package org.apache.karaf.shell.ssh;

import java.io.File;
import java.io.FileInputStream;
import java.security.PublicKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Comparator;
import java.util.Map;
import java.util.Timer;
import java.util.TimerTask;
import org.apache.log4j.helpers.FileWatchdog;
import org.apache.sshd.server.PublickeyAuthenticator;
import org.apache.sshd.server.session.ServerSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:karaf.zip:apache-karaf-2.2.11/system/org/apache/karaf/shell/org.apache.karaf.shell.ssh/2.2.11/org.apache.karaf.shell.ssh-2.2.11.jar:org/apache/karaf/shell/ssh/KarafPublickeyAuthenticator.class */
public class KarafPublickeyAuthenticator implements PublickeyAuthenticator {
    private static final transient Logger LOGGER = LoggerFactory.getLogger(KarafPublickeyAuthenticator.class);
    private String authorizedKeys;
    private boolean active;
    private Timer parseAuthorizedKeysTimer;
    private AuthorizedKeysProvider authorizedKeysProvider;

    /* loaded from: input_file:karaf.zip:apache-karaf-2.2.11/system/org/apache/karaf/shell/org.apache.karaf.shell.ssh/2.2.11/org.apache.karaf.shell.ssh-2.2.11.jar:org/apache/karaf/shell/ssh/KarafPublickeyAuthenticator$AuthorizedKey.class */
    public static final class AuthorizedKey {
        private final String alias;
        private final String format;
        private final PublicKey publicKey;

        public AuthorizedKey(String str, String str2, PublicKey publicKey) {
            this.alias = str;
            this.format = str2;
            this.publicKey = publicKey;
        }

        public String getAlias() {
            return this.alias;
        }

        public String getFormat() {
            return this.format;
        }

        public PublicKey getPublicKey() {
            return this.publicKey;
        }
    }

    /* loaded from: input_file:karaf.zip:apache-karaf-2.2.11/system/org/apache/karaf/shell/org.apache.karaf.shell.ssh/2.2.11/org.apache.karaf.shell.ssh-2.2.11.jar:org/apache/karaf/shell/ssh/KarafPublickeyAuthenticator$AuthorizedKeysProvider.class */
    private final class AuthorizedKeysProvider extends TimerTask {
        private Map<PublicKey, AuthorizedKey> keys;
        private Long lastModificationDate;
        private Boolean fileAvailable;

        private AuthorizedKeysProvider() {
        }

        @Override // java.util.TimerTask, java.lang.Runnable
        public void run() {
            try {
                File file = new File(KarafPublickeyAuthenticator.this.authorizedKeys);
                if (file.exists()) {
                    Long valueOf = Long.valueOf(file.lastModified());
                    if ((this.fileAvailable != null && !this.fileAvailable.booleanValue()) || !valueOf.equals(this.lastModificationDate)) {
                        KarafPublickeyAuthenticator.LOGGER.debug("Parsing authorized keys file {}...", KarafPublickeyAuthenticator.this.authorizedKeys);
                        this.fileAvailable = Boolean.TRUE;
                        this.lastModificationDate = valueOf;
                        Map<PublicKey, AuthorizedKey> parseAuthorizedKeys = KarafPublickeyAuthenticator.parseAuthorizedKeys(new FileInputStream(file));
                        setKeys(parseAuthorizedKeys);
                        KarafPublickeyAuthenticator.LOGGER.debug("Successfully parsed {} keys from file {}", Integer.valueOf(parseAuthorizedKeys.size()), KarafPublickeyAuthenticator.this.authorizedKeys);
                    }
                } else {
                    if (this.fileAvailable != null && this.fileAvailable.booleanValue()) {
                        KarafPublickeyAuthenticator.LOGGER.debug("Authorized keys file {} disappeared, will recheck every minute", KarafPublickeyAuthenticator.this.authorizedKeys);
                    } else if (this.fileAvailable == null) {
                        KarafPublickeyAuthenticator.LOGGER.debug("Authorized keys file {} does not exist, will recheck every minute", KarafPublickeyAuthenticator.this.authorizedKeys);
                    }
                    this.fileAvailable = Boolean.FALSE;
                    this.lastModificationDate = null;
                    setKeys(null);
                }
            } catch (Throwable th) {
                KarafPublickeyAuthenticator.LOGGER.error("Error parsing authorized keys file {}", KarafPublickeyAuthenticator.this.authorizedKeys, th);
                this.fileAvailable = Boolean.FALSE;
                this.lastModificationDate = null;
                setKeys(null);
            }
        }

        private synchronized void setKeys(Map<PublicKey, AuthorizedKey> map) {
            this.keys = map;
        }

        public synchronized AuthorizedKey getKey(PublicKey publicKey) {
            if (this.keys == null) {
                return null;
            }
            return this.keys.get(publicKey);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:karaf.zip:apache-karaf-2.2.11/system/org/apache/karaf/shell/org.apache.karaf.shell.ssh/2.2.11/org.apache.karaf.shell.ssh-2.2.11.jar:org/apache/karaf/shell/ssh/KarafPublickeyAuthenticator$PublicKeyComparator.class */
    public static final class PublicKeyComparator implements Comparator<PublicKey> {
        private PublicKeyComparator() {
        }

        @Override // java.util.Comparator
        public int compare(PublicKey publicKey, PublicKey publicKey2) {
            if (!(publicKey instanceof DSAPublicKey)) {
                if (!(publicKey instanceof RSAPublicKey)) {
                    throw new IllegalArgumentException("Only RSA and DAS keys are supported.");
                }
                if (!(publicKey2 instanceof RSAPublicKey)) {
                    return -1;
                }
                RSAPublicKey rSAPublicKey = (RSAPublicKey) publicKey;
                RSAPublicKey rSAPublicKey2 = (RSAPublicKey) publicKey2;
                int compareTo = rSAPublicKey.getPublicExponent().compareTo(rSAPublicKey2.getPublicExponent());
                return compareTo != 0 ? compareTo : rSAPublicKey.getModulus().compareTo(rSAPublicKey2.getModulus());
            }
            if (!(publicKey2 instanceof DSAPublicKey)) {
                return -1;
            }
            DSAPublicKey dSAPublicKey = (DSAPublicKey) publicKey;
            DSAPublicKey dSAPublicKey2 = (DSAPublicKey) publicKey2;
            int compareTo2 = dSAPublicKey.getParams().getG().compareTo(dSAPublicKey2.getParams().getG());
            if (compareTo2 != 0) {
                return compareTo2;
            }
            int compareTo3 = dSAPublicKey.getParams().getP().compareTo(dSAPublicKey2.getParams().getP());
            if (compareTo3 != 0) {
                return compareTo3;
            }
            int compareTo4 = dSAPublicKey.getParams().getQ().compareTo(dSAPublicKey2.getParams().getQ());
            return compareTo4 != 0 ? compareTo4 : dSAPublicKey.getY().compareTo(dSAPublicKey2.getY());
        }
    }

    private static final int getInt(byte[] bArr, int i) {
        return ((bArr[i] & 255) << 24) + ((bArr[i + 1] & 255) << 16) + ((bArr[i + 2] & 255) << 8) + (bArr[i + 3] & 255);
    }

    /* JADX WARN: Code restructure failed: missing block: B:39:0x00da, code lost:
    
        throw new java.io.IOException("Authorized keys file line " + r0.getLineNumber() + " contains a key with a format that does not match the first token.");
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static final java.util.Map<java.security.PublicKey, org.apache.karaf.shell.ssh.KarafPublickeyAuthenticator.AuthorizedKey> parseAuthorizedKeys(java.io.InputStream r8) throws java.io.IOException, java.security.NoSuchAlgorithmException, java.security.spec.InvalidKeySpecException {
        /*
            Method dump skipped, instructions count: 723
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.karaf.shell.ssh.KarafPublickeyAuthenticator.parseAuthorizedKeys(java.io.InputStream):java.util.Map");
    }

    @Override // org.apache.sshd.server.PublickeyAuthenticator
    public boolean authenticate(String str, PublicKey publicKey, ServerSession serverSession) {
        AuthorizedKey key = this.authorizedKeysProvider.getKey(publicKey);
        if (key == null) {
            LOGGER.error("Failed authenticate of user {} from {} with unknown public key.", str, serverSession.getIoSession().getRemoteAddress());
            return false;
        }
        LOGGER.debug("Successful authentication of user {} from {} with public key {}.", new Object[]{str, serverSession.getIoSession().getRemoteAddress(), key.getAlias()});
        return true;
    }

    public void setAuthorizedKeys(String str) {
        this.authorizedKeys = str;
    }

    public void setActive(boolean z) {
        this.active = z;
    }

    public void startTimer() {
        if (this.active) {
            this.parseAuthorizedKeysTimer = new Timer();
            this.authorizedKeysProvider = new AuthorizedKeysProvider();
            this.parseAuthorizedKeysTimer.schedule(this.authorizedKeysProvider, 10L, FileWatchdog.DEFAULT_DELAY);
        }
    }

    public void stopTimer() {
        if (this.parseAuthorizedKeysTimer != null) {
            this.parseAuthorizedKeysTimer.cancel();
            this.parseAuthorizedKeysTimer = null;
        }
    }

    private static byte[] arraysCopyOfRange(byte[] bArr, int i, int i2) {
        int i3 = i2 - i;
        if (i3 < 0) {
            throw new IllegalArgumentException(i + " > " + i2);
        }
        byte[] bArr2 = new byte[i3];
        System.arraycopy(bArr, i, bArr2, 0, Math.min(bArr.length - i, i3));
        return bArr2;
    }
}
