package com.singlestore.jdbc.plugin.credential.browser.keyring;

import com.singlestore.jdbc.plugin.credential.browser.ExpiringCredential;
import com.singlestore.jdbc.util.log.Logger;
import com.singlestore.jdbc.util.log.Loggers;
import com.sun.jna.Library;
import com.sun.jna.Native;
import com.sun.jna.Pointer;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;

/* loaded from: input_file:com/singlestore/jdbc/plugin/credential/browser/keyring/MacKeyring.class */
public class MacKeyring implements Keyring {
    private static final String ACCOUNT = "SingleStore";
    private static final Charset CHARSET = StandardCharsets.UTF_8;
    private final SecurityLibrary secLib = LibManager.getInstance();
    private final Logger logger = Loggers.getLogger((Class<?>) MacKeyring.class);

    /* loaded from: input_file:com/singlestore/jdbc/plugin/credential/browser/keyring/MacKeyring$LibManager.class */
    private static class LibManager {

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:com/singlestore/jdbc/plugin/credential/browser/keyring/MacKeyring$LibManager$LazyHolder.class */
        public static class LazyHolder {
            private static final SecurityLibrary INSTANCE = (SecurityLibrary) Native.load("Security", SecurityLibrary.class);

            private LazyHolder() {
            }
        }

        private LibManager() {
        }

        public static SecurityLibrary getInstance() {
            return LazyHolder.INSTANCE;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/singlestore/jdbc/plugin/credential/browser/keyring/MacKeyring$SecurityLibrary.class */
    public interface SecurityLibrary extends Library {
        public static final int ERR_SEC_SUCCESS = 0;
        public static final int ERR_SEC_ITEM_NOT_FOUND = -25300;

        int SecKeychainFindGenericPassword(Pointer pointer, int i, byte[] bArr, int i2, byte[] bArr2, int[] iArr, Pointer[] pointerArr, Pointer[] pointerArr2);

        int SecKeychainAddGenericPassword(Pointer pointer, int i, byte[] bArr, int i2, byte[] bArr2, int i3, byte[] bArr3, Pointer pointer2);

        int SecKeychainItemModifyContent(Pointer pointer, Pointer pointer2, int i, byte[] bArr);

        int SecKeychainItemDelete(Pointer pointer);

        int SecKeychainItemFreeContent(Pointer[] pointerArr, Pointer pointer);
    }

    @Override // com.singlestore.jdbc.plugin.credential.browser.keyring.Keyring
    public ExpiringCredential getCredential() {
        int SecKeychainFindGenericPassword;
        byte[] bytes = Keyring.STORAGE_KEY.getBytes(CHARSET);
        byte[] bytes2 = ACCOUNT.getBytes(CHARSET);
        int[] iArr = new int[1];
        Pointer[] pointerArr = new Pointer[1];
        try {
            synchronized (this.secLib) {
                SecKeychainFindGenericPassword = this.secLib.SecKeychainFindGenericPassword(null, bytes.length, bytes, bytes2.length, bytes2, iArr, pointerArr, null);
            }
            if (SecKeychainFindGenericPassword != 0) {
                this.logger.debug("Could not read from the OS X Keychain or the key does not exist. Error code: " + Native.getLastError());
                if (pointerArr[0] != null) {
                    synchronized (this.secLib) {
                        this.secLib.SecKeychainItemFreeContent(null, pointerArr[0]);
                    }
                }
                return null;
            }
            if (iArr[0] == 0 || pointerArr[0] == null) {
                this.logger.debug("Found an empty blob when reading from the OS X Keychain");
                if (pointerArr[0] != null) {
                    synchronized (this.secLib) {
                        this.secLib.SecKeychainItemFreeContent(null, pointerArr[0]);
                    }
                }
                return null;
            }
            try {
                ExpiringCredential fromBlob = Keyring.fromBlob(new String(pointerArr[0].getByteArray(0L, iArr[0]), CHARSET));
                if (pointerArr[0] != null) {
                    synchronized (this.secLib) {
                        this.secLib.SecKeychainItemFreeContent(null, pointerArr[0]);
                    }
                }
                return fromBlob;
            } catch (IOException e) {
                this.logger.debug("Error while parsing cached token from the OS X Keychain", e);
                if (pointerArr[0] != null) {
                    synchronized (this.secLib) {
                        this.secLib.SecKeychainItemFreeContent(null, pointerArr[0]);
                    }
                }
                return null;
            }
        } catch (Throwable th) {
            if (pointerArr[0] != null) {
                synchronized (this.secLib) {
                    this.secLib.SecKeychainItemFreeContent(null, pointerArr[0]);
                }
            }
            throw th;
        }
    }

    @Override // com.singlestore.jdbc.plugin.credential.browser.keyring.Keyring
    public void setCredential(ExpiringCredential expiringCredential) {
        int SecKeychainFindGenericPassword;
        int SecKeychainAddGenericPassword;
        byte[] bytes = Keyring.makeBlob(expiringCredential).getBytes(CHARSET);
        byte[] bytes2 = Keyring.STORAGE_KEY.getBytes(CHARSET);
        byte[] bytes3 = ACCOUNT.getBytes(CHARSET);
        Pointer[] pointerArr = new Pointer[1];
        synchronized (this.secLib) {
            SecKeychainFindGenericPassword = this.secLib.SecKeychainFindGenericPassword(null, bytes2.length, bytes2, bytes3.length, bytes3, null, null, pointerArr);
        }
        if (SecKeychainFindGenericPassword != 0 && SecKeychainFindGenericPassword != -25300) {
            this.logger.debug("Could not check the existence of key in the OS X Keychain. Error code: " + Native.getLastError());
            return;
        }
        if (pointerArr[0] != null) {
            synchronized (this.secLib) {
                SecKeychainAddGenericPassword = this.secLib.SecKeychainItemModifyContent(pointerArr[0], null, bytes.length, bytes);
            }
        } else {
            synchronized (this.secLib) {
                SecKeychainAddGenericPassword = this.secLib.SecKeychainAddGenericPassword(Pointer.NULL, bytes2.length, bytes2, bytes3.length, bytes3, bytes.length, bytes, null);
            }
        }
        if (SecKeychainAddGenericPassword != 0) {
            this.logger.debug("Could not set/modify the item in the OS X Keychain. Error code: " + Native.getLastError());
        }
    }

    @Override // com.singlestore.jdbc.plugin.credential.browser.keyring.Keyring
    public void deleteCredential() {
        int SecKeychainFindGenericPassword;
        int SecKeychainItemDelete;
        byte[] bytes = Keyring.STORAGE_KEY.getBytes(CHARSET);
        byte[] bytes2 = ACCOUNT.getBytes(CHARSET);
        Pointer[] pointerArr = new Pointer[1];
        synchronized (this.secLib) {
            SecKeychainFindGenericPassword = this.secLib.SecKeychainFindGenericPassword(null, bytes.length, bytes, bytes2.length, bytes2, null, null, pointerArr);
        }
        if (SecKeychainFindGenericPassword != 0 && SecKeychainFindGenericPassword != -25300) {
            this.logger.debug("Could not check the existence of key in the OS X Keychain. Error code: " + Native.getLastError());
            return;
        }
        if (pointerArr[0] == null) {
            return;
        }
        synchronized (this.secLib) {
            SecKeychainItemDelete = this.secLib.SecKeychainItemDelete(pointerArr[0]);
        }
        if (SecKeychainItemDelete != 0) {
            this.logger.info("Could not delete the key from the OS X Keychain. Error code = " + Native.getLastError());
        }
    }
}
