package org.apache.camel.component.ssh;

import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.util.Base64;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import org.apache.camel.CamelContext;
import org.apache.camel.support.ResourceHelper;
import org.apache.camel.util.IOHelper;
import org.apache.sshd.client.keyverifier.ServerKeyVerifier;
import org.apache.sshd.client.session.ClientSession;
import org.bouncycastle.util.Arrays;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/camel/component/ssh/ResourceBasedSSHKeyVerifier.class */
public class ResourceBasedSSHKeyVerifier implements ServerKeyVerifier {
    protected final Logger log;
    private CamelContext camelContext;
    private boolean failOnUnknownHost;
    private String knownHostsResource;

    public ResourceBasedSSHKeyVerifier(CamelContext camelContext, String str) {
        this(camelContext, str, false);
    }

    public ResourceBasedSSHKeyVerifier(CamelContext camelContext, String str, boolean z) {
        this.log = LoggerFactory.getLogger(getClass());
        this.camelContext = camelContext;
        this.knownHostsResource = str;
        this.failOnUnknownHost = z;
    }

    @Override // org.apache.sshd.client.keyverifier.ServerKeyVerifier
    public boolean verifyServerKey(ClientSession clientSession, SocketAddress socketAddress, PublicKey publicKey) {
        PublicKey findKeyForServerToken;
        this.log.debug("Trying to find known_hosts file {}", this.knownHostsResource);
        InputStream inputStream = null;
        try {
            try {
                inputStream = ResourceHelper.resolveMandatoryResourceAsInputStream(this.camelContext, this.knownHostsResource);
                List<String> knownHostsFileTokensForSocketAddress = getKnownHostsFileTokensForSocketAddress(socketAddress);
                this.log.debug("Trying to match PublicKey against provided known_hosts file");
                findKeyForServerToken = findKeyForServerToken(inputStream, knownHostsFileTokensForSocketAddress);
            } catch (IOException e) {
                this.log.debug(String.format("Could not find known_hosts file %s", this.knownHostsResource), e);
                IOHelper.close(inputStream);
            }
            if (findKeyForServerToken != null) {
                this.log.debug("Found PublicKey match for server");
                boolean areEqual = Arrays.areEqual(findKeyForServerToken.getEncoded(), publicKey.getEncoded());
                IOHelper.close(inputStream);
                return areEqual;
            }
            IOHelper.close(inputStream);
            if (this.failOnUnknownHost) {
                this.log.warn("Could not find matching key for client session, connection will fail due to configuration");
                return false;
            }
            this.log.warn("Could not find matching key for client session, connection will continue anyway due to configuration");
            return true;
        } catch (Throwable th) {
            IOHelper.close(inputStream);
            throw th;
        }
    }

    private PublicKey findKeyForServerToken(InputStream inputStream, List<String> list) {
        String str = (String) this.camelContext.getTypeConverter().convertTo(String.class, inputStream);
        if (str == null) {
            this.log.warn("Could not read from the known_hosts file input stream");
            return null;
        }
        for (String str2 : str.split("\n")) {
            String[] split = str2.split(" ");
            if (split.length != 3) {
                this.log.warn("Found malformed entry in known_hosts file");
            } else {
                String str3 = split[0];
                String str4 = split[2];
                Iterator<String> it = list.iterator();
                while (it.hasNext()) {
                    if (str3.contains(it.next())) {
                        try {
                            return loadKey(str4);
                        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                            this.log.warn(String.format("Could not load key for server token %s", str3), e);
                        }
                    }
                }
            }
        }
        return null;
    }

    private List<String> getKnownHostsFileTokensForSocketAddress(SocketAddress socketAddress) {
        LinkedList linkedList = new LinkedList();
        if (socketAddress instanceof InetSocketAddress) {
            InetSocketAddress inetSocketAddress = (InetSocketAddress) socketAddress;
            String hostName = inetSocketAddress.getHostName();
            String hostAddress = inetSocketAddress.getAddress().getHostAddress();
            String valueOf = String.valueOf(inetSocketAddress.getPort());
            linkedList.add(hostName);
            linkedList.add("[" + hostName + "]:" + valueOf);
            linkedList.add(hostAddress);
            linkedList.add("[" + hostAddress + "]:" + valueOf);
        }
        return linkedList;
    }

    PublicKey loadKey(String str) throws NoSuchAlgorithmException, InvalidKeySpecException {
        SSHPublicKeyHolder sSHPublicKeyHolder = new SSHPublicKeyHolder();
        byte[] decode = Base64.getDecoder().decode(str);
        int i = 0;
        byte[] bArr = new byte[4];
        int i2 = 0;
        boolean z = true;
        while (i < decode.length) {
            if (z) {
                if (i2 < 4) {
                    bArr[i2] = decode[i];
                    i2++;
                    i++;
                } else {
                    i2 = 0;
                    z = false;
                    bArr = new byte[byteArrayToInt(bArr)];
                }
            }
            bArr[i2] = decode[i];
            i2++;
            i++;
            if (i2 == bArr.length) {
                sSHPublicKeyHolder.push(bArr);
                z = true;
                bArr = new byte[4];
                i2 = 0;
            }
        }
        return sSHPublicKeyHolder.toPublicKey();
    }

    private int byteArrayToInt(byte[] bArr) {
        return new BigInteger(bArr).intValue();
    }
}
