package com.sshtools.common.ssh.components.jce;

import com.sshtools.common.logger.Log;
import com.sshtools.common.publickey.SshEd25519PrivateKey;
import com.sshtools.common.publickey.SshKeyPairGenerator;
import com.sshtools.common.ssh.SshException;
import com.sshtools.common.ssh.SshKeyFingerprint;
import com.sshtools.common.ssh.components.ComponentFactory;
import com.sshtools.common.ssh.components.ComponentManager;
import com.sshtools.common.ssh.components.Digest;
import com.sshtools.common.ssh.components.SshCipher;
import com.sshtools.common.ssh.components.SshDsaPrivateKey;
import com.sshtools.common.ssh.components.SshDsaPublicKey;
import com.sshtools.common.ssh.components.SshHmac;
import com.sshtools.common.ssh.components.SshKeyPair;
import com.sshtools.common.ssh.components.SshPublicKey;
import com.sshtools.common.ssh.components.SshRsaPrivateCrtKey;
import com.sshtools.common.ssh.components.SshRsaPrivateKey;
import com.sshtools.common.ssh.components.SshRsaPublicKey;
import com.sshtools.common.ssh.components.SshSecureRandomGenerator;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.ECGenParameterSpec;

/* loaded from: input_file:com/sshtools/common/ssh/components/jce/JCEComponentManager.class */
public class JCEComponentManager extends ComponentManager implements JCEAlgorithms {
    SecureRND rnd;

    public JCEComponentManager() {
        if (System.getProperty("maverick.enableBCProvider", "true").equalsIgnoreCase("false") || JCEProvider.isBCDisabled()) {
            if (Log.isDebugEnabled()) {
                Log.debug("Automatic configuration of BouncyCastle is disabled", new Object[0]);
            }
            JCEProvider.disableBouncyCastle();
            return;
        }
        try {
            JCEProvider.enableBouncyCastle(false);
        } catch (IllegalStateException e) {
            Log.error("Bouncycastle JCE not found in classpath", new Object[0]);
        }
        try {
            enableEd25519Provider();
        } catch (IllegalStateException e2) {
            if (Boolean.getBoolean("maverick.verbose")) {
                Log.warn("ed25519 provider not installed. Support for ed25519 keys cannot be enabled", e2, new Object[0]);
            } else {
                Log.warn("ed25519 provider not installed. Support for ed25519 keys cannot be enabled", new Object[0]);
            }
        }
    }

    private void enableEd25519Provider() {
        try {
            Security.addProvider((Provider) Class.forName("net.i2p.crypto.eddsa.EdDSASecurityProvider").newInstance());
        } catch (ClassNotFoundException | IllegalAccessException | InstantiationException e) {
            throw new IllegalStateException(e.getMessage(), e);
        }
    }

    public static void initializeDefaultProvider(Provider provider) {
        JCEProvider.initializeDefaultProvider(provider);
    }

    public static void initializeProviderForAlgorithm(String str, Provider provider) {
        JCEProvider.initializeProviderForAlgorithm(str, provider);
    }

    public static String getSecureRandomAlgorithm() {
        return JCEProvider.getSecureRandomAlgorithm();
    }

    public static void setSecureRandomAlgorithm(String str) {
        JCEProvider.setSecureRandomAlgorithm(str);
    }

    public static Provider getProviderForAlgorithm(String str) {
        return JCEProvider.getProviderForAlgorithm(str);
    }

    public static SecureRandom getSecureRandom() throws NoSuchAlgorithmException {
        return JCEProvider.getSecureRandom();
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    public SshDsaPrivateKey createDsaPrivateKey(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3, BigInteger bigInteger4, BigInteger bigInteger5) throws SshException {
        return new Ssh2DsaPrivateKey(bigInteger, bigInteger2, bigInteger3, bigInteger4, bigInteger5);
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    public SshDsaPublicKey createDsaPublicKey(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3, BigInteger bigInteger4) throws SshException {
        try {
            return new Ssh2DsaPublicKey(bigInteger, bigInteger2, bigInteger3, bigInteger4);
        } catch (Throwable th) {
            throw new SshException(th);
        }
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    public SshDsaPublicKey createDsaPublicKey() {
        return new Ssh2DsaPublicKey();
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    public SshRsaPrivateCrtKey createRsaPrivateCrtKey(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3, BigInteger bigInteger4, BigInteger bigInteger5, BigInteger bigInteger6) throws SshException {
        try {
            return new Ssh2RsaPrivateCrtKey(bigInteger, bigInteger2, bigInteger3, bigInteger4, bigInteger5, bigInteger3.mod(bigInteger4.subtract(BigInteger.ONE)), bigInteger3.mod(bigInteger5.subtract(BigInteger.ONE)), bigInteger6);
        } catch (Throwable th) {
            throw new SshException(th);
        }
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    public SshRsaPrivateCrtKey createRsaPrivateCrtKey(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3, BigInteger bigInteger4, BigInteger bigInteger5, BigInteger bigInteger6, BigInteger bigInteger7, BigInteger bigInteger8) throws SshException {
        try {
            return new Ssh2RsaPrivateCrtKey(bigInteger, bigInteger2, bigInteger3, bigInteger4, bigInteger5, bigInteger6, bigInteger7, bigInteger8);
        } catch (Throwable th) {
            throw new SshException(th);
        }
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    public SshRsaPrivateKey createRsaPrivateKey(BigInteger bigInteger, BigInteger bigInteger2) throws SshException {
        try {
            return new Ssh2RsaPrivateKey(bigInteger, bigInteger2);
        } catch (Throwable th) {
            throw new SshException(th);
        }
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    public SshRsaPublicKey createRsaPublicKey(BigInteger bigInteger, BigInteger bigInteger2) throws SshException {
        try {
            return new Ssh2RsaPublicKey(bigInteger, bigInteger2);
        } catch (Throwable th) {
            throw new SshException(th);
        }
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    public SshRsaPublicKey createSsh2RsaPublicKey() throws SshException {
        return new Ssh2RsaPublicKey();
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    public SshKeyPair generateDsaKeyPair(int i) throws SshException {
        try {
            KeyPairGenerator keyPairGenerator = JCEProvider.getProviderForAlgorithm(JCEAlgorithms.JCE_DSA) == null ? KeyPairGenerator.getInstance(JCEAlgorithms.JCE_DSA) : KeyPairGenerator.getInstance(JCEAlgorithms.JCE_DSA, JCEProvider.getProviderForAlgorithm(JCEAlgorithms.JCE_DSA));
            keyPairGenerator.initialize(i);
            KeyPair genKeyPair = keyPairGenerator.genKeyPair();
            PrivateKey privateKey = genKeyPair.getPrivate();
            PublicKey publicKey = genKeyPair.getPublic();
            SshKeyPair sshKeyPair = new SshKeyPair();
            sshKeyPair.setPrivateKey(new Ssh2DsaPrivateKey((DSAPrivateKey) privateKey, (DSAPublicKey) publicKey));
            sshKeyPair.setPublicKey(new Ssh2DsaPublicKey((DSAPublicKey) publicKey));
            return sshKeyPair;
        } catch (NoSuchAlgorithmException e) {
            throw new SshException(e);
        }
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    public SshKeyPair generateRsaKeyPair(int i, int i2) throws SshException {
        try {
            KeyPairGenerator keyPairGenerator = JCEProvider.getProviderForAlgorithm("RSA") == null ? KeyPairGenerator.getInstance("RSA") : KeyPairGenerator.getInstance("RSA", JCEProvider.getProviderForAlgorithm("RSA"));
            keyPairGenerator.initialize(i);
            KeyPair genKeyPair = keyPairGenerator.genKeyPair();
            PrivateKey privateKey = genKeyPair.getPrivate();
            PublicKey publicKey = genKeyPair.getPublic();
            SshKeyPair sshKeyPair = new SshKeyPair();
            if (!(privateKey instanceof RSAPrivateCrtKey)) {
                throw new SshException("RSA key generation requires RSAPrivateCrtKey as private key type.", 16);
            }
            sshKeyPair.setPrivateKey(new Ssh2RsaPrivateCrtKey((RSAPrivateCrtKey) privateKey));
            sshKeyPair.setPublicKey(new Ssh2RsaPublicKey((RSAPublicKey) publicKey));
            return sshKeyPair;
        } catch (NoSuchAlgorithmException e) {
            throw new SshException(e);
        }
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    public SshKeyPair generateEcdsaKeyPair(int i) throws SshException {
        String str;
        switch (i) {
            case 256:
                str = "secp256r1";
                break;
            case 384:
                str = "secp384r1";
                break;
            case 521:
                str = "secp521r1";
                break;
            default:
                throw new SshException("Unsupported size " + i + " for ECDSA key (256,384,521 supported)", 4);
        }
        try {
            ECGenParameterSpec eCGenParameterSpec = new ECGenParameterSpec(str);
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(JCEProvider.getECDSAAlgorithmName());
            keyPairGenerator.initialize(eCGenParameterSpec, JCEProvider.getSecureRandom());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            SshKeyPair sshKeyPair = new SshKeyPair();
            sshKeyPair.setPrivateKey(new Ssh2EcdsaSha2NistPrivateKey((ECPrivateKey) generateKeyPair.getPrivate(), str));
            sshKeyPair.setPublicKey(new Ssh2EcdsaSha2NistPublicKey((ECPublicKey) generateKeyPair.getPublic(), str));
            return sshKeyPair;
        } catch (Exception e) {
            throw new SshException(e);
        }
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    public SshSecureRandomGenerator getRND() throws SshException {
        try {
            return this.rnd == null ? new SecureRND() : this.rnd;
        } catch (NoSuchAlgorithmException e) {
            throw new SshException(e);
        }
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    protected void initializeDigestFactory(ComponentFactory<Digest> componentFactory) {
        if (testDigest("MD5", MD5Digest.class)) {
            componentFactory.add("MD5", MD5Digest.class);
        }
        if (testDigest("SHA-1", SHA1Digest.class)) {
            componentFactory.add("SHA-1", SHA1Digest.class);
        }
        if (testDigest("SHA1", SHA1Digest.class)) {
            componentFactory.add("SHA1", SHA1Digest.class);
        }
        if (testDigest(JCEAlgorithms.JCE_SHA256, SHA256Digest.class)) {
            componentFactory.add(JCEAlgorithms.JCE_SHA256, SHA256Digest.class);
            componentFactory.add(SshKeyFingerprint.SHA256_FINGERPRINT, SHA256Digest.class);
        }
        if (testDigest(JCEAlgorithms.JCE_SHA384, SHA384Digest.class)) {
            componentFactory.add(JCEAlgorithms.JCE_SHA384, SHA384Digest.class);
            componentFactory.add("SHA384", SHA384Digest.class);
        }
        if (testDigest(JCEAlgorithms.JCE_SHA512, SHA512Digest.class)) {
            componentFactory.add(JCEAlgorithms.JCE_SHA512, SHA512Digest.class);
            componentFactory.add("SHA512", SHA512Digest.class);
        }
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    protected void initializeHmacFactory(ComponentFactory<SshHmac> componentFactory) {
        if (testHMac("hmac-sha256", HmacSha256.class)) {
            componentFactory.add("hmac-sha256", HmacSha256.class);
            componentFactory.add("hmac-sha2-256", HmacSha256.class);
            componentFactory.add("hmac-sha256@ssh.com", HmacSha256_at_ssh_dot_com.class);
            componentFactory.add("hmac-sha2-256-etm@openssh.com", HmacSha256ETM.class);
        }
        if (testHMac("hmac-sha2-256-96", HmacSha256_96.class)) {
            componentFactory.add("hmac-sha2-256-96", HmacSha256_96.class);
        }
        if (testHMac("hmac-sha512", HmacSha512.class)) {
            componentFactory.add("hmac-sha512", HmacSha512.class);
            componentFactory.add("hmac-sha2-512", HmacSha512.class);
            componentFactory.add("hmac-sha512@ssh.com", HmacSha512.class);
            componentFactory.add("hmac-sha2-512-etm@openssh.com", HmacSha512ETM.class);
        }
        if (testHMac("hmac-sha2-512-96", HmacSha512_96.class)) {
            componentFactory.add("hmac-sha2-512-96", HmacSha512_96.class);
        }
        if (testHMac("hmac-sha1", HmacSha1.class)) {
            componentFactory.add("hmac-sha1", HmacSha1.class);
            componentFactory.add("hmac-sha1-etm@openssh.com", HmacSha1ETM.class);
        }
        if (testHMac("hmac-sha1-96", HmacSha196.class)) {
            componentFactory.add("hmac-sha1-96", HmacSha196.class);
        }
        if (testHMac("hmac-ripemd160", HmacRipeMd160.class)) {
            componentFactory.add("hmac-ripemd160", HmacRipeMd160.class);
            componentFactory.add("hmac-ripemd160@openssh.com", HmacRipeMd160.class);
            componentFactory.add("hmac-ripemd160-etm@openssh.com", HmacRipeMd160ETM.class);
        }
        if (testHMac("hmac-md5", HmacMD5.class)) {
            componentFactory.add("hmac-md5", HmacMD5.class);
            componentFactory.add("hmac-md5-etm@openssh.com", HmacMD5ETM.class);
        }
        if (testHMac("hmac-md5-96", HmacMD596.class)) {
            componentFactory.add("hmac-md5-96", HmacMD596.class);
        }
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    protected void initializePublicKeyFactory(ComponentFactory<SshPublicKey> componentFactory) {
        testPublicKey(SshKeyPairGenerator.SSH2_DSA, Ssh2DsaPublicKey.class, componentFactory);
        testPublicKey(SshKeyPairGenerator.SSH2_RSA, Ssh2RsaPublicKey.class, componentFactory);
        testPublicKey("rsa-sha2-256", Ssh2RsaPublicKeySHA256.class, componentFactory);
        testPublicKey("rsa-sha2-512", Ssh2RsaPublicKeySHA512.class, componentFactory);
        testPublicKey(SshX509RsaPublicKey.X509V3_SIGN_RSA, SshX509RsaPublicKey.class, componentFactory);
        testPublicKey(SshX509DsaPublicKey.X509V3_SIGN_DSA, SshX509DsaPublicKey.class, componentFactory);
        testPublicKey(SshX509RsaSha1PublicKey.X509V3_SIGN_RSA_SHA1, SshX509RsaSha1PublicKey.class, componentFactory);
        testPublicKey(SshX509RsaPublicKeyRfc6187.X509V3_SSH_RSA, SshX509RsaPublicKeyRfc6187.class, componentFactory);
        testPublicKey(SshX509DsaPublicKeyRfc6187.X509V3_SSH_DSS, SshX509DsaPublicKeyRfc6187.class, componentFactory);
        testPublicKey("x509v3-ecdsa-sha2-nistp256", SshX509EcdsaSha2Nist256Rfc6187.class, componentFactory);
        testPublicKey("x509v3-ecdsa-sha2-nistp384", SshX509EcdsaSha2Nist384Rfc6187.class, componentFactory);
        testPublicKey("x509v3-ecdsa-sha2-nistp521", SshX509EcdsaSha2Nist521Rfc6187.class, componentFactory);
        testPublicKey("ecdsa-sha2-nistp256", Ssh2EcdsaSha2Nist256PublicKey.class, componentFactory);
        testPublicKey("ecdsa-sha2-nistp384", Ssh2EcdsaSha2Nist384PublicKey.class, componentFactory);
        testPublicKey("ecdsa-sha2-nistp521", Ssh2EcdsaSha2Nist521PublicKey.class, componentFactory);
        testPublicKey(SshX509Rsa2048Sha256Rfc6187.X509V3_SSH_RSA, SshX509Rsa2048Sha256Rfc6187.class, componentFactory);
        testPublicKey(OpenSshRsaCertificate.SSH_RSA_CERT_V01, OpenSshRsaCertificate.class, componentFactory);
        testPublicKey(OpenSshDsaCertificate.SSH_DSS_CERT_V01, OpenSshDsaCertificate.class, componentFactory);
        testPublicKey("ecdsa-sha2-nistp256-cert-v01@openssh.com", OpenSshEcdsaSha2Nist256Certificate.class, componentFactory);
        testPublicKey("ecdsa-sha2-nistp384-cert-v01@openssh.com", OpenSshEcdsaSha2Nist256Certificate.class, componentFactory);
        testPublicKey("ecdsa-sha2-nistp521-cert-v01@openssh.com", OpenSshEcdsaSha2Nist256Certificate.class, componentFactory);
        testPublicKey(SshEd25519PublicKey.ALGORITHM_NAME, SshEd25519PublicKey.class, componentFactory);
    }

    private void testPublicKey(String str, Class<? extends SshPublicKey> cls, ComponentFactory<SshPublicKey> componentFactory) {
        if (System.getProperties().containsKey(String.format("disable.%s", str))) {
            if (Log.isDebugEnabled()) {
                Log.debug(String.format("   %s WILL NOT be supported because it has been explicitly disabled by a system property", str), new Object[0]);
                return;
            }
            return;
        }
        try {
            String test = cls.newInstance().test();
            if (Log.isDebugEnabled()) {
                Log.debug("   " + str + " will be supported using JCE Provider " + test, new Object[0]);
            }
            componentFactory.add(str, cls);
        } catch (Throwable th) {
            if (Log.isDebugEnabled()) {
                Log.debug("   " + str + " will not be supported: " + th.getMessage(), new Object[0]);
            }
        }
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    protected void initializeSsh2CipherFactory(ComponentFactory<SshCipher> componentFactory) {
        if (testJCECipher("aes128-ctr", AES128Ctr.class)) {
            componentFactory.add("aes128-ctr", AES128Ctr.class);
        }
        if (testJCECipher("aes192-ctr", AES192Ctr.class)) {
            componentFactory.add("aes192-ctr", AES192Ctr.class);
        }
        if (testJCECipher("aes256-ctr", AES256Ctr.class)) {
            componentFactory.add("aes256-ctr", AES256Ctr.class);
        }
        if (testJCECipher("3des-ctr", TripleDesCtr.class)) {
            componentFactory.add("3des-ctr", TripleDesCtr.class);
        }
        if (testJCECipher("3des-cbc", TripleDesCbc.class)) {
            componentFactory.add("3des-cbc", TripleDesCbc.class);
        }
        if (testJCECipher("blowfish-cbc", BlowfishCbc.class)) {
            componentFactory.add("blowfish-cbc", BlowfishCbc.class);
        }
        if (testJCECipher("aes128-cbc", AES128Cbc.class)) {
            componentFactory.add("aes128-cbc", AES128Cbc.class);
            componentFactory.remove("aes128-cbc");
        }
        if (testJCECipher("aes192-cbc", AES192Cbc.class)) {
            componentFactory.add("aes192-cbc", AES192Cbc.class);
            componentFactory.remove("aes192-cbc");
        }
        if (testJCECipher("aes256-cbc", AES256Cbc.class)) {
            componentFactory.add("aes256-cbc", AES256Cbc.class);
            componentFactory.remove("aes256-cbc");
        }
        if (testJCECipher("arcfour", ArcFour.class)) {
            componentFactory.add("arcfour", ArcFour.class);
        }
        if (testJCECipher("arcfour128", ArcFour128.class)) {
            componentFactory.add("arcfour128", ArcFour128.class);
        }
        if (testJCECipher("arcfour256", ArcFour256.class)) {
            componentFactory.add("arcfour256", ArcFour256.class);
        }
        if (testJCECipher("aes128-gcm@openssh.com", AES128Gcm.class)) {
            componentFactory.add("aes128-gcm@openssh.com", AES128Gcm.class);
        }
        if (testJCECipher("aes256-gcm@openssh.com", AES256Gcm.class)) {
            componentFactory.add("aes256-gcm@openssh.com", AES256Gcm.class);
        }
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    public SshKeyPair[] loadKeystore(InputStream inputStream, String str, String str2, String str3) throws IOException {
        return loadKeystore(inputStream, str, str2, str3, "PKCS12");
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    public SshKeyPair[] loadKeystore(InputStream inputStream, String str, String str2, String str3, String str4) throws IOException {
        try {
            KeyStore keyStore = KeyStore.getInstance(str4);
            keyStore.load(inputStream, str2.toCharArray());
            Key key = keyStore.getKey(str, str3.toCharArray());
            X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(str);
            Certificate[] certificateChain = keyStore.getCertificateChain(str);
            String algorithm = key.getAlgorithm();
            SshKeyPair sshKeyPair = new SshKeyPair();
            if (algorithm.equals("RSA")) {
                if (x509Certificate.getSigAlgName().equalsIgnoreCase(JCEAlgorithms.JCE_SHA1WithRSA)) {
                    sshKeyPair.setPublicKey(new SshX509RsaSha1PublicKey(x509Certificate));
                    sshKeyPair.setPrivateKey(new Ssh2RsaPrivateKey((RSAPrivateKey) key));
                    SshKeyPair sshKeyPair2 = new SshKeyPair();
                    sshKeyPair2.setPublicKey(new SshX509RsaPublicKey(x509Certificate));
                    sshKeyPair2.setPrivateKey(new Ssh2RsaPrivateKey((RSAPrivateKey) key));
                    SshKeyPair sshKeyPair3 = new SshKeyPair();
                    sshKeyPair3.setPublicKey(new SshX509RsaPublicKeyRfc6187(certificateChain));
                    sshKeyPair3.setPrivateKey(new Ssh2RsaPrivateKey((RSAPrivateKey) key));
                    return new SshKeyPair[]{sshKeyPair, sshKeyPair2, sshKeyPair3};
                }
                if (x509Certificate.getSigAlgName().equalsIgnoreCase(JCEAlgorithms.JCE_SHA256WithRSA) && ((RSAPublicKey) x509Certificate.getPublicKey()).getModulus().bitLength() >= 2048) {
                    sshKeyPair.setPublicKey(new SshX509Rsa2048Sha256Rfc6187(certificateChain));
                    sshKeyPair.setPrivateKey(new Ssh2RsaPrivateKey((RSAPrivateKey) key));
                    if (!Boolean.getBoolean("maverick.backwardCompatibleSHA2")) {
                        return new SshKeyPair[]{sshKeyPair};
                    }
                    SshKeyPair sshKeyPair4 = new SshKeyPair();
                    sshKeyPair4.setPublicKey(new SshX509RsaPublicKey(x509Certificate));
                    sshKeyPair4.setPrivateKey(new Ssh2RsaPrivateKey((RSAPrivateKey) key));
                    return new SshKeyPair[]{sshKeyPair, sshKeyPair4};
                }
            } else if (algorithm.equals(JCEAlgorithms.JCE_DSA)) {
                sshKeyPair.setPublicKey(new SshX509DsaPublicKey(x509Certificate));
                sshKeyPair.setPrivateKey(new Ssh2DsaPrivateKey((DSAPrivateKey) key, (DSAPublicKey) x509Certificate.getPublicKey()));
                SshKeyPair sshKeyPair5 = new SshKeyPair();
                sshKeyPair5.setPublicKey(new SshX509DsaPublicKeyRfc6187(certificateChain));
                sshKeyPair5.setPrivateKey(new Ssh2DsaPrivateKey((DSAPrivateKey) key));
                return new SshKeyPair[]{sshKeyPair, sshKeyPair5};
            }
            throw new IOException(algorithm + " is an unsupported certificate type");
        } catch (Throwable th) {
            throw new IOException("Could not load keystore from stream: " + th.getMessage());
        }
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    public SshKeyPair[] loadKeystore(File file, String str, String str2, String str3) throws IOException {
        return loadKeystore(file, str, str2, str3, "PKCS12");
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    public SshKeyPair[] loadKeystore(File file, String str, String str2, String str3, String str4) throws IOException {
        return loadKeystore(new FileInputStream(file), str, str2, str3, str4);
    }

    public boolean testJCECipher(String str, Class<? extends SshCipher> cls) {
        if (System.getProperties().containsKey(String.format("disable.%s", str))) {
            if (!Log.isDebugEnabled()) {
                return false;
            }
            Log.debug(String.format("   %s WILL NOT be supported because it has been explicitly disabled by a system property", str), new Object[0]);
            return false;
        }
        try {
            SshCipher newInstance = cls.newInstance();
            byte[] bArr = new byte[1024];
            getSecureRandom().nextBytes(bArr);
            newInstance.init(0, bArr, bArr);
            if (!(newInstance instanceof AbstractJCECipher) || !Log.isDebugEnabled()) {
                return true;
            }
            Log.debug("   " + str + " will be supported using JCE Provider " + ((AbstractJCECipher) newInstance).getProvider(), new Object[0]);
            return true;
        } catch (Throwable th) {
            if (!Log.isDebugEnabled()) {
                return false;
            }
            Log.debug("   " + str + " WILL NOT be supported: " + th.getMessage(), new Object[0]);
            return false;
        }
    }

    public static boolean testDigest(String str, Class<? extends Digest> cls) {
        if (System.getProperties().containsKey(String.format("disable.%s", str))) {
            if (!Log.isDebugEnabled()) {
                return false;
            }
            Log.debug(String.format("   %s WILL NOT be supported because it has been explicitly disabled by a system property", str), new Object[0]);
            return false;
        }
        Object obj = null;
        try {
            obj = (Digest) cls.newInstance();
            if (!(obj instanceof AbstractDigest) || !Log.isDebugEnabled()) {
                return true;
            }
            Log.debug("   " + str + " will be supported using JCE Provider " + ((AbstractDigest) obj).getProvider(), new Object[0]);
            return true;
        } catch (Throwable th) {
            if (!Log.isDebugEnabled()) {
                return false;
            }
            if (obj == null || ((AbstractDigest) obj).getProvider() == null) {
                Log.debug("   " + str + " WILL NOT be supported: " + th.getMessage(), new Object[0]);
                return false;
            }
            Log.debug("   " + str + " WILL NOT be supported from JCE Provider " + ((AbstractDigest) obj).getProvider() + ": " + th.getMessage(), new Object[0]);
            return false;
        }
    }

    private boolean testHMac(String str, Class<? extends SshHmac> cls) {
        if (System.getProperties().containsKey(String.format("disable.%s", str))) {
            if (!Log.isDebugEnabled()) {
                return false;
            }
            Log.debug(String.format("   %s WILL NOT be supported because it has been explicitly disabled by a system property", str), new Object[0]);
            return false;
        }
        try {
            SshHmac newInstance = cls.newInstance();
            newInstance.init(new byte[1024]);
            if (!(newInstance instanceof AbstractHmac) || !Log.isDebugEnabled()) {
                return true;
            }
            Log.debug("   " + str + " will be supported using JCE Provider " + ((AbstractHmac) newInstance).getProvider(), new Object[0]);
            return true;
        } catch (Throwable th) {
            if (!Log.isDebugEnabled()) {
                return false;
            }
            Log.debug("   " + str + " WILL NOT be supported: " + th.getMessage(), new Object[0]);
            return false;
        }
    }

    @Override // com.sshtools.common.ssh.components.ComponentManager
    public SshKeyPair generateEd25519KeyPair() throws SshException {
        try {
            KeyPair generateKeyPair = KeyPairGenerator.getInstance("EdDSA", "EdDSA").generateKeyPair();
            SshKeyPair sshKeyPair = new SshKeyPair();
            sshKeyPair.setPrivateKey(new SshEd25519PrivateKey(generateKeyPair.getPrivate()));
            sshKeyPair.setPublicKey(new SshEd25519PublicKey(generateKeyPair.getPublic()));
            return sshKeyPair;
        } catch (NoSuchAlgorithmException | NoSuchProviderException e) {
            if (Log.isErrorEnabled()) {
                Log.error("ed25519 keys are not supported with the current configuration", e, new Object[0]);
            }
            throw new SshException("ed25519 keys are not supported with the current configuration", 4);
        }
    }

    public static ComponentManager getDefaultInstance() {
        return getInstance();
    }
}
