package com.mysql.cj.protocol.a.authentication;

import com.mysql.cj.Messages;
import com.mysql.cj.conf.PropertyKey;
import com.mysql.cj.exceptions.CJException;
import com.mysql.cj.exceptions.ExceptionFactory;
import com.mysql.cj.exceptions.UnableToConnectException;
import com.mysql.cj.protocol.Protocol;
import com.mysql.cj.protocol.Security;
import com.mysql.cj.protocol.a.NativeConstants;
import com.mysql.cj.protocol.a.NativePacketPayload;
import com.mysql.cj.util.StringUtils;
import java.security.DigestException;
import java.util.List;

/* loaded from: input_file:WEB-INF/lib/mysql-connector-java-8.0.28.jar:com/mysql/cj/protocol/a/authentication/CachingSha2PasswordPlugin.class */
public class CachingSha2PasswordPlugin extends Sha256PasswordPlugin {
    public static String PLUGIN_NAME = "caching_sha2_password";
    private AuthStage stage = AuthStage.FAST_AUTH_SEND_SCRAMBLE;

    /* loaded from: input_file:WEB-INF/lib/mysql-connector-java-8.0.28.jar:com/mysql/cj/protocol/a/authentication/CachingSha2PasswordPlugin$AuthStage.class */
    public enum AuthStage {
        FAST_AUTH_SEND_SCRAMBLE,
        FAST_AUTH_READ_RESULT,
        FAST_AUTH_COMPLETE,
        FULL_AUTH
    }

    @Override // com.mysql.cj.protocol.AuthenticationPlugin
    public void init(Protocol<NativePacketPayload> protocol) {
        super.init(protocol);
        this.stage = AuthStage.FAST_AUTH_SEND_SCRAMBLE;
    }

    @Override // com.mysql.cj.protocol.AuthenticationPlugin
    public void reset() {
        this.stage = AuthStage.FAST_AUTH_SEND_SCRAMBLE;
    }

    @Override // com.mysql.cj.protocol.a.authentication.Sha256PasswordPlugin, com.mysql.cj.protocol.AuthenticationPlugin
    public void destroy() {
        this.stage = AuthStage.FAST_AUTH_SEND_SCRAMBLE;
        super.destroy();
    }

    @Override // com.mysql.cj.protocol.a.authentication.Sha256PasswordPlugin, com.mysql.cj.protocol.AuthenticationPlugin
    public String getProtocolPluginName() {
        return PLUGIN_NAME;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.mysql.cj.protocol.a.authentication.Sha256PasswordPlugin, com.mysql.cj.protocol.AuthenticationPlugin
    public boolean nextAuthenticationStep(NativePacketPayload nativePacketPayload, List<NativePacketPayload> list) {
        list.clear();
        if (this.password == null || this.password.length() == 0 || nativePacketPayload == null) {
            list.add(new NativePacketPayload(new byte[]{0}));
            return true;
        }
        try {
            if (this.stage == AuthStage.FAST_AUTH_SEND_SCRAMBLE) {
                this.seed = nativePacketPayload.readString(NativeConstants.StringSelfDataType.STRING_TERM, null);
                list.add(new NativePacketPayload(Security.scrambleCachingSha2(StringUtils.getBytes(this.password, this.protocol.getServerSession().getCharsetSettings().getPasswordCharacterEncoding()), this.seed.getBytes())));
                this.stage = AuthStage.FAST_AUTH_READ_RESULT;
                return true;
            }
            if (this.stage == AuthStage.FAST_AUTH_READ_RESULT) {
                switch (nativePacketPayload.readBytes(NativeConstants.StringLengthDataType.STRING_FIXED, 1)[0]) {
                    case 3:
                        this.stage = AuthStage.FAST_AUTH_COMPLETE;
                        return true;
                    case 4:
                        this.stage = AuthStage.FULL_AUTH;
                        break;
                    default:
                        throw ExceptionFactory.createException("Unknown server response after fast auth.", this.protocol.getExceptionInterceptor());
                }
            }
            if (this.protocol.getSocketConnection().isSSLEstablished()) {
                NativePacketPayload nativePacketPayload2 = new NativePacketPayload(StringUtils.getBytes(this.password, this.protocol.getServerSession().getCharsetSettings().getPasswordCharacterEncoding()));
                nativePacketPayload2.setPosition(nativePacketPayload2.getPayloadLength());
                nativePacketPayload2.writeInteger(NativeConstants.IntegerDataType.INT1, 0L);
                nativePacketPayload2.setPosition(0);
                list.add(nativePacketPayload2);
            } else if (this.serverRSAPublicKeyFile.getValue() != null) {
                list.add(new NativePacketPayload(encryptPassword()));
            } else {
                if (!this.protocol.getPropertySet().getBooleanProperty(PropertyKey.allowPublicKeyRetrieval).getValue().booleanValue()) {
                    throw ((UnableToConnectException) ExceptionFactory.createException(UnableToConnectException.class, Messages.getString("Sha256PasswordPlugin.2"), this.protocol.getExceptionInterceptor()));
                }
                if (!this.publicKeyRequested || nativePacketPayload.getPayloadLength() <= 21) {
                    list.add(new NativePacketPayload(new byte[]{2}));
                    this.publicKeyRequested = true;
                } else {
                    this.publicKeyString = nativePacketPayload.readString(NativeConstants.StringSelfDataType.STRING_TERM, null);
                    list.add(new NativePacketPayload(encryptPassword()));
                    this.publicKeyRequested = false;
                }
            }
            return true;
        } catch (CJException | DigestException e) {
            throw ExceptionFactory.createException(e.getMessage(), e, this.protocol.getExceptionInterceptor());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.mysql.cj.protocol.a.authentication.Sha256PasswordPlugin
    public byte[] encryptPassword() {
        return this.protocol.versionMeetsMinimum(8, 0, 5) ? super.encryptPassword() : super.encryptPassword("RSA/ECB/PKCS1Padding");
    }
}
