package org.postgresql.shaded.com.ongres.scram.client;

import org.postgresql.shaded.com.ongres.scram.common.ScramFunctions;
import org.postgresql.shaded.com.ongres.scram.common.ScramMechanism;
import org.postgresql.shaded.com.ongres.scram.common.bouncycastle.base64.Base64;
import org.postgresql.shaded.com.ongres.scram.common.exception.ScramInvalidServerSignatureException;
import org.postgresql.shaded.com.ongres.scram.common.exception.ScramParseException;
import org.postgresql.shaded.com.ongres.scram.common.exception.ScramServerErrorException;
import org.postgresql.shaded.com.ongres.scram.common.gssapi.Gs2CbindFlag;
import org.postgresql.shaded.com.ongres.scram.common.message.ClientFinalMessage;
import org.postgresql.shaded.com.ongres.scram.common.message.ClientFirstMessage;
import org.postgresql.shaded.com.ongres.scram.common.message.ServerFinalMessage;
import org.postgresql.shaded.com.ongres.scram.common.message.ServerFirstMessage;
import org.postgresql.shaded.com.ongres.scram.common.stringprep.StringPreparation;
import org.postgresql.shaded.com.ongres.scram.common.util.Preconditions;

/* loaded from: input_file:BOOT-INF/lib/postgresql-42.4.1.jar:org/postgresql/shaded/com/ongres/scram/client/ScramSession.class */
public class ScramSession {
    private final ScramMechanism scramMechanism;
    private final StringPreparation stringPreparation;
    private final String user;
    private final String nonce;
    private ClientFirstMessage clientFirstMessage;
    private String serverFirstMessageString;

    /* loaded from: input_file:BOOT-INF/lib/postgresql-42.4.1.jar:org/postgresql/shaded/com/ongres/scram/client/ScramSession$ClientFinalProcessor.class */
    public class ClientFinalProcessor {
        private final String nonce;
        private final byte[] clientKey;
        private final byte[] storedKey;
        private final byte[] serverKey;
        private String authMessage;
        static final /* synthetic */ boolean $assertionsDisabled;

        private ClientFinalProcessor(String str, byte[] bArr, byte[] bArr2, byte[] bArr3) {
            if (!$assertionsDisabled && null == bArr) {
                throw new AssertionError("clientKey");
            }
            if (!$assertionsDisabled && null == bArr2) {
                throw new AssertionError("storedKey");
            }
            if (!$assertionsDisabled && null == bArr3) {
                throw new AssertionError("serverKey");
            }
            this.nonce = str;
            this.clientKey = bArr;
            this.storedKey = bArr2;
            this.serverKey = bArr3;
        }

        private ClientFinalProcessor(ScramSession scramSession, String str, byte[] bArr, byte[] bArr2) {
            this(str, bArr, ScramFunctions.storedKey(scramSession.scramMechanism, bArr), bArr2);
        }

        private ClientFinalProcessor(ScramSession scramSession, String str, byte[] bArr) {
            this(scramSession, str, ScramFunctions.clientKey(scramSession.scramMechanism, bArr), ScramFunctions.serverKey(scramSession.scramMechanism, bArr));
        }

        private ClientFinalProcessor(ScramSession scramSession, String str, String str2, String str3, int i) {
            this(scramSession, str, ScramFunctions.saltedPassword(scramSession.scramMechanism, scramSession.stringPreparation, str2, Base64.decode(str3), i));
        }

        private synchronized void generateAndCacheAuthMessage(byte[] bArr) {
            if (null != this.authMessage) {
                return;
            }
            this.authMessage = ScramSession.this.clientFirstMessage.writeToWithoutGs2Header(new StringBuffer()).append(",").append(ScramSession.this.serverFirstMessageString).append(",").append(ClientFinalMessage.writeToWithoutProof(ScramSession.this.clientFirstMessage.getGs2Header(), bArr, this.nonce)).toString();
        }

        private String clientFinalMessage(byte[] bArr) throws IllegalArgumentException {
            if (null == this.authMessage) {
                generateAndCacheAuthMessage(bArr);
            }
            return new ClientFinalMessage(ScramSession.this.clientFirstMessage.getGs2Header(), bArr, this.nonce, ScramFunctions.clientProof(this.clientKey, ScramFunctions.clientSignature(ScramSession.this.scramMechanism, this.storedKey, this.authMessage))).toString();
        }

        public String clientFinalMessage() {
            return clientFinalMessage(null);
        }

        public void receiveServerFinalMessage(String str) throws ScramParseException, ScramServerErrorException, ScramInvalidServerSignatureException, IllegalArgumentException {
            Preconditions.checkNotEmpty(str, "serverFinalMessage");
            ServerFinalMessage parseFrom = ServerFinalMessage.parseFrom(str);
            if (parseFrom.isError()) {
                throw new ScramServerErrorException(parseFrom.getError());
            }
            if (!ScramFunctions.verifyServerSignature(ScramSession.this.scramMechanism, this.serverKey, this.authMessage, parseFrom.getVerifier())) {
                throw new ScramInvalidServerSignatureException("Invalid server SCRAM signature");
            }
        }

        static {
            $assertionsDisabled = !ScramSession.class.desiredAssertionStatus();
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/postgresql-42.4.1.jar:org/postgresql/shaded/com/ongres/scram/client/ScramSession$ServerFirstProcessor.class */
    public class ServerFirstProcessor {
        private final ServerFirstMessage serverFirstMessage;

        private ServerFirstProcessor(String str) throws ScramParseException {
            ScramSession.this.serverFirstMessageString = str;
            this.serverFirstMessage = ServerFirstMessage.parseFrom(str, ScramSession.this.nonce);
        }

        public String getSalt() {
            return this.serverFirstMessage.getSalt();
        }

        public int getIteration() {
            return this.serverFirstMessage.getIteration();
        }

        public ClientFinalProcessor clientFinalProcessor(String str) throws IllegalArgumentException {
            return new ClientFinalProcessor(this.serverFirstMessage.getNonce(), Preconditions.checkNotEmpty(str, "password"), getSalt(), getIteration());
        }

        public ClientFinalProcessor clientFinalProcessor(byte[] bArr, byte[] bArr2) throws IllegalArgumentException {
            return new ClientFinalProcessor(this.serverFirstMessage.getNonce(), (byte[]) Preconditions.checkNotNull(bArr, "clientKey"), (byte[]) Preconditions.checkNotNull(bArr2, "storedKey"));
        }
    }

    public ScramSession(ScramMechanism scramMechanism, StringPreparation stringPreparation, String str, String str2) {
        this.scramMechanism = (ScramMechanism) Preconditions.checkNotNull(scramMechanism, "scramMechanism");
        this.stringPreparation = (StringPreparation) Preconditions.checkNotNull(stringPreparation, "stringPreparation");
        this.user = Preconditions.checkNotEmpty(str, "user");
        this.nonce = Preconditions.checkNotEmpty(str2, "nonce");
    }

    private String setAndReturnClientFirstMessage(ClientFirstMessage clientFirstMessage) {
        this.clientFirstMessage = clientFirstMessage;
        return clientFirstMessage.toString();
    }

    public String clientFirstMessage(Gs2CbindFlag gs2CbindFlag, String str, String str2) {
        return setAndReturnClientFirstMessage(new ClientFirstMessage(gs2CbindFlag, str2, str, this.user, this.nonce));
    }

    public String clientFirstMessage() {
        return setAndReturnClientFirstMessage(new ClientFirstMessage(this.user, this.nonce));
    }

    public ServerFirstProcessor receiveServerFirstMessage(String str) throws ScramParseException, IllegalArgumentException {
        return new ServerFirstProcessor(Preconditions.checkNotEmpty(str, "serverFirstMessage"));
    }
}
