package org.apache.flink.shaded.net.snowflake.client.core;

import com.sun.jna.Library;
import com.sun.jna.Native;
import com.sun.jna.Pointer;
import java.nio.charset.StandardCharsets;
import org.apache.flink.shaded.net.snowflake.client.core.Constants;
import org.apache.flink.shaded.net.snowflake.client.core.SecureStorageManager;
import org.apache.flink.shaded.net.snowflake.client.jdbc.internal.google.common.base.Strings;
import org.apache.flink.shaded.net.snowflake.client.log.SFLogger;
import org.apache.flink.shaded.net.snowflake.client.log.SFLoggerFactory;

/* loaded from: input_file:org/apache/flink/shaded/net/snowflake/client/core/SecureStorageAppleManager.class */
public class SecureStorageAppleManager implements SecureStorageManager {
    private static final SFLogger logger = SFLoggerFactory.getLogger((Class<?>) SecureStorageAppleManager.class);
    private final SecurityLib securityLib = SecurityLibManager.getInstance();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/apache/flink/shaded/net/snowflake/client/core/SecureStorageAppleManager$SecurityLib.class */
    public interface SecurityLib extends Library {
        public static final int ERR_SEC_SUCCESS = 0;
        public static final int ERR_SEC_ITEM_NOT_FOUND = -25300;

        int SecKeychainFindGenericPassword(Pointer pointer, int i, byte[] bArr, int i2, byte[] bArr2, int[] iArr, Pointer[] pointerArr, Pointer[] pointerArr2);

        int SecKeychainAddGenericPassword(Pointer pointer, int i, byte[] bArr, int i2, byte[] bArr2, int i3, byte[] bArr3, Pointer[] pointerArr);

        int SecKeychainItemModifyContent(Pointer pointer, Pointer pointer2, int i, byte[] bArr);

        int SecKeychainItemDelete(Pointer pointer);

        int SecKeychainItemFreeContent(Pointer[] pointerArr, Pointer pointer);
    }

    /* loaded from: input_file:org/apache/flink/shaded/net/snowflake/client/core/SecureStorageAppleManager$SecurityLibManager.class */
    static class SecurityLibManager {
        private static SecurityLib INSTANCE = null;

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:org/apache/flink/shaded/net/snowflake/client/core/SecureStorageAppleManager$SecurityLibManager$ResourceHolder.class */
        public static class ResourceHolder {
            private static final SecurityLib INSTANCE = (SecurityLib) Native.loadLibrary("Security", SecurityLib.class);

            private ResourceHolder() {
            }
        }

        SecurityLibManager() {
        }

        public static SecurityLib getInstance() {
            if (INSTANCE == null) {
                INSTANCE = ResourceHolder.INSTANCE;
            }
            return INSTANCE;
        }

        public static void setInstance(SecurityLib securityLib) {
            INSTANCE = securityLib;
        }

        public static void resetInstance() {
            if (Constants.getOS() == Constants.OS.MAC) {
                INSTANCE = ResourceHolder.INSTANCE;
            }
        }
    }

    private SecureStorageAppleManager() {
    }

    public static SecureStorageAppleManager builder() {
        logger.info("Using Apple Keychain as a token cache storage", new Object[0]);
        return new SecureStorageAppleManager();
    }

    @Override // org.apache.flink.shaded.net.snowflake.client.core.SecureStorageManager
    public SecureStorageManager.SecureStorageStatus setCredential(String str, String str2, String str3, String str4) {
        int SecKeychainFindGenericPassword;
        int SecKeychainAddGenericPassword;
        if (Strings.isNullOrEmpty(str4)) {
            logger.info("No credential provided", false);
            return SecureStorageManager.SecureStorageStatus.SUCCESS;
        }
        byte[] bytes = SecureStorageManager.convertTarget(str, str2, str3).getBytes(StandardCharsets.UTF_8);
        byte[] bytes2 = str2.toUpperCase().getBytes(StandardCharsets.UTF_8);
        byte[] bytes3 = str4.getBytes(StandardCharsets.UTF_8);
        Pointer[] pointerArr = new Pointer[1];
        synchronized (this.securityLib) {
            SecKeychainFindGenericPassword = this.securityLib.SecKeychainFindGenericPassword(null, bytes.length, bytes, bytes2.length, bytes2, null, null, pointerArr);
        }
        if (SecKeychainFindGenericPassword != 0 && SecKeychainFindGenericPassword != -25300) {
            logger.info(String.format("Failed to check the existence of the item in keychain. Error code = %d", Integer.valueOf(Native.getLastError())), new Object[0]);
            return SecureStorageManager.SecureStorageStatus.FAILURE;
        }
        if (pointerArr[0] != null) {
            synchronized (this.securityLib) {
                SecKeychainAddGenericPassword = this.securityLib.SecKeychainItemModifyContent(pointerArr[0], null, bytes3.length, bytes3);
            }
        } else {
            synchronized (this.securityLib) {
                SecKeychainAddGenericPassword = this.securityLib.SecKeychainAddGenericPassword(Pointer.NULL, bytes.length, bytes, bytes2.length, bytes2, bytes3.length, bytes3, null);
            }
        }
        if (SecKeychainAddGenericPassword != 0) {
            logger.info(String.format("Failed to set/modify the item in keychain. Error code = %d", Integer.valueOf(Native.getLastError())), new Object[0]);
            return SecureStorageManager.SecureStorageStatus.FAILURE;
        }
        logger.debug("Set the item in keychain successfully", new Object[0]);
        return SecureStorageManager.SecureStorageStatus.SUCCESS;
    }

    @Override // org.apache.flink.shaded.net.snowflake.client.core.SecureStorageManager
    public String getCredential(String str, String str2, String str3) {
        int SecKeychainFindGenericPassword;
        byte[] bytes = SecureStorageManager.convertTarget(str, str2, str3).getBytes(StandardCharsets.UTF_8);
        byte[] bytes2 = str2.toUpperCase().getBytes(StandardCharsets.UTF_8);
        int[] iArr = new int[1];
        Pointer[] pointerArr = new Pointer[1];
        try {
            synchronized (this.securityLib) {
                SecKeychainFindGenericPassword = this.securityLib.SecKeychainFindGenericPassword(null, bytes.length, bytes, bytes2.length, bytes2, iArr, pointerArr, null);
            }
            if (SecKeychainFindGenericPassword != 0) {
                logger.info(String.format("Failed to find the item in keychain or item not exists. Error code = %d", Integer.valueOf(Native.getLastError())), new Object[0]);
                if (pointerArr[0] != null) {
                    synchronized (this.securityLib) {
                        this.securityLib.SecKeychainItemFreeContent(null, pointerArr[0]);
                    }
                }
                return null;
            }
            if (iArr[0] == 0 || pointerArr[0] == null) {
                logger.info("Found empty item or no item is found", false);
                if (pointerArr[0] != null) {
                    synchronized (this.securityLib) {
                        this.securityLib.SecKeychainItemFreeContent(null, pointerArr[0]);
                    }
                }
                return null;
            }
            String str4 = new String(pointerArr[0].getByteArray(0L, iArr[0]), StandardCharsets.UTF_8);
            logger.debug("Successfully read the credential. Will return it as String now", new Object[0]);
            if (pointerArr[0] != null) {
                synchronized (this.securityLib) {
                    this.securityLib.SecKeychainItemFreeContent(null, pointerArr[0]);
                }
            }
            return str4;
        } catch (Throwable th) {
            if (pointerArr[0] != null) {
                synchronized (this.securityLib) {
                    this.securityLib.SecKeychainItemFreeContent(null, pointerArr[0]);
                }
            }
            throw th;
        }
    }

    @Override // org.apache.flink.shaded.net.snowflake.client.core.SecureStorageManager
    public SecureStorageManager.SecureStorageStatus deleteCredential(String str, String str2, String str3) {
        int SecKeychainFindGenericPassword;
        int SecKeychainItemDelete;
        byte[] bytes = SecureStorageManager.convertTarget(str, str2, str3).getBytes(StandardCharsets.UTF_8);
        byte[] bytes2 = str2.toUpperCase().getBytes(StandardCharsets.UTF_8);
        Pointer[] pointerArr = new Pointer[1];
        synchronized (this.securityLib) {
            SecKeychainFindGenericPassword = this.securityLib.SecKeychainFindGenericPassword(null, bytes.length, bytes, bytes2.length, bytes2, null, null, pointerArr);
        }
        if (SecKeychainFindGenericPassword != 0 && SecKeychainFindGenericPassword != -25300) {
            logger.info(String.format("Failed to delete the item in keychain. Error code = %d", Integer.valueOf(Native.getLastError())), new Object[0]);
            return SecureStorageManager.SecureStorageStatus.FAILURE;
        }
        if (pointerArr[0] != null) {
            synchronized (this.securityLib) {
                SecKeychainItemDelete = this.securityLib.SecKeychainItemDelete(pointerArr[0]);
            }
            if (SecKeychainItemDelete != 0) {
                logger.info(String.format("Failed to delete the item in keychain. Error code = %d", Integer.valueOf(Native.getLastError())), new Object[0]);
                return SecureStorageManager.SecureStorageStatus.FAILURE;
            }
        }
        return SecureStorageManager.SecureStorageStatus.SUCCESS;
    }
}
