package com.mongodb.jdbc.utils;

import com.mongodb.MongoClientSettings;
import com.mongodb.jdbc.logging.LoggingAspect;
import com.mongodb.jdbc.logging.MongoLogger;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.util.logging.Level;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.reflect.Factory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:com/mongodb/jdbc/utils/X509Authentication.class */
public class X509Authentication {
    private static final BouncyCastleProvider BC_PROVIDER;
    private final MongoLogger logger;
    private static /* synthetic */ JoinPoint.StaticPart ajc$tjp_0;
    private static /* synthetic */ JoinPoint.StaticPart ajc$tjp_1;
    private static /* synthetic */ JoinPoint.StaticPart ajc$tjp_2;

    static {
        ajc$preClinit();
        BC_PROVIDER = new BouncyCastleProvider();
    }

    public X509Authentication(MongoLogger mongoLogger) {
        if (LoggingAspect.hasAspect(this)) {
            logger_aroundBody1$advice(this, this, mongoLogger, LoggingAspect.aspectOf(this), mongoLogger, null);
        } else {
            this.logger = mongoLogger;
        }
    }

    public void configureX509Authentication(MongoClientSettings.Builder builder, String str, char[] cArr) {
        try {
            this.logger.log(Level.FINE, "Using client certificate for X509 authentication: " + str);
            if (cArr != null && cArr.length > 0) {
                this.logger.log(Level.FINE, "Client certificate passphrase has been specified");
            }
            try {
                SSLContext createSSLContext = createSSLContext(str, cArr);
                builder.applyToSslSettings(builder2 -> {
                    builder2.enabled(true);
                    builder2.context(createSSLContext);
                });
            } catch (Exception e) {
                throw new RuntimeException("SSL setup failed", e);
            }
        } catch (Exception e2) {
            if (LoggingAspect.hasAspect(this)) {
                LoggingAspect.aspectOf(this).ajc$afterThrowing$com_mongodb_jdbc_logging_LoggingAspect$3$9756aa6b(e2, ajc$tjp_0);
            }
            throw e2;
        }
    }

    /* JADX WARN: Finally extract failed */
    /* JADX WARN: Removed duplicated region for block: B:16:0x0094 A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:20:0x00ab A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private javax.net.ssl.SSLContext createSSLContext(java.lang.String r7, char[] r8) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 302
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.mongodb.jdbc.utils.X509Authentication.createSSLContext(java.lang.String, char[]):javax.net.ssl.SSLContext");
    }

    private SSLContext createSSLContextFromKeyAndCert(PrivateKey privateKey, Certificate certificate) throws Exception {
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(null, null);
            keyStore.setKeyEntry("mongodb-cert", privateKey, null, new Certificate[]{certificate});
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, null);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(keyManagerFactory.getKeyManagers(), null, new SecureRandom());
            return sSLContext;
        } catch (Exception e) {
            if (LoggingAspect.hasAspect(this)) {
                LoggingAspect.aspectOf(this).ajc$afterThrowing$com_mongodb_jdbc_logging_LoggingAspect$3$9756aa6b(e, ajc$tjp_2);
            }
            throw e;
        }
    }

    private static final /* synthetic */ Object logger_aroundBody1$advice(X509Authentication x509Authentication, X509Authentication x509Authentication2, MongoLogger mongoLogger, LoggingAspect loggingAspect, MongoLogger mongoLogger2, AroundClosure aroundClosure) {
        loggingAspect.logger = mongoLogger2;
        x509Authentication2.logger = mongoLogger2;
        return null;
    }

    private static /* synthetic */ void ajc$preClinit() {
        Factory factory = new Factory("X509Authentication.java", X509Authentication.class);
        ajc$tjp_0 = factory.makeSJP(JoinPoint.METHOD_EXECUTION, factory.makeMethodSig("1", "configureX509Authentication", "com.mongodb.jdbc.utils.X509Authentication", "com.mongodb.MongoClientSettings$Builder:java.lang.String:[C", "settingsBuilder:pemPath:passphrase", "", "void"), 43);
        ajc$tjp_1 = factory.makeSJP(JoinPoint.METHOD_EXECUTION, factory.makeMethodSig("2", "createSSLContext", "com.mongodb.jdbc.utils.X509Authentication", "java.lang.String:[C", "pemPath:passphrase", "java.lang.Exception", "javax.net.ssl.SSLContext"), 65);
        ajc$tjp_2 = factory.makeSJP(JoinPoint.METHOD_EXECUTION, factory.makeMethodSig("2", "createSSLContextFromKeyAndCert", "com.mongodb.jdbc.utils.X509Authentication", "java.security.PrivateKey:java.security.cert.Certificate", "privateKey:cert", "java.lang.Exception", "javax.net.ssl.SSLContext"), 120);
    }
}
