package net.schmizz.sshj.userauth.keyprovider;

import com.hierynomus.sshj.common.KeyAlgorithm;
import com.hierynomus.sshj.transport.cipher.BlockCiphers;
import java.io.BufferedReader;
import java.io.EOFException;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.nio.CharBuffer;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.spec.DSAPrivateKeySpec;
import java.security.spec.DSAPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.Arrays;
import net.schmizz.sshj.common.Base64;
import net.schmizz.sshj.common.ByteArrayUtils;
import net.schmizz.sshj.common.Factory;
import net.schmizz.sshj.common.IOUtils;
import net.schmizz.sshj.common.KeyType;
import net.schmizz.sshj.transport.cipher.Cipher;
import net.schmizz.sshj.transport.cipher.NoneCipher;
import net.schmizz.sshj.transport.digest.MD5;

/* loaded from: classes2.dex */
public class PKCS5KeyFile extends BaseFileKeyProvider {
    protected byte[] data;

    /* renamed from: net.schmizz.sshj.userauth.keyprovider.PKCS5KeyFile$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$net$schmizz$sshj$common$KeyType;

        static {
            int[] iArr = new int[KeyType.values().length];
            $SwitchMap$net$schmizz$sshj$common$KeyType = iArr;
            try {
                iArr[KeyType.RSA.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$net$schmizz$sshj$common$KeyType[KeyType.DSA.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    /* loaded from: classes2.dex */
    class ASN1Data {
        static final byte MAGIC = 48;
        private byte[] buff;
        private int index;
        private int length;

        ASN1Data(byte[] bArr) throws FormatException {
            this.buff = bArr;
            int i = 0 + 1;
            this.index = i;
            if (bArr[0] != 48) {
                throw new FormatException("Not ASN.1 data");
            }
            this.index = i + 1;
            int i2 = bArr[i] & 255;
            this.length = i2;
            if ((i2 & 128) != 0) {
                int i3 = i2 & 127;
                this.length = 0;
                while (true) {
                    int i4 = i3 - 1;
                    if (i3 <= 0) {
                        break;
                    }
                    int i5 = this.length << 8;
                    int i6 = this.index;
                    this.index = i6 + 1;
                    this.length = i5 + (bArr[i6] & 255);
                    i3 = i4;
                }
            }
            if (this.index + this.length <= bArr.length) {
                return;
            }
            throw new FormatException("Length mismatch: " + bArr.length + " != " + (this.index + this.length));
        }

        BigInteger readNext() throws IOException {
            int i = this.index;
            if (i >= this.length) {
                throw new EOFException();
            }
            byte[] bArr = this.buff;
            int i2 = i + 1;
            this.index = i2;
            if (bArr[i] != 2) {
                throw new IOException("Not an int code: " + Integer.toHexString(this.buff[this.index] & 255));
            }
            this.index = i2 + 1;
            int i3 = bArr[i2] & 255;
            if ((i3 & 128) != 0) {
                int i4 = i3 & 127;
                int i5 = 0;
                while (true) {
                    int i6 = i4 - 1;
                    if (i4 <= 0) {
                        break;
                    }
                    int i7 = i5 << 8;
                    byte[] bArr2 = this.buff;
                    int i8 = this.index;
                    this.index = i8 + 1;
                    i5 = (bArr2[i8] & 255) + i7;
                    i4 = i6;
                }
                i3 = i5;
            }
            byte[] bArr3 = new byte[i3];
            System.arraycopy(this.buff, this.index, bArr3, 0, i3);
            this.index += i3;
            return new BigInteger(bArr3);
        }
    }

    /* loaded from: classes2.dex */
    public static class DecryptException extends IOException {
        DecryptException(String str) {
            super(str);
        }
    }

    /* loaded from: classes2.dex */
    public static class Factory implements Factory.Named<FileKeyProvider> {
        @Override // net.schmizz.sshj.common.Factory
        public FileKeyProvider create() {
            return new PKCS5KeyFile();
        }

        @Override // net.schmizz.sshj.common.Factory.Named
        public String getName() {
            return "PKCS5";
        }
    }

    /* loaded from: classes2.dex */
    public static class FormatException extends IOException {
        FormatException(String str) {
            super(str);
        }
    }

    private byte[] decrypt(byte[] bArr, Cipher cipher, byte[] bArr2) throws DecryptException {
        if (this.pwdf == null) {
            return bArr;
        }
        MD5 md5 = new MD5();
        int blockSize = cipher.getBlockSize();
        int blockSize2 = md5.getBlockSize();
        int i = ((blockSize / blockSize2) * blockSize2) + (blockSize % blockSize2 == 0 ? 0 : blockSize2);
        do {
            md5.init();
            byte[] bArr3 = new byte[i];
            byte[] bArr4 = null;
            byte[] passphraseBytes = getPassphraseBytes();
            int i2 = 0;
            while (i2 + blockSize2 <= i) {
                if (bArr4 != null) {
                    md5.update(bArr4, 0, bArr4.length);
                }
                md5.update(passphraseBytes, 0, passphraseBytes.length);
                int i3 = 8;
                if (bArr2.length <= 8) {
                    i3 = bArr2.length;
                }
                md5.update(bArr2, 0, i3);
                bArr4 = md5.digest();
                System.arraycopy(bArr4, 0, bArr3, i2, bArr4.length);
                i2 += bArr4.length;
            }
            Arrays.fill(passphraseBytes, (byte) 0);
            byte[] copyOfRange = Arrays.copyOfRange(bArr3, 0, blockSize);
            cipher.init(Cipher.Mode.Decrypt, copyOfRange, bArr2);
            Arrays.fill(copyOfRange, (byte) 0);
            byte[] copyOf = Arrays.copyOf(bArr, bArr.length);
            cipher.update(copyOf, 0, copyOf.length);
            if (48 == copyOf[0]) {
                return copyOf;
            }
        } while (this.pwdf.shouldRetry(this.resource));
        throw new DecryptException("Decryption failed");
    }

    private byte[] getPassphraseBytes() {
        CharBuffer wrap = CharBuffer.wrap(this.pwdf.reqPassword(this.resource));
        ByteBuffer encode = IOUtils.UTF8.encode(wrap);
        byte[] copyOfRange = Arrays.copyOfRange(encode.array(), encode.position(), encode.limit());
        Arrays.fill(wrap.array(), (char) 0);
        Arrays.fill(encode.array(), (byte) 0);
        return copyOfRange;
    }

    @Override // net.schmizz.sshj.userauth.keyprovider.BaseFileKeyProvider
    protected KeyPair readKeyPair() throws IOException {
        Cipher create;
        BufferedReader bufferedReader = new BufferedReader(this.resource.getReader());
        try {
            try {
                Cipher noneCipher = new NoneCipher();
                StringBuffer stringBuffer = new StringBuffer();
                byte[] bArr = new byte[0];
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    if (readLine.startsWith("-----BEGIN ") && readLine.endsWith(" PRIVATE KEY-----")) {
                        if (readLine.length() - 17 <= 11) {
                            throw new FormatException("Bad header; possibly PKCS8 format?");
                        }
                        String substring = readLine.substring(11, readLine.length() - 17);
                        if (KeyAlgorithm.RSA.equals(substring)) {
                            this.type = KeyType.RSA;
                        } else if (KeyAlgorithm.DSA.equals(substring)) {
                            this.type = KeyType.DSA;
                        } else {
                            if (!"DSS".equals(substring)) {
                                throw new FormatException("Unrecognized PKCS5 key type");
                            }
                            this.type = KeyType.DSA;
                        }
                    } else {
                        if (readLine.startsWith("-----END")) {
                            break;
                        }
                        if (this.type == null) {
                            continue;
                        } else if (readLine.startsWith("Proc-Type: ")) {
                            if (!"4,ENCRYPTED".equals(readLine.substring(11))) {
                                throw new FormatException("Unrecognized Proc-Type");
                            }
                        } else if (readLine.startsWith("DEK-Info: ")) {
                            int indexOf = readLine.indexOf(",");
                            if (indexOf == -1) {
                                throw new FormatException("Unrecognized DEK-Info");
                            }
                            String substring2 = readLine.substring(10, indexOf);
                            if ("DES-EDE3-CBC".equals(substring2)) {
                                create = BlockCiphers.TripleDESCBC().create();
                            } else if ("AES-128-CBC".equals(substring2)) {
                                create = BlockCiphers.AES128CBC().create();
                            } else if ("AES-192-CBC".equals(substring2)) {
                                create = BlockCiphers.AES192CBC().create();
                            } else {
                                if (!"AES-256-CBC".equals(substring2)) {
                                    throw new FormatException("Not a supported algorithm: " + substring2);
                                }
                                create = BlockCiphers.AES256CBC().create();
                            }
                            Cipher cipher = create;
                            bArr = Arrays.copyOfRange(ByteArrayUtils.parseHex(readLine.substring(indexOf + 1)), 0, create.getIVSize());
                            noneCipher = cipher;
                        } else if (readLine.length() > 0) {
                            stringBuffer.append(readLine);
                        }
                    }
                }
                if (this.type == null) {
                    throw new FormatException("PKCS5 header not found");
                }
                byte[] decrypt = decrypt(Base64.decode(stringBuffer.toString()), noneCipher, bArr);
                this.data = decrypt;
                ASN1Data aSN1Data = new ASN1Data(decrypt);
                int i = AnonymousClass1.$SwitchMap$net$schmizz$sshj$common$KeyType[this.type.ordinal()];
                if (i == 1) {
                    KeyFactory keyFactory = KeyFactory.getInstance(KeyAlgorithm.RSA);
                    aSN1Data.readNext();
                    BigInteger readNext = aSN1Data.readNext();
                    return new KeyPair(keyFactory.generatePublic(new RSAPublicKeySpec(readNext, aSN1Data.readNext())), keyFactory.generatePrivate(new RSAPrivateKeySpec(readNext, aSN1Data.readNext())));
                }
                if (i != 2) {
                    throw new IOException("Unrecognized PKCS5 key type: " + this.type);
                }
                KeyFactory keyFactory2 = KeyFactory.getInstance(KeyAlgorithm.DSA);
                aSN1Data.readNext();
                BigInteger readNext2 = aSN1Data.readNext();
                BigInteger readNext3 = aSN1Data.readNext();
                BigInteger readNext4 = aSN1Data.readNext();
                return new KeyPair(keyFactory2.generatePublic(new DSAPublicKeySpec(aSN1Data.readNext(), readNext2, readNext3, readNext4)), keyFactory2.generatePrivate(new DSAPrivateKeySpec(aSN1Data.readNext(), readNext2, readNext3, readNext4)));
            } catch (NoSuchAlgorithmException e) {
                throw new IOException(e);
            } catch (InvalidKeySpecException e2) {
                throw new IOException(e2);
            }
        } finally {
            bufferedReader.close();
        }
    }

    public String toString() {
        return "PKCS5KeyFile{resource=" + this.resource + "}";
    }
}
