package com.hierynomus.sshj.userauth.keyprovider;

import java.io.BufferedReader;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.PublicKey;
import net.i2p.crypto.eddsa.EdDSAPrivateKey;
import net.i2p.crypto.eddsa.spec.EdDSANamedCurveTable;
import net.i2p.crypto.eddsa.spec.EdDSAPrivateKeySpec;
import net.schmizz.sshj.common.Base64;
import net.schmizz.sshj.common.Buffer;
import net.schmizz.sshj.common.ByteArrayUtils;
import net.schmizz.sshj.common.Factory;
import net.schmizz.sshj.common.IOUtils;
import net.schmizz.sshj.common.KeyType;
import net.schmizz.sshj.common.SSHRuntimeException;
import net.schmizz.sshj.userauth.keyprovider.BaseFileKeyProvider;
import net.schmizz.sshj.userauth.keyprovider.FileKeyProvider;
import net.schmizz.sshj.userauth.keyprovider.KeyFormat;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/sshj-0.21.1.jar:com/hierynomus/sshj/userauth/keyprovider/OpenSSHKeyV1KeyFile.class */
public class OpenSSHKeyV1KeyFile extends BaseFileKeyProvider {
    private static final String BEGIN = "-----BEGIN ";
    private static final String END = "-----END ";
    public static final String OPENSSH_PRIVATE_KEY = "OPENSSH PRIVATE KEY-----";
    private static final Logger logger = LoggerFactory.getLogger(OpenSSHKeyV1KeyFile.class);
    private static final byte[] AUTH_MAGIC = "openssh-key-v1��".getBytes();

    /* loaded from: input_file:WEB-INF/lib/sshj-0.21.1.jar:com/hierynomus/sshj/userauth/keyprovider/OpenSSHKeyV1KeyFile$Factory.class */
    public static class Factory implements Factory.Named<FileKeyProvider> {
        @Override // net.schmizz.sshj.common.Factory
        public FileKeyProvider create() {
            return new OpenSSHKeyV1KeyFile();
        }

        @Override // net.schmizz.sshj.common.Factory.Named
        public String getName() {
            return KeyFormat.OpenSSHv1.name();
        }
    }

    @Override // net.schmizz.sshj.userauth.keyprovider.BaseFileKeyProvider
    protected KeyPair readKeyPair() throws IOException {
        BufferedReader bufferedReader = new BufferedReader(this.resource.getReader());
        try {
            try {
                if (!checkHeader(bufferedReader)) {
                    throw new IOException("This key is not in 'openssh-key-v1' format");
                }
                KeyPair readDecodedKeyPair = readDecodedKeyPair(new Buffer.PlainBuffer(Base64.decode(readKeyFile(bufferedReader))));
                IOUtils.closeQuietly(bufferedReader);
                return readDecodedKeyPair;
            } catch (GeneralSecurityException e) {
                throw new SSHRuntimeException(e);
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly(bufferedReader);
            throw th;
        }
    }

    private KeyPair readDecodedKeyPair(Buffer.PlainBuffer plainBuffer) throws IOException, GeneralSecurityException {
        byte[] bArr = new byte[AUTH_MAGIC.length];
        plainBuffer.readRawBytes(bArr);
        if (!ByteArrayUtils.equals(bArr, 0, AUTH_MAGIC, 0, AUTH_MAGIC.length)) {
            throw new IOException("This key does not contain the 'openssh-key-v1' format magic header");
        }
        String readString = plainBuffer.readString();
        String readString2 = plainBuffer.readString();
        String readString3 = plainBuffer.readString();
        if (plainBuffer.readUInt32AsInt() != 1) {
            throw new IOException("We don't support having more than 1 key in the file (yet).");
        }
        PublicKey readPublicKey = readPublicKey(new Buffer.PlainBuffer(plainBuffer.readBytes()));
        Buffer.PlainBuffer plainBuffer2 = new Buffer.PlainBuffer(plainBuffer.readBytes());
        if ("none".equals(readString)) {
            logger.debug("Reading unencrypted keypair");
            return readUnencrypted(plainBuffer2, readPublicKey);
        }
        logger.info("Keypair is encrypted with: " + readString + ", " + readString2 + ", " + readString3);
        throw new IOException("Cannot read encrypted keypair with " + readString + " yet.");
    }

    private PublicKey readPublicKey(Buffer.PlainBuffer plainBuffer) throws Buffer.BufferException, GeneralSecurityException {
        return KeyType.fromString(plainBuffer.readString()).readPubKeyFromBuffer(plainBuffer);
    }

    private String readKeyFile(BufferedReader bufferedReader) throws IOException {
        StringBuilder sb = new StringBuilder();
        String readLine = bufferedReader.readLine();
        while (true) {
            String str = readLine;
            if (str.startsWith(END)) {
                return sb.toString();
            }
            sb.append(str);
            readLine = bufferedReader.readLine();
        }
    }

    private boolean checkHeader(BufferedReader bufferedReader) throws IOException {
        String str;
        String readLine = bufferedReader.readLine();
        while (true) {
            str = readLine;
            if (str == null || str.startsWith(BEGIN)) {
                break;
            }
            readLine = bufferedReader.readLine();
        }
        return str.substring(BEGIN.length()).startsWith(OPENSSH_PRIVATE_KEY);
    }

    private KeyPair readUnencrypted(Buffer.PlainBuffer plainBuffer, PublicKey publicKey) throws IOException, GeneralSecurityException {
        if (plainBuffer.available() % 8 != 0) {
            throw new IOException("The private key section must be a multiple of the block size (8)");
        }
        if (plainBuffer.readUInt32AsInt() != plainBuffer.readUInt32AsInt()) {
            throw new IOException("The checkInts differed, the key was not correctly decoded.");
        }
        logger.info("Read key type: {}", plainBuffer.readString());
        plainBuffer.readBytes();
        plainBuffer.readUInt32();
        byte[] bArr = new byte[32];
        plainBuffer.readRawBytes(bArr);
        plainBuffer.readRawBytes(new byte[32]);
        plainBuffer.readString();
        byte[] bArr2 = new byte[plainBuffer.available()];
        plainBuffer.readRawBytes(bArr2);
        for (int i = 0; i < bArr2.length; i++) {
            if (bArr2[i] != i + 1) {
                throw new IOException("Padding of key format contained wrong byte at position: " + i);
            }
        }
        return new KeyPair(publicKey, new EdDSAPrivateKey(new EdDSAPrivateKeySpec(bArr, EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.CURVE_ED25519_SHA512))));
    }
}
