package net.schmizz.sshj.userauth.keyprovider;

import java.io.File;
import java.io.IOException;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import net.schmizz.sshj.common.Factory;
import net.schmizz.sshj.common.IOUtils;
import net.schmizz.sshj.common.KeyType;
import net.schmizz.sshj.userauth.password.PasswordFinder;
import net.schmizz.sshj.userauth.password.PasswordUtils;
import net.schmizz.sshj.userauth.password.PrivateKeyFileResource;
import net.schmizz.sshj.userauth.password.PrivateKeyStringResource;
import net.schmizz.sshj.userauth.password.Resource;
import org.bouncycastle.openssl.EncryptionException;
import org.bouncycastle.openssl.PEMReader;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/sshj-0.7.0.jar:net/schmizz/sshj/userauth/keyprovider/PKCS8KeyFile.class */
public class PKCS8KeyFile implements FileKeyProvider {
    protected final Logger log = LoggerFactory.getLogger(getClass());
    protected PasswordFinder pwdf;
    protected Resource resource;
    protected KeyPair kp;
    protected KeyType type;
    protected char[] passphrase;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* loaded from: input_file:WEB-INF/lib/sshj-0.7.0.jar:net/schmizz/sshj/userauth/keyprovider/PKCS8KeyFile$Factory.class */
    public static class Factory implements Factory.Named<FileKeyProvider> {
        @Override // net.schmizz.sshj.common.Factory
        public FileKeyProvider create() {
            return new PKCS8KeyFile();
        }

        @Override // net.schmizz.sshj.common.Factory.Named
        public String getName() {
            return "PKCS8";
        }
    }

    @Override // net.schmizz.sshj.userauth.keyprovider.KeyProvider
    public PrivateKey getPrivate() throws IOException {
        if (this.kp != null) {
            return this.kp.getPrivate();
        }
        KeyPair readKeyPair = readKeyPair();
        this.kp = readKeyPair;
        return readKeyPair.getPrivate();
    }

    @Override // net.schmizz.sshj.userauth.keyprovider.KeyProvider
    public PublicKey getPublic() throws IOException {
        if (this.kp != null) {
            return this.kp.getPublic();
        }
        KeyPair readKeyPair = readKeyPair();
        this.kp = readKeyPair;
        return readKeyPair.getPublic();
    }

    @Override // net.schmizz.sshj.userauth.keyprovider.KeyProvider
    public KeyType getType() throws IOException {
        if (this.type != null) {
            return this.type;
        }
        KeyType fromKey = KeyType.fromKey(getPublic());
        this.type = fromKey;
        return fromKey;
    }

    @Override // net.schmizz.sshj.userauth.keyprovider.FileKeyProvider
    public void init(File file) {
        if (!$assertionsDisabled && file == null) {
            throw new AssertionError();
        }
        this.resource = new PrivateKeyFileResource(file.getAbsoluteFile());
    }

    @Override // net.schmizz.sshj.userauth.keyprovider.FileKeyProvider
    public void init(File file, PasswordFinder passwordFinder) {
        init(file);
        this.pwdf = passwordFinder;
    }

    @Override // net.schmizz.sshj.userauth.keyprovider.FileKeyProvider
    public void init(String str, String str2) {
        if (!$assertionsDisabled && str == null) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && str2 != null) {
            throw new AssertionError();
        }
        this.resource = new PrivateKeyStringResource(str);
    }

    @Override // net.schmizz.sshj.userauth.keyprovider.FileKeyProvider
    public void init(String str, String str2, PasswordFinder passwordFinder) {
        init(str, str2);
        this.pwdf = passwordFinder;
    }

    protected org.bouncycastle.openssl.PasswordFinder makeBouncyPasswordFinder() {
        if (this.pwdf == null) {
            return null;
        }
        return new org.bouncycastle.openssl.PasswordFinder() { // from class: net.schmizz.sshj.userauth.keyprovider.PKCS8KeyFile.1
            @Override // org.bouncycastle.openssl.PasswordFinder
            public char[] getPassword() {
                PKCS8KeyFile pKCS8KeyFile = PKCS8KeyFile.this;
                char[] reqPassword = PKCS8KeyFile.this.pwdf.reqPassword(PKCS8KeyFile.this.resource);
                pKCS8KeyFile.passphrase = reqPassword;
                return reqPassword;
            }
        };
    }

    protected KeyPair readKeyPair() throws IOException {
        KeyPair keyPair = null;
        org.bouncycastle.openssl.PasswordFinder makeBouncyPasswordFinder = makeBouncyPasswordFinder();
        PEMReader pEMReader = null;
        while (true) {
            try {
                try {
                    try {
                        pEMReader = new PEMReader(this.resource.getReader(), makeBouncyPasswordFinder);
                        Object readObject = pEMReader.readObject();
                        IOUtils.closeQuietly(pEMReader);
                        if (readObject == null) {
                            throw new IOException("Could not read key pair from: " + this.resource);
                        }
                        if (readObject instanceof KeyPair) {
                            keyPair = (KeyPair) readObject;
                        } else {
                            this.log.debug("Expected KeyPair, got {}", readObject);
                        }
                        return keyPair;
                    } catch (Throwable th) {
                        IOUtils.closeQuietly(pEMReader);
                        throw th;
                    }
                } catch (EncryptionException e) {
                    if (!this.pwdf.shouldRetry(this.resource)) {
                        throw e;
                    }
                    IOUtils.closeQuietly(pEMReader);
                }
            } finally {
                PasswordUtils.blankOut(this.passphrase);
            }
        }
    }

    public String toString() {
        return "PKCS8KeyFile{resource=" + this.resource + "}";
    }

    static {
        $assertionsDisabled = !PKCS8KeyFile.class.desiredAssertionStatus();
    }
}
