package net.schmizz.sshj.transport.verification;

import com.hierynomus.sshj.common.KeyAlgorithm;
import com.hierynomus.sshj.transport.verification.KnownHostMatchers;
import com.hierynomus.sshj.userauth.certificate.Certificate;
import java.io.BufferedOutputStream;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.io.Reader;
import java.math.BigInteger;
import java.security.PublicKey;
import java.security.spec.RSAPublicKeySpec;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import net.schmizz.sshj.common.Base64;
import net.schmizz.sshj.common.Buffer;
import net.schmizz.sshj.common.IOUtils;
import net.schmizz.sshj.common.KeyType;
import net.schmizz.sshj.common.LoggerFactory;
import net.schmizz.sshj.common.SSHException;
import net.schmizz.sshj.common.SSHRuntimeException;
import net.schmizz.sshj.common.SecurityUtils;
import org.slf4j.Logger;
import org.springframework.beans.PropertyAccessor;

/* loaded from: classes2.dex */
public class OpenSSHKnownHosts implements HostKeyVerifier {
    private static final String LS = System.getProperty("line.separator");
    protected final List<KnownHostEntry> entries;
    protected final File khFile;
    protected final Logger log;

    /* loaded from: classes2.dex */
    public static class BadHostEntry implements KnownHostEntry {
        private String line;

        public BadHostEntry(String str) {
            this.line = str;
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public boolean appliesTo(String str) throws IOException {
            return false;
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public boolean appliesTo(KeyType keyType, String str) throws IOException {
            return false;
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public String getFingerprint() {
            return null;
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public String getLine() {
            return this.line;
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public KeyType getType() {
            return KeyType.UNKNOWN;
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public boolean verify(PublicKey publicKey) throws IOException {
            return false;
        }
    }

    /* loaded from: classes2.dex */
    public static class CommentEntry implements KnownHostEntry {
        private final String comment;

        public CommentEntry(String str) {
            this.comment = str;
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public boolean appliesTo(String str) throws IOException {
            return false;
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public boolean appliesTo(KeyType keyType, String str) {
            return false;
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public String getFingerprint() {
            return null;
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public String getLine() {
            return this.comment;
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public KeyType getType() {
            return KeyType.UNKNOWN;
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public boolean verify(PublicKey publicKey) {
            return false;
        }
    }

    /* loaded from: classes2.dex */
    public class EntryFactory {
        public EntryFactory() {
        }

        private boolean isBits(String str) {
            try {
                Integer.parseInt(str);
                return true;
            } catch (NumberFormatException unused) {
                return false;
            }
        }

        private boolean isComment(String str) {
            return str.isEmpty() || str.startsWith("#");
        }

        public boolean isHashed(String str) {
            return str.startsWith("|1|");
        }

        public KnownHostEntry parseEntry(String str) throws IOException {
            PublicKey generatePublic;
            int i;
            if (isComment(str)) {
                return new CommentEntry(str);
            }
            String trim = str.trim();
            int i2 = trim.startsWith("@") ? 4 : 3;
            int i3 = i2 + 1;
            String[] split = trim.split("\\s+", i3);
            if (split.length < i2) {
                OpenSSHKnownHosts.this.log.error("Error reading entry `{}`", str);
                return new BadHostEntry(str);
            }
            Marker fromString = Marker.fromString(split[0]);
            int i4 = fromString != null ? 1 : 0;
            int i5 = i4 + 1;
            String str2 = split[i4];
            int i6 = i5 + 1;
            String str3 = split[i5];
            KeyType fromString2 = KeyType.fromString(str3);
            if (fromString2 != KeyType.UNKNOWN) {
                i = i6 + 1;
                try {
                    generatePublic = new Buffer.PlainBuffer(Base64.decode(split[i6])).readPublicKey();
                } catch (IOException e) {
                    OpenSSHKnownHosts.this.log.warn("Error decoding Base64 key bytes", (Throwable) e);
                    return new BadHostEntry(str);
                }
            } else {
                if (!isBits(str3)) {
                    OpenSSHKnownHosts.this.log.error("Error reading entry `{}`, could not determine type", str);
                    return new BadHostEntry(str);
                }
                KeyType keyType = KeyType.RSA;
                String[] split2 = trim.split("\\s+", i3 + 1);
                int i7 = i6 + 1;
                int i8 = i7 + 1;
                try {
                    generatePublic = SecurityUtils.getKeyFactory(KeyAlgorithm.RSA).generatePublic(new RSAPublicKeySpec(new BigInteger(split2[i7]), new BigInteger(split2[i6])));
                    fromString2 = keyType;
                    split = split2;
                    i = i8;
                } catch (Exception e2) {
                    OpenSSHKnownHosts.this.log.error("Error reading entry `{}`, could not create key", str, e2);
                    return new BadHostEntry(str);
                }
            }
            return new HostEntry(fromString, str2, fromString2, generatePublic, i < split.length ? split[i] : null);
        }
    }

    /* loaded from: classes2.dex */
    public static class HostEntry implements KnownHostEntry {
        private final String comment;
        private final String hostPart;
        protected final PublicKey key;
        protected final Logger log;
        final Marker marker;
        private final KnownHostMatchers.HostMatcher matcher;
        protected final KeyType type;

        public HostEntry(Marker marker, String str, KeyType keyType, PublicKey publicKey) throws SSHException {
            this(marker, str, keyType, publicKey, "");
        }

        public HostEntry(Marker marker, String str, KeyType keyType, PublicKey publicKey, String str2) throws SSHException {
            this(marker, str, keyType, publicKey, str2, LoggerFactory.DEFAULT);
        }

        public HostEntry(Marker marker, String str, KeyType keyType, PublicKey publicKey, String str2, LoggerFactory loggerFactory) throws SSHException {
            this.marker = marker;
            this.hostPart = str;
            this.type = keyType;
            this.key = publicKey;
            this.comment = str2;
            this.matcher = KnownHostMatchers.createMatcher(str);
            this.log = loggerFactory.getLogger(getClass());
        }

        private String getKeyString(PublicKey publicKey) {
            Buffer.PlainBuffer putPublicKey = new Buffer.PlainBuffer().putPublicKey(publicKey);
            return Base64.encodeBytes(putPublicKey.array(), putPublicKey.rpos(), putPublicKey.available());
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public boolean appliesTo(String str) throws IOException {
            return this.matcher.match(str);
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public boolean appliesTo(KeyType keyType, String str) throws IOException {
            return (this.type == keyType || (this.marker == Marker.CA_CERT && keyType.getParent() != null)) && this.matcher.match(str);
        }

        public String getComment() {
            return this.comment;
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public String getFingerprint() {
            return SecurityUtils.getFingerprint(this.key);
        }

        protected String getHostPart() {
            return this.hostPart;
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public String getLine() {
            StringBuilder sb = new StringBuilder();
            Marker marker = this.marker;
            if (marker != null) {
                sb.append(marker.getMarkerString()).append(" ");
            }
            sb.append(getHostPart());
            sb.append(" ").append(this.type.toString());
            sb.append(" ").append(getKeyString(this.key));
            String str = this.comment;
            if (str != null && !str.isEmpty()) {
                sb.append(" ").append(this.comment);
            }
            return sb.toString();
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public KeyType getType() {
            return this.type;
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.KnownHostEntry
        public boolean verify(PublicKey publicKey) throws IOException {
            if (this.marker != Marker.CA_CERT || !(publicKey instanceof Certificate)) {
                return getKeyString(publicKey).equals(getKeyString(this.key)) && this.marker != Marker.REVOKED;
            }
            PublicKey readPublicKey = new Buffer.PlainBuffer(((Certificate) publicKey).getSignatureKey()).readPublicKey();
            return this.type == KeyType.fromKey(readPublicKey) && getKeyString(readPublicKey).equals(getKeyString(this.key));
        }
    }

    /* loaded from: classes2.dex */
    public interface KnownHostEntry {
        boolean appliesTo(String str) throws IOException;

        boolean appliesTo(KeyType keyType, String str) throws IOException;

        String getFingerprint();

        String getLine();

        KeyType getType();

        boolean verify(PublicKey publicKey) throws IOException;
    }

    /* loaded from: classes2.dex */
    public enum Marker {
        CA_CERT("@cert-authority"),
        REVOKED("@revoked");

        private final String sMarker;

        Marker(String str) {
            this.sMarker = str;
        }

        public static Marker fromString(String str) {
            for (Marker marker : values()) {
                if (marker.sMarker.equals(str)) {
                    return marker;
                }
            }
            return null;
        }

        public String getMarkerString() {
            return this.sMarker;
        }
    }

    public OpenSSHKnownHosts(File file) throws IOException {
        this(file, LoggerFactory.DEFAULT);
    }

    public OpenSSHKnownHosts(File file, LoggerFactory loggerFactory) throws IOException {
        this.entries = new ArrayList();
        this.khFile = file;
        this.log = loggerFactory.getLogger(getClass());
        if (file.exists()) {
            BufferedReader bufferedReader = new BufferedReader(new FileReader(file));
            try {
                readEntries(bufferedReader);
                IOUtils.closeQuietly(bufferedReader);
            } catch (Throwable th) {
                IOUtils.closeQuietly(bufferedReader);
                throw th;
            }
        }
    }

    public OpenSSHKnownHosts(Reader reader) throws IOException {
        this(reader, LoggerFactory.DEFAULT);
    }

    public OpenSSHKnownHosts(Reader reader, LoggerFactory loggerFactory) throws IOException {
        this.entries = new ArrayList();
        this.khFile = null;
        this.log = loggerFactory.getLogger(getClass());
        readEntries(new BufferedReader(reader));
    }

    private String adjustHostname(String str, int i) {
        String lowerCase = str.toLowerCase();
        return i != 22 ? PropertyAccessor.PROPERTY_KEY_PREFIX + lowerCase + "]:" + i : lowerCase;
    }

    public static File detectSSHDir() {
        File file = new File(System.getProperty("user.home"), ".ssh");
        if (file.exists()) {
            return file;
        }
        return null;
    }

    private void readEntries(BufferedReader bufferedReader) throws IOException {
        EntryFactory entryFactory = new EntryFactory();
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                return;
            }
            try {
                KnownHostEntry parseEntry = entryFactory.parseEntry(readLine);
                if (parseEntry != null) {
                    this.entries.add(parseEntry);
                }
            } catch (SSHException e) {
                this.log.debug("Bad line ({}): {} ", e.toString(), readLine);
            } catch (SSHRuntimeException e2) {
                this.log.debug("Failed to process line ({}): {} ", e2.toString(), readLine);
            }
        }
    }

    public List<KnownHostEntry> entries() {
        return this.entries;
    }

    @Override // net.schmizz.sshj.transport.verification.HostKeyVerifier
    public List<String> findExistingAlgorithms(String str, int i) {
        String adjustHostname = adjustHostname(str, i);
        ArrayList arrayList = new ArrayList();
        for (KnownHostEntry knownHostEntry : this.entries) {
            try {
                if (knownHostEntry.appliesTo(adjustHostname)) {
                    arrayList.add(knownHostEntry.getType().toString());
                }
            } catch (IOException unused) {
            }
        }
        return arrayList;
    }

    public File getFile() {
        return this.khFile;
    }

    protected boolean hostKeyChangedAction(String str, PublicKey publicKey) {
        this.log.warn("Host key for `{}` has changed!", str);
        return false;
    }

    protected boolean hostKeyUnverifiableAction(String str, PublicKey publicKey) {
        return false;
    }

    public String toString() {
        return "OpenSSHKnownHosts{khFile='" + this.khFile + "'}";
    }

    @Override // net.schmizz.sshj.transport.verification.HostKeyVerifier
    public boolean verify(String str, int i, PublicKey publicKey) {
        KeyType fromKey = KeyType.fromKey(publicKey);
        if (fromKey == KeyType.UNKNOWN) {
            return false;
        }
        String adjustHostname = adjustHostname(str, i);
        boolean z = false;
        for (KnownHostEntry knownHostEntry : this.entries) {
            try {
                if (knownHostEntry.appliesTo(fromKey, adjustHostname)) {
                    if (knownHostEntry.verify(publicKey)) {
                        return true;
                    }
                    z = true;
                }
            } catch (IOException e) {
                this.log.error("Error with {}: {}", knownHostEntry, e);
                return false;
            }
        }
        return z ? hostKeyChangedAction(adjustHostname, publicKey) : hostKeyUnverifiableAction(adjustHostname, publicKey);
    }

    public void write() throws IOException {
        BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(this.khFile));
        try {
            Iterator<KnownHostEntry> it2 = this.entries.iterator();
            while (it2.hasNext()) {
                bufferedOutputStream.write((it2.next().getLine() + LS).getBytes(IOUtils.UTF8));
            }
        } finally {
            bufferedOutputStream.close();
        }
    }

    public void write(KnownHostEntry knownHostEntry) throws IOException {
        BufferedWriter bufferedWriter = new BufferedWriter(new FileWriter(this.khFile, true));
        try {
            bufferedWriter.write(knownHostEntry.getLine());
            bufferedWriter.newLine();
            bufferedWriter.flush();
            IOUtils.closeQuietly(bufferedWriter);
        } catch (Throwable th) {
            IOUtils.closeQuietly(bufferedWriter);
            throw th;
        }
    }
}
