package com.sshtools.publickey;

import com.maverick.ssh.SshException;
import com.maverick.ssh.SshIOException;
import com.maverick.ssh.components.ComponentManager;
import com.maverick.ssh.components.SshDsaPrivateKey;
import com.maverick.ssh.components.SshDsaPublicKey;
import com.maverick.ssh.components.SshKeyPair;
import com.maverick.ssh.components.SshRsaPrivateCrtKey;
import com.maverick.ssh.components.jce.ECUtils;
import com.maverick.ssh.components.jce.Ssh2EcdsaSha2NistPrivateKey;
import com.maverick.ssh.components.jce.Ssh2EcdsaSha2NistPublicKey;
import com.maverick.util.SimpleASNReader;
import com.maverick.util.SimpleASNWriter;
import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
import java.math.BigInteger;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;

/* loaded from: input_file:com/sshtools/publickey/OpenSSHPrivateKeyFile.class */
class OpenSSHPrivateKeyFile implements SshPrivateKeyFile {
    byte[] formattedkey;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OpenSSHPrivateKeyFile(byte[] bArr) throws IOException {
        if (!isFormatted(bArr)) {
            throw new IOException("Formatted key data is not a valid OpenSSH key format");
        }
        this.formattedkey = bArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OpenSSHPrivateKeyFile(SshKeyPair sshKeyPair, String str) throws IOException {
        this.formattedkey = encryptKey(sshKeyPair, str);
    }

    @Override // com.sshtools.publickey.SshPrivateKeyFile
    public boolean isPassphraseProtected() {
        try {
            return new PEMReader(new StringReader(new String(this.formattedkey, "US-ASCII"))).getHeader().containsKey("DEK-Info");
        } catch (IOException e) {
            return true;
        }
    }

    @Override // com.sshtools.publickey.SshPrivateKeyFile
    public String getType() {
        return "OpenSSH";
    }

    @Override // com.sshtools.publickey.SshPrivateKeyFile
    public boolean supportsPassphraseChange() {
        return true;
    }

    @Override // com.sshtools.publickey.SshPrivateKeyFile
    public SshKeyPair toKeyPair(String str) throws IOException, InvalidPassphraseException {
        PEMReader pEMReader = new PEMReader(new StringReader(new String(this.formattedkey, "US-ASCII")));
        SimpleASNReader simpleASNReader = new SimpleASNReader(pEMReader.decryptPayload(str));
        try {
            if (PEM.DSA_PRIVATE_KEY.equals(pEMReader.getType())) {
                return getDSAKeyPair(simpleASNReader);
            }
            if (PEM.RSA_PRIVATE_KEY.equals(pEMReader.getType())) {
                return getRSAKeyPair(simpleASNReader);
            }
            if (PEM.EC_PRIVATE_KEY.equals(pEMReader.getType())) {
                return getECKeyPair(simpleASNReader);
            }
            throw new IOException("Unsupported type: " + pEMReader.getType());
        } catch (IOException e) {
            throw new InvalidPassphraseException(e);
        }
    }

    public String oidByteArrayToString(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        int[] iArr = new int[bArr.length];
        for (int i = 0; i < bArr.length; i++) {
            iArr[i] = bArr[i] & 255;
        }
        int i2 = 0;
        while (i2 < iArr.length) {
            if (i2 == 0) {
                int i3 = iArr[0] % 40;
                sb.append(String.format("%d.%d", Integer.valueOf((iArr[0] - i3) / 40), Integer.valueOf(i3)));
            } else if (iArr[i2] < 128) {
                sb.append(String.format(".%d", Integer.valueOf(iArr[i2])));
            } else {
                sb.append(String.format(".%d", Integer.valueOf(((iArr[i2] - 128) * 128) + iArr[i2 + 1])));
                i2++;
            }
            i2++;
        }
        return sb.toString();
    }

    SshKeyPair getECKeyPair(SimpleASNReader simpleASNReader) throws IOException {
        try {
            simpleASNReader.assertByte(48);
            simpleASNReader.getLength();
            simpleASNReader.assertByte(2);
            simpleASNReader.getData();
            simpleASNReader.assertByte(4);
            byte[] data = simpleASNReader.getData();
            simpleASNReader.assertByte(160);
            simpleASNReader.getLength();
            simpleASNReader.assertByte(6);
            byte[] data2 = simpleASNReader.getData();
            simpleASNReader.assertByte(161);
            simpleASNReader.getLength();
            simpleASNReader.assertByte(3);
            byte[] data3 = simpleASNReader.getData();
            String curveFromOOID = curveFromOOID(data2);
            ECPublicKey decodeKey = ECUtils.decodeKey(data3, curveFromOOID);
            ECPrivateKey decodePrivateKey = ECUtils.decodePrivateKey(data, decodeKey);
            SshKeyPair sshKeyPair = new SshKeyPair();
            sshKeyPair.setPrivateKey(new Ssh2EcdsaSha2NistPrivateKey(decodePrivateKey, curveFromOOID));
            sshKeyPair.setPublicKey(new Ssh2EcdsaSha2NistPublicKey(decodeKey, curveFromOOID));
            return sshKeyPair;
        } catch (Exception e) {
            throw new IOException(e.getMessage(), e);
        }
    }

    private String curveFromOOID(byte[] bArr) {
        String oidByteArrayToString = oidByteArrayToString(bArr);
        if (oidByteArrayToString.equals("1.2.840.10045.3.1.7")) {
            return "secp256r1";
        }
        if (oidByteArrayToString.equals("1.3.132.0.34")) {
            return "secp384r1";
        }
        if (oidByteArrayToString.equals("1.3.132.0.35")) {
            return "secp521r1";
        }
        throw new IllegalArgumentException("Unsupported OID " + oidByteArrayToString);
    }

    SshKeyPair getRSAKeyPair(SimpleASNReader simpleASNReader) throws IOException {
        try {
            simpleASNReader.assertByte(48);
            simpleASNReader.getLength();
            simpleASNReader.assertByte(2);
            simpleASNReader.getData();
            simpleASNReader.assertByte(2);
            BigInteger bigInteger = new BigInteger(simpleASNReader.getData());
            simpleASNReader.assertByte(2);
            BigInteger bigInteger2 = new BigInteger(simpleASNReader.getData());
            simpleASNReader.assertByte(2);
            BigInteger bigInteger3 = new BigInteger(simpleASNReader.getData());
            simpleASNReader.assertByte(2);
            BigInteger bigInteger4 = new BigInteger(simpleASNReader.getData());
            simpleASNReader.assertByte(2);
            BigInteger bigInteger5 = new BigInteger(simpleASNReader.getData());
            simpleASNReader.assertByte(2);
            BigInteger bigInteger6 = new BigInteger(simpleASNReader.getData());
            simpleASNReader.assertByte(2);
            BigInteger bigInteger7 = new BigInteger(simpleASNReader.getData());
            simpleASNReader.assertByte(2);
            BigInteger bigInteger8 = new BigInteger(simpleASNReader.getData());
            SshKeyPair sshKeyPair = new SshKeyPair();
            sshKeyPair.setPublicKey(ComponentManager.getInstance().createRsaPublicKey(bigInteger, bigInteger2, 2));
            sshKeyPair.setPrivateKey(ComponentManager.getInstance().createRsaPrivateCrtKey(bigInteger, bigInteger2, bigInteger3, bigInteger4, bigInteger5, bigInteger6, bigInteger7, bigInteger8));
            return sshKeyPair;
        } catch (SshException e) {
            throw new SshIOException(e);
        }
    }

    SshKeyPair getDSAKeyPair(SimpleASNReader simpleASNReader) throws IOException {
        try {
            simpleASNReader.assertByte(48);
            simpleASNReader.getLength();
            simpleASNReader.assertByte(2);
            simpleASNReader.getData();
            simpleASNReader.assertByte(2);
            BigInteger bigInteger = new BigInteger(simpleASNReader.getData());
            simpleASNReader.assertByte(2);
            BigInteger bigInteger2 = new BigInteger(simpleASNReader.getData());
            simpleASNReader.assertByte(2);
            BigInteger bigInteger3 = new BigInteger(simpleASNReader.getData());
            simpleASNReader.assertByte(2);
            BigInteger bigInteger4 = new BigInteger(simpleASNReader.getData());
            simpleASNReader.assertByte(2);
            BigInteger bigInteger5 = new BigInteger(simpleASNReader.getData());
            SshKeyPair sshKeyPair = new SshKeyPair();
            SshDsaPublicKey createDsaPublicKey = ComponentManager.getInstance().createDsaPublicKey(bigInteger, bigInteger2, bigInteger3, bigInteger4);
            sshKeyPair.setPublicKey(createDsaPublicKey);
            sshKeyPair.setPrivateKey(ComponentManager.getInstance().createDsaPrivateKey(bigInteger, bigInteger2, bigInteger3, bigInteger5, createDsaPublicKey.getY()));
            return sshKeyPair;
        } catch (SshException e) {
            throw new SshIOException(e);
        }
    }

    void writeDSAKeyPair(SimpleASNWriter simpleASNWriter, SshDsaPrivateKey sshDsaPrivateKey, SshDsaPublicKey sshDsaPublicKey) {
        SimpleASNWriter simpleASNWriter2 = new SimpleASNWriter();
        simpleASNWriter2.writeByte(2);
        simpleASNWriter2.writeData(new byte[1]);
        simpleASNWriter2.writeByte(2);
        simpleASNWriter2.writeData(sshDsaPublicKey.getP().toByteArray());
        simpleASNWriter2.writeByte(2);
        simpleASNWriter2.writeData(sshDsaPublicKey.getQ().toByteArray());
        simpleASNWriter2.writeByte(2);
        simpleASNWriter2.writeData(sshDsaPublicKey.getG().toByteArray());
        simpleASNWriter2.writeByte(2);
        simpleASNWriter2.writeData(sshDsaPublicKey.getY().toByteArray());
        simpleASNWriter2.writeByte(2);
        simpleASNWriter2.writeData(sshDsaPrivateKey.getX().toByteArray());
        byte[] byteArray = simpleASNWriter2.toByteArray();
        simpleASNWriter.writeByte(48);
        simpleASNWriter.writeData(byteArray);
    }

    void writeRSAKeyPair(SimpleASNWriter simpleASNWriter, SshRsaPrivateCrtKey sshRsaPrivateCrtKey) {
        SimpleASNWriter simpleASNWriter2 = new SimpleASNWriter();
        simpleASNWriter2.writeByte(2);
        simpleASNWriter2.writeData(new byte[1]);
        simpleASNWriter2.writeByte(2);
        simpleASNWriter2.writeData(sshRsaPrivateCrtKey.getModulus().toByteArray());
        simpleASNWriter2.writeByte(2);
        simpleASNWriter2.writeData(sshRsaPrivateCrtKey.getPublicExponent().toByteArray());
        simpleASNWriter2.writeByte(2);
        simpleASNWriter2.writeData(sshRsaPrivateCrtKey.getPrivateExponent().toByteArray());
        simpleASNWriter2.writeByte(2);
        simpleASNWriter2.writeData(sshRsaPrivateCrtKey.getPrimeP().toByteArray());
        simpleASNWriter2.writeByte(2);
        simpleASNWriter2.writeData(sshRsaPrivateCrtKey.getPrimeQ().toByteArray());
        simpleASNWriter2.writeByte(2);
        simpleASNWriter2.writeData(sshRsaPrivateCrtKey.getPrimeExponentP().toByteArray());
        simpleASNWriter2.writeByte(2);
        simpleASNWriter2.writeData(sshRsaPrivateCrtKey.getPrimeExponentQ().toByteArray());
        simpleASNWriter2.writeByte(2);
        simpleASNWriter2.writeData(sshRsaPrivateCrtKey.getCrtCoefficient().toByteArray());
        byte[] byteArray = simpleASNWriter2.toByteArray();
        simpleASNWriter.writeByte(48);
        simpleASNWriter.writeData(byteArray);
    }

    public byte[] encryptKey(SshKeyPair sshKeyPair, String str) throws IOException {
        byte[] byteArray;
        PEMWriter pEMWriter = new PEMWriter();
        SimpleASNWriter simpleASNWriter = new SimpleASNWriter();
        if (sshKeyPair.getPublicKey() instanceof SshDsaPublicKey) {
            writeDSAKeyPair(simpleASNWriter, (SshDsaPrivateKey) sshKeyPair.getPrivateKey(), (SshDsaPublicKey) sshKeyPair.getPublicKey());
            byteArray = simpleASNWriter.toByteArray();
            pEMWriter.setType(PEM.DSA_PRIVATE_KEY);
        } else {
            if (!(sshKeyPair.getPrivateKey() instanceof SshRsaPrivateCrtKey)) {
                throw new IOException(sshKeyPair.getPublicKey().getAlgorithm() + " is not supported");
            }
            writeRSAKeyPair(simpleASNWriter, (SshRsaPrivateCrtKey) sshKeyPair.getPrivateKey());
            byteArray = simpleASNWriter.toByteArray();
            pEMWriter.setType(PEM.RSA_PRIVATE_KEY);
        }
        pEMWriter.encryptPayload(byteArray, str);
        StringWriter stringWriter = new StringWriter();
        pEMWriter.write(stringWriter);
        return stringWriter.toString().getBytes("UTF-8");
    }

    @Override // com.sshtools.publickey.SshPrivateKeyFile
    public void changePassphrase(String str, String str2) throws IOException, InvalidPassphraseException {
        this.formattedkey = encryptKey(toKeyPair(str), str2);
    }

    @Override // com.sshtools.publickey.SshPrivateKeyFile
    public byte[] getFormattedKey() {
        return this.formattedkey;
    }

    public static boolean isFormatted(byte[] bArr) {
        try {
            new PEMReader(new StringReader(new String(bArr, "UTF-8")));
            return true;
        } catch (IOException e) {
            return false;
        }
    }
}
