package com.amazon.corretto.crypto.provider;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.file.FileSystems;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardOpenOption;
import java.nio.file.attribute.FileAttribute;
import java.nio.file.attribute.PosixFilePermission;
import java.nio.file.attribute.PosixFilePermissions;
import java.security.AccessController;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Properties;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/amazon/corretto/crypto/provider/Loader.class */
public final class Loader {
    static final String PROPERTY_BASE = "com.amazon.corretto.crypto.provider.";
    private static final String TEMP_DIR_PREFIX = "amazonCorrettoCryptoProviderNativeLibraries.";
    private static final String PROPERTY_VERSION_STR = "versionStr";

    @Deprecated
    static final double PROVIDER_VERSION;
    static final String PROVIDER_VERSION_STR;
    static final boolean FIPS_BUILD;
    static final boolean IS_AVAILABLE;
    static final Throwable LOADING_ERROR;
    static final Janitor RESOURCE_JANITOR;
    private static final String JNI_LIBRARY_NAME = "amazonCorrettoCryptoProvider";
    private static final String LIBCRYPTO_NAME = "crypto";
    private static final String[] JAR_RESOURCES = {JNI_LIBRARY_NAME, LIBCRYPTO_NAME};
    private static final Pattern TEST_FILENAME_PATTERN = Pattern.compile("[-a-zA-Z0-9]+(\\.[a-zA-Z0-9]+)*");
    private static final FileAttribute<Set<PosixFilePermission>> SELF_OWNER_FILE_PERMISSIONS = PosixFilePermissions.asFileAttribute(new HashSet(Arrays.asList(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE)));
    private static final Logger LOG = Logger.getLogger(AmazonCorrettoCryptoProvider.PROVIDER_NAME);
    private static final Pattern OLD_VERSION_PATTERN = Pattern.compile("(\\d+\\.\\d+)\\.\\d+");

    Loader() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static InputStream getTestData(String str) {
        if (!TEST_FILENAME_PATTERN.matcher(str).matches()) {
            throw new IllegalArgumentException("Invalid filename: " + str);
        }
        InputStream inputStream = (InputStream) AccessController.doPrivileged(() -> {
            return Loader.class.getResourceAsStream("testdata/" + str);
        });
        if (inputStream == null) {
            throw new AssertionError("Unable to load test data from file testdata/" + str);
        }
        return inputStream;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getProperty(String str) {
        return (String) AccessController.doPrivileged(() -> {
            return System.getProperty(PROPERTY_BASE + str);
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getProperty(String str, String str2) {
        return (String) AccessController.doPrivileged(() -> {
            return System.getProperty(PROPERTY_BASE + str, str2);
        });
    }

    private static void tryLoadLibraryFromJar() throws IOException {
        Path createPrivateTmpDir = createPrivateTmpDir(TEMP_DIR_PREFIX);
        for (String str : JAR_RESOURCES) {
            writeJarResourceToTemporaryFile(createPrivateTmpDir, System.mapLibraryName(str));
        }
        System.load(createPrivateTmpDir.resolve(System.mapLibraryName(JNI_LIBRARY_NAME)).toAbsolutePath().toString());
        validateLibcryptoVersion(false);
        maybeDeletePrivateTempDir(createPrivateTmpDir);
    }

    private static void tryLoadLibraryFromSystem() {
        System.loadLibrary(JNI_LIBRARY_NAME);
        validateLibcryptoVersion(true);
    }

    private static void tryLoadLibrary() throws Exception {
        boolean z = false;
        Exception exc = null;
        if (!Boolean.parseBoolean(getProperty("useExternalLib", "false"))) {
            try {
                tryLoadLibraryFromJar();
                z = true;
            } catch (Exception e) {
                exc = e;
            }
        }
        if (z) {
            return;
        }
        if (exc == null) {
            exc = new RuntimeCryptoException("Skipping bundled library due to system property");
        }
        try {
            tryLoadLibraryFromSystem();
        } catch (Throwable th) {
            exc.addSuppressed(th);
            throw exc;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void load() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void checkNativeLibraryAvailability() {
        if (!IS_AVAILABLE) {
            throw new UnsupportedOperationException("Native library not available");
        }
    }

    private static native String getNativeLibraryVersion();

    private static native boolean validateLibcryptoVersion(boolean z);

    private static native boolean isFipsMode();

    private static void assertVersionMatch() {
        try {
            String nativeLibraryVersion = getNativeLibraryVersion();
            if (!PROVIDER_VERSION_STR.equals(nativeLibraryVersion)) {
                throw new AssertionError(String.format("Library version mismatch. Java: %s, Native: %s", PROVIDER_VERSION_STR, nativeLibraryVersion));
            }
        } catch (Throwable th) {
            throw new AssertionError(th);
        }
    }

    private static void maybeDelete(Path path) {
        if (DebugFlag.PRESERVE_NATIVE_LIBRARIES.isEnabled()) {
            return;
        }
        try {
            Files.delete(path);
        } catch (IOException e) {
            LOG.warning("Unable to delete native library: " + e);
        }
    }

    private static void maybeDeletePrivateTempDir(Path path) {
        for (String str : JAR_RESOURCES) {
            maybeDelete(path.resolve(System.mapLibraryName(str)));
        }
        maybeDelete(path);
    }

    private static Path writeJarResourceToTemporaryFile(Path path, String str) throws IOException {
        Path resolve = path.resolve(str);
        Files.createFile(resolve, SELF_OWNER_FILE_PERMISSIONS);
        InputStream resourceAsStream = Loader.class.getResourceAsStream(str);
        try {
            OutputStream newOutputStream = Files.newOutputStream(resolve, StandardOpenOption.WRITE, StandardOpenOption.TRUNCATE_EXISTING);
            try {
                byte[] bArr = new byte[16384];
                for (int read = resourceAsStream.read(bArr); read >= 0; read = resourceAsStream.read(bArr)) {
                    newOutputStream.write(bArr, 0, read);
                }
                newOutputStream.flush();
                if (newOutputStream != null) {
                    newOutputStream.close();
                }
                if (resourceAsStream != null) {
                    resourceAsStream.close();
                }
                resolve.toFile().deleteOnExit();
                return resolve;
            } finally {
            }
        } catch (Throwable th) {
            if (resourceAsStream != null) {
                try {
                    resourceAsStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private static byte[] bootstrapRng(int i) throws IOException {
        Path path = Paths.get("/dev/urandom", new String[0]);
        if (!Files.exists(path, new LinkOption[0])) {
            throw new AssertionError("/dev/urandom must exist for bootstrapping");
        }
        byte[] bArr = new byte[i];
        InputStream newInputStream = Files.newInputStream(path, StandardOpenOption.READ);
        int i2 = 0;
        while (i2 < 10) {
            try {
                i2++;
                if (newInputStream.read(bArr) == bArr.length) {
                    if (newInputStream != null) {
                        newInputStream.close();
                    }
                    return bArr;
                }
            } catch (Throwable th) {
                if (newInputStream != null) {
                    try {
                        newInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
        if (newInputStream != null) {
            newInputStream.close();
        }
        throw new AssertionError("Unable to read enough entropy");
    }

    private static synchronized Path createPrivateTmpDir(String str) throws IOException {
        Path path = Paths.get(System.getProperty("java.io.tmpdir"), new String[0]);
        int i = 0;
        AssertionError assertionError = new AssertionError("Unable to create temporary directory. Retries exceeded.");
        while (true) {
            AssertionError assertionError2 = assertionError;
            if (i >= 10) {
                throw assertionError2;
            }
            i++;
            try {
                byte[] bootstrapRng = bootstrapRng(8);
                StringBuilder sb = new StringBuilder(str);
                for (byte b : bootstrapRng) {
                    String hexString = Integer.toHexString(Byte.toUnsignedInt(b));
                    if (hexString.length() == 1) {
                        sb.append('0');
                    }
                    sb.append(hexString);
                }
                Path createDirectories = Files.createDirectories(path.resolve(sb.toString()), SELF_OWNER_FILE_PERMISSIONS);
                if (DebugFlag.VERBOSELOGS.isEnabled()) {
                    LOG.log(Level.FINE, "Created temporary library directory");
                }
                createDirectories.toFile().deleteOnExit();
                return createDirectories;
            } catch (IOException e) {
                assertionError = new AssertionError("Unable to create temporary directory due to IOException: " + e.getMessage(), e);
            } catch (Exception e2) {
                throw new AssertionError("Unable to create temporary directory due to Exception: " + e2.getMessage(), e2);
            }
        }
    }

    static {
        boolean z;
        Matcher matcher;
        Throwable th = null;
        String str = null;
        double d = 0.0d;
        try {
            str = (String) AccessController.doPrivileged(() -> {
                InputStream resourceAsStream = Loader.class.getResourceAsStream("version.properties");
                try {
                    if (resourceAsStream == null) {
                        String property = System.getProperty(PROPERTY_VERSION_STR);
                        if (resourceAsStream != null) {
                            resourceAsStream.close();
                        }
                        return property;
                    }
                    Properties properties = new Properties();
                    properties.load(resourceAsStream);
                    String property2 = properties.getProperty(PROPERTY_VERSION_STR);
                    if (resourceAsStream != null) {
                        resourceAsStream.close();
                    }
                    return property2;
                } catch (Throwable th2) {
                    if (resourceAsStream != null) {
                        try {
                            resourceAsStream.close();
                        } catch (Throwable th3) {
                            th2.addSuppressed(th3);
                        }
                    }
                    throw th2;
                }
            });
            matcher = OLD_VERSION_PATTERN.matcher(str);
        } catch (Throwable th2) {
            z = false;
            th = th2;
        }
        if (!matcher.matches()) {
            throw new AssertionError("Version string has wrong form: " + str);
        }
        d = Double.parseDouble(matcher.group(1));
        z = ((Boolean) AccessController.doPrivileged(() -> {
            FileSystems.getDefault();
            tryLoadLibrary();
            return true;
        })).booleanValue();
        PROVIDER_VERSION_STR = str;
        PROVIDER_VERSION = d;
        FIPS_BUILD = z && isFipsMode();
        if (z) {
            try {
                assertVersionMatch();
            } catch (AssertionError e) {
                z = false;
                th = e;
            }
        }
        IS_AVAILABLE = z;
        LOADING_ERROR = th;
        if (DebugFlag.VERBOSELOGS.isEnabled()) {
            if (z) {
                LOG.log(Level.CONFIG, "Successfully loaded native library version " + PROVIDER_VERSION_STR);
            } else {
                LOG.log(Level.CONFIG, "Unable to load native library", th);
            }
        }
        RESOURCE_JANITOR = new Janitor();
    }
}
