package com.hierynomus.sshj.userauth.keyprovider;

import com.android.tcplugins.FileSystem.i;
import com.android.tcplugins.FileSystem.k0;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.IOException;
import java.io.Reader;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.nio.CharBuffer;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.ECPrivateKeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.util.Arrays;
import net.schmizz.sshj.common.Base64;
import net.schmizz.sshj.common.Buffer;
import net.schmizz.sshj.common.ByteArrayUtils;
import net.schmizz.sshj.common.IOUtils;
import net.schmizz.sshj.common.KeyType;
import net.schmizz.sshj.common.SSHRuntimeException;
import net.schmizz.sshj.common.SecurityUtils;
import net.schmizz.sshj.transport.cipher.Cipher;
import net.schmizz.sshj.userauth.keyprovider.BaseFileKeyProvider;
import net.schmizz.sshj.userauth.password.PasswordFinder;
import org.mindrot.jbcrypt.BCryptNative;
import xch.bouncycastle.asn1.nist.NISTNamedCurves;
import xch.bouncycastle.asn1.x9.X9ECParameters;
import xch.bouncycastle.jce.spec.ECNamedCurveSpec;

/* loaded from: classes.dex */
public class e extends BaseFileKeyProvider {

    /* renamed from: i, reason: collision with root package name */
    private static final String f354i = "-----BEGIN ";

    /* renamed from: j, reason: collision with root package name */
    private static final String f355j = "-----END ";

    /* renamed from: l, reason: collision with root package name */
    public static final String f357l = "OPENSSH PRIVATE KEY-----";

    /* renamed from: m, reason: collision with root package name */
    public static final String f358m = "bcrypt";

    /* renamed from: f, reason: collision with root package name */
    private PublicKey f359f;

    /* renamed from: g, reason: collision with root package name */
    protected final org.slf4j.c f360g = org.slf4j.d.e(getClass());

    /* renamed from: h, reason: collision with root package name */
    private static final org.slf4j.c f353h = org.slf4j.d.e(e.class);

    /* renamed from: k, reason: collision with root package name */
    private static final byte[] f356k = "openssh-key-v1\u0000".getBytes();

    private boolean k(BufferedReader bufferedReader) throws IOException {
        String readLine;
        do {
            readLine = bufferedReader.readLine();
            if (readLine == null) {
                break;
            }
        } while (!readLine.startsWith(f354i));
        if (readLine == null) {
            return false;
        }
        return readLine.substring(11).startsWith(f357l);
    }

    private Cipher l(String str) {
        com.hierynomus.sshj.transport.cipher.a a2;
        if (str.equals(com.hierynomus.sshj.transport.cipher.b.f().getName())) {
            a2 = com.hierynomus.sshj.transport.cipher.b.f();
        } else if (str.equals(com.hierynomus.sshj.transport.cipher.b.e().getName())) {
            a2 = com.hierynomus.sshj.transport.cipher.b.e();
        } else {
            if (!str.equals(com.hierynomus.sshj.transport.cipher.b.a().getName())) {
                throw new IllegalStateException(k0.a("Cipher '", str, "' not currently implemented for openssh-key-v1 format"));
            }
            a2 = com.hierynomus.sshj.transport.cipher.b.a();
        }
        return a2.b();
    }

    private PrivateKey m(KeyType keyType, Buffer.PlainBuffer plainBuffer, String str) throws GeneralSecurityException, Buffer.BufferException {
        keyType.p(plainBuffer);
        BigInteger bigInteger = new BigInteger(1, plainBuffer.F());
        X9ECParameters b2 = NISTNamedCurves.b(str);
        return SecurityUtils.f(g.a.f514c).generatePrivate(new ECPrivateKeySpec(bigInteger, new ECNamedCurveSpec(str, b2.p(), b2.s(), b2.v())));
    }

    private Buffer.PlainBuffer n(Buffer.PlainBuffer plainBuffer, String str, String str2, byte[] bArr) throws IOException {
        Cipher l2 = l(str);
        p(str2, bArr, l2);
        byte[] a2 = plainBuffer.a();
        l2.update(a2, 0, plainBuffer.b());
        return new Buffer.PlainBuffer(a2);
    }

    private void o(Reader reader) throws IOException {
        a b2 = b.b(reader);
        this.f913d = b2.b();
        this.f359f = b2.a();
    }

    private void p(String str, byte[] bArr, Cipher cipher) throws Buffer.BufferException {
        if (!str.equals(f358m)) {
            throw new IllegalStateException(k0.a("No support for KDF '", str, "'."));
        }
        Buffer.PlainBuffer plainBuffer = new Buffer.PlainBuffer(bArr);
        byte[] bArr2 = new byte[0];
        PasswordFinder passwordFinder = this.f911b;
        if (passwordFinder != null) {
            CharBuffer wrap = CharBuffer.wrap(passwordFinder.b(null));
            ByteBuffer encode = Charset.forName("UTF-8").encode(wrap);
            byte[] copyOfRange = Arrays.copyOfRange(encode.array(), encode.position(), encode.limit());
            Arrays.fill(wrap.array(), (char) 0);
            Arrays.fill(encode.array(), (byte) 0);
            bArr2 = copyOfRange;
        }
        byte[] bArr3 = new byte[cipher.e() + cipher.o()];
        try {
            new BCryptNative().pbkdfNative(bArr2, plainBuffer.F(), (int) plainBuffer.N(), bArr3);
        } catch (Throwable unused) {
            new l.a().o(bArr2, plainBuffer.F(), (int) plainBuffer.N(), bArr3);
        }
        Arrays.fill(bArr2, (byte) 0);
        cipher.n(Cipher.Mode.Decrypt, Arrays.copyOfRange(bArr3, 0, cipher.e()), Arrays.copyOfRange(bArr3, cipher.e(), cipher.e() + cipher.o()));
    }

    private KeyPair q(Buffer.PlainBuffer plainBuffer) throws IOException, GeneralSecurityException {
        byte[] bArr = f356k;
        byte[] bArr2 = new byte[bArr.length];
        plainBuffer.I(bArr2);
        if (!ByteArrayUtils.b(bArr2, 0, bArr, 0, bArr.length)) {
            throw new IOException("This key does not contain the 'openssh-key-v1' format magic header");
        }
        String K = plainBuffer.K();
        String K2 = plainBuffer.K();
        byte[] F = plainBuffer.F();
        if (((int) plainBuffer.N()) != 1) {
            throw new IOException("We don't support having more than 1 key in the file (yet).");
        }
        PublicKey publicKey = this.f359f;
        if (publicKey == null) {
            publicKey = s(new Buffer.PlainBuffer(plainBuffer.F()));
        } else {
            plainBuffer.F();
        }
        Buffer.PlainBuffer plainBuffer2 = new Buffer.PlainBuffer(plainBuffer.F());
        if ("none".equals(K)) {
            f353h.Q("Reading unencrypted keypair");
            return u(plainBuffer2, publicKey);
        }
        f353h.p0("Keypair is encrypted with: " + K + ", " + K2 + ", " + Arrays.toString(F));
        do {
            try {
                return u(n(new Buffer.PlainBuffer(plainBuffer2), K, K2, F), publicKey);
            } catch (g.b e2) {
                if (this.f911b == null) {
                    break;
                }
                throw e2;
            }
        } while (this.f911b.a(this.f910a));
        throw e2;
    }

    private String r(BufferedReader bufferedReader) throws IOException {
        StringBuilder sb = new StringBuilder();
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine.startsWith(f355j)) {
                return sb.toString();
            }
            sb.append(readLine);
        }
    }

    private PublicKey s(Buffer.PlainBuffer plainBuffer) throws Buffer.BufferException, GeneralSecurityException {
        return KeyType.j(plainBuffer.K()).p(plainBuffer);
    }

    private RSAPrivateCrtKeySpec t(Buffer.PlainBuffer plainBuffer) throws Buffer.BufferException {
        BigInteger G = plainBuffer.G();
        BigInteger G2 = plainBuffer.G();
        BigInteger G3 = plainBuffer.G();
        BigInteger G4 = plainBuffer.G();
        BigInteger G5 = plainBuffer.G();
        BigInteger G6 = plainBuffer.G();
        BigInteger bigInteger = BigInteger.ONE;
        return new RSAPrivateCrtKeySpec(G, G2, G3, G5, G6, G3.remainder(G5.subtract(bigInteger)), G3.remainder(G6.subtract(bigInteger)), G4);
    }

    private KeyPair u(Buffer.PlainBuffer plainBuffer, PublicKey publicKey) throws IOException, GeneralSecurityException {
        KeyPair keyPair;
        if (plainBuffer.b() % 8 != 0) {
            throw new IOException("The private key section must be a multiple of the block size (8)");
        }
        if (((int) plainBuffer.N()) != ((int) plainBuffer.N())) {
            throw new g.b();
        }
        String K = plainBuffer.K();
        KeyType j2 = KeyType.j(K);
        f353h.e("Read key type: {}", K, j2);
        int i2 = c.f352a[j2.ordinal()];
        if (i2 == 1) {
            plainBuffer.F();
            plainBuffer.N();
            byte[] bArr = new byte[32];
            plainBuffer.I(bArr);
            plainBuffer.I(new byte[32]);
            keyPair = new KeyPair(publicKey, new net.i2p.crypto.eddsa.e(new net.i2p.crypto.eddsa.spec.e(bArr, net.i2p.crypto.eddsa.spec.c.c("Ed25519"))));
        } else if (i2 == 2) {
            keyPair = new KeyPair(publicKey, SecurityUtils.f(g.a.f512a).generatePrivate(t(plainBuffer)));
        } else if (i2 == 3) {
            keyPair = new KeyPair(publicKey, m(j2, plainBuffer, "P-256"));
        } else if (i2 == 4) {
            keyPair = new KeyPair(publicKey, m(j2, plainBuffer, "P-384"));
        } else {
            if (i2 != 5) {
                throw new IOException(k0.a("Cannot decode keytype ", K, " in openssh-key-v1 files (yet)."));
            }
            keyPair = new KeyPair(publicKey, m(j2, plainBuffer, "P-521"));
        }
        plainBuffer.K();
        int b2 = plainBuffer.b();
        byte[] bArr2 = new byte[b2];
        plainBuffer.I(bArr2);
        int i3 = 0;
        while (i3 < b2) {
            int i4 = i3 + 1;
            if (bArr2[i3] != i4) {
                throw new IOException(i.a("Padding of key format contained wrong byte at position: ", i3));
            }
            i3 = i4;
        }
        return keyPair;
    }

    @Override // net.schmizz.sshj.userauth.keyprovider.BaseFileKeyProvider, net.schmizz.sshj.userauth.keyprovider.FileKeyProvider
    public void d(File file) {
        File a2 = b.a(file);
        if (a2 != null) {
            try {
                o(new FileReader(a2));
            } catch (IOException e2) {
                this.f360g.s("Error reading public key file: {}", e2.toString());
            }
        }
        super.d(file);
    }

    @Override // net.schmizz.sshj.userauth.keyprovider.BaseFileKeyProvider
    protected KeyPair j() throws IOException {
        BufferedReader bufferedReader = new BufferedReader(this.f910a.b());
        try {
            try {
                if (!k(bufferedReader)) {
                    throw new IOException("This key is not in 'openssh-key-v1' format");
                }
                KeyPair q = q(new Buffer.PlainBuffer(Base64.e(r(bufferedReader))));
                IOUtils.b(bufferedReader);
                return q;
            } catch (GeneralSecurityException e2) {
                throw new SSHRuntimeException(e2);
            }
        } catch (Throwable th) {
            IOUtils.b(bufferedReader);
            throw th;
        }
    }
}
