package com.trilead.ssh2.crypto;

import com.huawei.hms.network.embedded.c3;
import d.l.a.q.d0;
import d.l.a.r.b;
import h.a.a.a.d;
import h.a.a.a.i.c;
import h.a.a.a.i.e;
import h.a.a.a.i.f;
import java.io.BufferedReader;
import java.io.CharArrayReader;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.DigestException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.spec.DSAPrivateKeySpec;
import java.security.spec.DSAPublicKeySpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPrivateKeySpec;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.Arrays;

/* loaded from: classes3.dex */
public class PEMDecoder {
    public static final byte[] a = {111, 112, 101, 110, 115, 115, 104, 45, 107, 101, 121, 45, 118, 49, 0};

    public static KeyPair a(PEMStructure pEMStructure, String str) throws IOException {
        KeyPair f2;
        KeySpec rSAPrivateKeySpec;
        byte[] bytes;
        if (i(pEMStructure) && pEMStructure.a != 4) {
            if (str == null) {
                throw new IOException("PEM is encrypted, but no password was specified");
            }
            try {
                d(pEMStructure, str.getBytes("ISO-8859-1"));
            } catch (UnsupportedEncodingException unused) {
                d(pEMStructure, str.getBytes("ISO-8859-1"));
            }
        }
        int i2 = pEMStructure.a;
        if (i2 == 2) {
            SimpleDERReader simpleDERReader = new SimpleDERReader(pEMStructure.f7838d);
            byte[] j2 = simpleDERReader.j();
            if (simpleDERReader.a() != 0) {
                throw new IOException("Padding in DSA PRIVATE KEY DER stream.");
            }
            simpleDERReader.k(j2);
            BigInteger f3 = simpleDERReader.f();
            if (f3.compareTo(BigInteger.ZERO) != 0) {
                throw new IOException("Wrong version (" + f3 + ") in DSA PRIVATE KEY DER stream.");
            }
            BigInteger f4 = simpleDERReader.f();
            BigInteger f5 = simpleDERReader.f();
            BigInteger f6 = simpleDERReader.f();
            BigInteger f7 = simpleDERReader.f();
            BigInteger f8 = simpleDERReader.f();
            if (simpleDERReader.a() == 0) {
                return f("DSA", new DSAPrivateKeySpec(f8, f4, f5, f6), new DSAPublicKeySpec(f7, f4, f5, f6));
            }
            throw new IOException("Padding in DSA PRIVATE KEY DER stream.");
        }
        if (i2 == 1) {
            SimpleDERReader simpleDERReader2 = new SimpleDERReader(pEMStructure.f7838d);
            byte[] j3 = simpleDERReader2.j();
            if (simpleDERReader2.a() != 0) {
                throw new IOException("Padding in RSA PRIVATE KEY DER stream.");
            }
            simpleDERReader2.k(j3);
            BigInteger f9 = simpleDERReader2.f();
            if (f9.compareTo(BigInteger.ZERO) == 0 || f9.compareTo(BigInteger.ONE) == 0) {
                BigInteger f10 = simpleDERReader2.f();
                BigInteger f11 = simpleDERReader2.f();
                return f("RSA", new RSAPrivateCrtKeySpec(f10, f11, simpleDERReader2.f(), simpleDERReader2.f(), simpleDERReader2.f(), simpleDERReader2.f(), simpleDERReader2.f(), simpleDERReader2.f()), new RSAPublicKeySpec(f10, f11));
            }
            throw new IOException("Wrong version (" + f9 + ") in RSA PRIVATE KEY DER stream.");
        }
        if (i2 == 3) {
            SimpleDERReader simpleDERReader3 = new SimpleDERReader(pEMStructure.f7838d);
            byte[] j4 = simpleDERReader3.j();
            if (simpleDERReader3.a() != 0) {
                throw new IOException("Padding in EC PRIVATE KEY DER stream.");
            }
            simpleDERReader3.k(j4);
            BigInteger f12 = simpleDERReader3.f();
            if (f12.compareTo(BigInteger.ONE) != 0) {
                throw new IOException("Wrong version (" + f12 + ") in EC PRIVATE KEY DER stream.");
            }
            byte[] h2 = simpleDERReader3.h();
            String str2 = null;
            byte[] bArr = null;
            while (simpleDERReader3.a() > 0) {
                int e2 = simpleDERReader3.e();
                SimpleDERReader d2 = simpleDERReader3.d();
                if (e2 == 0) {
                    str2 = d2.i();
                } else if (e2 == 1) {
                    bArr = d2.h();
                }
            }
            ECParameterSpec i3 = b.i(str2);
            if (i3 == null) {
                throw new IOException("invalid OID");
            }
            BigInteger bigInteger = new BigInteger(1, h2);
            int length = bArr.length - 1;
            byte[] bArr2 = new byte[length];
            System.arraycopy(bArr, 1, bArr2, 0, length);
            return f("EC", new ECPrivateKeySpec(bigInteger, i3), new ECPublicKeySpec(b.a(bArr2, i3.getCurve()), i3));
        }
        if (i2 != 4) {
            throw new IOException("PEM problem: it is of unknown type");
        }
        d0 d0Var = new d0(pEMStructure.f7838d);
        byte[] bArr3 = a;
        byte[] d3 = d0Var.d(bArr3.length);
        if (!Arrays.equals(bArr3, d3)) {
            throw new IOException("Could not find OPENSSH key magic: " + new String(d3));
        }
        String g2 = d0Var.g();
        String g3 = d0Var.g();
        byte[] c2 = d0Var.c();
        int i4 = d0Var.i();
        if (i4 != 1) {
            throw new IOException("Only one key supported, but encountered bundle of " + i4);
        }
        d0Var.c();
        byte[] c3 = d0Var.c();
        if ("bcrypt".equals(g3)) {
            if (str == null) {
                throw new IOException("PEM is encrypted, but no password was specified");
            }
            d0 d0Var2 = new d0(c2);
            byte[] c4 = d0Var2.c();
            int i5 = d0Var2.i();
            try {
                bytes = str.getBytes("UTF-8");
            } catch (UnsupportedEncodingException unused2) {
                bytes = str.getBytes();
            }
            c3 = c(c3, bytes, c4, i5, g2);
        } else if (!"none".equals(g2) || !"none".equals(g3)) {
            throw new IOException("encryption not supported");
        }
        d0 d0Var3 = new d0(c3);
        if (d0Var3.i() != d0Var3.i()) {
            throw new IOException("Decryption failed when trying to read private keys");
        }
        String g4 = d0Var3.g();
        if ("ssh-ed25519".equals(g4)) {
            byte[] c5 = d0Var3.c();
            byte[] c6 = d0Var3.c();
            h.a.a.a.i.b b = c.b("Ed25519");
            f2 = new KeyPair(new d(new f(c5, b)), new h.a.a.a.c(new e(Arrays.copyOfRange(c6, 0, 32), b)));
        } else if (g4.startsWith("ecdsa-sha2-")) {
            ECParameterSpec h3 = b.h(d0Var3.g());
            if (h3 == null) {
                throw new IOException("Invalid curve name");
            }
            byte[] c7 = d0Var3.c();
            BigInteger e3 = d0Var3.e();
            ECPoint a2 = b.a(c7, h3.getCurve());
            if (a2 == null) {
                throw new IOException("Invalid ECDSA group");
            }
            f2 = f("EC", new ECPrivateKeySpec(e3, h3), new ECPublicKeySpec(a2, h3));
        } else if ("ssh-rsa".equals(g4)) {
            BigInteger e4 = d0Var3.e();
            BigInteger e5 = d0Var3.e();
            BigInteger e6 = d0Var3.e();
            BigInteger e7 = d0Var3.e();
            BigInteger e8 = d0Var3.e();
            if (e8 == null || e7 == null) {
                rSAPrivateKeySpec = new RSAPrivateKeySpec(e4, e6);
            } else {
                BigInteger modInverse = e7.modInverse(e8);
                BigInteger bigInteger2 = BigInteger.ONE;
                rSAPrivateKeySpec = new RSAPrivateCrtKeySpec(e4, e5, e6, e8, modInverse, e6.mod(e8.subtract(bigInteger2)), e6.mod(modInverse.subtract(bigInteger2)), e7);
            }
            f2 = f("RSA", rSAPrivateKeySpec, new RSAPublicKeySpec(e4, e5));
        } else {
            if (!"ssh-dss".equals(g4)) {
                throw new IOException("Unknown key type " + g4);
            }
            BigInteger e9 = d0Var3.e();
            BigInteger e10 = d0Var3.e();
            BigInteger e11 = d0Var3.e();
            f2 = f("DSA", new DSAPrivateKeySpec(d0Var3.e(), e9, e10, e11), new DSAPublicKeySpec(d0Var3.e(), e9, e10, e11));
        }
        d0Var3.c();
        int j5 = d0Var.j();
        for (int i6 = 1; i6 <= j5; i6++) {
            if (i6 != d0Var.b()) {
                throw new IOException("Bad padding value on decrypted private keys");
            }
        }
        return f2;
    }

    public static KeyPair b(char[] cArr, String str) throws IOException {
        return a(j(cArr), str);
    }

    /* JADX WARN: Removed duplicated region for block: B:10:0x0103  */
    /* JADX WARN: Removed duplicated region for block: B:20:0x012a  */
    /* JADX WARN: Removed duplicated region for block: B:22:0x00de  */
    /* JADX WARN: Removed duplicated region for block: B:7:0x00d6  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static byte[] c(byte[] r8, byte[] r9, byte[] r10, int r11, java.lang.String r12) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 325
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.trilead.ssh2.crypto.PEMDecoder.c(byte[], byte[], byte[], int, java.lang.String):byte[]");
    }

    public static void d(PEMStructure pEMStructure, byte[] bArr) throws IOException {
        String[] strArr = pEMStructure.b;
        if (strArr == null) {
            throw new IOException("Broken PEM, no mode and salt given, but encryption enabled");
        }
        if (strArr.length != 2) {
            throw new IOException("Broken PEM, DEK-Info is incomplete!");
        }
        String str = strArr[0];
        pEMStructure.f7838d = c(pEMStructure.f7838d, bArr, g(strArr[1]), -1, str);
        pEMStructure.b = null;
        pEMStructure.f7837c = null;
    }

    public static byte[] e(byte[] bArr, byte[] bArr2, int i2) throws IOException {
        if (bArr2.length < 8) {
            throw new IllegalArgumentException("Salt needs to be at least 8 bytes for key generation.");
        }
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            byte[] bArr3 = new byte[i2];
            int digestLength = messageDigest.getDigestLength();
            byte[] bArr4 = new byte[digestLength];
            int i3 = i2;
            while (true) {
                messageDigest.update(bArr, 0, bArr.length);
                messageDigest.update(bArr2, 0, 8);
                int i4 = i3 < digestLength ? i3 : digestLength;
                try {
                    messageDigest.digest(bArr4, 0, digestLength);
                    System.arraycopy(bArr4, 0, bArr3, i2 - i3, i4);
                    i3 -= i4;
                    if (i3 == 0) {
                        return bArr3;
                    }
                    messageDigest.update(bArr4, 0, digestLength);
                } catch (DigestException e2) {
                    throw new IOException("could not digest password", e2);
                }
            }
        } catch (NoSuchAlgorithmException e3) {
            throw new IllegalArgumentException("VM does not support MD5", e3);
        }
    }

    public static KeyPair f(String str, KeySpec keySpec, KeySpec keySpec2) throws IOException {
        try {
            KeyFactory keyFactory = KeyFactory.getInstance(str);
            return new KeyPair(keyFactory.generatePublic(keySpec2), keyFactory.generatePrivate(keySpec));
        } catch (NoSuchAlgorithmException e2) {
            throw new IOException(e2);
        } catch (InvalidKeySpecException e3) {
            throw new IOException("invalid keyspec", e3);
        }
    }

    public static byte[] g(String str) {
        if (str == null) {
            throw new IllegalArgumentException("null argument");
        }
        if (str.length() % 2 != 0) {
            throw new IllegalArgumentException("Uneven string length in hex encoding.");
        }
        int length = str.length() / 2;
        byte[] bArr = new byte[length];
        for (int i2 = 0; i2 < length; i2++) {
            int i3 = i2 * 2;
            bArr[i2] = (byte) ((h(str.charAt(i3)) * 16) + h(str.charAt(i3 + 1)));
        }
        return bArr;
    }

    public static int h(char c2) {
        char c3 = 'a';
        if (c2 < 'a' || c2 > 'f') {
            c3 = 'A';
            if (c2 < 'A' || c2 > 'F') {
                if (c2 < '0' || c2 > '9') {
                    throw new IllegalArgumentException("Need hex char");
                }
                return c2 - '0';
            }
        }
        return (c2 - c3) + 10;
    }

    public static final boolean i(PEMStructure pEMStructure) throws IOException {
        if (pEMStructure.a == 4) {
            d0 d0Var = new d0(pEMStructure.f7838d);
            byte[] bArr = a;
            byte[] d2 = d0Var.d(bArr.length);
            if (Arrays.equals(bArr, d2)) {
                d0Var.g();
                return !"none".equals(d0Var.g());
            }
            throw new IOException("Could not find OPENSSH key magic: " + new String(d2));
        }
        String[] strArr = pEMStructure.f7837c;
        if (strArr == null) {
            return false;
        }
        if (strArr.length != 2) {
            throw new IOException("Unknown Proc-Type field.");
        }
        if ("4".equals(strArr[0])) {
            return "ENCRYPTED".equals(pEMStructure.f7837c[1]);
        }
        throw new IOException("Unknown Proc-Type field (" + pEMStructure.f7837c[0] + ")");
    }

    public static final PEMStructure j(char[] cArr) throws IOException {
        String str;
        PEMStructure pEMStructure = new PEMStructure();
        BufferedReader bufferedReader = new BufferedReader(new CharArrayReader(cArr));
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                throw new IOException("Invalid PEM structure, '-----BEGIN...' missing");
            }
            String trim = readLine.trim();
            if (trim.startsWith("-----BEGIN DSA PRIVATE KEY-----")) {
                pEMStructure.a = 2;
                str = "-----END DSA PRIVATE KEY-----";
                break;
            }
            if (trim.startsWith("-----BEGIN RSA PRIVATE KEY-----")) {
                pEMStructure.a = 1;
                str = "-----END RSA PRIVATE KEY-----";
                break;
            }
            if (trim.startsWith("-----BEGIN EC PRIVATE KEY-----")) {
                pEMStructure.a = 3;
                str = "-----END EC PRIVATE KEY-----";
                break;
            }
            if (trim.startsWith("-----BEGIN OPENSSH PRIVATE KEY-----")) {
                pEMStructure.a = 4;
                str = "-----END OPENSSH PRIVATE KEY-----";
                break;
            }
        }
        while (true) {
            String readLine2 = bufferedReader.readLine();
            if (readLine2 == null) {
                throw new IOException("Invalid PEM structure, " + str + " missing");
            }
            String trim2 = readLine2.trim();
            int indexOf = trim2.indexOf(58);
            if (indexOf == -1) {
                StringBuffer stringBuffer = new StringBuffer();
                while (trim2 != null) {
                    String trim3 = trim2.trim();
                    if (trim3.startsWith(str)) {
                        int length = stringBuffer.length();
                        char[] cArr2 = new char[length];
                        stringBuffer.getChars(0, length, cArr2, 0);
                        byte[] a2 = Base64.a(cArr2);
                        pEMStructure.f7838d = a2;
                        if (a2.length != 0) {
                            return pEMStructure;
                        }
                        throw new IOException("Invalid PEM structure, no data available");
                    }
                    stringBuffer.append(trim3);
                    trim2 = bufferedReader.readLine();
                }
                throw new IOException("Invalid PEM structure, " + str + " missing");
            }
            int i2 = indexOf + 1;
            String substring = trim2.substring(0, i2);
            String[] split = trim2.substring(i2).split(c3.f2882e);
            for (int i3 = 0; i3 < split.length; i3++) {
                split[i3] = split[i3].trim();
            }
            if ("Proc-Type:".equals(substring)) {
                pEMStructure.f7837c = split;
            } else if ("DEK-Info:".equals(substring)) {
                pEMStructure.b = split;
            }
        }
    }

    public static byte[] k(byte[] bArr, int i2) throws IOException {
        int i3 = bArr[bArr.length - 1] & 255;
        if (i3 < 1 || i3 > i2) {
            throw new IOException("Decrypted PEM has wrong padding, did you specify the correct password?");
        }
        for (int i4 = 2; i4 <= i3; i4++) {
            if (bArr[bArr.length - i4] != i3) {
                throw new IOException("Decrypted PEM has wrong padding, did you specify the correct password?");
            }
        }
        byte[] bArr2 = new byte[bArr.length - i3];
        System.arraycopy(bArr, 0, bArr2, 0, bArr.length - i3);
        return bArr2;
    }
}
