package com.trilead.ssh2.signature;

import com.microsoft.graph.core.Constants;
import com.trilead.ssh2.crypto.CertificateDecoder;
import com.trilead.ssh2.crypto.PEMStructure;
import com.trilead.ssh2.crypto.PasswordCallback;
import com.trilead.ssh2.crypto.cipher.BlockCipher;
import com.trilead.ssh2.crypto.cipher.BlockCipherFactory;
import com.trilead.ssh2.crypto.cipher.CBCMode;
import com.trilead.ssh2.crypto.cipher.DES;
import com.trilead.ssh2.packets.TypesReader;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import org.mindrot.jbcrypt.BCrypt;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public abstract class OpenSshCertificateDecoder extends CertificateDecoder {
    private final String keyAlgorithm;

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Enum visitor error
    jadx.core.utils.exceptions.JadxRuntimeException: Init of enum field 'AES192_CBC' uses external variables
    	at jadx.core.dex.visitors.EnumVisitor.createEnumFieldByConstructor(EnumVisitor.java:451)
    	at jadx.core.dex.visitors.EnumVisitor.processEnumFieldByField(EnumVisitor.java:372)
    	at jadx.core.dex.visitors.EnumVisitor.processEnumFieldByWrappedInsn(EnumVisitor.java:337)
    	at jadx.core.dex.visitors.EnumVisitor.extractEnumFieldsFromFilledArray(EnumVisitor.java:322)
    	at jadx.core.dex.visitors.EnumVisitor.extractEnumFieldsFromInsn(EnumVisitor.java:262)
    	at jadx.core.dex.visitors.EnumVisitor.convertToEnum(EnumVisitor.java:151)
    	at jadx.core.dex.visitors.EnumVisitor.visit(EnumVisitor.java:100)
     */
    /* JADX WARN: Failed to restore enum class, 'enum' modifier and super class removed */
    /* loaded from: classes2.dex */
    public static abstract class SshCipher {
        private static final /* synthetic */ SshCipher[] $VALUES;
        public static final SshCipher AES192_CBC;
        public static final SshCipher AES256_CTR;
        private final int blockSize;
        private final int keyLength;
        private final String[] sshCipherNames;
        public static final SshCipher DESEDE_CBC = new SshCipher("DESEDE_CBC", 0, 24, 8, "des-ede3-cbc", new String[0]) { // from class: com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher.1
            @Override // com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher
            BlockCipher createBlockCipher(byte[] bArr, byte[] bArr2, boolean z) {
                return BlockCipherFactory.createCipher("3des-cbc", z, bArr, bArr2);
            }
        };
        public static final SshCipher DES_CBC = new SshCipher("DES_CBC", 1, 8, 8, "des-cbc", new String[0]) { // from class: com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher.2
            @Override // com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher
            BlockCipher createBlockCipher(byte[] bArr, byte[] bArr2, boolean z) {
                DES des = new DES();
                des.init(z, bArr);
                return new CBCMode(des, bArr2, z);
            }
        };
        public static final SshCipher AES128_CBC = new SshCipher("AES128_CBC", 2, 16, 16, "aes-128-cbc", "aes128-cbc") { // from class: com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher.3
            @Override // com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher
            BlockCipher createBlockCipher(byte[] bArr, byte[] bArr2, boolean z) {
                return BlockCipherFactory.createCipher("aes128-cbc", z, bArr, bArr2);
            }
        };
        public static final SshCipher AES256_CBC = new SshCipher("AES256_CBC", 4, 32, 16, "aes-256-cbc", "aes256-cbc") { // from class: com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher.5
            @Override // com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher
            BlockCipher createBlockCipher(byte[] bArr, byte[] bArr2, boolean z) {
                return BlockCipherFactory.createCipher("aes256-cbc", z, bArr, bArr2);
            }
        };

        static {
            int i = 16;
            AES192_CBC = new SshCipher("AES192_CBC", 3, 24, i, "aes-192-cbc", "aes192-cbc") { // from class: com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher.4
                @Override // com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher
                BlockCipher createBlockCipher(byte[] bArr, byte[] bArr2, boolean z) {
                    return BlockCipherFactory.createCipher("aes192-cbc", z, bArr, bArr2);
                }
            };
            AES256_CTR = new SshCipher("AES256_CTR", 5, 32, i, "aes-256-ctr", "aes256-ctr") { // from class: com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher.6
                @Override // com.trilead.ssh2.signature.OpenSshCertificateDecoder.SshCipher
                BlockCipher createBlockCipher(byte[] bArr, byte[] bArr2, boolean z) {
                    return BlockCipherFactory.createCipher("aes256-ctr", z, bArr, bArr2);
                }
            };
            $VALUES = new SshCipher[]{DESEDE_CBC, DES_CBC, AES128_CBC, AES192_CBC, AES256_CBC, AES256_CTR};
        }

        private SshCipher(String str, int i, int i2, int i3, String str2, String... strArr) {
            this.keyLength = i2;
            this.blockSize = i3;
            String[] strArr2 = new String[(strArr == null ? 0 : strArr.length) + 1];
            strArr2[0] = str2;
            if (strArr != null) {
                System.arraycopy(strArr, 0, strArr2, 1, strArr.length);
            }
            this.sshCipherNames = strArr2;
        }

        public static SshCipher getInstance(String str) {
            for (SshCipher sshCipher : values()) {
                for (String str2 : sshCipher.sshCipherNames) {
                    if (str2.equalsIgnoreCase(str)) {
                        return sshCipher;
                    }
                }
            }
            throw new IllegalArgumentException("Unknown Cipher: " + str);
        }

        public static SshCipher valueOf(String str) {
            return (SshCipher) Enum.valueOf(SshCipher.class, str);
        }

        public static SshCipher[] values() {
            return (SshCipher[]) $VALUES.clone();
        }

        abstract BlockCipher createBlockCipher(byte[] bArr, byte[] bArr2, boolean z);

        public int getBlockSize() {
            return this.blockSize;
        }

        public int getKeyLength() {
            return this.keyLength;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OpenSshCertificateDecoder(String str) {
        this.keyAlgorithm = str;
    }

    private static byte[] decryptData(byte[] bArr, byte[] bArr2, SshCipher sshCipher) {
        byte[] bArr3 = new byte[sshCipher.getKeyLength()];
        byte[] bArr4 = new byte[sshCipher.getBlockSize()];
        System.arraycopy(bArr2, 0, bArr3, 0, bArr3.length);
        System.arraycopy(bArr2, bArr3.length, bArr4, 0, bArr4.length);
        BlockCipher createBlockCipher = sshCipher.createBlockCipher(bArr3, bArr4, false);
        byte[] bArr5 = new byte[bArr.length];
        for (int i = 0; i < bArr.length / createBlockCipher.getBlockSize(); i++) {
            createBlockCipher.transformBlock(bArr, createBlockCipher.getBlockSize() * i, bArr5, createBlockCipher.getBlockSize() * i);
        }
        return bArr5;
    }

    private static byte[] generateKayAndIvPbkdf2(byte[] bArr, byte[] bArr2, int i, int i2, int i3) {
        byte[] bArr3 = new byte[i2 + i3];
        new BCrypt().pbkdf(bArr, bArr2, i, bArr3);
        return bArr3;
    }

    @Override // com.trilead.ssh2.crypto.CertificateDecoder
    public KeyPair createKeyPair(PEMStructure pEMStructure) {
        return null;
    }

    @Override // com.trilead.ssh2.crypto.CertificateDecoder
    public KeyPair createKeyPair(PEMStructure pEMStructure, PasswordCallback passwordCallback) throws IOException {
        TypesReader typesReader = new TypesReader(pEMStructure.getData());
        if (!"openssh-key-v1".equals(new String(typesReader.readBytes(15), Charset.forName(Constants.JSON_ENCODING)).trim())) {
            throw new IOException("Could not find openssh header in key");
        }
        String readString = typesReader.readString();
        String readString2 = typesReader.readString();
        byte[] readByteString = typesReader.readByteString();
        if (typesReader.readUINT32() != 1) {
            throw new IOException("Only single OpenSSH keys are supported");
        }
        typesReader.readByteString();
        byte[] readByteString2 = typesReader.readByteString();
        if ("bcrypt".equals(readString2)) {
            String password = passwordCallback.getPassword();
            if (password == null || password.isEmpty()) {
                throw new IOException("PEM is encrypted but password has not been specified");
            }
            TypesReader typesReader2 = new TypesReader(readByteString);
            byte[] readByteString3 = typesReader2.readByteString();
            int readUINT32 = typesReader2.readUINT32();
            SshCipher sshCipher = SshCipher.getInstance(readString);
            readByteString2 = decryptData(readByteString2, generateKayAndIvPbkdf2(password.getBytes(Charset.forName(Constants.JSON_ENCODING)), readByteString3, readUINT32, sshCipher.getKeyLength(), sshCipher.getBlockSize()), sshCipher);
        } else if (!"none".equals(readString) || !"none".equals(readString2)) {
            throw new IOException("Unexpected encryption method for key");
        }
        TypesReader typesReader3 = new TypesReader(readByteString2);
        if (typesReader3.readUINT32() != typesReader3.readUINT32()) {
            throw new IOException("Check integers didn't match");
        }
        String readString3 = typesReader3.readString();
        if (!readString3.equals(this.keyAlgorithm)) {
            throw new IOException("Invalid key type: " + readString3);
        }
        try {
            KeyPair generateKeyPair = generateKeyPair(typesReader3);
            typesReader3.readByteString();
            int i = 0;
            while (i < typesReader.remain()) {
                i++;
                if (i != typesReader.readByte()) {
                    throw new IOException("Incorrect padding on private keys");
                }
            }
            return generateKeyPair;
        } catch (GeneralSecurityException e) {
            throw new IOException("Could not create key pair", e);
        }
    }

    abstract KeyPair generateKeyPair(TypesReader typesReader) throws GeneralSecurityException, IOException;

    @Override // com.trilead.ssh2.crypto.CertificateDecoder
    public String getEndLine() {
        return "-----END OPENSSH PRIVATE KEY-----";
    }

    @Override // com.trilead.ssh2.crypto.CertificateDecoder
    public String getStartLine() {
        return "-----BEGIN OPENSSH PRIVATE KEY-----";
    }
}
