package com.trilead.ssh2.auth;

import androidx.lifecycle.ViewModelProvider$Factory;
import com.trilead.ssh2.crypto.keys.Ed25519PrivateKey;
import com.trilead.ssh2.crypto.keys.Ed25519PublicKey;
import com.trilead.ssh2.packets.TypesWriter;
import com.trilead.ssh2.signature.ECDSASHA2Verify;
import com.trilead.ssh2.signature.RSASHA1Verify;
import com.trilead.ssh2.signature.RSASHA256Verify$InstanceHolder;
import com.trilead.ssh2.signature.RSASHA512Verify$InstanceHolder;
import com.trilead.ssh2.transport.MessageHandler;
import com.trilead.ssh2.transport.TransportManager;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Set;
import java.util.Vector;
import okhttp3.internal.http2.Huffman;
import org.bouncycastle.crypto.BlockCipher;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.Wrapper;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.util.Pack;

/* loaded from: classes.dex */
public class AuthenticationManager implements MessageHandler, Wrapper {
    public boolean initDone;
    public Object packets;
    public Object tm;
    public Object remainingMethods = {-90, -90, -90, -90, -90, -90, -90, -90};
    public boolean connectionClosed = true;

    public AuthenticationManager(BlockCipher blockCipher) {
        this.tm = blockCipher;
    }

    public boolean authenticatePassword(String str, String str2) {
        boolean z;
        TransportManager transportManager = (TransportManager) this.tm;
        try {
            initialize(str);
            if (((String[]) this.remainingMethods) != null) {
                int i = 0;
                while (true) {
                    String[] strArr = (String[]) this.remainingMethods;
                    if (i >= strArr.length) {
                        break;
                    }
                    if (strArr[i].compareTo("password") == 0) {
                        z = true;
                        break;
                    }
                    i++;
                }
            }
            z = false;
            if (!z) {
                throw new IOException("Authentication method password not supported by the server at this stage.");
            }
            TypesWriter typesWriter = new TypesWriter();
            typesWriter.writeByte(50);
            typesWriter.writeString$1(str);
            typesWriter.writeString("ssh-connection");
            typesWriter.writeString("password");
            typesWriter.writeBoolean(false);
            typesWriter.writeString$1(str2);
            transportManager.sendMessage(typesWriter.getBytes());
            return isAuthenticationSuccessful(getNextMessage());
        } catch (IOException e) {
            transportManager.close(e, false);
            throw new IOException("Password authentication failed.", e);
        }
    }

    public boolean authenticatePublicKey(String str, KeyPair keyPair, SecureRandom secureRandom) {
        PrivateKey privateKey;
        PublicKey publicKey;
        boolean z;
        byte[] encodeSignature;
        String str2 = "ssh-rsa";
        if (keyPair != null) {
            privateKey = keyPair.getPrivate();
            publicKey = keyPair.getPublic();
        } else {
            privateKey = null;
            publicKey = null;
        }
        try {
            initialize(str);
            if (((String[]) this.remainingMethods) != null) {
                int i = 0;
                while (true) {
                    String[] strArr = (String[]) this.remainingMethods;
                    if (i >= strArr.length) {
                        break;
                    }
                    if (strArr[i].compareTo("publickey") == 0) {
                        z = true;
                        break;
                    }
                    i++;
                }
            }
            z = false;
            if (!z) {
                throw new IOException("Authentication method publickey not supported by the server at this stage.");
            }
            if (publicKey instanceof DSAPublicKey) {
                byte[] encodePublicKey = ECDSASHA2Verify.sInstance.encodePublicKey(publicKey);
                byte[] generatePublicKeyUserAuthenticationRequest = generatePublicKeyUserAuthenticationRequest(str, "ssh-dss", encodePublicKey);
                try {
                    Signature signature = Signature.getInstance("SHA1withDSA");
                    signature.initSign(privateKey);
                    signature.update(generatePublicKeyUserAuthenticationRequest);
                    byte[] encodeSignature$1 = RSASHA1Verify.encodeSignature$1(signature.sign());
                    TransportManager transportManager = (TransportManager) this.tm;
                    TypesWriter typesWriter = new TypesWriter();
                    typesWriter.writeByte(50);
                    typesWriter.writeString$1(str);
                    typesWriter.writeString("ssh-connection");
                    typesWriter.writeString("publickey");
                    typesWriter.writeBoolean(true);
                    typesWriter.writeString("ssh-dss");
                    typesWriter.writeString(encodePublicKey, 0, encodePublicKey.length);
                    typesWriter.writeString(encodeSignature$1, 0, encodeSignature$1.length);
                    transportManager.sendMessage(typesWriter.getBytes());
                } catch (InvalidKeyException e) {
                    e = e;
                    throw new IOException(e);
                } catch (NoSuchAlgorithmException e2) {
                    e = e2;
                    throw new IOException(e);
                } catch (SignatureException e3) {
                    e = e3;
                    throw new IOException(e);
                }
            } else if (publicKey instanceof RSAPublicKey) {
                RSASHA1Verify.InstanceHolder.sInstance.getClass();
                RSAPublicKey rSAPublicKey = (RSAPublicKey) publicKey;
                TypesWriter typesWriter2 = new TypesWriter();
                typesWriter2.writeString("ssh-rsa");
                typesWriter2.writeMPInt(rSAPublicKey.getPublicExponent());
                typesWriter2.writeMPInt(rSAPublicKey.getModulus());
                byte[] bytes = typesWriter2.getBytes();
                Set set = (Set) ((TransportManager) this.tm).extensionInfo.delegate;
                RSASHA512Verify$InstanceHolder.sInstance.getClass();
                if (set.contains("rsa-sha2-512")) {
                    byte[] generatePublicKeyUserAuthenticationRequest2 = generatePublicKeyUserAuthenticationRequest(str, "rsa-sha2-512", bytes);
                    try {
                        Signature signature2 = Signature.getInstance("SHA512withRSA");
                        signature2.initSign(privateKey, secureRandom);
                        signature2.update(generatePublicKeyUserAuthenticationRequest2);
                        encodeSignature = RSASHA1Verify.encodeRSASHA512Signature(signature2.sign());
                        str2 = "rsa-sha2-512";
                    } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e4) {
                        throw new IOException(e4);
                    }
                } else if (set.contains("rsa-sha2-256")) {
                    byte[] generatePublicKeyUserAuthenticationRequest3 = generatePublicKeyUserAuthenticationRequest(str, "rsa-sha2-256", bytes);
                    RSASHA256Verify$InstanceHolder.sInstance.getClass();
                    try {
                        Signature signature3 = Signature.getInstance("SHA256withRSA");
                        signature3.initSign(privateKey, secureRandom);
                        signature3.update(generatePublicKeyUserAuthenticationRequest3);
                        encodeSignature = RSASHA1Verify.encodeRSASHA256Signature(signature3.sign());
                        str2 = "rsa-sha2-256";
                    } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e5) {
                        throw new IOException(e5);
                    }
                } else {
                    byte[] generatePublicKeyUserAuthenticationRequest4 = generatePublicKeyUserAuthenticationRequest(str, "ssh-rsa", bytes);
                    try {
                        Signature signature4 = Signature.getInstance("SHA1withRSA");
                        signature4.initSign(privateKey, secureRandom);
                        signature4.update(generatePublicKeyUserAuthenticationRequest4);
                        encodeSignature = RSASHA1Verify.encodeSignature(signature4.sign());
                    } catch (InvalidKeyException e6) {
                        e = e6;
                        throw new IOException(e);
                    } catch (NoSuchAlgorithmException e7) {
                        e = e7;
                        throw new IOException(e);
                    } catch (SignatureException e8) {
                        e = e8;
                        throw new IOException(e);
                    }
                }
                TransportManager transportManager2 = (TransportManager) this.tm;
                TypesWriter typesWriter3 = new TypesWriter();
                typesWriter3.writeByte(50);
                typesWriter3.writeString$1(str);
                typesWriter3.writeString("ssh-connection");
                typesWriter3.writeString("publickey");
                typesWriter3.writeBoolean(true);
                typesWriter3.writeString(str2);
                typesWriter3.writeString(bytes, 0, bytes.length);
                typesWriter3.writeString(encodeSignature, 0, encodeSignature.length);
                transportManager2.sendMessage(typesWriter3.getBytes());
            } else if (publicKey instanceof ECPublicKey) {
                ECPublicKey eCPublicKey = (ECPublicKey) publicKey;
                ECDSASHA2Verify verifierForKey = ECDSASHA2Verify.getVerifierForKey(eCPublicKey);
                String keyFormat = verifierForKey.getKeyFormat();
                byte[] encodePublicKey2 = verifierForKey.encodePublicKey(eCPublicKey);
                byte[] generatePublicKeyUserAuthenticationRequest5 = generatePublicKeyUserAuthenticationRequest(str, keyFormat, encodePublicKey2);
                try {
                    Signature signature5 = Signature.getInstance(verifierForKey.getSignatureAlgorithm());
                    signature5.initSign(privateKey, secureRandom);
                    signature5.update(generatePublicKeyUserAuthenticationRequest5);
                    byte[] encodeSSHECDSASignature = verifierForKey.encodeSSHECDSASignature(signature5.sign());
                    TransportManager transportManager3 = (TransportManager) this.tm;
                    TypesWriter typesWriter4 = new TypesWriter();
                    typesWriter4.writeByte(50);
                    typesWriter4.writeString$1(str);
                    typesWriter4.writeString("ssh-connection");
                    typesWriter4.writeString("publickey");
                    typesWriter4.writeBoolean(true);
                    typesWriter4.writeString(keyFormat);
                    typesWriter4.writeString(encodePublicKey2, 0, encodePublicKey2.length);
                    typesWriter4.writeString(encodeSSHECDSASignature, 0, encodeSSHECDSASignature.length);
                    transportManager3.sendMessage(typesWriter4.getBytes());
                } catch (InvalidKeyException e9) {
                    e = e9;
                    throw new IOException(e);
                } catch (NoSuchAlgorithmException e10) {
                    e = e10;
                    throw new IOException(e);
                } catch (SignatureException e11) {
                    e = e11;
                    throw new IOException(e);
                }
            } else {
                if (!(publicKey instanceof Ed25519PublicKey)) {
                    throw new IOException("Unknown public key type.");
                }
                RSASHA1Verify rSASHA1Verify = ECDSASHA2Verify.sInstance$1;
                rSASHA1Verify.getClass();
                TypesWriter typesWriter5 = new TypesWriter();
                typesWriter5.writeString("ssh-ed25519");
                byte[] abyte = ((Ed25519PublicKey) publicKey).getAbyte();
                typesWriter5.writeString(abyte, 0, abyte.length);
                byte[] bytes2 = typesWriter5.getBytes();
                byte[] generateSignature = rSASHA1Verify.generateSignature(generatePublicKeyUserAuthenticationRequest(str, "ssh-ed25519", bytes2), (Ed25519PrivateKey) privateKey, secureRandom);
                TransportManager transportManager4 = (TransportManager) this.tm;
                TypesWriter typesWriter6 = new TypesWriter();
                typesWriter6.writeByte(50);
                typesWriter6.writeString$1(str);
                typesWriter6.writeString("ssh-connection");
                typesWriter6.writeString("publickey");
                typesWriter6.writeBoolean(true);
                typesWriter6.writeString("ssh-ed25519");
                typesWriter6.writeString(bytes2, 0, bytes2.length);
                typesWriter6.writeString(generateSignature, 0, generateSignature.length);
                transportManager4.sendMessage(typesWriter6.getBytes());
            }
            return isAuthenticationSuccessful(getNextMessage());
        } catch (IOException e12) {
            e12.printStackTrace();
            ((TransportManager) this.tm).close(e12, false);
            throw new IOException("Publickey authentication failed.", e12);
        }
    }

    public byte[] generatePublicKeyUserAuthenticationRequest(String str, String str2, byte[] bArr) {
        TypesWriter typesWriter = new TypesWriter();
        byte[] bArr2 = ((TransportManager) this.tm).km.sessionId;
        typesWriter.writeString(bArr2, 0, bArr2.length);
        typesWriter.writeByte(50);
        typesWriter.writeString(str);
        typesWriter.writeString("ssh-connection");
        typesWriter.writeString("publickey");
        typesWriter.writeBoolean(true);
        typesWriter.writeString(str2);
        typesWriter.writeString(bArr, 0, bArr.length);
        return typesWriter.getBytes();
    }

    @Override // org.bouncycastle.crypto.Wrapper
    public String getAlgorithmName() {
        return ((BlockCipher) this.tm).getAlgorithmName();
    }

    public byte[] getNextMessage() {
        byte[] bArr;
        Huffman.Node node;
        do {
            synchronized (((Vector) this.packets)) {
                while (((Vector) this.packets).size() == 0) {
                    if (this.connectionClosed) {
                        throw new IOException("The connection is closed.", ((TransportManager) this.tm).getReasonClosedCause());
                    }
                    try {
                        ((Vector) this.packets).wait();
                    } catch (InterruptedException unused) {
                    }
                }
                bArr = (byte[]) ((Vector) this.packets).firstElement();
                ((Vector) this.packets).removeElementAt(0);
            }
            if (bArr[0] != 53) {
                return bArr;
            }
            int length = bArr.length;
            System.arraycopy(bArr, 0, new byte[length], 0, length);
            node = new Huffman.Node(0, length, 2, bArr);
            int readByte = node.readByte();
            if (readByte != 53) {
                throw new IOException(ViewModelProvider$Factory.CC.m(readByte, "This is not a SSH_MSG_USERAUTH_BANNER! (", ")"));
            }
            node.readString("UTF-8");
            node.readString();
        } while (node.remain() == 0);
        throw new IOException("Padding in SSH_MSG_USERAUTH_REQUEST packet!");
    }

    @Override // com.trilead.ssh2.transport.MessageHandler
    public void handleMessage(byte[] bArr, int i) {
        synchronized (((Vector) this.packets)) {
            try {
                if (bArr == null) {
                    this.connectionClosed = true;
                } else {
                    byte[] bArr2 = new byte[i];
                    System.arraycopy(bArr, 0, bArr2, 0, i);
                    ((Vector) this.packets).addElement(bArr2);
                }
                ((Vector) this.packets).notifyAll();
                if (((Vector) this.packets).size() > 5) {
                    this.connectionClosed = true;
                    throw new IOException("Error, peer is flooding us with authentication packets.");
                }
            } catch (Throwable th) {
                throw th;
            }
        }
    }

    @Override // org.bouncycastle.crypto.Wrapper
    public void init(boolean z, CipherParameters cipherParameters) {
        this.initDone = z;
        if (cipherParameters instanceof ParametersWithRandom) {
            cipherParameters = ((ParametersWithRandom) cipherParameters).parameters;
        }
        if (cipherParameters instanceof KeyParameter) {
            this.packets = (KeyParameter) cipherParameters;
            return;
        }
        if (cipherParameters instanceof ParametersWithIV) {
            ParametersWithIV parametersWithIV = (ParametersWithIV) cipherParameters;
            byte[] bArr = parametersWithIV.iv;
            this.remainingMethods = bArr;
            this.packets = (KeyParameter) parametersWithIV.parameters;
            if (bArr.length != 8) {
                throw new IllegalArgumentException("IV not equal to 8");
            }
        }
    }

    public void initialize(String str) {
        if (this.initDone) {
            return;
        }
        TransportManager transportManager = (TransportManager) this.tm;
        transportManager.registerMessageHandler(this, 0, 255);
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeByte(5);
        typesWriter.writeString("ssh-userauth");
        transportManager.sendMessage(typesWriter.getBytes());
        TypesWriter typesWriter2 = new TypesWriter();
        typesWriter2.writeByte(50);
        typesWriter2.writeString$1(str);
        typesWriter2.writeString("ssh-connection");
        typesWriter2.writeString("none");
        transportManager.sendMessage(typesWriter2.getBytes());
        byte[] nextMessage = getNextMessage();
        int length = nextMessage.length;
        System.arraycopy(nextMessage, 0, new byte[length], 0, length);
        Huffman.Node node = new Huffman.Node(0, length, 2, nextMessage);
        int readByte = node.readByte();
        if (readByte != 6) {
            throw new IOException(ViewModelProvider$Factory.CC.m(readByte, "This is not a SSH_MSG_SERVICE_ACCEPT! (", ")"));
        }
        if (node.remain() > 0) {
            node.readString();
        }
        if (node.remain() != 0) {
            throw new IOException("Padding in SSH_MSG_SERVICE_ACCEPT packet!");
        }
        byte[] nextMessage2 = getNextMessage();
        this.initDone = true;
        byte b = nextMessage2[0];
        if (b == 52) {
            transportManager.removeMessageHandler(this);
            return;
        }
        if (b != 51) {
            throw new IOException("Unexpected SSH message (type " + ((int) nextMessage2[0]) + ")");
        }
        int length2 = nextMessage2.length;
        System.arraycopy(nextMessage2, 0, new byte[length2], 0, length2);
        Huffman.Node node2 = new Huffman.Node(0, length2, 2, nextMessage2);
        int readByte2 = node2.readByte();
        if (readByte2 != 51) {
            throw new IOException(ViewModelProvider$Factory.CC.m(readByte2, "This is not a SSH_MSG_USERAUTH_FAILURE! (", ")"));
        }
        String[] readNameList = node2.readNameList();
        node2.readBoolean();
        if (node2.remain() != 0) {
            throw new IOException("Padding in SSH_MSG_USERAUTH_FAILURE packet!");
        }
        this.remainingMethods = readNameList;
    }

    public boolean isAuthenticationSuccessful(byte[] bArr) {
        byte b = bArr[0];
        if (b == 52) {
            ((TransportManager) this.tm).removeMessageHandler(this);
            return true;
        }
        if (b != 51) {
            throw new IOException("Unexpected SSH message (type " + ((int) bArr[0]) + ")");
        }
        int length = bArr.length;
        System.arraycopy(bArr, 0, new byte[length], 0, length);
        Huffman.Node node = new Huffman.Node(0, length, 2, bArr);
        int readByte = node.readByte();
        if (readByte != 51) {
            throw new IOException(ViewModelProvider$Factory.CC.m(readByte, "This is not a SSH_MSG_USERAUTH_FAILURE! (", ")"));
        }
        String[] readNameList = node.readNameList();
        node.readBoolean();
        if (node.remain() != 0) {
            throw new IOException("Padding in SSH_MSG_USERAUTH_FAILURE packet!");
        }
        this.remainingMethods = readNameList;
        return false;
    }

    @Override // org.bouncycastle.crypto.Wrapper
    public byte[] unwrap(byte[] bArr, int i) {
        if (this.initDone) {
            throw new IllegalStateException("not set for unwrapping");
        }
        int i2 = i / 8;
        if (i2 * 8 != i) {
            throw new Exception("unwrap data must be a multiple of 8 bytes");
        }
        byte[] bArr2 = (byte[]) this.remainingMethods;
        byte[] bArr3 = new byte[i - bArr2.length];
        byte[] bArr4 = new byte[bArr2.length];
        byte[] bArr5 = new byte[bArr2.length + 8];
        System.arraycopy(bArr, 0, bArr4, 0, bArr2.length);
        byte[] bArr6 = (byte[]) this.remainingMethods;
        System.arraycopy(bArr, bArr6.length, bArr3, 0, i - bArr6.length);
        boolean z = !this.connectionClosed;
        KeyParameter keyParameter = (KeyParameter) this.packets;
        BlockCipher blockCipher = (BlockCipher) this.tm;
        blockCipher.init(z, keyParameter);
        int i3 = i2 - 1;
        for (int i4 = 5; i4 >= 0; i4--) {
            for (int i5 = i3; i5 >= 1; i5--) {
                System.arraycopy(bArr4, 0, bArr5, 0, ((byte[]) this.remainingMethods).length);
                int i6 = (i5 - 1) * 8;
                System.arraycopy(bArr3, i6, bArr5, ((byte[]) this.remainingMethods).length, 8);
                int i7 = (i3 * i4) + i5;
                int i8 = 1;
                while (i7 != 0) {
                    int length = ((byte[]) this.remainingMethods).length - i8;
                    bArr5[length] = (byte) (bArr5[length] ^ ((byte) i7));
                    i7 >>>= 8;
                    i8++;
                }
                blockCipher.processBlock(0, 0, bArr5, bArr5);
                System.arraycopy(bArr5, 0, bArr4, 0, 8);
                System.arraycopy(bArr5, 8, bArr3, i6, 8);
            }
        }
        if (Pack.constantTimeAreEqual(bArr4, (byte[]) this.remainingMethods)) {
            return bArr3;
        }
        throw new Exception("checksum failed");
    }

    @Override // org.bouncycastle.crypto.Wrapper
    public byte[] wrap(byte[] bArr, int i) {
        if (!this.initDone) {
            throw new IllegalStateException("not set for wrapping");
        }
        int i2 = i / 8;
        if (i2 * 8 != i) {
            throw new RuntimeException("wrap data must be a multiple of 8 bytes");
        }
        byte[] bArr2 = (byte[]) this.remainingMethods;
        byte[] bArr3 = new byte[bArr2.length + i];
        byte[] bArr4 = new byte[bArr2.length + 8];
        System.arraycopy(bArr2, 0, bArr3, 0, bArr2.length);
        System.arraycopy(bArr, 0, bArr3, ((byte[]) this.remainingMethods).length, i);
        boolean z = this.connectionClosed;
        KeyParameter keyParameter = (KeyParameter) this.packets;
        BlockCipher blockCipher = (BlockCipher) this.tm;
        blockCipher.init(z, keyParameter);
        for (int i3 = 0; i3 != 6; i3++) {
            for (int i4 = 1; i4 <= i2; i4++) {
                System.arraycopy(bArr3, 0, bArr4, 0, ((byte[]) this.remainingMethods).length);
                int i5 = i4 * 8;
                System.arraycopy(bArr3, i5, bArr4, ((byte[]) this.remainingMethods).length, 8);
                blockCipher.processBlock(0, 0, bArr4, bArr4);
                int i6 = (i2 * i3) + i4;
                int i7 = 1;
                while (i6 != 0) {
                    int length = ((byte[]) this.remainingMethods).length - i7;
                    bArr4[length] = (byte) (((byte) i6) ^ bArr4[length]);
                    i6 >>>= 8;
                    i7++;
                }
                System.arraycopy(bArr4, 0, bArr3, 0, 8);
                System.arraycopy(bArr4, 8, bArr3, i5, 8);
            }
        }
        return bArr3;
    }
}
