package org.apache.karaf.shell.ssh;

import java.io.IOException;
import java.net.SocketAddress;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import org.apache.sshd.ClientSession;
import org.apache.sshd.client.ServerKeyVerifier;

/* loaded from: input_file:org/apache/karaf/shell/ssh/ServerKeyVerifierImpl.class */
public class ServerKeyVerifierImpl implements ServerKeyVerifier {
    private final KnownHostsManager knownHostsManager;
    private final boolean quiet;
    private static final String keyChangedMessage = " @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ \n @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!      @ \n @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ \nIT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!\nSomeone could be eavesdropping on you right now (man-in-the-middle attack)!\nIt is also possible that the RSA host key has just been changed.\nPlease contact your system administrator.\nAdd correct host key in " + System.getProperty("user.home") + "/.sshkaraf/known_hosts to get rid of this message.\nOffending key in " + System.getProperty("user.home") + "/.sshkaraf/known_hosts\nRSA host key has changed and you have requested strict checking.\nHost key verification failed.";

    public ServerKeyVerifierImpl(KnownHostsManager knownHostsManager, boolean z) {
        this.knownHostsManager = knownHostsManager;
        this.quiet = z;
    }

    public boolean verifyServerKey(ClientSession clientSession, SocketAddress socketAddress, PublicKey publicKey) {
        boolean z;
        try {
            PublicKey knownKey = this.knownHostsManager.getKnownKey(socketAddress, publicKey.getAlgorithm());
            if (knownKey != null) {
                boolean equals = knownKey.equals(publicKey);
                if (!equals) {
                    System.err.println("Server key for host " + socketAddress + " does not match the stored key !! Terminating session.");
                    System.err.println(keyChangedMessage);
                }
                return equals;
            }
            if (this.quiet) {
                System.out.println("Connecting to unknown server. Automatically adding to known hosts.");
                z = true;
            } else {
                System.out.println("Connecting to unknown server. Add this server to known hosts ? (y/n)");
                z = getConfirmation();
            }
            if (z) {
                this.knownHostsManager.storeKeyForHost(socketAddress, publicKey);
                System.out.println("Storing the server key in known_hosts.");
            } else {
                System.out.println("Aborting connection");
            }
            return z;
        } catch (InvalidKeySpecException e) {
            System.err.println("Invalid key stored for host " + socketAddress + ". Terminating session.");
            return false;
        }
    }

    private boolean getConfirmation() {
        int read;
        do {
            try {
                read = System.in.read();
                if (read == 121) {
                    break;
                }
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        } while (read != 110);
        return read == 121;
    }
}
