package org.apache.derby.impl.services.jce;

import java.io.DataInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.AccessController;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;
import java.util.Enumeration;
import java.util.Properties;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.derby.iapi.error.StandardException;
import org.apache.derby.iapi.reference.Attribute;
import org.apache.derby.iapi.security.SecurityUtil;
import org.apache.derby.iapi.services.crypto.CipherFactory;
import org.apache.derby.iapi.services.crypto.CipherProvider;
import org.apache.derby.iapi.sql.compile.TypeCompiler;
import org.apache.derby.iapi.store.raw.RawStoreFactory;
import org.apache.derby.iapi.util.StringUtil;
import org.apache.derby.io.StorageFactory;
import org.apache.derby.io.StorageFile;
import org.apache.derby.io.StorageRandomAccessFile;
import org.apache.derby.shared.common.reference.SQLState;

/* JADX INFO: Access modifiers changed from: package-private */
/* JADX WARN: Classes with same name are omitted:
  input_file:lib/derby.jar:org/apache/derby/impl/services/jce/JCECipherFactory.class
 */
/* loaded from: input_file:org/apache/derby/impl/services/jce/JCECipherFactory.class */
public final class JCECipherFactory implements CipherFactory {
    private static final String MESSAGE_DIGEST = "MD5";
    private static final String DEFAULT_ALGORITHM = "DES/CBC/NoPadding";
    private static final String DES = "DES";
    private static final String DESede = "DESede";
    private static final String TripleDES = "TripleDES";
    private static final String AES = "AES";
    private static final int BLOCK_LENGTH = 8;
    private static final int AES_IV_LENGTH = 16;
    private int keyLengthBits;
    private int encodedKeyLength;
    private String cryptoAlgorithm;
    private String cryptoAlgorithmShort;
    private String cryptoProvider;
    private String cryptoProviderShort;
    private MessageDigest messageDigest;
    private SecretKey mainSecretKey;
    private byte[] mainIV;
    private Properties persistentProperties;
    private static final int VERIFYKEY_DATALEN = 4096;

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:lib/derby.jar:org/apache/derby/impl/services/jce/JCECipherFactory$EncryptedKeyResult.class
     */
    /* loaded from: input_file:org/apache/derby/impl/services/jce/JCECipherFactory$EncryptedKeyResult.class */
    public static final class EncryptedKeyResult {
        public String hexOutput;
        public byte[] paddedInputKey;

        public EncryptedKeyResult(String str, byte[] bArr) {
            this.hexOutput = str;
            this.paddedInputKey = bArr;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public JCECipherFactory(boolean z, Properties properties, boolean z2) throws StandardException {
        SecurityUtil.checkDerbyInternalsPrivilege();
        init(z, properties, z2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String providerErrorName(String str) {
        return str == null ? "default" : str;
    }

    private byte[] generateUniqueBytes() throws StandardException {
        KeyGenerator keyGenerator;
        try {
            String str = this.cryptoProviderShort;
            if (str == null) {
                keyGenerator = KeyGenerator.getInstance(this.cryptoAlgorithmShort);
            } else {
                if (str.equals("BouncyCastleProvider")) {
                    str = "BC";
                }
                keyGenerator = KeyGenerator.getInstance(this.cryptoAlgorithmShort, str);
            }
            keyGenerator.init(this.keyLengthBits);
            return keyGenerator.generateKey().getEncoded();
        } catch (NoSuchAlgorithmException e) {
            throw StandardException.newException(SQLState.ENCRYPTION_NOSUCH_ALGORITHM, this.cryptoAlgorithm, providerErrorName(this.cryptoProviderShort));
        } catch (NoSuchProviderException e2) {
            throw StandardException.newException(SQLState.ENCRYPTION_BAD_PROVIDER, providerErrorName(this.cryptoProviderShort));
        }
    }

    private EncryptedKeyResult encryptKey(byte[] bArr, byte[] bArr2) throws StandardException {
        int length = bArr.length;
        if (this.cryptoAlgorithmShort.equals(AES)) {
            length = 16;
        }
        byte[] muckFromBootPassword = getMuckFromBootPassword(bArr2, length);
        CipherProvider createNewCipher = createNewCipher(1, generateKey(muckFromBootPassword), generateIV(muckFromBootPassword));
        this.encodedKeyLength = bArr.length;
        byte[] padKey = padKey(bArr, createNewCipher.getEncryptionBlockSize());
        byte[] bArr3 = new byte[padKey.length];
        createNewCipher.encrypt(padKey, 0, padKey.length, bArr3, 0);
        return new EncryptedKeyResult(StringUtil.toHexString(bArr3, 0, bArr3.length), padKey);
    }

    private byte[] padKey(byte[] bArr, int i) {
        byte[] bArr2 = bArr;
        if (bArr.length % i != 0) {
            bArr2 = new byte[(bArr.length + i) - (bArr.length % i)];
            System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
        }
        return bArr2;
    }

    private byte[] decryptKey(String str, int i, byte[] bArr) throws StandardException {
        byte[] fromHexString = StringUtil.fromHexString(str, 0, i);
        byte[] muckFromBootPassword = getMuckFromBootPassword(bArr, this.cryptoAlgorithmShort.equals(AES) ? 16 : fromHexString.length);
        createNewCipher(2, generateKey(muckFromBootPassword), generateIV(muckFromBootPassword)).decrypt(fromHexString, 0, fromHexString.length, fromHexString, 0);
        return fromHexString;
    }

    private byte[] getMuckFromBootPassword(byte[] bArr, int i) {
        int length = bArr.length;
        byte[] bArr2 = new byte[i];
        int i2 = 0;
        for (byte b : bArr) {
            i2 += b;
        }
        for (int i3 = 0; i3 < i; i3++) {
            bArr2[i3] = (byte) (bArr[(i3 + i2) % length] ^ (bArr[i3 % length] << 4));
        }
        return bArr2;
    }

    private SecretKey generateKey(byte[] bArr) throws StandardException {
        if (bArr.length < 8) {
            throw StandardException.newException(SQLState.ILLEGAL_BP_LENGTH, new Integer(8));
        }
        try {
            if (this.cryptoAlgorithmShort.equals(DES) && DESKeySpec.isWeak(bArr, 0)) {
                byte[] asciiBytes = StringUtil.getAsciiBytes("louDScap");
                for (int i = 0; i < 7; i++) {
                    bArr[i] = (byte) ((asciiBytes[i] << 3) ^ bArr[i]);
                }
            }
            return new SecretKeySpec(bArr, this.cryptoAlgorithmShort);
        } catch (InvalidKeyException e) {
            throw StandardException.newException(SQLState.CRYPTO_EXCEPTION, e, new Object[0]);
        }
    }

    private byte[] generateIV(byte[] bArr) {
        byte[] bArr2;
        if (this.cryptoAlgorithmShort.equals(AES)) {
            bArr2 = new byte[16];
            bArr2[0] = (byte) (((bArr[bArr.length - 1] << 2) | 15) ^ bArr[0]);
            for (int i = 1; i < 8; i++) {
                bArr2[i] = (byte) (((bArr[i - 1] << (i % 5)) | 15) ^ bArr[i]);
            }
            for (int i2 = 8; i2 < 16; i2++) {
                bArr2[i2] = bArr2[i2 - 8];
            }
        } else {
            bArr2 = new byte[8];
            bArr2[0] = (byte) (((bArr[bArr.length - 1] << 2) | 15) ^ bArr[0]);
            for (int i3 = 1; i3 < 8; i3++) {
                bArr2[i3] = (byte) (((bArr[i3 - 1] << (i3 % 5)) | 15) ^ bArr[i3]);
            }
        }
        return bArr2;
    }

    private int digest(byte[] bArr) {
        this.messageDigest.reset();
        byte[] digest = this.messageDigest.digest(bArr);
        byte[] bArr2 = new byte[2];
        for (int i = 0; i < digest.length; i++) {
            int i2 = i % 2;
            bArr2[i2] = (byte) (bArr2[i2] ^ digest[i]);
        }
        return (bArr2[0] & 255) | ((bArr2[1] << 8) & 65280);
    }

    @Override // org.apache.derby.iapi.services.crypto.CipherFactory
    public SecureRandom getSecureRandom() {
        return new SecureRandom(this.mainIV);
    }

    @Override // org.apache.derby.iapi.services.crypto.CipherFactory
    public CipherProvider createNewCipher(int i) throws StandardException {
        return createNewCipher(i, this.mainSecretKey, this.mainIV);
    }

    private CipherProvider createNewCipher(int i, SecretKey secretKey, byte[] bArr) throws StandardException {
        return new JCECipherProvider(i, secretKey, bArr, this.cryptoAlgorithm, this.cryptoProviderShort);
    }

    private void init(boolean z, Properties properties, boolean z2) throws StandardException {
        Throwable th;
        byte[] handleBootPassword;
        boolean z3 = false;
        boolean z4 = z;
        this.persistentProperties = new Properties();
        String property = properties.getProperty(z2 ? Attribute.NEW_CRYPTO_EXTERNAL_KEY : Attribute.CRYPTO_EXTERNAL_KEY);
        if (property != null) {
            z4 = false;
        }
        this.cryptoProvider = properties.getProperty(Attribute.CRYPTO_PROVIDER);
        if (this.cryptoProvider != null) {
            z3 = true;
            int lastIndexOf = this.cryptoProvider.lastIndexOf(46);
            if (lastIndexOf == -1) {
                this.cryptoProviderShort = this.cryptoProvider;
            } else {
                this.cryptoProviderShort = this.cryptoProvider.substring(lastIndexOf + 1);
            }
        }
        this.cryptoAlgorithm = properties.getProperty(Attribute.CRYPTO_ALGORITHM);
        if (this.cryptoAlgorithm == null) {
            this.cryptoAlgorithm = DEFAULT_ALGORITHM;
        } else {
            z3 = true;
        }
        if (z4) {
            this.persistentProperties.put(Attribute.CRYPTO_ALGORITHM, this.cryptoAlgorithm);
        }
        int indexOf = this.cryptoAlgorithm.indexOf(47);
        int lastIndexOf2 = this.cryptoAlgorithm.lastIndexOf(47);
        if (indexOf < 0 || lastIndexOf2 < 0 || indexOf == lastIndexOf2) {
            throw StandardException.newException(SQLState.ENCRYPTION_BAD_ALG_FORMAT, this.cryptoAlgorithm);
        }
        this.cryptoAlgorithmShort = this.cryptoAlgorithm.substring(0, indexOf);
        if (z3) {
            try {
                Class.forName("javax.crypto.ExemptionMechanism");
            } catch (Throwable th2) {
                throw StandardException.newException(SQLState.ENCRYPTION_BAD_JCE, new Object[0]);
            }
        }
        if (!z && properties.getProperty(Attribute.CRYPTO_KEY_LENGTH) != null) {
            String property2 = properties.getProperty(Attribute.CRYPTO_KEY_LENGTH);
            int lastIndexOf3 = property2.lastIndexOf(45);
            this.encodedKeyLength = Integer.parseInt(property2.substring(lastIndexOf3 + 1));
            if (lastIndexOf3 != -1) {
                this.keyLengthBits = Integer.parseInt(property2.substring(0, lastIndexOf3));
            }
        }
        if (property == null && z) {
            if (properties.getProperty(Attribute.CRYPTO_KEY_LENGTH) != null) {
                this.keyLengthBits = Integer.parseInt(properties.getProperty(Attribute.CRYPTO_KEY_LENGTH));
            } else if (this.cryptoAlgorithmShort.equals(DES)) {
                this.keyLengthBits = 56;
            } else if (this.cryptoAlgorithmShort.equals(DESede) || this.cryptoAlgorithmShort.equals(TripleDES)) {
                this.keyLengthBits = 168;
            } else {
                this.keyLengthBits = 128;
            }
        }
        String substring = this.cryptoAlgorithm.substring(indexOf + 1, lastIndexOf2);
        if (!substring.equals("CBC") && !substring.equals("CFB") && !substring.equals("ECB") && !substring.equals("OFB")) {
            throw StandardException.newException(SQLState.ENCRYPTION_BAD_FEEDBACKMODE, substring);
        }
        String substring2 = this.cryptoAlgorithm.substring(lastIndexOf2 + 1, this.cryptoAlgorithm.length());
        if (!substring2.equals("NoPadding")) {
            throw StandardException.newException(SQLState.ENCRYPTION_BAD_PADDING, substring2);
        }
        try {
            if (this.cryptoProvider != null && Security.getProvider(this.cryptoProviderShort) == null) {
                Class<?> cls = Class.forName(this.cryptoProvider);
                if (!Provider.class.isAssignableFrom(cls)) {
                    throw StandardException.newException(SQLState.ENCRYPTION_NOT_A_PROVIDER, this.cryptoProvider);
                }
                final Provider provider = (Provider) cls.newInstance();
                AccessController.doPrivileged(new PrivilegedAction<Void>() { // from class: org.apache.derby.impl.services.jce.JCECipherFactory.1
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedAction
                    public Void run() {
                        Security.addProvider(provider);
                        return null;
                    }
                });
            }
            this.messageDigest = MessageDigest.getInstance(MESSAGE_DIGEST);
            if (property != null) {
                if (properties.getProperty(z2 ? Attribute.NEW_BOOT_PASSWORD : Attribute.BOOT_PASSWORD) != null) {
                    throw StandardException.newException(SQLState.SERVICE_WRONG_BOOT_PASSWORD, new Object[0]);
                }
                handleBootPassword = StringUtil.fromHexString(property, 0, property.length());
                if (handleBootPassword == null) {
                    throw StandardException.newException(property.length() % 2 == 0 ? SQLState.ENCRYPTION_ILLEGAL_EXKEY_CHARS : SQLState.ENCRYPTION_INVALID_EXKEY_LENGTH, new Object[0]);
                }
            } else {
                handleBootPassword = handleBootPassword(z, properties, z2);
                if (z || z2) {
                    this.persistentProperties.put(Attribute.CRYPTO_KEY_LENGTH, this.keyLengthBits + TypeCompiler.MINUS_OP + handleBootPassword.length);
                }
            }
            this.mainSecretKey = generateKey(handleBootPassword);
            this.mainIV = generateIV(handleBootPassword);
            if (z) {
                this.persistentProperties.put(Attribute.DATA_ENCRYPTION, "true");
                this.persistentProperties.put(RawStoreFactory.DATA_ENCRYPT_ALGORITHM_VERSION, String.valueOf(1));
                this.persistentProperties.put(RawStoreFactory.LOG_ENCRYPT_ALGORITHM_VERSION, String.valueOf(1));
            }
        } catch (ClassCastException e) {
            th = e;
            throw StandardException.newException(SQLState.MISSING_ENCRYPTION_PROVIDER, th, new Object[0]);
        } catch (ClassNotFoundException e2) {
            th = StandardException.newException(SQLState.ENCRYPTION_NO_PROVIDER_CLASS, e2, this.cryptoProvider);
            throw StandardException.newException(SQLState.MISSING_ENCRYPTION_PROVIDER, th, new Object[0]);
        } catch (IllegalAccessException e3) {
            th = e3;
            throw StandardException.newException(SQLState.MISSING_ENCRYPTION_PROVIDER, th, new Object[0]);
        } catch (InstantiationException e4) {
            th = e4;
            throw StandardException.newException(SQLState.MISSING_ENCRYPTION_PROVIDER, th, new Object[0]);
        } catch (LinkageError e5) {
            th = e5;
            throw StandardException.newException(SQLState.MISSING_ENCRYPTION_PROVIDER, th, new Object[0]);
        } catch (SecurityException e6) {
            th = e6;
            throw StandardException.newException(SQLState.MISSING_ENCRYPTION_PROVIDER, th, new Object[0]);
        } catch (NoSuchAlgorithmException e7) {
            th = e7;
            throw StandardException.newException(SQLState.MISSING_ENCRYPTION_PROVIDER, th, new Object[0]);
        }
    }

    private byte[] handleBootPassword(boolean z, Properties properties, boolean z2) throws StandardException {
        byte[] generateUniqueBytes;
        String property = properties.getProperty(z2 ? Attribute.NEW_BOOT_PASSWORD : Attribute.BOOT_PASSWORD);
        if (property == null) {
            throw StandardException.newException(SQLState.SERVICE_WRONG_BOOT_PASSWORD, new Object[0]);
        }
        byte[] asciiBytes = StringUtil.getAsciiBytes(property);
        if (asciiBytes.length < 8) {
            throw StandardException.newException(z ? SQLState.SERVICE_BOOT_PASSWORD_TOO_SHORT : SQLState.SERVICE_WRONG_BOOT_PASSWORD, new Object[0]);
        }
        if (z || z2) {
            generateUniqueBytes = generateUniqueBytes();
            this.persistentProperties.put(RawStoreFactory.ENCRYPTED_KEY, saveSecretKey(generateUniqueBytes, asciiBytes));
        } else {
            generateUniqueBytes = getDatabaseSecretKey(properties, asciiBytes, SQLState.SERVICE_WRONG_BOOT_PASSWORD);
        }
        return generateUniqueBytes;
    }

    @Override // org.apache.derby.iapi.services.crypto.CipherFactory
    public void saveProperties(Properties properties) {
        Enumeration keys = this.persistentProperties.keys();
        while (keys.hasMoreElements()) {
            String str = (String) keys.nextElement();
            properties.put(str, this.persistentProperties.get(str));
        }
        this.persistentProperties = null;
    }

    private byte[] getDatabaseSecretKey(Properties properties, byte[] bArr, String str) throws StandardException {
        String property = properties.getProperty(RawStoreFactory.ENCRYPTED_KEY);
        if (property == null) {
            throw StandardException.newException(str, new Object[0]);
        }
        int indexOf = property.indexOf(45);
        if (indexOf == -1) {
            throw StandardException.newException(str, new Object[0]);
        }
        int parseInt = Integer.parseInt(property.substring(indexOf + 1));
        byte[] decryptKey = decryptKey(property, indexOf, bArr);
        if (digest(decryptKey) != parseInt) {
            throw StandardException.newException(str, new Object[0]);
        }
        if (this.encodedKeyLength == 0) {
            return decryptKey;
        }
        byte[] bArr2 = new byte[this.encodedKeyLength];
        System.arraycopy(decryptKey, 0, bArr2, 0, this.encodedKeyLength);
        return bArr2;
    }

    private String saveSecretKey(byte[] bArr, byte[] bArr2) throws StandardException {
        EncryptedKeyResult encryptKey = encryptKey(bArr, bArr2);
        return encryptKey.hexOutput.concat(TypeCompiler.MINUS_OP + digest(encryptKey.paddedInputKey));
    }

    @Override // org.apache.derby.iapi.services.crypto.CipherFactory
    public String changeBootPassword(String str, Properties properties, CipherProvider cipherProvider) throws StandardException {
        int indexOf = str.indexOf(44);
        if (indexOf == -1) {
            throw StandardException.newException(SQLState.WRONG_PASSWORD_CHANGE_FORMAT, new Object[0]);
        }
        byte[] asciiBytes = StringUtil.getAsciiBytes(str.substring(0, indexOf).trim());
        if (asciiBytes == null || asciiBytes.length < 8) {
            throw StandardException.newException(SQLState.WRONG_BOOT_PASSWORD, new Object[0]);
        }
        byte[] asciiBytes2 = StringUtil.getAsciiBytes(str.substring(indexOf + 1).trim());
        if (asciiBytes2 == null || asciiBytes2.length < 8) {
            throw StandardException.newException(SQLState.ILLEGAL_BP_LENGTH, new Integer(8));
        }
        byte[] databaseSecretKey = getDatabaseSecretKey(properties, asciiBytes, SQLState.WRONG_BOOT_PASSWORD);
        byte[] generateIV = generateIV(databaseSecretKey);
        if (!((JCECipherProvider) cipherProvider).verifyIV(generateIV)) {
            throw StandardException.newException(SQLState.WRONG_BOOT_PASSWORD, new Object[0]);
        }
        vetCipherProviders(createNewCipher(2, generateKey(databaseSecretKey), generateIV), cipherProvider, SQLState.WRONG_BOOT_PASSWORD);
        saveSecretKey(databaseSecretKey, asciiBytes2);
        properties.put(Attribute.CRYPTO_KEY_LENGTH, this.keyLengthBits + TypeCompiler.MINUS_OP + this.encodedKeyLength);
        return saveSecretKey(databaseSecretKey, asciiBytes2);
    }

    private void vetCipherProviders(CipherProvider cipherProvider, CipherProvider cipherProvider2, String str) throws StandardException {
        byte[] bArr = new byte[1024];
        byte[] bArr2 = new byte[1024];
        byte[] bArr3 = new byte[1024];
        for (int i = 0; i < 1024; i++) {
            bArr[i] = (byte) (i % 256);
        }
        int encrypt = cipherProvider2.encrypt(bArr, 0, 1024, bArr2, 0);
        int decrypt = cipherProvider.decrypt(bArr2, 0, encrypt, bArr3, 0);
        if (encrypt != 1024 || decrypt != 1024) {
            throw StandardException.newException(str, new Object[0]);
        }
        for (int i2 = 0; i2 < 1024; i2++) {
            if (bArr[i2] != bArr3[i2]) {
                throw StandardException.newException(str, new Object[0]);
            }
        }
    }

    @Override // org.apache.derby.iapi.services.crypto.CipherFactory
    public void verifyKey(boolean z, StorageFactory storageFactory, Properties properties) throws StandardException {
        if (properties.getProperty(Attribute.CRYPTO_EXTERNAL_KEY) == null) {
            return;
        }
        InputStream inputStream = null;
        StorageRandomAccessFile storageRandomAccessFile = null;
        byte[] bArr = new byte[4096];
        try {
            try {
                if (z) {
                    getSecureRandom().nextBytes(bArr);
                    byte[] mD5Checksum = getMD5Checksum(bArr);
                    createNewCipher(1, this.mainSecretKey, this.mainIV).encrypt(bArr, 0, bArr.length, bArr, 0);
                    storageRandomAccessFile = privAccessFile(storageFactory, Attribute.CRYPTO_EXTERNAL_KEY_VERIFY_FILE, "rw");
                    storageRandomAccessFile.writeInt(mD5Checksum.length);
                    storageRandomAccessFile.write(mD5Checksum);
                    storageRandomAccessFile.write(bArr);
                    storageRandomAccessFile.sync();
                } else {
                    inputStream = privAccessGetInputStream(storageFactory, Attribute.CRYPTO_EXTERNAL_KEY_VERIFY_FILE);
                    DataInputStream dataInputStream = new DataInputStream(inputStream);
                    byte[] bArr2 = new byte[dataInputStream.readInt()];
                    dataInputStream.readFully(bArr2);
                    dataInputStream.readFully(bArr);
                    createNewCipher(2, this.mainSecretKey, this.mainIV).decrypt(bArr, 0, bArr.length, bArr, 0);
                    if (!MessageDigest.isEqual(bArr2, getMD5Checksum(bArr))) {
                        throw StandardException.newException(SQLState.ENCRYPTION_BAD_EXTERNAL_KEY, new Object[0]);
                    }
                }
                if (storageRandomAccessFile != null) {
                    try {
                        storageRandomAccessFile.close();
                    } catch (IOException e) {
                        throw StandardException.newException(SQLState.ENCRYPTION_UNABLE_KEY_VERIFICATION, e, new Object[0]);
                    }
                }
                if (inputStream != null) {
                    inputStream.close();
                }
            } catch (IOException e2) {
                throw StandardException.newException(SQLState.ENCRYPTION_UNABLE_KEY_VERIFICATION, e2, new Object[0]);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    storageRandomAccessFile.close();
                } catch (IOException e3) {
                    throw StandardException.newException(SQLState.ENCRYPTION_UNABLE_KEY_VERIFICATION, e3, new Object[0]);
                }
            }
            if (0 != 0) {
                inputStream.close();
            }
            throw th;
        }
    }

    private byte[] getMD5Checksum(byte[] bArr) throws StandardException {
        try {
            return MessageDigest.getInstance(MESSAGE_DIGEST).digest(bArr);
        } catch (NoSuchAlgorithmException e) {
            throw StandardException.newException(SQLState.ENCRYPTION_BAD_ALG_FORMAT, MESSAGE_DIGEST);
        }
    }

    private StorageRandomAccessFile privAccessFile(StorageFactory storageFactory, String str, final String str2) throws IOException {
        final StorageFile newStorageFile = storageFactory.newStorageFile("", str);
        try {
            return (StorageRandomAccessFile) AccessController.doPrivileged(new PrivilegedExceptionAction<StorageRandomAccessFile>() { // from class: org.apache.derby.impl.services.jce.JCECipherFactory.2
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public StorageRandomAccessFile run() throws IOException {
                    return newStorageFile.getRandomAccessFile(str2);
                }
            });
        } catch (PrivilegedActionException e) {
            throw ((IOException) e.getException());
        }
    }

    private InputStream privAccessGetInputStream(StorageFactory storageFactory, String str) throws StandardException {
        final StorageFile newStorageFile = storageFactory.newStorageFile("", str);
        try {
            return (InputStream) AccessController.doPrivileged(new PrivilegedExceptionAction<InputStream>() { // from class: org.apache.derby.impl.services.jce.JCECipherFactory.3
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public InputStream run() throws FileNotFoundException {
                    return newStorageFile.getInputStream();
                }
            });
        } catch (PrivilegedActionException e) {
            throw StandardException.newException(SQLState.ENCRYPTION_UNABLE_KEY_VERIFICATION, e.getCause(), this.cryptoProvider);
        }
    }
}
