package com.microsoft.sqlserver.jdbc;

import java.io.IOException;
import java.net.URL;
import java.net.URLConnection;
import java.security.GeneralSecurityException;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Hashtable;

/* loaded from: input_file:com/microsoft/sqlserver/jdbc/SQLServerVSMEnclaveProvider.class */
public class SQLServerVSMEnclaveProvider implements ISQLServerEnclaveProvider {
    private VSMAttestationParameters vsmParams = null;
    private VSMAttestationResponse hgsResponse = null;
    private String attestationUrl = null;
    private EnclaveSession enclaveSession = null;
    private static EnclaveSessionCache enclaveCache = new EnclaveSessionCache();
    private static Hashtable<String, X509CertificateEntry> certificateCache = new Hashtable<>();

    @Override // com.microsoft.sqlserver.jdbc.ISQLServerEnclaveProvider
    public void getAttestationParameters(String str) throws SQLServerException {
        if (null == this.vsmParams) {
            this.attestationUrl = str;
            this.vsmParams = new VSMAttestationParameters();
        }
    }

    @Override // com.microsoft.sqlserver.jdbc.ISQLServerEnclaveProvider
    public ArrayList<byte[]> createEnclaveSession(SQLServerConnection sQLServerConnection, SQLServerStatement sQLServerStatement, String str, String str2, Parameter[] parameterArr, ArrayList<String> arrayList) throws SQLServerException {
        EnclaveCacheEntry session = enclaveCache.getSession(sQLServerConnection.getServerName() + sQLServerConnection.getCatalog() + this.attestationUrl);
        if (null != session) {
            this.enclaveSession = session.getEnclaveSession();
            this.vsmParams = (VSMAttestationParameters) session.getBaseAttestationRequest();
        }
        ArrayList<byte[]> describeParameterEncryption = describeParameterEncryption(sQLServerConnection, sQLServerStatement, str, str2, parameterArr, arrayList);
        if (sQLServerConnection.enclaveEstablished()) {
            return describeParameterEncryption;
        }
        if (null != this.hgsResponse && !sQLServerConnection.enclaveEstablished()) {
            try {
                this.enclaveSession = new EnclaveSession(this.hgsResponse.getSessionID(), this.vsmParams.createSessionSecret(this.hgsResponse.getDHpublicKey()));
                enclaveCache.addEntry(sQLServerConnection.getServerName(), sQLServerConnection.getCatalog(), sQLServerConnection.enclaveAttestationUrl, this.vsmParams, this.enclaveSession);
            } catch (GeneralSecurityException e) {
                SQLServerException.makeFromDriverError(sQLServerConnection, this, e.getLocalizedMessage(), "0", false);
            }
        }
        return describeParameterEncryption;
    }

    @Override // com.microsoft.sqlserver.jdbc.ISQLServerEnclaveProvider
    public void invalidateEnclaveSession() {
        if (null != this.enclaveSession) {
            enclaveCache.removeEntry(this.enclaveSession);
        }
        this.enclaveSession = null;
        this.vsmParams = null;
        this.attestationUrl = null;
    }

    @Override // com.microsoft.sqlserver.jdbc.ISQLServerEnclaveProvider
    public EnclaveSession getEnclaveSession() {
        return this.enclaveSession;
    }

    private void validateAttestationResponse() throws SQLServerException {
        if (null != this.hgsResponse) {
            try {
                this.hgsResponse.validateCert(getAttestationCertificates());
                this.hgsResponse.validateStatementSignature();
                this.hgsResponse.validateDHPublicKey();
            } catch (IOException | GeneralSecurityException e) {
                SQLServerException.makeFromDriverError(null, this, e.getLocalizedMessage(), "0", false);
            }
        }
    }

    private byte[] getAttestationCertificates() throws IOException {
        byte[] bArr = null;
        X509CertificateEntry x509CertificateEntry = certificateCache.get(this.attestationUrl);
        if (null != x509CertificateEntry && !x509CertificateEntry.expired()) {
            bArr = x509CertificateEntry.getCertificates();
        } else if (null != x509CertificateEntry && x509CertificateEntry.expired()) {
            certificateCache.remove(this.attestationUrl);
        }
        if (null == bArr) {
            URLConnection openConnection = new URL(this.attestationUrl + "/attestationservice.svc/v2.0/signingCertificates/").openConnection();
            byte[] bArr2 = new byte[openConnection.getInputStream().available()];
            openConnection.getInputStream().read(bArr2, 0, bArr2.length);
            String str = new String(bArr2);
            String[] split = str.substring(1, str.length() - 1).split(",");
            bArr = new byte[split.length];
            for (int i = 0; i < bArr.length; i++) {
                bArr[i] = (byte) Integer.parseInt(split[i]);
            }
            certificateCache.put(this.attestationUrl, new X509CertificateEntry(bArr));
        }
        return bArr;
    }

    private ArrayList<byte[]> describeParameterEncryption(SQLServerConnection sQLServerConnection, SQLServerStatement sQLServerStatement, String str, String str2, Parameter[] parameterArr, ArrayList<String> arrayList) throws SQLServerException {
        ArrayList<byte[]> arrayList2 = new ArrayList<>();
        try {
            PreparedStatement prepareStatement = sQLServerConnection.prepareStatement(sQLServerConnection.enclaveEstablished() ? ISQLServerEnclaveProvider.SDPE1 : ISQLServerEnclaveProvider.SDPE2);
            try {
                if (sQLServerConnection.getServerColumnEncryptionVersion() == ColumnEncryptionVersion.AE_V2 || parameterArr == null || parameterArr.length == 0 || !ParameterMetaDataCache.getQueryMetadata(parameterArr, arrayList, sQLServerConnection, sQLServerStatement, str)) {
                    ResultSet executeSDPEv1 = sQLServerConnection.enclaveEstablished() ? executeSDPEv1(prepareStatement, str, str2) : executeSDPEv2(prepareStatement, str, str2, this.vsmParams);
                    if (null == executeSDPEv1) {
                        if (executeSDPEv1 != null) {
                            executeSDPEv1.close();
                        }
                        if (prepareStatement != null) {
                            prepareStatement.close();
                        }
                        return arrayList2;
                    }
                    try {
                        processSDPEv1(str, str2, parameterArr, arrayList, sQLServerConnection, sQLServerStatement, prepareStatement, executeSDPEv1, arrayList2);
                        if (sQLServerConnection.isAEv2() && prepareStatement.getMoreResults()) {
                            SQLServerResultSet sQLServerResultSet = (SQLServerResultSet) prepareStatement.getResultSet();
                            try {
                                if (sQLServerResultSet.next()) {
                                    this.hgsResponse = new VSMAttestationResponse(sQLServerResultSet.getBytes(1));
                                    validateAttestationResponse();
                                } else {
                                    SQLServerException.makeFromDriverError(null, this, SQLServerException.getErrString("R_UnableRetrieveParameterMetadata"), "0", false);
                                }
                                if (sQLServerResultSet != null) {
                                    sQLServerResultSet.close();
                                }
                            } catch (Throwable th) {
                                if (sQLServerResultSet != null) {
                                    try {
                                        sQLServerResultSet.close();
                                    } catch (Throwable th2) {
                                        th.addSuppressed(th2);
                                    }
                                }
                                throw th;
                            }
                        }
                        if (executeSDPEv1 != null) {
                            executeSDPEv1.close();
                        }
                    } catch (Throwable th3) {
                        if (executeSDPEv1 != null) {
                            try {
                                executeSDPEv1.close();
                            } catch (Throwable th4) {
                                th3.addSuppressed(th4);
                            }
                        }
                        throw th3;
                    }
                }
                if (prepareStatement != null) {
                    prepareStatement.close();
                }
                return arrayList2;
            } catch (Throwable th5) {
                if (prepareStatement != null) {
                    try {
                        prepareStatement.close();
                    } catch (Throwable th6) {
                        th5.addSuppressed(th6);
                    }
                }
                throw th5;
            }
        } catch (IOException | SQLException e) {
            if (e instanceof SQLServerException) {
                throw ((SQLServerException) e);
            }
            throw new SQLServerException(SQLServerException.getErrString("R_UnableRetrieveParameterMetadata"), (String) null, 0, e);
        }
    }
}
