package com.ibm.ws.collective.member.internal.ssh;

import com.ibm.websphere.crypto.PasswordUtil;
import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.Sensitive;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.wsspi.kernel.service.utils.FileUtils;
import com.ibm.wsspi.kernel.service.utils.TimestampUtils;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.UnsupportedEncodingException;
import java.security.AccessController;
import java.security.NoSuchAlgorithmException;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import org.eclipse.osgi.internal.framework.EquinoxConfiguration;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.collective.member_1.1.18.jar:com/ibm/ws/collective/member/internal/ssh/SSHKeyUtilityImpl.class */
public class SSHKeyUtilityImpl implements SSHKeyUtility {
    public static final String DIR_SSH = ".ssh";
    public static final String FILE_AUTHORIZED_KEYS = "authorized_keys";
    private static final String CP1047_ENCODING = "Cp1047";
    static final long serialVersionUID = 6434751352298290834L;
    private static final TraceComponent tc = Tr.register(SSHKeyUtilityImpl.class);
    private static String LINE_SEPARATOR = (String) AccessController.doPrivileged(new PrivilegedAction<String>() { // from class: com.ibm.ws.collective.member.internal.ssh.SSHKeyUtilityImpl.1
        static final long serialVersionUID = 1105686949376067619L;
        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass1.class);

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.security.PrivilegedAction
        public String run() {
            return System.getProperty("line.separator");
        }
    });

    /* JADX INFO: Access modifiers changed from: package-private */
    @InjectedFFDC
    @TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
    /* loaded from: input_file:wlp/lib/com.ibm.ws.collective.member_1.1.18.jar:com/ibm/ws/collective/member/internal/ssh/SSHKeyUtilityImpl$CreateAndSetKeyFilePermsAction.class */
    public static final class CreateAndSetKeyFilePermsAction implements PrivilegedExceptionAction<Boolean> {
        private final File file;
        static final long serialVersionUID = -4988951263011546410L;
        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(CreateAndSetKeyFilePermsAction.class);

        public CreateAndSetKeyFilePermsAction(File file) {
            this.file = file;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.security.PrivilegedExceptionAction
        public Boolean run() throws IOException {
            if (this.file.exists()) {
                return true;
            }
            if (!this.file.createNewFile() && SSHKeyUtilityImpl.tc.isDebugEnabled()) {
                Tr.debug(SSHKeyUtilityImpl.tc, "Unable to create new, empty file: " + this.file.getAbsolutePath(), new Object[0]);
            }
            FileUtils.setUserReadWriteOnly(this.file);
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @InjectedFFDC
    @TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
    /* loaded from: input_file:wlp/lib/com.ibm.ws.collective.member_1.1.18.jar:com/ibm/ws/collective/member/internal/ssh/SSHKeyUtilityImpl$FileExistsAction.class */
    public static final class FileExistsAction implements PrivilegedAction<Boolean> {
        private final File file;
        static final long serialVersionUID = -4002194653630617941L;
        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(FileExistsAction.class);

        public FileExistsAction(File file) {
            this.file = file;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.security.PrivilegedAction
        public Boolean run() {
            return Boolean.valueOf(this.file.exists());
        }
    }

    @InjectedFFDC
    @TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
    /* loaded from: input_file:wlp/lib/com.ibm.ws.collective.member_1.1.18.jar:com/ibm/ws/collective/member/internal/ssh/SSHKeyUtilityImpl$IsFileAction.class */
    static final class IsFileAction implements PrivilegedAction<Boolean> {
        private final File file;
        static final long serialVersionUID = -9099839660763146916L;
        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(IsFileAction.class);

        public IsFileAction(File file) {
            this.file = file;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.security.PrivilegedAction
        public Boolean run() {
            return Boolean.valueOf(this.file.isFile());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @InjectedFFDC
    @TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
    /* loaded from: input_file:wlp/lib/com.ibm.ws.collective.member_1.1.18.jar:com/ibm/ws/collective/member/internal/ssh/SSHKeyUtilityImpl$MKDirsAction.class */
    public static final class MKDirsAction implements PrivilegedAction<Boolean> {
        private final File file;
        static final long serialVersionUID = -2406076591706708457L;
        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(MKDirsAction.class);

        public MKDirsAction(File file) {
            this.file = file;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.security.PrivilegedAction
        public Boolean run() {
            if (this.file.exists()) {
                return true;
            }
            return Boolean.valueOf(this.file.mkdirs());
        }
    }

    private void writeKeyToFile(@Sensitive String str, File file) throws IOException {
        OutputStreamWriter outputStreamWriter = null;
        try {
            if (!((Boolean) AccessController.doPrivileged(new MKDirsAction(file.getParentFile()))).booleanValue()) {
                throw new IOException("Unable to create all of the required parent directories for the key file: " + file.getAbsolutePath());
            }
            try {
                if (!((Boolean) AccessController.doPrivileged(new CreateAndSetKeyFilePermsAction(file))).booleanValue()) {
                    throw new IOException("Unable to set the permissions for the key file: " + file.getAbsolutePath());
                }
                OutputStreamWriter writer = getWriter(file, false);
                if (writer != null) {
                    writer.write(str);
                    if (tc.isEventEnabled()) {
                        Tr.event(tc, "Successfully wrote key to file " + file.getAbsolutePath(), new Object[0]);
                    }
                }
                if (writer != null) {
                    writer.close();
                }
            } catch (PrivilegedActionException e) {
                FFDCFilter.processException(e, "com.ibm.ws.collective.member.internal.ssh.SSHKeyUtilityImpl", "171", this, new Object[]{"<sensitive java.lang.String>", file});
                Exception exception = e.getException();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Caught PrivilegedActionException during CreateAndSetKeyFilePermsAction. Dumping wrapped exception...", exception);
                }
                if (!(exception instanceof IOException)) {
                    throw new IOException("Unexpected exception thrown", exception);
                }
                throw ((IOException) exception);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                outputStreamWriter.close();
            }
            throw th;
        }
    }

    private SSHKeyPair generateKeys(String str, File file, File file2) throws NoSuchAlgorithmException, IOException {
        long nanoTime = System.nanoTime();
        Tr.info(tc, "SSH_KEY_GENERATION_START", new Object[0]);
        SSHKeyPair generate = new SSHKeyGeneratorImpl().generate(str);
        String publickKey = generate.getPublickKey();
        String privatekey = generate.getPrivatekey();
        writeKeyToFile(publickKey, file);
        writeKeyToFile(privatekey, file2);
        Tr.info(tc, "SSH_KEY_GENERATION_END", TimestampUtils.getElapsedTimeNanos(nanoTime));
        return generate;
    }

    @Override // com.ibm.ws.collective.member.internal.ssh.SSHKeyUtility
    @Sensitive
    public String readStringFromFile(File file) throws IOException {
        InputStreamReader reader = getReader(file);
        if (reader == null) {
            return null;
        }
        StringBuilder sb = new StringBuilder();
        char[] cArr = new char[4096];
        int i = 0;
        do {
            try {
                sb.append(cArr, 0, i);
                i = reader.read(cArr);
            } finally {
                reader.close();
            }
        } while (i >= 0);
        return sb.toString();
    }

    private void appendPublicKeyToAuthorizedKeys(String str, File file) throws IOException {
        OutputStreamWriter outputStreamWriter = null;
        try {
            boolean hasTrailingLineFeed = hasTrailingLineFeed(file);
            outputStreamWriter = getWriter(file, true);
            if (outputStreamWriter != null) {
                if (!hasTrailingLineFeed) {
                    outputStreamWriter.write(LINE_SEPARATOR);
                }
                outputStreamWriter.write(str);
                outputStreamWriter.write(LINE_SEPARATOR);
            }
            if (outputStreamWriter != null) {
                outputStreamWriter.close();
            }
        } catch (Throwable th) {
            if (outputStreamWriter != null) {
                outputStreamWriter.close();
            }
            throw th;
        }
    }

    @Override // com.ibm.ws.collective.member.internal.ssh.SSHKeyUtility
    public void updateAuthorizedKeys(String str, String str2) throws IOException, FileNotFoundException {
        String readLine;
        File file = new File(new File(str, DIR_SSH).getCanonicalFile(), FILE_AUTHORIZED_KEYS);
        if (((Boolean) AccessController.doPrivileged(new FileExistsAction(file))).booleanValue()) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "reading authorized_keys from " + file.getAbsolutePath(), new Object[0]);
            }
            BufferedReader bufferedReader = new BufferedReader(new FileReader(file));
            do {
                try {
                    readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        bufferedReader.close();
                    }
                } finally {
                    bufferedReader.close();
                }
            } while (readLine.indexOf(str2) != 0);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "The public key already exists in file " + file.getAbsolutePath(), new Object[0]);
            }
            return;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "File " + file.getAbsolutePath() + " doesn't exist, it will be created", new Object[0]);
        }
        if (!((Boolean) AccessController.doPrivileged(new MKDirsAction(file.getParentFile()))).booleanValue()) {
            throw new IOException("Unable to create all of the required parent directories for the file: " + file.getAbsolutePath());
        }
        try {
            if (!((Boolean) AccessController.doPrivileged(new CreateAndSetKeyFilePermsAction(file))).booleanValue()) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "CreateAndSetKeyFilePermsAction did not complete successfully.", new Object[0]);
                }
                throw new IOException("Unable to set the permissions for the file: " + file.getAbsolutePath());
            }
        } catch (PrivilegedActionException e) {
            FFDCFilter.processException(e, "com.ibm.ws.collective.member.internal.ssh.SSHKeyUtilityImpl", "318", this, new Object[]{str, str2});
            Exception exception = e.getException();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Caught PrivilegedActionException during CreateAndSetKeyFilePermsAction. Dumping wrapped exception...", exception);
            }
            if (!(exception instanceof IOException)) {
                throw new IOException("Unexpected exception thrown", exception);
            }
            throw ((IOException) exception);
        }
        appendPublicKeyToAuthorizedKeys(str2, file);
    }

    @Override // com.ibm.ws.collective.member.internal.ssh.SSHKeyUtility
    @Sensitive
    public String useSSHKeyPair(String str, String str2, String str3, String str4) throws NoSuchAlgorithmException, IOException {
        File file = null;
        File file2 = null;
        boolean z = false;
        boolean z2 = false;
        if (str4 != null) {
            file2 = new File(str4);
            if (!isFileExist(file2) && tc.isDebugEnabled()) {
                Tr.debug(tc, "File " + str4 + " does not exist.", new Object[0]);
            }
            z2 = ((Boolean) AccessController.doPrivileged(new IsFileAction(file2))).booleanValue();
        }
        if (str3 != null) {
            file = new File(str3);
            if (!isFileExist(file) && tc.isDebugEnabled()) {
                Tr.debug(tc, "File " + str3 + " does not exist.", new Object[0]);
            }
            z = ((Boolean) AccessController.doPrivileged(new IsFileAction(file))).booleanValue();
        }
        String str5 = null;
        String str6 = null;
        if (z2 && str3 == null) {
            if (tc.isEventEnabled()) {
                Tr.event(tc, "Only private key was specified, reading available private key", new Object[0]);
            }
            str6 = readStringFromFile(file2);
        } else {
            if (z2 && (!z)) {
                Tr.warning(tc, "SSH_KEYGEN_PUB_DOESNT_EXIST", str3);
                if (tc.isEventEnabled()) {
                    Tr.event(tc, "Both private key and public key were specified, but public key does not exist. Reading available private key", new Object[0]);
                }
                str6 = readStringFromFile(file2);
            } else if (z2 && z) {
                if (tc.isEventEnabled()) {
                    Tr.event(tc, "Both key files are exist, reading available public and private keys", new Object[0]);
                }
                str5 = readStringFromFile(file);
                str6 = readStringFromFile(file2);
            } else {
                if (!z2 && str3 == null) {
                    Tr.error(tc, "SSH_KEYGEN_PRIV_DOESNT_EXIST", str4);
                    throw new IllegalStateException("SSH private key file does not exist or is not a regular file. No corresponding public key path specified, so can not generate key pair. SSH private key path: " + str4);
                }
                if (!z2 && !z) {
                    if (tc.isEventEnabled()) {
                        Tr.event(tc, "The key files do not exist or are not files, key generation is required.", new Object[0]);
                    }
                    SSHKeyPair generateKeys = generateKeys(str, file, file2);
                    str5 = generateKeys.getPublickKey();
                    str6 = generateKeys.getPrivatekey();
                } else {
                    if (!z2 && z) {
                        Tr.error(tc, "SSH_KEYGEN_INCOMPELTE_KEY_PAIR", str4);
                        throw new IllegalStateException("SSH private key file does not exist or is not a regualr file. The specific public key exists, so we seem to have an incomplete key pair. SSH private key path: " + str4);
                    }
                    if (tc.isEventEnabled()) {
                        Tr.event(tc, "This scenario should never be hit. If it is, then we're in a really funky state.", new Object[0]);
                    }
                }
            }
        }
        if (str5 != null) {
            updateAuthorizedKeys(str2, str5);
        }
        return PasswordUtil.passwordEncode(str6);
    }

    private boolean isFileExist(File file) {
        return file.exists();
    }

    private OutputStreamWriter getWriter(final File file, final boolean z) {
        return (OutputStreamWriter) AccessController.doPrivileged(new PrivilegedAction<OutputStreamWriter>() { // from class: com.ibm.ws.collective.member.internal.ssh.SSHKeyUtilityImpl.2
            static final long serialVersionUID = 4377528590947148618L;
            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass2.class);

            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public OutputStreamWriter run() {
                try {
                    return System.getProperty(EquinoxConfiguration.PROP_JVM_OS_NAME).equalsIgnoreCase("z/OS") ? new OutputStreamWriter(new FileOutputStream(file, z), SSHKeyUtilityImpl.CP1047_ENCODING) : new OutputStreamWriter(new FileOutputStream(file, z));
                } catch (FileNotFoundException e) {
                    FFDCFilter.processException(e, "com.ibm.ws.collective.member.internal.ssh.SSHKeyUtilityImpl$2", "459", this, new Object[0]);
                    Tr.error(SSHKeyUtilityImpl.tc, "SSH_KEYGEN_IOEXCEPTION", e.getLocalizedMessage());
                    if (!SSHKeyUtilityImpl.tc.isDebugEnabled()) {
                        return null;
                    }
                    Tr.debug(SSHKeyUtilityImpl.tc, "Unable to write SSH keys. Caught IOException: " + e.getMessage(), e);
                    return null;
                } catch (UnsupportedEncodingException e2) {
                    FFDCFilter.processException(e2, "com.ibm.ws.collective.member.internal.ssh.SSHKeyUtilityImpl$2", "455", this, new Object[0]);
                    if (!SSHKeyUtilityImpl.tc.isDebugEnabled()) {
                        return null;
                    }
                    Tr.debug(SSHKeyUtilityImpl.tc, e2.getMessage(), new Object[0]);
                    return null;
                }
            }
        });
    }

    private InputStreamReader getReader(final File file) throws UnsupportedEncodingException, FileNotFoundException {
        return (InputStreamReader) AccessController.doPrivileged(new PrivilegedAction<InputStreamReader>() { // from class: com.ibm.ws.collective.member.internal.ssh.SSHKeyUtilityImpl.3
            static final long serialVersionUID = -190976199676040067L;
            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass3.class);

            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public InputStreamReader run() {
                try {
                    return System.getProperty(EquinoxConfiguration.PROP_JVM_OS_NAME).equalsIgnoreCase("z/OS") ? new InputStreamReader(new FileInputStream(file), SSHKeyUtilityImpl.CP1047_ENCODING) : new InputStreamReader(new FileInputStream(file));
                } catch (FileNotFoundException e) {
                    FFDCFilter.processException(e, "com.ibm.ws.collective.member.internal.ssh.SSHKeyUtilityImpl$3", "486", this, new Object[0]);
                    Tr.error(SSHKeyUtilityImpl.tc, "SSH_KEYGEN_IOEXCEPTION", e.getLocalizedMessage());
                    if (!SSHKeyUtilityImpl.tc.isDebugEnabled()) {
                        return null;
                    }
                    Tr.debug(SSHKeyUtilityImpl.tc, "Unable to read SSH keys. Caught IOException: " + e.getMessage(), e);
                    return null;
                } catch (UnsupportedEncodingException e2) {
                    FFDCFilter.processException(e2, "com.ibm.ws.collective.member.internal.ssh.SSHKeyUtilityImpl$3", "482", this, new Object[0]);
                    if (!SSHKeyUtilityImpl.tc.isDebugEnabled()) {
                        return null;
                    }
                    Tr.debug(SSHKeyUtilityImpl.tc, e2.getMessage(), new Object[0]);
                    return null;
                }
            }
        });
    }

    private boolean hasTrailingLineFeed(File file) throws IOException {
        InputStreamReader inputStreamReader = null;
        char[] cArr = new char[1024];
        boolean z = false;
        byte b = 120;
        try {
            try {
                inputStreamReader = new InputStreamReader(new FileInputStream(file), "UTF-8");
                while (true) {
                    int read = inputStreamReader.read(cArr);
                    if (read == -1) {
                        break;
                    }
                    b = (byte) cArr[read - 1];
                }
                z = b == 10;
                inputStreamReader.close();
                if (inputStreamReader != null) {
                    inputStreamReader.close();
                }
            } catch (FileNotFoundException e) {
                FFDCFilter.processException(e, "com.ibm.ws.collective.member.internal.ssh.SSHKeyUtilityImpl", "514", this, new Object[]{file});
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unable to create a file reader for file " + file.getAbsolutePath(), new Object[0]);
                }
                if (inputStreamReader != null) {
                    inputStreamReader.close();
                }
            }
            return z;
        } catch (Throwable th) {
            if (inputStreamReader != null) {
                inputStreamReader.close();
            }
            throw th;
        }
    }
}
