package com.huawei.gaussdb.jdbc.ssl;

import com.huawei.gaussdb.jdbc.util.GT;
import com.huawei.gaussdb.jdbc.util.PSQLException;
import com.huawei.gaussdb.jdbc.util.PSQLState;
import java.lang.reflect.Method;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import java.sql.SQLException;
import java.util.Arrays;
import javax.security.auth.callback.PasswordCallback;

/* loaded from: input_file:com/huawei/gaussdb/jdbc/ssl/BouncyCastlePrivateKeyFactory.class */
public class BouncyCastlePrivateKeyFactory implements PrivateKeyFactory {
    private static boolean bcEnbled = false;
    private static Class<?> asnSequece = null;
    private static Class<?> privateKeyInfo = null;
    private static Class<?> jcaPemConverter = null;
    private static Class<?> jceOpensslBuilder = null;
    private static Class<?> inputDecryptorProvider = null;
    private static Class<?> pkcs8EncryptedPkeyInfo = null;
    private static Class<?> encryptPrivateKeyInfo;

    public static Provider initBouncyCastleProvider() throws SQLException {
        try {
            return (Provider) Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider").newInstance();
        } catch (ClassNotFoundException | IllegalAccessException | InstantiationException e) {
            throw new PSQLException(GT.tr("Could not found bouncycastle provider, please load bcprov-jdk15on jar package manually", new Object[0]), PSQLState.CONNECTION_REJECTED);
        }
    }

    private static void initBc() throws Exception {
        try {
            Security.addProvider((Provider) Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider").newInstance());
            asnSequece = Class.forName("org.bouncycastle.asn1.ASN1Sequence");
            privateKeyInfo = Class.forName("org.bouncycastle.asn1.pkcs.PrivateKeyInfo");
            jcaPemConverter = Class.forName("org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter");
            jceOpensslBuilder = Class.forName("org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder");
            inputDecryptorProvider = Class.forName("org.bouncycastle.operator.InputDecryptorProvider");
            pkcs8EncryptedPkeyInfo = Class.forName("org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo");
            encryptPrivateKeyInfo = Class.forName("org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo");
            bcEnbled = true;
        } catch (ClassNotFoundException e) {
            bcEnbled = false;
            throw new Exception("Counld not find some class: " + e.getMessage());
        } catch (Exception e2) {
            bcEnbled = false;
            throw new Exception("Counld not find init bouncycastle: " + e2.getMessage());
        }
    }

    private PrivateKey getPrivateKeyByBouncycastle(byte[] bArr, PasswordCallback passwordCallback) throws Exception {
        try {
            if (!bcEnbled) {
                synchronized (BouncyCastlePrivateKeyFactory.class) {
                    if (!bcEnbled) {
                        initBc();
                    }
                }
            }
            if (!bcEnbled) {
                return null;
            }
            Object newInstance = pkcs8EncryptedPkeyInfo.getConstructor(encryptPrivateKeyInfo).newInstance(encryptPrivateKeyInfo.getDeclaredMethod("getInstance", Object.class).invoke(null, asnSequece.getDeclaredMethod("getInstance", Object.class).invoke(null, Arrays.copyOf(bArr, bArr.length))));
            Object newInstance2 = jcaPemConverter.newInstance();
            Object newInstance3 = jceOpensslBuilder.newInstance();
            Method declaredMethod = jceOpensslBuilder.getDeclaredMethod("build", char[].class);
            if (passwordCallback == null) {
                return null;
            }
            return (PrivateKey) jcaPemConverter.getDeclaredMethod("getPrivateKey", privateKeyInfo).invoke(newInstance2, pkcs8EncryptedPkeyInfo.getDeclaredMethod("decryptPrivateKeyInfo", inputDecryptorProvider).invoke(newInstance, declaredMethod.invoke(newInstance3, passwordCallback.getPassword())));
        } catch (Exception e) {
            throw new Exception("get private key by bouncycastle failed:" + e.getMessage());
        }
    }

    @Override // com.huawei.gaussdb.jdbc.ssl.PrivateKeyFactory
    public PrivateKey getPrivateKeyFromEncryptedKey(byte[] bArr, PasswordCallback passwordCallback) throws Exception {
        return getPrivateKeyByBouncycastle(bArr, passwordCallback);
    }
}
