package com.sap.db.jdbc;

import com.sap.db.annotations.GuardedBy;
import com.sap.db.annotations.ThreadSafe;
import com.sap.db.jdbc.KeyStore;
import com.sap.db.jdbc.ObjectStore;
import com.sap.db.jdbc.exceptions.SQLExceptionSapDB;
import com.sap.db.jdbc.packet.ErrorPart;
import com.sap.db.jdbc.packet.InfoRequest;
import com.sap.db.jdbc.packet.SegmentHeader;
import com.sap.db.util.MessageKey;
import com.sap.db.util.PlatformUtils;
import java.nio.file.Paths;
import java.security.Key;
import java.sql.SQLException;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import java.util.UUID;

/* JADX INFO: Access modifiers changed from: package-private */
@ThreadSafe
/* loaded from: input_file:com/sap/db/jdbc/KeyCache.class */
public final class KeyCache {

    @GuardedBy("KeyCache.class")
    private static final Map<String, ColumnEncryptionKey> COLUMN_ENCRYPTION_KEY_MAP = new HashMap();

    @GuardedBy("KeyCache.class")
    private static final Map<String, ClientKeyPair> CLIENT_KEY_PAIR_MAP = new HashMap();

    @GuardedBy("KeyCache.class")
    private static KeyStore _keyStore;

    @GuardedBy("KeyCache.class")
    private static String _password;

    @GuardedBy("KeyCache.class")
    private static ObjectStore _testObjectStore;

    @GuardedBy("KeyCache.class")
    private static String _keyStoreFilename;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.sap.db.jdbc.KeyCache$1, reason: invalid class name */
    /* loaded from: input_file:com/sap/db/jdbc/KeyCache$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes = new int[ObjectStore.ErrorCodes.values().length];

        static {
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.INVALID_PASSWORD.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.UNENCRYPTED_STORE.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.PASSWORD_REQUIRED.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.INVALID_STORE.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.HMAC_CHECK_FAILED.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.FILE_WRITE_FAILED.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.FILE_READ_FAILED.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.FILE_OPEN_FAILED.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.ENCRYPT_FAILED.ordinal()] = 9;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.DECRYPT_FAILED.ordinal()] = 10;
            } catch (NoSuchFieldError e10) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.UNKNOWN_STORE_VERSION.ordinal()] = 11;
            } catch (NoSuchFieldError e11) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.CRYPTO_EXTENSION_NOT_INSTALLED.ordinal()] = 12;
            } catch (NoSuchFieldError e12) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.WEAK_PASSWORD.ordinal()] = 13;
            } catch (NoSuchFieldError e13) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.STORE_NOT_OPEN.ordinal()] = 14;
            } catch (NoSuchFieldError e14) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.OBJECT_NOT_FOUND.ordinal()] = 15;
            } catch (NoSuchFieldError e15) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.OBJECT_ALREADY_EXISTS.ordinal()] = 16;
            } catch (NoSuchFieldError e16) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.INVALID_PARAMETER.ordinal()] = 17;
            } catch (NoSuchFieldError e17) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[ObjectStore.ErrorCodes.INVALID_INDEX.ordinal()] = 18;
            } catch (NoSuchFieldError e18) {
            }
            $SwitchMap$com$sap$db$jdbc$KeyStore$ErrorCodes = new int[KeyStore.ErrorCodes.values().length];
            try {
                $SwitchMap$com$sap$db$jdbc$KeyStore$ErrorCodes[KeyStore.ErrorCodes.KEY_NOT_FOUND.ordinal()] = 1;
            } catch (NoSuchFieldError e19) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$KeyStore$ErrorCodes[KeyStore.ErrorCodes.MALFORMED_KEY.ordinal()] = 2;
            } catch (NoSuchFieldError e20) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$KeyStore$ErrorCodes[KeyStore.ErrorCodes.ATTRIBUTE_NOT_FOUND.ordinal()] = 3;
            } catch (NoSuchFieldError e21) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$KeyStore$ErrorCodes[KeyStore.ErrorCodes.MISSING_KEY_ATTRIBUTE.ordinal()] = 4;
            } catch (NoSuchFieldError e22) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$KeyStore$ErrorCodes[KeyStore.ErrorCodes.KEY_ALREADY_EXISTS.ordinal()] = 5;
            } catch (NoSuchFieldError e23) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$KeyStore$ErrorCodes[KeyStore.ErrorCodes.COULD_NOT_OPEN_STORE.ordinal()] = 6;
            } catch (NoSuchFieldError e24) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$KeyStore$ErrorCodes[KeyStore.ErrorCodes.PASSWORD_REQUIRED.ordinal()] = 7;
            } catch (NoSuchFieldError e25) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$KeyStore$ErrorCodes[KeyStore.ErrorCodes.INVALID_PARAMETER.ordinal()] = 8;
            } catch (NoSuchFieldError e26) {
            }
            try {
                $SwitchMap$com$sap$db$jdbc$KeyStore$ErrorCodes[KeyStore.ErrorCodes.STORE_NOT_OPEN.ordinal()] = 9;
            } catch (NoSuchFieldError e27) {
            }
        }
    }

    private KeyCache() {
        throw new AssertionError("Non-instantiable class");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized ColumnEncryptionKey getCachedColumnEncryptionKey(String str, String str2) {
        if (_password == null || !_password.equals(str2)) {
            return null;
        }
        return COLUMN_ENCRYPTION_KEY_MAP.get(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized void addColumnEncryptionKey(String str, ColumnEncryptionKey columnEncryptionKey) {
        COLUMN_ENCRYPTION_KEY_MAP.put(str, columnEncryptionKey);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized Key getCachedPublicClientKey(String str, String str2) throws SQLException {
        _ensureKeyStoreOpened(str2);
        ClientKeyPair clientKeyPair = CLIENT_KEY_PAIR_MAP.get(str);
        return clientKeyPair != null ? clientKeyPair.getPublicKey() : _loadKeyPairFromStore(str).getPublicKey();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized Key getCachedPrivateClientKey(String str, String str2) throws SQLException {
        _ensureKeyStoreOpened(str2);
        ClientKeyPair clientKeyPair = CLIENT_KEY_PAIR_MAP.get(str);
        return clientKeyPair != null ? clientKeyPair.getPrivateKey() : _loadKeyPairFromStore(str).getPrivateKey();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized Set<String> getClientKeyPairIds(String str) throws SQLException {
        loadAllClientKeyPairs(null, str);
        return CLIENT_KEY_PAIR_MAP.keySet();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized void deleteClientKeyPair(String str, String str2) throws SQLException {
        _ensureKeyStoreOpened(str2);
        CLIENT_KEY_PAIR_MAP.remove(str);
        try {
            _keyStore.removeKey(UUID.fromString(str));
        } catch (KeyStore.KSException e) {
            switch (e.getCode()) {
                case KEY_NOT_FOUND:
                    return;
                default:
                    _defaultKsErrorHandler(e, str);
                    return;
            }
        } catch (ObjectStore.StException e2) {
            _defaultStErrorHandler(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized void storeClientKeyPair(ClientKeyPair clientKeyPair, String str) throws SQLException {
        _ensureKeyStoreOpened(str);
        CLIENT_KEY_PAIR_MAP.put(clientKeyPair.getKeyUuid(), clientKeyPair);
        try {
            _keyStore.storeKey(UUID.fromString(clientKeyPair.getKeyUuid()), clientKeyPair.getKeyName(), clientKeyPair.getDatabaseName(), KeyStore.KeyType.KEYPAIR, KeyStore.KeyAlgorithm.RSA2048, clientKeyPair.getPrivateKey().getEncoded(), clientKeyPair.getPublicKey().getEncoded());
        } catch (KeyStore.KSException e) {
            _defaultKsErrorHandler(e, clientKeyPair.getKeyUuid());
        } catch (ObjectStore.StException e2) {
            _defaultStErrorHandler(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized void deleteCachedColumnEncryptionKey(String str, String str2) {
        if (_password == null || !_password.equals(str2)) {
            return;
        }
        COLUMN_ENCRYPTION_KEY_MAP.remove(str);
    }

    static synchronized void loadAllClientKeyPairs(String str, String str2) throws SQLException {
        _ensureKeyStoreOpened(str2);
        try {
            for (UUID uuid : _keyStore.findKeys(null, str)) {
                if (!CLIENT_KEY_PAIR_MAP.containsKey(uuid.toString())) {
                    try {
                        _loadKeyPairFromStore(uuid.toString());
                    } catch (SQLException e) {
                        if (!e.getMessage().contains("No client key pair with the given uuid")) {
                            throw e;
                        }
                    }
                }
            }
        } catch (KeyStore.KSException e2) {
            _defaultKsErrorHandler(e2, null);
        } catch (ObjectStore.StException e3) {
            _defaultStErrorHandler(e3);
        }
    }

    private static void _ensureKeyStoreOpened(String str) throws SQLException {
        if (_password != null && !_password.equals(str)) {
            throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_INVALID_PASSWORD, new String[0]);
        }
        if (_keyStore == null) {
            KeyStore keyStore = new KeyStore();
            if (_testObjectStore != null) {
                keyStore.setObjectStore(_testObjectStore);
            }
            if (_keyStoreFilename != null) {
                keyStore.setFilename(_keyStoreFilename);
            }
            try {
                keyStore.open(str);
            } catch (KeyStore.KSException e) {
                _defaultKsErrorHandler(e, null);
            } catch (ObjectStore.StException e2) {
                _defaultStErrorHandler(e2);
            }
            _keyStore = keyStore;
            _password = str;
        }
    }

    private static void _defaultKsErrorHandler(KeyStore.KSException kSException, String str) throws SQLException {
        switch (AnonymousClass1.$SwitchMap$com$sap$db$jdbc$KeyStore$ErrorCodes[kSException.getCode().ordinal()]) {
            case 1:
                if (str != null) {
                    throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CLIENT_KEY_PAIR_NOT_FOUND, str);
                }
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_INVALID_CLIENT_KEY_PAIR, new String[0]);
            case 2:
            case 3:
            case 4:
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_INVALID_CLIENT_KEY_PAIR, new String[0]);
            case 5:
            default:
                return;
            case 6:
                String[] strArr = new String[1];
                strArr[0] = _keyStoreFilename != null ? _keyStoreFilename : Paths.get(PlatformUtils.getHdbkeystoreUserProfilePath(), "hdbkeystore.dat").toString();
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_OPEN_FILE, strArr);
            case InfoRequest.MajorProtocolVersion_O /* 7 */:
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_PASSWORD_REQUIRED, new String[0]);
            case 8:
            case 9:
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CORRUPT_KEY_STORE_FILE, new String[0]);
        }
    }

    private static void _defaultStErrorHandler(ObjectStore.StException stException) throws SQLException {
        switch (AnonymousClass1.$SwitchMap$com$sap$db$jdbc$ObjectStore$ErrorCodes[stException.getCode().ordinal()]) {
            case 1:
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_INVALID_PASSWORD, new String[0]);
            case 2:
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_INVALID_PASSWORD, new String[0]);
            case 3:
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_PASSWORD_REQUIRED, new String[0]);
            case 4:
            case 5:
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CORRUPT_KEY_STORE_FILE, new String[0]);
            case 6:
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_WRITE_FILE, _keyStore.getKeyStoreFileName());
            case InfoRequest.MajorProtocolVersion_O /* 7 */:
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_READ_FILE, _keyStore.getKeyStoreFileName());
            case 8:
                String[] strArr = new String[1];
                strArr[0] = _keyStoreFilename != null ? _keyStoreFilename : Paths.get(PlatformUtils.getHdbkeystoreUserProfilePath(), "hdbkeystore.dat").toString();
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_OPEN_FILE, strArr);
            case 9:
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_ENCRYPT_FAILED, new String[0]);
            case 10:
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_DECRYPT_FAILED, new String[0]);
            case InfoRequest.NumberVariableOptions_O /* 11 */:
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_UNKNOWN_KEYSTORE_VERSION, new String[0]);
            case 12:
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CRYPTO_EXTENSION_NOT_INSTALLED, new String[0]);
            case 13:
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_WEAK_PASSWORD, new String[0]);
            case 14:
            case SegmentHeader.CommandOptions_O /* 15 */:
            case 16:
            case 17:
            case ErrorPart.ErrorText_O /* 18 */:
                throw SQLExceptionSapDB.newInstance(MessageKey.ERROR_CORRUPT_KEY_STORE_FILE, new String[0]);
            default:
                return;
        }
    }

    private static ClientKeyPair _loadKeyPairFromStore(String str) throws SQLException {
        try {
            KeyStore.Key key = _keyStore.getKey(UUID.fromString(str));
            ClientKeyPair newInstance = ClientKeyPair.newInstance(key.getPublicValue(), key.getPrivateValue(), key.getDatabaseName(), key.getName(), str, key.getAlgorithm().toString());
            CLIENT_KEY_PAIR_MAP.put(str, newInstance);
            return newInstance;
        } catch (KeyStore.KSException e) {
            _defaultKsErrorHandler(e, str);
            return null;
        } catch (ObjectStore.StException e2) {
            _defaultStErrorHandler(e2);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized void setKeyStoreFilename(String str) {
        _keyStoreFilename = str;
    }

    static synchronized String getColumnEncryptionKeyId(String str) {
        for (String str2 : COLUMN_ENCRYPTION_KEY_MAP.keySet()) {
            if (COLUMN_ENCRYPTION_KEY_MAP.get(str2).getKeyName().equals(str)) {
                return str2;
            }
        }
        return null;
    }

    static synchronized String getClientKeyPairId(String str) {
        for (String str2 : CLIENT_KEY_PAIR_MAP.keySet()) {
            if (CLIENT_KEY_PAIR_MAP.get(str2).getKeyName().equals(str)) {
                return str2;
            }
        }
        return null;
    }

    static synchronized ClientKeyPair getClientKeyPair(String str) {
        return CLIENT_KEY_PAIR_MAP.get(str);
    }

    static synchronized Map<String, ClientKeyPair> getClientKeyPairMap() {
        return new HashMap(CLIENT_KEY_PAIR_MAP);
    }

    static synchronized Map<String, ClientKeyPair> getClientKeyPairMapRefresh(String str) throws SQLException {
        loadAllClientKeyPairs(null, str);
        return new HashMap(CLIENT_KEY_PAIR_MAP);
    }

    static synchronized Map<String, ColumnEncryptionKey> getColumnEncryptionKeyMap() {
        return new HashMap(COLUMN_ENCRYPTION_KEY_MAP);
    }

    static synchronized void clear() {
        COLUMN_ENCRYPTION_KEY_MAP.clear();
        CLIENT_KEY_PAIR_MAP.clear();
    }

    static synchronized void setTestObjectStore(ObjectStore objectStore) {
        _testObjectStore = objectStore;
    }
}
