package com.maverick.ssh.components.jce;

import com.maverick.ssh.AdaptiveConfiguration;
import com.maverick.ssh.SshException;
import com.maverick.ssh.SshKeyFingerprint;
import com.maverick.ssh.components.ComponentFactory;
import com.maverick.ssh.components.ComponentManager;
import com.maverick.ssh.components.Digest;
import com.maverick.ssh.components.SshCipher;
import com.maverick.ssh.components.SshDsaPrivateKey;
import com.maverick.ssh.components.SshDsaPublicKey;
import com.maverick.ssh.components.SshHmac;
import com.maverick.ssh.components.SshKeyExchange;
import com.maverick.ssh.components.SshKeyPair;
import com.maverick.ssh.components.SshPrivateKey;
import com.maverick.ssh.components.SshPublicKey;
import com.maverick.ssh.components.SshRsaPrivateCrtKey;
import com.maverick.ssh.components.SshRsaPrivateKey;
import com.maverick.ssh.components.SshRsaPublicKey;
import com.maverick.ssh.components.SshSecureRandomGenerator;
import com.maverick.ssh.components.bc.AbstractBCDigest;
import com.maverick.ssh.components.bc.AbstractBCHmac;
import com.maverick.ssh.components.bc.ciphers.AES128CBC;
import com.maverick.ssh.components.bc.ciphers.AES128CTR;
import com.maverick.ssh.components.bc.ciphers.AES128GCM;
import com.maverick.ssh.components.bc.ciphers.AES192CBC;
import com.maverick.ssh.components.bc.ciphers.AES192CTR;
import com.maverick.ssh.components.bc.ciphers.AES256CBC;
import com.maverick.ssh.components.bc.ciphers.AES256CTR;
import com.maverick.ssh.components.bc.ciphers.AES256GCM;
import com.maverick.ssh.components.bc.ciphers.Arcfour;
import com.maverick.ssh.components.bc.ciphers.Arcfour128;
import com.maverick.ssh.components.bc.ciphers.Arcfour256;
import com.maverick.ssh.components.bc.ciphers.BlowfishCBC;
import com.maverick.ssh.components.bc.ciphers.TrippleDesCBC;
import com.maverick.ssh.components.bc.ciphers.TrippleDesCTR;
import com.maverick.ssh.components.bc.hmacs.HmacMD5_96;
import com.maverick.ssh.components.bc.hmacs.HmacMD5_ETM;
import com.maverick.ssh.components.bc.hmacs.HmacSHA1;
import com.maverick.ssh.components.bc.hmacs.HmacSHA1_96;
import com.maverick.ssh.components.bc.hmacs.HmacSHA1_ETM;
import com.maverick.ssh.components.bc.hmacs.HmacSHA256;
import com.maverick.ssh.components.bc.hmacs.HmacSHA256_96;
import com.maverick.ssh.components.bc.hmacs.HmacSHA256_ETM;
import com.maverick.ssh.components.bc.hmacs.HmacSHA512;
import com.maverick.ssh.components.bc.hmacs.HmacSHA512_96;
import com.maverick.ssh.components.bc.hmacs.HmacSHA512_ETM;
import com.maverick.ssh.components.bc.publickeys.Ssh1RsaPublicKeyBC;
import com.maverick.ssh.components.bc.publickeys.Ssh2DsaPrivateKeyBC;
import com.maverick.ssh.components.bc.publickeys.Ssh2DsaPublicKeyBC;
import com.maverick.ssh.components.bc.publickeys.Ssh2EcdsaSha2Nist256PublicKeyBC;
import com.maverick.ssh.components.bc.publickeys.Ssh2EcdsaSha2Nist384PublicKeyBC;
import com.maverick.ssh.components.bc.publickeys.Ssh2EcdsaSha2Nist521PublicKeyBC;
import com.maverick.ssh.components.bc.publickeys.Ssh2EcdsaSha2NistPrivateKeyBC;
import com.maverick.ssh.components.bc.publickeys.Ssh2RsaPrivateCrtKeyBC;
import com.maverick.ssh.components.bc.publickeys.Ssh2RsaPrivateKeyBC;
import com.maverick.ssh.components.bc.publickeys.Ssh2RsaPublicKeyBC;
import com.maverick.ssh.components.bc.publickeys.Ssh2RsaPublicKeySHA256BC;
import com.maverick.ssh.components.bc.publickeys.Ssh2RsaPublicKeySHA512BC;
import com.maverick.ssh.components.bc.publickeys.SshEd25519PrivateKeyBC;
import com.maverick.ssh.components.bc.publickeys.SshEd25519PublicKeyBC;
import com.maverick.ssh.components.bc.publickeys.SshEd448PrivateKeyBC;
import com.maverick.ssh.components.bc.publickeys.SshEd448PublicKeyBC;
import com.maverick.ssh.components.bc.x509.SshX509DsaPublicKeyBC;
import com.maverick.ssh.components.bc.x509.SshX509DsaPublicKeyRfc6187BC;
import com.maverick.ssh.components.bc.x509.SshX509EcdsaSha2Nist256Rfc6187BC;
import com.maverick.ssh.components.bc.x509.SshX509EcdsaSha2Nist384Rfc6187BC;
import com.maverick.ssh.components.bc.x509.SshX509EcdsaSha2Nist521Rfc6187BC;
import com.maverick.ssh.components.bc.x509.SshX509Rsa2048Sha256Rfc6187BC;
import com.maverick.ssh.components.bc.x509.SshX509RsaPublicKeyBC;
import com.maverick.ssh.components.bc.x509.SshX509RsaPublicKeyRfc6187BC;
import com.maverick.ssh.components.bc.x509.SshX509RsaSha1PublicKeyBC;
import com.sshtools.common.logger.Log;
import com.sshtools.publickey.SshKeyPairGenerator;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.ec.CustomNamedCurves;
import org.bouncycastle.crypto.generators.DSAKeyPairGenerator;
import org.bouncycastle.crypto.generators.DSAParametersGenerator;
import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
import org.bouncycastle.crypto.generators.Ed25519KeyPairGenerator;
import org.bouncycastle.crypto.generators.Ed448KeyPairGenerator;
import org.bouncycastle.crypto.generators.RSAKeyPairGenerator;
import org.bouncycastle.crypto.params.DSAKeyGenerationParameters;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
import org.bouncycastle.crypto.params.Ed25519KeyGenerationParameters;
import org.bouncycastle.crypto.params.Ed448KeyGenerationParameters;
import org.bouncycastle.crypto.params.RSAKeyGenerationParameters;

/* loaded from: input_file:com/maverick/ssh/components/jce/JCEComponentManager.class */
public class JCEComponentManager extends ComponentManager implements JCEAlgorithms {
    SecureRND rnd;
    static boolean disableTests = false;
    static boolean loadClientKex = true;
    static boolean loadServerKex = true;

    public static void disableStartupTests() {
        disableTests = true;
    }

    public static void disableServerKex() {
        loadServerKex = false;
    }

    public static void disableClientKex() {
        loadClientKex = false;
    }

    public static String getSecureRandomAlgorithm() {
        return JCEProvider.getSecureRandomAlgorithm();
    }

    public static void setSecureRandomAlgorithm(String str) {
        JCEProvider.setSecureRandomAlgorithm(str);
    }

    public static SecureRandom getSecureRandom() {
        return JCEProvider.getSecureRandom();
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshDsaPrivateKey createDsaPrivateKey(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3, BigInteger bigInteger4, BigInteger bigInteger5) throws SshException {
        return new Ssh2DsaPrivateKeyBC(bigInteger, bigInteger2, bigInteger3, bigInteger4, bigInteger5);
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshDsaPublicKey createDsaPublicKey(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3, BigInteger bigInteger4) throws SshException {
        try {
            return new Ssh2DsaPublicKeyBC(bigInteger, bigInteger2, bigInteger3, bigInteger4);
        } catch (Throwable th) {
            throw new SshException(th);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshDsaPublicKey createDsaPublicKey() {
        return new Ssh2DsaPublicKeyBC();
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshRsaPrivateCrtKey createRsaPrivateCrtKey(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3, BigInteger bigInteger4, BigInteger bigInteger5, BigInteger bigInteger6) throws SshException {
        try {
            return new Ssh2RsaPrivateCrtKeyBC(bigInteger, bigInteger2, bigInteger3, bigInteger4, bigInteger5, bigInteger3.mod(bigInteger4.subtract(BigInteger.ONE)), bigInteger3.mod(bigInteger5.subtract(BigInteger.ONE)), bigInteger6);
        } catch (Throwable th) {
            throw new SshException(th);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshRsaPrivateCrtKey createRsaPrivateCrtKey(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3, BigInteger bigInteger4, BigInteger bigInteger5, BigInteger bigInteger6, BigInteger bigInteger7, BigInteger bigInteger8) throws SshException {
        try {
            return new Ssh2RsaPrivateCrtKeyBC(bigInteger, bigInteger2, bigInteger3, bigInteger4, bigInteger5, bigInteger6, bigInteger7, bigInteger8);
        } catch (Throwable th) {
            throw new SshException(th);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshRsaPrivateKey createRsaPrivateKey(BigInteger bigInteger, BigInteger bigInteger2) throws SshException {
        try {
            return new Ssh2RsaPrivateKeyBC(bigInteger, bigInteger2);
        } catch (Throwable th) {
            throw new SshException(th);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshRsaPublicKey createRsaPublicKey(BigInteger bigInteger, BigInteger bigInteger2, int i) throws SshException {
        try {
            switch (i) {
                case 1:
                    return new Ssh1RsaPublicKeyBC(bigInteger, bigInteger2);
                case 2:
                    return new Ssh2RsaPublicKeyBC(bigInteger, bigInteger2);
                default:
                    throw new SshException("Illegal version number " + i, 5);
            }
        } catch (Throwable th) {
            throw new SshException(th);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshRsaPublicKey createSsh2RsaPublicKey() throws SshException {
        return new Ssh2RsaPublicKeyBC();
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshKeyPair generateDsaKeyPair(int i) throws SshException {
        if (i < 1024) {
            throw new SshException("The minimum number of bits supported for DSA key generation is 1024", 4);
        }
        DSAParametersGenerator dSAParametersGenerator = new DSAParametersGenerator();
        dSAParametersGenerator.init(i, 80, getSecureRandom());
        DSAKeyGenerationParameters dSAKeyGenerationParameters = new DSAKeyGenerationParameters(getSecureRandom(), dSAParametersGenerator.generateParameters());
        DSAKeyPairGenerator dSAKeyPairGenerator = new DSAKeyPairGenerator();
        dSAKeyPairGenerator.init(dSAKeyGenerationParameters);
        AsymmetricCipherKeyPair generateKeyPair = dSAKeyPairGenerator.generateKeyPair();
        SshKeyPair sshKeyPair = new SshKeyPair();
        sshKeyPair.setPrivateKey(new Ssh2DsaPrivateKeyBC(generateKeyPair.getPrivate(), generateKeyPair.getPublic()));
        sshKeyPair.setPublicKey(new Ssh2DsaPublicKeyBC(generateKeyPair.getPublic()));
        return sshKeyPair;
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshKeyPair generateRsaKeyPair(int i, int i2) throws SshException {
        try {
            if (i < 1024) {
                throw new SshException("The minimum number of bits supported for RSA key generation is 1024", 4);
            }
            RSAKeyPairGenerator rSAKeyPairGenerator = new RSAKeyPairGenerator();
            rSAKeyPairGenerator.init(new RSAKeyGenerationParameters(BigInteger.valueOf(3L), getSecureRandom(), i, 80));
            AsymmetricCipherKeyPair generateKeyPair = rSAKeyPairGenerator.generateKeyPair();
            SshKeyPair sshKeyPair = new SshKeyPair();
            sshKeyPair.setPrivateKey(new Ssh2RsaPrivateCrtKeyBC(generateKeyPair.getPrivate()));
            if (i2 == 1) {
                sshKeyPair.setPublicKey(new Ssh1RsaPublicKeyBC(generateKeyPair.getPublic().getModulus(), generateKeyPair.getPublic().getExponent()));
            } else {
                sshKeyPair.setPublicKey(new Ssh2RsaPublicKeyBC(generateKeyPair.getPublic()));
            }
            return sshKeyPair;
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new SshException(e);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshKeyPair generateEcdsaKeyPair(int i) throws SshException {
        SshKeyPair sshKeyPair = new SshKeyPair();
        switch (i) {
            case 256:
                AsymmetricCipherKeyPair generateEC = generateEC("secp256r1");
                sshKeyPair.setPrivateKey(new Ssh2EcdsaSha2NistPrivateKeyBC(generateEC.getPrivate(), generateEC.getPublic(), "ecdsa-sha2-nistp256", "secp256r1"));
                sshKeyPair.setPublicKey(new Ssh2EcdsaSha2Nist256PublicKeyBC(generateEC.getPublic()));
                return sshKeyPair;
            case 384:
                AsymmetricCipherKeyPair generateEC2 = generateEC("secp384r1");
                sshKeyPair.setPrivateKey(new Ssh2EcdsaSha2NistPrivateKeyBC(generateEC2.getPrivate(), generateEC2.getPublic(), Ssh2EcdsaSha2Nist384PublicKeyBC.ALGO, "secp384r1"));
                sshKeyPair.setPublicKey(new Ssh2EcdsaSha2Nist384PublicKeyBC(generateEC2.getPublic()));
                return sshKeyPair;
            case 521:
                AsymmetricCipherKeyPair generateEC3 = generateEC("secp521r1");
                sshKeyPair.setPrivateKey(new Ssh2EcdsaSha2NistPrivateKeyBC(generateEC3.getPrivate(), generateEC3.getPublic(), Ssh2EcdsaSha2Nist521PublicKeyBC.ALGO, "secp521r1"));
                sshKeyPair.setPublicKey(new Ssh2EcdsaSha2Nist521PublicKeyBC(generateEC3.getPublic()));
                return sshKeyPair;
            default:
                throw new SshException("Unsupported size " + i + " for ECDSA key (256,384,521 supported)", 4);
        }
    }

    private AsymmetricCipherKeyPair generateEC(String str) {
        X9ECParameters byName = CustomNamedCurves.getByName(str);
        ECKeyGenerationParameters eCKeyGenerationParameters = new ECKeyGenerationParameters(new ECDomainParameters(byName.getCurve(), byName.getG(), byName.getN(), byName.getH()), getSecureRandom());
        ECKeyPairGenerator eCKeyPairGenerator = new ECKeyPairGenerator();
        eCKeyPairGenerator.init(eCKeyGenerationParameters);
        return eCKeyPairGenerator.generateKeyPair();
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshSecureRandomGenerator getRND() throws SshException {
        try {
            return this.rnd == null ? new SecureRND() : this.rnd;
        } catch (NoSuchAlgorithmException e) {
            throw new SshException(e);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    protected void initializeDigestFactory(ComponentFactory<Digest> componentFactory) {
        if (testDigest("MD5", com.maverick.ssh.components.bc.digests.MD5Digest.class)) {
            componentFactory.add("MD5", com.maverick.ssh.components.bc.digests.MD5Digest.class);
        }
        if (testDigest("SHA-1", com.maverick.ssh.components.bc.digests.SHA1Digest.class)) {
            componentFactory.add("SHA-1", com.maverick.ssh.components.bc.digests.SHA1Digest.class);
        }
        if (testDigest("SHA1", com.maverick.ssh.components.bc.digests.SHA1Digest.class)) {
            componentFactory.add("SHA1", com.maverick.ssh.components.bc.digests.SHA1Digest.class);
        }
        if (testDigest(JCEAlgorithms.JCE_SHA256, com.maverick.ssh.components.bc.digests.SHA256Digest.class)) {
            componentFactory.add(JCEAlgorithms.JCE_SHA256, com.maverick.ssh.components.bc.digests.SHA256Digest.class);
            componentFactory.add(SshKeyFingerprint.SHA256_FINGERPRINT, com.maverick.ssh.components.bc.digests.SHA256Digest.class);
        }
        if (testDigest(JCEAlgorithms.JCE_SHA384, com.maverick.ssh.components.bc.digests.SHA384Digest.class)) {
            componentFactory.add(JCEAlgorithms.JCE_SHA384, com.maverick.ssh.components.bc.digests.SHA384Digest.class);
            componentFactory.add("SHA384", com.maverick.ssh.components.bc.digests.SHA384Digest.class);
        }
        if (testDigest(JCEAlgorithms.JCE_SHA512, com.maverick.ssh.components.bc.digests.SHA512Digest.class)) {
            componentFactory.add(JCEAlgorithms.JCE_SHA512, com.maverick.ssh.components.bc.digests.SHA512Digest.class);
            componentFactory.add("SHA512", com.maverick.ssh.components.bc.digests.SHA512Digest.class);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    protected void initializeHmacFactory(ComponentFactory<SshHmac> componentFactory) {
        if (testHMac("hmac-sha2-256", HmacSHA256.class)) {
            componentFactory.add("hmac-sha2-256", HmacSHA256.class);
            componentFactory.add("hmac-sha2-256-etm@openssh.com", HmacSHA256_ETM.class);
        }
        if (testHMac("hmac-sha2-256-96", HmacSHA256_96.class)) {
            componentFactory.add("hmac-sha2-256-96", HmacSHA256_96.class);
        }
        if (testHMac("hmac-sha2-512", HmacSHA512.class)) {
            componentFactory.add("hmac-sha2-512", HmacSHA512.class);
            componentFactory.add("hmac-sha2-512-etm@openssh.com", HmacSHA512_ETM.class);
        }
        if (testHMac("hmac-sha2-512-96", HmacSHA512_96.class)) {
            componentFactory.add("hmac-sha2-512-96", HmacSHA512_96.class);
        }
        if (testHMac("hmac-sha1", HmacSHA1.class)) {
            componentFactory.add("hmac-sha1", HmacSHA1.class);
            componentFactory.add("hmac-sha1-etm@openssh.com", HmacSHA1_ETM.class);
        }
        if (testHMac("hmac-sha1-96", HmacSHA1_96.class)) {
            componentFactory.add("hmac-sha1-96", HmacSHA1_96.class);
        }
        if (testHMac("hmac-md5", com.maverick.ssh.components.bc.hmacs.HmacMD5.class)) {
            componentFactory.add("hmac-md5", com.maverick.ssh.components.bc.hmacs.HmacMD5.class);
            componentFactory.add("hmac-md5-etm@openssh.com", HmacMD5_ETM.class);
        }
        if (testHMac("hmac-md5-96", HmacMD5_96.class)) {
            componentFactory.add("hmac-md5-96", HmacMD5_96.class);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    protected void initializeKeyExchangeFactory(ComponentFactory<SshKeyExchange> componentFactory, ComponentFactory<SshKeyExchange> componentFactory2) {
        if (loadClientKex) {
            testClientKeyExchangeAlgorithm("curve25519-sha256", "com.maverick.ssh.components.bc.client.Curve25519SHA256", componentFactory);
            testClientKeyExchangeAlgorithm("curve25519-sha256@libssh.org", "com.maverick.ssh.components.bc.client.Curve25519SHA256_at_libssh_dot_org", componentFactory);
            testClientKeyExchangeAlgorithm("diffie-hellman-group-exchange-sha256", "com.maverick.ssh.components.bc.client.DiffieHellmanGroupExchangeSha256", componentFactory);
            testClientKeyExchangeAlgorithm("diffie-hellman-group18-sha512", "com.maverick.ssh.components.bc.client.DiffieHellmanGroup18Sha512", componentFactory);
            testClientKeyExchangeAlgorithm("diffie-hellman-group17-sha512", "com.maverick.ssh.components.bc.client.DiffieHellmanGroup17Sha512", componentFactory);
            testClientKeyExchangeAlgorithm("diffie-hellman-group16-sha512", "com.maverick.ssh.components.bc.client.DiffieHellmanGroup16Sha512", componentFactory);
            testClientKeyExchangeAlgorithm("diffie-hellman-group15-sha512", "com.maverick.ssh.components.bc.client.DiffieHellmanGroup15Sha512", componentFactory);
            testClientKeyExchangeAlgorithm("diffie-hellman-group14-sha256", "com.maverick.ssh.components.bc.client.DiffieHellmanGroup14Sha256", componentFactory);
            testClientKeyExchangeAlgorithm("diffie-hellman-group-exchange-sha1", "com.maverick.ssh.components.bc.client.DiffieHellmanGroupExchangeSha1", componentFactory);
            testClientKeyExchangeAlgorithm("diffie-hellman-group14-sha1", "com.maverick.ssh.components.bc.client.DiffieHellmanGroup14Sha1", componentFactory);
            testClientKeyExchangeAlgorithm("ecdh-sha2-nistp256", "com.maverick.ssh.components.bc.client.DiffieHellmanEcdhNistp256", componentFactory);
            testClientKeyExchangeAlgorithm("ecdh-sha2-nistp384", "com.maverick.ssh.components.bc.client.DiffieHellmanEcdhNistp384", componentFactory);
            testClientKeyExchangeAlgorithm("ecdh-sha2-nistp521", "com.maverick.ssh.components.bc.client.DiffieHellmanEcdhNistp521", componentFactory);
            testClientKeyExchangeAlgorithm("diffie-hellman-group1-sha1", "com.maverick.ssh.components.bc.client.DiffieHellmanGroup1Sha1", componentFactory);
            testClientKeyExchangeAlgorithm("rsa2048-sha256", "com.maverick.ssh.components.bc.client.Rsa2048Sha256", componentFactory);
            testClientKeyExchangeAlgorithm("rsa1024-sha1", "com.maverick.ssh.components.bc.client.Rsa1024Sha1", componentFactory);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    protected void initializePublicKeyFactory(ComponentFactory<SshPublicKey> componentFactory) {
        testPublicKey(SshKeyPairGenerator.SSH2_DSA, Ssh2DsaPublicKeyBC.class, componentFactory);
        testPublicKey(SshKeyPairGenerator.SSH2_RSA, Ssh2RsaPublicKeyBC.class, componentFactory);
        testPublicKey(SshKeyPairGenerator.RSA_SHA2_256, Ssh2RsaPublicKeySHA256BC.class, componentFactory);
        testPublicKey(SshKeyPairGenerator.RSA_SHA2_512, Ssh2RsaPublicKeySHA512BC.class, componentFactory);
        testPublicKey("x509v3-sign-rsa", SshX509RsaPublicKeyBC.class, componentFactory);
        testPublicKey("x509v3-sign-dss", SshX509DsaPublicKeyBC.class, componentFactory);
        testPublicKey("x509v3-sign-rsa-sha1", SshX509RsaSha1PublicKeyBC.class, componentFactory);
        testPublicKey("x509v3-ssh-rsa", SshX509RsaPublicKeyRfc6187BC.class, componentFactory);
        testPublicKey("x509v3-ssh-dss", SshX509DsaPublicKeyRfc6187BC.class, componentFactory);
        testPublicKey("x509v3-ecdsa-sha2-nistp256", SshX509EcdsaSha2Nist256Rfc6187BC.class, componentFactory);
        testPublicKey("x509v3-ecdsa-sha2-nistp384", SshX509EcdsaSha2Nist384Rfc6187BC.class, componentFactory);
        testPublicKey("x509v3-ecdsa-sha2-nistp521", SshX509EcdsaSha2Nist521Rfc6187BC.class, componentFactory);
        testPublicKey("ecdsa-sha2-nistp256", Ssh2EcdsaSha2Nist256PublicKeyBC.class, componentFactory);
        testPublicKey(Ssh2EcdsaSha2Nist384PublicKeyBC.ALGO, Ssh2EcdsaSha2Nist384PublicKeyBC.class, componentFactory);
        testPublicKey(Ssh2EcdsaSha2Nist521PublicKeyBC.ALGO, Ssh2EcdsaSha2Nist521PublicKeyBC.class, componentFactory);
        testPublicKey("x509v3-rsa2048-sha256", SshX509Rsa2048Sha256Rfc6187BC.class, componentFactory);
        testPublicKey(OpenSshRsaCertificate.SSH_RSA_CERT_V01, OpenSshRsaCertificate.class, componentFactory);
        testPublicKey(OpenSshDsaCertificate.SSH_DSS_CERT_V01, OpenSshDsaCertificate.class, componentFactory);
        testPublicKey(OpenSshEd25519Certificate.CERT_TYPE, OpenSshEd25519Certificate.class, componentFactory);
        testPublicKey(OpenSshEcdsaSha2Nist256Certificate.CERT_TYPE, OpenSshEcdsaSha2Nist256Certificate.class, componentFactory);
        testPublicKey(OpenSshEcdsaSha2Nist384Certificate.CERT_TYPE, OpenSshEcdsaSha2Nist384Certificate.class, componentFactory);
        testPublicKey(OpenSshEcdsaSha2Nist521Certificate.CERT_TYPE, OpenSshEcdsaSha2Nist521Certificate.class, componentFactory);
        testPublicKey("ssh-ed25519", SshEd25519PublicKeyBC.class, componentFactory);
        testPublicKey("ssh-ed448", SshEd448PublicKeyBC.class, componentFactory);
        testPublicKey(OpenSshRsaSha256Certificate.SSH_RSA_CERT_V01, "com.maverick.ssh.components.jce.OpenSshRsaSha256Certificate", componentFactory);
        testPublicKey(OpenSshRsaSha512Certificate.SSH_RSA_CERT_V01, "com.maverick.ssh.components.jce.OpenSshRsaSha512Certificate", componentFactory);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private boolean testPublicKey(String str, String str2, ComponentFactory<SshPublicKey> componentFactory) {
        if (System.getProperties().containsKey(String.format("disable.%s", str))) {
            if (!Log.isInfoEnabled()) {
                return false;
            }
            Log.info(String.format("   %s WILL NOT be supported because it has been explicitly disabled by a system property", str), new Object[0]);
            return false;
        }
        try {
            return testPublicKey(str, (Class<? extends SshPublicKey>) Class.forName(str2), componentFactory);
        } catch (Throwable th) {
            if (!Log.isInfoEnabled()) {
                return false;
            }
            Log.info("   " + str + " will not be supported: " + th.getMessage(), new Object[0]);
            return false;
        }
    }

    private boolean testPublicKey(String str, Class<? extends SshPublicKey> cls, ComponentFactory<SshPublicKey> componentFactory) {
        if (System.getProperties().containsKey(String.format("disable.%s", str))) {
            if (!Log.isInfoEnabled()) {
                return false;
            }
            Log.info(String.format("   %s WILL NOT be supported because it has been explicitly disabled by a system property", str), new Object[0]);
            return false;
        }
        if (disableTests) {
            componentFactory.add(str, cls);
            return true;
        }
        try {
            String test = cls.newInstance().test();
            if (Log.isInfoEnabled()) {
                Log.info("   " + str + " will be supported using JCE Provider " + test, new Object[0]);
            }
            componentFactory.add(str, cls);
            return true;
        } catch (Throwable th) {
            if (!Log.isInfoEnabled()) {
                return false;
            }
            Log.info("   " + str + " will not be supported: " + th.getMessage(), new Object[0]);
            return false;
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    protected void initializeSsh1CipherFactory(ComponentFactory<SshCipher> componentFactory) {
        if (testJCECipher("ssh1-des", Ssh1Des.class)) {
            componentFactory.add("2", Ssh1Des.class);
        }
        if (testJCECipher("ssh1-3des", Ssh1Des3.class)) {
            componentFactory.add("3", Ssh1Des3.class);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    protected void initializeSsh2CipherFactory(ComponentFactory<SshCipher> componentFactory) {
        if (testJCECipher("chacha20-poly1305@openssh.com", ChaCha20Poly1305.class)) {
            componentFactory.add("chacha20-poly1305@openssh.com", ChaCha20Poly1305.class);
        }
        if (testJCECipher("aes128-ctr", AES128CTR.class)) {
            componentFactory.add("aes128-ctr", AES128CTR.class);
        }
        if (testJCECipher("aes192-ctr", AES192CTR.class)) {
            componentFactory.add("aes192-ctr", AES192CTR.class);
        }
        if (testJCECipher("aes256-ctr", AES256CTR.class)) {
            componentFactory.add("aes256-ctr", AES256CTR.class);
        }
        if (testJCECipher("3des-ctr", TrippleDesCTR.class)) {
            componentFactory.add("3des-ctr", TrippleDesCTR.class);
        }
        if (testJCECipher("3des-cbc", TrippleDesCBC.class)) {
            componentFactory.add("3des-cbc", TrippleDesCBC.class);
        }
        if (testJCECipher("blowfish-cbc", BlowfishCBC.class)) {
            componentFactory.add("blowfish-cbc", BlowfishCBC.class);
        }
        if (testJCECipher("aes128-cbc", AES128CBC.class)) {
            componentFactory.add("aes128-cbc", AES128CBC.class);
        }
        if (testJCECipher("aes192-cbc", AES192CBC.class)) {
            componentFactory.add("aes192-cbc", AES192CBC.class);
        }
        if (testJCECipher("aes256-cbc", AES256CBC.class)) {
            componentFactory.add("aes256-cbc", AES256CBC.class);
        }
        if (testJCECipher("arcfour", Arcfour.class)) {
            componentFactory.add("arcfour", Arcfour.class);
        }
        if (testJCECipher("arcfour128", Arcfour128.class)) {
            componentFactory.add("arcfour128", Arcfour128.class);
        }
        if (testJCECipher("arcfour256", Arcfour256.class)) {
            componentFactory.add("arcfour256", Arcfour256.class);
        }
        if (testJCECipher("aes128-gcm@openssh.com", AES128GCM.class)) {
            componentFactory.add("aes128-gcm@openssh.com", AES128GCM.class);
        }
        if (testJCECipher("aes256-gcm@openssh.com", AES256GCM.class)) {
            componentFactory.add("aes256-gcm@openssh.com", AES256GCM.class);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshKeyPair[] loadKeystore(InputStream inputStream, String str, String str2, String str3) throws IOException {
        return loadKeystore(inputStream, str, str2, str3, "PKCS12");
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshKeyPair[] loadKeystore(InputStream inputStream, String str, String str2, String str3, String str4) throws IOException {
        try {
            KeyStore keyStore = KeyStore.getInstance(str4);
            keyStore.load(inputStream, str2.toCharArray());
            Key key = keyStore.getKey(str, str3.toCharArray());
            X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(str);
            Certificate[] certificateChain = keyStore.getCertificateChain(str);
            String algorithm = key.getAlgorithm();
            SshKeyPair sshKeyPair = new SshKeyPair();
            if (algorithm.equals("RSA")) {
                if (x509Certificate.getSigAlgName().equalsIgnoreCase(JCEAlgorithms.JCE_SHA1WithRSA)) {
                    sshKeyPair.setPublicKey(new SshX509RsaSha1PublicKeyBC(x509Certificate));
                    sshKeyPair.setPrivateKey(new Ssh2RsaPrivateKeyBC(((RSAPrivateKey) key).getModulus(), ((RSAPrivateKey) key).getPrivateExponent()));
                    SshKeyPair sshKeyPair2 = new SshKeyPair();
                    sshKeyPair2.setPublicKey(new SshX509RsaPublicKeyBC(x509Certificate));
                    sshKeyPair2.setPrivateKey(new Ssh2RsaPrivateKeyBC(((RSAPrivateKey) key).getModulus(), ((RSAPrivateKey) key).getPrivateExponent()));
                    SshKeyPair sshKeyPair3 = new SshKeyPair();
                    sshKeyPair3.setPublicKey(new SshX509RsaPublicKeyRfc6187BC(certificateChain));
                    sshKeyPair3.setPrivateKey(new Ssh2RsaPrivateKeyBC(((RSAPrivateKey) key).getModulus(), ((RSAPrivateKey) key).getPrivateExponent()));
                    return new SshKeyPair[]{sshKeyPair, sshKeyPair2, sshKeyPair3};
                }
                if (x509Certificate.getSigAlgName().equalsIgnoreCase(JCEAlgorithms.JCE_SHA256WithRSA) && ((RSAPublicKey) x509Certificate.getPublicKey()).getModulus().bitLength() >= 2048) {
                    sshKeyPair.setPublicKey(new SshX509Rsa2048Sha256Rfc6187BC(certificateChain));
                    sshKeyPair.setPrivateKey(new Ssh2RsaPrivateKeyBC(((RSAPrivateKey) key).getModulus(), ((RSAPrivateKey) key).getPrivateExponent()));
                    if (!AdaptiveConfiguration.getBoolean("backwardCompatibleSHA2", false, new String[0])) {
                        return new SshKeyPair[]{sshKeyPair};
                    }
                    SshKeyPair sshKeyPair4 = new SshKeyPair();
                    sshKeyPair4.setPublicKey(new SshX509RsaPublicKeyBC(x509Certificate));
                    sshKeyPair4.setPrivateKey(new Ssh2RsaPrivateKeyBC(((RSAPrivateKey) key).getModulus(), ((RSAPrivateKey) key).getPrivateExponent()));
                    return new SshKeyPair[]{sshKeyPair, sshKeyPair4};
                }
            } else if (algorithm.equals(JCEAlgorithms.JCE_DSA)) {
                sshKeyPair.setPublicKey(new SshX509DsaPublicKeyBC(x509Certificate));
                sshKeyPair.setPrivateKey(new Ssh2DsaPrivateKeyBC(((DSAPrivateKey) key).getX(), ((DSAPublicKey) x509Certificate.getPublicKey()).getParams().getP(), ((DSAPublicKey) x509Certificate.getPublicKey()).getParams().getQ(), ((DSAPublicKey) x509Certificate.getPublicKey()).getParams().getG(), ((DSAPublicKey) x509Certificate.getPublicKey()).getY()));
                SshKeyPair sshKeyPair5 = new SshKeyPair();
                sshKeyPair5.setPublicKey(new SshX509DsaPublicKeyRfc6187BC(certificateChain));
                sshKeyPair5.setPrivateKey(new Ssh2DsaPrivateKeyBC(((DSAPrivateKey) key).getX(), ((DSAPublicKey) x509Certificate.getPublicKey()).getParams().getP(), ((DSAPublicKey) x509Certificate.getPublicKey()).getParams().getQ(), ((DSAPublicKey) x509Certificate.getPublicKey()).getParams().getG(), ((DSAPublicKey) x509Certificate.getPublicKey()).getY()));
                return new SshKeyPair[]{sshKeyPair, sshKeyPair5};
            }
            throw new IOException(algorithm + " is an unsupported certificate type");
        } catch (Throwable th) {
            throw new IOException("Could not load keystore from stream: " + th.getMessage());
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshKeyPair[] loadKeystore(File file, String str, String str2, String str3) throws IOException {
        return loadKeystore(file, str, str2, str3, "PKCS12");
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshKeyPair[] loadKeystore(File file, String str, String str2, String str3, String str4) throws IOException {
        return loadKeystore(new FileInputStream(file), str, str2, str3, str4);
    }

    private boolean testDigest(String str) {
        return supportedDigests().contains(str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private boolean testClientKeyExchangeAlgorithm(String str, String str2, ComponentFactory<SshKeyExchange> componentFactory) {
        Class<?> cls;
        if (System.getProperties().containsKey(String.format("disable.%s", str))) {
            if (!Log.isInfoEnabled()) {
                return false;
            }
            Log.info(String.format("   %s WILL NOT be supported because it has been explicitly disabled by a system property", str), new Object[0]);
            return false;
        }
        SshKeyExchange sshKeyExchange = null;
        try {
            cls = Class.forName(str2);
        } catch (Exception e) {
            if (!Log.isInfoEnabled()) {
                return false;
            }
            Log.info("   " + str + " (client) will not be supported: " + e.getMessage(), new Object[0]);
            return false;
        } catch (Throwable th) {
        }
        if (disableTests) {
            componentFactory.add(str, cls);
            return true;
        }
        sshKeyExchange = (SshKeyExchange) cls.newInstance();
        if (!testDigest(sshKeyExchange.getHashAlgorithm())) {
            throw new Exception("Hash algorithm " + sshKeyExchange.getHashAlgorithm() + " is not supported");
        }
        sshKeyExchange.test();
        componentFactory.add(str, cls);
        if (!Log.isInfoEnabled()) {
            return true;
        }
        Log.info("   " + str + " (client) will be supported using Provider " + sshKeyExchange.getProvider(), new Object[0]);
        return true;
    }

    private boolean testJCECipher(String str, Class<? extends SshCipher> cls) {
        if (System.getProperties().containsKey(String.format("disable.%s", str))) {
            if (!Log.isInfoEnabled()) {
                return false;
            }
            Log.info(String.format("   %s WILL NOT be supported because it has been explicitly disabled by a system property", str), new Object[0]);
            return false;
        }
        if (disableTests) {
            return true;
        }
        try {
            SshCipher newInstance = cls.newInstance();
            byte[] bArr = new byte[1024];
            getSecureRandom().nextBytes(bArr);
            newInstance.init(0, bArr, bArr);
            if (!Log.isInfoEnabled()) {
                return true;
            }
            Log.info("   " + str + " will be supported using Provider " + newInstance.getProviderName(), new Object[0]);
            return true;
        } catch (Throwable th) {
            if (!Log.isInfoEnabled()) {
                return false;
            }
            Log.info("   " + str + " WILL NOT be supported: " + th.getMessage(), new Object[0]);
            return false;
        }
    }

    private boolean testDigest(String str, Class<? extends Digest> cls) {
        if (System.getProperties().containsKey(String.format("disable.%s", str))) {
            if (!Log.isInfoEnabled()) {
                return false;
            }
            Log.info(String.format("   %s WILL NOT be supported because it has been explicitly disabled by a system property", str), new Object[0]);
            return false;
        }
        if (disableTests) {
            return true;
        }
        Object obj = null;
        try {
            obj = (Digest) cls.newInstance();
            if (!Log.isInfoEnabled()) {
                return true;
            }
            Log.info("   " + str + " will be supported using Provider " + ((AbstractBCDigest) obj).getProvider(), new Object[0]);
            return true;
        } catch (Throwable th) {
            if (!Log.isInfoEnabled()) {
                return false;
            }
            if (obj == null || ((AbstractBCDigest) obj).getProvider() == null) {
                Log.info("   " + str + " WILL NOT be supported: " + th.getMessage(), new Object[0]);
                return false;
            }
            Log.info("   " + str + " WILL NOT be supported from Provider " + ((AbstractBCDigest) obj).getProvider() + ": " + th.getMessage(), new Object[0]);
            return false;
        }
    }

    private boolean testHMac(String str, Class<? extends SshHmac> cls) {
        if (System.getProperties().containsKey(String.format("disable.%s", str))) {
            if (!Log.isInfoEnabled()) {
                return false;
            }
            Log.info(String.format("   %s WILL NOT be supported because it has been explicitly disabled by a system property", str), new Object[0]);
            return false;
        }
        if (disableTests) {
            return true;
        }
        try {
            SshHmac newInstance = cls.newInstance();
            newInstance.init(new byte[1024]);
            if (!(newInstance instanceof AbstractBCHmac) || !Log.isInfoEnabled()) {
                return true;
            }
            Log.info("   " + str + " will be supported using Provider " + ((AbstractBCHmac) newInstance).getProvider(), new Object[0]);
            return true;
        } catch (Throwable th) {
            if (!Log.isInfoEnabled()) {
                return false;
            }
            Log.info("   " + str + " WILL NOT be supported: " + th.getMessage(), new Object[0]);
            return false;
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshKeyPair generateEd25519KeyPair() throws SshException {
        Ed25519KeyGenerationParameters ed25519KeyGenerationParameters = new Ed25519KeyGenerationParameters(getSecureRandom());
        Ed25519KeyPairGenerator ed25519KeyPairGenerator = new Ed25519KeyPairGenerator();
        ed25519KeyPairGenerator.init(ed25519KeyGenerationParameters);
        AsymmetricCipherKeyPair generateKeyPair = ed25519KeyPairGenerator.generateKeyPair();
        SshKeyPair sshKeyPair = new SshKeyPair();
        sshKeyPair.setPrivateKey(new SshEd25519PrivateKeyBC(generateKeyPair.getPrivate()));
        sshKeyPair.setPublicKey(new SshEd25519PublicKeyBC(generateKeyPair.getPublic()));
        return sshKeyPair;
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshPrivateKey createEd25519PrivateKey(byte[] bArr, byte[] bArr2) {
        return new SshEd25519PrivateKeyBC(bArr);
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshPrivateKey createEcdsaPrivateKey(byte[] bArr, byte[] bArr2, String str) {
        return new Ssh2EcdsaSha2NistPrivateKeyBC(bArr, bArr2, str);
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshPublicKey createEcdsaPublicKey(byte[] bArr, String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case -845821773:
                if (str.equals("secp256r1")) {
                    z = false;
                    break;
                }
                break;
            case -844810801:
                if (str.equals("secp384r1")) {
                    z = true;
                    break;
                }
                break;
            case -843145388:
                if (str.equals("secp521r1")) {
                    z = 2;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return new Ssh2EcdsaSha2Nist256PublicKeyBC(bArr);
            case true:
                return new Ssh2EcdsaSha2Nist384PublicKeyBC(bArr);
            case true:
                return new Ssh2EcdsaSha2Nist521PublicKeyBC(bArr);
            default:
                throw new IllegalStateException("Unexpected curve " + str);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshPublicKey createEd25519PublicKey(byte[] bArr) {
        return new SshEd25519PublicKeyBC(bArr);
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshKeyPair generateEd448KeyPair() throws SshException {
        Ed448KeyGenerationParameters ed448KeyGenerationParameters = new Ed448KeyGenerationParameters(getSecureRandom());
        Ed448KeyPairGenerator ed448KeyPairGenerator = new Ed448KeyPairGenerator();
        ed448KeyPairGenerator.init(ed448KeyGenerationParameters);
        AsymmetricCipherKeyPair generateKeyPair = ed448KeyPairGenerator.generateKeyPair();
        SshKeyPair sshKeyPair = new SshKeyPair();
        sshKeyPair.setPrivateKey(new SshEd448PrivateKeyBC(generateKeyPair.getPrivate()));
        sshKeyPair.setPublicKey(new SshEd448PublicKeyBC(generateKeyPair.getPublic()));
        return sshKeyPair;
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshPublicKey createEd448PublicKey(byte[] bArr) {
        return new SshEd448PublicKeyBC(bArr);
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshPrivateKey createEd448PrivateKey(byte[] bArr, byte[] bArr2) {
        return new SshEd448PrivateKeyBC(bArr);
    }
}
