package net.schmizz.sshj.userauth.keyprovider;

import com.hierynomus.sshj.common.KeyAlgorithm;
import java.io.BufferedReader;
import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.spec.DSAPrivateKeySpec;
import java.security.spec.DSAPublicKeySpec;
import java.security.spec.ECPrivateKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import net.i2p.crypto.eddsa.EdDSAPrivateKey;
import net.i2p.crypto.eddsa.EdDSAPublicKey;
import net.i2p.crypto.eddsa.spec.EdDSANamedCurveSpec;
import net.i2p.crypto.eddsa.spec.EdDSANamedCurveTable;
import net.i2p.crypto.eddsa.spec.EdDSAPrivateKeySpec;
import net.i2p.crypto.eddsa.spec.EdDSAPublicKeySpec;
import net.schmizz.sshj.common.Base64;
import net.schmizz.sshj.common.Buffer;
import net.schmizz.sshj.common.Factory;
import net.schmizz.sshj.common.KeyType;
import net.schmizz.sshj.common.SecurityUtils;
import net.schmizz.sshj.userauth.password.PasswordFinder;
import net.schmizz.sshj.userauth.password.PasswordUtils;
import org.bouncycastle.asn1.nist.NISTNamedCurves;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.jce.spec.ECNamedCurveSpec;
import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: classes.dex */
public class PuTTYKeyFile extends BaseFileKeyProvider {
    public byte[] privateKey;
    public byte[] publicKey;
    public Map<String, String> payload = new HashMap();
    public final Map<String, String> headers = new HashMap();

    /* renamed from: net.schmizz.sshj.userauth.keyprovider.PuTTYKeyFile$1, reason: invalid class name */
    /* loaded from: classes.dex */
    public static /* synthetic */ class AnonymousClass1 {
        public static final /* synthetic */ int[] $SwitchMap$net$schmizz$sshj$common$KeyType;

        static {
            int[] iArr = new int[KeyType.values().length];
            $SwitchMap$net$schmizz$sshj$common$KeyType = iArr;
            try {
                iArr[KeyType.ECDSA256.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$net$schmizz$sshj$common$KeyType[KeyType.ECDSA384.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$net$schmizz$sshj$common$KeyType[KeyType.ECDSA521.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    /* loaded from: classes.dex */
    public static class Factory implements Factory.Named<FileKeyProvider> {
        @Override // net.schmizz.sshj.common.Factory
        public FileKeyProvider create() {
            return new PuTTYKeyFile();
        }

        @Override // net.schmizz.sshj.common.Factory.Named
        public String getName() {
            return "PuTTY";
        }
    }

    public final byte[] decrypt(byte[] bArr, String str) throws IOException {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            cipher.init(2, new SecretKeySpec(toKey(str), 0, 32, "AES"), new IvParameterSpec(new byte[16]));
            return cipher.doFinal(bArr);
        } catch (GeneralSecurityException e) {
            throw new IOException(e.getMessage(), e);
        }
    }

    /* JADX WARN: Type inference failed for: r0v0, types: [java.util.Map<java.lang.String, java.lang.String>, java.util.HashMap] */
    @Override // net.schmizz.sshj.userauth.keyprovider.BaseFileKeyProvider, net.schmizz.sshj.userauth.keyprovider.KeyProvider
    public KeyType getType() throws IOException {
        return KeyType.fromString((String) this.headers.get("PuTTY-User-Key-File-2"));
    }

    /* JADX WARN: Type inference failed for: r0v0, types: [java.util.Map<java.lang.String, java.lang.String>, java.util.HashMap] */
    public boolean isEncrypted() {
        return "aes256-cbc".equals(this.headers.get("Encryption"));
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.util.Map<java.lang.String, java.lang.String>, java.util.HashMap] */
    /* JADX WARN: Type inference failed for: r0v6, types: [java.util.Map<java.lang.String, java.lang.String>, java.util.HashMap] */
    /* JADX WARN: Type inference failed for: r2v1, types: [java.util.Map<java.lang.String, java.lang.String>, java.util.HashMap] */
    /* JADX WARN: Type inference failed for: r3v3, types: [java.util.Map<java.lang.String, java.lang.String>, java.util.HashMap] */
    /* JADX WARN: Type inference failed for: r3v6, types: [java.util.Map<java.lang.String, java.lang.String>, java.util.HashMap] */
    /* JADX WARN: Type inference failed for: r4v0, types: [java.util.Map<java.lang.String, java.lang.String>, java.util.HashMap] */
    public void parseKeyPair() throws IOException {
        BufferedReader bufferedReader = new BufferedReader(this.resource.getReader());
        String str = null;
        while (true) {
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                int indexOf = readLine.indexOf(": ");
                if (indexOf > 0) {
                    str = readLine.substring(0, indexOf);
                    this.headers.put(str, readLine.substring(indexOf + 2));
                } else {
                    String str2 = (String) this.payload.get(str);
                    if (str2 != null) {
                        readLine = str2 + readLine;
                    }
                    this.payload.put(str, readLine);
                }
            } catch (Throwable th) {
                bufferedReader.close();
                throw th;
            }
        }
        bufferedReader.close();
        this.publicKey = Base64.decode((String) this.payload.get("Public-Lines"));
        if (!isEncrypted()) {
            this.privateKey = Base64.decode((String) this.payload.get("Private-Lines"));
            return;
        }
        PasswordFinder passwordFinder = this.pwdf;
        char[] reqPassword = passwordFinder != null ? passwordFinder.reqPassword(this.resource) : "".toCharArray();
        try {
            this.privateKey = decrypt(Base64.decode((String) this.payload.get("Private-Lines")), new String(reqPassword));
            verify(new String(reqPassword));
        } finally {
            PasswordUtils.blankOut(reqPassword);
        }
    }

    @Override // net.schmizz.sshj.userauth.keyprovider.BaseFileKeyProvider
    public KeyPair readKeyPair() throws IOException {
        parseKeyPair();
        Buffer.PlainBuffer plainBuffer = new Buffer.PlainBuffer(this.publicKey);
        Buffer.PlainBuffer plainBuffer2 = new Buffer.PlainBuffer(this.privateKey);
        plainBuffer.readBytes();
        if (KeyType.RSA.equals(getType())) {
            BigInteger readMPInt = plainBuffer.readMPInt();
            BigInteger readMPInt2 = plainBuffer.readMPInt();
            BigInteger readMPInt3 = plainBuffer2.readMPInt();
            try {
                KeyFactory keyFactory = KeyFactory.getInstance(KeyAlgorithm.RSA);
                try {
                    return new KeyPair(keyFactory.generatePublic(new RSAPublicKeySpec(readMPInt2, readMPInt)), keyFactory.generatePrivate(new RSAPrivateKeySpec(readMPInt2, readMPInt3)));
                } catch (InvalidKeySpecException e) {
                    throw new IOException(e.getMessage(), e);
                }
            } catch (NoSuchAlgorithmException e2) {
                throw new IOException(e2.getMessage(), e2);
            }
        }
        if (KeyType.DSA.equals(getType())) {
            BigInteger readMPInt4 = plainBuffer.readMPInt();
            BigInteger readMPInt5 = plainBuffer.readMPInt();
            BigInteger readMPInt6 = plainBuffer.readMPInt();
            BigInteger readMPInt7 = plainBuffer.readMPInt();
            BigInteger readMPInt8 = plainBuffer2.readMPInt();
            try {
                KeyFactory keyFactory2 = KeyFactory.getInstance(KeyAlgorithm.DSA);
                try {
                    return new KeyPair(keyFactory2.generatePublic(new DSAPublicKeySpec(readMPInt7, readMPInt4, readMPInt5, readMPInt6)), keyFactory2.generatePrivate(new DSAPrivateKeySpec(readMPInt8, readMPInt4, readMPInt5, readMPInt6)));
                } catch (InvalidKeySpecException e3) {
                    throw new IOException(e3.getMessage(), e3);
                }
            } catch (NoSuchAlgorithmException e4) {
                throw new IOException(e4.getMessage(), e4);
            }
        }
        if (KeyType.ED25519.equals(getType())) {
            EdDSANamedCurveSpec byName = EdDSANamedCurveTable.getByName("Ed25519");
            return new KeyPair(new EdDSAPublicKey(new EdDSAPublicKeySpec(plainBuffer.readBytes(), byName)), new EdDSAPrivateKey(new EdDSAPrivateKeySpec(plainBuffer2.readBytes(), byName)));
        }
        int i = AnonymousClass1.$SwitchMap$net$schmizz$sshj$common$KeyType[getType().ordinal()];
        String str = i != 1 ? i != 2 ? i != 3 ? null : "P-521" : "P-384" : "P-256";
        if (str == null) {
            throw new IOException(String.format("Unknown key type %s", getType()));
        }
        BigInteger bigInteger = new BigInteger(1, plainBuffer2.readBytes());
        X9ECParameters byName2 = NISTNamedCurves.getByName(str);
        try {
            return new KeyPair(getType().readPubKeyFromBuffer(plainBuffer), SecurityUtils.getKeyFactory(KeyAlgorithm.ECDSA).generatePrivate(new ECPrivateKeySpec(bigInteger, new ECNamedCurveSpec(str, byName2.getCurve(), byName2.getG(), byName2.getN()))));
        } catch (GeneralSecurityException e5) {
            throw new IOException(e5.getMessage(), e5);
        }
    }

    public final byte[] toKey(String str) throws IOException {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(McElieceCCA2KeyGenParameterSpec.SHA1);
            messageDigest.update(new byte[]{0, 0, 0, 0});
            messageDigest.update(str.getBytes());
            byte[] digest = messageDigest.digest();
            messageDigest.update(new byte[]{0, 0, 0, 1});
            messageDigest.update(str.getBytes());
            byte[] digest2 = messageDigest.digest();
            byte[] bArr = new byte[32];
            System.arraycopy(digest, 0, bArr, 0, 20);
            System.arraycopy(digest2, 0, bArr, 20, 12);
            return bArr;
        } catch (NoSuchAlgorithmException e) {
            throw new IOException(e.getMessage(), e);
        }
    }

    /* JADX WARN: Type inference failed for: r0v10, types: [java.util.Map<java.lang.String, java.lang.String>, java.util.HashMap] */
    /* JADX WARN: Type inference failed for: r1v4, types: [java.util.Map<java.lang.String, java.lang.String>, java.util.HashMap] */
    /* JADX WARN: Type inference failed for: r1v8, types: [java.util.Map<java.lang.String, java.lang.String>, java.util.HashMap] */
    /* JADX WARN: Type inference failed for: r4v10, types: [java.util.Map<java.lang.String, java.lang.String>, java.util.HashMap] */
    /* JADX WARN: Type inference failed for: r4v6, types: [java.util.Map<java.lang.String, java.lang.String>, java.util.HashMap] */
    public final void verify(String str) throws IOException {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(McElieceCCA2KeyGenParameterSpec.SHA1);
            messageDigest.update("putty-private-key-file-mac-key".getBytes());
            messageDigest.update(str.getBytes());
            byte[] digest = messageDigest.digest();
            Mac mac = Mac.getInstance("HmacSHA1");
            mac.init(new SecretKeySpec(digest, 0, 20, mac.getAlgorithm()));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
            dataOutputStream.writeInt(getType().toString().length());
            dataOutputStream.writeBytes(getType().toString());
            dataOutputStream.writeInt(((String) this.headers.get("Encryption")).length());
            dataOutputStream.writeBytes((String) this.headers.get("Encryption"));
            dataOutputStream.writeInt(((String) this.headers.get("Comment")).length());
            dataOutputStream.writeBytes((String) this.headers.get("Comment"));
            dataOutputStream.writeInt(this.publicKey.length);
            dataOutputStream.write(this.publicKey);
            dataOutputStream.writeInt(this.privateKey.length);
            dataOutputStream.write(this.privateKey);
            if (Hex.toHexString(mac.doFinal(byteArrayOutputStream.toByteArray())).equals((String) this.headers.get("Private-MAC"))) {
            } else {
                throw new IOException("Invalid passphrase");
            }
        } catch (GeneralSecurityException e) {
            throw new IOException(e.getMessage(), e);
        }
    }
}
