package de.carne.security.secret;

import com.sun.jna.Pointer;
import com.sun.jna.ptr.IntByReference;
import com.sun.jna.ptr.PointerByReference;
import de.carne.boot.logging.Log;
import de.carne.boot.platform.Platform;
import de.carne.security.jna.macos.Native;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Objects;

/* loaded from: input_file:de/carne/security/secret/MacOSSecretStore.class */
final class MacOSSecretStore extends SecretStore {
    private static final Log LOG = new Log();
    private static final boolean ENABLED = Boolean.parseBoolean(System.getProperty(MacOSSecretStore.class.getName(), Boolean.TRUE.toString()));
    private static final String ACCOUNT_NAME = System.getProperty("user.name", "anonymous");
    private static final int STATUS_SUCCESS = 0;
    private static final int STATUS_SEC_ITEM_NOT_FOUND = -25300;

    @Override // de.carne.security.secret.SecretStore
    public boolean isAvailable() throws IOException {
        return ENABLED && Platform.IS_MACOS;
    }

    @Override // de.carne.security.secret.SecretStore
    public boolean hasSecret(String str) throws IOException {
        byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
        byte[] bytes2 = ACCOUNT_NAME.getBytes(StandardCharsets.UTF_8);
        int SecKeychainFindGenericPassword = Native.Security.SecKeychainFindGenericPassword(null, bytes.length, bytes, bytes2.length, bytes2, null, null, null);
        if (SecKeychainFindGenericPassword == 0 || SecKeychainFindGenericPassword == STATUS_SEC_ITEM_NOT_FOUND) {
            return SecKeychainFindGenericPassword == 0;
        }
        throw statusException(SecKeychainFindGenericPassword);
    }

    @Override // de.carne.security.secret.SecretStore
    public void deleteSecret(String str) throws IOException {
        LOG.info("Deleting secret ''{0}''...", new Object[]{str});
        byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
        byte[] bytes2 = ACCOUNT_NAME.getBytes(StandardCharsets.UTF_8);
        PointerByReference pointerByReference = new PointerByReference();
        int SecKeychainFindGenericPassword = Native.Security.SecKeychainFindGenericPassword(null, bytes.length, bytes, bytes2.length, bytes2, null, null, pointerByReference);
        if (SecKeychainFindGenericPassword != 0 && SecKeychainFindGenericPassword != STATUS_SEC_ITEM_NOT_FOUND) {
            throw statusException(SecKeychainFindGenericPassword);
        }
        if (SecKeychainFindGenericPassword == 0) {
            Pointer pointer = (Pointer) Objects.requireNonNull(pointerByReference.getValue());
            int SecKeychainItemDelete = Native.Security.SecKeychainItemDelete(pointer);
            Native.CoreFoundation.CFRelease(pointer);
            verifyStatusSuccess(SecKeychainItemDelete);
        }
    }

    @Override // de.carne.security.secret.SecretStore
    public byte[] getSecret(String str) throws IOException {
        LOG.debug("Reading secret ''{0}''...", new Object[]{str});
        byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
        byte[] bytes2 = ACCOUNT_NAME.getBytes(StandardCharsets.UTF_8);
        IntByReference intByReference = new IntByReference();
        PointerByReference pointerByReference = new PointerByReference();
        int SecKeychainFindGenericPassword = Native.Security.SecKeychainFindGenericPassword(null, bytes.length, bytes, bytes2.length, bytes2, intByReference, pointerByReference, null);
        if (SecKeychainFindGenericPassword != 0 && SecKeychainFindGenericPassword != STATUS_SEC_ITEM_NOT_FOUND) {
            throw statusException(SecKeychainFindGenericPassword);
        }
        byte[] bArr = STATUS_SUCCESS;
        if (SecKeychainFindGenericPassword == 0) {
            Pointer pointer = (Pointer) Objects.requireNonNull(pointerByReference.getValue());
            bArr = pointer.getByteArray(0L, intByReference.getValue());
            verifyStatusSuccess(Native.Security.SecKeychainItemFreeContent(null, pointer));
        }
        return bArr;
    }

    @Override // de.carne.security.secret.SecretStore
    public void setSecret(String str, byte[] bArr) throws IOException {
        LOG.info("Setting secret ''{0}''...", new Object[]{str});
        byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
        byte[] bytes2 = ACCOUNT_NAME.getBytes(StandardCharsets.UTF_8);
        PointerByReference pointerByReference = new PointerByReference();
        int SecKeychainFindGenericPassword = Native.Security.SecKeychainFindGenericPassword(null, bytes.length, bytes, bytes2.length, bytes2, null, null, pointerByReference);
        if (SecKeychainFindGenericPassword != 0 && SecKeychainFindGenericPassword != STATUS_SEC_ITEM_NOT_FOUND) {
            throw statusException(SecKeychainFindGenericPassword);
        }
        if (SecKeychainFindGenericPassword != 0) {
            verifyStatusSuccess(Native.Security.SecKeychainAddGenericPassword(null, bytes.length, bytes, bytes2.length, bytes2, bArr.length, bArr, null));
            return;
        }
        Pointer pointer = (Pointer) Objects.requireNonNull(pointerByReference.getPointer());
        int SecKeychainItemModifyContent = Native.Security.SecKeychainItemModifyContent(pointer, null, bArr.length, bArr);
        Native.CoreFoundation.CFRelease(pointer);
        verifyStatusSuccess(SecKeychainItemModifyContent);
    }

    private IOException statusException(int i) {
        StringBuilder sb = new StringBuilder();
        sb.append("Keychain function failure (").append(i);
        Pointer SecCopyErrorMessageString = Native.Security.SecCopyErrorMessageString(i, null);
        if (SecCopyErrorMessageString != null) {
            sb.append(": ");
            int min = (int) Math.min(Native.CoreFoundation.CFStringGetLength(SecCopyErrorMessageString), 32767L);
            sb.ensureCapacity(sb.length() + min);
            for (int i2 = STATUS_SUCCESS; i2 < min; i2++) {
                sb.append(Native.CoreFoundation.CFStringGetCharacterAtIndex(SecCopyErrorMessageString, i2));
            }
            Native.CoreFoundation.CFRelease(SecCopyErrorMessageString);
        }
        sb.append(")");
        return new IOException(sb.toString());
    }

    private void verifyStatusSuccess(int i) throws IOException {
        if (i != 0) {
            throw statusException(i);
        }
    }
}
