package com.microsoft.credentialstorage.implementation.windows;

import com.microsoft.credentialstorage.SecretStore;
import com.microsoft.credentialstorage.implementation.windows.CredAdvapi32;
import com.microsoft.credentialstorage.model.StoredSecret;
import com.sun.jna.LastErrorException;
import com.sun.jna.Memory;
import com.sun.jna.Pointer;
import java.nio.ByteBuffer;
import java.nio.CharBuffer;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Objects;
import java.util.function.Function;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/microsoft/credentialstorage/implementation/windows/CredManagerBackedSecureStore.class */
public abstract class CredManagerBackedSecureStore<E extends StoredSecret> implements SecretStore<E> {
    protected static final Logger logger = LoggerFactory.getLogger(CredManagerBackedSecureStore.class);
    private static final Charset UTF16LE = StandardCharsets.UTF_16LE;
    private final CredAdvapi32 INSTANCE = getCredAdvapi32Instance();

    @Override // com.microsoft.credentialstorage.SecretStore
    public E get(String str) {
        Objects.requireNonNull(str, "key cannot be null");
        logger.info("Getting secret for {}", str);
        return (E) readSecret(str, this::createSecret);
    }

    @Override // com.microsoft.credentialstorage.SecretStore
    public boolean delete(String str) {
        Objects.requireNonNull(str, "key cannot be null");
        logger.info("Deleting secret for {}", str);
        return deleteSecret(str);
    }

    @Override // com.microsoft.credentialstorage.SecretStore
    public abstract boolean add(String str, E e);

    @Override // com.microsoft.credentialstorage.SecretStore
    public boolean isSecure() {
        return true;
    }

    public static boolean isSupported() {
        return isWindows();
    }

    protected abstract E create(String str, char[] cArr);

    private E createSecret(CredAdvapi32.CREDENTIAL credential) {
        return create(credential.UserName, getSecret(credential));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public char[] getSecret(CredAdvapi32.CREDENTIAL credential) {
        return UTF16LEGetString(credential.CredentialBlob.getByteArray(0L, credential.CredentialBlobSize));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public <T> T readSecret(String str, Function<CredAdvapi32.CREDENTIAL, T> function) {
        boolean CredRead;
        T t = null;
        CredAdvapi32.PCREDENTIAL pcredential = new CredAdvapi32.PCREDENTIAL();
        try {
            try {
                synchronized (this.INSTANCE) {
                    CredRead = this.INSTANCE.CredRead(str, 1, 0, pcredential);
                }
                if (CredRead) {
                    t = function.apply(new CredAdvapi32.CREDENTIAL(pcredential.credential));
                }
                if (pcredential.credential != null) {
                    synchronized (this.INSTANCE) {
                        this.INSTANCE.CredFree(pcredential.credential);
                    }
                }
            } catch (LastErrorException e) {
                logger.error("Getting secret failed. {}", e.getMessage());
                if (pcredential.credential != null) {
                    synchronized (this.INSTANCE) {
                        this.INSTANCE.CredFree(pcredential.credential);
                    }
                }
            }
            return t;
        } catch (Throwable th) {
            if (pcredential.credential != null) {
                synchronized (this.INSTANCE) {
                    this.INSTANCE.CredFree(pcredential.credential);
                }
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean writeSecret(String str, String str2, char[] cArr) {
        byte[] UTF16LEGetBytes = UTF16LEGetBytes(cArr);
        CredAdvapi32.CREDENTIAL buildCred = buildCred(str, str2, UTF16LEGetBytes);
        try {
            try {
                synchronized (this.INSTANCE) {
                    this.INSTANCE.CredWrite(buildCred, 0);
                }
                buildCred.CredentialBlob.clear(UTF16LEGetBytes.length);
                Arrays.fill(UTF16LEGetBytes, (byte) 0);
                return true;
            } catch (LastErrorException e) {
                logger.error("Adding secret failed. {}", e.getMessage());
                buildCred.CredentialBlob.clear(UTF16LEGetBytes.length);
                Arrays.fill(UTF16LEGetBytes, (byte) 0);
                return false;
            }
        } catch (Throwable th) {
            buildCred.CredentialBlob.clear(UTF16LEGetBytes.length);
            Arrays.fill(UTF16LEGetBytes, (byte) 0);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean deleteSecret(String str) {
        boolean CredDelete;
        try {
            synchronized (this.INSTANCE) {
                CredDelete = this.INSTANCE.CredDelete(str, 1, 0);
            }
            return CredDelete;
        } catch (LastErrorException e) {
            logger.error("Deleting secret failed. {}", e.getMessage());
            return false;
        }
    }

    static CredAdvapi32.CREDENTIAL buildCred(String str, String str2, byte[] bArr) {
        CredAdvapi32.CREDENTIAL credential = new CredAdvapi32.CREDENTIAL();
        credential.Flags = 0;
        credential.Type = 1;
        credential.TargetName = str;
        credential.CredentialBlobSize = bArr.length;
        credential.CredentialBlob = getPointer(bArr);
        credential.Persist = 2;
        credential.UserName = str2;
        return credential;
    }

    private static Pointer getPointer(byte[] bArr) {
        Memory memory = new Memory(bArr.length);
        memory.write(0L, bArr, 0, bArr.length);
        return memory;
    }

    private static byte[] UTF16LEGetBytes(char[] cArr) {
        return UTF16LE.encode(CharBuffer.wrap(cArr)).array();
    }

    private static char[] UTF16LEGetString(byte[] bArr) {
        return UTF16LE.decode(ByteBuffer.wrap(bArr)).array();
    }

    private static boolean isWindows() {
        return System.getProperty("os.name").startsWith("Windows");
    }

    private static CredAdvapi32 getCredAdvapi32Instance() {
        if (isSupported()) {
            return CredAdvapi32.INSTANCE;
        }
        logger.warn("Returning a dummy library on non Windows platform.  This is a bug unless you are testing.");
        return new CredAdvapi32() { // from class: com.microsoft.credentialstorage.implementation.windows.CredManagerBackedSecureStore.1
            @Override // com.microsoft.credentialstorage.implementation.windows.CredAdvapi32
            public boolean CredRead(String str, int i, int i2, CredAdvapi32.PCREDENTIAL pcredential) throws LastErrorException {
                return false;
            }

            @Override // com.microsoft.credentialstorage.implementation.windows.CredAdvapi32
            public boolean CredWrite(CredAdvapi32.CREDENTIAL credential, int i) throws LastErrorException {
                return false;
            }

            @Override // com.microsoft.credentialstorage.implementation.windows.CredAdvapi32
            public boolean CredDelete(String str, int i, int i2) throws LastErrorException {
                return false;
            }

            @Override // com.microsoft.credentialstorage.implementation.windows.CredAdvapi32
            public void CredFree(Pointer pointer) throws LastErrorException {
            }
        };
    }
}
