package com.maverick.ssh.components.jce;

import com.maverick.ssh.SshException;
import com.maverick.ssh.components.ComponentFactory;
import com.maverick.ssh.components.ComponentManager;
import com.maverick.ssh.components.Digest;
import com.maverick.ssh.components.SshCipher;
import com.maverick.ssh.components.SshDsaPrivateKey;
import com.maverick.ssh.components.SshDsaPublicKey;
import com.maverick.ssh.components.SshHmac;
import com.maverick.ssh.components.SshKeyExchange;
import com.maverick.ssh.components.SshKeyPair;
import com.maverick.ssh.components.SshPublicKey;
import com.maverick.ssh.components.SshRsaPrivateCrtKey;
import com.maverick.ssh.components.SshRsaPrivateKey;
import com.maverick.ssh.components.SshRsaPublicKey;
import com.maverick.ssh.components.SshSecureRandomGenerator;
import com.sshtools.publickey.SshKeyPairGenerator;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.ECGenParameterSpec;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/maverick/ssh/components/jce/JCEComponentManager.class */
public class JCEComponentManager extends ComponentManager implements JCEAlgorithms {
    static Logger log = LoggerFactory.getLogger(JCEComponentManager.class);
    SecureRND rnd;

    public JCEComponentManager() {
        if (System.getProperty("maverick.enableBCProvider", "true").equalsIgnoreCase("false")) {
            if (log.isInfoEnabled()) {
                log.info("Automatic configuration of BouncyCastle is disabled");
                return;
            }
            return;
        }
        if (log.isInfoEnabled()) {
            log.info("Attempting to automatically configure BouncyCastle Security Provider");
        }
        try {
            Provider provider = (Provider) Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider").newInstance();
            try {
                Security.addProvider(provider);
                if (log.isInfoEnabled()) {
                    log.info("Automatically added BouncyCastle to list of Security Providers");
                }
            } catch (Exception e) {
            }
            initializeProviderForAlgorithm(JCEAlgorithms.JCE_DH, provider);
            if (log.isInfoEnabled()) {
                log.info("Initialized algorithm configuration for Diffie Hellman to use BouncyCastle Security Provider");
            }
        } catch (Throwable th) {
            if (log.isInfoEnabled()) {
                log.info("No automatic configuration of BouncyCastle took place as it could not be found in the classpath");
            }
        }
    }

    public static void initializeDefaultProvider(Provider provider) {
        JCEProvider.initializeDefaultProvider(provider);
    }

    public static void initializeProviderForAlgorithm(String str, Provider provider) {
        JCEProvider.initializeProviderForAlgorithm(str, provider);
    }

    public static String getSecureRandomAlgorithm() {
        return JCEProvider.getSecureRandomAlgorithm();
    }

    public static void setSecureRandomAlgorithm(String str) {
        JCEProvider.setSecureRandomAlgorithm(str);
    }

    public static Provider getProviderForAlgorithm(String str) {
        return JCEProvider.getProviderForAlgorithm(str);
    }

    public static SecureRandom getSecureRandom() throws NoSuchAlgorithmException {
        return JCEProvider.getSecureRandom();
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshDsaPrivateKey createDsaPrivateKey(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3, BigInteger bigInteger4, BigInteger bigInteger5) throws SshException {
        return new Ssh2DsaPrivateKey(bigInteger, bigInteger2, bigInteger3, bigInteger4, bigInteger5);
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshDsaPublicKey createDsaPublicKey(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3, BigInteger bigInteger4) throws SshException {
        try {
            return new Ssh2DsaPublicKey(bigInteger, bigInteger2, bigInteger3, bigInteger4);
        } catch (Throwable th) {
            throw new SshException(th);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshDsaPublicKey createDsaPublicKey() {
        return new Ssh2DsaPublicKey();
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshRsaPrivateCrtKey createRsaPrivateCrtKey(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3, BigInteger bigInteger4, BigInteger bigInteger5, BigInteger bigInteger6) throws SshException {
        try {
            return new Ssh2RsaPrivateCrtKey(bigInteger, bigInteger2, bigInteger3, bigInteger4, bigInteger5, bigInteger3.mod(bigInteger4.subtract(BigInteger.ONE)), bigInteger3.mod(bigInteger5.subtract(BigInteger.ONE)), bigInteger6);
        } catch (Throwable th) {
            throw new SshException(th);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshRsaPrivateCrtKey createRsaPrivateCrtKey(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3, BigInteger bigInteger4, BigInteger bigInteger5, BigInteger bigInteger6, BigInteger bigInteger7, BigInteger bigInteger8) throws SshException {
        try {
            return new Ssh2RsaPrivateCrtKey(bigInteger, bigInteger2, bigInteger3, bigInteger4, bigInteger5, bigInteger6, bigInteger7, bigInteger8);
        } catch (Throwable th) {
            throw new SshException(th);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshRsaPrivateKey createRsaPrivateKey(BigInteger bigInteger, BigInteger bigInteger2) throws SshException {
        try {
            return new Ssh2RsaPrivateKey(bigInteger, bigInteger2);
        } catch (Throwable th) {
            throw new SshException(th);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshRsaPublicKey createRsaPublicKey(BigInteger bigInteger, BigInteger bigInteger2, int i) throws SshException {
        try {
            switch (i) {
                case 1:
                    return new Ssh1RsaPublicKey(bigInteger, bigInteger2);
                case 2:
                    return new Ssh2RsaPublicKey(bigInteger, bigInteger2);
                default:
                    throw new SshException("Illegal version number " + i, 5);
            }
        } catch (Throwable th) {
            throw new SshException(th);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshRsaPublicKey createSsh2RsaPublicKey() throws SshException {
        return new Ssh2RsaPublicKey();
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshKeyPair generateDsaKeyPair(int i) throws SshException {
        try {
            KeyPairGenerator keyPairGenerator = JCEProvider.getProviderForAlgorithm(JCEAlgorithms.JCE_DSA) == null ? KeyPairGenerator.getInstance(JCEAlgorithms.JCE_DSA) : KeyPairGenerator.getInstance(JCEAlgorithms.JCE_DSA, JCEProvider.getProviderForAlgorithm(JCEAlgorithms.JCE_DSA));
            keyPairGenerator.initialize(i);
            KeyPair genKeyPair = keyPairGenerator.genKeyPair();
            PrivateKey privateKey = genKeyPair.getPrivate();
            PublicKey publicKey = genKeyPair.getPublic();
            SshKeyPair sshKeyPair = new SshKeyPair();
            sshKeyPair.setPrivateKey(new Ssh2DsaPrivateKey((DSAPrivateKey) privateKey, (DSAPublicKey) publicKey));
            sshKeyPair.setPublicKey(new Ssh2DsaPublicKey((DSAPublicKey) publicKey));
            return sshKeyPair;
        } catch (NoSuchAlgorithmException e) {
            throw new SshException(e);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshKeyPair generateRsaKeyPair(int i, int i2) throws SshException {
        try {
            KeyPairGenerator keyPairGenerator = JCEProvider.getProviderForAlgorithm("RSA") == null ? KeyPairGenerator.getInstance("RSA") : KeyPairGenerator.getInstance("RSA", JCEProvider.getProviderForAlgorithm("RSA"));
            keyPairGenerator.initialize(i);
            KeyPair genKeyPair = keyPairGenerator.genKeyPair();
            PrivateKey privateKey = genKeyPair.getPrivate();
            PublicKey publicKey = genKeyPair.getPublic();
            SshKeyPair sshKeyPair = new SshKeyPair();
            if (!(privateKey instanceof RSAPrivateCrtKey)) {
                throw new SshException("RSA key generation requires RSAPrivateCrtKey as private key type.", 16);
            }
            sshKeyPair.setPrivateKey(new Ssh2RsaPrivateCrtKey((RSAPrivateCrtKey) privateKey));
            if (i2 == 1) {
                sshKeyPair.setPublicKey(new Ssh1RsaPublicKey((RSAPublicKey) publicKey));
            } else {
                sshKeyPair.setPublicKey(new Ssh2RsaPublicKey((RSAPublicKey) publicKey));
            }
            return sshKeyPair;
        } catch (NoSuchAlgorithmException e) {
            throw new SshException(e);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshKeyPair generateEcdsaKeyPair(int i) throws SshException {
        String str;
        switch (i) {
            case 256:
                str = "secp256r1";
                break;
            case 384:
                str = "secp384r1";
                break;
            case 521:
                str = "secp521r1";
                break;
            default:
                throw new SshException("Unsupported size " + i + " for ECDSA key (256,384,521 supported)", 4);
        }
        try {
            ECGenParameterSpec eCGenParameterSpec = new ECGenParameterSpec(str);
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDSA");
            keyPairGenerator.initialize(eCGenParameterSpec, new SecureRandom());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            SshKeyPair sshKeyPair = new SshKeyPair();
            sshKeyPair.setPrivateKey(new Ssh2EcdsaSha2NistPrivateKey((ECPrivateKey) generateKeyPair.getPrivate(), str));
            sshKeyPair.setPublicKey(new Ssh2EcdsaSha2NistPublicKey((ECPublicKey) generateKeyPair.getPublic(), str));
            return sshKeyPair;
        } catch (Exception e) {
            throw new SshException(e);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshSecureRandomGenerator getRND() throws SshException {
        try {
            return this.rnd == null ? new SecureRND() : this.rnd;
        } catch (NoSuchAlgorithmException e) {
            throw new SshException(e);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    protected void initializeDigestFactory(ComponentFactory<Digest> componentFactory) {
        if (testDigest("MD5", MD5Digest.class)) {
            componentFactory.add("MD5", MD5Digest.class);
        }
        if (testDigest("SHA-1", SHA1Digest.class)) {
            componentFactory.add("SHA-1", SHA1Digest.class);
        }
        if (testDigest("SHA1", SHA1Digest.class)) {
            componentFactory.add("SHA1", SHA1Digest.class);
        }
        if (testDigest("SHA-256", SHA256Digest.class)) {
            componentFactory.add("SHA-256", SHA256Digest.class);
        }
        if (testDigest(JCEAlgorithms.JCE_SHA384, SHA384Digest.class)) {
            componentFactory.add(JCEAlgorithms.JCE_SHA384, SHA384Digest.class);
        }
        if (testDigest(JCEAlgorithms.JCE_SHA512, SHA512Digest.class)) {
            componentFactory.add(JCEAlgorithms.JCE_SHA512, SHA512Digest.class);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    protected void initializeHmacFactory(ComponentFactory<SshHmac> componentFactory) {
        if (testHMac("hmac-md5", HmacMD5.class)) {
            componentFactory.add("hmac-md5", HmacMD5.class);
            componentFactory.add("hmac-md5-etm@openssh.com", HmacMD5ETM.class);
        }
        if (testHMac("hmac-sha1", HmacSha1.class)) {
            componentFactory.add("hmac-sha1", HmacSha1.class);
            componentFactory.add("hmac-sha1-etm@openssh.com", HmacSha1ETM.class);
        }
        if (testHMac("hmac-md5-96", HmacMD596.class)) {
            componentFactory.add("hmac-md5-96", HmacMD596.class);
        }
        if (testHMac("hmac-sha1-96", HmacSha196.class)) {
            componentFactory.add("hmac-sha1-96", HmacSha196.class);
        }
        if (testHMac("hmac-sha256", HmacSha256.class)) {
            componentFactory.add("hmac-sha256", HmacSha256.class);
            componentFactory.add("hmac-sha2-256", HmacSha256.class);
            componentFactory.add("hmac-sha256@ssh.com", HmacSha256_at_ssh_dot_com.class);
            componentFactory.add("hmac-sha2-256-etm@openssh.com", HmacSha256ETM.class);
        }
        if (testHMac("hmac-sha2-256-96", HmacSha256_96.class)) {
            componentFactory.add("hmac-sha2-256-96", HmacSha256_96.class);
        }
        if (testHMac("hmac-sha512", HmacSha512.class)) {
            componentFactory.add("hmac-sha512", HmacSha512.class);
            componentFactory.add("hmac-sha2-512", HmacSha512.class);
            componentFactory.add("hmac-sha512@ssh.com", HmacSha512.class);
            componentFactory.add("hmac-sha2-512-etm@openssh.com", HmacSha512ETM.class);
        }
        if (testHMac("hmac-sha2-512-96", HmacSha512_96.class)) {
            componentFactory.add("hmac-sha2-512-96", HmacSha512_96.class);
        }
        if (testHMac("hmac-ripemd160", HmacRipeMd160.class)) {
            componentFactory.add("hmac-ripemd160", HmacRipeMd160.class);
            componentFactory.add("hmac-ripemd160@openssh.com", HmacRipeMd160.class);
            componentFactory.add("hmac-ripemd160-etm@openssh.com", HmacRipeMd160ETM.class);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.maverick.ssh.components.ComponentManager
    protected void initializeKeyExchangeFactory(ComponentFactory<SshKeyExchange> componentFactory, ComponentFactory<SshKeyExchange> componentFactory2) {
        try {
            Class<?> cls = Class.forName("com.maverick.ssh.components.jce.client.DiffieHellmanGroup14Sha1");
            Class<?> cls2 = Class.forName("com.maverick.ssh.components.jce.client.DiffieHellmanGroup1Sha1");
            Class<?> cls3 = Class.forName("com.maverick.ssh.components.jce.client.DiffieHellmanGroupExchangeSha1");
            Class<?> cls4 = Class.forName("com.maverick.ssh.components.jce.client.DiffieHellmanGroupExchangeSha256");
            Class<?> cls5 = Class.forName("com.maverick.ssh.components.jce.client.DiffieHellmanEcdhNistp256");
            Class<?> cls6 = Class.forName("com.maverick.ssh.components.jce.client.DiffieHellmanEcdhNistp384");
            Class<?> cls7 = Class.forName("com.maverick.ssh.components.jce.client.DiffieHellmanEcdhNistp521");
            if (testClientKeyExchangeAlgorithm("diffie-hellman-group14-sha1", cls)) {
                componentFactory.add("diffie-hellman-group14-sha1", cls);
            }
            if (testClientKeyExchangeAlgorithm("diffie-hellman-group1-sha1", cls2)) {
                componentFactory.add("diffie-hellman-group1-sha1", cls2);
            }
            if (testClientKeyExchangeAlgorithm("diffie-hellman-group-exchange-sha1", cls3)) {
                componentFactory.add("diffie-hellman-group-exchange-sha1", cls3);
            }
            if (testClientKeyExchangeAlgorithm("diffie-hellman-group-exchange-sha256", cls4)) {
                componentFactory.add("diffie-hellman-group-exchange-sha256", cls4);
            }
            if (testClientKeyExchangeAlgorithm("ecdh-sha2-nistp256", cls5)) {
                componentFactory.add("ecdh-sha2-nistp256", cls5);
            }
            if (testClientKeyExchangeAlgorithm("ecdh-sha2-nistp384", cls6)) {
                componentFactory.add("ecdh-sha2-nistp384", cls6);
            }
            if (testClientKeyExchangeAlgorithm("ecdh-sha2-nistp521", cls7)) {
                componentFactory.add("ecdh-sha2-nistp521", cls7);
            }
        } catch (ClassNotFoundException e) {
        }
        try {
            Class<?> cls8 = Class.forName("com.maverick.sshd.components.jce.server.DiffieHellmanGroup14Sha1JCE");
            Class<?> cls9 = Class.forName("com.maverick.sshd.components.jce.server.DiffieHellmanGroup1Sha1JCE");
            Class<?> cls10 = Class.forName("com.maverick.sshd.components.jce.server.DiffieHellmanGroupExchangeSha1JCE");
            Class<?> cls11 = Class.forName("com.maverick.sshd.components.jce.server.DiffieHellmanGroupExchangeSha256JCE");
            Class<?> cls12 = Class.forName("com.maverick.sshd.components.jce.server.DiffieHellmanEcdhNistp256");
            Class<?> cls13 = Class.forName("com.maverick.sshd.components.jce.server.DiffieHellmanEcdhNistp384");
            Class<?> cls14 = Class.forName("com.maverick.sshd.components.jce.server.DiffieHellmanEcdhNistp521");
            if (testServerKeyExchangeAlgorithm("diffie-hellman-group14-sha1", cls8)) {
                componentFactory2.add("diffie-hellman-group14-sha1", cls8);
            }
            if (testServerKeyExchangeAlgorithm("diffie-hellman-group1-sha1", cls9)) {
                componentFactory2.add("diffie-hellman-group1-sha1", cls9);
            }
            if (testServerKeyExchangeAlgorithm("diffie-hellman-group-exchange-sha1", cls10)) {
                componentFactory2.add("diffie-hellman-group-exchange-sha1", cls10);
            }
            if (testServerKeyExchangeAlgorithm("diffie-hellman-group-exchange-sha256", cls11)) {
                componentFactory2.add("diffie-hellman-group-exchange-sha256", cls11);
            }
            if (testServerKeyExchangeAlgorithm("ecdh-sha2-nistp256", cls12)) {
                componentFactory2.add("ecdh-sha2-nistp256", cls12);
            }
            if (testServerKeyExchangeAlgorithm("ecdh-sha2-nistp384", cls13)) {
                componentFactory2.add("ecdh-sha2-nistp384", cls13);
            }
            if (testServerKeyExchangeAlgorithm("ecdh-sha2-nistp521", cls14)) {
                componentFactory2.add("ecdh-sha2-nistp521", cls14);
            }
        } catch (ClassNotFoundException e2) {
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    protected void initializePublicKeyFactory(ComponentFactory<SshPublicKey> componentFactory) {
        componentFactory.add(SshKeyPairGenerator.SSH2_DSA, Ssh2DsaPublicKey.class);
        componentFactory.add(SshKeyPairGenerator.SSH2_RSA, Ssh2RsaPublicKey.class);
        componentFactory.add(SshX509RsaPublicKey.X509V3_SIGN_RSA, SshX509RsaPublicKey.class);
        componentFactory.add(SshX509DsaPublicKey.X509V3_SIGN_DSA, SshX509DsaPublicKey.class);
        componentFactory.add(SshX509RsaSha1PublicKey.X509V3_SIGN_RSA_SHA1, SshX509RsaSha1PublicKey.class);
        componentFactory.add(SshX509RsaPublicKeyRfc6187.X509V3_SSH_RSA, SshX509RsaPublicKeyRfc6187.class);
        componentFactory.add(SshX509DsaPublicKeyRfc6187.X509V3_SSH_DSS, SshX509DsaPublicKeyRfc6187.class);
        componentFactory.add("x509v3-ecdsa-sha2-nistp256", SshX509EcdsaSha2Nist256Rfc6187.class);
        componentFactory.add("x509v3-ecdsa-sha2-nistp384", SshX509EcdsaSha2Nist256Rfc6187.class);
        componentFactory.add("x509v3-ecdsa-sha2-nistp521", SshX509EcdsaSha2Nist256Rfc6187.class);
        componentFactory.add("ecdsa-sha2-nistp256", Ssh2EcdsaSha2Nist256PublicKey.class);
        componentFactory.add("ecdsa-sha2-nistp384", Ssh2EcdsaSha2Nist384PublicKey.class);
        componentFactory.add("ecdsa-sha2-nistp521", Ssh2EcdsaSha2Nist521PublicKey.class);
        componentFactory.add(SshX509Rsa2048Sha256Rfc6187.X509V3_SSH_RSA, SshX509Rsa2048Sha256Rfc6187.class);
    }

    @Override // com.maverick.ssh.components.ComponentManager
    protected void initializeSsh1CipherFactory(ComponentFactory<SshCipher> componentFactory) {
        if (testJCECipher("ssh1-des", Ssh1Des.class)) {
            componentFactory.add("2", Ssh1Des.class);
        }
        if (testJCECipher("ssh1-3des", Ssh1Des3.class)) {
            componentFactory.add("3", Ssh1Des3.class);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    protected void initializeSsh2CipherFactory(ComponentFactory<SshCipher> componentFactory) {
        if (testJCECipher("3des-ctr", TripleDesCtr.class)) {
            componentFactory.add("3des-ctr", TripleDesCtr.class);
        }
        if (testJCECipher("aes128-gcm@openssh.com", AES128Gcm.class)) {
            componentFactory.add("aes128-gcm@openssh.com", AES128Gcm.class);
        }
        if (testJCECipher("aes256-gcm@openssh.com", AES256Gcm.class)) {
            componentFactory.add("aes256-gcm@openssh.com", AES256Gcm.class);
        }
        if (testJCECipher("aes128-ctr", AES128Ctr.class)) {
            componentFactory.add("aes128-ctr", AES128Ctr.class);
        }
        if (testJCECipher("aes192-ctr", AES192Ctr.class)) {
            componentFactory.add("aes192-ctr", AES192Ctr.class);
        }
        if (testJCECipher("aes256-ctr", AES256Ctr.class)) {
            componentFactory.add("aes256-ctr", AES256Ctr.class);
        }
        if (testJCECipher("3des-cbc", TripleDesCbc.class)) {
            componentFactory.add("3des-cbc", TripleDesCbc.class);
        }
        if (testJCECipher("blowfish-cbc", BlowfishCbc.class)) {
            componentFactory.add("blowfish-cbc", BlowfishCbc.class);
        }
        if (testJCECipher("aes128-cbc", AES128Cbc.class)) {
            componentFactory.add("aes128-cbc", AES128Cbc.class);
        }
        if (testJCECipher("aes192-cbc", AES192Cbc.class)) {
            componentFactory.add("aes192-cbc", AES192Cbc.class);
        }
        if (testJCECipher("aes256-cbc", AES256Cbc.class)) {
            componentFactory.add("aes256-cbc", AES256Cbc.class);
        }
        if (testJCECipher("arcfour", ArcFour.class)) {
            componentFactory.add("arcfour", ArcFour.class);
        }
        if (testJCECipher("arcfour128", ArcFour128.class)) {
            componentFactory.add("arcfour128", ArcFour128.class);
        }
        if (testJCECipher("arcfour256", ArcFour256.class)) {
            componentFactory.add("arcfour256", ArcFour256.class);
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshKeyPair[] loadKeystore(InputStream inputStream, String str, String str2, String str3) throws IOException {
        return loadKeystore(inputStream, str, str2, str3, "PKCS12");
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshKeyPair[] loadKeystore(InputStream inputStream, String str, String str2, String str3, String str4) throws IOException {
        try {
            KeyStore keyStore = KeyStore.getInstance(str4);
            keyStore.load(inputStream, str2.toCharArray());
            Key key = keyStore.getKey(str, str3.toCharArray());
            X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(str);
            Certificate[] certificateChain = keyStore.getCertificateChain(str);
            String algorithm = key.getAlgorithm();
            SshKeyPair sshKeyPair = new SshKeyPair();
            if (algorithm.equals("RSA")) {
                if (x509Certificate.getSigAlgName().equalsIgnoreCase(JCEAlgorithms.JCE_SHA1WithRSA)) {
                    sshKeyPair.setPublicKey(new SshX509RsaSha1PublicKey(x509Certificate));
                    sshKeyPair.setPrivateKey(new Ssh2RsaPrivateKey((RSAPrivateKey) key));
                    SshKeyPair sshKeyPair2 = new SshKeyPair();
                    sshKeyPair2.setPublicKey(new SshX509RsaPublicKey(x509Certificate));
                    sshKeyPair2.setPrivateKey(new Ssh2RsaPrivateKey((RSAPrivateKey) key));
                    SshKeyPair sshKeyPair3 = new SshKeyPair();
                    sshKeyPair3.setPublicKey(new SshX509RsaPublicKeyRfc6187(certificateChain));
                    sshKeyPair3.setPrivateKey(new Ssh2RsaPrivateKey((RSAPrivateKey) key));
                    return new SshKeyPair[]{sshKeyPair, sshKeyPair2, sshKeyPair3};
                }
                if (x509Certificate.getSigAlgName().equalsIgnoreCase("SHA256WithRSA") && ((RSAPublicKey) x509Certificate.getPublicKey()).getModulus().bitLength() >= 2048) {
                    sshKeyPair.setPublicKey(new SshX509Rsa2048Sha256Rfc6187(certificateChain));
                    sshKeyPair.setPrivateKey(new Ssh2RsaPrivateKey((RSAPrivateKey) key));
                    if (!Boolean.getBoolean("maverick.backwardCompatibleSHA2")) {
                        return new SshKeyPair[]{sshKeyPair};
                    }
                    SshKeyPair sshKeyPair4 = new SshKeyPair();
                    sshKeyPair4.setPublicKey(new SshX509RsaPublicKey(x509Certificate));
                    sshKeyPair4.setPrivateKey(new Ssh2RsaPrivateKey((RSAPrivateKey) key));
                    return new SshKeyPair[]{sshKeyPair, sshKeyPair4};
                }
            } else if (algorithm.equals(JCEAlgorithms.JCE_DSA)) {
                sshKeyPair.setPublicKey(new SshX509DsaPublicKey(x509Certificate));
                sshKeyPair.setPrivateKey(new Ssh2DsaPrivateKey((DSAPrivateKey) key, (DSAPublicKey) x509Certificate.getPublicKey()));
                SshKeyPair sshKeyPair5 = new SshKeyPair();
                sshKeyPair5.setPublicKey(new SshX509DsaPublicKeyRfc6187(certificateChain));
                sshKeyPair5.setPrivateKey(new Ssh2DsaPrivateKey((DSAPrivateKey) key));
                return new SshKeyPair[]{sshKeyPair, sshKeyPair5};
            }
            throw new IOException(algorithm + " is an unsupported certificate type");
        } catch (Throwable th) {
            throw new IOException("Could not load keystore from stream: " + th.getMessage());
        }
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshKeyPair[] loadKeystore(File file, String str, String str2, String str3) throws IOException {
        return loadKeystore(file, str, str2, str3, "PKCS12");
    }

    @Override // com.maverick.ssh.components.ComponentManager
    public SshKeyPair[] loadKeystore(File file, String str, String str2, String str3, String str4) throws IOException {
        return loadKeystore(new FileInputStream(file), str, str2, str3, str4);
    }

    private boolean testDigest(String str) {
        return supportedDigests().contains(str);
    }

    private boolean testClientKeyExchangeAlgorithm(String str, Class<? extends SshKeyExchange> cls) {
        SshKeyExchange sshKeyExchange = null;
        try {
            sshKeyExchange = cls.newInstance();
        } catch (Exception e) {
            if (!log.isInfoEnabled()) {
                return false;
            }
            log.info("   " + str + " (client) will not be supported: " + e.getMessage());
            return false;
        } catch (Throwable th) {
        }
        if (!testDigest(sshKeyExchange.getHashAlgorithm())) {
            throw new Exception("Hash algorithm " + sshKeyExchange.getHashAlgorithm() + " is not supported");
        }
        sshKeyExchange.test();
        if (!log.isInfoEnabled()) {
            return true;
        }
        log.info("   " + str + " (client) will be supported using JCE Provider " + sshKeyExchange.getProvider());
        return true;
    }

    private boolean testServerKeyExchangeAlgorithm(String str, Class<? extends SshKeyExchange> cls) {
        SshKeyExchange sshKeyExchange = null;
        try {
            sshKeyExchange = cls.newInstance();
        } catch (Exception e) {
            if (!log.isInfoEnabled()) {
                return false;
            }
            log.info("   " + str + " (server) will not be supported: " + e.getMessage());
            return false;
        } catch (Throwable th) {
        }
        if (!testDigest(sshKeyExchange.getHashAlgorithm())) {
            throw new Exception("Hash algorithm " + sshKeyExchange.getHashAlgorithm() + " is not supported");
        }
        sshKeyExchange.test();
        if (!log.isInfoEnabled()) {
            return true;
        }
        log.info("   " + str + " (server) will be supported using JCE Provider " + sshKeyExchange.getProvider());
        return true;
    }

    private boolean testJCECipher(String str, Class<? extends SshCipher> cls) {
        try {
            SshCipher newInstance = cls.newInstance();
            byte[] bArr = new byte[1024];
            newInstance.init(0, bArr, bArr);
            if (!(newInstance instanceof AbstractJCECipher) || !log.isInfoEnabled()) {
                return true;
            }
            log.info("   " + str + " will be supported using JCE Provider " + ((AbstractJCECipher) newInstance).getProvider());
            return true;
        } catch (Throwable th) {
            if (!log.isInfoEnabled()) {
                return false;
            }
            log.info("   " + str + " will not be supported: " + th.getMessage());
            return false;
        }
    }

    private boolean testDigest(String str, Class<? extends Digest> cls) {
        try {
            Digest newInstance = cls.newInstance();
            if (!(newInstance instanceof AbstractDigest) || !log.isInfoEnabled()) {
                return true;
            }
            log.info("   " + str + " will be supported using JCE Provider " + ((AbstractDigest) newInstance).getProvider());
            return true;
        } catch (Throwable th) {
            if (!log.isInfoEnabled()) {
                return false;
            }
            log.info("   " + str + " will not be supported: " + th.getMessage());
            return false;
        }
    }

    private boolean testHMac(String str, Class<? extends SshHmac> cls) {
        try {
            SshHmac newInstance = cls.newInstance();
            newInstance.init(new byte[1024]);
            if (!(newInstance instanceof AbstractHmac) || !log.isInfoEnabled()) {
                return true;
            }
            log.info("   " + str + " will be supported using JCE Provider " + ((AbstractHmac) newInstance).getProvider());
            return true;
        } catch (Throwable th) {
            if (!log.isInfoEnabled()) {
                return false;
            }
            log.info("   " + str + " will not be supported: " + th.getMessage());
            return false;
        }
    }
}
