package com.datical.liquibase.ext.util;

import com.datical.liquibase.ext.config.LiquibaseSnowflakeConfiguration;
import java.io.File;
import java.io.FileReader;
import java.io.IOException;
import java.nio.file.Paths;
import java.security.PrivateKey;
import java.security.Security;
import liquibase.exception.DatabaseException;
import net.snowflake.client.jdbc.internal.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import net.snowflake.client.jdbc.internal.org.bouncycastle.jce.provider.BouncyCastleProvider;
import net.snowflake.client.jdbc.internal.org.bouncycastle.openssl.PEMParser;
import net.snowflake.client.jdbc.internal.org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import net.snowflake.client.jdbc.internal.org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
import net.snowflake.client.jdbc.internal.org.bouncycastle.operator.InputDecryptorProvider;
import net.snowflake.client.jdbc.internal.org.bouncycastle.operator.OperatorCreationException;
import net.snowflake.client.jdbc.internal.org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
import net.snowflake.client.jdbc.internal.org.bouncycastle.pkcs.PKCSException;

/* loaded from: input_file:com/datical/liquibase/ext/util/SnowflakeProJdbcConnectionUtil.class */
public class SnowflakeProJdbcConnectionUtil {
    private SnowflakeProJdbcConnectionUtil() {
    }

    public static PrivateKey getPrivateKey() throws DatabaseException {
        String str = (String) LiquibaseSnowflakeConfiguration.PRIVATE_KEY_FILE_PATH.getCurrentValue();
        throwIfNotPresent(str, "For the PKI authentication type the 'snowflake-auth-private-key-path' configuration is required. Please specify the path to a valid Private Key file.");
        File file = Paths.get(str, new String[0]).toFile();
        if (!file.exists()) {
            throwIfNotPresent(null, String.format("No files found with specified path '%s'. ", str) + "Please verify 'snowflake-auth-private-key-path' configuration.");
        }
        PrivateKeyInfo privateKeyInfo = null;
        Security.addProvider(new BouncyCastleProvider());
        try {
            PEMParser pEMParser = new PEMParser(new FileReader(file));
            Throwable th = null;
            try {
                Object readObject = pEMParser.readObject();
                if (readObject instanceof PKCS8EncryptedPrivateKeyInfo) {
                    PKCS8EncryptedPrivateKeyInfo pKCS8EncryptedPrivateKeyInfo = (PKCS8EncryptedPrivateKeyInfo) readObject;
                    String str2 = (String) LiquibaseSnowflakeConfiguration.PRIVATE_KEY_FILE_PASSPHRASE.getCurrentValue();
                    throwIfNotPresent(str2, "Used Private key is encrypted with a passphrase. Please provide one in the 'snowflake-auth-private-key-passphrase' configuration");
                    InputDecryptorProvider build = new JceOpenSSLPKCS8DecryptorProviderBuilder().build(str2.toCharArray());
                    throwIfNotPresent(build, "Wrong passphrase. Please provide correct passphrase in the 'snowflake-auth-private-key-passphrase' configuration");
                    privateKeyInfo = pKCS8EncryptedPrivateKeyInfo.decryptPrivateKeyInfo(build);
                } else if (readObject instanceof PrivateKeyInfo) {
                    privateKeyInfo = (PrivateKeyInfo) readObject;
                }
                PrivateKey privateKey = new JcaPEMKeyConverter().setProvider("BC").getPrivateKey(privateKeyInfo);
                if (pEMParser != null) {
                    if (0 != 0) {
                        try {
                            pEMParser.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        pEMParser.close();
                    }
                }
                return privateKey;
            } finally {
            }
        } catch (IOException | OperatorCreationException | PKCSException e) {
            throw new DatabaseException("Unable to process private key with current configuration. Please check 'snowflake-auth-private-key-path', 'snowflake-auth-private-key-passphrase' and Private Key validity", e);
        }
    }

    public static void throwIfNotPresent(Object obj, String str) throws DatabaseException {
        if (obj == null) {
            throw new DatabaseException(str);
        }
    }
}
