package org.jkiss.dbeaver.model.net.ssh;

import com.jcraft.jsch.HostKeyRepository;
import com.jcraft.jsch.Identity;
import com.jcraft.jsch.JSch;
import com.jcraft.jsch.JSchException;
import com.jcraft.jsch.KeyPair;
import java.io.File;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.runtime.ObjectMethods;
import java.nio.file.Files;
import java.nio.file.InvalidPathException;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.Iterator;
import org.eclipse.core.runtime.Platform;
import org.eclipse.core.runtime.preferences.IScopeContext;
import org.eclipse.jsch.internal.core.JSchCorePlugin;
import org.jkiss.code.NotNull;
import org.jkiss.code.Nullable;
import org.jkiss.dbeaver.DBException;
import org.jkiss.dbeaver.Log;
import org.jkiss.dbeaver.model.net.DBWHandlerConfiguration;
import org.jkiss.dbeaver.model.net.ssh.SSHConstants;
import org.jkiss.dbeaver.model.net.ssh.config.SSHAuthConfiguration;
import org.jkiss.dbeaver.model.net.ssh.config.SSHHostConfiguration;
import org.jkiss.dbeaver.model.preferences.DBPPreferenceStore;
import org.jkiss.dbeaver.registry.DataSourceUtils;
import org.jkiss.dbeaver.runtime.DBWorkbench;
import org.jkiss.dbeaver.utils.RuntimeUtils;
import org.jkiss.utils.CommonUtils;
import org.jkiss.utils.IOUtils;

/* loaded from: input_file:org/jkiss/dbeaver/model/net/ssh/SSHUtils.class */
public class SSHUtils {
    private static final Log log = Log.getLog(SSHUtils.class);
    public static final boolean DISABLE_SESSION_SHARING = Boolean.getBoolean("dbeaver.ssh.disableSessionSharing");
    private static final String PLATFORM_SSH_PREFERENCES_NODE = "org.eclipse.jsch.core";
    private static final String PLATFORM_SSH_PREFERENCES_SSH2HOME_KEY = "SSH2HOME";
    private static final String DEFAULT_SSH_HOME_DIR_NAME = ".ssh";
    private static final String DEFAULT_SSH_HOME_DIR_NAME_WIN_OLD = "ssh";
    private static final String KNOWN_SSH_HOSTS_FILE_NAME = "known_hosts";
    private static volatile /* synthetic */ int[] $SWITCH_TABLE$org$jkiss$dbeaver$model$net$ssh$SSHConstants$AuthType;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/jkiss/dbeaver/model/net/ssh/SSHUtils$ConfigurationKind.class */
    public interface ConfigurationKind {

        /* loaded from: input_file:org/jkiss/dbeaver/model/net/ssh/SSHUtils$ConfigurationKind$JumpHost.class */
        public static final class JumpHost extends Record implements ConfigurationKind {

            @NotNull
            private final String configurationPrefix;
            private final int index;

            public JumpHost(@NotNull String str, int i) {
                this.configurationPrefix = str;
                this.index = i;
            }

            @Override // org.jkiss.dbeaver.model.net.ssh.SSHUtils.ConfigurationKind
            @NotNull
            public String formatErrorMessage(@NotNull String str) {
                return "Can't load configuration for the jump host #" + (this.index + 1) + ": " + str;
            }

            @Override // org.jkiss.dbeaver.model.net.ssh.SSHUtils.ConfigurationKind
            @NotNull
            public String configurationPrefix() {
                return this.configurationPrefix;
            }

            public int index() {
                return this.index;
            }

            @Override // java.lang.Record
            public final String toString() {
                return (String) ObjectMethods.bootstrap(MethodHandles.lookup(), "toString", MethodType.methodType(String.class, JumpHost.class), JumpHost.class, "configurationPrefix;index", "FIELD:Lorg/jkiss/dbeaver/model/net/ssh/SSHUtils$ConfigurationKind$JumpHost;->configurationPrefix:Ljava/lang/String;", "FIELD:Lorg/jkiss/dbeaver/model/net/ssh/SSHUtils$ConfigurationKind$JumpHost;->index:I").dynamicInvoker().invoke(this) /* invoke-custom */;
            }

            @Override // java.lang.Record
            public final int hashCode() {
                return (int) ObjectMethods.bootstrap(MethodHandles.lookup(), "hashCode", MethodType.methodType(Integer.TYPE, JumpHost.class), JumpHost.class, "configurationPrefix;index", "FIELD:Lorg/jkiss/dbeaver/model/net/ssh/SSHUtils$ConfigurationKind$JumpHost;->configurationPrefix:Ljava/lang/String;", "FIELD:Lorg/jkiss/dbeaver/model/net/ssh/SSHUtils$ConfigurationKind$JumpHost;->index:I").dynamicInvoker().invoke(this) /* invoke-custom */;
            }

            @Override // java.lang.Record
            public final boolean equals(Object obj) {
                return (boolean) ObjectMethods.bootstrap(MethodHandles.lookup(), "equals", MethodType.methodType(Boolean.TYPE, JumpHost.class, Object.class), JumpHost.class, "configurationPrefix;index", "FIELD:Lorg/jkiss/dbeaver/model/net/ssh/SSHUtils$ConfigurationKind$JumpHost;->configurationPrefix:Ljava/lang/String;", "FIELD:Lorg/jkiss/dbeaver/model/net/ssh/SSHUtils$ConfigurationKind$JumpHost;->index:I").dynamicInvoker().invoke(this, obj) /* invoke-custom */;
            }
        }

        /* loaded from: input_file:org/jkiss/dbeaver/model/net/ssh/SSHUtils$ConfigurationKind$TargetHost.class */
        public static final class TargetHost extends Record implements ConfigurationKind {
            @Override // org.jkiss.dbeaver.model.net.ssh.SSHUtils.ConfigurationKind
            @NotNull
            public String configurationPrefix() {
                return "";
            }

            @Override // org.jkiss.dbeaver.model.net.ssh.SSHUtils.ConfigurationKind
            @NotNull
            public String formatErrorMessage(@NotNull String str) {
                return "Can't load configuration for the target host: " + str;
            }

            @Override // java.lang.Record
            public final String toString() {
                return (String) ObjectMethods.bootstrap(MethodHandles.lookup(), "toString", MethodType.methodType(String.class, TargetHost.class), TargetHost.class, "").dynamicInvoker().invoke(this) /* invoke-custom */;
            }

            @Override // java.lang.Record
            public final int hashCode() {
                return (int) ObjectMethods.bootstrap(MethodHandles.lookup(), "hashCode", MethodType.methodType(Integer.TYPE, TargetHost.class), TargetHost.class, "").dynamicInvoker().invoke(this) /* invoke-custom */;
            }

            @Override // java.lang.Record
            public final boolean equals(Object obj) {
                return (boolean) ObjectMethods.bootstrap(MethodHandles.lookup(), "equals", MethodType.methodType(Boolean.TYPE, TargetHost.class, Object.class), TargetHost.class, "").dynamicInvoker().invoke(this, obj) /* invoke-custom */;
            }
        }

        @NotNull
        String configurationPrefix();

        @NotNull
        String formatErrorMessage(@NotNull String str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int findFreePort() {
        DBPPreferenceStore preferenceStore = DBWorkbench.getPlatform().getPreferenceStore();
        return IOUtils.findFreePort(preferenceStore.getInt("net.tunnel.port.min"), preferenceStore.getInt("net.tunnel.port.max"));
    }

    public static boolean isKeyFileEncrypted(@NotNull Path path) {
        return isKeyFileEncrypted(path.toAbsolutePath().toString());
    }

    public static boolean isKeyFileEncrypted(String str) {
        if (str == null) {
            return false;
        }
        try {
            JSch jSch = new JSch();
            jSch.addIdentity(str);
            Iterator it = jSch.getIdentityRepository().getIdentities().iterator();
            while (it.hasNext()) {
                if (((Identity) it.next()).isEncrypted()) {
                    return true;
                }
            }
            return false;
        } catch (JSchException e) {
            log.debug("Can't check private key encryption: " + e.getMessage());
            return false;
        }
    }

    public static boolean isKeyEncrypted(byte[] bArr) {
        if (bArr == null) {
            return false;
        }
        try {
            return KeyPair.load(new JSch(), bArr, (byte[]) null).isEncrypted();
        } catch (JSchException e) {
            log.debug("Can't check private key encryption: " + e.getMessage());
            return false;
        }
    }

    @NotNull
    public static File getKnownSshHostsFileOrDefault() {
        return getKnownSshHostsFileImpl(true);
    }

    @Nullable
    public static File getKnownSshHostsFileOrNull() {
        return getKnownSshHostsFileImpl(false);
    }

    private static File getKnownSshHostsFileImpl(boolean z) {
        String string = Platform.getPreferencesService().getString(PLATFORM_SSH_PREFERENCES_NODE, PLATFORM_SSH_PREFERENCES_SSH2HOME_KEY, (String) null, (IScopeContext[]) null);
        if (!CommonUtils.isNotEmpty(string)) {
            return resolveDefaultKnownSshHostsFile(z, true);
        }
        try {
            return Paths.get(string, KNOWN_SSH_HOSTS_FILE_NAME).toFile();
        } catch (InvalidPathException e) {
            log.warn("Failed to resolve SSH known hosts file location at " + string, e);
            if (z) {
                return new File(string + File.pathSeparator + "known_hosts");
            }
            return null;
        }
    }

    private static File resolveDefaultKnownSshHostsFile(boolean z, boolean z2) {
        try {
            String property = System.getProperty("user.home");
            if (property != null) {
                Path path = Paths.get(property, new String[0]);
                if (Files.isDirectory(path, new LinkOption[0])) {
                    Path resolve = path.resolve(DEFAULT_SSH_HOME_DIR_NAME);
                    if (RuntimeUtils.isWindows() && (!Files.isDirectory(resolve, new LinkOption[0]) || Files.notExists(resolve, new LinkOption[0]))) {
                        Path resolve2 = path.resolve(DEFAULT_SSH_HOME_DIR_NAME_WIN_OLD);
                        if (Files.isDirectory(resolve2, new LinkOption[0])) {
                            resolve = resolve2;
                        }
                    }
                    if (Files.isDirectory(resolve, new LinkOption[0]) || Files.notExists(resolve, new LinkOption[0])) {
                        if (z2) {
                            Platform.getPreferencesService().getRootNode().node(PLATFORM_SSH_PREFERENCES_NODE).put(PLATFORM_SSH_PREFERENCES_SSH2HOME_KEY, resolve.toAbsolutePath().toString());
                        }
                        return resolve.resolve(KNOWN_SSH_HOSTS_FILE_NAME).toFile();
                    }
                    log.warn("Failed to resolve default SSH known hosts file location due to invalid SSH home directory " + String.valueOf(resolve.toAbsolutePath()));
                } else {
                    log.warn("Failed to resolve default SSH known hosts file location due to missing user home directory " + String.valueOf(path.toAbsolutePath()));
                }
            } else {
                log.warn("Failed to resolve default SSH known hosts file location due to missing user home system property.");
            }
        } catch (Throwable th) {
            log.warn("Failed to resolve default SSH known hosts file location.", th);
        }
        if (z) {
            return Paths.get(RuntimeUtils.isWindows() ? "%USERPROFILE%" : "~", new String[0]).resolve(DEFAULT_SSH_HOME_DIR_NAME).resolve(KNOWN_SSH_HOSTS_FILE_NAME).toFile();
        }
        return null;
    }

    public static void forcePlatformReloadKnownHostsPreferences() {
        JSchCorePlugin.getPlugin().setNeedToLoadKnownHosts(true);
        JSchCorePlugin.getPlugin().getJSch().setHostKeyRepository((HostKeyRepository) null);
    }

    @NotNull
    public static SSHHostConfiguration[] loadHostConfigurations(@NotNull DBWHandlerConfiguration dBWHandlerConfiguration, boolean z) throws DBException {
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < 5; i++) {
            String jumpServerSettingsPrefix = DataSourceUtils.getJumpServerSettingsPrefix(i);
            if (!dBWHandlerConfiguration.getBooleanProperty(jumpServerSettingsPrefix + "enabled")) {
                break;
            }
            arrayList.add(loadHostConfiguration(dBWHandlerConfiguration, new ConfigurationKind.JumpHost(jumpServerSettingsPrefix, i), z));
        }
        arrayList.add(loadHostConfiguration(dBWHandlerConfiguration, new ConfigurationKind.TargetHost(), z));
        return (SSHHostConfiguration[]) arrayList.toArray(i2 -> {
            return new SSHHostConfiguration[i2];
        });
    }

    @NotNull
    private static SSHHostConfiguration loadHostConfiguration(@NotNull DBWHandlerConfiguration dBWHandlerConfiguration, @NotNull ConfigurationKind configurationKind, boolean z) throws DBException {
        String notEmpty;
        String nullIfEmpty;
        SSHAuthConfiguration agent;
        String configurationPrefix = configurationKind.configurationPrefix();
        boolean z2 = dBWHandlerConfiguration.isSavePassword() || (configurationKind instanceof ConfigurationKind.JumpHost);
        if (configurationPrefix.isEmpty()) {
            notEmpty = CommonUtils.notEmpty(dBWHandlerConfiguration.getUserName());
            nullIfEmpty = CommonUtils.nullIfEmpty(dBWHandlerConfiguration.getPassword());
        } else {
            notEmpty = CommonUtils.notEmpty(dBWHandlerConfiguration.getStringProperty(configurationPrefix + "name"));
            nullIfEmpty = CommonUtils.nullIfEmpty(dBWHandlerConfiguration.getSecureProperty(configurationPrefix + "password"));
        }
        if (z && CommonUtils.isEmpty(notEmpty)) {
            notEmpty = SSHConstants.DEFAULT_USER_NAME;
        }
        String notEmpty2 = CommonUtils.notEmpty(dBWHandlerConfiguration.getStringProperty(configurationPrefix + "host"));
        if (z && CommonUtils.isEmpty(notEmpty2)) {
            throw new DBException(configurationKind.formatErrorMessage("hostname is not specified"));
        }
        int intProperty = dBWHandlerConfiguration.getIntProperty(configurationPrefix + "port");
        if (intProperty == 0) {
            if (z) {
                throw new DBException(configurationKind.formatErrorMessage("port is not specified"));
            }
            intProperty = 22;
        }
        switch ($SWITCH_TABLE$org$jkiss$dbeaver$model$net$ssh$SSHConstants$AuthType()[((SSHConstants.AuthType) CommonUtils.valueOf(SSHConstants.AuthType.class, dBWHandlerConfiguration.getStringProperty(configurationPrefix + "authType"), SSHConstants.AuthType.PASSWORD)).ordinal()]) {
            case 1:
                agent = new SSHAuthConfiguration.Password(nullIfEmpty, z2);
                break;
            case 2:
                String stringProperty = dBWHandlerConfiguration.getStringProperty(configurationPrefix + "keyPath");
                if (!CommonUtils.isEmpty(stringProperty)) {
                    if (z) {
                        validatePathAndEnsureExists(configurationKind, stringProperty);
                    }
                    agent = new SSHAuthConfiguration.KeyFile(stringProperty, nullIfEmpty, z2);
                    break;
                } else {
                    String secureProperty = dBWHandlerConfiguration.getSecureProperty(configurationPrefix + "keyValue");
                    if (!z || secureProperty != null) {
                        agent = new SSHAuthConfiguration.KeyData(trimLinesInKeyData(CommonUtils.notEmpty(secureProperty)), nullIfEmpty, z2);
                        break;
                    } else {
                        throw new DBException(configurationKind.formatErrorMessage("private key is not specified"));
                    }
                }
            case 3:
                agent = new SSHAuthConfiguration.Agent();
                break;
            default:
                throw new MatchException((String) null, (Throwable) null);
        }
        return new SSHHostConfiguration(notEmpty, notEmpty2, intProperty, agent);
    }

    @NotNull
    public static String trimLinesInKeyData(@NotNull String str) {
        String[] split = str.split("\\n");
        for (int i = 0; i < split.length; i++) {
            split[i] = split[i].trim();
        }
        return String.join("\n", split);
    }

    public static void saveHostConfigurations(@NotNull DBWHandlerConfiguration dBWHandlerConfiguration, @NotNull SSHHostConfiguration[] sSHHostConfigurationArr) {
        for (int i = 0; i < sSHHostConfigurationArr.length; i++) {
            if (i < sSHHostConfigurationArr.length - 1) {
                saveHostConfiguration(dBWHandlerConfiguration, sSHHostConfigurationArr[i], DataSourceUtils.getJumpServerSettingsPrefix(i), true, true);
            } else {
                saveHostConfiguration(dBWHandlerConfiguration, sSHHostConfigurationArr[i], "", false, false);
            }
        }
    }

    private static void saveHostConfiguration(@NotNull DBWHandlerConfiguration dBWHandlerConfiguration, @NotNull SSHHostConfiguration sSHHostConfiguration, @NotNull String str, boolean z, boolean z2) {
        dBWHandlerConfiguration.setProperty(str + "host", sSHHostConfiguration.hostname());
        dBWHandlerConfiguration.setProperty(str + "port", Integer.valueOf(sSHHostConfiguration.port()));
        if (str.isEmpty()) {
            dBWHandlerConfiguration.setUserName(sSHHostConfiguration.username());
        } else {
            dBWHandlerConfiguration.setProperty(str + "name", sSHHostConfiguration.username());
        }
        SSHAuthConfiguration auth = sSHHostConfiguration.auth();
        if (auth instanceof SSHAuthConfiguration.WithPassword) {
            SSHAuthConfiguration.WithPassword withPassword = (SSHAuthConfiguration.WithPassword) auth;
            boolean z3 = z2 || withPassword.savePassword();
            if (str.isEmpty()) {
                dBWHandlerConfiguration.setSavePassword(z3);
                dBWHandlerConfiguration.setPassword(z3 ? withPassword.password() : null);
            } else {
                dBWHandlerConfiguration.setSecureProperty(str + "password", z3 ? withPassword.password() : null);
            }
        }
        if (sSHHostConfiguration.auth() instanceof SSHAuthConfiguration.Password) {
            dBWHandlerConfiguration.setProperty(str + "authType", SSHConstants.AuthType.PASSWORD.name());
        } else {
            SSHAuthConfiguration auth2 = sSHHostConfiguration.auth();
            if (auth2 instanceof SSHAuthConfiguration.KeyFile) {
                dBWHandlerConfiguration.setProperty(str + "authType", SSHConstants.AuthType.PUBLIC_KEY.name());
                dBWHandlerConfiguration.setProperty(str + "keyPath", ((SSHAuthConfiguration.KeyFile) auth2).path());
            } else {
                SSHAuthConfiguration auth3 = sSHHostConfiguration.auth();
                if (auth3 instanceof SSHAuthConfiguration.KeyData) {
                    dBWHandlerConfiguration.setProperty(str + "authType", SSHConstants.AuthType.PUBLIC_KEY.name());
                    dBWHandlerConfiguration.setSecureProperty(str + "keyValue", ((SSHAuthConfiguration.KeyData) auth3).data());
                } else if (sSHHostConfiguration.auth() instanceof SSHAuthConfiguration.Agent) {
                    dBWHandlerConfiguration.setProperty(str + "authType", SSHConstants.AuthType.AGENT.name());
                }
            }
        }
        if (z) {
            dBWHandlerConfiguration.setProperty(str + "enabled", true);
        }
    }

    private static void validatePathAndEnsureExists(@NotNull ConfigurationKind configurationKind, @NotNull String str) throws DBException {
        try {
            if (Files.notExists(Path.of(str, new String[0]), new LinkOption[0])) {
                throw new DBException(configurationKind.formatErrorMessage("private key file does not exist: " + str));
            }
        } catch (InvalidPathException unused) {
            throw new DBException(configurationKind.formatErrorMessage("invalid private key path: " + str));
        }
    }

    static /* synthetic */ int[] $SWITCH_TABLE$org$jkiss$dbeaver$model$net$ssh$SSHConstants$AuthType() {
        int[] iArr = $SWITCH_TABLE$org$jkiss$dbeaver$model$net$ssh$SSHConstants$AuthType;
        if (iArr != null) {
            return iArr;
        }
        int[] iArr2 = new int[SSHConstants.AuthType.valuesCustom().length];
        try {
            iArr2[SSHConstants.AuthType.AGENT.ordinal()] = 3;
        } catch (NoSuchFieldError unused) {
        }
        try {
            iArr2[SSHConstants.AuthType.PASSWORD.ordinal()] = 1;
        } catch (NoSuchFieldError unused2) {
        }
        try {
            iArr2[SSHConstants.AuthType.PUBLIC_KEY.ordinal()] = 2;
        } catch (NoSuchFieldError unused3) {
        }
        $SWITCH_TABLE$org$jkiss$dbeaver$model$net$ssh$SSHConstants$AuthType = iArr2;
        return iArr2;
    }
}
