package net.schmizz.sshj.transport.verification;

import java.io.BufferedOutputStream;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.IOException;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Random;
import net.schmizz.sshj.common.Base64;
import net.schmizz.sshj.common.Buffer;
import net.schmizz.sshj.common.IOUtils;
import net.schmizz.sshj.common.KeyType;
import net.schmizz.sshj.common.SSHException;
import net.schmizz.sshj.transport.mac.HMACSHA1;
import net.schmizz.sshj.transport.mac.MAC;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/schmizz/sshj/transport/verification/OpenSSHKnownHosts.class */
public class OpenSSHKnownHosts implements HostKeyVerifier {
    protected final File khFile;
    private static final String LS = System.getProperty("line.separator");
    protected final Logger log = LoggerFactory.getLogger(getClass());
    protected final List<Entry> entries = new ArrayList();

    /* loaded from: input_file:net/schmizz/sshj/transport/verification/OpenSSHKnownHosts$Entry.class */
    public static abstract class Entry {
        private KeyType type;
        private PublicKey key;
        private String sKey;

        protected void init(PublicKey publicKey) throws SSHException {
            this.key = publicKey;
            this.type = KeyType.fromKey(publicKey);
            if (this.type == KeyType.UNKNOWN) {
                throw new SSHException("Unknown key type for key: " + publicKey);
            }
        }

        protected void init(String str, String str2) throws SSHException {
            this.sKey = str2;
            this.type = KeyType.fromString(str);
            if (this.type == KeyType.UNKNOWN) {
                throw new SSHException("Unknown key type: " + str);
            }
        }

        public KeyType getType() {
            return this.type;
        }

        public PublicKey getKey() throws IOException {
            if (this.key == null) {
                this.key = new Buffer.PlainBuffer(Base64.decode(this.sKey)).readPublicKey();
            }
            return this.key;
        }

        protected String getKeyString() {
            if (this.sKey == null) {
                Buffer.PlainBuffer putPublicKey = new Buffer.PlainBuffer().putPublicKey(this.key);
                this.sKey = Base64.encodeBytes(putPublicKey.array(), putPublicKey.rpos(), putPublicKey.available());
            }
            return this.sKey;
        }

        public String getLine() {
            StringBuilder sb = new StringBuilder();
            sb.append(getHostPart());
            sb.append(" ").append(this.type.toString());
            sb.append(" ").append(getKeyString());
            return sb.toString();
        }

        public String toString() {
            return "KnownHostsEntry{host=" + getHostPart() + "; type=" + this.type + "}";
        }

        protected abstract String getHostPart();

        public abstract boolean appliesTo(String str) throws IOException;
    }

    /* loaded from: input_file:net/schmizz/sshj/transport/verification/OpenSSHKnownHosts$HashedEntry.class */
    public static class HashedEntry extends Entry {
        private final MAC sha1;
        private String salt;
        private byte[] saltyBytes;
        private final String hashedHost;

        public HashedEntry(String str, PublicKey publicKey) throws IOException {
            this.sha1 = new HMACSHA1();
            this.saltyBytes = new byte[this.sha1.getBlockSize()];
            new Random().nextBytes(this.saltyBytes);
            this.hashedHost = hashHost(str);
            init(publicKey);
        }

        public HashedEntry(String str) throws IOException {
            this.sha1 = new HMACSHA1();
            String[] split = str.split(" ");
            if (split.length != 3) {
                throw new SSHException("Line parts not 3: " + str);
            }
            this.hashedHost = split[0];
            String[] split2 = this.hashedHost.split("\\|");
            if (split2.length != 4) {
                throw new SSHException("Unrecognized format for hashed hostname");
            }
            this.salt = split2[2];
            init(split[1], split[2]);
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.Entry
        public boolean appliesTo(String str) throws IOException {
            return this.hashedHost.equals(hashHost(str));
        }

        private String hashHost(String str) throws IOException {
            this.sha1.init(getSaltyBytes());
            return "|1|" + getSalt() + "|" + Base64.encodeBytes(this.sha1.doFinal(str.getBytes(IOUtils.UTF8)));
        }

        private byte[] getSaltyBytes() throws IOException {
            if (this.saltyBytes == null) {
                this.saltyBytes = Base64.decode(this.salt);
            }
            return this.saltyBytes;
        }

        private String getSalt() {
            if (this.salt == null) {
                this.salt = Base64.encodeBytes(this.saltyBytes);
            }
            return this.salt;
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.Entry
        protected String getHostPart() {
            return this.hashedHost;
        }
    }

    /* loaded from: input_file:net/schmizz/sshj/transport/verification/OpenSSHKnownHosts$SimpleEntry.class */
    public static class SimpleEntry extends Entry {
        private final List<String> hosts;

        public SimpleEntry(String str, PublicKey publicKey) throws SSHException {
            this((List<String>) Arrays.asList(str), publicKey);
        }

        public SimpleEntry(List<String> list, PublicKey publicKey) throws SSHException {
            this.hosts = list;
            init(publicKey);
        }

        public SimpleEntry(String str) throws SSHException {
            String[] split = str.split(" ");
            if (split.length != 3) {
                throw new SSHException("Line parts not 3: " + str);
            }
            this.hosts = Arrays.asList(split[0].split(","));
            init(split[1], split[2]);
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.Entry
        public boolean appliesTo(String str) {
            Iterator<String> it = this.hosts.iterator();
            while (it.hasNext()) {
                if (str.equals(it.next())) {
                    return true;
                }
            }
            return false;
        }

        @Override // net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.Entry
        protected String getHostPart() {
            StringBuilder sb = new StringBuilder();
            for (String str : this.hosts) {
                if (sb.length() > 0) {
                    sb.append(",");
                }
                sb.append(str);
            }
            return sb.toString();
        }
    }

    public OpenSSHKnownHosts(File file) throws IOException {
        this.khFile = file;
        if (!file.exists()) {
            return;
        }
        BufferedReader bufferedReader = new BufferedReader(new FileReader(file));
        while (true) {
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    IOUtils.closeQuietly(bufferedReader);
                    return;
                } else {
                    try {
                        this.entries.add(isHashed(readLine) ? new HashedEntry(readLine) : new SimpleEntry(readLine));
                    } catch (SSHException e) {
                        this.log.debug("Bad line ({}): {} ", e.toString(), readLine);
                    }
                }
            } catch (Throwable th) {
                IOUtils.closeQuietly(bufferedReader);
                throw th;
            }
        }
    }

    public File getFile() {
        return this.khFile;
    }

    @Override // net.schmizz.sshj.transport.verification.HostKeyVerifier
    public boolean verify(String str, int i, PublicKey publicKey) {
        KeyType fromKey = KeyType.fromKey(publicKey);
        if (fromKey == KeyType.UNKNOWN) {
            return false;
        }
        String str2 = i != 22 ? "[" + str + "]:" + i : str;
        for (Entry entry : this.entries) {
            try {
                if (entry.getType() == fromKey && entry.appliesTo(str2)) {
                    if (!publicKey.equals(entry.getKey())) {
                        if (!hostKeyChangedAction(entry, str2, publicKey)) {
                            return false;
                        }
                    }
                    return true;
                }
            } catch (IOException e) {
                this.log.error("Error with {}: {}", entry, e);
                return false;
            }
        }
        return hostKeyUnverifiableAction(str2, publicKey);
    }

    protected boolean hostKeyUnverifiableAction(String str, PublicKey publicKey) {
        return false;
    }

    protected boolean hostKeyChangedAction(Entry entry, String str, PublicKey publicKey) {
        this.log.warn("Host key for `{}` has changed!", str);
        return false;
    }

    public List<Entry> entries() {
        return this.entries;
    }

    public void write() throws IOException {
        BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(this.khFile));
        try {
            Iterator<Entry> it = this.entries.iterator();
            while (it.hasNext()) {
                bufferedOutputStream.write((it.next().getLine() + LS).getBytes(IOUtils.UTF8));
            }
        } finally {
            bufferedOutputStream.close();
        }
    }

    public static File detectSSHDir() {
        File file = new File(System.getProperty("user.home"), ".ssh");
        if (file.exists()) {
            return file;
        }
        return null;
    }

    public static boolean isHashed(String str) {
        return str.startsWith("|1|");
    }
}
