package com.trilead.ssh2.signature;

import androidx.activity.e;
import bd.a;
import com.trilead.ssh2.crypto.CertificateDecoder;
import com.trilead.ssh2.crypto.PEMStructure;
import com.trilead.ssh2.crypto.cipher.BlockCipher;
import com.trilead.ssh2.crypto.cipher.BlockCipherFactory;
import com.trilead.ssh2.crypto.cipher.CBCMode;
import com.trilead.ssh2.crypto.cipher.DES;
import com.trilead.ssh2.packets.TypesReader;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyPair;

/* loaded from: classes3.dex */
abstract class OpenSshCertificateDecoder extends CertificateDecoder {
    private final String keyAlgorithm;

    /* JADX WARN: Enum visitor error
    jadx.core.utils.exceptions.JadxRuntimeException: Init of enum field 'AES128_CBC' uses external variables
    	at jadx.core.dex.visitors.EnumVisitor.createEnumFieldByConstructor(EnumVisitor.java:451)
    	at jadx.core.dex.visitors.EnumVisitor.processEnumFieldByRegister(EnumVisitor.java:395)
    	at jadx.core.dex.visitors.EnumVisitor.extractEnumFieldsFromFilledArray(EnumVisitor.java:324)
    	at jadx.core.dex.visitors.EnumVisitor.extractEnumFieldsFromInsn(EnumVisitor.java:262)
    	at jadx.core.dex.visitors.EnumVisitor.convertToEnum(EnumVisitor.java:151)
    	at jadx.core.dex.visitors.EnumVisitor.visit(EnumVisitor.java:100)
     */
    /* JADX WARN: Failed to restore enum class, 'enum' modifier and super class removed */
    /* loaded from: classes2.dex */
    public static abstract class SshCipher {
        private static final /* synthetic */ SshCipher[] $VALUES;
        public static final SshCipher AES128_CBC;
        public static final SshCipher AES192_CBC;
        public static final SshCipher AES256_CBC;
        public static final SshCipher AES256_CTR;
        public static final SshCipher DESEDE_CBC;
        public static final SshCipher DES_CBC;
        private final int blockSize;
        private final int keyLength;
        private final String[] sshCipherNames;

        static {
            SshCipher sshCipher = new SshCipher("DESEDE_CBC", 0, 24, 8, "des-ede3-cbc", new String[0]) { // from class: com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher.1
                @Override // com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher
                public BlockCipher createBlockCipher(byte[] bArr, byte[] bArr2, boolean z) {
                    return BlockCipherFactory.createCipher("3des-cbc", z, bArr, bArr2);
                }
            };
            DESEDE_CBC = sshCipher;
            SshCipher sshCipher2 = new SshCipher("DES_CBC", 1, 8, 8, "des-cbc", new String[0]) { // from class: com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher.2
                @Override // com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher
                public BlockCipher createBlockCipher(byte[] bArr, byte[] bArr2, boolean z) {
                    DES des = new DES();
                    des.init(z, bArr);
                    return new CBCMode(des, bArr2, z);
                }
            };
            DES_CBC = sshCipher2;
            int i7 = 16;
            SshCipher sshCipher3 = new SshCipher("AES128_CBC", 2, 16, i7, "aes-128-cbc", "aes128-cbc") { // from class: com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher.3
                @Override // com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher
                public BlockCipher createBlockCipher(byte[] bArr, byte[] bArr2, boolean z) {
                    return BlockCipherFactory.createCipher("aes128-cbc", z, bArr, bArr2);
                }
            };
            AES128_CBC = sshCipher3;
            int i10 = 16;
            SshCipher sshCipher4 = new SshCipher("AES192_CBC", 3, 24, i10, "aes-192-cbc", "aes192-cbc") { // from class: com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher.4
                @Override // com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher
                public BlockCipher createBlockCipher(byte[] bArr, byte[] bArr2, boolean z) {
                    return BlockCipherFactory.createCipher("aes192-cbc", z, bArr, bArr2);
                }
            };
            AES192_CBC = sshCipher4;
            SshCipher sshCipher5 = new SshCipher("AES256_CBC", 4, 32, i7, "aes-256-cbc", "aes256-cbc") { // from class: com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher.5
                @Override // com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher
                public BlockCipher createBlockCipher(byte[] bArr, byte[] bArr2, boolean z) {
                    return BlockCipherFactory.createCipher("aes256-cbc", z, bArr, bArr2);
                }
            };
            AES256_CBC = sshCipher5;
            SshCipher sshCipher6 = new SshCipher("AES256_CTR", 5, 32, i10, "aes-256-ctr", "aes256-ctr") { // from class: com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher.6
                @Override // com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher
                public BlockCipher createBlockCipher(byte[] bArr, byte[] bArr2, boolean z) {
                    return BlockCipherFactory.createCipher("aes256-ctr", z, bArr, bArr2);
                }
            };
            AES256_CTR = sshCipher6;
            $VALUES = new SshCipher[]{sshCipher, sshCipher2, sshCipher3, sshCipher4, sshCipher5, sshCipher6};
        }

        private SshCipher(String str, int i7, int i10, int i11, String str2, String... strArr) {
            this.keyLength = i10;
            this.blockSize = i11;
            String[] strArr2 = new String[(strArr == null ? 0 : strArr.length) + 1];
            strArr2[0] = str2;
            if (strArr != null) {
                System.arraycopy(strArr, 0, strArr2, 1, strArr.length);
            }
            this.sshCipherNames = strArr2;
        }

        public static SshCipher getInstance(String str) {
            for (SshCipher sshCipher : values()) {
                for (String str2 : sshCipher.sshCipherNames) {
                    if (str2.equalsIgnoreCase(str)) {
                        return sshCipher;
                    }
                }
            }
            throw new IllegalArgumentException(e.b("Unknown Cipher: ", str));
        }

        public static SshCipher valueOf(String str) {
            return (SshCipher) Enum.valueOf(SshCipher.class, str);
        }

        public static SshCipher[] values() {
            return (SshCipher[]) $VALUES.clone();
        }

        public abstract BlockCipher createBlockCipher(byte[] bArr, byte[] bArr2, boolean z);

        public int getBlockSize() {
            return this.blockSize;
        }

        public int getKeyLength() {
            return this.keyLength;
        }
    }

    public OpenSshCertificateDecoder(String str) {
        this.keyAlgorithm = str;
    }

    private static byte[] decryptData(byte[] bArr, byte[] bArr2, SshCipher sshCipher) {
        int keyLength = sshCipher.getKeyLength();
        byte[] bArr3 = new byte[keyLength];
        int blockSize = sshCipher.getBlockSize();
        byte[] bArr4 = new byte[blockSize];
        System.arraycopy(bArr2, 0, bArr3, 0, keyLength);
        System.arraycopy(bArr2, keyLength, bArr4, 0, blockSize);
        BlockCipher createBlockCipher = sshCipher.createBlockCipher(bArr3, bArr4, false);
        byte[] bArr5 = new byte[bArr.length];
        for (int i7 = 0; i7 < bArr.length / createBlockCipher.getBlockSize(); i7++) {
            createBlockCipher.transformBlock(bArr, createBlockCipher.getBlockSize() * i7, bArr5, createBlockCipher.getBlockSize() * i7);
        }
        return bArr5;
    }

    private static byte[] generateKayAndIvPbkdf2(byte[] bArr, byte[] bArr2, int i7, int i10, int i11) {
        int i12 = i10 + i11;
        int[] iArr = new int[i12];
        a aVar = new a();
        if (i7 < 4 || i7 > 30) {
            throw new IllegalArgumentException("Bad number of rounds");
        }
        int i13 = 1 << i7;
        if (bArr2.length != 16) {
            throw new IllegalArgumentException("Bad salt length");
        }
        aVar.f8839a = (int[]) a.f8837c.clone();
        int[] iArr2 = (int[]) a.f8838d.clone();
        aVar.f8840b = iArr2;
        int[] iArr3 = {0};
        int[] iArr4 = {0};
        int[] iArr5 = {0, 0};
        int length = aVar.f8839a.length;
        int length2 = iArr2.length;
        for (int i14 = 0; i14 < length; i14++) {
            int[] iArr6 = aVar.f8839a;
            iArr6[i14] = iArr6[i14] ^ a.c(bArr, iArr3);
        }
        for (int i15 = 0; i15 < length; i15 += 2) {
            iArr5[0] = iArr5[0] ^ a.c(bArr2, iArr4);
            iArr5[1] = iArr5[1] ^ a.c(bArr2, iArr4);
            aVar.a(iArr5, 0);
            int[] iArr7 = aVar.f8839a;
            iArr7[i15] = iArr5[0];
            iArr7[i15 + 1] = iArr5[1];
        }
        for (int i16 = 0; i16 < length2; i16 += 2) {
            iArr5[0] = iArr5[0] ^ a.c(bArr2, iArr4);
            iArr5[1] = iArr5[1] ^ a.c(bArr2, iArr4);
            aVar.a(iArr5, 0);
            int[] iArr8 = aVar.f8840b;
            iArr8[i16] = iArr5[0];
            iArr8[i16 + 1] = iArr5[1];
        }
        for (int i17 = 0; i17 != i13; i17++) {
            aVar.b(bArr);
            aVar.b(bArr2);
        }
        for (int i18 = 0; i18 < 64; i18++) {
            for (int i19 = 0; i19 < (i12 >> 1); i19++) {
                aVar.a(iArr, i19 << 1);
            }
        }
        byte[] bArr3 = new byte[i12 * 4];
        int i20 = 0;
        for (int i21 = 0; i21 < i12; i21++) {
            int i22 = i20 + 1;
            int i23 = iArr[i21];
            bArr3[i20] = (byte) ((i23 >> 24) & 255);
            int i24 = i22 + 1;
            bArr3[i22] = (byte) ((i23 >> 16) & 255);
            int i25 = i24 + 1;
            bArr3[i24] = (byte) ((i23 >> 8) & 255);
            i20 = i25 + 1;
            bArr3[i25] = (byte) (i23 & 255);
        }
        byte[] bArr4 = new byte[i12];
        for (int i26 = 0; i26 < i12; i26++) {
            bArr4[i26] = (byte) iArr[i26];
        }
        return bArr4;
    }

    @Override // com.trilead.ssh2.crypto.CertificateDecoder
    public KeyPair createKeyPair(PEMStructure pEMStructure) {
        return null;
    }

    @Override // com.trilead.ssh2.crypto.CertificateDecoder
    public KeyPair createKeyPair(PEMStructure pEMStructure, String str) throws IOException {
        TypesReader typesReader = new TypesReader(pEMStructure.getData());
        if (!"openssh-key-v1".equals(new String(typesReader.readBytes(15), StandardCharsets.UTF_8).trim())) {
            throw new IOException("Could not find openssh header in key");
        }
        String readString = typesReader.readString();
        String readString2 = typesReader.readString();
        byte[] readByteString = typesReader.readByteString();
        if (typesReader.readUINT32() != 1) {
            throw new IOException("Only single OpenSSH keys are supported");
        }
        typesReader.readByteString();
        byte[] readByteString2 = typesReader.readByteString();
        if ("bcrypt".equals(readString2)) {
            if (str == null) {
                throw new IOException("PEM is encrypted but password has not been specified");
            }
            TypesReader typesReader2 = new TypesReader(readByteString);
            byte[] readByteString3 = typesReader2.readByteString();
            int readUINT32 = typesReader2.readUINT32();
            SshCipher sshCipher = SshCipher.getInstance(readString);
            readByteString2 = decryptData(readByteString2, generateKayAndIvPbkdf2(str.getBytes(StandardCharsets.UTF_8), readByteString3, readUINT32, sshCipher.getKeyLength(), sshCipher.getBlockSize()), sshCipher);
        } else if (!"none".equals(readString) || !"none".equals(readString2)) {
            throw new IOException("Unexpected encryption method for key");
        }
        TypesReader typesReader3 = new TypesReader(readByteString2);
        if (typesReader3.readUINT32() != typesReader3.readUINT32()) {
            throw new IOException("Check integers didn't match");
        }
        String readString3 = typesReader3.readString();
        if (!readString3.equals(this.keyAlgorithm)) {
            throw new IOException(e.b("Invalid key type: ", readString3));
        }
        try {
            KeyPair generateKeyPair = generateKeyPair(typesReader3);
            typesReader3.readByteString();
            int i7 = 0;
            while (i7 < typesReader.remain()) {
                i7++;
                if (i7 != typesReader.readByte()) {
                    throw new IOException("Incorrect padding on private keys");
                }
            }
            return generateKeyPair;
        } catch (GeneralSecurityException e7) {
            throw new IOException("Could not create key pair", e7);
        }
    }

    public abstract KeyPair generateKeyPair(TypesReader typesReader) throws GeneralSecurityException, IOException;

    @Override // com.trilead.ssh2.crypto.CertificateDecoder
    public String getEndLine() {
        return "-----END OPENSSH PRIVATE KEY-----";
    }

    @Override // com.trilead.ssh2.crypto.CertificateDecoder
    public String getStartLine() {
        return "-----BEGIN OPENSSH PRIVATE KEY-----";
    }
}
