package io.jenkins.cli.shaded.org.apache.sshd.common.config.keys;

import io.jenkins.cli.shaded.org.apache.sshd.common.Factory;
import io.jenkins.cli.shaded.org.apache.sshd.common.cipher.ECCurves;
import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.impl.DSSPublicKeyEntryDecoder;
import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.impl.ECDSAPublicKeyEntryDecoder;
import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.impl.OpenSSHCertificateDecoder;
import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.impl.RSAPublicKeyDecoder;
import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.impl.SkECDSAPublicKeyEntryDecoder;
import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.impl.SkED25519PublicKeyEntryDecoder;
import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.u2f.SkED25519PublicKey;
import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.u2f.SkEcdsaPublicKey;
import io.jenkins.cli.shaded.org.apache.sshd.common.digest.BuiltinDigests;
import io.jenkins.cli.shaded.org.apache.sshd.common.digest.Digest;
import io.jenkins.cli.shaded.org.apache.sshd.common.digest.DigestFactory;
import io.jenkins.cli.shaded.org.apache.sshd.common.digest.DigestUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.keyprovider.KeyPairProvider;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.GenericUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.MapEntryUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.OsUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.ValidateUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.buffer.ByteArrayBuffer;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.io.IoUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.security.SecurityUtils;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.attribute.PosixFilePermission;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.DSAKey;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECKey;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.DSAPublicKeySpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPublicKeySpec;
import java.util.AbstractMap;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.EnumSet;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.NavigableSet;
import java.util.Objects;
import java.util.Set;
import java.util.TreeMap;
import java.util.TreeSet;
import java.util.concurrent.atomic.AtomicReference;

/* loaded from: input_file:WEB-INF/lib/cli-2.358-rc32515.7b_664e5fe492.jar:io/jenkins/cli/shaded/org/apache/sshd/common/config/keys/KeyUtils.class */
public final class KeyUtils {
    public static final String RSA_ALGORITHM = "RSA";
    public static final String DSS_ALGORITHM = "DSA";
    public static final String EC_ALGORITHM = "EC";
    public static final String KEY_FINGERPRINT_FACTORY_PROP = "io.jenkins.cli.shaded.org.apache.sshd.keyFingerprintFactory";
    public static final String RSA_SHA256_KEY_TYPE_ALIAS = "rsa-sha2-256";
    public static final String RSA_SHA512_KEY_TYPE_ALIAS = "rsa-sha2-512";
    public static final String RSA_SHA256_CERT_TYPE_ALIAS = "rsa-sha2-256-cert-v01@openssh.com";
    public static final String RSA_SHA512_CERT_TYPE_ALIAS = "rsa-sha2-512-cert-v01@openssh.com";
    public static final BigInteger DEFAULT_RSA_PUBLIC_EXPONENT = new BigInteger("65537");
    public static final Set<PosixFilePermission> STRICTLY_PROHIBITED_FILE_PERMISSION = Collections.unmodifiableSet(EnumSet.of(PosixFilePermission.GROUP_READ, PosixFilePermission.GROUP_WRITE, PosixFilePermission.GROUP_EXECUTE, PosixFilePermission.OTHERS_READ, PosixFilePermission.OTHERS_WRITE, PosixFilePermission.OTHERS_EXECUTE));
    public static final DigestFactory DEFAULT_FINGERPRINT_DIGEST_FACTORY = BuiltinDigests.sha256;
    private static final AtomicReference<DigestFactory> DEFAULT_DIGEST_HOLDER = new AtomicReference<>();
    private static final Map<String, PublicKeyEntryDecoder<?, ?>> BY_KEY_TYPE_DECODERS_MAP = new TreeMap(String.CASE_INSENSITIVE_ORDER);
    private static final Map<Class<?>, PublicKeyEntryDecoder<?, ?>> BY_KEY_CLASS_DECODERS_MAP = new LinkedHashMap();
    private static final Map<String, String> KEY_TYPE_ALIASES = MapEntryUtils.NavigableMapBuilder.builder(String.CASE_INSENSITIVE_ORDER).put((MapEntryUtils.NavigableMapBuilder) "rsa-sha2-256", "ssh-rsa").put((MapEntryUtils.NavigableMapBuilder) "rsa-sha2-512", "ssh-rsa").put((MapEntryUtils.NavigableMapBuilder) "rsa-sha2-256-cert-v01@openssh.com", "ssh-rsa-cert-v01@openssh.com").put((MapEntryUtils.NavigableMapBuilder) "rsa-sha2-512-cert-v01@openssh.com", "ssh-rsa-cert-v01@openssh.com").build();
    private static final Map<String, String> SIGNATURE_ALGORITHM_MAP = MapEntryUtils.MapBuilder.builder().put((MapEntryUtils.MapBuilder) "rsa-sha2-256-cert-v01@openssh.com", "rsa-sha2-256").put((MapEntryUtils.MapBuilder) "rsa-sha2-512-cert-v01@openssh.com", "rsa-sha2-512").put((MapEntryUtils.MapBuilder) "ssh-rsa-cert-v01@openssh.com", "ssh-rsa").put((MapEntryUtils.MapBuilder) "ssh-dss-cert-v01@openssh.com", "ssh-dss").put((MapEntryUtils.MapBuilder) "ssh-ed25519-cert-v01@openssh.com", "ssh-ed25519").put((MapEntryUtils.MapBuilder) "ecdsa-sha2-nistp256-cert-v01@openssh.com", KeyPairProvider.ECDSA_SHA2_NISTP256).put((MapEntryUtils.MapBuilder) "ecdsa-sha2-nistp384-cert-v01@openssh.com", KeyPairProvider.ECDSA_SHA2_NISTP384).put((MapEntryUtils.MapBuilder) "ecdsa-sha2-nistp521-cert-v01@openssh.com", KeyPairProvider.ECDSA_SHA2_NISTP521).build();

    private KeyUtils() {
        throw new UnsupportedOperationException("No instance");
    }

    public static AbstractMap.SimpleImmutableEntry<String, Object> validateStrictKeyFilePermissions(Path path, LinkOption... linkOptionArr) throws IOException {
        PosixFilePermission validateExcludedPermissions;
        if (path == null || !Files.exists(path, linkOptionArr)) {
            return null;
        }
        Set<PosixFilePermission> permissions = IoUtils.getPermissions(path, linkOptionArr);
        if (GenericUtils.isEmpty((Collection<?>) permissions)) {
            return null;
        }
        if (permissions.contains(PosixFilePermission.OTHERS_EXECUTE)) {
            PosixFilePermission posixFilePermission = PosixFilePermission.OTHERS_EXECUTE;
            return new AbstractMap.SimpleImmutableEntry<>(String.format("Permissions violation (%s)", posixFilePermission), posixFilePermission);
        }
        if (OsUtils.isUNIX()) {
            PosixFilePermission validateExcludedPermissions2 = IoUtils.validateExcludedPermissions(permissions, STRICTLY_PROHIBITED_FILE_PERMISSION);
            if (validateExcludedPermissions2 != null) {
                return new AbstractMap.SimpleImmutableEntry<>(String.format("Permissions violation (%s)", validateExcludedPermissions2), validateExcludedPermissions2);
            }
            if (Files.isRegularFile(path, linkOptionArr) && (validateExcludedPermissions = IoUtils.validateExcludedPermissions(IoUtils.getPermissions(path.getParent(), linkOptionArr), STRICTLY_PROHIBITED_FILE_PERMISSION)) != null) {
                return new AbstractMap.SimpleImmutableEntry<>(String.format("Parent permissions violation (%s)", validateExcludedPermissions), validateExcludedPermissions);
            }
        }
        String fileOwner = IoUtils.getFileOwner(path, linkOptionArr);
        if (GenericUtils.isEmpty(fileOwner)) {
            return null;
        }
        String currentUser = OsUtils.getCurrentUser();
        HashSet hashSet = new HashSet();
        hashSet.add(currentUser);
        if (OsUtils.isUNIX()) {
            hashSet.add("root");
        }
        if (!hashSet.contains(fileOwner)) {
            return new AbstractMap.SimpleImmutableEntry<>(String.format("Owner violation (%s)", fileOwner), fileOwner);
        }
        if (!OsUtils.isUNIX() || !Files.isRegularFile(path, linkOptionArr)) {
            return null;
        }
        String fileOwner2 = IoUtils.getFileOwner(path.getParent(), linkOptionArr);
        if (GenericUtils.isEmpty(fileOwner2) || hashSet.contains(fileOwner2)) {
            return null;
        }
        return new AbstractMap.SimpleImmutableEntry<>(String.format("Parent owner violation (%s)", fileOwner2), fileOwner2);
    }

    public static KeyPair generateKeyPair(String str, int i) throws GeneralSecurityException {
        PublicKeyEntryDecoder<?, ?> publicKeyEntryDecoder = getPublicKeyEntryDecoder(str);
        if (publicKeyEntryDecoder == null) {
            throw new InvalidKeySpecException("No decoder for key type=" + str);
        }
        return publicKeyEntryDecoder.generateKeyPair(i);
    }

    public static KeyPair cloneKeyPair(String str, KeyPair keyPair) throws GeneralSecurityException {
        PublicKeyEntryDecoder<?, ?> publicKeyEntryDecoder = getPublicKeyEntryDecoder(str);
        if (publicKeyEntryDecoder == null) {
            throw new InvalidKeySpecException("No decoder for key type=" + str);
        }
        return publicKeyEntryDecoder.cloneKeyPair(keyPair);
    }

    public static void registerPublicKeyEntryDecoder(PublicKeyEntryDecoder<?, ?> publicKeyEntryDecoder) {
        Objects.requireNonNull(publicKeyEntryDecoder, "No decoder specified");
        Class<?> cls = (Class) Objects.requireNonNull(publicKeyEntryDecoder.getPublicKeyType(), "No public key type declared");
        Class<?> cls2 = (Class) Objects.requireNonNull(publicKeyEntryDecoder.getPrivateKeyType(), "No private key type declared");
        synchronized (BY_KEY_CLASS_DECODERS_MAP) {
            BY_KEY_CLASS_DECODERS_MAP.put(cls, publicKeyEntryDecoder);
            BY_KEY_CLASS_DECODERS_MAP.put(cls2, publicKeyEntryDecoder);
        }
        registerPublicKeyEntryDecoderKeyTypes(publicKeyEntryDecoder);
    }

    /* JADX WARN: Removed duplicated region for block: B:4:0x0028  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void registerPublicKeyEntryDecoderKeyTypes(io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.PublicKeyEntryDecoder<?, ?> r4) {
        /*
            r0 = r4
            java.lang.String r1 = "No decoder specified"
            java.lang.Object r0 = java.util.Objects.requireNonNull(r0, r1)
            r0 = r4
            java.util.NavigableSet r0 = r0.getSupportedKeyTypes()
            java.lang.String r1 = "No supported key types"
            r2 = 0
            java.lang.Object[] r2 = new java.lang.Object[r2]
            java.util.Collection r0 = io.jenkins.cli.shaded.org.apache.sshd.common.util.ValidateUtils.checkNotNullAndNotEmpty(r0, r1, r2)
            r5 = r0
            r0 = r5
            java.util.Iterator r0 = r0.iterator()
            r6 = r0
        L1f:
            r0 = r6
            boolean r0 = r0.hasNext()
            if (r0 == 0) goto L44
            r0 = r6
            java.lang.Object r0 = r0.next()
            java.lang.String r0 = (java.lang.String) r0
            r7 = r0
            r0 = r7
            r1 = r4
            io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.PublicKeyEntryDecoder r0 = registerPublicKeyEntryDecoderForKeyType(r0, r1)
            r8 = r0
            r0 = r8
            if (r0 == 0) goto L41
            goto L1f
        L41:
            goto L1f
        L44:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.KeyUtils.registerPublicKeyEntryDecoderKeyTypes(io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.PublicKeyEntryDecoder):void");
    }

    public static PublicKeyEntryDecoder<?, ?> registerPublicKeyEntryDecoderForKeyType(String str, PublicKeyEntryDecoder<?, ?> publicKeyEntryDecoder) {
        PublicKeyEntryDecoder<?, ?> put;
        String checkNotNullAndNotEmpty = ValidateUtils.checkNotNullAndNotEmpty(str, "No key type specified");
        Objects.requireNonNull(publicKeyEntryDecoder, "No decoder specified");
        synchronized (BY_KEY_TYPE_DECODERS_MAP) {
            put = BY_KEY_TYPE_DECODERS_MAP.put(checkNotNullAndNotEmpty, publicKeyEntryDecoder);
        }
        return put;
    }

    public static NavigableSet<String> unregisterPublicKeyEntryDecoder(PublicKeyEntryDecoder<?, ?> publicKeyEntryDecoder) {
        Objects.requireNonNull(publicKeyEntryDecoder, "No decoder specified");
        Class cls = (Class) Objects.requireNonNull(publicKeyEntryDecoder.getPublicKeyType(), "No public key type declared");
        Class cls2 = (Class) Objects.requireNonNull(publicKeyEntryDecoder.getPrivateKeyType(), "No private key type declared");
        synchronized (BY_KEY_CLASS_DECODERS_MAP) {
            BY_KEY_CLASS_DECODERS_MAP.remove(cls);
            BY_KEY_CLASS_DECODERS_MAP.remove(cls2);
        }
        return unregisterPublicKeyEntryDecoderKeyTypes(publicKeyEntryDecoder);
    }

    public static NavigableSet<String> unregisterPublicKeyEntryDecoderKeyTypes(PublicKeyEntryDecoder<?, ?> publicKeyEntryDecoder) {
        Objects.requireNonNull(publicKeyEntryDecoder, "No decoder specified");
        Collection<String> checkNotNullAndNotEmpty = ValidateUtils.checkNotNullAndNotEmpty(publicKeyEntryDecoder.getSupportedKeyTypes(), "No supported key types", new Object[0]);
        NavigableSet<String> emptyNavigableSet = Collections.emptyNavigableSet();
        for (String str : checkNotNullAndNotEmpty) {
            if (unregisterPublicKeyEntryDecoderForKeyType(str) != null) {
                if (emptyNavigableSet.isEmpty()) {
                    emptyNavigableSet = new TreeSet((Comparator<? super String>) String.CASE_INSENSITIVE_ORDER);
                }
                if (!emptyNavigableSet.add(str)) {
                }
            }
        }
        return emptyNavigableSet;
    }

    public static PublicKeyEntryDecoder<?, ?> unregisterPublicKeyEntryDecoderForKeyType(String str) {
        PublicKeyEntryDecoder<?, ?> remove;
        String checkNotNullAndNotEmpty = ValidateUtils.checkNotNullAndNotEmpty(str, "No key type specified");
        synchronized (BY_KEY_TYPE_DECODERS_MAP) {
            remove = BY_KEY_TYPE_DECODERS_MAP.remove(checkNotNullAndNotEmpty);
        }
        return remove;
    }

    public static PublicKeyEntryDecoder<?, ?> getPublicKeyEntryDecoder(String str) {
        PublicKeyEntryDecoder<?, ?> publicKeyEntryDecoder;
        if (GenericUtils.isEmpty(str)) {
            return null;
        }
        synchronized (BY_KEY_TYPE_DECODERS_MAP) {
            publicKeyEntryDecoder = BY_KEY_TYPE_DECODERS_MAP.get(str);
        }
        return publicKeyEntryDecoder;
    }

    public static PublicKeyEntryDecoder<?, ?> getPublicKeyEntryDecoder(KeyPair keyPair) {
        PublicKeyEntryDecoder<?, ?> publicKeyEntryDecoder;
        if (keyPair != null && (publicKeyEntryDecoder = getPublicKeyEntryDecoder(keyPair.getPublic())) == getPublicKeyEntryDecoder(keyPair.getPrivate())) {
            return publicKeyEntryDecoder;
        }
        return null;
    }

    public static PublicKeyEntryDecoder<?, ?> getPublicKeyEntryDecoder(Key key) {
        if (key == null) {
            return null;
        }
        return getPublicKeyEntryDecoder(key.getClass());
    }

    public static PublicKeyEntryDecoder<?, ?> getPublicKeyEntryDecoder(Class<?> cls) {
        if (cls == null || !Key.class.isAssignableFrom(cls)) {
            return null;
        }
        synchronized (BY_KEY_TYPE_DECODERS_MAP) {
            PublicKeyEntryDecoder<?, ?> publicKeyEntryDecoder = BY_KEY_CLASS_DECODERS_MAP.get(cls);
            if (publicKeyEntryDecoder != null) {
                return publicKeyEntryDecoder;
            }
            for (PublicKeyEntryDecoder<?, ?> publicKeyEntryDecoder2 : BY_KEY_CLASS_DECODERS_MAP.values()) {
                Class<?> publicKeyType = publicKeyEntryDecoder2.getPublicKeyType();
                Class<?> privateKeyType = publicKeyEntryDecoder2.getPrivateKeyType();
                if (publicKeyType.isAssignableFrom(cls) || privateKeyType.isAssignableFrom(cls)) {
                    return publicKeyEntryDecoder2;
                }
            }
            return null;
        }
    }

    public static DigestFactory getDefaultFingerPrintFactory() {
        synchronized (DEFAULT_DIGEST_HOLDER) {
            DigestFactory digestFactory = DEFAULT_DIGEST_HOLDER.get();
            if (digestFactory != null) {
                return digestFactory;
            }
            String property = System.getProperty(KEY_FINGERPRINT_FACTORY_PROP);
            DigestFactory digestFactory2 = GenericUtils.isEmpty(property) ? DEFAULT_FINGERPRINT_DIGEST_FACTORY : (DigestFactory) ValidateUtils.checkNotNull(BuiltinDigests.fromFactoryName(property), "Unknown digest factory: %s", property);
            ValidateUtils.checkTrue(digestFactory2.isSupported(), "Selected fingerprint digest not supported: %s", digestFactory2.getName());
            DEFAULT_DIGEST_HOLDER.set(digestFactory2);
            return digestFactory2;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static void setDefaultFingerPrintFactory(DigestFactory digestFactory) {
        synchronized (DEFAULT_DIGEST_HOLDER) {
            DEFAULT_DIGEST_HOLDER.set(Objects.requireNonNull(digestFactory, "No digest factory"));
        }
    }

    public static String getFingerPrint(PublicKey publicKey) {
        return getFingerPrint(getDefaultFingerPrintFactory(), publicKey);
    }

    public static String getFingerPrint(String str) {
        return getFingerPrint(str, StandardCharsets.UTF_8);
    }

    public static String getFingerPrint(String str, Charset charset) {
        return getFingerPrint(getDefaultFingerPrintFactory(), str, charset);
    }

    public static String getFingerPrint(Factory<? extends Digest> factory, PublicKey publicKey) {
        if (publicKey == null) {
            return null;
        }
        return getFingerPrint((Digest) ((Factory) Objects.requireNonNull(factory, "No digest factory")).create(), publicKey);
    }

    public static String getFingerPrint(Digest digest, PublicKey publicKey) {
        if (publicKey == null) {
            return null;
        }
        try {
            ByteArrayBuffer byteArrayBuffer = new ByteArrayBuffer();
            byteArrayBuffer.putRawPublicKey(publicKey);
            return DigestUtils.getFingerPrint(digest, byteArrayBuffer.array(), 0, byteArrayBuffer.wpos());
        } catch (Exception e) {
            return e.toString();
        }
    }

    public static byte[] getRawFingerprint(PublicKey publicKey) throws Exception {
        return getRawFingerprint(getDefaultFingerPrintFactory(), publicKey);
    }

    public static byte[] getRawFingerprint(Factory<? extends Digest> factory, PublicKey publicKey) throws Exception {
        if (publicKey == null) {
            return null;
        }
        return getRawFingerprint((Digest) ((Factory) Objects.requireNonNull(factory, "No digest factory")).create(), publicKey);
    }

    public static byte[] getRawFingerprint(Digest digest, PublicKey publicKey) throws Exception {
        if (publicKey == null) {
            return null;
        }
        ByteArrayBuffer byteArrayBuffer = new ByteArrayBuffer();
        byteArrayBuffer.putRawPublicKey(publicKey);
        return DigestUtils.getRawFingerprint(digest, byteArrayBuffer.array(), 0, byteArrayBuffer.wpos());
    }

    public static String getFingerPrint(Factory<? extends Digest> factory, String str) {
        return getFingerPrint(factory, str, StandardCharsets.UTF_8);
    }

    public static String getFingerPrint(Factory<? extends Digest> factory, String str, Charset charset) {
        return getFingerPrint(factory.create(), str, charset);
    }

    public static String getFingerPrint(Digest digest, String str) {
        return getFingerPrint(digest, str, StandardCharsets.UTF_8);
    }

    public static String getFingerPrint(Digest digest, String str, Charset charset) {
        if (GenericUtils.isEmpty(str)) {
            return null;
        }
        try {
            return DigestUtils.getFingerPrint(digest, str, charset);
        } catch (Exception e) {
            return e.getClass().getSimpleName();
        }
    }

    public static AbstractMap.SimpleImmutableEntry<Boolean, String> checkFingerPrint(String str, PublicKey publicKey) {
        return checkFingerPrint(str, getDefaultFingerPrintFactory(), publicKey);
    }

    public static AbstractMap.SimpleImmutableEntry<Boolean, String> checkFingerPrint(String str, Factory<? extends Digest> factory, PublicKey publicKey) {
        return checkFingerPrint(str, (Digest) ((Factory) Objects.requireNonNull(factory, "No digest factory")).create(), publicKey);
    }

    public static AbstractMap.SimpleImmutableEntry<Boolean, String> checkFingerPrint(String str, Digest digest, PublicKey publicKey) {
        BuiltinDigests builtinDigests;
        String str2;
        if (publicKey == null) {
            return null;
        }
        if (GenericUtils.isEmpty(str)) {
            return new AbstractMap.SimpleImmutableEntry<>(false, getFingerPrint(digest, publicKey));
        }
        int indexOf = str.indexOf(58);
        if (indexOf < 0 || indexOf >= str.length() - 1) {
            return new AbstractMap.SimpleImmutableEntry<>(false, getFingerPrint(digest, publicKey));
        }
        String substring = str.substring(0, indexOf);
        String substring2 = str.substring(indexOf + 1);
        if (substring.length() > 2) {
            builtinDigests = BuiltinDigests.fromFactoryName(substring);
            if (builtinDigests == null) {
                return new AbstractMap.SimpleImmutableEntry<>(false, getFingerPrint(digest, publicKey));
            }
            str2 = substring.toUpperCase() + ":" + substring2;
        } else {
            builtinDigests = BuiltinDigests.md5;
            str2 = builtinDigests.getName().toUpperCase() + ":" + str;
        }
        String fingerPrint = getFingerPrint(builtinDigests, publicKey);
        return new AbstractMap.SimpleImmutableEntry<>(Boolean.valueOf(BuiltinDigests.md5.getName().equals(builtinDigests.getName()) ? str2.equalsIgnoreCase(fingerPrint) : str2.equals(fingerPrint)), fingerPrint);
    }

    public static String getKeyType(KeyPair keyPair) {
        if (keyPair == null) {
            return null;
        }
        PrivateKey privateKey = keyPair.getPrivate();
        return privateKey != null ? getKeyType(privateKey) : getKeyType(keyPair.getPublic());
    }

    public static String getKeyType(Key key) {
        if (key == null) {
            return null;
        }
        if (key instanceof DSAKey) {
            return "ssh-dss";
        }
        if (key instanceof RSAKey) {
            return "ssh-rsa";
        }
        if (key instanceof ECKey) {
            ECCurves fromCurveParameters = ECCurves.fromCurveParameters(((ECKey) key).getParams());
            if (fromCurveParameters == null) {
                return null;
            }
            return fromCurveParameters.getKeyType();
        }
        if (key instanceof SkEcdsaPublicKey) {
            return "sk-ecdsa-sha2-nistp256@openssh.com";
        }
        if ("EdDSA".equalsIgnoreCase(key.getAlgorithm())) {
            return "ssh-ed25519";
        }
        if (key instanceof SkED25519PublicKey) {
            return "sk-ssh-ed25519@openssh.com";
        }
        if (key instanceof OpenSshCertificate) {
            return ((OpenSshCertificate) key).getKeyType();
        }
        return null;
    }

    public static List<String> getAllEquivalentKeyTypes(String str) {
        if (GenericUtils.isEmpty(str)) {
            return Collections.emptyList();
        }
        String canonicalKeyType = getCanonicalKeyType(str);
        ArrayList arrayList = new ArrayList();
        arrayList.add(canonicalKeyType);
        synchronized (KEY_TYPE_ALIASES) {
            for (Map.Entry<String, String> entry : KEY_TYPE_ALIASES.entrySet()) {
                String key = entry.getKey();
                if (canonicalKeyType.equalsIgnoreCase(entry.getValue())) {
                    arrayList.add(key);
                }
            }
        }
        return arrayList;
    }

    public static String getCanonicalKeyType(String str) {
        String str2;
        if (GenericUtils.isEmpty(str)) {
            return str;
        }
        synchronized (KEY_TYPE_ALIASES) {
            str2 = KEY_TYPE_ALIASES.get(str);
        }
        return GenericUtils.isEmpty(str2) ? str : str2;
    }

    public static NavigableSet<String> getRegisteredKeyTypeAliases() {
        NavigableSet<String> emptyNavigableSet;
        synchronized (KEY_TYPE_ALIASES) {
            emptyNavigableSet = KEY_TYPE_ALIASES.isEmpty() ? Collections.emptyNavigableSet() : GenericUtils.asSortedSet(String.CASE_INSENSITIVE_ORDER, KEY_TYPE_ALIASES.keySet());
        }
        return emptyNavigableSet;
    }

    public static List<String> registerCanonicalKeyTypes(String str, Collection<String> collection) {
        ValidateUtils.checkNotNullAndNotEmpty(str, "No key type value");
        ValidateUtils.checkNotNullAndNotEmpty(collection, "No aliases provided", new Object[0]);
        List<String> emptyList = Collections.emptyList();
        synchronized (KEY_TYPE_ALIASES) {
            for (String str2 : collection) {
                ValidateUtils.checkNotNullAndNotEmpty(str2, "Null/empty alias registration for %s", str);
                String put = KEY_TYPE_ALIASES.put(str2, str);
                if (!GenericUtils.isEmpty(put)) {
                    if (emptyList.isEmpty()) {
                        emptyList = new ArrayList();
                    }
                    emptyList.add(put);
                }
            }
        }
        return emptyList;
    }

    public static String unregisterCanonicalKeyTypeAlias(String str) {
        String remove;
        if (GenericUtils.isEmpty(str)) {
            return str;
        }
        synchronized (KEY_TYPE_ALIASES) {
            remove = KEY_TYPE_ALIASES.remove(str);
        }
        return remove;
    }

    public static int getKeySize(Key key) {
        if (key == null) {
            return -1;
        }
        if (key instanceof RSAKey) {
            return ((RSAKey) key).getModulus().bitLength();
        }
        if (key instanceof DSAKey) {
            return ((DSAKey) key).getParams().getP().bitLength();
        }
        if (!(key instanceof ECKey)) {
            if ("EdDSA".equalsIgnoreCase(key.getAlgorithm())) {
                return SecurityUtils.getEDDSAKeySize(key);
            }
            return -1;
        }
        ECCurves fromCurveParameters = ECCurves.fromCurveParameters(((ECKey) key).getParams());
        if (fromCurveParameters != null) {
            return fromCurveParameters.getKeySize();
        }
        return -1;
    }

    public static PublicKey findMatchingKey(PublicKey publicKey, PublicKey... publicKeyArr) {
        if (publicKey == null || GenericUtils.isEmpty(publicKeyArr)) {
            return null;
        }
        return findMatchingKey(publicKey, Arrays.asList(publicKeyArr));
    }

    public static PublicKey findMatchingKey(PublicKey publicKey, Collection<? extends PublicKey> collection) {
        if (publicKey == null || GenericUtils.isEmpty((Collection<?>) collection)) {
            return null;
        }
        for (PublicKey publicKey2 : collection) {
            if (compareKeys(publicKey, publicKey2)) {
                return publicKey2;
            }
        }
        return null;
    }

    public static boolean compareKeyPairs(KeyPair keyPair, KeyPair keyPair2) {
        if (Objects.equals(keyPair, keyPair2)) {
            return true;
        }
        return keyPair != null && keyPair2 != null && compareKeys(keyPair.getPublic(), keyPair2.getPublic()) && compareKeys(keyPair.getPrivate(), keyPair2.getPrivate());
    }

    public static boolean compareKeys(PublicKey publicKey, PublicKey publicKey2) {
        if ((publicKey instanceof RSAPublicKey) && (publicKey2 instanceof RSAPublicKey)) {
            return compareRSAKeys((RSAPublicKey) RSAPublicKey.class.cast(publicKey), (RSAPublicKey) RSAPublicKey.class.cast(publicKey2));
        }
        if ((publicKey instanceof DSAPublicKey) && (publicKey2 instanceof DSAPublicKey)) {
            return compareDSAKeys((DSAPublicKey) DSAPublicKey.class.cast(publicKey), (DSAPublicKey) DSAPublicKey.class.cast(publicKey2));
        }
        if ((publicKey instanceof ECPublicKey) && (publicKey2 instanceof ECPublicKey)) {
            return compareECKeys((ECPublicKey) ECPublicKey.class.cast(publicKey), (ECPublicKey) ECPublicKey.class.cast(publicKey2));
        }
        if ((publicKey instanceof SkEcdsaPublicKey) && (publicKey2 instanceof SkEcdsaPublicKey)) {
            return compareSkEcdsaKeys((SkEcdsaPublicKey) SkEcdsaPublicKey.class.cast(publicKey), (SkEcdsaPublicKey) SkEcdsaPublicKey.class.cast(publicKey2));
        }
        if (publicKey != null && "EdDSA".equalsIgnoreCase(publicKey.getAlgorithm()) && publicKey2 != null && "EdDSA".equalsIgnoreCase(publicKey2.getAlgorithm())) {
            return SecurityUtils.compareEDDSAPPublicKeys(publicKey, publicKey2);
        }
        if ((publicKey instanceof SkED25519PublicKey) && (publicKey2 instanceof SkED25519PublicKey)) {
            return compareSkEd25519Keys((SkED25519PublicKey) SkED25519PublicKey.class.cast(publicKey), (SkED25519PublicKey) SkED25519PublicKey.class.cast(publicKey2));
        }
        if ((publicKey instanceof OpenSshCertificate) && (publicKey2 instanceof OpenSshCertificate)) {
            return compareOpenSSHCertificateKeys((OpenSshCertificate) OpenSshCertificate.class.cast(publicKey), (OpenSshCertificate) OpenSshCertificate.class.cast(publicKey2));
        }
        return false;
    }

    public static PublicKey recoverPublicKey(PrivateKey privateKey) throws GeneralSecurityException {
        if (privateKey instanceof RSAPrivateKey) {
            return recoverRSAPublicKey((RSAPrivateKey) privateKey);
        }
        if (privateKey instanceof DSAPrivateKey) {
            return recoverDSAPublicKey((DSAPrivateKey) privateKey);
        }
        if (privateKey == null || !"EdDSA".equalsIgnoreCase(privateKey.getAlgorithm())) {
            return null;
        }
        return SecurityUtils.recoverEDDSAPublicKey(privateKey);
    }

    public static boolean compareKeys(PrivateKey privateKey, PrivateKey privateKey2) {
        if ((privateKey instanceof RSAPrivateKey) && (privateKey2 instanceof RSAPrivateKey)) {
            return compareRSAKeys((RSAPrivateKey) RSAPrivateKey.class.cast(privateKey), (RSAPrivateKey) RSAPrivateKey.class.cast(privateKey2));
        }
        if ((privateKey instanceof DSAPrivateKey) && (privateKey2 instanceof DSAPrivateKey)) {
            return compareDSAKeys((DSAPrivateKey) DSAPrivateKey.class.cast(privateKey), (DSAPrivateKey) DSAPrivateKey.class.cast(privateKey2));
        }
        if ((privateKey instanceof ECPrivateKey) && (privateKey2 instanceof ECPrivateKey)) {
            return compareECKeys((ECPrivateKey) ECPrivateKey.class.cast(privateKey), (ECPrivateKey) ECPrivateKey.class.cast(privateKey2));
        }
        if (privateKey == null || !"EdDSA".equalsIgnoreCase(privateKey.getAlgorithm()) || privateKey2 == null || !"EdDSA".equalsIgnoreCase(privateKey2.getAlgorithm())) {
            return false;
        }
        return SecurityUtils.compareEDDSAPrivateKeys(privateKey, privateKey2);
    }

    public static boolean compareRSAKeys(RSAPublicKey rSAPublicKey, RSAPublicKey rSAPublicKey2) {
        if (Objects.equals(rSAPublicKey, rSAPublicKey2)) {
            return true;
        }
        return rSAPublicKey != null && rSAPublicKey2 != null && Objects.equals(rSAPublicKey.getPublicExponent(), rSAPublicKey2.getPublicExponent()) && Objects.equals(rSAPublicKey.getModulus(), rSAPublicKey2.getModulus());
    }

    public static boolean compareRSAKeys(RSAPrivateKey rSAPrivateKey, RSAPrivateKey rSAPrivateKey2) {
        if (Objects.equals(rSAPrivateKey, rSAPrivateKey2)) {
            return true;
        }
        return rSAPrivateKey != null && rSAPrivateKey2 != null && Objects.equals(rSAPrivateKey.getModulus(), rSAPrivateKey2.getModulus()) && Objects.equals(rSAPrivateKey.getPrivateExponent(), rSAPrivateKey2.getPrivateExponent());
    }

    public static boolean compareOpenSSHCertificateKeys(OpenSshCertificate openSshCertificate, OpenSshCertificate openSshCertificate2) {
        if (openSshCertificate == openSshCertificate2) {
            return true;
        }
        return openSshCertificate != null && openSshCertificate2 != null && Objects.equals(Long.valueOf(openSshCertificate.getSerial()), Long.valueOf(openSshCertificate2.getSerial())) && Arrays.equals(openSshCertificate.getSignature(), openSshCertificate2.getSignature()) && compareKeys(openSshCertificate.getCertPubKey(), openSshCertificate2.getCertPubKey());
    }

    public static RSAPublicKey recoverRSAPublicKey(RSAPrivateKey rSAPrivateKey) throws GeneralSecurityException {
        return rSAPrivateKey instanceof RSAPrivateCrtKey ? recoverFromRSAPrivateCrtKey((RSAPrivateCrtKey) rSAPrivateKey) : recoverRSAPublicKey(rSAPrivateKey.getModulus(), DEFAULT_RSA_PUBLIC_EXPONENT);
    }

    public static RSAPublicKey recoverFromRSAPrivateCrtKey(RSAPrivateCrtKey rSAPrivateCrtKey) throws GeneralSecurityException {
        return recoverRSAPublicKey(rSAPrivateCrtKey.getPrimeP(), rSAPrivateCrtKey.getPrimeQ(), rSAPrivateCrtKey.getPublicExponent());
    }

    public static RSAPublicKey recoverRSAPublicKey(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3) throws GeneralSecurityException {
        return recoverRSAPublicKey(bigInteger.multiply(bigInteger2), bigInteger3);
    }

    public static RSAPublicKey recoverRSAPublicKey(BigInteger bigInteger, BigInteger bigInteger2) throws GeneralSecurityException {
        return (RSAPublicKey) SecurityUtils.getKeyFactory("RSA").generatePublic(new RSAPublicKeySpec(bigInteger, bigInteger2));
    }

    public static boolean compareDSAKeys(DSAPublicKey dSAPublicKey, DSAPublicKey dSAPublicKey2) {
        if (Objects.equals(dSAPublicKey, dSAPublicKey2)) {
            return true;
        }
        return dSAPublicKey != null && dSAPublicKey2 != null && Objects.equals(dSAPublicKey.getY(), dSAPublicKey2.getY()) && compareDSAParams(dSAPublicKey.getParams(), dSAPublicKey2.getParams());
    }

    public static boolean compareDSAKeys(DSAPrivateKey dSAPrivateKey, DSAPrivateKey dSAPrivateKey2) {
        if (Objects.equals(dSAPrivateKey, dSAPrivateKey2)) {
            return true;
        }
        return dSAPrivateKey != null && dSAPrivateKey2 != null && Objects.equals(dSAPrivateKey.getX(), dSAPrivateKey2.getX()) && compareDSAParams(dSAPrivateKey.getParams(), dSAPrivateKey2.getParams());
    }

    public static boolean compareDSAParams(DSAParams dSAParams, DSAParams dSAParams2) {
        if (Objects.equals(dSAParams, dSAParams2)) {
            return true;
        }
        return dSAParams != null && dSAParams2 != null && Objects.equals(dSAParams.getG(), dSAParams2.getG()) && Objects.equals(dSAParams.getP(), dSAParams2.getP()) && Objects.equals(dSAParams.getQ(), dSAParams2.getQ());
    }

    public static DSAPublicKey recoverDSAPublicKey(DSAPrivateKey dSAPrivateKey) throws GeneralSecurityException {
        DSAParams params = dSAPrivateKey.getParams();
        BigInteger p = params.getP();
        BigInteger x = dSAPrivateKey.getX();
        BigInteger q = params.getQ();
        BigInteger g = params.getG();
        return (DSAPublicKey) SecurityUtils.getKeyFactory("DSA").generatePublic(new DSAPublicKeySpec(g.modPow(x, p), p, q, g));
    }

    public static boolean compareECKeys(ECPrivateKey eCPrivateKey, ECPrivateKey eCPrivateKey2) {
        if (Objects.equals(eCPrivateKey, eCPrivateKey2)) {
            return true;
        }
        return eCPrivateKey != null && eCPrivateKey2 != null && Objects.equals(eCPrivateKey.getS(), eCPrivateKey2.getS()) && compareECParams(eCPrivateKey.getParams(), eCPrivateKey2.getParams());
    }

    public static boolean compareECKeys(ECPublicKey eCPublicKey, ECPublicKey eCPublicKey2) {
        if (Objects.equals(eCPublicKey, eCPublicKey2)) {
            return true;
        }
        return eCPublicKey != null && eCPublicKey2 != null && Objects.equals(eCPublicKey.getW(), eCPublicKey2.getW()) && compareECParams(eCPublicKey.getParams(), eCPublicKey2.getParams());
    }

    public static boolean compareECParams(ECParameterSpec eCParameterSpec, ECParameterSpec eCParameterSpec2) {
        if (Objects.equals(eCParameterSpec, eCParameterSpec2)) {
            return true;
        }
        return eCParameterSpec != null && eCParameterSpec2 != null && Objects.equals(eCParameterSpec.getOrder(), eCParameterSpec2.getOrder()) && eCParameterSpec.getCofactor() == eCParameterSpec2.getCofactor() && Objects.equals(eCParameterSpec.getGenerator(), eCParameterSpec2.getGenerator()) && Objects.equals(eCParameterSpec.getCurve(), eCParameterSpec2.getCurve());
    }

    public static boolean compareSkEcdsaKeys(SkEcdsaPublicKey skEcdsaPublicKey, SkEcdsaPublicKey skEcdsaPublicKey2) {
        if (Objects.equals(skEcdsaPublicKey, skEcdsaPublicKey2)) {
            return true;
        }
        return skEcdsaPublicKey != null && skEcdsaPublicKey2 != null && Objects.equals(skEcdsaPublicKey.getAppName(), skEcdsaPublicKey2.getAppName()) && Objects.equals(Boolean.valueOf(skEcdsaPublicKey.isNoTouchRequired()), Boolean.valueOf(skEcdsaPublicKey2.isNoTouchRequired())) && compareECKeys(skEcdsaPublicKey.getDelegatePublicKey(), skEcdsaPublicKey2.getDelegatePublicKey());
    }

    public static boolean compareSkEd25519Keys(SkED25519PublicKey skED25519PublicKey, SkED25519PublicKey skED25519PublicKey2) {
        if (Objects.equals(skED25519PublicKey, skED25519PublicKey2)) {
            return true;
        }
        return skED25519PublicKey != null && skED25519PublicKey2 != null && Objects.equals(skED25519PublicKey.getAppName(), skED25519PublicKey2.getAppName()) && Objects.equals(Boolean.valueOf(skED25519PublicKey.isNoTouchRequired()), Boolean.valueOf(skED25519PublicKey2.isNoTouchRequired())) && SecurityUtils.compareEDDSAPPublicKeys(skED25519PublicKey.getDelegatePublicKey(), skED25519PublicKey2.getDelegatePublicKey());
    }

    public static String getSignatureAlgorithm(String str, PublicKey publicKey) {
        String str2;
        if (!(publicKey instanceof OpenSshCertificate)) {
            return str;
        }
        synchronized (SIGNATURE_ALGORITHM_MAP) {
            str2 = SIGNATURE_ALGORITHM_MAP.get(str);
        }
        return str2;
    }

    static {
        registerPublicKeyEntryDecoder(OpenSSHCertificateDecoder.INSTANCE);
        registerPublicKeyEntryDecoder(RSAPublicKeyDecoder.INSTANCE);
        registerPublicKeyEntryDecoder(DSSPublicKeyEntryDecoder.INSTANCE);
        if (SecurityUtils.isECCSupported()) {
            registerPublicKeyEntryDecoder(ECDSAPublicKeyEntryDecoder.INSTANCE);
        }
        if (SecurityUtils.isEDDSACurveSupported()) {
            registerPublicKeyEntryDecoder(SecurityUtils.getEDDSAPublicKeyEntryDecoder());
        }
        if (SecurityUtils.isECCSupported()) {
            registerPublicKeyEntryDecoder(SkECDSAPublicKeyEntryDecoder.INSTANCE);
        }
        if (SecurityUtils.isEDDSACurveSupported()) {
            registerPublicKeyEntryDecoder(SkED25519PublicKeyEntryDecoder.INSTANCE);
        }
    }
}
