package com.sshtools.common.hosts;

import com.sshtools.j2ssh.configuration.ConfigurationLoader;
import com.sshtools.j2ssh.transport.HostKeyVerification;
import com.sshtools.j2ssh.transport.InvalidHostFileException;
import com.sshtools.j2ssh.transport.TransportProtocolException;
import com.sshtools.j2ssh.transport.publickey.SshPublicKey;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.xml.sax.Attributes;
import org.xml.sax.SAXException;
import org.xml.sax.helpers.DefaultHandler;

/* loaded from: input_file:com/sshtools/common/hosts/AbstractHostKeyVerification.class */
public abstract class AbstractHostKeyVerification extends DefaultHandler implements HostKeyVerification {
    private static String defaultHostFile;
    private static Log log;
    private List deniedHosts;
    private Map allowedHosts;
    private String hostFile;
    private boolean hostFileWriteable;
    private boolean expectEndElement;
    private String currentElement;
    static Class class$com$sshtools$j2ssh$transport$HostKeyVerification;

    public AbstractHostKeyVerification() throws InvalidHostFileException {
        this(defaultHostFile);
        this.hostFile = defaultHostFile;
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:20:0x0144
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    public AbstractHostKeyVerification(java.lang.String r6) throws com.sshtools.j2ssh.transport.InvalidHostFileException {
        /*
            Method dump skipped, instructions count: 329
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sshtools.common.hosts.AbstractHostKeyVerification.<init>(java.lang.String):void");
    }

    @Override // org.xml.sax.helpers.DefaultHandler, org.xml.sax.ContentHandler
    public void startElement(String str, String str2, String str3, Attributes attributes) throws SAXException {
        if (this.currentElement == null) {
            if (!str3.equals("HostAuthorizations")) {
                throw new SAXException("Unexpected document element!");
            }
            this.allowedHosts.clear();
            this.deniedHosts.clear();
            this.currentElement = str3;
            return;
        }
        if (!this.currentElement.equals("HostAuthorizations")) {
            throw new SAXException("Unexpected parent element found!");
        }
        if (str3.equals("AllowHost")) {
            String value = attributes.getValue("HostName");
            String value2 = attributes.getValue("Fingerprint");
            if (value == null || value2 == null) {
                throw new SAXException("Requried attribute(s) missing!");
            }
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append("AllowHost element for host '").append(value).append("' with fingerprint '").append(value2).append("'").toString());
            }
            this.allowedHosts.put(value, value2);
            this.currentElement = str3;
            return;
        }
        if (!str3.equals("DenyHost")) {
            log.warn(new StringBuffer().append("Unexpected ").append(str3).append(" element found in allowed hosts file").toString());
            return;
        }
        String value3 = attributes.getValue("HostName");
        if (value3 == null) {
            throw new SAXException("Required attribute hostname missing");
        }
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append("DenyHost element for host ").append(value3).toString());
        }
        this.deniedHosts.add(value3);
        this.currentElement = str3;
    }

    @Override // org.xml.sax.helpers.DefaultHandler, org.xml.sax.ContentHandler
    public void endElement(String str, String str2, String str3) throws SAXException {
        if (this.currentElement == null) {
            throw new SAXException("Unexpected end element found!");
        }
        if (this.currentElement.equals("HostAuthorizations")) {
            this.currentElement = null;
        } else if (this.currentElement.equals("AllowHost")) {
            this.currentElement = "HostAuthorizations";
        } else if (this.currentElement.equals("DenyHost")) {
            this.currentElement = "HostAuthorizations";
        }
    }

    public boolean isHostFileWriteable() {
        return this.hostFileWriteable;
    }

    public abstract void onDeniedHost(String str) throws TransportProtocolException;

    public abstract void onHostKeyMismatch(String str, String str2, String str3) throws TransportProtocolException;

    public abstract void onUnknownHost(String str, String str2) throws TransportProtocolException;

    public void allowHost(String str, String str2, boolean z) throws InvalidHostFileException {
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append("Allowing ").append(str).append(" with fingerprint ").append(str2).toString());
        }
        this.allowedHosts.put(str, str2);
        if (z) {
            saveHostFile();
        }
    }

    public Map allowedHosts() {
        return this.allowedHosts;
    }

    public List deniedHosts() {
        return this.deniedHosts;
    }

    public void removeAllowedHost(String str) {
        this.allowedHosts.remove(str);
    }

    public void removeDeniedHost(String str) {
        for (int size = this.deniedHosts.size() - 1; size >= 0; size--) {
            if (((String) this.deniedHosts.get(size)).equals(str)) {
                this.deniedHosts.remove(size);
            }
        }
    }

    public void denyHost(String str, boolean z) throws InvalidHostFileException {
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append(str).append(" is denied access").toString());
        }
        if (!this.deniedHosts.contains(str)) {
            this.deniedHosts.add(str);
        }
        if (z) {
            saveHostFile();
        }
    }

    public boolean verifyHost(String str, SshPublicKey sshPublicKey) throws TransportProtocolException {
        String fingerprint = sshPublicKey.getFingerprint();
        log.info(new StringBuffer().append("Verifying ").append(str).append(" host key").toString());
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append("Fingerprint: ").append(fingerprint).toString());
        }
        if (this.deniedHosts.contains(str)) {
            onDeniedHost(str);
            return false;
        }
        if (!this.allowedHosts.containsKey(str)) {
            onUnknownHost(str, fingerprint);
            return checkFingerprint(str, fingerprint);
        }
        String str2 = (String) this.allowedHosts.get(str);
        if (str2.compareToIgnoreCase(fingerprint) == 0) {
            return true;
        }
        onHostKeyMismatch(str, str2, fingerprint);
        return checkFingerprint(str, fingerprint);
    }

    private boolean checkFingerprint(String str, String str2) {
        String str3 = (String) this.allowedHosts.get(str);
        return str3 != null && str3.compareToIgnoreCase(str2) == 0;
    }

    public void saveHostFile() throws InvalidHostFileException {
        if (!this.hostFileWriteable) {
            throw new InvalidHostFileException("Host file is not writeable.");
        }
        log.info(new StringBuffer().append("Saving ").append(defaultHostFile).toString());
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(new File(this.hostFile));
            fileOutputStream.write(toString().getBytes());
            fileOutputStream.close();
        } catch (IOException e) {
            throw new InvalidHostFileException(new StringBuffer().append("Could not write to ").append(this.hostFile).toString());
        }
    }

    public String toString() {
        String stringBuffer = new StringBuffer().append(new StringBuffer().append("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<HostAuthorizations>\n").append("<!-- Host Authorizations file, used by the abstract class HostKeyVerification to verify the servers host key -->").toString()).append("   <!-- Allow the following hosts access if they provide the correct public key -->\n").toString();
        for (Map.Entry entry : this.allowedHosts.entrySet()) {
            stringBuffer = new StringBuffer().append(stringBuffer).append("   <AllowHost HostName=\"").append(entry.getKey().toString()).append("\" Fingerprint=\"").append(entry.getValue().toString()).append("\"/>\n").toString();
        }
        String stringBuffer2 = new StringBuffer().append(stringBuffer).append("   <!-- Deny the following hosts access -->\n").toString();
        Iterator it = this.deniedHosts.iterator();
        while (it.hasNext()) {
            stringBuffer2 = new StringBuffer().append(stringBuffer2).append("   <DenyHost HostName=\"").append(it.next().toString()).append("\"/>\n").toString();
        }
        return new StringBuffer().append(stringBuffer2).append("</HostAuthorizations>").toString();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$sshtools$j2ssh$transport$HostKeyVerification == null) {
            cls = class$("com.sshtools.j2ssh.transport.HostKeyVerification");
            class$com$sshtools$j2ssh$transport$HostKeyVerification = cls;
        } else {
            cls = class$com$sshtools$j2ssh$transport$HostKeyVerification;
        }
        log = LogFactory.getLog(cls);
        log.info("Determining default host file");
        defaultHostFile = ConfigurationLoader.getConfigurationDirectory();
        if (defaultHostFile == null) {
            log.info("No configuration location, persistence of host keys will be disabled.");
        } else {
            defaultHostFile = new StringBuffer().append(defaultHostFile).append("hosts.xml").toString();
            log.info(new StringBuffer().append("Defaulting host file to ").append(defaultHostFile).toString());
        }
    }
}
