package hudson.cli;

import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.FilePasswordProvider;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.io.resource.PathResource;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.security.SecurityUtils;
import java.io.ByteArrayInputStream;
import java.io.Console;
import java.io.DataInputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.InvalidPathException;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.stream.StreamSupport;

/* loaded from: input_file:WEB-INF/lib/cli-2.456-rc34866.889ee7e79de9.jar:hudson/cli/PrivateKeyProvider.class */
public class PrivateKeyProvider {
    private final List<KeyPair> privateKeys = new ArrayList();
    private static final Logger LOGGER = Logger.getLogger(PrivateKeyProvider.class.getName());

    public List<KeyPair> getKeys() {
        return Collections.unmodifiableList(this.privateKeys);
    }

    public boolean hasKeys() {
        return !this.privateKeys.isEmpty();
    }

    public boolean readFromDefaultLocations() {
        File file = new File(System.getProperty("user.home"));
        boolean z = false;
        for (String str : new String[]{".ssh/id_rsa", ".ssh/id_dsa", ".ssh/identity"}) {
            File file2 = new File(file, str);
            if (file2.exists()) {
                try {
                    readFrom(file2);
                    z = true;
                } catch (IOException | GeneralSecurityException e) {
                    LOGGER.log(Level.FINE, "Failed to load " + file2, e);
                }
            }
        }
        return z;
    }

    public void readFrom(File file) throws IOException, GeneralSecurityException {
        this.privateKeys.add(loadKey(file, isPemEncrypted(file) ? askForPasswd(file.getCanonicalPath()) : null));
    }

    private static boolean isPemEncrypted(File file) throws IOException {
        return readPemFile(file).contains("4,ENCRYPTED");
    }

    private static String askForPasswd(String str) {
        Console console = System.console();
        String str2 = null;
        if (console != null) {
            str2 = String.valueOf(console.readPassword("%s", "Enter passphrase for " + str + ":"));
        }
        return str2;
    }

    public static KeyPair loadKey(File file, String str) throws IOException, GeneralSecurityException {
        return loadKey(readPemFile(file), str);
    }

    private static String readPemFile(File file) throws IOException {
        try {
            InputStream newInputStream = Files.newInputStream(file.toPath(), new OpenOption[0]);
            try {
                DataInputStream dataInputStream = new DataInputStream(newInputStream);
                try {
                    byte[] bArr = new byte[(int) file.length()];
                    dataInputStream.readFully(bArr);
                    String str = new String(bArr, StandardCharsets.UTF_8);
                    dataInputStream.close();
                    if (newInputStream != null) {
                        newInputStream.close();
                    }
                    return str;
                } catch (Throwable th) {
                    try {
                        dataInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            } finally {
            }
        } catch (InvalidPathException e) {
            throw new IOException(e);
        }
    }

    public static KeyPair loadKey(String str, String str2) throws IOException, GeneralSecurityException {
        Iterable<KeyPair> loadKeyPairIdentities = SecurityUtils.loadKeyPairIdentities(null, new PathResource(Paths.get("key", new String[0])), new ByteArrayInputStream(str.getBytes(StandardCharsets.UTF_8)), FilePasswordProvider.of(str2));
        long count = loadKeyPairIdentities == null ? 0L : StreamSupport.stream(loadKeyPairIdentities.spliterator(), false).count();
        if (count <= 0) {
            throw new InvalidKeyException("Unsupported private key file format: key");
        }
        if (count != 1) {
            throw new InvalidKeySpecException("Multiple private key pairs N/A: key");
        }
        return loadKeyPairIdentities.iterator().next();
    }
}
