package com.trilead.ssh2.userauth.keyprovider;

import android.util.Log;
import b.b.b.a.a;
import com.hierynomus.sshj.transport.cipher.BlockCiphers;
import com.trilead.ssh2.common.Base64;
import com.trilead.ssh2.common.IOUtils;
import com.trilead.ssh2.common.KeyType;
import com.trilead.ssh2.crypto.keys.Ed25519PrivateKey;
import java.io.BufferedReader;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.nio.CharBuffer;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.DSAPrivateKeySpec;
import java.security.spec.DSAPublicKeySpec;
import java.security.spec.ECPrivateKeySpec;
import java.security.spec.RSAPrivateKeySpec;
import java.util.Arrays;
import net.schmizz.sshj.common.Buffer;
import net.schmizz.sshj.common.ByteArrayUtils;
import net.schmizz.sshj.common.Factory;
import net.schmizz.sshj.common.SSHRuntimeException;
import net.schmizz.sshj.common.SecurityUtils;
import net.schmizz.sshj.transport.cipher.Cipher;
import org.bouncycastle.asn1.nist.NISTNamedCurves;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.jce.spec.ECNamedCurveSpec;
import org.mindrot.jbcrypt.BCrypt;

/* loaded from: classes.dex */
public class OpenSSHKeyV1KeyFile extends BaseFileKeyProvider {

    /* renamed from: e, reason: collision with root package name */
    public static final byte[] f5863e = "openssh-key-v1\u0000".getBytes();

    /* renamed from: com.trilead.ssh2.userauth.keyprovider.OpenSSHKeyV1KeyFile$1, reason: invalid class name */
    /* loaded from: classes.dex */
    public static /* synthetic */ class AnonymousClass1 {
        public static final /* synthetic */ int[] a;

        static {
            KeyType.values();
            int[] iArr = new int[9];
            a = iArr;
            try {
                iArr[5] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                a[0] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                a[1] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                a[2] = 4;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                a[3] = 5;
            } catch (NoSuchFieldError unused5) {
            }
            try {
                a[4] = 6;
            } catch (NoSuchFieldError unused6) {
            }
        }
    }

    /* loaded from: classes.dex */
    public static class Factory implements Factory.Named<FileKeyProvider> {
        @Override // net.schmizz.sshj.common.Factory
        public Object create() {
            return new OpenSSHKeyV1KeyFile();
        }

        @Override // net.schmizz.sshj.common.Factory.Named
        public String getName() {
            return KeyFormat.OpenSSHv1.name();
        }
    }

    @Override // com.trilead.ssh2.userauth.keyprovider.BaseFileKeyProvider
    public KeyPair c() {
        BufferedReader bufferedReader = new BufferedReader(this.a.a());
        try {
            try {
                String readLine = bufferedReader.readLine();
                while (readLine != null && !readLine.startsWith("-----BEGIN ")) {
                    readLine = bufferedReader.readLine();
                }
                if (!readLine.substring(11).startsWith(com.hierynomus.sshj.userauth.keyprovider.OpenSSHKeyV1KeyFile.OPENSSH_PRIVATE_KEY)) {
                    throw new IOException("This key is not in 'openssh-key-v1' format");
                }
                KeyPair e2 = e(new Buffer.PlainBuffer(Base64.a(f(bufferedReader))));
                IOUtils.a(bufferedReader);
                return e2;
            } catch (GeneralSecurityException e3) {
                throw new SSHRuntimeException(e3);
            }
        } catch (Throwable th) {
            IOUtils.a(bufferedReader);
            throw th;
        }
    }

    public final PrivateKey d(KeyType keyType, Buffer.PlainBuffer plainBuffer, String str) {
        keyType.e(plainBuffer);
        BigInteger bigInteger = new BigInteger(1, plainBuffer.readBytes());
        X9ECParameters byName = NISTNamedCurves.getByName(str);
        return SecurityUtils.getKeyFactory("EC").generatePrivate(new ECPrivateKeySpec(bigInteger, new ECNamedCurveSpec(str, byName.getCurve(), byName.getG(), byName.getN())));
    }

    public final KeyPair e(Buffer.PlainBuffer plainBuffer) {
        Cipher create;
        byte[] bArr = f5863e;
        byte[] bArr2 = new byte[bArr.length];
        plainBuffer.readRawBytes(bArr2);
        if (!ByteArrayUtils.equals(bArr2, 0, bArr, 0, bArr.length)) {
            throw new IOException("This key does not contain the 'openssh-key-v1' format magic header");
        }
        String readString = plainBuffer.readString();
        String readString2 = plainBuffer.readString();
        byte[] readBytes = plainBuffer.readBytes();
        if (plainBuffer.readUInt32AsInt() != 1) {
            throw new IOException("We don't support having more than 1 key in the file (yet).");
        }
        Buffer.PlainBuffer plainBuffer2 = new Buffer.PlainBuffer(plainBuffer.readBytes());
        PublicKey e2 = KeyType.a(plainBuffer2.readString()).e(plainBuffer2);
        Buffer.PlainBuffer plainBuffer3 = new Buffer.PlainBuffer(plainBuffer.readBytes());
        if ("none".equals(readString)) {
            Log.d("OpenSSHKeyV1KeyFile", "Reading unencrypted keypair");
            return g(plainBuffer3, e2);
        }
        StringBuilder g0 = a.g0("Keypair is encrypted with: ", readString, ", ", readString2, ", ");
        g0.append(Arrays.toString(readBytes));
        Log.d("OpenSSHKeyV1KeyFile", g0.toString());
        if (readString.equals(BlockCiphers.AES256CTR().getName())) {
            create = BlockCiphers.AES256CTR().create();
        } else {
            if (!readString.equals(BlockCiphers.AES256CBC().getName())) {
                throw new IllegalStateException(a.C("Cipher '", readString, "' not currently implemented for openssh-key-v1 format"));
            }
            create = BlockCiphers.AES256CBC().create();
        }
        if (!readString2.equals(com.hierynomus.sshj.userauth.keyprovider.OpenSSHKeyV1KeyFile.BCRYPT)) {
            throw new IllegalStateException(a.C("No support for KDF '", readString2, "'."));
        }
        Buffer.PlainBuffer plainBuffer4 = new Buffer.PlainBuffer(readBytes);
        byte[] bArr3 = new byte[0];
        String str = this.f5854c;
        if (str != null) {
            ByteBuffer encode = StandardCharsets.UTF_8.encode(CharBuffer.wrap(str));
            bArr3 = Arrays.copyOfRange(encode.array(), encode.position(), encode.limit());
        }
        byte[] bArr4 = new byte[48];
        new BCrypt().pbkdf(bArr3, plainBuffer4.readBytes(), plainBuffer4.readUInt32AsInt(), bArr4);
        create.init(Cipher.Mode.Decrypt, Arrays.copyOfRange(bArr4, 0, 32), Arrays.copyOfRange(bArr4, 32, 48));
        byte[] array = plainBuffer3.array();
        create.update(array, 0, plainBuffer3.available());
        return g(new Buffer.PlainBuffer(array), e2);
    }

    public final String f(BufferedReader bufferedReader) {
        StringBuilder sb = new StringBuilder();
        String readLine = bufferedReader.readLine();
        while (!readLine.startsWith("-----END ")) {
            sb.append(readLine);
            readLine = bufferedReader.readLine();
        }
        return sb.toString();
    }

    public final KeyPair g(Buffer.PlainBuffer plainBuffer, PublicKey publicKey) {
        KeyPair keyPair;
        if (plainBuffer.available() % 8 != 0) {
            throw new IOException("The private key section must be a multiple of the block size (8)");
        }
        if (plainBuffer.readUInt32AsInt() != plainBuffer.readUInt32AsInt()) {
            throw new IOException("The checkInts differed, the key was not correctly decoded.");
        }
        String readString = plainBuffer.readString();
        KeyType a = KeyType.a(readString);
        Log.d("OpenSSHKeyV1KeyFile", "Read key type: " + readString + " " + a);
        int ordinal = a.ordinal();
        if (ordinal == 0) {
            BigInteger readMPInt = plainBuffer.readMPInt();
            plainBuffer.readMPInt();
            BigInteger readMPInt2 = plainBuffer.readMPInt();
            plainBuffer.readMPInt();
            plainBuffer.readMPInt();
            plainBuffer.readMPInt();
            keyPair = new KeyPair(publicKey, SecurityUtils.getKeyFactory("RSA").generatePrivate(new RSAPrivateKeySpec(readMPInt, readMPInt2)));
        } else if (ordinal == 1) {
            KeyFactory keyFactory = KeyFactory.getInstance("DSA");
            BigInteger readMPInt3 = plainBuffer.readMPInt();
            BigInteger readMPInt4 = plainBuffer.readMPInt();
            BigInteger readMPInt5 = plainBuffer.readMPInt();
            keyPair = new KeyPair(keyFactory.generatePublic(new DSAPublicKeySpec(plainBuffer.readMPInt(), readMPInt3, readMPInt4, readMPInt5)), keyFactory.generatePrivate(new DSAPrivateKeySpec(plainBuffer.readMPInt(), readMPInt3, readMPInt4, readMPInt5)));
        } else if (ordinal != 2) {
            int i2 = 7 << 3;
            if (ordinal == 3) {
                keyPair = new KeyPair(publicKey, d(a, plainBuffer, "P-384"));
            } else if (ordinal == 4) {
                keyPair = new KeyPair(publicKey, d(a, plainBuffer, "P-521"));
            } else {
                if (ordinal != 5) {
                    throw new IOException(a.C("Cannot decode keytype ", readString, " in openssh-key-v1 files (yet)."));
                }
                plainBuffer.readBytes();
                plainBuffer.readUInt32();
                byte[] bArr = new byte[32];
                plainBuffer.readRawBytes(bArr);
                plainBuffer.readRawBytes(new byte[32]);
                keyPair = new KeyPair(publicKey, new Ed25519PrivateKey(bArr));
            }
        } else {
            keyPair = new KeyPair(publicKey, d(a, plainBuffer, "P-256"));
        }
        plainBuffer.readString();
        int available = plainBuffer.available();
        byte[] bArr2 = new byte[available];
        plainBuffer.readRawBytes(bArr2);
        int i3 = 0;
        while (i3 < available) {
            int i4 = i3 + 1;
            if (bArr2[i3] != i4) {
                throw new IOException(a.r("Padding of key format contained wrong byte at position: ", i3));
            }
            i3 = i4;
        }
        return keyPair;
    }
}
