 + i2] = (byte) cArr[i2];
        }
        DES.rsecedv1_encode_default_v1(cArr2, cArr2.length);
        for (int i3 = 0; i3 < cArr2.length; i3++) {
            bArr3[i3] = (byte) cArr2[i3];
        }
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr3, "HmacSHA1");
        try {
            Mac mac = Mac.getInstance("HmacSHA1");
            try {
                mac.init(secretKeySpec);
                byte[] doFinal = mac.doFinal(bArr4);
                for (int i4 = 0; i4 < doFinal.length; i4++) {
                    if (doFinal[i4] != bArr[i4]) {
                        return false;
                    }
                }
                return true;
            } catch (InvalidKeyException e) {
                throw SQLExceptionSapDB.newInstance(e, MessageKey.ERROR_CONNECTION_WRONGSECURESTOREKEY, new String[0]);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw SQLExceptionSapDB.newInstance(e2, MessageKey.ERROR_CONNECTION_SECURESTORENOHMAC, new String[0]);
        }
    }

    private static String _getPasswd(SecureStoreRecord secureStoreRecord, SecureStoreKey secureStoreKey) throws SQLException {
        char[] key = secureStoreKey.getKey();
        char[] data = secureStoreRecord.getData();
        DES.RSecPDecrypt(key, data, data.length);
        if (data.length == 0 || data.length % 128 != 0) {
            throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTOREPASSWDLENGTH, new String[0]);
        }
        if (!_checkSha1EncryptedRecord(data)) {
            throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CONNECTION_SECURESTORECORRUPTDATAFILESHA1, new String[0]);
        }
        char[] cArr = new char[4];
        for (int i = 0; i < 4; i++) {
            cArr[i] = data[i + 8];
        }
        return new String(data, 32, _getRecordLength(cArr));
    }

    private static boolean _checkSha1EncryptedRecord(char[] cArr) throws SQLException {
        byte[] bArr = new byte[cArr.length];
        for (int i = 0; i < bArr.length; i++) {
            bArr[i] = (byte) cArr[i];
        }
        byte[] bArr2 = new byte[cArr.length - 20];
        System.arraycopy(bArr, 0, bArr2, 0, 12);
        System.arraycopy(bArr, 32, bArr2, 12, 96);
        try {
            byte[] digest = MessageDigest.getInstance("SHA-1").digest(bArr2);
            for (int i2 = 0; i2 < 20; i2++) {
                if (digest[i2] != bArr[i2 + 12]) {
                    return false;
                }
            }
            return true;
        } catch (NoSuchAlgorithmException e) {
            throw SQLExceptionSapDB.newInstance(e, MessageKey.ERROR_CONNECTION_SECURESTORENOSHA1, new String[0]);
        }
    }

    private static int _getRecordLength(char[] cArr) {
        return (cArr[0] << 24) | ((cArr[1] & 255) << 16) | ((cArr[2] & 255) << 8) | (cArr[3] & 255);
    }

    static SecureStoreKey readKeyFile(Tracer tracer, String str) throws SQLException {
        return _readKeyFile(tracer, str);
    }

    static Map<String, SecureStoreRecord> readDataFile(String str) throws IOException, SQLException {
        return _readDataFile(str);
    }

    static String getPasswd(SecureStoreRecord secureStoreRecord, SecureStoreKey secureStoreKey) throws SQLException {
        return _getPasswd(secureStoreRecord, secureStoreKey);
    }
}
