package cn.schoolwow.ssh.flow.authenticate.type;

import cn.schoolwow.quickflow.domain.FlowContext;
import cn.schoolwow.quickflow.flow.BusinessFlow;
import cn.schoolwow.ssh.domain.QuickSSHConfig;
import cn.schoolwow.ssh.domain.SSHMessageCode;
import cn.schoolwow.ssh.domain.exception.SSHException;
import cn.schoolwow.ssh.domain.host.SSHSessionConfig;
import cn.schoolwow.ssh.domain.stream.DistinguishedEncodingRule;
import cn.schoolwow.ssh.domain.stream.SSHString;
import cn.schoolwow.ssh.flow.algorithm.cipher.AESCipherFlow;
import cn.schoolwow.ssh.flow.algorithm.hostkey.RSAHostKeyFlow;
import cn.schoolwow.ssh.flow.session.WriteSSHProtocolPayloadFlow;
import cn.schoolwow.ssh.stream.SSHInputStreamImpl;
import cn.schoolwow.ssh.stream.SSHOutputStreamImpl;
import cn.schoolwow.ssh.util.SSHDigest;
import cn.schoolwow.ssh.util.SSHUtil;
import com.alibaba.fastjson.JSONObject;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.security.KeyFactory;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.Base64;

/* loaded from: input_file:cn/schoolwow/ssh/flow/authenticate/type/PublicKeyAuthenticateFlow.class */
public class PublicKeyAuthenticateFlow implements BusinessFlow {
    private static String prefix = "-----BEGIN RSA PRIVATE KEY-----";
    private static String suffix = "-----END RSA PRIVATE KEY-----";

    public void executeBusinessFlow(FlowContext flowContext) throws Exception {
        checkPublicKeyType(flowContext);
        getPrivateKeyBytes(flowContext);
        writePublicKeyBlobAndSign(flowContext);
    }

    public String name() {
        return "根据公钥登录";
    }

    private void checkPublicKeyType(FlowContext flowContext) throws IOException {
        QuickSSHConfig quickSSHConfig = (QuickSSHConfig) flowContext.checkData("quickSSHConfig");
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("host", quickSSHConfig.sshHostConfig.host);
        jSONObject.put("publicKeyFilePath", quickSSHConfig.sshHostConfig.publickeyFilePath);
        flowContext.putData("userLogin", jSONObject);
        String str = new String(Files.readAllBytes(quickSSHConfig.sshHostConfig.publickeyFilePath), StandardCharsets.UTF_8);
        if (!str.startsWith(prefix) && !str.endsWith(suffix)) {
            throw new SSHException("目前仅支持RSA私钥格式文件!");
        }
        flowContext.putTemporaryData("publicKeyContent", str);
    }

    private void getPrivateKeyBytes(FlowContext flowContext) throws Exception {
        byte[] decode;
        QuickSSHConfig quickSSHConfig = (QuickSSHConfig) flowContext.checkData("quickSSHConfig");
        String str = (String) flowContext.checkData("publicKeyContent");
        if (str.contains("DEK-Info: AES-128-CBC,")) {
            int indexOf = str.indexOf("DEK-Info: AES-128-CBC,") + "DEK-Info: AES-128-CBC,".length();
            byte[] hexToByteArray = SSHUtil.hexToByteArray(str.substring(indexOf, indexOf + 32));
            byte[] decode2 = Base64.getDecoder().decode(str.substring(indexOf + 34, str.indexOf(suffix)).replace("\n", ""));
            AESCipherFlow aESCipherFlow = new AESCipherFlow();
            byte[] bArr = new byte[quickSSHConfig.sshHostConfig.passphrase.length + 8];
            System.arraycopy(quickSSHConfig.sshHostConfig.passphrase, 0, bArr, 0, quickSSHConfig.sshHostConfig.passphrase.length);
            System.arraycopy(hexToByteArray, 0, bArr, quickSSHConfig.sshHostConfig.passphrase.length, 8);
            decode = aESCipherFlow.getS2CCipher(hexToByteArray, SSHDigest.MD5.getMessageDigest().digest(bArr), "aes128-cbc").doFinal(decode2);
        } else {
            decode = Base64.getDecoder().decode(str.substring(prefix.length() + 1, str.indexOf(suffix)));
        }
        flowContext.putTemporaryData("privateKeyBytes", decode);
    }

    private void writePublicKeyBlobAndSign(FlowContext flowContext) throws Exception {
        QuickSSHConfig quickSSHConfig = (QuickSSHConfig) flowContext.checkData("quickSSHConfig");
        SSHSessionConfig sSHSessionConfig = (SSHSessionConfig) flowContext.checkData("sshSessionConfig");
        SSHInputStreamImpl sSHInputStreamImpl = new SSHInputStreamImpl(new SSHInputStreamImpl((byte[]) flowContext.checkData("privateKeyBytes")).readDER().content);
        DistinguishedEncodingRule readDER = sSHInputStreamImpl.readDER();
        DistinguishedEncodingRule readDER2 = sSHInputStreamImpl.readDER();
        BigInteger bigInteger = new BigInteger(readDER2.content);
        BigInteger bigInteger2 = new BigInteger(sSHInputStreamImpl.readDER().content);
        DistinguishedEncodingRule readDER3 = sSHInputStreamImpl.readDER();
        BigInteger bigInteger3 = new BigInteger(readDER3.content);
        DistinguishedEncodingRule readDER4 = sSHInputStreamImpl.readDER();
        BigInteger bigInteger4 = new BigInteger(readDER4.content);
        DistinguishedEncodingRule readDER5 = sSHInputStreamImpl.readDER();
        BigInteger bigInteger5 = new BigInteger(readDER5.content);
        DistinguishedEncodingRule readDER6 = sSHInputStreamImpl.readDER();
        BigInteger bigInteger6 = new BigInteger(readDER6.content);
        DistinguishedEncodingRule readDER7 = sSHInputStreamImpl.readDER();
        BigInteger bigInteger7 = new BigInteger(readDER7.content);
        DistinguishedEncodingRule readDER8 = sSHInputStreamImpl.readDER();
        new BigInteger(readDER8.content);
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("私钥文件版本号", Integer.valueOf(new BigInteger(readDER.content).intValue()));
        jSONObject.put("私钥文件modulus", SSHUtil.byteArrayToHex(readDER2.content));
        jSONObject.put("私钥文件publicExponent", Integer.valueOf(new BigInteger(readDER.content).intValue()));
        jSONObject.put("私钥文件privateExponent", SSHUtil.byteArrayToHex(readDER3.content));
        jSONObject.put("私钥文件prime1", SSHUtil.byteArrayToHex(readDER4.content));
        jSONObject.put("私钥文件prime2", SSHUtil.byteArrayToHex(readDER5.content));
        jSONObject.put("私钥文件exponent1", SSHUtil.byteArrayToHex(readDER6.content));
        jSONObject.put("私钥文件exponent2", SSHUtil.byteArrayToHex(readDER7.content));
        jSONObject.put("私钥文件coefficient", SSHUtil.byteArrayToHex(readDER8.content));
        flowContext.putData("私钥文件日志", jSONObject);
        if (!bigInteger6.equals(bigInteger3.mod(bigInteger4.subtract(BigInteger.ONE)))) {
            throw new SSHException("私钥文件校验失败!校验 exponent1 = d mod (p-1)失败!");
        }
        if (!bigInteger7.equals(bigInteger3.mod(bigInteger5.subtract(BigInteger.ONE)))) {
            throw new SSHException("私钥文件校验失败!校验 exponent2 = d mod (q-1)失败!");
        }
        SSHOutputStreamImpl sSHOutputStreamImpl = new SSHOutputStreamImpl();
        sSHOutputStreamImpl.writeByte(SSHMessageCode.SSH_MSG_USERAUTH_REQUEST.value);
        sSHOutputStreamImpl.writeSSHString(new SSHString(quickSSHConfig.sshHostConfig.username));
        sSHOutputStreamImpl.writeSSHString(new SSHString("ssh-connection"));
        sSHOutputStreamImpl.writeSSHString(new SSHString("publickey"));
        sSHOutputStreamImpl.writeBoolean(true);
        sSHOutputStreamImpl.writeSSHString(new SSHString("ssh-rsa"));
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        flowContext.putCurrentCompositeFlowData("publicKey", (RSAPublicKey) keyFactory.generatePublic(new RSAPublicKeySpec(bigInteger, bigInteger2)));
        RSAHostKeyFlow rSAHostKeyFlow = new RSAHostKeyFlow();
        rSAHostKeyFlow.formatPublicKey(flowContext);
        sSHOutputStreamImpl.writeSSHString((SSHString) flowContext.checkData("publicKeySSHString"));
        byte[] byteArray = sSHOutputStreamImpl.toByteArray();
        flowContext.putTemporaryData("commonBytes", byteArray);
        sSHOutputStreamImpl.reset();
        sSHOutputStreamImpl.writeSSHString(new SSHString(sSHSessionConfig.sessionId));
        sSHOutputStreamImpl.write(byteArray);
        flowContext.putCurrentCompositeFlowData("privateKey", (RSAPrivateKey) keyFactory.generatePrivate(new RSAPrivateKeySpec(bigInteger, bigInteger3)));
        flowContext.putCurrentCompositeFlowData("content", sSHOutputStreamImpl.toByteArray());
        rSAHostKeyFlow.sign(flowContext);
        byte[] bArr = (byte[]) flowContext.checkData("signBytes");
        sSHOutputStreamImpl.reset();
        sSHOutputStreamImpl.write(byteArray);
        sSHOutputStreamImpl.writeSSHString(new SSHString(bArr));
        flowContext.startFlow(new WriteSSHProtocolPayloadFlow()).putTemporaryData("payload", sSHOutputStreamImpl.toByteArray()).execute();
    }
}
