package ghidra.framework.client;

import ghidra.framework.remote.AnonymousCallback;
import ghidra.framework.remote.SSHSignatureCallback;
import ghidra.framework.remote.security.SSHKeyManager;
import ghidra.net.ApplicationKeyManagerFactory;
import ghidra.util.Msg;
import java.awt.Component;
import java.io.Console;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.net.Authenticator;
import java.net.MalformedURLException;
import java.net.PasswordAuthentication;
import java.net.URL;
import java.security.InvalidKeyException;
import javax.security.auth.callback.ChoiceCallback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;

/* loaded from: input_file:ghidra/framework/client/HeadlessClientAuthenticator.class */
public class HeadlessClientAuthenticator implements ClientAuthenticator {
    private static Object sshPrivateKey;
    private static boolean passwordPromptAllowed;
    private Authenticator authenticator = new Authenticator() { // from class: ghidra.framework.client.HeadlessClientAuthenticator.1
        @Override // java.net.Authenticator
        protected PasswordAuthentication getPasswordAuthentication() {
            Msg.debug(this, "PasswordAuthentication requested for " + String.valueOf(getRequestingURL()));
            String str = null;
            String requestingPrompt = getRequestingPrompt();
            if ("security".equals(requestingPrompt)) {
                requestingPrompt = null;
            }
            URL requestingURL = getRequestingURL();
            if (requestingURL != null) {
                URL url = null;
                try {
                    url = new URL(requestingURL, "/");
                } catch (MalformedURLException e) {
                }
                str = "Access password requested for " + (url != null ? url.toExternalForm() : requestingURL.getAuthority());
                requestingPrompt = "Password:";
            }
            if (requestingPrompt == null) {
                String requestingHost = getRequestingHost();
                requestingPrompt = (requestingHost != null ? requestingHost + " " : "") + "(" + HeadlessClientAuthenticator.userID + ") Password:";
            }
            return new PasswordAuthentication(HeadlessClientAuthenticator.userID, HeadlessClientAuthenticator.this.getPassword(str, requestingPrompt));
        }
    };
    private static final char[] BADPASSWORD = "".toCharArray();
    private static String userID = ClientUtil.getUserName();

    @Override // ghidra.framework.client.ClientAuthenticator
    public Authenticator getAuthenticator() {
        return this.authenticator;
    }

    public static void installHeadlessClientAuthenticator(String str, String str2, boolean z) throws IOException {
        passwordPromptAllowed = z;
        if (str != null) {
            userID = str;
        }
        sshPrivateKey = null;
        ClientUtil.setClientAuthenticator(new HeadlessClientAuthenticator());
        if (str2 == null) {
            sshPrivateKey = null;
            return;
        }
        File file = new File(str2);
        if (file.exists()) {
            boolean z2 = false;
            try {
                sshPrivateKey = SSHKeyManager.getSSHPrivateKey(file);
                z2 = true;
                Msg.info(HeadlessClientAuthenticator.class, "Loaded SSH key: " + str2);
            } catch (IOException e) {
                Msg.error(HeadlessClientAuthenticator.class, "Failed to open keystore for SSH use: " + str2, e);
            } catch (InvalidKeyException e2) {
                if (ApplicationKeyManagerFactory.setKeyStore(str2, false)) {
                    z2 = true;
                    Msg.info(HeadlessClientAuthenticator.class, "Loaded PKI keystore: " + str2);
                }
            }
            if (!z2) {
                throw new IOException("Failed to parse keystore: " + str2);
            }
            return;
        }
        InputStream resourceAsStream = HeadlessClientAuthenticator.class.getResourceAsStream(str2);
        if (resourceAsStream == null) {
            if (resourceAsStream != null) {
                resourceAsStream.close();
            }
            Msg.error(HeadlessClientAuthenticator.class, "Keystore not found: " + str2);
            throw new FileNotFoundException("Keystore not found: " + str2);
        }
        try {
            try {
                sshPrivateKey = SSHKeyManager.getSSHPrivateKey(resourceAsStream);
                Msg.info(HeadlessClientAuthenticator.class, "Loaded SSH key: " + str2);
                if (resourceAsStream != null) {
                    resourceAsStream.close();
                }
            } catch (Exception e3) {
                Msg.error(HeadlessClientAuthenticator.class, "Failed to open keystore for SSH use: " + str2, e3);
                throw new IOException("Failed to parse keystore: " + str2);
            }
        } catch (Throwable th) {
            if (resourceAsStream != null) {
                try {
                    resourceAsStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private char[] getPassword(String str, String str2) {
        if (!passwordPromptAllowed) {
            Msg.warn(this, "Headless client not configured to supply required password");
            return BADPASSWORD;
        }
        char[] cArr = null;
        String str3 = "";
        if (str != null) {
            try {
                str3 = (str3 + str) + "\n";
            } catch (IOException e) {
                Msg.error(this, "Error reading standard-input for password", e);
            }
        }
        if (str2 == null) {
            str2 = "Password:";
        }
        Console console = System.console();
        if (console == null) {
            System.out.print(str3 + "*** WARNING! Password entry will NOT be masked ***\n" + str2);
            while (true) {
                int read = System.in.read();
                if (read <= 0 || (Character.isWhitespace((char) read) && read != 32)) {
                    break;
                }
                if (cArr == null) {
                    cArr = new char[1];
                } else {
                    char[] cArr2 = new char[cArr.length + 1];
                    for (int i = 0; i < cArr.length; i++) {
                        cArr2[i] = cArr[i];
                        cArr[i] = 0;
                    }
                    cArr = cArr2;
                }
                cArr[cArr.length - 1] = (char) read;
            }
        } else {
            cArr = console.readPassword(str3 + str2 + " ", new Object[0]);
        }
        return cArr;
    }

    @Override // ghidra.framework.client.ClientAuthenticator
    public char[] getNewPassword(Component component, String str, String str2) {
        throw new UnsupportedOperationException("Server password change not permitted");
    }

    @Override // ghidra.framework.client.ClientAuthenticator
    public boolean processPasswordCallbacks(String str, String str2, String str3, NameCallback nameCallback, PasswordCallback passwordCallback, ChoiceCallback choiceCallback, AnonymousCallback anonymousCallback, String str4) {
        if (anonymousCallback != null && !passwordPromptAllowed) {
            anonymousCallback.setAnonymousAccessRequested(true);
            return true;
        }
        if (choiceCallback != null) {
            choiceCallback.setSelectedIndex(1);
        }
        if (nameCallback != null && userID != null) {
            nameCallback.setName(userID);
        }
        String str5 = null;
        if (str3 != null) {
            str5 = str2 + ": " + str3;
        }
        char[] password = getPassword(str5, passwordCallback.getPrompt());
        passwordCallback.setPassword(password);
        return password != null;
    }

    @Override // ghidra.framework.client.ClientAuthenticator
    public boolean promptForReconnect(Component component, String str) {
        return false;
    }

    @Override // ghidra.security.KeyStorePasswordProvider
    public char[] getKeyStorePassword(String str, boolean z) {
        if (!z) {
            return getPassword("Certificate keystore: " + str, "Keystore password: ");
        }
        if (passwordPromptAllowed) {
            Msg.error(this, "Incorrect keystore password specified: " + str);
            return null;
        }
        Msg.error(this, "Keystore password required but password entry has been disabled: " + str);
        return null;
    }

    @Override // ghidra.framework.client.ClientAuthenticator
    public boolean processSSHSignatureCallbacks(String str, NameCallback nameCallback, SSHSignatureCallback sSHSignatureCallback) {
        if (sshPrivateKey == null) {
            return false;
        }
        if (nameCallback != null) {
            nameCallback.setName(userID);
        }
        try {
            sSHSignatureCallback.sign(sshPrivateKey);
            return true;
        } catch (IOException e) {
            Msg.error(this, "Failed to authenticate with SSH private key", e);
            return false;
        }
    }

    @Override // ghidra.framework.client.ClientAuthenticator
    public boolean isSSHKeyAvailable() {
        return sshPrivateKey != null;
    }
}
