package com.sshtools.desktop.agent.sshteam;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.hypersocket.json.JsonRequestStatus;
import com.sshtools.agent.KeyStore;
import com.sshtools.agent.exceptions.KeyTimeoutException;
import com.sshtools.common.logger.Log;
import com.sshtools.common.publickey.SshKeyUtils;
import com.sshtools.common.ssh.SshException;
import com.sshtools.common.ssh.components.SshKeyPair;
import com.sshtools.common.ssh.components.SshPublicKey;
import com.sshtools.common.util.ByteArrayWriter;
import com.sshtools.desktop.agent.ExtendedKeyInfo;
import com.sshtools.desktop.agent.swt.SWTResourceManager;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLEncoder;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import java.nio.charset.StandardCharsets;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.stream.Collectors;

/* loaded from: input_file:com/sshtools/desktop/agent/sshteam/SshTeamHelper.class */
public class SshTeamHelper {
    public static String getAuthorizedKeys(String str, String str2, int i, SshPublicKey sshPublicKey, KeyStore keyStore) throws NoSuchAlgorithmException, IOException, InterruptedException, URISyntaxException, SshException, KeyTimeoutException {
        long nextLong = SecureRandom.getInstanceStrong().nextLong();
        String openSSHFormattedKey = SshKeyUtils.getOpenSSHFormattedKey(sshPublicKey);
        HashMap hashMap = new HashMap();
        hashMap.put("username", str);
        hashMap.put("nonce", String.valueOf(nextLong));
        hashMap.put("authorizationKey", openSSHFormattedKey);
        hashMap.put("authorization", generateAuthorization(str, keyStore, sshPublicKey, nextLong, openSSHFormattedKey));
        return doRequestString(String.format("https://%s:%d/app/api/authorizedKeys/list", str2, Integer.valueOf(i)), hashMap);
    }

    public static SshTeamPolicy getPolicy(String str, String str2, int i, SshPublicKey sshPublicKey, KeyStore keyStore) throws NoSuchAlgorithmException, IOException, InterruptedException, URISyntaxException, SshException, KeyTimeoutException {
        long nextLong = SecureRandom.getInstanceStrong().nextLong();
        String openSSHFormattedKey = SshKeyUtils.getOpenSSHFormattedKey(sshPublicKey);
        HashMap hashMap = new HashMap();
        hashMap.put("username", str);
        hashMap.put("nonce", String.valueOf(nextLong));
        hashMap.put("authorizationKey", openSSHFormattedKey);
        hashMap.put("authorization", generateAuthorization(str, keyStore, sshPublicKey, nextLong, openSSHFormattedKey));
        SshTeamPolicyStatus sshTeamPolicyStatus = (SshTeamPolicyStatus) new ObjectMapper().readValue(doRequestString(String.format("https://%s:%d/app/api/authorizedKeys/policy", str2, Integer.valueOf(i)), hashMap), SshTeamPolicyStatus.class);
        if (sshTeamPolicyStatus.isSuccess()) {
            return (SshTeamPolicy) sshTeamPolicyStatus.getResource();
        }
        throw new IOException(sshTeamPolicyStatus.getMessage());
    }

    public static boolean checkKey(String str, String str2, int i, SshKeyPair sshKeyPair) {
        try {
            long nextLong = SecureRandom.getInstanceStrong().nextLong();
            String openSSHFormattedKey = SshKeyUtils.getOpenSSHFormattedKey(sshKeyPair.getPublicKey());
            HashMap hashMap = new HashMap();
            hashMap.put("username", str);
            hashMap.put("nonce", String.valueOf(nextLong));
            hashMap.put("authorizationKey", openSSHFormattedKey);
            hashMap.put("authorization", generateAuthorization(str, sshKeyPair, nextLong, openSSHFormattedKey));
            SshTeamPolicyStatus sshTeamPolicyStatus = (SshTeamPolicyStatus) new ObjectMapper().readValue(doRequestString(String.format("https://%s:%d/app/api/authorizedKeys/policy", str2, Integer.valueOf(i)), hashMap), SshTeamPolicyStatus.class);
            if (sshTeamPolicyStatus.isSuccess()) {
                return true;
            }
            throw new IOException(sshTeamPolicyStatus.getMessage());
        } catch (Throwable th) {
            Log.error("Check for ssh.team synchronization failed", th, new Object[0]);
            return false;
        }
    }

    public static void addKey(String str, String str2, int i, SshPublicKey sshPublicKey, KeyStore keyStore, String str3, SshPublicKey sshPublicKey2) throws NoSuchAlgorithmException, IOException, InterruptedException, URISyntaxException, SshException, KeyTimeoutException {
        long nextLong = SecureRandom.getInstanceStrong().nextLong();
        String openSSHFormattedKey = SshKeyUtils.getOpenSSHFormattedKey(sshPublicKey);
        String openSSHFormattedKey2 = SshKeyUtils.getOpenSSHFormattedKey(sshPublicKey2);
        HashMap hashMap = new HashMap();
        hashMap.put("username", str);
        hashMap.put("nonce", String.valueOf(nextLong));
        hashMap.put("authorizationKey", openSSHFormattedKey);
        hashMap.put("authorization", generateAuthorization(str, keyStore, sshPublicKey, nextLong, str3, openSSHFormattedKey2));
        hashMap.put("name", str3);
        hashMap.put("publicKey", openSSHFormattedKey2);
        doRequest(String.format("https://%s:%d/app/api/authorizedKeys/add", str2, Integer.valueOf(i)), hashMap);
    }

    public static void removeKey(String str, String str2, int i, SshPublicKey sshPublicKey, KeyStore keyStore, String str3, SshPublicKey sshPublicKey2) throws NoSuchAlgorithmException, IOException, InterruptedException, URISyntaxException, SshException, KeyTimeoutException {
        long nextLong = SecureRandom.getInstanceStrong().nextLong();
        String openSSHFormattedKey = SshKeyUtils.getOpenSSHFormattedKey(sshPublicKey);
        String openSSHFormattedKey2 = SshKeyUtils.getOpenSSHFormattedKey(sshPublicKey2);
        HashMap hashMap = new HashMap();
        hashMap.put("username", str);
        hashMap.put("nonce", String.valueOf(nextLong));
        hashMap.put("authorizationKey", openSSHFormattedKey);
        hashMap.put("authorization", generateAuthorization(str, keyStore, sshPublicKey, nextLong, str3, openSSHFormattedKey2));
        hashMap.put("name", str3);
        hashMap.put("publicKey", openSSHFormattedKey2);
        doRequest(String.format("https://%s:%d/app/api/authorizedKeys/remove", str2, Integer.valueOf(i)), hashMap);
    }

    private static String generateAuthorization(String str, KeyStore keyStore, SshPublicKey sshPublicKey, long j, String... strArr) throws IOException, SshException, KeyTimeoutException {
        if (Log.isInfoEnabled()) {
            Log.info("Generating authorization for {}", new Object[]{str});
            Log.info("Nonce {}", new Object[]{String.valueOf(j)});
        }
        ByteArrayWriter byteArrayWriter = new ByteArrayWriter();
        try {
            byteArrayWriter.writeString(str);
            byteArrayWriter.writeUINT64(j);
            for (String str2 : strArr) {
                if (Log.isInfoEnabled()) {
                    Log.info("And {}", new Object[]{str2});
                }
                byteArrayWriter.writeString(str2);
            }
            if (Log.isInfoEnabled()) {
                Log.info("Signing data {}", new Object[]{Base64.getUrlEncoder().encodeToString(byteArrayWriter.toByteArray())});
                Log.info("With key {}", new Object[]{SshKeyUtils.getFingerprint(sshPublicKey)});
            }
            int i = 0;
            String signingAlgorithm = sshPublicKey.getSigningAlgorithm();
            boolean z = -1;
            switch (signingAlgorithm.hashCode()) {
                case -1078039047:
                    if (signingAlgorithm.equals("rsa-sha2-256")) {
                        z = false;
                        break;
                    }
                    break;
                case -1078036292:
                    if (signingAlgorithm.equals("rsa-sha2-512")) {
                        z = true;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    i = 1;
                    break;
                case SWTResourceManager.TOP_LEFT /* 1 */:
                    i = 2;
                    break;
            }
            String encodeToString = Base64.getUrlEncoder().encodeToString(keyStore.performHashAndSign(sshPublicKey, Collections.emptyList(), byteArrayWriter.toByteArray(), i));
            byteArrayWriter.close();
            return encodeToString;
        } catch (Throwable th) {
            try {
                byteArrayWriter.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private static String generateAuthorization(String str, SshKeyPair sshKeyPair, long j, String... strArr) throws IOException, SshException, KeyTimeoutException {
        byte[] sign;
        ByteArrayWriter byteArrayWriter = new ByteArrayWriter();
        try {
            byteArrayWriter.writeString(str);
            byteArrayWriter.writeUINT64(j);
            for (String str2 : strArr) {
                byteArrayWriter.writeString(str2);
            }
            String signingAlgorithm = sshKeyPair.getPublicKey().getSigningAlgorithm();
            boolean z = -1;
            switch (signingAlgorithm.hashCode()) {
                case -1078039047:
                    if (signingAlgorithm.equals("rsa-sha2-256")) {
                        z = false;
                        break;
                    }
                    break;
                case -1078036292:
                    if (signingAlgorithm.equals("rsa-sha2-512")) {
                        z = true;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    sign = sshKeyPair.getPrivateKey().sign(byteArrayWriter.toByteArray(), "rsa-sha2-256");
                    break;
                case SWTResourceManager.TOP_LEFT /* 1 */:
                    sign = sshKeyPair.getPrivateKey().sign(byteArrayWriter.toByteArray(), "rsa-sha2-512");
                    break;
                default:
                    sign = sshKeyPair.getPrivateKey().sign(byteArrayWriter.toByteArray(), sshKeyPair.getPublicKey().getSigningAlgorithm());
                    break;
            }
            String encodeToString = Base64.getUrlEncoder().encodeToString(sign);
            byteArrayWriter.close();
            return encodeToString;
        } catch (Throwable th) {
            try {
                byteArrayWriter.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private static String doRequestString(String str, Map<String, String> map) throws IOException, InterruptedException, URISyntaxException {
        HttpResponse send = HttpClient.newHttpClient().send(HttpRequest.newBuilder().uri(new URI(str)).headers(new String[]{"Content-Type", "application/x-www-form-urlencoded"}).POST(HttpRequest.BodyPublishers.ofString((String) map.entrySet().stream().map(entry -> {
            return ((String) entry.getKey()) + "=" + URLEncoder.encode((String) entry.getValue(), StandardCharsets.UTF_8);
        }).collect(Collectors.joining("&")))).build(), HttpResponse.BodyHandlers.ofString());
        if (send.statusCode() != 200) {
            throw new IOException(str + " returned " + send.statusCode());
        }
        return send.body().toString();
    }

    private static void doRequest(String str, Map<String, String> map) throws IOException, InterruptedException, URISyntaxException {
        JsonRequestStatus jsonRequestStatus = (JsonRequestStatus) new ObjectMapper().readValue(doRequestString(str, map), JsonRequestStatus.class);
        if (!jsonRequestStatus.isSuccess()) {
            throw new IOException(jsonRequestStatus.getMessage());
        }
    }

    public static Collection<SshPublicKey> verifyAccess(String str, String str2, int i, KeyStore keyStore) {
        ArrayList arrayList = new ArrayList();
        for (SshPublicKey sshPublicKey : keyStore.getPublicKeys().keySet()) {
            ExtendedKeyInfo extendedKeyInfo = (ExtendedKeyInfo) keyStore.getKeyConstraints(sshPublicKey);
            extendedKeyInfo.setName((String) keyStore.getPublicKeys().get(sshPublicKey));
            try {
                getPolicy(str, str2, i, sshPublicKey, keyStore);
                Log.info("Found existing key {} on ssh.team domain", new Object[]{SshKeyUtils.getFingerprint(sshPublicKey)});
                arrayList.add(sshPublicKey);
                extendedKeyInfo.setTeamKey(true);
            } catch (Throwable th) {
                Log.info("Key {} is not present on ssh.team domain", new Object[]{SshKeyUtils.getFingerprint(sshPublicKey)});
                extendedKeyInfo.setTeamKey(false);
            }
        }
        return arrayList;
    }
}
