package org.eclipse.equinox.internal.security.linux;

import com.sun.jna.Library;
import com.sun.jna.Native;
import com.sun.jna.Pointer;
import com.sun.jna.ptr.PointerByReference;
import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.util.Map;
import javax.crypto.spec.PBEKeySpec;
import org.eclipse.equinox.internal.security.auth.AuthPlugin;
import org.eclipse.equinox.internal.security.linux.nls.LinuxPasswordProviderMessages;
import org.eclipse.equinox.internal.security.storage.Base64;
import org.eclipse.equinox.internal.security.storage.provider.IValidatingPasswordProvider;
import org.eclipse.equinox.security.storage.provider.IPreferencesContainer;
import org.eclipse.equinox.security.storage.provider.PasswordProvider;

/* loaded from: input_file:org/eclipse/equinox/internal/security/linux/LinuxPasswordProvider.class */
public class LinuxPasswordProvider extends PasswordProvider implements IValidatingPasswordProvider {
    private static final int PASSWORD_LENGTH = 64;
    private static final String SECRET_COLLECTION_DEFAULT = "default";
    private static final Map<String, Object> LIB_LOAD_OPTIONS = Map.of("open-flags", 4353);
    private final SecretSchema fEquinoxSchema = new SecretSchema("org.eclipse.equinox", SecretSchemaFlags.SECRET_SCHEMA_NONE, new SecretSchemaAttribute(null, 0));
    private LibSecret fLibSecret;
    private LibGio fLibGio;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/eclipse/equinox/internal/security/linux/LinuxPasswordProvider$LibGio.class */
    public interface LibGio extends Library {
        Pointer g_bus_get_sync(int i, Pointer pointer, PointerByReference pointerByReference);

        void g_error_free(Pointer pointer);

        GList g_list_append(GList gList, Pointer pointer);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/eclipse/equinox/internal/security/linux/LinuxPasswordProvider$LibSecret.class */
    public interface LibSecret extends Library {
        Pointer secret_service_get_sync(int i, Pointer pointer, PointerByReference pointerByReference);

        Pointer secret_collection_for_alias_sync(Pointer pointer, String str, int i, Pointer pointer2, PointerByReference pointerByReference);

        boolean secret_collection_get_locked(Pointer pointer);

        String secret_collection_get_label(Pointer pointer);

        int secret_service_unlock_sync(Pointer pointer, GList gList, Pointer pointer2, PointerByReference pointerByReference, PointerByReference pointerByReference2);

        String secret_password_lookup_sync(SecretSchema secretSchema, Pointer pointer, PointerByReference pointerByReference, Object... objArr);

        boolean secret_password_store_sync(SecretSchema secretSchema, String str, String str2, String str3, Pointer pointer, PointerByReference pointerByReference, Object... objArr);
    }

    private void unlockSecretService() {
        this.fLibGio = (LibGio) Native.load("gio-2.0", LibGio.class, LIB_LOAD_OPTIONS);
        PointerByReference pointerByReference = new PointerByReference();
        pointerByReference.setValue(Pointer.NULL);
        this.fLibGio.g_bus_get_sync(2, Pointer.NULL, pointerByReference);
        requireNoError(pointerByReference, "Unable to get DBus session bus: ");
        this.fLibSecret = (LibSecret) Native.load("secret-1", LibSecret.class, LIB_LOAD_OPTIONS);
        Pointer secret_service_get_sync = this.fLibSecret.secret_service_get_sync(4, Pointer.NULL, pointerByReference);
        requireNoError(pointerByReference, "Unable to get secret service: ");
        Pointer secret_collection_for_alias_sync = this.fLibSecret.secret_collection_for_alias_sync(secret_service_get_sync, SECRET_COLLECTION_DEFAULT, 0, Pointer.NULL, pointerByReference);
        requireNoError(pointerByReference, "Unable to get secret collection: ");
        if (secret_collection_for_alias_sync == Pointer.NULL) {
            throw new SecurityException("Unable to find default secret collection");
        }
        if (this.fLibSecret.secret_collection_get_locked(secret_collection_for_alias_sync)) {
            this.fLibSecret.secret_collection_get_label(secret_collection_for_alias_sync);
            GList g_list_append = this.fLibGio.g_list_append(null, secret_collection_for_alias_sync);
            PointerByReference pointerByReference2 = new PointerByReference();
            this.fLibSecret.secret_service_unlock_sync(secret_service_get_sync, g_list_append, Pointer.NULL, pointerByReference2, pointerByReference);
            this.fLibGio.g_error_free(pointerByReference2.getValue());
            this.fLibGio.g_error_free(g_list_append.getPointer());
            requireNoError(pointerByReference, "Unable to unlock: ");
        }
    }

    private String getMasterPassword() throws SecurityException {
        unlockSecretService();
        PointerByReference pointerByReference = new PointerByReference();
        String secret_password_lookup_sync = this.fLibSecret.secret_password_lookup_sync(this.fEquinoxSchema, Pointer.NULL, pointerByReference, Pointer.NULL);
        requireNoError(pointerByReference, "");
        if (secret_password_lookup_sync == null) {
            throw new SecurityException("Unable to find password");
        }
        return new String(secret_password_lookup_sync.getBytes(), StandardCharsets.UTF_8);
    }

    private void saveMasterPassword(String str) throws SecurityException {
        unlockSecretService();
        PointerByReference pointerByReference = new PointerByReference();
        this.fLibSecret.secret_password_store_sync(this.fEquinoxSchema, SECRET_COLLECTION_DEFAULT, "Equinox master password", new String(str.getBytes(), StandardCharsets.UTF_8), Pointer.NULL, pointerByReference, Pointer.NULL);
        requireNoError(pointerByReference, "");
    }

    private void requireNoError(PointerByReference pointerByReference, String str) {
        if (pointerByReference.getValue() != Pointer.NULL) {
            String str2 = new GError(pointerByReference.getValue()).message;
            this.fLibGio.g_error_free(pointerByReference.getValue());
            throw new SecurityException(str + str2);
        }
    }

    public PBEKeySpec getPassword(IPreferencesContainer iPreferencesContainer, int i) {
        boolean z = (i & 1) != 0;
        boolean z2 = (i & 2) != 0;
        if (!z && !z2) {
            try {
                return new PBEKeySpec(getMasterPassword().toCharArray());
            } catch (SecurityException e) {
                AuthPlugin.getDefault().logError(LinuxPasswordProviderMessages.getMasterPasswordError, e);
                return null;
            }
        }
        byte[] bArr = new byte[PASSWORD_LENGTH];
        SecureRandom secureRandom = new SecureRandom();
        secureRandom.setSeed(System.currentTimeMillis());
        secureRandom.nextBytes(bArr);
        String encode = Base64.encode(bArr);
        AuthPlugin.getDefault().logMessage(LinuxPasswordProviderMessages.newMasterPasswordGenerated);
        try {
            saveMasterPassword(encode);
            return new PBEKeySpec(encode.toCharArray());
        } catch (SecurityException e2) {
            AuthPlugin.getDefault().logError(LinuxPasswordProviderMessages.saveMasterPasswordError, e2);
            return null;
        }
    }

    public boolean isValid() {
        try {
            unlockSecretService();
            return true;
        } catch (SecurityException e) {
            return false;
        }
    }
}
