package com.sshtools.common.publickey;

import com.sshtools.common.logger.Log;
import com.sshtools.common.ssh.SshException;
import com.sshtools.common.ssh.SshIOException;
import com.sshtools.common.ssh.components.ComponentManager;
import com.sshtools.common.ssh.components.Digest;
import com.sshtools.common.ssh.components.SshCipher;
import com.sshtools.common.ssh.components.SshDsaPublicKey;
import com.sshtools.common.ssh.components.SshKeyPair;
import com.sshtools.common.util.ByteArrayReader;
import com.sshtools.common.util.ByteArrayWriter;
import com.sshtools.synergy.ssh.SshContext;
import java.io.IOException;
import java.math.BigInteger;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:WEB-INF/lib/maverick-base-3.1.1.jar:com/sshtools/common/publickey/SSHCOMPrivateKeyFile.class */
public class SSHCOMPrivateKeyFile extends Base64EncodedFileFormat implements SshPrivateKeyFile {
    static String BEGIN = "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----";
    static String END = "---- END SSH2 ENCRYPTED PRIVATE KEY ----";
    byte[] formattedkey;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSHCOMPrivateKeyFile(byte[] bArr) throws IOException {
        super(BEGIN, END);
        if (!isFormatted(bArr)) {
            throw new IOException("Key is not formatted in the ssh.com format");
        }
        this.formattedkey = bArr;
    }

    @Override // com.sshtools.common.publickey.SshPrivateKeyFile
    public String getType() {
        return "SSH Communications Security";
    }

    public static boolean isFormatted(byte[] bArr) {
        return isFormatted(bArr, BEGIN, END);
    }

    @Override // com.sshtools.common.publickey.SshPrivateKeyFile
    public boolean supportsPassphraseChange() {
        return false;
    }

    @Override // com.sshtools.common.publickey.SshPrivateKeyFile
    public boolean isPassphraseProtected() {
        try {
            ByteArrayReader byteArrayReader = new ByteArrayReader(getKeyBlob(this.formattedkey));
            try {
                if (byteArrayReader.readInt() != 1064303083) {
                    throw new IOException("Invalid ssh.com key! Magic number not found");
                }
                byteArrayReader.readInt();
                byteArrayReader.readString();
                boolean equals = byteArrayReader.readString().equals(SshContext.CIPHER_TRIPLEDES_CBC);
                byteArrayReader.close();
                return equals;
            } catch (Throwable th) {
                byteArrayReader.close();
                throw th;
            }
        } catch (IOException e) {
            return false;
        }
    }

    @Override // com.sshtools.common.publickey.SshPrivateKeyFile
    public SshKeyPair toKeyPair(String str) throws IOException, InvalidPassphraseException {
        boolean z = false;
        ByteArrayReader byteArrayReader = new ByteArrayReader(getKeyBlob(this.formattedkey));
        try {
            if (byteArrayReader.readInt() != 1064303083) {
                throw new IOException("Invalid ssh.com key! Magic number not found");
            }
            byteArrayReader.readInt();
            String readString = byteArrayReader.readString();
            String readString2 = byteArrayReader.readString();
            byte[] readBinaryString = byteArrayReader.readBinaryString();
            try {
                if (!readString2.equals("none")) {
                    if (!readString2.equals(SshContext.CIPHER_TRIPLEDES_CBC)) {
                        throw new IOException("Unsupported cipher type " + readString2 + " in ssh.com private key");
                    }
                    SshCipher componentFactory = ComponentManager.getInstance().supportedSsh2CiphersCS().getInstance(SshContext.CIPHER_TRIPLEDES_CBC);
                    componentFactory.init(1, new byte[32], makePassphraseKey(str));
                    componentFactory.transform(readBinaryString);
                    z = true;
                }
                ByteArrayReader byteArrayReader2 = new ByteArrayReader(readBinaryString, 4, readBinaryString.length - 4);
                try {
                    try {
                        if (readString.startsWith("if-modn{sign{rsa")) {
                            BigInteger readMPINT32 = byteArrayReader2.readMPINT32();
                            BigInteger readMPINT322 = byteArrayReader2.readMPINT32();
                            BigInteger readMPINT323 = byteArrayReader2.readMPINT32();
                            SshKeyPair sshKeyPair = new SshKeyPair();
                            sshKeyPair.setPublicKey(ComponentManager.getInstance().createRsaPublicKey(readMPINT323, readMPINT32));
                            sshKeyPair.setPrivateKey(ComponentManager.getInstance().createRsaPrivateKey(readMPINT323, readMPINT322));
                            byteArrayReader2.close();
                            byteArrayReader.close();
                            return sshKeyPair;
                        }
                        if (!readString.startsWith("dl-modp{sign{dsa")) {
                            throw new IOException("Unsupported ssh.com key type " + readString);
                        }
                        if (byteArrayReader2.readInt() != 0) {
                            throw new IOException("Unexpected value in DSA key; this is an unsupported feature of ssh.com private keys");
                        }
                        BigInteger readMPINT324 = byteArrayReader2.readMPINT32();
                        BigInteger readMPINT325 = byteArrayReader2.readMPINT32();
                        BigInteger readMPINT326 = byteArrayReader2.readMPINT32();
                        BigInteger readMPINT327 = byteArrayReader2.readMPINT32();
                        BigInteger readMPINT328 = byteArrayReader2.readMPINT32();
                        SshKeyPair sshKeyPair2 = new SshKeyPair();
                        SshDsaPublicKey createDsaPublicKey = ComponentManager.getInstance().createDsaPublicKey(readMPINT324, readMPINT326, readMPINT325, readMPINT327);
                        sshKeyPair2.setPublicKey(createDsaPublicKey);
                        sshKeyPair2.setPrivateKey(ComponentManager.getInstance().createDsaPrivateKey(readMPINT324, readMPINT326, readMPINT325, readMPINT328, createDsaPublicKey.getY()));
                        byteArrayReader2.close();
                        byteArrayReader.close();
                        return sshKeyPair2;
                    } catch (Throwable th) {
                        byteArrayReader2.close();
                        throw th;
                    }
                } catch (Throwable th2) {
                    Log.error("Parsing of ssh.com key failed", th2, new Object[0]);
                    if (z) {
                        throw new InvalidPassphraseException();
                    }
                    throw new IOException("Bad SSH.com private key format!");
                }
            } catch (SshException e) {
                throw new SshIOException(e);
            }
        } catch (Throwable th3) {
            byteArrayReader.close();
            throw th3;
        }
    }

    private byte[] makePassphraseKey(String str) throws IOException {
        ByteArrayWriter byteArrayWriter = new ByteArrayWriter();
        try {
            try {
                Digest componentFactory = ComponentManager.getInstance().supportedDigests().getInstance("MD5");
                componentFactory.putBytes(str.getBytes());
                byte[] doFinal = componentFactory.doFinal();
                componentFactory.reset();
                componentFactory.putBytes(str.getBytes());
                componentFactory.putBytes(doFinal);
                byteArrayWriter.write(doFinal);
                byteArrayWriter.write(componentFactory.doFinal());
                byte[] byteArray = byteArrayWriter.toByteArray();
                byteArrayWriter.close();
                return byteArray;
            } catch (SshException e) {
                throw new SshIOException(e);
            }
        } catch (Throwable th) {
            byteArrayWriter.close();
            throw th;
        }
    }

    @Override // com.sshtools.common.publickey.SshPrivateKeyFile
    public void changePassphrase(String str, String str2) throws IOException {
        throw new IOException("Changing passphrase is not supported by the ssh.com key format engine");
    }

    @Override // com.sshtools.common.publickey.SshPrivateKeyFile
    public byte[] getFormattedKey() throws IOException {
        return this.formattedkey;
    }

    @Override // com.sshtools.common.publickey.SshPrivateKeyFile
    public String getComment() {
        return "";
    }
}
