package org.jkiss.dbeaver.model.net.ssh;

import com.jcraft.jsch.JSch;
import com.jcraft.jsch.JSchException;
import com.jcraft.jsch.Logger;
import com.jcraft.jsch.Session;
import com.jcraft.jsch.UIKeyboardInteractive;
import com.jcraft.jsch.UserInfo;
import java.io.BufferedReader;
import java.io.File;
import java.io.IOException;
import java.io.InputStreamReader;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.runtime.ObjectMethods;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.StandardCopyOption;
import java.util.concurrent.TimeUnit;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.jkiss.code.NotNull;
import org.jkiss.code.Nullable;
import org.jkiss.dbeaver.DBException;
import org.jkiss.dbeaver.Log;
import org.jkiss.dbeaver.model.DBPDataSourceContainer;
import org.jkiss.dbeaver.model.net.DBWHandlerConfiguration;
import org.jkiss.dbeaver.model.net.ssh.config.SSHAuthConfiguration;
import org.jkiss.dbeaver.model.net.ssh.config.SSHHostConfiguration;
import org.jkiss.dbeaver.model.runtime.DBRProgressMonitor;
import org.jkiss.dbeaver.runtime.DBWorkbench;
import org.jkiss.dbeaver.utils.GeneralUtils;
import org.jkiss.dbeaver.utils.RuntimeUtils;
import org.jkiss.utils.CommonUtils;
import org.jkiss.utils.SecurityUtils;

/* loaded from: input_file:org/jkiss/dbeaver/model/net/ssh/JSCHSessionController.class */
public class JSCHSessionController extends AbstractSessionController<JSCHSession> {
    private static final Log log = Log.getLog(JSCHSessionController.class);

    /* loaded from: input_file:org/jkiss/dbeaver/model/net/ssh/JSCHSessionController$JschLogger.class */
    private static class JschLogger implements Logger {
        private static final Pattern[] SENSITIVE_DATA_PATTERNS = {Pattern.compile("^Connecting to (.*?) port"), Pattern.compile("^Disconnecting from (.*?) port"), Pattern.compile("^Host '(.*?)'"), Pattern.compile("^Permanently added '(.*?)'")};

        private JschLogger() {
        }

        public boolean isEnabled(int i) {
            return true;
        }

        public void log(int i, String str) {
            String str2;
            switch (i) {
                case 1:
                    str2 = "INFO";
                    break;
                case 2:
                    str2 = "WARN";
                    break;
                case 3:
                    str2 = "ERROR";
                    break;
                case 4:
                    str2 = "FATAL";
                    break;
                default:
                    str2 = "DEBUG";
                    break;
            }
            String str3 = str2;
            for (Pattern pattern : SENSITIVE_DATA_PATTERNS) {
                str = CommonUtils.replaceFirstGroup(str, pattern, 1, SecurityUtils::mask);
            }
            JSCHSessionController.log.debug("SSH: " + str3 + ": " + str);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/jkiss/dbeaver/model/net/ssh/JSCHSessionController$JschUserInfo.class */
    public static final class JschUserInfo extends Record implements UserInfo, UIKeyboardInteractive {

        @NotNull
        private final SSHAuthConfiguration configuration;

        private JschUserInfo(@NotNull SSHAuthConfiguration sSHAuthConfiguration) {
            this.configuration = sSHAuthConfiguration;
        }

        public String getPassphrase() {
            return this.configuration.password();
        }

        public String getPassword() {
            return getPassphrase();
        }

        public boolean promptPassword(String str) {
            return true;
        }

        public boolean promptPassphrase(String str) {
            return true;
        }

        public boolean promptYesNo(String str) {
            return false;
        }

        public void showMessage(String str) {
            JSCHSessionController.log.info(str);
        }

        public String[] promptKeyboardInteractive(String str, String str2, String str3, String[] strArr, boolean[] zArr) {
            JSCHSessionController.log.debug("JSCH keyboard interactive auth");
            return new String[]{getPassphrase()};
        }

        @NotNull
        public SSHAuthConfiguration configuration() {
            return this.configuration;
        }

        @Override // java.lang.Record
        public final String toString() {
            return (String) ObjectMethods.bootstrap(MethodHandles.lookup(), "toString", MethodType.methodType(String.class, JschUserInfo.class), JschUserInfo.class, "configuration", "FIELD:Lorg/jkiss/dbeaver/model/net/ssh/JSCHSessionController$JschUserInfo;->configuration:Lorg/jkiss/dbeaver/model/net/ssh/config/SSHAuthConfiguration;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final int hashCode() {
            return (int) ObjectMethods.bootstrap(MethodHandles.lookup(), "hashCode", MethodType.methodType(Integer.TYPE, JschUserInfo.class), JschUserInfo.class, "configuration", "FIELD:Lorg/jkiss/dbeaver/model/net/ssh/JSCHSessionController$JschUserInfo;->configuration:Lorg/jkiss/dbeaver/model/net/ssh/config/SSHAuthConfiguration;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final boolean equals(Object obj) {
            return (boolean) ObjectMethods.bootstrap(MethodHandles.lookup(), "equals", MethodType.methodType(Boolean.TYPE, JschUserInfo.class, Object.class), JschUserInfo.class, "configuration", "FIELD:Lorg/jkiss/dbeaver/model/net/ssh/JSCHSessionController$JschUserInfo;->configuration:Lorg/jkiss/dbeaver/model/net/ssh/config/SSHAuthConfiguration;").dynamicInvoker().invoke(this, obj) /* invoke-custom */;
        }
    }

    public JSCHSessionController() {
        JSch.setLogger(new JschLogger());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @NotNull
    /* renamed from: createSession, reason: merged with bridge method [inline-methods] */
    public JSCHSession m1createSession() {
        return new JSCHSession(this);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @NotNull
    public Session createNewSession(@NotNull DBRProgressMonitor dBRProgressMonitor, @NotNull DBWHandlerConfiguration dBWHandlerConfiguration, @NotNull SSHHostConfiguration sSHHostConfiguration) throws DBException {
        JSch jSch = new JSch();
        SSHAuthConfiguration.KeyFile auth = sSHHostConfiguration.auth();
        if (auth instanceof SSHAuthConfiguration.Password) {
            log.debug("SSHSessionController: Using password authentication");
        } else if (auth instanceof SSHAuthConfiguration.KeyFile) {
            SSHAuthConfiguration.KeyFile keyFile = auth;
            log.debug("SSHSessionController: Using public key authentication");
            try {
                addIdentityKeyFile(jSch, dBRProgressMonitor, dBWHandlerConfiguration.getDataSource(), Path.of(keyFile.path(), new String[0]), keyFile.password());
            } catch (Exception e) {
                throw new DBException("Error adding identity key", e);
            }
        } else if (auth instanceof SSHAuthConfiguration.KeyData) {
            SSHAuthConfiguration.KeyData keyData = (SSHAuthConfiguration.KeyData) auth;
            log.debug("SSHSessionController: Using public key authentication");
            try {
                addIdentityKeyValue(jSch, keyData.data(), keyData.password());
            } catch (Exception e2) {
                throw new DBException("Error adding identity key", e2);
            }
        } else if (auth instanceof SSHAuthConfiguration.Agent) {
            log.debug("SSHSessionController: Using agent authentication");
            jSch.setIdentityRepository(createAgentIdentityRepository());
        }
        try {
            Session session = jSch.getSession(sSHHostConfiguration.username(), sSHHostConfiguration.hostname(), sSHHostConfiguration.port());
            UserInfo userInfo = null;
            JSCHUserInfoPromptProvider jSCHUserInfoPromptProvider = (JSCHUserInfoPromptProvider) GeneralUtils.adapt(this, JSCHUserInfoPromptProvider.class);
            if (jSCHUserInfoPromptProvider != null) {
                userInfo = jSCHUserInfoPromptProvider.createUserInfoPrompt(sSHHostConfiguration, session);
            }
            if (userInfo == null) {
                userInfo = new JschUserInfo(auth);
            }
            session.setUserInfo(userInfo);
            session.setHostKeyAlias(sSHHostConfiguration.hostname());
            session.setServerAliveInterval(dBWHandlerConfiguration.getIntProperty("aliveInterval"));
            session.setTimeout(dBWHandlerConfiguration.getIntProperty("sshConnectTimeout"));
            setupHostKeyVerification(jSch, session, dBWHandlerConfiguration);
            if (auth instanceof SSHAuthConfiguration.Password) {
                session.setConfig("PreferredAuthentications", "password,keyboard-interactive");
            } else {
                session.setConfig("PreferredAuthentications", "publickey,keyboard-interactive,password");
            }
            session.connect();
            return session;
        } catch (JSchException e3) {
            throw new DBException("Failed to create session", e3);
        }
    }

    private void setupHostKeyVerification(@NotNull JSch jSch, @NotNull Session session, @NotNull DBWHandlerConfiguration dBWHandlerConfiguration) throws JSchException {
        if (DBWorkbench.getPlatform().getApplication().isHeadlessMode() || dBWHandlerConfiguration.getBooleanProperty("bypassHostVerification")) {
            session.setConfig("StrictHostKeyChecking", "no");
            return;
        }
        File knownSshHostsFileOrNull = SSHUtils.getKnownSshHostsFileOrNull();
        if (knownSshHostsFileOrNull == null) {
            session.setConfig("StrictHostKeyChecking", "ask");
            return;
        }
        try {
            jSch.setKnownHosts(knownSshHostsFileOrNull.getAbsolutePath());
            session.setConfig("StrictHostKeyChecking", "ask");
        } catch (JSchException e) {
            if (e.getCause() instanceof ArrayIndexOutOfBoundsException) {
                if (!DBWorkbench.getPlatformUI().confirmAction(JSCHUIMessages.ssh_file_corrupted_dialog_title, JSCHUIMessages.ssh_file_corrupted_dialog_message, true)) {
                    throw e;
                }
                session.setConfig("StrictHostKeyChecking", "no");
            }
        }
    }

    private void addIdentityKeyValue(@NotNull JSch jSch, String str, String str2) throws JSchException {
        byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
        if (CommonUtils.isEmpty(str2)) {
            jSch.addIdentity("key", bytes, (byte[]) null, (byte[]) null);
        } else {
            jSch.addIdentity("key", bytes, (byte[]) null, str2.getBytes());
        }
    }

    /* JADX WARN: Finally extract failed */
    private void addIdentityKeyFile(@NotNull JSch jSch, @NotNull DBRProgressMonitor dBRProgressMonitor, @NotNull DBPDataSourceContainer dBPDataSourceContainer, @NotNull Path path, @Nullable String str) throws IOException, JSchException {
        Throwable th = null;
        try {
            BufferedReader newBufferedReader = Files.newBufferedReader(path);
            try {
                String readLine = newBufferedReader.readLine();
                if (newBufferedReader != null) {
                    newBufferedReader.close();
                }
                if (!readLine.equals("-----BEGIN OPENSSH PRIVATE KEY-----")) {
                    addIdentityKey0(jSch, path, str);
                    return;
                }
                log.debug("Attempting to convert an unsupported key into suitable format");
                Path resolve = DBWorkbench.getPlatform().getTempFolder(dBRProgressMonitor, "openssh-pkey").resolve(dBPDataSourceContainer.getId() + ".pem");
                Files.copy(path, resolve, StandardCopyOption.COPY_ATTRIBUTES, StandardCopyOption.REPLACE_EXISTING);
                String notEmpty = CommonUtils.notEmpty(str);
                if (RuntimeUtils.isWindows()) {
                    notEmpty = "\"" + notEmpty + "\"";
                }
                Process start = new ProcessBuilder(new String[0]).command("ssh-keygen", "-p", "-P", notEmpty, "-N", notEmpty, "-m", "PEM", "-f", resolve.toAbsolutePath().toString(), "-q").start();
                try {
                    try {
                        if (!start.waitFor(5000L, TimeUnit.MILLISECONDS)) {
                            start.destroyForcibly();
                        }
                        if (start.exitValue() == 0) {
                            addIdentityKey0(jSch, resolve, notEmpty);
                            try {
                                Files.delete(resolve);
                                return;
                            } catch (IOException e) {
                                log.debug("Failed to delete private key file", e);
                                return;
                            }
                        }
                        Throwable th2 = null;
                        try {
                            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(start.getErrorStream()));
                            try {
                                String str2 = (String) bufferedReader.lines().collect(Collectors.joining("\n"));
                                if (bufferedReader != null) {
                                    bufferedReader.close();
                                }
                                throw new IOException("Specified private key cannot be converted:\n" + str2);
                            } catch (Throwable th3) {
                                if (bufferedReader != null) {
                                    bufferedReader.close();
                                }
                                throw th3;
                            }
                        } catch (Throwable th4) {
                            if (0 == 0) {
                                th2 = th4;
                            } else if (null != th4) {
                                th2.addSuppressed(th4);
                            }
                            throw th2;
                        }
                    } catch (InterruptedException e2) {
                        throw new IOException(e2);
                    }
                } catch (Throwable th5) {
                    try {
                        Files.delete(resolve);
                    } catch (IOException e3) {
                        log.debug("Failed to delete private key file", e3);
                    }
                    throw th5;
                }
            } catch (Throwable th6) {
                if (newBufferedReader != null) {
                    newBufferedReader.close();
                }
                throw th6;
            }
        } catch (Throwable th7) {
            if (0 == 0) {
                th = th7;
            } else if (null != th7) {
                th.addSuppressed(th7);
            }
            throw th;
        }
    }

    private void addIdentityKey0(@NotNull JSch jSch, Path path, String str) throws JSchException {
        if (CommonUtils.isEmpty(str)) {
            jSch.addIdentity(path.toAbsolutePath().toString());
        } else {
            jSch.addIdentity(path.toAbsolutePath().toString(), str);
        }
    }
}
