package com.trilead.ssh2.crypto;

import c.f;
import c.g;
import com.trilead.ssh2.crypto.cipher.AES;
import com.trilead.ssh2.crypto.cipher.CBCMode;
import com.trilead.ssh2.crypto.cipher.DES;
import com.trilead.ssh2.crypto.cipher.DESede;
import com.trilead.ssh2.crypto.digest.MD5;
import com.trilead.ssh2.signature.DSAPrivateKey;
import com.trilead.ssh2.signature.KeyAlgorithm;
import com.trilead.ssh2.signature.KeyAlgorithmManager;
import com.trilead.ssh2.signature.RSAPrivateKey;
import d.e;
import java.io.BufferedReader;
import java.io.CharArrayReader;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Iterator;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: classes.dex */
public class PEMDecoder {
    private static final Logger LOGGER = Logger.getLogger(PEMDecoder.class.getName());
    private static final int PEM_DSA_PRIVATE_KEY = 2;
    private static final int PEM_RSA_PRIVATE_KEY = 1;

    @Deprecated
    public static Object decode(char[] cArr, String str) {
        PEMStructure parsePEM = parsePEM(cArr);
        if (isPEMEncrypted(parsePEM)) {
            if (str == null) {
                throw new IOException("PEM is encrypted, but no password was specified");
            }
            decryptPEM(parsePEM, str.getBytes("ISO-8859-1"));
        }
        int i2 = parsePEM.pemType;
        if (i2 != 2) {
            if (i2 != 1) {
                throw new IOException("PEM problem: it is of unknown type");
            }
            SimpleDERReader simpleDERReader = new SimpleDERReader(parsePEM.data);
            byte[] readSequenceAsByteArray = simpleDERReader.readSequenceAsByteArray();
            if (simpleDERReader.available() != 0) {
                throw new IOException("Padding in RSA PRIVATE KEY DER stream.");
            }
            simpleDERReader.resetInput(readSequenceAsByteArray);
            BigInteger readInt = simpleDERReader.readInt();
            if (readInt.compareTo(BigInteger.ZERO) == 0 || readInt.compareTo(BigInteger.ONE) == 0) {
                return new RSAPrivateKey(simpleDERReader.readInt(), simpleDERReader.readInt(), simpleDERReader.readInt());
            }
            throw new IOException("Wrong version (" + readInt + ") in RSA PRIVATE KEY DER stream.");
        }
        SimpleDERReader simpleDERReader2 = new SimpleDERReader(parsePEM.data);
        byte[] readSequenceAsByteArray2 = simpleDERReader2.readSequenceAsByteArray();
        if (simpleDERReader2.available() != 0) {
            throw new IOException("Padding in DSA PRIVATE KEY DER stream.");
        }
        simpleDERReader2.resetInput(readSequenceAsByteArray2);
        BigInteger readInt2 = simpleDERReader2.readInt();
        if (readInt2.compareTo(BigInteger.ZERO) != 0) {
            throw new IOException("Wrong version (" + readInt2 + ") in DSA PRIVATE KEY DER stream.");
        }
        BigInteger readInt3 = simpleDERReader2.readInt();
        BigInteger readInt4 = simpleDERReader2.readInt();
        BigInteger readInt5 = simpleDERReader2.readInt();
        BigInteger readInt6 = simpleDERReader2.readInt();
        BigInteger readInt7 = simpleDERReader2.readInt();
        if (simpleDERReader2.available() == 0) {
            return new DSAPrivateKey(readInt3, readInt4, readInt5, readInt6, readInt7);
        }
        throw new IOException("Padding in DSA PRIVATE KEY DER stream.");
    }

    public static KeyPair decodeKeyPair(char[] cArr, String str) {
        Iterator<KeyAlgorithm<PublicKey, PrivateKey>> it = KeyAlgorithmManager.getSupportedAlgorithms().iterator();
        while (it.hasNext()) {
            for (CertificateDecoder certificateDecoder : it.next().getCertificateDecoders()) {
                try {
                    PEMStructure parsePEM = parsePEM(cArr, certificateDecoder);
                    if (isPEMEncrypted(parsePEM)) {
                        if (str == null) {
                            throw new IOException("PEM is encrypted, but no password was specified");
                        }
                        decryptPEM(parsePEM, str.getBytes("ISO-8859-1"));
                    }
                    return certificateDecoder.createKeyPair(parsePEM, str);
                } catch (IOException e2) {
                    Logger logger = LOGGER;
                    Level level = Level.FINE;
                    StringBuilder b2 = g.b("Could not decode PEM Key using current decoder: ");
                    b2.append(certificateDecoder.getClass().getName());
                    logger.log(level, b2.toString(), (Throwable) e2);
                }
            }
        }
        throw new IOException("PEM problem: it is of unknown type");
    }

    private static void decryptPEM(PEMStructure pEMStructure, byte[] bArr) {
        CBCMode cBCMode;
        String[] strArr = pEMStructure.dekInfo;
        if (strArr == null) {
            throw new IOException("Broken PEM, no mode and salt given, but encryption enabled");
        }
        if (strArr.length != 2) {
            throw new IOException("Broken PEM, DEK-Info is incomplete!");
        }
        String str = strArr[0];
        byte[] hexToByteArray = hexToByteArray(strArr[1]);
        if (str.equals("DES-EDE3-CBC")) {
            DESede dESede = new DESede();
            dESede.init(false, generateKeyFromPasswordSaltWithMD5(bArr, hexToByteArray, 24));
            cBCMode = new CBCMode(dESede, hexToByteArray, false);
        } else if (str.equals("DES-CBC")) {
            DES des = new DES();
            des.init(false, generateKeyFromPasswordSaltWithMD5(bArr, hexToByteArray, 8));
            cBCMode = new CBCMode(des, hexToByteArray, false);
        } else if (str.equals("AES-128-CBC")) {
            AES aes = new AES();
            aes.init(false, generateKeyFromPasswordSaltWithMD5(bArr, hexToByteArray, 16));
            cBCMode = new CBCMode(aes, hexToByteArray, false);
        } else if (str.equals("AES-192-CBC")) {
            AES aes2 = new AES();
            aes2.init(false, generateKeyFromPasswordSaltWithMD5(bArr, hexToByteArray, 24));
            cBCMode = new CBCMode(aes2, hexToByteArray, false);
        } else {
            if (!str.equals("AES-256-CBC")) {
                throw new IOException(f.b("Cannot decrypt PEM structure, unknown cipher ", str));
            }
            AES aes3 = new AES();
            aes3.init(false, generateKeyFromPasswordSaltWithMD5(bArr, hexToByteArray, 32));
            cBCMode = new CBCMode(aes3, hexToByteArray, false);
        }
        if (pEMStructure.data.length % cBCMode.getBlockSize() != 0) {
            StringBuilder b2 = g.b("Invalid PEM structure, size of encrypted block is not a multiple of ");
            b2.append(cBCMode.getBlockSize());
            throw new IOException(b2.toString());
        }
        byte[] bArr2 = new byte[pEMStructure.data.length];
        for (int i2 = 0; i2 < pEMStructure.data.length / cBCMode.getBlockSize(); i2++) {
            cBCMode.transformBlock(pEMStructure.data, cBCMode.getBlockSize() * i2, bArr2, cBCMode.getBlockSize() * i2);
        }
        pEMStructure.data = removePadding(bArr2, cBCMode.getBlockSize());
        pEMStructure.dekInfo = null;
        pEMStructure.procType = null;
    }

    public static byte[] generateKeyFromPasswordSaltWithMD5(byte[] bArr, byte[] bArr2, int i2) {
        if (bArr2.length < 8) {
            throw new IllegalArgumentException("Salt needs to be at least 8 bytes for key generation.");
        }
        MD5 md5 = new MD5();
        byte[] bArr3 = new byte[i2];
        int digestLength = md5.getDigestLength();
        byte[] bArr4 = new byte[digestLength];
        int i3 = i2;
        while (true) {
            md5.update(bArr, 0, bArr.length);
            md5.update(bArr2, 0, 8);
            int i4 = i3 < digestLength ? i3 : digestLength;
            md5.digest(bArr4, 0);
            System.arraycopy(bArr4, 0, bArr3, i2 - i3, i4);
            i3 -= i4;
            if (i3 == 0) {
                return bArr3;
            }
            md5.update(bArr4, 0, digestLength);
        }
    }

    private static byte[] hexToByteArray(String str) {
        if (str == null) {
            throw new IllegalArgumentException("null argument");
        }
        if (str.length() % 2 != 0) {
            throw new IllegalArgumentException("Uneven string length in hex encoding.");
        }
        int length = str.length() / 2;
        byte[] bArr = new byte[length];
        for (int i2 = 0; i2 < length; i2++) {
            int i3 = i2 * 2;
            bArr[i2] = (byte) ((hexToInt(str.charAt(i3)) * 16) + hexToInt(str.charAt(i3 + 1)));
        }
        return bArr;
    }

    private static int hexToInt(char c2) {
        char c3 = 'a';
        if (c2 < 'a' || c2 > 'f') {
            c3 = 'A';
            if (c2 < 'A' || c2 > 'F') {
                if (c2 < '0' || c2 > '9') {
                    throw new IllegalArgumentException("Need hex char");
                }
                return c2 - '0';
            }
        }
        return (c2 - c3) + 10;
    }

    public static boolean isPEMEncrypted(PEMStructure pEMStructure) {
        String[] strArr = pEMStructure.procType;
        if (strArr == null) {
            return false;
        }
        if (strArr.length != 2) {
            throw new IOException("Unknown Proc-Type field.");
        }
        if ("4".equals(strArr[0])) {
            return "ENCRYPTED".equals(pEMStructure.procType[1]);
        }
        StringBuilder b2 = g.b("Unknown Proc-Type field (");
        b2.append(pEMStructure.procType[0]);
        b2.append(")");
        throw new IOException(b2.toString());
    }

    private static PEMStructure parsePEM(char[] cArr) {
        String str;
        PEMStructure pEMStructure = new PEMStructure();
        BufferedReader bufferedReader = new BufferedReader(new CharArrayReader(cArr));
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                throw new IOException("Invalid PEM structure, '-----BEGIN...' missing");
            }
            String trim = readLine.trim();
            if (trim.startsWith("-----BEGIN DSA PRIVATE KEY-----")) {
                pEMStructure.pemType = 2;
                str = "-----END DSA PRIVATE KEY-----";
                break;
            }
            if (trim.startsWith("-----BEGIN RSA PRIVATE KEY-----")) {
                pEMStructure.pemType = 1;
                str = "-----END RSA PRIVATE KEY-----";
                break;
            }
        }
        while (true) {
            String readLine2 = bufferedReader.readLine();
            if (readLine2 == null) {
                throw new IOException(e.a("Invalid PEM structure, ", str, " missing"));
            }
            String trim2 = readLine2.trim();
            int indexOf = trim2.indexOf(58);
            if (indexOf == -1) {
                StringBuilder sb = new StringBuilder();
                while (trim2 != null) {
                    String trim3 = trim2.trim();
                    if (trim3.startsWith(str)) {
                        int length = sb.length();
                        char[] cArr2 = new char[length];
                        sb.getChars(0, length, cArr2, 0);
                        byte[] decode = Base64.decode(cArr2);
                        pEMStructure.data = decode;
                        if (decode.length != 0) {
                            return pEMStructure;
                        }
                        throw new IOException("Invalid PEM structure, no data available");
                    }
                    sb.append(trim3);
                    trim2 = bufferedReader.readLine();
                }
                throw new IOException(e.a("Invalid PEM structure, ", str, " missing"));
            }
            int i2 = indexOf + 1;
            String substring = trim2.substring(0, i2);
            String[] split = trim2.substring(i2).split(",");
            for (int i3 = 0; i3 < split.length; i3++) {
                split[i3] = split[i3].trim();
            }
            if ("Proc-Type:".equals(substring)) {
                pEMStructure.procType = split;
            } else if ("DEK-Info:".equals(substring)) {
                pEMStructure.dekInfo = split;
            }
        }
    }

    private static PEMStructure parsePEM(char[] cArr, CertificateDecoder certificateDecoder) {
        String readLine;
        PEMStructure pEMStructure = new PEMStructure();
        BufferedReader bufferedReader = new BufferedReader(new CharArrayReader(cArr));
        do {
            readLine = bufferedReader.readLine();
            if (readLine == null) {
                throw new IOException("Invalid PEM structure, '-----BEGIN...' missing");
            }
        } while (!readLine.trim().startsWith(certificateDecoder.getStartLine()));
        String endLine = certificateDecoder.getEndLine();
        while (true) {
            String readLine2 = bufferedReader.readLine();
            if (readLine2 == null) {
                throw new IOException(e.a("Invalid PEM structure, ", endLine, " missing"));
            }
            String trim = readLine2.trim();
            int indexOf = trim.indexOf(58);
            if (indexOf == -1) {
                StringBuilder sb = new StringBuilder();
                while (trim != null) {
                    String trim2 = trim.trim();
                    if (trim2.startsWith(endLine)) {
                        int length = sb.length();
                        char[] cArr2 = new char[length];
                        sb.getChars(0, length, cArr2, 0);
                        byte[] decode = Base64.decode(cArr2);
                        pEMStructure.data = decode;
                        if (decode.length != 0) {
                            return pEMStructure;
                        }
                        throw new IOException("Invalid PEM structure, no data available");
                    }
                    sb.append(trim2);
                    trim = bufferedReader.readLine();
                }
                throw new IOException(e.a("Invalid PEM structure, ", endLine, " missing"));
            }
            int i2 = indexOf + 1;
            String substring = trim.substring(0, i2);
            String[] split = trim.substring(i2).split(",");
            for (int i3 = 0; i3 < split.length; i3++) {
                split[i3] = split[i3].trim();
            }
            if ("Proc-Type:".equals(substring)) {
                pEMStructure.procType = split;
            } else if ("DEK-Info:".equals(substring)) {
                pEMStructure.dekInfo = split;
            }
        }
    }

    private static byte[] removePadding(byte[] bArr, int i2) {
        int i3 = bArr[bArr.length - 1] & 255;
        if (i3 < 1 || i3 > i2) {
            throw new IOException("Decrypted PEM has wrong padding, did you specify the correct password?");
        }
        for (int i4 = 2; i4 <= i3; i4++) {
            if (bArr[bArr.length - i4] != i3) {
                throw new IOException("Decrypted PEM has wrong padding, did you specify the correct password?");
            }
        }
        byte[] bArr2 = new byte[bArr.length - i3];
        System.arraycopy(bArr, 0, bArr2, 0, bArr.length - i3);
        return bArr2;
    }
}
