package com.sshtools.client;

import com.sshtools.common.logger.Log;
import com.sshtools.common.publickey.SignatureGenerator;
import com.sshtools.common.ssh.SshException;
import com.sshtools.common.ssh.components.SshPublicKey;
import com.sshtools.common.util.ByteArrayReader;
import com.sshtools.common.util.ByteArrayWriter;
import com.sshtools.synergy.ssh.Connection;
import com.sshtools.synergy.ssh.ConnectionProtocol;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Objects;

/* loaded from: classes.dex */
public class ExternalKeyAuthenticator extends SimpleClientAuthenticator implements ClientAuthenticator, SignatureGenerator {
    public static final int SSH_MSG_USERAUTH_PK_OK = 60;
    Collection<SshPublicKey> publicKeys;
    SignatureGenerator signatureGenerator;
    TransportProtocolClient transport;
    String username;
    boolean isAuthenticating = false;
    SshPublicKey authenticatingKey = null;

    public ExternalKeyAuthenticator() {
    }

    public ExternalKeyAuthenticator(SignatureGenerator signatureGenerator) {
        this.signatureGenerator = signatureGenerator;
    }

    private void writePublicKey(ByteArrayWriter byteArrayWriter, SshPublicKey sshPublicKey) throws IOException, SshException {
        byteArrayWriter.writeString(sshPublicKey.getAlgorithm());
        byteArrayWriter.writeBinaryString(sshPublicKey.getEncoded());
    }

    @Override // com.sshtools.client.ClientAuthenticator
    public void authenticate(TransportProtocolClient transportProtocolClient, String str) throws SshException, IOException {
        onStartAuthentication(transportProtocolClient.getConnection());
        this.transport = transportProtocolClient;
        this.username = str;
        this.publicKeys = new ArrayList(getSignatureGenerator(transportProtocolClient.getConnection()).getPublicKeys());
        doPublicKeyAuth();
    }

    void doPublicKeyAuth() throws SshException, IOException {
        try {
            final byte[] generateAuthenticationRequest = generateAuthenticationRequest(generateSignatureData());
            this.transport.postMessage(new AuthenticationMessage(this.username, ConnectionProtocol.SERVICE_NAME, "publickey") { // from class: com.sshtools.client.ExternalKeyAuthenticator.1
                @Override // com.sshtools.client.AuthenticationMessage, com.sshtools.common.sshd.SshMessage
                public boolean writeMessageIntoBuffer(ByteBuffer byteBuffer) {
                    super.writeMessageIntoBuffer(byteBuffer);
                    byteBuffer.put(generateAuthenticationRequest);
                    return true;
                }
            });
        } catch (SshException e) {
            Log.error("Public key operation failed", e, new Object[0]);
            failure();
        } catch (IOException e2) {
            Log.error("Public key operation failed", e2, new Object[0]);
            failure();
        }
    }

    byte[] generateAuthenticationRequest(byte[] bArr) throws IOException, SshException {
        ByteArrayWriter byteArrayWriter = new ByteArrayWriter();
        try {
            byteArrayWriter.writeBoolean(this.isAuthenticating);
            writePublicKey(byteArrayWriter, this.authenticatingKey);
            if (this.isAuthenticating) {
                SignatureGenerator signatureGenerator = this.signatureGenerator;
                SshPublicKey sshPublicKey = this.authenticatingKey;
                byteArrayWriter.writeBinaryString(signatureGenerator.sign(sshPublicKey, sshPublicKey.getSigningAlgorithm(), bArr));
            }
            return byteArrayWriter.toByteArray();
        } finally {
            byteArrayWriter.close();
        }
    }

    byte[] generateSignatureData() throws IOException, SshException {
        if (Objects.isNull(this.authenticatingKey) && !this.publicKeys.isEmpty()) {
            this.authenticatingKey = this.publicKeys.iterator().next();
        }
        if (Objects.isNull(this.authenticatingKey)) {
            throw new IOException("No suitable key found");
        }
        ByteArrayWriter byteArrayWriter = new ByteArrayWriter();
        try {
            byteArrayWriter.writeBinaryString(this.transport.getSessionKey());
            byteArrayWriter.write(50);
            byteArrayWriter.writeString(this.username);
            byteArrayWriter.writeString(ConnectionProtocol.SERVICE_NAME);
            byteArrayWriter.writeString("publickey");
            byteArrayWriter.writeBoolean(this.isAuthenticating);
            writePublicKey(byteArrayWriter, this.authenticatingKey);
            byte[] byteArray = byteArrayWriter.toByteArray();
            byteArrayWriter.close();
            return byteArray;
        } finally {
        }
    }

    @Override // com.sshtools.client.ClientAuthenticator
    public String getName() {
        return "publickey";
    }

    @Override // com.sshtools.common.publickey.SignatureGenerator
    public Collection<SshPublicKey> getPublicKeys() throws IOException {
        return Collections.emptyList();
    }

    public SignatureGenerator getSignatureGenerator(Connection<SshClientContext> connection) {
        return Objects.isNull(this.signatureGenerator) ? this : this.signatureGenerator;
    }

    protected void onStartAuthentication(Connection<SshClientContext> connection) {
    }

    @Override // com.sshtools.client.SimpleClientAuthenticator, com.sshtools.client.ClientAuthenticator
    public boolean processMessage(ByteArrayReader byteArrayReader) throws IOException {
        int read = byteArrayReader.read();
        if (read != 51) {
            if (read == 60) {
                this.isAuthenticating = true;
                try {
                    doPublicKeyAuth();
                } catch (SshException | IOException e) {
                    Log.error("Public key operation failed", e, new Object[0]);
                    failure();
                }
                return true;
            }
        } else if (!this.isAuthenticating) {
            this.publicKeys.remove(this.authenticatingKey);
            this.authenticatingKey = null;
            if (!this.publicKeys.isEmpty()) {
                try {
                    doPublicKeyAuth();
                } catch (SshException | IOException unused) {
                    failure();
                }
                return true;
            }
        }
        return false;
    }

    @Override // com.sshtools.common.publickey.SignatureGenerator
    public byte[] sign(SshPublicKey sshPublicKey, String str, byte[] bArr) throws SshException {
        return getSignatureGenerator(this.transport.getConnection()).sign(sshPublicKey, str, bArr);
    }
}
