package org.apache.sshd.common.config.keys.loader.openssh;

import java.io.ByteArrayInputStream;
import java.io.EOFException;
import java.io.IOException;
import java.io.InputStream;
import java.io.StreamCorruptedException;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.AbstractMap;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.TreeMap;
import org.apache.sshd.client.config.hosts.HostPatternsHolder;
import org.apache.sshd.common.NamedResource;
import org.apache.sshd.common.config.keys.FilePasswordProvider;
import org.apache.sshd.common.config.keys.KeyEntryResolver;
import org.apache.sshd.common.config.keys.KeyUtils;
import org.apache.sshd.common.config.keys.PrivateKeyEntryDecoder;
import org.apache.sshd.common.config.keys.PublicKeyEntryDecoder;
import org.apache.sshd.common.config.keys.loader.AbstractKeyPairResourceParser;
import org.apache.sshd.common.config.keys.loader.openssh.kdf.BCryptKdfOptions;
import org.apache.sshd.common.config.keys.loader.openssh.kdf.RawKdfOptions;
import org.apache.sshd.common.session.SessionContext;
import org.apache.sshd.common.util.GenericUtils;
import org.apache.sshd.common.util.ValidateUtils;
import org.apache.sshd.common.util.buffer.BufferUtils;
import org.apache.sshd.common.util.io.IoUtils;
import org.apache.sshd.common.util.security.SecurityUtils;
import org.slf4j.Logger;

/* loaded from: classes.dex */
public class OpenSSHKeyPairResourceParser extends AbstractKeyPairResourceParser {
    public static final String BEGIN_MARKER = "BEGIN OPENSSH PRIVATE KEY";
    public static final List<String> BEGINNERS = Collections.unmodifiableList(Collections.singletonList(BEGIN_MARKER));
    public static final String END_MARKER = "END OPENSSH PRIVATE KEY";
    public static final List<String> ENDERS = Collections.unmodifiableList(Collections.singletonList(END_MARKER));
    public static final OpenSSHKeyPairResourceParser INSTANCE = new OpenSSHKeyPairResourceParser();
    public static final String AUTH_MAGIC = "openssh-key-v1";
    private static final byte[] AUTH_MAGIC_BYTES = AUTH_MAGIC.getBytes(StandardCharsets.UTF_8);
    private static final Map<String, PrivateKeyEntryDecoder<?, ?>> BY_KEY_TYPE_DECODERS_MAP = new TreeMap(String.CASE_INSENSITIVE_ORDER);
    private static final Map<Class<?>, PrivateKeyEntryDecoder<?, ?>> BY_KEY_CLASS_DECODERS_MAP = new HashMap();

    /* renamed from: org.apache.sshd.common.config.keys.loader.openssh.OpenSSHKeyPairResourceParser$1, reason: invalid class name */
    /* loaded from: classes.dex */
    public static /* synthetic */ class AnonymousClass1 {
        public static final /* synthetic */ int[] $SwitchMap$org$apache$sshd$common$config$keys$FilePasswordProvider$ResourceDecodeResult;

        static {
            int[] iArr = new int[FilePasswordProvider.ResourceDecodeResult.values().length];
            $SwitchMap$org$apache$sshd$common$config$keys$FilePasswordProvider$ResourceDecodeResult = iArr;
            try {
                iArr[FilePasswordProvider.ResourceDecodeResult.TERMINATE.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$org$apache$sshd$common$config$keys$FilePasswordProvider$ResourceDecodeResult[FilePasswordProvider.ResourceDecodeResult.RETRY.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$org$apache$sshd$common$config$keys$FilePasswordProvider$ResourceDecodeResult[FilePasswordProvider.ResourceDecodeResult.IGNORE.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    static {
        registerPrivateKeyEntryDecoder(OpenSSHRSAPrivateKeyDecoder.INSTANCE);
        registerPrivateKeyEntryDecoder(OpenSSHDSSPrivateKeyEntryDecoder.INSTANCE);
        if (SecurityUtils.isECCSupported()) {
            registerPrivateKeyEntryDecoder(OpenSSHECDSAPrivateKeyEntryDecoder.INSTANCE);
        }
        if (SecurityUtils.isEDDSACurveSupported()) {
            registerPrivateKeyEntryDecoder(SecurityUtils.getOpenSSHEDDSAPrivateKeyEntryDecoder());
        }
    }

    public OpenSSHKeyPairResourceParser() {
        super(BEGINNERS, ENDERS);
    }

    public static PrivateKeyEntryDecoder<?, ?> getPrivateKeyEntryDecoder(Class<?> cls) {
        if (cls == null || !Key.class.isAssignableFrom(cls)) {
            return null;
        }
        synchronized (BY_KEY_TYPE_DECODERS_MAP) {
            Map<Class<?>, PrivateKeyEntryDecoder<?, ?>> map = BY_KEY_CLASS_DECODERS_MAP;
            PrivateKeyEntryDecoder<?, ?> privateKeyEntryDecoder = map.get(cls);
            if (privateKeyEntryDecoder != null) {
                return privateKeyEntryDecoder;
            }
            for (PrivateKeyEntryDecoder<?, ?> privateKeyEntryDecoder2 : map.values()) {
                Class<?> publicKeyType = privateKeyEntryDecoder2.getPublicKeyType();
                Class<?> privateKeyType = privateKeyEntryDecoder2.getPrivateKeyType();
                if (publicKeyType.isAssignableFrom(cls) || privateKeyType.isAssignableFrom(cls)) {
                    return privateKeyEntryDecoder2;
                }
            }
            return null;
        }
    }

    public static PrivateKeyEntryDecoder<?, ?> getPrivateKeyEntryDecoder(String str) {
        PrivateKeyEntryDecoder<?, ?> privateKeyEntryDecoder;
        if (GenericUtils.isEmpty(str)) {
            return null;
        }
        Map<String, PrivateKeyEntryDecoder<?, ?>> map = BY_KEY_TYPE_DECODERS_MAP;
        synchronized (map) {
            privateKeyEntryDecoder = map.get(str);
        }
        return privateKeyEntryDecoder;
    }

    public static PrivateKeyEntryDecoder<?, ?> getPrivateKeyEntryDecoder(Key key) {
        if (key == null) {
            return null;
        }
        return getPrivateKeyEntryDecoder(key.getClass());
    }

    public static PrivateKeyEntryDecoder<?, ?> getPrivateKeyEntryDecoder(KeyPair keyPair) {
        PrivateKeyEntryDecoder<?, ?> privateKeyEntryDecoder;
        if (keyPair != null && (privateKeyEntryDecoder = getPrivateKeyEntryDecoder(keyPair.getPublic())) == getPrivateKeyEntryDecoder(keyPair.getPrivate())) {
            return privateKeyEntryDecoder;
        }
        return null;
    }

    public static void registerPrivateKeyEntryDecoder(PrivateKeyEntryDecoder<?, ?> privateKeyEntryDecoder) {
        Objects.requireNonNull(privateKeyEntryDecoder, "No decoder specified");
        Class<?> publicKeyType = privateKeyEntryDecoder.getPublicKeyType();
        Objects.requireNonNull(publicKeyType, "No public key type declared");
        Class<?> privateKeyType = privateKeyEntryDecoder.getPrivateKeyType();
        Objects.requireNonNull(privateKeyType, "No private key type declared");
        Map<Class<?>, PrivateKeyEntryDecoder<?, ?>> map = BY_KEY_CLASS_DECODERS_MAP;
        synchronized (map) {
            map.put(publicKeyType, privateKeyEntryDecoder);
            map.put(privateKeyType, privateKeyEntryDecoder);
        }
        Collection checkNotNullAndNotEmpty = ValidateUtils.checkNotNullAndNotEmpty(privateKeyEntryDecoder.getSupportedKeyTypes(), "No supported key type", new Object[0]);
        synchronized (BY_KEY_TYPE_DECODERS_MAP) {
            Iterator it = checkNotNullAndNotEmpty.iterator();
            while (it.hasNext()) {
                BY_KEY_TYPE_DECODERS_MAP.put((String) it.next(), privateKeyEntryDecoder);
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:102:0x01a6  */
    /* JADX WARN: Removed duplicated region for block: B:112:0x01dc A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:99:0x0199 A[Catch: all -> 0x01f4, TryCatch #11 {all -> 0x01f4, blocks: (B:22:0x00c8, B:24:0x00ce, B:28:0x00e1, B:46:0x00f7, B:45:0x00f4, B:49:0x00fb, B:124:0x0105, B:52:0x010e, B:55:0x011d, B:65:0x014e, B:97:0x0193, B:99:0x0199, B:100:0x019b, B:107:0x01ac, B:110:0x01b5, B:111:0x01d3, B:104:0x01d4, B:113:0x01dc, B:72:0x016f, B:127:0x01dd, B:128:0x01f3, B:27:0x00dd, B:35:0x00eb, B:40:0x00ee), top: B:21:0x00c8, inners: #5, #7, #10 }] */
    /* JADX WARN: Type inference failed for: r1v15, types: [org.apache.sshd.common.config.keys.loader.openssh.OpenSSHKeyDecryptor] */
    /* JADX WARN: Type inference failed for: r1v3 */
    @Override // org.apache.sshd.common.config.keys.loader.AbstractKeyPairResourceParser
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.util.Collection<java.security.KeyPair> extractKeyPairs(org.apache.sshd.common.session.SessionContext r21, org.apache.sshd.common.NamedResource r22, java.lang.String r23, java.lang.String r24, org.apache.sshd.common.config.keys.FilePasswordProvider r25, java.io.InputStream r26, java.util.Map<java.lang.String, java.lang.String> r27) throws java.io.IOException, java.security.GeneralSecurityException {
        /*
            Method dump skipped, instructions count: 506
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.sshd.common.config.keys.loader.openssh.OpenSSHKeyPairResourceParser.extractKeyPairs(org.apache.sshd.common.session.SessionContext, org.apache.sshd.common.NamedResource, java.lang.String, java.lang.String, org.apache.sshd.common.config.keys.FilePasswordProvider, java.io.InputStream, java.util.Map):java.util.Collection");
    }

    public Map.Entry<PrivateKey, String> readPrivateKey(SessionContext sessionContext, NamedResource namedResource, OpenSSHParserContext openSSHParserContext, String str, FilePasswordProvider filePasswordProvider, InputStream inputStream) throws IOException, GeneralSecurityException {
        String decodeString = KeyEntryResolver.decodeString(inputStream, 256);
        if (!Objects.equals(str, decodeString)) {
            throw new StreamCorruptedException("Mismatched private key type: , expected=" + str + ", actual=" + decodeString + " in " + namedResource);
        }
        PrivateKeyEntryDecoder<?, ?> privateKeyEntryDecoder = getPrivateKeyEntryDecoder(decodeString);
        if (privateKeyEntryDecoder == null) {
            throw new NoSuchAlgorithmException("Unsupported key type (" + decodeString + ") in " + namedResource);
        }
        Object decodePrivateKey = privateKeyEntryDecoder.decodePrivateKey(sessionContext, decodeString, filePasswordProvider, inputStream);
        if (decodePrivateKey != null) {
            return new AbstractMap.SimpleImmutableEntry(decodePrivateKey, KeyEntryResolver.decodeString(inputStream, 1024));
        }
        throw new InvalidKeyException("Cannot parse key type (" + decodeString + ") in " + namedResource);
    }

    public List<KeyPair> readPrivateKeys(SessionContext sessionContext, NamedResource namedResource, OpenSSHParserContext openSSHParserContext, Collection<? extends PublicKey> collection, FilePasswordProvider filePasswordProvider, InputStream inputStream) throws IOException, GeneralSecurityException {
        if (GenericUtils.isEmpty((Collection<?>) collection)) {
            return Collections.emptyList();
        }
        boolean isTraceEnabled = this.log.isTraceEnabled();
        int decodeInt = KeyEntryResolver.decodeInt(inputStream);
        int decodeInt2 = KeyEntryResolver.decodeInt(inputStream);
        int i7 = 3;
        if (isTraceEnabled) {
            this.log.trace("readPrivateKeys({}) check1=0x{}, check2=0x{}", namedResource, Integer.toHexString(decodeInt), Integer.toHexString(decodeInt2));
        }
        if (decodeInt != decodeInt2) {
            throw new StreamCorruptedException("Mismatched private key check values (" + Integer.toHexString(decodeInt) + "/" + Integer.toHexString(decodeInt2) + ") in " + namedResource);
        }
        ArrayList arrayList = new ArrayList(collection.size());
        for (PublicKey publicKey : collection) {
            String keyType = KeyUtils.getKeyType(publicKey);
            int size = arrayList.size() + 1;
            if (isTraceEnabled) {
                Logger logger = this.log;
                Object[] objArr = new Object[i7];
                objArr[0] = namedResource;
                objArr[1] = Integer.valueOf(size);
                objArr[2] = keyType;
                logger.trace("extractKeyPairs({}) read private key #{}: {}", objArr);
            }
            Map.Entry<PrivateKey, String> readPrivateKey = readPrivateKey(sessionContext, namedResource, openSSHParserContext, keyType, filePasswordProvider, inputStream);
            PrivateKey key = readPrivateKey == null ? null : readPrivateKey.getKey();
            ValidateUtils.checkNotNull(key, "Empty private key #%d in %s", Integer.valueOf(size), namedResource);
            String keyType2 = KeyUtils.getKeyType(key);
            ValidateUtils.checkTrue(Objects.equals(keyType, keyType2), "Mismatched public (%s) vs. private (%s) key type #%d in %s", keyType, keyType2, Integer.valueOf(size), namedResource);
            if (isTraceEnabled) {
                this.log.trace("extractKeyPairs({}) add private key #{}: {} {}", namedResource, Integer.valueOf(size), keyType2, readPrivateKey.getValue());
            }
            arrayList.add(new KeyPair(publicKey, key));
            i7 = 3;
        }
        return arrayList;
    }

    /* JADX WARN: Type inference failed for: r2v3, types: [java.security.PublicKey] */
    public PublicKey readPublicKey(SessionContext sessionContext, NamedResource namedResource, OpenSSHParserContext openSSHParserContext, InputStream inputStream, Map<String, String> map) throws IOException, GeneralSecurityException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(KeyEntryResolver.readRLEBytes(inputStream, 65534));
        try {
            String decodeString = KeyEntryResolver.decodeString(byteArrayInputStream, 256);
            PublicKeyEntryDecoder<?, ?> publicKeyEntryDecoder = KeyUtils.getPublicKeyEntryDecoder(decodeString);
            if (publicKeyEntryDecoder != null) {
                ?? decodePublicKey = publicKeyEntryDecoder.decodePublicKey(sessionContext, decodeString, byteArrayInputStream, map);
                byteArrayInputStream.close();
                return decodePublicKey;
            }
            throw new NoSuchAlgorithmException("Unsupported key type (" + decodeString + ") in " + namedResource);
        } catch (Throwable th) {
            try {
                throw th;
            } catch (Throwable th2) {
                try {
                    byteArrayInputStream.close();
                } catch (Throwable th3) {
                    th.addSuppressed(th3);
                }
                throw th2;
            }
        }
    }

    public OpenSSHKdfOptions resolveKdfOptions(SessionContext sessionContext, NamedResource namedResource, String str, String str2, InputStream inputStream, Map<String, String> map) throws IOException, GeneralSecurityException {
        String decodeString = KeyEntryResolver.decodeString(inputStream, 1024);
        byte[] readRLEBytes = KeyEntryResolver.readRLEBytes(inputStream, 32767);
        OpenSSHKdfOptions bCryptKdfOptions = BCryptKdfOptions.NAME.equalsIgnoreCase(decodeString) ? new BCryptKdfOptions() : new RawKdfOptions();
        bCryptKdfOptions.initialize(decodeString, readRLEBytes);
        return bCryptKdfOptions;
    }

    public <S extends InputStream> S validateStreamMagicMarker(SessionContext sessionContext, NamedResource namedResource, S s7) throws IOException {
        byte[] bArr = AUTH_MAGIC_BYTES;
        byte[] bArr2 = new byte[bArr.length];
        IoUtils.readFully(s7, bArr2);
        if (!Arrays.equals(bArr, bArr2)) {
            throw new StreamCorruptedException(namedResource + ": Mismatched magic marker value: " + BufferUtils.toHex(HostPatternsHolder.PORT_VALUE_DELIMITER, bArr2));
        }
        int read = s7.read();
        if (read == -1) {
            throw new EOFException(namedResource + ": Premature EOF after magic marker value");
        }
        if (read == 0) {
            return s7;
        }
        throw new StreamCorruptedException(namedResource + ": Missing EOS after magic marker value: 0x" + Integer.toHexString(read));
    }
}
