package org.postgresql.ssl;

import java.io.Console;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.Properties;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.postgresql.PGProperty;
import org.postgresql.jdbc.SslMode;
import org.postgresql.ssl.NonValidatingFactory;
import org.postgresql.util.GT;
import org.postgresql.util.ObjectFactory;
import org.postgresql.util.PSQLException;
import org.postgresql.util.PSQLState;

/* loaded from: classes.dex */
public class LibPQFactory extends WrappedFactory {
    LazyKeyManager a;

    /* loaded from: classes.dex */
    public static class ConsoleCallbackHandler implements CallbackHandler {
        private char[] a;

        ConsoleCallbackHandler(String str) {
            this.a = null;
            if (str != null) {
                this.a = str.toCharArray();
            }
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) {
            Console console = System.console();
            if (console == null && this.a == null) {
                throw new UnsupportedCallbackException(callbackArr[0], "Console is not available");
            }
            for (Callback callback : callbackArr) {
                if (!(callback instanceof PasswordCallback)) {
                    throw new UnsupportedCallbackException(callback);
                }
                PasswordCallback passwordCallback = (PasswordCallback) callback;
                if (this.a != null) {
                    passwordCallback.setPassword(this.a);
                } else {
                    passwordCallback.setPassword(console.readPassword("%s", passwordCallback.getPrompt()));
                }
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v30, types: [java.security.cert.CertificateFactory] */
    /* JADX WARN: Type inference failed for: r0v55, types: [javax.security.auth.callback.CallbackHandler] */
    /* JADX WARN: Type inference failed for: r6v0 */
    /* JADX WARN: Type inference failed for: r6v1, types: [boolean] */
    /* JADX WARN: Type inference failed for: r6v2, types: [java.io.FileInputStream] */
    /* JADX WARN: Type inference failed for: r6v4, types: [java.io.FileInputStream, java.io.InputStream] */
    /* JADX WARN: Type inference failed for: r6v6 */
    public LibPQFactory(Properties properties) {
        boolean z;
        ?? r6;
        ConsoleCallbackHandler consoleCallbackHandler;
        TrustManager[] trustManagers;
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            String property = System.getProperty("file.separator");
            String str = System.getProperty("os.name").toLowerCase().contains("windows") ? System.getenv("APPDATA") + property + "postgresql" + property : System.getProperty("user.home") + property + ".postgresql" + property;
            String a = PGProperty.SSL_CERT.a(properties);
            if (a == null) {
                a = str + "postgresql.crt";
                z = true;
            } else {
                z = false;
            }
            String a2 = PGProperty.SSL_KEY.a(properties);
            if (a2 == null) {
                a2 = str + "postgresql.pk8";
                r6 = 1;
            } else {
                r6 = z;
            }
            String a3 = PGProperty.SSL_PASSWORD_CALLBACK.a(properties);
            if (a3 != null) {
                try {
                    consoleCallbackHandler = (CallbackHandler) ObjectFactory.a(a3, properties, false, null);
                } catch (Exception e) {
                    throw new PSQLException(GT.a("The password callback class provided {0} could not be instantiated.", a3), PSQLState.CONNECTION_FAILURE, e);
                }
            } else {
                consoleCallbackHandler = new ConsoleCallbackHandler(PGProperty.SSL_PASSWORD.a(properties));
            }
            this.a = new LazyKeyManager("".equals(a) ? null : a, "".equals(a2) ? null : a2, consoleCallbackHandler, r6);
            if (SslMode.a(properties).b()) {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX");
                try {
                    KeyStore keyStore = KeyStore.getInstance("jks");
                    String a4 = PGProperty.SSL_ROOT_CERT.a(properties);
                    String str2 = a4 == null ? str + "root.crt" : a4;
                    try {
                        try {
                            r6 = new FileInputStream(str2);
                            try {
                                try {
                                    Object[] array = CertificateFactory.getInstance("X.509").generateCertificates(r6).toArray(new Certificate[0]);
                                    keyStore.load(null, null);
                                    for (int i = 0; i < array.length; i++) {
                                        keyStore.setCertificateEntry("cert" + i, (Certificate) array[i]);
                                    }
                                    trustManagerFactory.init(keyStore);
                                    trustManagers = trustManagerFactory.getTrustManagers();
                                } catch (IOException e2) {
                                    throw new PSQLException(GT.a("Could not read SSL root certificate file {0}.", str2), PSQLState.CONNECTION_FAILURE, e2);
                                }
                            } catch (GeneralSecurityException e3) {
                                throw new PSQLException(GT.a("Loading the SSL root certificate {0} into a TrustManager failed.", str2), PSQLState.CONNECTION_FAILURE, e3);
                            }
                        } catch (FileNotFoundException e4) {
                            throw new PSQLException(GT.a("Could not open SSL root certificate file {0}.", str2), PSQLState.CONNECTION_FAILURE, e4);
                        }
                    } finally {
                        try {
                            r6.close();
                        } catch (IOException e5) {
                        }
                    }
                } catch (KeyStoreException e6) {
                    throw new NoSuchAlgorithmException("jks KeyStore not available");
                }
            } else {
                trustManagers = new TrustManager[]{new NonValidatingFactory.NonValidatingTM()};
            }
            try {
                sSLContext.init(new KeyManager[]{this.a}, trustManagers, null);
                this.b = sSLContext.getSocketFactory();
            } catch (KeyManagementException e7) {
                throw new PSQLException(GT.a("Could not initialize SSL context.", new Object[0]), PSQLState.CONNECTION_FAILURE, e7);
            }
        } catch (NoSuchAlgorithmException e8) {
            throw new PSQLException(GT.a("Could not find a java cryptographic algorithm: {0}.", e8.getMessage()), PSQLState.CONNECTION_FAILURE, e8);
        }
    }

    public void a() {
        if (this.a != null) {
            this.a.a();
        }
    }
}
