package defpackage;

import java.io.BufferedReader;
import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.spec.DSAPrivateKeySpec;
import java.security.spec.DSAPublicKeySpec;
import java.security.spec.ECPrivateKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import net.schmizz.sshj.common.Buffer;
import net.schmizz.sshj.common.a;
import net.schmizz.sshj.common.d;
import org.bouncycastle.asn1.nist.NISTNamedCurves;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.generators.Argon2BytesGenerator;
import org.bouncycastle.crypto.params.Argon2Parameters;
import org.bouncycastle.jcajce.spec.EdDSAParameterSpec;
import org.bouncycastle.jce.spec.ECNamedCurveSpec;
import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: classes2.dex */
public class q71 extends aa {
    public Integer e;
    public byte[] f;
    public byte[] g;
    public byte[] h;

    /* renamed from: i, reason: collision with root package name */
    public Map<String, String> f190i = new HashMap();
    public final Map<String, String> j = new HashMap();

    /* loaded from: classes2.dex */
    public static /* synthetic */ class a {
        public static final /* synthetic */ int[] a;

        static {
            int[] iArr = new int[net.schmizz.sshj.common.b.values().length];
            a = iArr;
            try {
                iArr[net.schmizz.sshj.common.b.d.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                a[net.schmizz.sshj.common.b.e.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                a[net.schmizz.sshj.common.b.f.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    /* loaded from: classes2.dex */
    public static class b implements a.InterfaceC0109a<d40> {
        @Override // net.schmizz.sshj.common.a
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public d40 create() {
            return new q71();
        }

        @Override // net.schmizz.sshj.common.a.InterfaceC0109a
        public String getName() {
            return "PuTTY";
        }
    }

    @Override // defpackage.aa
    public KeyPair c() {
        i();
        Buffer.a aVar = new Buffer.a(this.g);
        Buffer.a aVar2 = new Buffer.a(this.f);
        net.schmizz.sshj.common.b f = f();
        aVar.E();
        if (net.schmizz.sshj.common.b.b.equals(f)) {
            BigInteger F = aVar.F();
            BigInteger F2 = aVar.F();
            BigInteger F3 = aVar2.F();
            try {
                KeyFactory keyFactory = KeyFactory.getInstance("RSA");
                try {
                    return new KeyPair(keyFactory.generatePublic(new RSAPublicKeySpec(F2, F)), keyFactory.generatePrivate(new RSAPrivateKeySpec(F2, F3)));
                } catch (InvalidKeySpecException e) {
                    throw new IOException(e.getMessage(), e);
                }
            } catch (NoSuchAlgorithmException e2) {
                throw new IOException(e2.getMessage(), e2);
            }
        }
        if (net.schmizz.sshj.common.b.c.equals(f)) {
            BigInteger F4 = aVar.F();
            BigInteger F5 = aVar.F();
            BigInteger F6 = aVar.F();
            BigInteger F7 = aVar.F();
            BigInteger F8 = aVar2.F();
            try {
                KeyFactory keyFactory2 = KeyFactory.getInstance("DSA");
                try {
                    return new KeyPair(keyFactory2.generatePublic(new DSAPublicKeySpec(F7, F4, F5, F6)), keyFactory2.generatePrivate(new DSAPrivateKeySpec(F8, F4, F5, F6)));
                } catch (InvalidKeySpecException e3) {
                    throw new IOException(e3.getMessage(), e3);
                }
            } catch (NoSuchAlgorithmException e4) {
                throw new IOException(e4.getMessage(), e4);
            }
        }
        if (net.schmizz.sshj.common.b.g.equals(f)) {
            ly b2 = my.b(EdDSAParameterSpec.Ed25519);
            return new KeyPair(new qy(new ry(aVar.E(), b2)), new oy(new py(aVar2.E(), b2)));
        }
        int i2 = a.a[f.ordinal()];
        String str = i2 != 1 ? i2 != 2 ? i2 != 3 ? null : "P-521" : "P-384" : "P-256";
        if (str == null) {
            throw new IOException(String.format("Unknown key type %s", f()));
        }
        BigInteger bigInteger = new BigInteger(1, aVar2.E());
        X9ECParameters byName = NISTNamedCurves.getByName(str);
        try {
            return new KeyPair(f.o(aVar), d.d("ECDSA").generatePrivate(new ECPrivateKeySpec(bigInteger, new ECNamedCurveSpec(str, byName.getCurve(), byName.getG(), byName.getN()))));
        } catch (GeneralSecurityException e5) {
            throw new IOException(e5.getMessage(), e5);
        }
    }

    public final byte[] d(String str, char[] cArr) {
        int i2;
        if ("argon2i".equals(str)) {
            i2 = 1;
        } else if ("argon2d".equals(str)) {
            i2 = 0;
        } else {
            if (!"argon2id".equals(str)) {
                return null;
            }
            i2 = 2;
        }
        byte[] decode = Hex.decode(this.j.get("Argon2-Salt"));
        int parseInt = Integer.parseInt(this.j.get("Argon2-Passes"));
        int parseInt2 = Integer.parseInt(this.j.get("Argon2-Memory"));
        Argon2Parameters build = new Argon2Parameters.Builder(i2).withVersion(19).withIterations(parseInt).withMemoryAsKB(parseInt2).withParallelism(Integer.parseInt(this.j.get("Argon2-Parallelism"))).withSalt(decode).build();
        Argon2BytesGenerator argon2BytesGenerator = new Argon2BytesGenerator();
        argon2BytesGenerator.init(build);
        byte[] bArr = new byte[80];
        if (argon2BytesGenerator.generateBytes(cArr, bArr) == 80) {
            return bArr;
        }
        throw new IOException("Failed to generate key via Argon2");
    }

    public final byte[] e(byte[] bArr, char[] cArr) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            g(cArr, cipher);
            return cipher.doFinal(bArr);
        } catch (GeneralSecurityException e) {
            throw new IOException(e.getMessage(), e);
        }
    }

    public net.schmizz.sshj.common.b f() {
        return net.schmizz.sshj.common.b.h(this.j.get(String.format("PuTTY-User-Key-File-%d", this.e)));
    }

    public final void g(char[] cArr, Cipher cipher) {
        String str = this.j.get("Key-Derivation");
        if (str != null) {
            String lowerCase = str.toLowerCase();
            byte[] d = d(lowerCase, cArr);
            if (d == null) {
                throw new IOException(String.format("Unsupported key derivation function: %s", lowerCase));
            }
            byte[] bArr = new byte[32];
            byte[] bArr2 = new byte[16];
            byte[] bArr3 = new byte[32];
            System.arraycopy(d, 0, bArr, 0, 32);
            System.arraycopy(d, 32, bArr2, 0, 16);
            System.arraycopy(d, 48, bArr3, 0, 32);
            cipher.init(2, new SecretKeySpec(bArr, "AES"), new IvParameterSpec(bArr2));
            this.h = bArr3;
            return;
        }
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(McElieceCCA2KeyGenParameterSpec.SHA1);
            byte[] c = k31.c(cArr);
            messageDigest.update(new byte[]{0, 0, 0, 0});
            messageDigest.update(c);
            byte[] digest = messageDigest.digest();
            messageDigest.update(new byte[]{0, 0, 0, 1});
            messageDigest.update(c);
            byte[] digest2 = messageDigest.digest();
            Arrays.fill(c, (byte) 0);
            byte[] bArr4 = new byte[32];
            System.arraycopy(digest, 0, bArr4, 0, 20);
            System.arraycopy(digest2, 0, bArr4, 20, 12);
            cipher.init(2, new SecretKeySpec(bArr4, 0, 32, "AES"), new IvParameterSpec(new byte[16]));
        } catch (NoSuchAlgorithmException e) {
            throw new IOException(e.getMessage(), e);
        }
    }

    public boolean h() {
        String str = this.j.get("Encryption");
        if ("none".equals(str)) {
            return false;
        }
        if ("aes256-cbc".equals(str)) {
            return true;
        }
        throw new IOException(String.format("Unsupported encryption: %s", str));
    }

    public void i() {
        String str = null;
        this.e = null;
        BufferedReader bufferedReader = new BufferedReader(this.a.b());
        while (true) {
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                int indexOf = readLine.indexOf(": ");
                if (indexOf > 0) {
                    str = readLine.substring(0, indexOf);
                    this.j.put(str, readLine.substring(indexOf + 2));
                    if (str.startsWith("PuTTY-User-Key-File-")) {
                        this.e = Integer.valueOf(Integer.parseInt(str.substring(20)));
                    }
                } else {
                    String str2 = this.f190i.get(str);
                    if (str2 != null) {
                        readLine = str2 + readLine;
                    }
                    this.f190i.put(str, readLine);
                }
            } catch (Throwable th) {
                bufferedReader.close();
                throw th;
            }
        }
        bufferedReader.close();
        if (this.e == null) {
            throw new IOException("Invalid key file format: missing \"PuTTY-User-Key-File-?\" entry");
        }
        this.g = q9.a(this.f190i.get("Public-Lines"));
        if (!h()) {
            this.f = q9.a(this.f190i.get("Private-Lines"));
            return;
        }
        h31 h31Var = this.b;
        char[] b2 = h31Var != null ? h31Var.b(this.a) : "".toCharArray();
        try {
            this.f = e(q9.a(this.f190i.get("Private-Lines")), b2);
            l(this.e.intValue() <= 2 ? j(b2) : k());
        } finally {
            k31.a(b2);
        }
    }

    public final Mac j(char[] cArr) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(McElieceCCA2KeyGenParameterSpec.SHA1);
            messageDigest.update("putty-private-key-file-mac-key".getBytes());
            if (cArr != null) {
                byte[] c = k31.c(cArr);
                messageDigest.update(c);
                Arrays.fill(c, (byte) 0);
            }
            byte[] digest = messageDigest.digest();
            Mac mac = Mac.getInstance("HmacSHA1");
            mac.init(new SecretKeySpec(digest, 0, 20, mac.getAlgorithm()));
            return mac;
        } catch (InvalidKeyException | NoSuchAlgorithmException e) {
            throw new IOException(e.getMessage(), e);
        }
    }

    public final Mac k() {
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(new SecretKeySpec(this.h, 0, 32, mac.getAlgorithm()));
            return mac;
        } catch (InvalidKeyException | NoSuchAlgorithmException e) {
            throw new IOException(e.getMessage(), e);
        }
    }

    public final void l(Mac mac) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(256);
        DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
        String bVar = f().toString();
        dataOutputStream.writeInt(bVar.length());
        dataOutputStream.writeBytes(bVar);
        dataOutputStream.writeInt(this.j.get("Encryption").length());
        dataOutputStream.writeBytes(this.j.get("Encryption"));
        dataOutputStream.writeInt(this.j.get("Comment").length());
        dataOutputStream.writeBytes(this.j.get("Comment"));
        dataOutputStream.writeInt(this.g.length);
        dataOutputStream.write(this.g);
        dataOutputStream.writeInt(this.f.length);
        dataOutputStream.write(this.f);
        if (!Hex.toHexString(mac.doFinal(byteArrayOutputStream.toByteArray())).equals(this.j.get("Private-MAC"))) {
            throw new IOException("Invalid passphrase");
        }
    }
}
