package ch.ethz.ssh2.crypto;

import ch.ethz.ssh2.crypto.cipher.CBCMode;
import ch.ethz.ssh2.crypto.cipher.DESede;
import ch.ethz.ssh2.crypto.digest.MD5;
import ch.ethz.ssh2.signature.DSAPrivateKey;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.StringReader;
import java.math.BigInteger;

/* loaded from: input_file:ch/ethz/ssh2/crypto/PEMDecoder.class */
public class PEMDecoder {
    private static int hexToInt(char c) {
        if (c >= 'a' && c <= 'f') {
            return (c - 'a') + 10;
        }
        if (c >= 'A' && c <= 'F') {
            return (c - 'A') + 10;
        }
        if (c < '0' || c > '9') {
            throw new IllegalArgumentException("Need hex char");
        }
        return c - '0';
    }

    private static byte[] hexToByteArray(String str) {
        if (str == null) {
            throw new IllegalArgumentException("null argument");
        }
        if (str.length() % 2 != 0) {
            throw new IllegalArgumentException("Uneven string length in hex encoding.");
        }
        byte[] bArr = new byte[str.length() / 2];
        for (int i = 0; i < bArr.length; i++) {
            bArr[i] = (byte) ((hexToInt(str.charAt(i * 2)) * 16) + hexToInt(str.charAt((i * 2) + 1)));
        }
        return bArr;
    }

    private static byte[] generateKeyFromPasswordSaltWithMD5(byte[] bArr, byte[] bArr2, int i) throws IOException {
        MD5 md5 = new MD5();
        byte[] bArr3 = new byte[i];
        byte[] bArr4 = new byte[md5.getDigestLength()];
        while (true) {
            md5.update(bArr, 0, bArr.length);
            md5.update(bArr2, 0, bArr2.length);
            int length = i < bArr4.length ? i : bArr4.length;
            md5.digest(bArr4, 0);
            System.arraycopy(bArr4, 0, bArr3, bArr3.length - i, length);
            i -= length;
            if (i == 0) {
                return bArr3;
            }
            md5.update(bArr4, 0, bArr4.length);
        }
    }

    private static byte[] removePadding(byte[] bArr, int i) throws IOException {
        int i2 = bArr[bArr.length - 1] & 255;
        if (i2 < 1 || i2 > i) {
            throw new IOException("Decrypted PEM has wrong padding, did you specify the correct password?");
        }
        for (int i3 = 2; i3 <= i2; i3++) {
            if (bArr[bArr.length - i3] != i2) {
                throw new IOException("Decrypted PEM has wrong padding, did you specify the correct password?");
            }
        }
        byte[] bArr2 = new byte[bArr.length - i2];
        System.arraycopy(bArr, 0, bArr2, 0, bArr.length - i2);
        return bArr2;
    }

    public static DSAPrivateKey decode(String str, String str2) throws IOException {
        String readLine;
        boolean z = false;
        byte[] bArr = (byte[]) null;
        int i = 0;
        StringBuffer stringBuffer = new StringBuffer();
        BufferedReader bufferedReader = new BufferedReader(new StringReader(str));
        do {
            readLine = bufferedReader.readLine();
            if (readLine == null) {
                throw new IOException("Invalid PEM structure, 'BEGIN DSA...' missing");
            }
        } while (readLine.indexOf("-----BEGIN DSA PRIVATE KEY-----") == -1);
        while (true) {
            String readLine2 = bufferedReader.readLine();
            if (readLine2 == null) {
                throw new IOException("Invalid PEM structure, 'END DSA...' missing");
            }
            if (readLine2.indexOf("-----END DSA PRIVATE KEY-----") != -1) {
                byte[] decode = Base64.decode(stringBuffer.toString());
                if (decode.length == 0) {
                    throw new IOException("Invalid PEM structure");
                }
                if (z) {
                    if (decode.length % i != 0) {
                        throw new IOException("Invalid PEM structure");
                    }
                    if (bArr == null) {
                        throw new IOException("Broken PEM, no mode and salt given, but encryption enabled");
                    }
                    if (str2 == null) {
                        throw new IOException("This private key is encrypted, you need to specify a password");
                    }
                    byte[] generateKeyFromPasswordSaltWithMD5 = generateKeyFromPasswordSaltWithMD5(str2.getBytes(), bArr, 24);
                    DESede dESede = new DESede();
                    dESede.init(false, generateKeyFromPasswordSaltWithMD5);
                    CBCMode cBCMode = new CBCMode(dESede, bArr, false);
                    byte[] bArr2 = new byte[decode.length];
                    for (int i2 = 0; i2 < decode.length / i; i2++) {
                        cBCMode.transformBlock(decode, i2 * i, bArr2, i2 * i);
                    }
                    decode = removePadding(bArr2, i);
                }
                SimpleDERReader simpleDERReader = new SimpleDERReader(decode);
                byte[] readSequenceAsByteArray = simpleDERReader.readSequenceAsByteArray();
                if (simpleDERReader.available() != 0) {
                    throw new IOException("Padding in DSA PRIVATE KEY DER stream.");
                }
                simpleDERReader.resetInput(readSequenceAsByteArray);
                BigInteger readInt = simpleDERReader.readInt();
                if (readInt.compareTo(BigInteger.ZERO) != 0) {
                    throw new IOException(new StringBuffer("Wrong version (").append(readInt).append(") in DSA PRIVATE KEY DER stream.").toString());
                }
                BigInteger readInt2 = simpleDERReader.readInt();
                BigInteger readInt3 = simpleDERReader.readInt();
                BigInteger readInt4 = simpleDERReader.readInt();
                BigInteger readInt5 = simpleDERReader.readInt();
                BigInteger readInt6 = simpleDERReader.readInt();
                if (simpleDERReader.available() != 0) {
                    throw new IOException("Padding in DSA PRIVATE KEY DER stream.");
                }
                return new DSAPrivateKey(readInt2, readInt3, readInt4, readInt5, readInt6);
            }
            if (readLine2.indexOf("Proc-Type: 4,ENCRYPTED") != -1) {
                z = true;
            } else if (readLine2.indexOf("DEK-Info:") != -1) {
                int indexOf = readLine2.indexOf("DEK-Info: DES-EDE3-CBC,");
                if (indexOf == -1) {
                    throw new IOException("Unknown PEM encryption");
                }
                i = 8;
                String trim = readLine2.substring(indexOf + "DEK-Info: DES-EDE3-CBC,".length()).trim();
                if (trim.length() != 16) {
                    throw new IOException("Broken DEK Info in PEM");
                }
                bArr = hexToByteArray(trim);
            } else {
                stringBuffer.append(readLine2.trim());
            }
        }
    }
}
