package com.mysql.jdbc;

import com.google.firebase.crashlytics.buildtools.reloc.org.apache.commons.io.IOUtils;
import com.mysql.jdbc.SocketMetadata;
import com.mysql.jdbc.util.Base64Decoder;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.Socket;
import java.net.SocketException;
import java.net.URL;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.X509EncodedKeySpec;
import java.sql.SQLException;
import java.util.Properties;
import javax.crypto.Cipher;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes2.dex */
public class ExportControlled {
    private static final String SQL_STATE_BAD_SSL_PARAMS = "08000";

    /* loaded from: classes2.dex */
    public static class StandardSSLSocketFactory implements SocketFactory, SocketMetadata {
        private final Socket existingSocket;
        private final SocketFactory existingSocketFactory;
        private SSLSocket rawSocket = null;
        private final SSLSocketFactory sslFact;

        public StandardSSLSocketFactory(SSLSocketFactory sSLSocketFactory, SocketFactory socketFactory, Socket socket) {
            this.sslFact = sSLSocketFactory;
            this.existingSocketFactory = socketFactory;
            this.existingSocket = socket;
        }

        @Override // com.mysql.jdbc.SocketFactory
        public Socket afterHandshake() throws SocketException, IOException {
            this.existingSocketFactory.afterHandshake();
            return this.rawSocket;
        }

        @Override // com.mysql.jdbc.SocketFactory
        public Socket beforeHandshake() throws SocketException, IOException {
            return this.rawSocket;
        }

        @Override // com.mysql.jdbc.SocketFactory
        public Socket connect(String str, int i, Properties properties) throws SocketException, IOException {
            SSLSocket sSLSocket = (SSLSocket) this.sslFact.createSocket(this.existingSocket, str, i, true);
            this.rawSocket = sSLSocket;
            return sSLSocket;
        }

        @Override // com.mysql.jdbc.SocketMetadata
        public boolean isLocallyConnected(ConnectionImpl connectionImpl) throws SQLException {
            return SocketMetadata.Helper.isLocallyConnected(connectionImpl);
        }
    }

    private ExportControlled() {
    }

    public static RSAPublicKey decodeRSAPublicKey(String str, ExceptionInterceptor exceptionInterceptor) throws SQLException {
        try {
            if (str == null) {
                throw new SQLException("key parameter is null");
            }
            int indexOf = str.indexOf(IOUtils.LINE_SEPARATOR_UNIX) + 1;
            return (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64Decoder.decode(str.getBytes(), indexOf, str.indexOf("-----END PUBLIC KEY-----") - indexOf)));
        } catch (Exception e) {
            throw SQLError.createSQLException("Unable to decode public key", SQLError.SQL_STATE_ILLEGAL_ARGUMENT, e, exceptionInterceptor);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean enabled() {
        return true;
    }

    public static byte[] encryptWithRSAPublicKey(byte[] bArr, RSAPublicKey rSAPublicKey, ExceptionInterceptor exceptionInterceptor) throws SQLException {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-1AndMGF1Padding");
            cipher.init(1, rSAPublicKey);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw SQLError.createSQLException(e.getMessage(), SQLError.SQL_STATE_ILLEGAL_ARGUMENT, e, exceptionInterceptor);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Not initialized variable reg: 16, insn: 0x0162: MOVE (r1 I:??[OBJECT, ARRAY]) = (r16 I:??[OBJECT, ARRAY]), block:B:177:0x0162 */
    /* JADX WARN: Not initialized variable reg: 16, insn: 0x027e: MOVE (r1 I:??[OBJECT, ARRAY]) = (r16 I:??[OBJECT, ARRAY]), block:B:117:0x027e */
    /* JADX WARN: Type inference failed for: r1v13 */
    /* JADX WARN: Type inference failed for: r1v17 */
    /* JADX WARN: Type inference failed for: r1v18, types: [java.io.InputStream] */
    /* JADX WARN: Type inference failed for: r1v19 */
    /* JADX WARN: Type inference failed for: r1v2, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r1v26 */
    /* JADX WARN: Type inference failed for: r1v3 */
    /* JADX WARN: Type inference failed for: r1v4, types: [java.io.InputStream] */
    /* JADX WARN: Type inference failed for: r1v5 */
    /* JADX WARN: Type inference failed for: r4v11 */
    /* JADX WARN: Type inference failed for: r4v14, types: [int, boolean] */
    /* JADX WARN: Type inference failed for: r4v19 */
    private static SSLSocketFactory getSSLSocketFactoryDefaultOrConfigured(MysqlIO mysqlIO) throws SQLException {
        Object obj;
        String str;
        String str2;
        InputStream inputStream;
        Object obj2;
        String str3;
        TrustManagerFactory trustManagerFactory;
        InputStream inputStream2;
        char[] charArray;
        ?? r4;
        TrustManager[] trustManagerArr;
        String clientCertificateKeyStoreUrl = mysqlIO.connection.getClientCertificateKeyStoreUrl();
        String trustCertificateKeyStoreUrl = mysqlIO.connection.getTrustCertificateKeyStoreUrl();
        String clientCertificateKeyStoreType = mysqlIO.connection.getClientCertificateKeyStoreType();
        String clientCertificateKeyStorePassword = mysqlIO.connection.getClientCertificateKeyStorePassword();
        String trustCertificateKeyStoreType = mysqlIO.connection.getTrustCertificateKeyStoreType();
        String trustCertificateKeyStorePassword = mysqlIO.connection.getTrustCertificateKeyStorePassword();
        if (StringUtils.isNullOrEmpty(clientCertificateKeyStoreUrl) && StringUtils.isNullOrEmpty(trustCertificateKeyStoreUrl) && mysqlIO.connection.getVerifyServerCertificate()) {
            return (SSLSocketFactory) SSLSocketFactory.getDefault();
        }
        try {
            TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            ?? r1 = "]";
            try {
                try {
                    if (StringUtils.isNullOrEmpty(clientCertificateKeyStoreUrl)) {
                        str = "Could not load trust";
                        str2 = trustCertificateKeyStoreUrl;
                    } else {
                        try {
                            if (StringUtils.isNullOrEmpty(clientCertificateKeyStoreType)) {
                                str = "Could not load trust";
                                str2 = trustCertificateKeyStoreUrl;
                                inputStream = null;
                            } else {
                                KeyStore keyStore = KeyStore.getInstance(clientCertificateKeyStoreType);
                                str = "Could not load trust";
                                URL url = new URL(clientCertificateKeyStoreUrl);
                                str2 = trustCertificateKeyStoreUrl;
                                char[] charArray2 = clientCertificateKeyStorePassword == null ? new char[0] : clientCertificateKeyStorePassword.toCharArray();
                                inputStream = url.openStream();
                                try {
                                    keyStore.load(inputStream, charArray2);
                                    keyManagerFactory.init(keyStore, charArray2);
                                } catch (MalformedURLException unused) {
                                    throw SQLError.createSQLException(clientCertificateKeyStoreUrl + " does not appear to be a valid URL.", SQL_STATE_BAD_SSL_PARAMS, 0, false, mysqlIO.getExceptionInterceptor());
                                } catch (IOException e) {
                                    e = e;
                                    SQLException createSQLException = SQLError.createSQLException("Cannot open " + clientCertificateKeyStoreUrl + " [" + e.getMessage() + "]", SQL_STATE_BAD_SSL_PARAMS, 0, false, mysqlIO.getExceptionInterceptor());
                                    createSQLException.initCause(e);
                                    throw createSQLException;
                                } catch (KeyStoreException e2) {
                                    e = e2;
                                    throw SQLError.createSQLException("Could not create KeyStore instance [" + e.getMessage() + "]", SQL_STATE_BAD_SSL_PARAMS, 0, false, mysqlIO.getExceptionInterceptor());
                                } catch (NoSuchAlgorithmException e3) {
                                    e = e3;
                                    throw SQLError.createSQLException("Unsupported keystore algorithm [" + e.getMessage() + "]", SQL_STATE_BAD_SSL_PARAMS, 0, false, mysqlIO.getExceptionInterceptor());
                                } catch (UnrecoverableKeyException unused2) {
                                    throw SQLError.createSQLException("Could not recover keys from client keystore.  Check password?", SQL_STATE_BAD_SSL_PARAMS, 0, false, mysqlIO.getExceptionInterceptor());
                                } catch (CertificateException unused3) {
                                    throw SQLError.createSQLException("Could not load client" + clientCertificateKeyStoreType + " keystore from " + clientCertificateKeyStoreUrl, mysqlIO.getExceptionInterceptor());
                                } catch (Throwable th) {
                                    th = th;
                                    r1 = inputStream;
                                    if (r1 != 0) {
                                        try {
                                            r1.close();
                                        } catch (IOException unused4) {
                                        }
                                    }
                                    throw th;
                                }
                            }
                            if (inputStream != null) {
                                try {
                                    inputStream.close();
                                } catch (IOException unused5) {
                                }
                            }
                        } catch (MalformedURLException unused6) {
                        } catch (IOException e4) {
                            e = e4;
                        } catch (KeyStoreException e5) {
                            e = e5;
                        } catch (NoSuchAlgorithmException e6) {
                            e = e6;
                        } catch (UnrecoverableKeyException unused7) {
                        } catch (CertificateException unused8) {
                        } catch (Throwable th2) {
                            th = th2;
                            r1 = 0;
                        }
                    }
                    try {
                        try {
                            if (StringUtils.isNullOrEmpty(str2)) {
                                trustManagerFactory = trustManagerFactory2;
                            } else {
                                try {
                                    try {
                                        if (StringUtils.isNullOrEmpty(trustCertificateKeyStoreType)) {
                                            trustManagerFactory = trustManagerFactory2;
                                            inputStream2 = null;
                                        } else {
                                            KeyStore keyStore2 = KeyStore.getInstance(trustCertificateKeyStoreType);
                                            str3 = str2;
                                            try {
                                                URL url2 = new URL(str3);
                                                charArray = trustCertificateKeyStorePassword == null ? new char[0] : trustCertificateKeyStorePassword.toCharArray();
                                                inputStream2 = url2.openStream();
                                            } catch (MalformedURLException unused9) {
                                                throw SQLError.createSQLException(str3 + " does not appear to be a valid URL.", SQL_STATE_BAD_SSL_PARAMS, 0, false, mysqlIO.getExceptionInterceptor());
                                            } catch (IOException e7) {
                                                e = e7;
                                                SQLException createSQLException2 = SQLError.createSQLException("Cannot open " + str3 + " [" + e.getMessage() + "]", SQL_STATE_BAD_SSL_PARAMS, 0, false, mysqlIO.getExceptionInterceptor());
                                                createSQLException2.initCause(e);
                                                throw createSQLException2;
                                            } catch (CertificateException unused10) {
                                                throw SQLError.createSQLException(str + trustCertificateKeyStoreType + " keystore from " + str3, SQL_STATE_BAD_SSL_PARAMS, 0, false, mysqlIO.getExceptionInterceptor());
                                            }
                                            try {
                                                keyStore2.load(inputStream2, charArray);
                                                trustManagerFactory = trustManagerFactory2;
                                                trustManagerFactory.init(keyStore2);
                                            } catch (MalformedURLException unused11) {
                                                throw SQLError.createSQLException(str3 + " does not appear to be a valid URL.", SQL_STATE_BAD_SSL_PARAMS, 0, false, mysqlIO.getExceptionInterceptor());
                                            } catch (IOException e8) {
                                                e = e8;
                                                SQLException createSQLException22 = SQLError.createSQLException("Cannot open " + str3 + " [" + e.getMessage() + "]", SQL_STATE_BAD_SSL_PARAMS, 0, false, mysqlIO.getExceptionInterceptor());
                                                createSQLException22.initCause(e);
                                                throw createSQLException22;
                                            } catch (KeyStoreException e9) {
                                                e = e9;
                                                throw SQLError.createSQLException("Could not create KeyStore instance [" + e.getMessage() + "]", SQL_STATE_BAD_SSL_PARAMS, 0, false, mysqlIO.getExceptionInterceptor());
                                            } catch (NoSuchAlgorithmException e10) {
                                                e = e10;
                                                throw SQLError.createSQLException("Unsupported keystore algorithm [" + e.getMessage() + "]", SQL_STATE_BAD_SSL_PARAMS, 0, false, mysqlIO.getExceptionInterceptor());
                                            } catch (CertificateException unused12) {
                                                throw SQLError.createSQLException(str + trustCertificateKeyStoreType + " keystore from " + str3, SQL_STATE_BAD_SSL_PARAMS, 0, false, mysqlIO.getExceptionInterceptor());
                                            } catch (Throwable th3) {
                                                th = th3;
                                                r1 = inputStream2;
                                                if (r1 != 0) {
                                                    try {
                                                        r1.close();
                                                    } catch (IOException unused13) {
                                                    }
                                                }
                                                throw th;
                                            }
                                        }
                                        if (inputStream2 != null) {
                                            try {
                                                inputStream2.close();
                                            } catch (IOException unused14) {
                                            }
                                        }
                                    } catch (MalformedURLException unused15) {
                                        str3 = str2;
                                    } catch (IOException e11) {
                                        e = e11;
                                        str3 = str2;
                                    } catch (CertificateException unused16) {
                                        str3 = str2;
                                    }
                                } catch (KeyStoreException e12) {
                                    e = e12;
                                } catch (NoSuchAlgorithmException e13) {
                                    e = e13;
                                } catch (Throwable th4) {
                                    th = th4;
                                    r1 = 0;
                                }
                            }
                            try {
                                SSLContext sSLContext = SSLContext.getInstance("TLS");
                                KeyManager[] keyManagers = StringUtils.isNullOrEmpty(clientCertificateKeyStoreUrl) ? null : keyManagerFactory.getKeyManagers();
                                try {
                                    try {
                                        if (mysqlIO.connection.getVerifyServerCertificate()) {
                                            trustManagerArr = trustManagerFactory.getTrustManagers();
                                        } else {
                                            trustManagerArr = new X509TrustManager[1];
                                            try {
                                                trustManagerArr[0] = new X509TrustManager() { // from class: com.mysql.jdbc.ExportControlled.1
                                                    @Override // javax.net.ssl.X509TrustManager
                                                    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str4) {
                                                    }

                                                    @Override // javax.net.ssl.X509TrustManager
                                                    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str4) throws CertificateException {
                                                    }

                                                    @Override // javax.net.ssl.X509TrustManager
                                                    public X509Certificate[] getAcceptedIssuers() {
                                                        return null;
                                                    }
                                                };
                                            } catch (NoSuchAlgorithmException unused17) {
                                                r4 = 0;
                                                throw SQLError.createSQLException("TLS is not a valid SSL protocol.", SQL_STATE_BAD_SSL_PARAMS, (int) r4, (boolean) r4, mysqlIO.getExceptionInterceptor());
                                            }
                                        }
                                        sSLContext.init(keyManagers, trustManagerArr, null);
                                        return sSLContext.getSocketFactory();
                                    } catch (KeyManagementException e14) {
                                        e = e14;
                                        throw SQLError.createSQLException("KeyManagementException: " + e.getMessage(), SQL_STATE_BAD_SSL_PARAMS, 0, false, mysqlIO.getExceptionInterceptor());
                                    }
                                } catch (NoSuchAlgorithmException unused18) {
                                    r4 = 0;
                                    throw SQLError.createSQLException("TLS is not a valid SSL protocol.", SQL_STATE_BAD_SSL_PARAMS, (int) r4, (boolean) r4, mysqlIO.getExceptionInterceptor());
                                }
                            } catch (KeyManagementException e15) {
                                e = e15;
                            } catch (NoSuchAlgorithmException unused19) {
                            }
                        } catch (Throwable th5) {
                            th = th5;
                        }
                    } catch (Throwable th6) {
                        th = th6;
                        r1 = obj2;
                    }
                } catch (Throwable th7) {
                    th = th7;
                    r1 = obj;
                }
            } catch (Throwable th8) {
                th = th8;
            }
        } catch (NoSuchAlgorithmException unused20) {
            throw SQLError.createSQLException("Default algorithm definitions for TrustManager and/or KeyManager are invalid.  Check java security properties file.", SQL_STATE_BAD_SSL_PARAMS, 0, false, mysqlIO.getExceptionInterceptor());
        }
    }

    public static boolean isSSLEstablished(MysqlIO mysqlIO) {
        return SSLSocket.class.isAssignableFrom(mysqlIO.mysqlConnection.getClass());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Removed duplicated region for block: B:51:0x00df A[Catch: IOException -> 0x0158, TryCatch #0 {IOException -> 0x0158, blocks: (B:3:0x000d, B:6:0x0036, B:8:0x0040, B:9:0x004b, B:11:0x004f, B:13:0x0057, B:15:0x005a, B:18:0x005d, B:20:0x0075, B:24:0x0080, B:26:0x009b, B:28:0x00a3, B:30:0x00a6, B:34:0x010d, B:35:0x011c, B:37:0x012d, B:38:0x0143, B:42:0x0136, B:43:0x00a9, B:45:0x00b3, B:47:0x00ce, B:51:0x00df, B:53:0x00f0, B:55:0x00f4, B:57:0x00fd, B:60:0x0108, B:62:0x0105, B:66:0x00b9, B:68:0x00c2, B:70:0x00c8, B:72:0x00d5, B:76:0x0047), top: B:2:0x000d }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void transformSocketToSSLSocket(com.mysql.jdbc.MysqlIO r12) throws java.sql.SQLException {
        /*
            Method dump skipped, instructions count: 365
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(com.mysql.jdbc.MysqlIO):void");
    }
}
