package org.eclipse.jgit.internal.transport.sshd;

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.InvalidPathException;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.function.Supplier;
import org.apache.sshd.client.config.hosts.HostConfigEntry;
import org.apache.sshd.client.config.hosts.KnownHostEntry;
import org.apache.sshd.client.keyverifier.KnownHostsServerKeyVerifier;
import org.apache.sshd.client.keyverifier.ServerKeyVerifier;
import org.apache.sshd.client.session.ClientSession;
import org.apache.sshd.common.config.keys.AuthorizedKeyEntry;
import org.apache.sshd.common.config.keys.KeyUtils;
import org.apache.sshd.common.config.keys.PublicKeyEntryResolver;
import org.apache.sshd.common.digest.BuiltinDigests;
import org.apache.sshd.common.session.SessionContext;
import org.apache.sshd.common.util.io.ModifiableFileWatcher;
import org.apache.sshd.common.util.net.SshdSocketAddress;
import org.eclipse.jgit.internal.storage.file.LockFile;
import org.eclipse.jgit.transport.CredentialItem;
import org.eclipse.jgit.transport.CredentialsProvider;
import org.eclipse.jgit.transport.URIish;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/jgit/internal/transport/sshd/OpenSshServerKeyVerifier.class */
public class OpenSshServerKeyVerifier implements ServerKeyVerifier, ServerKeyLookup {
    private static final Logger LOG = LoggerFactory.getLogger(OpenSshServerKeyVerifier.class);
    private static final String MARKER_REVOKED = "revoked";
    private final boolean askAboutNewFile;
    private final Map<Path, HostKeyFile> knownHostsFiles = new ConcurrentHashMap();
    private final List<HostKeyFile> defaultFiles = new ArrayList();

    /* loaded from: input_file:org/eclipse/jgit/internal/transport/sshd/OpenSshServerKeyVerifier$AskUser.class */
    private static class AskUser {

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:org/eclipse/jgit/internal/transport/sshd/OpenSshServerKeyVerifier$AskUser$Check.class */
        public enum Check {
            ASK,
            DENY,
            ALLOW;

            /* renamed from: values, reason: to resolve conflict with enum method */
            public static Check[] valuesCustom() {
                Check[] valuesCustom = values();
                int length = valuesCustom.length;
                Check[] checkArr = new Check[length];
                System.arraycopy(valuesCustom, 0, checkArr, 0, length);
                return checkArr;
            }
        }

        private AskUser() {
        }

        /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
        /* JADX WARN: Code restructure failed: missing block: B:19:0x007c, code lost:
        
            if (r0.equals("no") == false) goto L34;
         */
        /* JADX WARN: Code restructure failed: missing block: B:21:0x00b0, code lost:
        
            return org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier.AskUser.Check.ALLOW;
         */
        /* JADX WARN: Code restructure failed: missing block: B:23:0x0089, code lost:
        
            if (r0.equals("on") == false) goto L34;
         */
        /* JADX WARN: Code restructure failed: missing block: B:25:0x00ac, code lost:
        
            return org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier.AskUser.Check.DENY;
         */
        /* JADX WARN: Code restructure failed: missing block: B:27:0x0096, code lost:
        
            if (r0.equals("off") == false) goto L34;
         */
        /* JADX WARN: Code restructure failed: missing block: B:29:0x00a3, code lost:
        
            if (r0.equals("yes") == false) goto L34;
         */
        /* JADX WARN: Failed to find 'out' block for switch in B:9:0x0034. Please report as an issue. */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        private org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier.AskUser.Check checkMode(org.apache.sshd.client.session.ClientSession r5, java.net.SocketAddress r6, boolean r7) {
            /*
                r4 = this;
                r0 = r6
                boolean r0 = r0 instanceof java.net.InetSocketAddress
                if (r0 != 0) goto Lb
                org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier$AskUser$Check r0 = org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier.AskUser.Check.DENY
                return r0
            Lb:
                r0 = r5
                boolean r0 = r0 instanceof org.eclipse.jgit.internal.transport.sshd.JGitClientSession
                if (r0 == 0) goto Lbf
                r0 = r5
                org.eclipse.jgit.internal.transport.sshd.JGitClientSession r0 = (org.eclipse.jgit.internal.transport.sshd.JGitClientSession) r0
                org.apache.sshd.client.config.hosts.HostConfigEntry r0 = r0.getHostConfigEntry()
                r8 = r0
                r0 = r8
                java.lang.String r1 = "StrictHostKeyChecking"
                java.lang.String r2 = "ask"
                java.lang.String r0 = r0.getProperty(r1, r2)
                r9 = r0
                r0 = r9
                java.util.Locale r1 = java.util.Locale.ROOT
                java.lang.String r0 = r0.toLowerCase(r1)
                r1 = r0
                r10 = r1
                int r0 = r0.hashCode()
                switch(r0) {
                    case -1228140709: goto L68;
                    case 3521: goto L75;
                    case 3551: goto L82;
                    case 109935: goto L8f;
                    case 119527: goto L9c;
                    default: goto Lbf;
                }
            L68:
                r0 = r10
                java.lang.String r1 = "accept-new"
                boolean r0 = r0.equals(r1)
                if (r0 != 0) goto Lb1
                goto Lbf
            L75:
                r0 = r10
                java.lang.String r1 = "no"
                boolean r0 = r0.equals(r1)
                if (r0 != 0) goto Lad
                goto Lbf
            L82:
                r0 = r10
                java.lang.String r1 = "on"
                boolean r0 = r0.equals(r1)
                if (r0 != 0) goto La9
                goto Lbf
            L8f:
                r0 = r10
                java.lang.String r1 = "off"
                boolean r0 = r0.equals(r1)
                if (r0 != 0) goto Lad
                goto Lbf
            L9c:
                r0 = r10
                java.lang.String r1 = "yes"
                boolean r0 = r0.equals(r1)
                if (r0 != 0) goto La9
                goto Lbf
            La9:
                org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier$AskUser$Check r0 = org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier.AskUser.Check.DENY
                return r0
            Lad:
                org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier$AskUser$Check r0 = org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier.AskUser.Check.ALLOW
                return r0
            Lb1:
                r0 = r7
                if (r0 == 0) goto Lbb
                org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier$AskUser$Check r0 = org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier.AskUser.Check.DENY
                goto Lbe
            Lbb:
                org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier$AskUser$Check r0 = org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier.AskUser.Check.ALLOW
            Lbe:
                return r0
            Lbf:
                r0 = r5
                org.eclipse.jgit.transport.CredentialsProvider r0 = org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier.access$0(r0)
                if (r0 != 0) goto Lca
                org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier$AskUser$Check r0 = org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier.AskUser.Check.DENY
                return r0
            Lca:
                org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier$AskUser$Check r0 = org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier.AskUser.Check.ASK
                return r0
            */
            throw new UnsupportedOperationException("Method not decompiled: org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier.AskUser.checkMode(org.apache.sshd.client.session.ClientSession, java.net.SocketAddress, boolean):org.eclipse.jgit.internal.transport.sshd.OpenSshServerKeyVerifier$AskUser$Check");
        }

        public void revokedKey(ClientSession clientSession, SocketAddress socketAddress, PublicKey publicKey, Path path) {
            CredentialsProvider credentialsProvider = OpenSshServerKeyVerifier.getCredentialsProvider(clientSession);
            if (credentialsProvider == null) {
                return;
            }
            InetSocketAddress inetSocketAddress = (InetSocketAddress) socketAddress;
            URIish uri = JGitUserInteraction.toURI(clientSession.getUsername(), inetSocketAddress);
            String fingerPrint = KeyUtils.getFingerPrint(BuiltinDigests.sha256, publicKey);
            OpenSshServerKeyVerifier.askUser(credentialsProvider, uri, null, MessageFormat.format(SshdText.get().knownHostsRevokedKeyMsg, inetSocketAddress.getHostString(), path), MessageFormat.format(SshdText.get().knownHostsKeyFingerprints, publicKey.getAlgorithm()), KeyUtils.getFingerPrint(BuiltinDigests.md5, publicKey), fingerPrint);
        }

        public boolean acceptUnknownKey(ClientSession clientSession, SocketAddress socketAddress, PublicKey publicKey) {
            Check checkMode = checkMode(clientSession, socketAddress, false);
            if (checkMode != Check.ASK) {
                return checkMode == Check.ALLOW;
            }
            CredentialsProvider credentialsProvider = OpenSshServerKeyVerifier.getCredentialsProvider(clientSession);
            InetSocketAddress inetSocketAddress = (InetSocketAddress) socketAddress;
            String fingerPrint = KeyUtils.getFingerPrint(BuiltinDigests.sha256, publicKey);
            return OpenSshServerKeyVerifier.askUser(credentialsProvider, JGitUserInteraction.toURI(clientSession.getUsername(), inetSocketAddress), SshdText.get().knownHostsUnknownKeyPrompt, MessageFormat.format(SshdText.get().knownHostsUnknownKeyMsg, inetSocketAddress.getHostString()), MessageFormat.format(SshdText.get().knownHostsKeyFingerprints, publicKey.getAlgorithm()), KeyUtils.getFingerPrint(BuiltinDigests.md5, publicKey), fingerPrint);
        }

        public ModifiedKeyHandling acceptModifiedServerKey(ClientSession clientSession, SocketAddress socketAddress, PublicKey publicKey, PublicKey publicKey2, Path path) {
            Check checkMode = checkMode(clientSession, socketAddress, true);
            if (checkMode == Check.ALLOW) {
                return ModifiedKeyHandling.ALLOW;
            }
            InetSocketAddress inetSocketAddress = (InetSocketAddress) socketAddress;
            String algorithm = publicKey2.getAlgorithm();
            String hostString = inetSocketAddress.getHostString();
            URIish uri = JGitUserInteraction.toURI(clientSession.getUsername(), inetSocketAddress);
            ArrayList arrayList = new ArrayList();
            arrayList.addAll(Arrays.asList(MessageFormat.format(SshdText.get().knownHostsModifiedKeyWarning, algorithm, publicKey.getAlgorithm(), hostString, KeyUtils.getFingerPrint(BuiltinDigests.md5, publicKey), KeyUtils.getFingerPrint(BuiltinDigests.sha256, publicKey), KeyUtils.getFingerPrint(BuiltinDigests.md5, publicKey2), KeyUtils.getFingerPrint(BuiltinDigests.sha256, publicKey2)).split("\n")));
            CredentialsProvider credentialsProvider = OpenSshServerKeyVerifier.getCredentialsProvider(clientSession);
            if (checkMode == Check.DENY) {
                if (credentialsProvider != null) {
                    arrayList.add(MessageFormat.format(SshdText.get().knownHostsModifiedKeyDenyMsg, path));
                    OpenSshServerKeyVerifier.askUser(credentialsProvider, uri, null, (String[]) arrayList.toArray(new String[0]));
                }
                return ModifiedKeyHandling.DENY;
            }
            ArrayList arrayList2 = new ArrayList(arrayList.size() + 2);
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                arrayList2.add(new CredentialItem.InformationalMessage((String) it.next()));
            }
            CredentialItem.YesNoType yesNoType = new CredentialItem.YesNoType(SshdText.get().knownHostsModifiedKeyAcceptPrompt);
            CredentialItem.YesNoType yesNoType2 = new CredentialItem.YesNoType(SshdText.get().knownHostsModifiedKeyStorePrompt);
            arrayList2.add(yesNoType);
            arrayList2.add(yesNoType2);
            return (credentialsProvider.get(uri, arrayList2) && yesNoType.getValue()) ? yesNoType2.getValue() ? ModifiedKeyHandling.ALLOW_AND_STORE : ModifiedKeyHandling.ALLOW : ModifiedKeyHandling.DENY;
        }

        /* synthetic */ AskUser(AskUser askUser) {
            this();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/eclipse/jgit/internal/transport/sshd/OpenSshServerKeyVerifier$HostKeyFile.class */
    public static class HostKeyFile extends ModifiableFileWatcher implements Supplier<List<KnownHostsServerKeyVerifier.HostEntryPair>> {
        private List<KnownHostsServerKeyVerifier.HostEntryPair> entries;

        public HostKeyFile(Path path) {
            super(path);
            this.entries = Collections.emptyList();
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.function.Supplier
        public List<KnownHostsServerKeyVerifier.HostEntryPair> get() {
            Path path = getPath();
            try {
                if (checkReloadRequired()) {
                    if (!Files.exists(path, new LinkOption[0])) {
                        resetReloadAttributes();
                        return Collections.emptyList();
                    }
                    LockFile lockFile = new LockFile(path.toFile());
                    if (lockFile.lock()) {
                        try {
                            this.entries = reload(getPath());
                            lockFile.unlock();
                        } catch (Throwable th) {
                            lockFile.unlock();
                            throw th;
                        }
                    } else {
                        OpenSshServerKeyVerifier.LOG.warn(MessageFormat.format(SshdText.get().knownHostsFileLockedRead, path));
                    }
                }
            } catch (IOException e) {
                OpenSshServerKeyVerifier.LOG.warn(MessageFormat.format(SshdText.get().knownHostsFileReadFailed, path));
            }
            return Collections.unmodifiableList(this.entries);
        }

        private List<KnownHostsServerKeyVerifier.HostEntryPair> reload(Path path) throws IOException {
            try {
                List<KnownHostEntry> readFromFile = KnownHostEntryReader.readFromFile(path);
                updateReloadAttributes();
                if (readFromFile == null || readFromFile.isEmpty()) {
                    return Collections.emptyList();
                }
                LinkedList linkedList = new LinkedList();
                for (KnownHostEntry knownHostEntry : readFromFile) {
                    AuthorizedKeyEntry keyEntry = knownHostEntry.getKeyEntry();
                    if (keyEntry != null) {
                        try {
                            PublicKey resolvePublicKey = keyEntry.resolvePublicKey((SessionContext) null, PublicKeyEntryResolver.IGNORING);
                            if (resolvePublicKey == null) {
                                OpenSshServerKeyVerifier.LOG.warn(MessageFormat.format(SshdText.get().knownHostsUnknownKeyType, path, knownHostEntry.getConfigLine()));
                            } else {
                                linkedList.add(new KnownHostsServerKeyVerifier.HostEntryPair(knownHostEntry, resolvePublicKey));
                            }
                        } catch (GeneralSecurityException e) {
                            OpenSshServerKeyVerifier.LOG.warn(MessageFormat.format(SshdText.get().knownHostsInvalidLine, path, knownHostEntry.getConfigLine()));
                        }
                    }
                }
                return linkedList;
            } catch (FileNotFoundException e2) {
                resetReloadAttributes();
                return Collections.emptyList();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/eclipse/jgit/internal/transport/sshd/OpenSshServerKeyVerifier$HostKeyHelper.class */
    public static class HostKeyHelper extends KnownHostsServerKeyVerifier {
        public HostKeyHelper() {
            super((clientSession, socketAddress, publicKey) -> {
                return false;
            }, new File(".").toPath());
        }

        protected KnownHostEntry prepareKnownHostEntry(ClientSession clientSession, SocketAddress socketAddress, PublicKey publicKey) throws IOException {
            try {
                return super.prepareKnownHostEntry(clientSession, socketAddress, publicKey);
            } catch (Exception e) {
                throw new IOException(e.getMessage(), e);
            }
        }

        protected String prepareModifiedServerKeyLine(ClientSession clientSession, SocketAddress socketAddress, KnownHostEntry knownHostEntry, String str, PublicKey publicKey, PublicKey publicKey2) throws IOException {
            try {
                return super.prepareModifiedServerKeyLine(clientSession, socketAddress, knownHostEntry, str, publicKey, publicKey2);
            } catch (Exception e) {
                throw new IOException(e.getMessage(), e);
            }
        }

        protected Collection<SshdSocketAddress> resolveHostNetworkIdentities(ClientSession clientSession, SocketAddress socketAddress) {
            return super.resolveHostNetworkIdentities(clientSession, socketAddress);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/eclipse/jgit/internal/transport/sshd/OpenSshServerKeyVerifier$ModifiedKeyHandling.class */
    public enum ModifiedKeyHandling {
        DENY,
        ALLOW,
        ALLOW_AND_STORE;

        /* renamed from: values, reason: to resolve conflict with enum method */
        public static ModifiedKeyHandling[] valuesCustom() {
            ModifiedKeyHandling[] valuesCustom = values();
            int length = valuesCustom.length;
            ModifiedKeyHandling[] modifiedKeyHandlingArr = new ModifiedKeyHandling[length];
            System.arraycopy(valuesCustom, 0, modifiedKeyHandlingArr, 0, length);
            return modifiedKeyHandlingArr;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/eclipse/jgit/internal/transport/sshd/OpenSshServerKeyVerifier$RevokedKeyException.class */
    public static class RevokedKeyException extends Exception {
        private static final long serialVersionUID = 1;

        private RevokedKeyException() {
        }

        /* synthetic */ RevokedKeyException(RevokedKeyException revokedKeyException) {
            this();
        }
    }

    public OpenSshServerKeyVerifier(boolean z, List<Path> list) {
        if (list != null) {
            for (Path path : list) {
                HostKeyFile hostKeyFile = new HostKeyFile(path);
                this.knownHostsFiles.put(path, hostKeyFile);
                this.defaultFiles.add(hostKeyFile);
            }
        }
        this.askAboutNewFile = z;
    }

    private List<HostKeyFile> getFilesToUse(ClientSession clientSession) {
        List<HostKeyFile> list = this.defaultFiles;
        if (clientSession instanceof JGitClientSession) {
            HostConfigEntry hostConfigEntry = ((JGitClientSession) clientSession).getHostConfigEntry();
            if (hostConfigEntry instanceof JGitHostConfigEntry) {
                List<HostKeyFile> addUserHostKeyFiles = addUserHostKeyFiles(((JGitHostConfigEntry) hostConfigEntry).getMultiValuedOptions().get("UserKnownHostsFile"));
                if (!addUserHostKeyFiles.isEmpty()) {
                    list = addUserHostKeyFiles;
                }
            }
        }
        return list;
    }

    @Override // org.eclipse.jgit.internal.transport.sshd.ServerKeyLookup
    public List<KnownHostsServerKeyVerifier.HostEntryPair> lookup(ClientSession clientSession, SocketAddress socketAddress) {
        List<HostKeyFile> filesToUse = getFilesToUse(clientSession);
        HostKeyHelper hostKeyHelper = new HostKeyHelper();
        ArrayList arrayList = new ArrayList();
        Collection<SshdSocketAddress> resolveHostNetworkIdentities = hostKeyHelper.resolveHostNetworkIdentities(clientSession, socketAddress);
        Iterator<HostKeyFile> it = filesToUse.iterator();
        while (it.hasNext()) {
            for (KnownHostsServerKeyVerifier.HostEntryPair hostEntryPair : it.next().get()) {
                KnownHostEntry hostEntry = hostEntryPair.getHostEntry();
                Iterator<SshdSocketAddress> it2 = resolveHostNetworkIdentities.iterator();
                while (true) {
                    if (!it2.hasNext()) {
                        break;
                    }
                    SshdSocketAddress next = it2.next();
                    if (hostEntry.isHostMatch(next.getHostName(), next.getPort())) {
                        arrayList.add(hostEntryPair);
                        break;
                    }
                }
            }
        }
        return arrayList;
    }

    public boolean verifyServerKey(ClientSession clientSession, SocketAddress socketAddress, PublicKey publicKey) {
        List<HostKeyFile> filesToUse = getFilesToUse(clientSession);
        AskUser askUser = new AskUser(null);
        KnownHostsServerKeyVerifier.HostEntryPair[] hostEntryPairArr = new KnownHostsServerKeyVerifier.HostEntryPair[1];
        Path path = null;
        HostKeyHelper hostKeyHelper = new HostKeyHelper();
        for (HostKeyFile hostKeyFile : filesToUse) {
            try {
                if (find(clientSession, socketAddress, publicKey, hostKeyFile.get(), hostEntryPairArr, hostKeyHelper)) {
                    return true;
                }
                if (path == null && hostEntryPairArr[0] != null) {
                    path = hostKeyFile.getPath();
                }
            } catch (RevokedKeyException e) {
                askUser.revokedKey(clientSession, socketAddress, publicKey, hostKeyFile.getPath());
                return false;
            }
        }
        if (hostEntryPairArr[0] != null) {
            ModifiedKeyHandling acceptModifiedServerKey = askUser.acceptModifiedServerKey(clientSession, socketAddress, hostEntryPairArr[0].getServerKey(), publicKey, path);
            if (acceptModifiedServerKey == ModifiedKeyHandling.ALLOW_AND_STORE) {
                try {
                    updateModifiedServerKey(clientSession, socketAddress, publicKey, hostEntryPairArr[0], path, hostKeyHelper);
                    this.knownHostsFiles.get(path).resetReloadAttributes();
                } catch (IOException e2) {
                    LOG.warn(MessageFormat.format(SshdText.get().knownHostsCouldNotUpdate, path));
                }
            }
            return acceptModifiedServerKey != ModifiedKeyHandling.DENY;
        }
        if (!askUser.acceptUnknownKey(clientSession, socketAddress, publicKey)) {
            return false;
        }
        if (filesToUse.isEmpty()) {
            return true;
        }
        HostKeyFile hostKeyFile2 = filesToUse.get(0);
        Path path2 = hostKeyFile2.getPath();
        try {
            updateKnownHostsFile(clientSession, socketAddress, publicKey, path2, hostKeyHelper);
            hostKeyFile2.resetReloadAttributes();
            return true;
        } catch (IOException e3) {
            LOG.warn(MessageFormat.format(SshdText.get().knownHostsCouldNotUpdate, path2));
            return true;
        }
    }

    private boolean find(ClientSession clientSession, SocketAddress socketAddress, PublicKey publicKey, List<KnownHostsServerKeyVerifier.HostEntryPair> list, KnownHostsServerKeyVerifier.HostEntryPair[] hostEntryPairArr, HostKeyHelper hostKeyHelper) throws RevokedKeyException {
        Collection<SshdSocketAddress> resolveHostNetworkIdentities = hostKeyHelper.resolveHostNetworkIdentities(clientSession, socketAddress);
        for (KnownHostsServerKeyVerifier.HostEntryPair hostEntryPair : list) {
            KnownHostEntry hostEntry = hostEntryPair.getHostEntry();
            for (SshdSocketAddress sshdSocketAddress : resolveHostNetworkIdentities) {
                if (hostEntry.isHostMatch(sshdSocketAddress.getHostName(), sshdSocketAddress.getPort())) {
                    boolean equals = MARKER_REVOKED.equals(hostEntry.getMarker());
                    if (KeyUtils.compareKeys(publicKey, hostEntryPair.getServerKey())) {
                        if (equals) {
                            throw new RevokedKeyException(null);
                        }
                        hostEntryPairArr[0] = null;
                        return true;
                    }
                    if (!equals) {
                        hostEntryPairArr[0] = hostEntryPair;
                    }
                }
            }
        }
        return false;
    }

    private List<HostKeyFile> addUserHostKeyFiles(List<String> list) {
        if (list == null || list.isEmpty()) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        for (String str : list) {
            try {
                Path path = Paths.get(str, new String[0]);
                arrayList.add(this.knownHostsFiles.computeIfAbsent(path, path2 -> {
                    return new HostKeyFile(path);
                }));
            } catch (InvalidPathException e) {
                LOG.warn(MessageFormat.format(SshdText.get().knownHostsInvalidPath, str));
            }
        }
        return arrayList;
    }

    private void updateKnownHostsFile(ClientSession clientSession, SocketAddress socketAddress, PublicKey publicKey, Path path, HostKeyHelper hostKeyHelper) throws IOException {
        CredentialsProvider credentialsProvider;
        KnownHostEntry prepareKnownHostEntry = hostKeyHelper.prepareKnownHostEntry(clientSession, socketAddress, publicKey);
        if (prepareKnownHostEntry == null) {
            return;
        }
        if (Files.exists(path, new LinkOption[0]) || !this.askAboutNewFile || ((credentialsProvider = getCredentialsProvider(clientSession)) != null && askUser(credentialsProvider, new URIish().setPath(path.toString()), MessageFormat.format(SshdText.get().knownHostsUserAskCreationPrompt, path), MessageFormat.format(SshdText.get().knownHostsUserAskCreationMsg, path)))) {
            LockFile lockFile = new LockFile(path.toFile());
            if (!lockFile.lockForAppend()) {
                LOG.warn(MessageFormat.format(SshdText.get().knownHostsFileLockedUpdate, path));
                return;
            }
            Throwable th = null;
            try {
                try {
                    BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(lockFile.getOutputStream(), StandardCharsets.UTF_8));
                    try {
                        bufferedWriter.newLine();
                        bufferedWriter.write(prepareKnownHostEntry.getConfigLine());
                        bufferedWriter.newLine();
                        if (bufferedWriter != null) {
                            bufferedWriter.close();
                        }
                        lockFile.commit();
                    } catch (Throwable th2) {
                        if (bufferedWriter != null) {
                            bufferedWriter.close();
                        }
                        throw th2;
                    }
                } catch (Throwable th3) {
                    if (0 == 0) {
                        th = th3;
                    } else if (null != th3) {
                        th.addSuppressed(th3);
                    }
                    throw th;
                }
            } catch (IOException e) {
                lockFile.unlock();
                throw e;
            }
        }
    }

    /* JADX WARN: Finally extract failed */
    private void updateModifiedServerKey(ClientSession clientSession, SocketAddress socketAddress, PublicKey publicKey, KnownHostsServerKeyVerifier.HostEntryPair hostEntryPair, Path path, HostKeyHelper hostKeyHelper) throws IOException {
        KnownHostEntry hostEntry = hostEntryPair.getHostEntry();
        String configLine = hostEntry.getConfigLine();
        String prepareModifiedServerKeyLine = hostKeyHelper.prepareModifiedServerKeyLine(clientSession, socketAddress, hostEntry, configLine, hostEntryPair.getServerKey(), publicKey);
        if (prepareModifiedServerKeyLine == null || prepareModifiedServerKeyLine.isEmpty() || configLine == null || configLine.isEmpty() || prepareModifiedServerKeyLine.equals(configLine)) {
            return;
        }
        LockFile lockFile = new LockFile(path.toFile());
        if (!lockFile.lock()) {
            LOG.warn(MessageFormat.format(SshdText.get().knownHostsFileLockedUpdate, path));
            return;
        }
        Throwable th = null;
        try {
            try {
                BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(lockFile.getOutputStream(), StandardCharsets.UTF_8));
                try {
                    BufferedReader newBufferedReader = Files.newBufferedReader(path, StandardCharsets.UTF_8);
                    boolean z = false;
                    while (true) {
                        try {
                            String readLine = newBufferedReader.readLine();
                            if (readLine == null) {
                                break;
                            }
                            String str = readLine;
                            if (!z) {
                                int indexOf = readLine.indexOf(35);
                                if ((indexOf < 0 ? readLine : readLine.substring(0, indexOf)).trim().equals(configLine)) {
                                    str = prepareModifiedServerKeyLine;
                                    z = true;
                                }
                            }
                            bufferedWriter.write(str);
                            bufferedWriter.newLine();
                        } catch (Throwable th2) {
                            if (newBufferedReader != null) {
                                newBufferedReader.close();
                            }
                            throw th2;
                        }
                    }
                    if (newBufferedReader != null) {
                        newBufferedReader.close();
                    }
                    if (bufferedWriter != null) {
                        bufferedWriter.close();
                    }
                    lockFile.commit();
                } catch (Throwable th3) {
                    if (0 == 0) {
                        th = th3;
                    } else if (null != th3) {
                        th.addSuppressed(th3);
                    }
                    if (bufferedWriter != null) {
                        bufferedWriter.close();
                    }
                    throw th;
                }
            } catch (Throwable th4) {
                if (0 == 0) {
                    th = th4;
                } else if (null != th4) {
                    th.addSuppressed(th4);
                }
                throw th;
            }
        } catch (IOException e) {
            lockFile.unlock();
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static CredentialsProvider getCredentialsProvider(ClientSession clientSession) {
        if (clientSession instanceof JGitClientSession) {
            return ((JGitClientSession) clientSession).getCredentialsProvider();
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean askUser(CredentialsProvider credentialsProvider, URIish uRIish, String str, String... strArr) {
        ArrayList arrayList = new ArrayList(strArr.length + 1);
        for (String str2 : strArr) {
            arrayList.add(new CredentialItem.InformationalMessage(str2));
        }
        if (str == null) {
            return credentialsProvider.get(uRIish, arrayList);
        }
        CredentialItem.YesNoType yesNoType = new CredentialItem.YesNoType(str);
        arrayList.add(yesNoType);
        return credentialsProvider.get(uRIish, arrayList) && yesNoType.getValue();
    }
}
