package s2;

import a7.b0;
import a7.h;
import a7.w;
import com.hierynomus.sshj.common.KeyDecryptionFailedException;
import java.io.BufferedReader;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.nio.CharBuffer;
import java.nio.charset.StandardCharsets;
import java.security.DigestException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.ECPrivateKeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.util.Arrays;
import java.util.Base64;
import java.util.HashMap;
import l5.g;
import net.schmizz.sshj.common.SSHRuntimeException;
import o2.c;
import o2.f;
import org.bouncycastle.asn1.nist.NISTNamedCurves;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.jce.spec.ECNamedCurveSpec;
import org.bouncycastle.openssl.EncryptionException;
import w6.b;
import z7.d;

/* loaded from: classes2.dex */
public final class a extends o7.a {
    public static final byte[] d = "openssh-key-v1\u0000".getBytes();
    public static final HashMap e;

    static {
        HashMap hashMap = new HashMap();
        e = hashMap;
        hashMap.put("3des-cbc", new o2.a(8, 192, "3des-cbc", "DESede", "CBC"));
        hashMap.put("aes128-cbc", new o2.a(16, 128, "aes128-cbc", "AES", "CBC"));
        hashMap.put("aes192-cbc", new o2.a(16, 192, "aes192-cbc", "AES", "CBC"));
        hashMap.put("aes256-cbc", new o2.a(16, 256, "aes256-cbc", "AES", "CBC"));
        hashMap.put("aes128-ctr", new o2.a(16, 128, "aes128-ctr", "AES", "CTR"));
        hashMap.put("aes192-ctr", new o2.a(16, 192, "aes192-ctr", "AES", "CTR"));
        hashMap.put("aes256-ctr", new o2.a(16, 256, "aes256-ctr", "AES", "CTR"));
        hashMap.put("aes256-gcm@openssh.com", new f(256, "aes256-gcm@openssh.com"));
        hashMap.put("aes128-gcm@openssh.com", new f(128, "aes128-gcm@openssh.com"));
        hashMap.put("chacha20-poly1305@openssh.com", new c());
    }

    public a() {
        d.b(a.class);
    }

    public static h7.c c(String str) {
        HashMap hashMap = e;
        if (hashMap.containsKey(str)) {
            return (h7.c) ((a7.f) hashMap.get(str)).a();
        }
        throw new IllegalStateException(String.format("OpenSSH Key encryption cipher not supported [%s]", str));
    }

    public static PrivateKey d(w wVar, a7.a aVar, String str) {
        wVar.f(aVar);
        BigInteger bigInteger = new BigInteger(1, aVar.s());
        X9ECParameters byName = NISTNamedCurves.getByName(str);
        return b0.d("ECDSA").generatePrivate(new ECPrivateKeySpec(bigInteger, new ECNamedCurveSpec(str, byName.getCurve(), byName.getG(), byName.getN())));
    }

    public static String h(BufferedReader bufferedReader) {
        boolean z;
        StringBuilder sb = new StringBuilder();
        String readLine = bufferedReader.readLine();
        while (true) {
            if (readLine == null) {
                z = false;
                break;
            }
            if (readLine.startsWith("-----END ")) {
                z = true;
                break;
            }
            sb.append(readLine);
            readLine = bufferedReader.readLine();
        }
        if (z) {
            return sb.toString();
        }
        throw new IOException(String.format("File footer not found [%s%s]", "-----END ", "OPENSSH PRIVATE KEY-----"));
    }

    public static KeyPair i(a7.a aVar, PublicKey publicKey) {
        KeyPair keyPair;
        if ((aVar.c - aVar.b) % 8 != 0) {
            throw new IOException("The private key section must be a multiple of the block size (8)");
        }
        if (((int) aVar.y()) != ((int) aVar.y())) {
            throw new KeyDecryptionFailedException(new EncryptionException("OpenSSH Private Key integer comparison failed"));
        }
        String w = aVar.w();
        w b = w.b(w);
        int ordinal = b.ordinal();
        if (ordinal == 0) {
            BigInteger t8 = aVar.t();
            BigInteger t9 = aVar.t();
            BigInteger t10 = aVar.t();
            BigInteger t11 = aVar.t();
            BigInteger t12 = aVar.t();
            BigInteger t13 = aVar.t();
            BigInteger bigInteger = BigInteger.ONE;
            keyPair = new KeyPair(publicKey, b0.d("RSA").generatePrivate(new RSAPrivateCrtKeySpec(t8, t9, t10, t12, t13, t10.remainder(t12.subtract(bigInteger)), t10.remainder(t13.subtract(bigInteger)), t11)));
        } else if (ordinal == 2) {
            keyPair = new KeyPair(publicKey, d(b, aVar, "P-256"));
        } else if (ordinal == 3) {
            keyPair = new KeyPair(publicKey, d(b, aVar, "P-384"));
        } else if (ordinal == 4) {
            keyPair = new KeyPair(publicKey, d(b, aVar, "P-521"));
        } else {
            if (ordinal != 5) {
                throw new IOException(com.revenuecat.purchases.d.k("Cannot decode keytype ", w, " in openssh-key-v1 files (yet)."));
            }
            aVar.s();
            aVar.y();
            byte[] bArr = new byte[32];
            aVar.v(bArr);
            aVar.v(new byte[32]);
            keyPair = new KeyPair(publicKey, new t6.d(new w6.c(bArr, b.a())));
        }
        aVar.w();
        int i = aVar.c - aVar.b;
        byte[] bArr2 = new byte[i];
        aVar.v(bArr2);
        int i6 = 0;
        while (i6 < i) {
            int i8 = i6 + 1;
            if (bArr2[i6] != i8) {
                throw new IOException(a.a.k("Padding of key format contained wrong byte at position: ", i6));
            }
            i6 = i8;
        }
        return keyPair;
    }

    @Override // o7.a
    public final KeyPair b() {
        Base64.Decoder decoder;
        byte[] decode;
        BufferedReader bufferedReader = new BufferedReader(this.f1033a.a());
        try {
            try {
                String readLine = bufferedReader.readLine();
                while (readLine != null && !readLine.startsWith("-----BEGIN ")) {
                    readLine = bufferedReader.readLine();
                }
                if (!(readLine == null ? false : readLine.substring(11).startsWith("OPENSSH PRIVATE KEY-----"))) {
                    throw new IOException(String.format("File header not found [%s%s]", "-----BEGIN ", "OPENSSH PRIVATE KEY-----"));
                }
                String h = h(bufferedReader);
                decoder = Base64.getDecoder();
                decode = decoder.decode(h);
                KeyPair g = g(new a7.a(decode));
                h.a(bufferedReader);
                return g;
            } catch (GeneralSecurityException e8) {
                throw new SSHRuntimeException("Read OpenSSH Version 1 Key failed", e8);
            }
        } catch (Throwable th) {
            h.a(bufferedReader);
            throw th;
        }
    }

    public final a7.a e(byte[] bArr, int i, String str, String str2, byte[] bArr2) {
        try {
            h7.c c = c(str);
            f(str2, bArr2, c);
            c.update(bArr, 0, i);
            a7.a aVar = new a7.a(i);
            aVar.i(bArr, 0, i);
            return aVar;
        } catch (SSHRuntimeException e8) {
            throw new KeyDecryptionFailedException(new EncryptionException(String.format("OpenSSH Private Key decryption failed with cipher [%s]", str), e8));
        }
    }

    public final void f(String str, byte[] bArr, h7.c cVar) {
        if (!str.equals("bcrypt")) {
            throw new IllegalStateException(String.format("OpenSSH Private Key encryption KDF not supported [%s]", str));
        }
        a7.a aVar = new a7.a(bArr);
        byte[] bArr2 = new byte[0];
        r7.b bVar = this.b;
        if (bVar != null) {
            CharBuffer wrap = CharBuffer.wrap(bVar.a());
            ByteBuffer encode = StandardCharsets.UTF_8.encode(wrap);
            byte[] copyOfRange = Arrays.copyOfRange(encode.array(), encode.position(), encode.limit());
            Arrays.fill(wrap.array(), (char) 0);
            Arrays.fill(encode.array(), (byte) 0);
            bArr2 = copyOfRange;
        }
        int f = cVar.f();
        int blockSize = cVar.getBlockSize();
        int i = f + blockSize;
        byte[] bArr3 = new byte[i];
        byte[] s = aVar.s();
        int y8 = (int) aVar.y();
        t2.a aVar2 = new t2.a();
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-512");
            int i6 = (i + 31) / 32;
            byte[] digest = messageDigest.digest(bArr2);
            byte[] bArr4 = new byte[64];
            byte[] bArr5 = new byte[4];
            byte[] bArr6 = new byte[32];
            byte[] bArr7 = new byte[32];
            int i8 = 1;
            while (i8 <= i6) {
                bArr5[0] = (byte) ((i8 >> 24) & 255);
                bArr5[1] = (byte) ((i8 >> 16) & 255);
                bArr5[2] = (byte) ((i8 >> 8) & 255);
                bArr5[3] = (byte) (i8 & 255);
                messageDigest.reset();
                messageDigest.update(s);
                messageDigest.update(bArr5);
                byte[] bArr8 = s;
                int i9 = 0;
                messageDigest.digest(bArr4, 0, 64);
                aVar2.b(digest, bArr4, bArr6);
                System.arraycopy(bArr6, 0, bArr7, 0, 32);
                int i10 = 1;
                while (i10 < y8) {
                    messageDigest.reset();
                    messageDigest.update(bArr7);
                    int i11 = y8;
                    messageDigest.digest(bArr4, i9, 64);
                    aVar2.b(digest, bArr4, bArr7);
                    int i12 = 0;
                    for (int i13 = 32; i12 < i13; i13 = 32) {
                        bArr6[i12] = (byte) (bArr6[i12] ^ bArr7[i12]);
                        i12++;
                    }
                    i10++;
                    y8 = i11;
                    i9 = 0;
                }
                int i14 = y8;
                for (int i15 = 0; i15 < 32; i15++) {
                    int i16 = (i8 - 1) + (i15 * i6);
                    if (i16 < i) {
                        bArr3[i16] = bArr6[i15];
                    }
                }
                i8++;
                s = bArr8;
                y8 = i14;
            }
            Arrays.fill(bArr2, (byte) 0);
            cVar.a(h7.b.Decrypt, Arrays.copyOfRange(bArr3, 0, blockSize), Arrays.copyOfRange(bArr3, blockSize, i));
        } catch (DigestException e8) {
            throw new RuntimeException(e8);
        } catch (NoSuchAlgorithmException e9) {
            throw new RuntimeException(e9);
        }
    }

    public final KeyPair g(a7.a aVar) {
        byte[] bArr;
        r7.b bVar;
        byte[] bArr2 = d;
        byte[] bArr3 = new byte[bArr2.length];
        aVar.v(bArr3);
        if (!g.k(bArr3, bArr2, 0, bArr2.length)) {
            throw new IOException("This key does not contain the 'openssh-key-v1' format magic header");
        }
        String w = aVar.w();
        String w8 = aVar.w();
        byte[] s = aVar.s();
        int y8 = (int) aVar.y();
        if (y8 != 1) {
            throw new IOException(String.format("OpenSSH Private Key number of keys not supported [%d]", Integer.valueOf(y8)));
        }
        a7.a aVar2 = new a7.a(aVar.s());
        PublicKey f = w.b(aVar2.w()).f(aVar2);
        byte[] s8 = aVar.s();
        a7.a aVar3 = new a7.a(s8);
        if ("none".equals(w)) {
            return i(aVar3, f);
        }
        int i = aVar.c - aVar.b;
        if (i == 0) {
            bArr = s8;
        } else {
            byte[] bArr4 = new byte[i];
            aVar.v(bArr4);
            int length = s8.length + i;
            a7.a aVar4 = new a7.a(length);
            aVar4.i(s8, 0, s8.length);
            aVar4.i(bArr4, 0, i);
            bArr = new byte[length];
            aVar4.v(bArr);
        }
        do {
            try {
                return i(e((byte[]) bArr.clone(), s8.length, w, w8, s), f);
            } catch (KeyDecryptionFailedException e8) {
                bVar = this.b;
                if (bVar == null) {
                    break;
                }
                throw e8;
            }
        } while (bVar.b());
        throw e8;
    }
}
