package com.trilead.ssh2;

import com.trilead.ssh2.crypto.Base64;
import com.trilead.ssh2.signature.DSASHA1Verify;
import com.trilead.ssh2.signature.ECDSASHA2Verify;
import com.trilead.ssh2.signature.Ed25519Verify;
import com.trilead.ssh2.signature.RSASHA1Verify;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.Locale;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import net.i2p.crypto.eddsa.EdDSAPublicKey;

/* loaded from: classes.dex */
public class KnownHosts {
    private LinkedList<KnownHostsEntry> publicKeys = new LinkedList<>();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class KnownHostsEntry {
        PublicKey key;
        String[] patterns;

        KnownHostsEntry(String[] strArr, PublicKey publicKey) {
            this.patterns = strArr;
            this.key = publicKey;
        }
    }

    private final boolean checkHashed(String str, String str2) {
        int indexOf;
        if (!str.startsWith("|1|") || (indexOf = str.indexOf(124, 3)) == -1) {
            return false;
        }
        String substring = str.substring(3, indexOf);
        String substring2 = str.substring(indexOf + 1);
        try {
            byte[] decode = Base64.decode(substring.toCharArray());
            byte[] decode2 = Base64.decode(substring2.toCharArray());
            try {
                if (decode.length != MessageDigest.getInstance("SHA1").getDigestLength()) {
                    return false;
                }
                byte[] hmacSha1Hash = hmacSha1Hash(decode, str2);
                for (int i = 0; i < hmacSha1Hash.length; i++) {
                    if (hmacSha1Hash[i] != decode2[i]) {
                        return false;
                    }
                }
                return true;
            } catch (NoSuchAlgorithmException e) {
                throw new RuntimeException("VM does not support SHA1", e);
            }
        } catch (IOException unused) {
            return false;
        }
    }

    private int checkKey(String str, PublicKey publicKey) {
        synchronized (this.publicKeys) {
            Iterator<KnownHostsEntry> it = this.publicKeys.iterator();
            int i = 1;
            while (it.hasNext()) {
                KnownHostsEntry next = it.next();
                if (hostnameMatches(next.patterns, str)) {
                    if (matchKeys(next.key, publicKey)) {
                        return 0;
                    }
                    i = 2;
                }
            }
            return i;
        }
    }

    public static final String createHexFingerprint(String str, byte[] bArr) {
        return rawToHexFingerprint(rawFingerPrint("md5", str, bArr));
    }

    private static final byte[] hmacSha1Hash(byte[] bArr, String str) {
        try {
            Mac mac = Mac.getInstance("HmacSHA1");
            if (bArr.length == mac.getMacLength()) {
                mac.init(new SecretKeySpec(bArr, "HmacSHA1"));
                try {
                    mac.update(str.getBytes("ISO-8859-1"));
                } catch (UnsupportedEncodingException unused) {
                    mac.update(str.getBytes());
                }
                return mac.doFinal();
            }
            throw new IllegalArgumentException("Salt has wrong length (" + bArr.length + ")");
        } catch (InvalidKeyException e) {
            throw new RuntimeException("Unable to create SecretKey", e);
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException("Unable to HMAC-SHA1", e2);
        }
    }

    private final boolean hostnameMatches(String[] strArr, String str) {
        String str2;
        boolean z;
        String lowerCase = str.toLowerCase(Locale.US);
        boolean z2 = false;
        for (int i = 0; i < strArr.length; i++) {
            if (strArr[i] != null) {
                if (strArr[i].length() <= 0 || strArr[i].charAt(0) != '!') {
                    str2 = strArr[i];
                    z = false;
                } else {
                    str2 = strArr[i].substring(1);
                    z = true;
                }
                if (!z2 || z) {
                    if (str2.charAt(0) != '|') {
                        String lowerCase2 = str2.toLowerCase(Locale.US);
                        if (lowerCase2.indexOf(63) == -1 && lowerCase2.indexOf(42) == -1) {
                            if (lowerCase2.compareTo(lowerCase) != 0) {
                                continue;
                            } else {
                                if (z) {
                                    return false;
                                }
                                z2 = true;
                            }
                        } else if (pseudoRegex(lowerCase2.toCharArray(), 0, lowerCase.toCharArray(), 0)) {
                            if (z) {
                                return false;
                            }
                            z2 = true;
                        } else {
                            continue;
                        }
                    } else if (checkHashed(str2, lowerCase)) {
                        if (z) {
                            return false;
                        }
                        z2 = true;
                    } else {
                        continue;
                    }
                }
            }
        }
        return z2;
    }

    private final boolean matchKeys(PublicKey publicKey, PublicKey publicKey2) {
        return publicKey.equals(publicKey2);
    }

    private final boolean pseudoRegex(char[] cArr, int i, char[] cArr2, int i2) {
        while (cArr.length != i) {
            if (cArr[i] == '*') {
                int i3 = i + 1;
                if (cArr.length == i3) {
                    return true;
                }
                if (cArr[i3] == '*' || cArr[i3] == '?') {
                    while (!pseudoRegex(cArr, i3, cArr2, i2)) {
                        i2++;
                        if (cArr2.length == i2) {
                            return false;
                        }
                    }
                    return true;
                }
                do {
                    if (cArr[i3] == cArr2[i2] && pseudoRegex(cArr, i3 + 1, cArr2, i2 + 1)) {
                        return true;
                    }
                    i2++;
                } while (cArr2.length != i2);
                return false;
            }
            if (cArr2.length == i2) {
                return false;
            }
            if (cArr[i] != '?' && cArr[i] != cArr2[i2]) {
                return false;
            }
            i++;
            i2++;
        }
        return cArr2.length == i2;
    }

    private static final byte[] rawFingerPrint(String str, String str2, byte[] bArr) {
        MessageDigest messageDigest;
        try {
            if ("md5".equals(str)) {
                messageDigest = MessageDigest.getInstance("MD5");
            } else {
                if (!"sha1".equals(str)) {
                    throw new IllegalArgumentException("Unknown hash type " + str);
                }
                messageDigest = MessageDigest.getInstance("SHA1");
            }
            if ("ssh-ed25519".equals(str2) || str2.startsWith("ecdsa-sha2-") || "ssh-rsa".equals(str2) || "ssh-dss".equals(str2)) {
                if (bArr == null) {
                    throw new IllegalArgumentException("hostkey is null");
                }
                messageDigest.update(bArr);
                return messageDigest.digest();
            }
            throw new IllegalArgumentException("Unknown key type " + str2);
        } catch (NoSuchAlgorithmException unused) {
            throw new IllegalArgumentException("Unknown hash type " + str);
        }
    }

    private static final String rawToHexFingerprint(byte[] bArr) {
        char[] charArray = "0123456789abcdef".toCharArray();
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < bArr.length; i++) {
            if (i != 0) {
                stringBuffer.append(':');
            }
            int i2 = bArr[i] & 255;
            stringBuffer.append(charArray[i2 >> 4]);
            stringBuffer.append(charArray[i2 & 15]);
        }
        return stringBuffer.toString();
    }

    public void addHostkey(String[] strArr, String str, byte[] bArr) throws IOException {
        if (strArr == null) {
            throw new IllegalArgumentException("hostnames may not be null");
        }
        if ("ssh-rsa".equals(str)) {
            RSAPublicKey decodeSSHRSAPublicKey = RSASHA1Verify.decodeSSHRSAPublicKey(bArr);
            synchronized (this.publicKeys) {
                this.publicKeys.add(new KnownHostsEntry(strArr, decodeSSHRSAPublicKey));
            }
            return;
        }
        if ("ssh-dss".equals(str)) {
            DSAPublicKey decodeSSHDSAPublicKey = DSASHA1Verify.decodeSSHDSAPublicKey(bArr);
            synchronized (this.publicKeys) {
                this.publicKeys.add(new KnownHostsEntry(strArr, decodeSSHDSAPublicKey));
            }
            return;
        }
        if (str.startsWith("ecdsa-sha2-")) {
            ECPublicKey decodeSSHECDSAPublicKey = ECDSASHA2Verify.decodeSSHECDSAPublicKey(bArr);
            synchronized (this.publicKeys) {
                this.publicKeys.add(new KnownHostsEntry(strArr, decodeSSHECDSAPublicKey));
            }
            return;
        }
        if ("ssh-ed25519".equals(str)) {
            EdDSAPublicKey decodeSSHEd25519PublicKey = Ed25519Verify.decodeSSHEd25519PublicKey(bArr);
            synchronized (this.publicKeys) {
                this.publicKeys.add(new KnownHostsEntry(strArr, decodeSSHEd25519PublicKey));
            }
            return;
        }
        throw new IOException("Unknown host key type (" + str + ")");
    }

    public int verifyHostkey(String str, String str2, byte[] bArr) throws IOException {
        PublicKey decodeSSHEd25519PublicKey;
        if ("ssh-rsa".equals(str2)) {
            decodeSSHEd25519PublicKey = RSASHA1Verify.decodeSSHRSAPublicKey(bArr);
        } else if ("ssh-dss".equals(str2)) {
            decodeSSHEd25519PublicKey = DSASHA1Verify.decodeSSHDSAPublicKey(bArr);
        } else if (str2.startsWith("ecdsa-sha2-")) {
            decodeSSHEd25519PublicKey = ECDSASHA2Verify.decodeSSHECDSAPublicKey(bArr);
        } else {
            if (!"ssh-ed25519".equals(str2)) {
                throw new IllegalArgumentException("Unknown hostkey type " + str2);
            }
            decodeSSHEd25519PublicKey = Ed25519Verify.decodeSSHEd25519PublicKey(bArr);
        }
        int checkKey = checkKey(str, decodeSSHEd25519PublicKey);
        if (checkKey == 0) {
            return checkKey;
        }
        try {
            for (InetAddress inetAddress : InetAddress.getAllByName(str)) {
                int checkKey2 = checkKey(inetAddress.getHostAddress(), decodeSSHEd25519PublicKey);
                if (checkKey2 == 0) {
                    return checkKey2;
                }
                if (checkKey2 == 2) {
                    checkKey = 2;
                }
            }
        } catch (UnknownHostException unused) {
        }
        return checkKey;
    }
}
