package io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.loader.pem;

import io.jenkins.cli.shaded.org.apache.sshd.common.NamedResource;
import io.jenkins.cli.shaded.org.apache.sshd.common.cipher.ECCurves;
import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.FilePasswordProvider;
import io.jenkins.cli.shaded.org.apache.sshd.common.session.SessionContext;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.io.NoCloseInputStream;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.io.der.ASN1Object;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.io.der.ASN1Type;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.io.der.DERParser;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.security.SecurityUtils;
import java.io.IOException;
import java.io.InputStream;
import java.io.StreamCorruptedException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.NoSuchProviderException;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECPoint;
import java.security.spec.ECPrivateKeySpec;
import java.security.spec.ECPublicKeySpec;
import java.util.AbstractMap;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Map;

/* loaded from: input_file:WEB-INF/lib/cli-2.292-rc31178.15a1c214e081.jar:io/jenkins/cli/shaded/org/apache/sshd/common/config/keys/loader/pem/ECDSAPEMResourceKeyPairParser.class */
public class ECDSAPEMResourceKeyPairParser extends AbstractPEMResourceKeyPairParser {
    public static final String BEGIN_MARKER = "BEGIN EC PRIVATE KEY";
    public static final String END_MARKER = "END EC PRIVATE KEY";
    public static final String ECDSA_OID = "1.2.840.10045.2.1";
    public static final List<String> BEGINNERS = Collections.unmodifiableList(Collections.singletonList("BEGIN EC PRIVATE KEY"));
    public static final List<String> ENDERS = Collections.unmodifiableList(Collections.singletonList("END EC PRIVATE KEY"));
    public static final ECDSAPEMResourceKeyPairParser INSTANCE = new ECDSAPEMResourceKeyPairParser();

    public ECDSAPEMResourceKeyPairParser() {
        super("EC", "1.2.840.10045.2.1", BEGINNERS, ENDERS);
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.loader.AbstractKeyPairResourceParser
    public Collection<KeyPair> extractKeyPairs(SessionContext sessionContext, NamedResource namedResource, String str, String str2, FilePasswordProvider filePasswordProvider, InputStream inputStream, Map<String, String> map) throws IOException, GeneralSecurityException {
        return Collections.singletonList(parseECKeyPair(inputStream, false));
    }

    public static KeyPair parseECKeyPair(InputStream inputStream, boolean z) throws IOException, GeneralSecurityException {
        DERParser dERParser = new DERParser(NoCloseInputStream.resolveInputStream(inputStream, z));
        Throwable th = null;
        try {
            try {
                KeyPair parseECKeyPair = parseECKeyPair((ECCurves) null, dERParser);
                if (dERParser != null) {
                    if (0 != 0) {
                        try {
                            dERParser.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        dERParser.close();
                    }
                }
                return parseECKeyPair;
            } finally {
            }
        } catch (Throwable th3) {
            if (dERParser != null) {
                if (th != null) {
                    try {
                        dERParser.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    dERParser.close();
                }
            }
            throw th3;
        }
    }

    public static KeyPair parseECKeyPair(ECCurves eCCurves, DERParser dERParser) throws IOException, GeneralSecurityException {
        Map.Entry<ECPublicKeySpec, ECPrivateKeySpec> decodeECPrivateKeySpec = decodeECPrivateKeySpec(eCCurves, dERParser.readObject());
        if (!SecurityUtils.isECCSupported()) {
            throw new NoSuchProviderException("ECC not supported");
        }
        KeyFactory keyFactory = SecurityUtils.getKeyFactory("EC");
        return new KeyPair((ECPublicKey) keyFactory.generatePublic(decodeECPrivateKeySpec.getKey()), (ECPrivateKey) keyFactory.generatePrivate(decodeECPrivateKeySpec.getValue()));
    }

    public static Map.Entry<ECPublicKeySpec, ECPrivateKeySpec> decodeECPrivateKeySpec(ECCurves eCCurves, ASN1Object aSN1Object) throws IOException {
        ASN1Type objType = aSN1Object == null ? null : aSN1Object.getObjType();
        if (!ASN1Type.SEQUENCE.equals(objType)) {
            throw new IOException("Invalid DER: not a sequence: " + objType);
        }
        DERParser createParser = aSN1Object.createParser();
        Throwable th = null;
        try {
            try {
                Map.Entry<ECPrivateKeySpec, ASN1Object> decodeECPrivateKeySpec = decodeECPrivateKeySpec(eCCurves, createParser);
                ECPrivateKeySpec key = decodeECPrivateKeySpec.getKey();
                ASN1Object value = decodeECPrivateKeySpec.getValue();
                AbstractMap.SimpleImmutableEntry simpleImmutableEntry = new AbstractMap.SimpleImmutableEntry(new ECPublicKeySpec(value == null ? decodeECPublicKeyValue(createParser) : decodeECPointData(value), key.getParams()), key);
                if (createParser != null) {
                    if (0 != 0) {
                        try {
                            createParser.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        createParser.close();
                    }
                }
                return simpleImmutableEntry;
            } finally {
            }
        } catch (Throwable th3) {
            if (createParser != null) {
                if (th != null) {
                    try {
                        createParser.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    createParser.close();
                }
            }
            throw th3;
        }
    }

    public static Map.Entry<ECPrivateKeySpec, ASN1Object> decodeECPrivateKeySpec(ECCurves eCCurves, DERParser dERParser) throws IOException {
        ASN1Object readObject = dERParser.readObject();
        if (readObject == null) {
            throw new StreamCorruptedException("No version");
        }
        BigInteger asInteger = readObject.asInteger();
        if (!BigInteger.ONE.equals(asInteger)) {
            throw new StreamCorruptedException("Bad version value: " + asInteger);
        }
        ASN1Object readObject2 = dERParser.readObject();
        if (readObject2 == null) {
            throw new StreamCorruptedException("No private key value");
        }
        ASN1Type objType = readObject2.getObjType();
        if (!ASN1Type.OCTET_STRING.equals(objType)) {
            throw new StreamCorruptedException("Non-matching private key object type: " + objType);
        }
        Map.Entry<ECCurves, ASN1Object> parseCurveParameter = parseCurveParameter(dERParser);
        ECCurves key = parseCurveParameter == null ? null : parseCurveParameter.getKey();
        if (key == null) {
            if (eCCurves == null) {
                throw new StreamCorruptedException("Cannot determine curve type");
            }
        } else if (eCCurves == null) {
            eCCurves = key;
        } else if (key != eCCurves) {
            throw new StreamCorruptedException("Mismatched provide (" + eCCurves + ") vs. parsed curve (" + key + ")");
        }
        return new AbstractMap.SimpleImmutableEntry(new ECPrivateKeySpec(ECCurves.octetStringToInteger(readObject2.getPureValueBytes()), eCCurves.getParameters()), parseCurveParameter == null ? null : parseCurveParameter.getValue());
    }

    public static Map.Entry<ECCurves, ASN1Object> parseCurveParameter(DERParser dERParser) throws IOException {
        return parseCurveParameter(dERParser.readObject());
    }

    public static Map.Entry<ECCurves, ASN1Object> parseCurveParameter(ASN1Object aSN1Object) throws IOException {
        if (aSN1Object == null || aSN1Object.getObjType() == ASN1Type.NULL) {
            return null;
        }
        DERParser createParser = aSN1Object.createParser();
        Throwable th = null;
        try {
            ASN1Object readObject = createParser.readObject();
            if (readObject == null) {
                throw new StreamCorruptedException("Missing named curve parameter");
            }
            if (readObject.getObjType() == ASN1Type.BIT_STRING) {
                AbstractMap.SimpleImmutableEntry simpleImmutableEntry = new AbstractMap.SimpleImmutableEntry(null, readObject);
                if (createParser != null) {
                    if (0 != 0) {
                        try {
                            createParser.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        createParser.close();
                    }
                }
                return simpleImmutableEntry;
            }
            List<Integer> asOID = readObject.asOID();
            if (createParser != null) {
                if (0 != 0) {
                    try {
                        createParser.close();
                    } catch (Throwable th3) {
                        th.addSuppressed(th3);
                    }
                } else {
                    createParser.close();
                }
            }
            ECCurves fromOIDValue = ECCurves.fromOIDValue(asOID);
            if (fromOIDValue == null) {
                throw new StreamCorruptedException("Unknown curve OID: " + asOID);
            }
            return new AbstractMap.SimpleImmutableEntry(fromOIDValue, null);
        } catch (Throwable th4) {
            if (createParser != null) {
                if (0 != 0) {
                    try {
                        createParser.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    createParser.close();
                }
            }
            throw th4;
        }
    }

    public static final ECPoint decodeECPublicKeyValue(DERParser dERParser) throws IOException {
        return decodeECPublicKeyValue(dERParser.readObject());
    }

    public static final ECPoint decodeECPublicKeyValue(ASN1Object aSN1Object) throws IOException {
        if (aSN1Object == null) {
            throw new StreamCorruptedException("No public key data bytes");
        }
        DERParser createParser = aSN1Object.createParser();
        Throwable th = null;
        try {
            ECPoint decodeECPointData = decodeECPointData(createParser.readObject());
            if (createParser != null) {
                if (0 != 0) {
                    try {
                        createParser.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    createParser.close();
                }
            }
            return decodeECPointData;
        } catch (Throwable th3) {
            if (createParser != null) {
                if (0 != 0) {
                    try {
                        createParser.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    createParser.close();
                }
            }
            throw th3;
        }
    }

    public static final ECPoint decodeECPointData(ASN1Object aSN1Object) throws IOException {
        if (aSN1Object == null) {
            throw new StreamCorruptedException("Missing public key data parameter");
        }
        ASN1Type objType = aSN1Object.getObjType();
        if (ASN1Type.BIT_STRING.equals(objType)) {
            return ECCurves.octetStringToEcPoint(aSN1Object.getValue());
        }
        throw new StreamCorruptedException("Non-matching public key object type: " + objType);
    }
}
