package com.trilead.ssh2.crypto;

import com.trilead.ssh2.signature.DSAPrivateKey;
import com.trilead.ssh2.signature.KeyAlgorithm;
import com.trilead.ssh2.signature.KeyAlgorithmManager;
import com.trilead.ssh2.signature.RSAPrivateKey;
import java.io.BufferedReader;
import java.io.CharArrayReader;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.stream.Collectors;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:WEB-INF/lib/trilead-ssh2-build-217-jenkins-247.249.v2c275b_194046.jar:com/trilead/ssh2/crypto/PEMDecoder.class */
public class PEMDecoder {
    private static final Logger LOGGER = Logger.getLogger(PEMDecoder.class.getName());
    private static final int PEM_RSA_PRIVATE_KEY = 1;
    private static final int PEM_DSA_PRIVATE_KEY = 2;

    private static int hexToInt(char c) {
        if (c >= 'a' && c <= 'f') {
            return (c - 'a') + 10;
        }
        if (c >= 'A' && c <= 'F') {
            return (c - 'A') + 10;
        }
        if (c < '0' || c > '9') {
            throw new IllegalArgumentException("Need hex char");
        }
        return c - '0';
    }

    public static byte[] hexToByteArray(String str) {
        if (str == null) {
            throw new IllegalArgumentException("null argument");
        }
        if (str.length() % 2 != 0) {
            throw new IllegalArgumentException("Uneven string length in hex encoding.");
        }
        byte[] bArr = new byte[str.length() / 2];
        for (int i = 0; i < bArr.length; i++) {
            bArr[i] = (byte) ((hexToInt(str.charAt(i * 2)) * 16) + hexToInt(str.charAt((i * 2) + 1)));
        }
        return bArr;
    }

    /* JADX WARN: Code restructure failed: missing block: B:10:0x005a, code lost:
    
        parsePEMContent(r0, r0, r10);
     */
    /* JADX WARN: Code restructure failed: missing block: B:11:0x0066, code lost:
    
        if (r0.data.length != 0) goto L17;
     */
    /* JADX WARN: Code restructure failed: missing block: B:13:0x0072, code lost:
    
        throw new java.io.IOException("Invalid PEM structure, no data available");
     */
    /* JADX WARN: Code restructure failed: missing block: B:16:0x0074, code lost:
    
        return r0;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static com.trilead.ssh2.crypto.PEMStructure parsePEM(char[] r6) throws java.io.IOException {
        /*
            com.trilead.ssh2.crypto.PEMStructure r0 = new com.trilead.ssh2.crypto.PEMStructure
            r1 = r0
            r1.<init>()
            r7 = r0
            java.io.BufferedReader r0 = new java.io.BufferedReader
            r1 = r0
            java.io.CharArrayReader r2 = new java.io.CharArrayReader
            r3 = r2
            r4 = r6
            r3.<init>(r4)
            r1.<init>(r2)
            r9 = r0
        L18:
            r0 = r9
            java.lang.String r0 = r0.readLine()
            r8 = r0
            r0 = r8
            if (r0 != 0) goto L2b
            java.io.IOException r0 = new java.io.IOException
            r1 = r0
            java.lang.String r2 = "Invalid PEM structure, '-----BEGIN...' missing"
            r1.<init>(r2)
            throw r0
        L2b:
            r0 = r8
            java.lang.String r0 = r0.trim()
            r8 = r0
            r0 = r8
            java.lang.String r1 = "-----BEGIN DSA PRIVATE KEY-----"
            boolean r0 = r0.startsWith(r1)
            if (r0 == 0) goto L45
            java.lang.String r0 = "-----END DSA PRIVATE KEY-----"
            r10 = r0
            r0 = r7
            r1 = 2
            r0.pemType = r1
            goto L5a
        L45:
            r0 = r8
            java.lang.String r1 = "-----BEGIN RSA PRIVATE KEY-----"
            boolean r0 = r0.startsWith(r1)
            if (r0 == 0) goto L18
            java.lang.String r0 = "-----END RSA PRIVATE KEY-----"
            r10 = r0
            r0 = r7
            r1 = 1
            r0.pemType = r1
            goto L5a
        L5a:
            r0 = r7
            r1 = r9
            r2 = r10
            parsePEMContent(r0, r1, r2)
            r0 = r7
            byte[] r0 = r0.data
            int r0 = r0.length
            if (r0 != 0) goto L73
            java.io.IOException r0 = new java.io.IOException
            r1 = r0
            java.lang.String r2 = "Invalid PEM structure, no data available"
            r1.<init>(r2)
            throw r0
        L73:
            r0 = r7
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.trilead.ssh2.crypto.PEMDecoder.parsePEM(char[]):com.trilead.ssh2.crypto.PEMStructure");
    }

    private static PEMStructure parsePEM(char[] cArr, CertificateDecoder certificateDecoder) throws IOException {
        String readLine;
        PEMStructure pEMStructure = new PEMStructure();
        BufferedReader bufferedReader = new BufferedReader(new CharArrayReader(cArr));
        do {
            readLine = bufferedReader.readLine();
            if (readLine == null) {
                throw new IOException("Invalid PEM structure, '-----BEGIN...' missing");
            }
        } while (!readLine.trim().startsWith(certificateDecoder.getStartLine()));
        parsePEMContent(pEMStructure, bufferedReader, certificateDecoder.getEndLine());
        if (pEMStructure.data.length == 0) {
            throw new IOException("Invalid PEM structure, no data available");
        }
        return pEMStructure;
    }

    private static void parsePEMContent(PEMStructure pEMStructure, BufferedReader bufferedReader, String str) throws IOException {
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                throw new IOException("Invalid PEM structure, " + str + " missing");
            }
            String trim = readLine.trim();
            int indexOf = trim.indexOf(58);
            if (indexOf == -1) {
                StringBuilder sb = new StringBuilder();
                while (trim != null) {
                    String trim2 = trim.trim();
                    if (trim2.startsWith(str)) {
                        pEMStructure.data = java.util.Base64.getDecoder().decode(sb.toString().replaceAll("\\s", ""));
                        return;
                    } else {
                        sb.append(trim2);
                        trim = bufferedReader.readLine();
                    }
                }
                throw new IOException("Invalid PEM structure, " + str + " missing");
            }
            String substring = trim.substring(0, indexOf + 1);
            String[] split = trim.substring(indexOf + 1).split(",");
            for (int i = 0; i < split.length; i++) {
                split[i] = split[i].trim();
            }
            if ("Proc-Type:".equals(substring)) {
                pEMStructure.procType = split;
            } else if ("DEK-Info:".equals(substring)) {
                pEMStructure.dekInfo = split;
            }
        }
    }

    public static void decryptPEM(PEMStructure pEMStructure, String str) throws IOException {
        String str2;
        SecretKeySpec secretKeySpec;
        if (pEMStructure.dekInfo == null) {
            throw new IOException("Broken PEM, no mode and salt given, but encryption enabled");
        }
        if (pEMStructure.dekInfo.length != 2) {
            throw new IOException("Broken PEM, DEK-Info is incomplete!");
        }
        byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
        String str3 = pEMStructure.dekInfo[0];
        byte[] hexToByteArray = hexToByteArray(pEMStructure.dekInfo[1]);
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            messageDigest.update(bytes);
            messageDigest.update(hexToByteArray, 0, 8);
            byte[] digest = messageDigest.digest();
            messageDigest.update(digest);
            messageDigest.update(bytes);
            messageDigest.update(hexToByteArray, 0, 8);
            byte[] digest2 = messageDigest.digest();
            boolean z = -1;
            switch (str3.hashCode()) {
                case -2020788375:
                    if (str3.equals("DES-CBC")) {
                        z = true;
                        break;
                    }
                    break;
                case -1390896596:
                    if (str3.equals("AES-256-CBC")) {
                        z = 4;
                        break;
                    }
                    break;
                case -165238049:
                    if (str3.equals("DES-EDE3-CBC")) {
                        z = false;
                        break;
                    }
                    break;
                case 1932526608:
                    if (str3.equals("AES-128-CBC")) {
                        z = 2;
                        break;
                    }
                    break;
                case 2127389539:
                    if (str3.equals("AES-192-CBC")) {
                        z = 3;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    str2 = "DESede/CBC/PKCS5Padding";
                    byte[] bArr = new byte[24];
                    System.arraycopy(digest, 0, bArr, 0, 16);
                    System.arraycopy(digest2, 0, bArr, 16, 8);
                    secretKeySpec = new SecretKeySpec(bArr, "DESede");
                    break;
                case true:
                    str2 = "DES/CBC/PKCS5Padding";
                    byte[] bArr2 = new byte[8];
                    System.arraycopy(digest, 0, bArr2, 0, 8);
                    secretKeySpec = new SecretKeySpec(bArr2, "DES");
                    break;
                case true:
                    str2 = "AES/CBC/PKCS5Padding";
                    byte[] bArr3 = new byte[16];
                    System.arraycopy(digest, 0, bArr3, 0, 16);
                    secretKeySpec = new SecretKeySpec(bArr3, "AES");
                    break;
                case true:
                    str2 = "AES/CBC/PKCS5Padding";
                    byte[] bArr4 = new byte[24];
                    System.arraycopy(digest, 0, bArr4, 0, 16);
                    System.arraycopy(digest2, 0, bArr4, 16, 8);
                    secretKeySpec = new SecretKeySpec(bArr4, "AES");
                    break;
                case true:
                    str2 = "AES/CBC/PKCS5Padding";
                    byte[] bArr5 = new byte[32];
                    System.arraycopy(digest, 0, bArr5, 0, 16);
                    System.arraycopy(digest2, 0, bArr5, 16, 16);
                    secretKeySpec = new SecretKeySpec(bArr5, "AES");
                    break;
                default:
                    throw new IOException("Cannot decrypt PEM structure, unknown cipher " + str3);
            }
            try {
                Cipher cipher = Cipher.getInstance(str2);
                cipher.init(2, secretKeySpec, new IvParameterSpec(hexToByteArray));
                pEMStructure.data = cipher.doFinal(pEMStructure.data);
            } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
                new IOException(e);
            }
            pEMStructure.dekInfo = null;
            pEMStructure.procType = null;
        } catch (NoSuchAlgorithmException e2) {
            throw new IOException(e2);
        }
    }

    public static boolean isPEMEncrypted(PEMStructure pEMStructure) throws IOException {
        if (pEMStructure.procType == null) {
            return false;
        }
        if (pEMStructure.procType.length != 2) {
            throw new IOException("Unknown Proc-Type field.");
        }
        if ("4".equals(pEMStructure.procType[0])) {
            return "ENCRYPTED".equals(pEMStructure.procType[1]);
        }
        throw new IOException("Unknown Proc-Type field (" + pEMStructure.procType[0] + ")");
    }

    @Deprecated
    public static Object decode(char[] cArr, String str) throws IOException {
        LOGGER.warning("com.trilead.ssh2.cryptoPEMDecoder.decode method is deprecated, use com.trilead.ssh2.cryptoPEMDecoder.decodeKeyPair instead.");
        PEMStructure parsePEM = parsePEM(cArr);
        if (isPEMEncrypted(parsePEM)) {
            if (str == null) {
                throw new IOException("PEM is encrypted, but no password was specified");
            }
            decryptPEM(parsePEM, str);
        }
        if (parsePEM.pemType != 2) {
            if (parsePEM.pemType != 1) {
                throw new IOException("PEM problem: it is of unknown type");
            }
            SimpleDERReader simpleDERReader = new SimpleDERReader(parsePEM.data);
            byte[] readSequenceAsByteArray = simpleDERReader.readSequenceAsByteArray();
            if (simpleDERReader.available() != 0) {
                throw new IOException("Padding in RSA PRIVATE KEY DER stream.");
            }
            simpleDERReader.resetInput(readSequenceAsByteArray);
            BigInteger readInt = simpleDERReader.readInt();
            if (readInt.compareTo(BigInteger.ZERO) != 0 && readInt.compareTo(BigInteger.ONE) != 0) {
                throw new IOException("Wrong version (" + readInt + ") in RSA PRIVATE KEY DER stream.");
            }
            BigInteger readInt2 = simpleDERReader.readInt();
            return new RSAPrivateKey(simpleDERReader.readInt(), simpleDERReader.readInt(), readInt2);
        }
        SimpleDERReader simpleDERReader2 = new SimpleDERReader(parsePEM.data);
        byte[] readSequenceAsByteArray2 = simpleDERReader2.readSequenceAsByteArray();
        if (simpleDERReader2.available() != 0) {
            throw new IOException("Padding in DSA PRIVATE KEY DER stream.");
        }
        simpleDERReader2.resetInput(readSequenceAsByteArray2);
        BigInteger readInt3 = simpleDERReader2.readInt();
        if (readInt3.compareTo(BigInteger.ZERO) != 0) {
            throw new IOException("Wrong version (" + readInt3 + ") in DSA PRIVATE KEY DER stream.");
        }
        BigInteger readInt4 = simpleDERReader2.readInt();
        BigInteger readInt5 = simpleDERReader2.readInt();
        BigInteger readInt6 = simpleDERReader2.readInt();
        BigInteger readInt7 = simpleDERReader2.readInt();
        BigInteger readInt8 = simpleDERReader2.readInt();
        if (simpleDERReader2.available() != 0) {
            throw new IOException("Padding in DSA PRIVATE KEY DER stream.");
        }
        return new DSAPrivateKey(readInt4, readInt5, readInt6, readInt7, readInt8);
    }

    public static KeyPair decodeKeyPair(char[] cArr, String str) throws IOException {
        Iterator<KeyAlgorithm<PublicKey, PrivateKey>> it = KeyAlgorithmManager.getSupportedAlgorithms().iterator();
        while (it.hasNext()) {
            for (CertificateDecoder certificateDecoder : it.next().getCertificateDecoders()) {
                try {
                    PEMStructure parsePEM = parsePEM(cArr, certificateDecoder);
                    if (isPEMEncrypted(parsePEM)) {
                        if (str == null) {
                            throw new IOException("PEM is encrypted, but no password was specified");
                        }
                        decryptPEM(parsePEM, str);
                    }
                    return certificateDecoder.createKeyPair(parsePEM, str);
                } catch (IOException e) {
                    LOGGER.log(Level.FINE, "Could not decode PEM Key using current decoder: " + certificateDecoder.getClass().getName(), (Throwable) e);
                }
            }
        }
        throw new IOException("PEM problem: it is of unknown type. Supported algorithms are :" + ((List) KeyAlgorithmManager.getSupportedAlgorithms().stream().map(keyAlgorithm -> {
            return keyAlgorithm.getKeyFormat();
        }).collect(Collectors.toList())).toString());
    }
}
