package be.iminds.ilabt.jfed.ssh_terminal_tool.putty;

import be.iminds.ilabt.jfed.util.IOUtils;
import be.iminds.ilabt.jfed.util.KeyUtil;
import be.iminds.ilabt.jfed.util.TextUtil;
import ch.ethz.ssh2.crypto.cipher.AES;
import ch.ethz.ssh2.crypto.cipher.CBCMode;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.IOException;
import java.io.StringReader;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.nio.charset.Charset;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.HashMap;
import java.util.Map;
import javanet.staxutils.Indentation;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.configuration.tree.DefaultExpressionEngine;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:be/iminds/ilabt/jfed/ssh_terminal_tool/putty/PuTTYPrivateKeyFile.class */
public class PuTTYPrivateKeyFile {
    private static final Logger LOG;
    private RSAPublicKey publicKey;
    private RSAPrivateCrtKey privateKey;
    private boolean encrypted;
    private Map<String, String> lines = new HashMap();
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:be/iminds/ilabt/jfed/ssh_terminal_tool/putty/PuTTYPrivateKeyFile$MalformedPPKException.class */
    public static class MalformedPPKException extends RuntimeException {
        private MalformedPPKException() {
        }

        private MalformedPPKException(String str) {
            super(str);
        }

        private MalformedPPKException(String str, Throwable th) {
            super(str, th);
        }

        private MalformedPPKException(Throwable th) {
            super(th);
        }

        private MalformedPPKException(String str, Throwable th, boolean z, boolean z2) {
            super(str, th, z, z2);
        }
    }

    private PuTTYPrivateKeyFile() {
    }

    public static PuTTYPrivateKeyFile parse(String str) {
        PuTTYPrivateKeyFile puTTYPrivateKeyFile = new PuTTYPrivateKeyFile();
        puTTYPrivateKeyFile.lines = contentToLines(str);
        if (!$assertionsDisabled && !puTTYPrivateKeyFile.lines.get("PuTTY-User-Key-File-2").equals("ssh-rsa")) {
            throw new AssertionError();
        }
        puTTYPrivateKeyFile.publicKey = linesToPublicKey(puTTYPrivateKeyFile.lines);
        puTTYPrivateKeyFile.encrypted = linesToEncrypted(puTTYPrivateKeyFile.lines);
        if (!puTTYPrivateKeyFile.isEncrypted()) {
            puTTYPrivateKeyFile.privateKey = linesToPrivateKey(puTTYPrivateKeyFile.lines, null);
        }
        return puTTYPrivateKeyFile;
    }

    public static PuTTYPrivateKeyFile read(File file) throws IOException {
        return parse(IOUtils.fileToString(file));
    }

    public static boolean isPuttyPrivateKey(File file) throws IOException {
        BufferedReader bufferedReader = new BufferedReader(new FileReader(file));
        String readLine = bufferedReader.readLine();
        bufferedReader.close();
        return readLine != null && isPuttyPrivateKey(readLine);
    }

    public static boolean isPuttyPrivateKey(String str) {
        return str.startsWith("PuTTY-User-Key-File-2");
    }

    private static Map<String, String> contentToLines(String str) {
        BufferedReader bufferedReader = new BufferedReader(new StringReader(str));
        HashMap hashMap = new HashMap();
        while (true) {
            try {
                try {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        try {
                            bufferedReader.close();
                        } catch (IOException e) {
                        }
                        return hashMap;
                    }
                    int indexOf = readLine.indexOf(": ");
                    if (indexOf <= 0) {
                        throw new MalformedPPKException("PPK contains invalid line: \"" + readLine + "\"");
                    }
                    String substring = readLine.substring(0, indexOf);
                    String substring2 = readLine.substring(indexOf + 2);
                    if (substring.endsWith("-Lines")) {
                        int parseInt = Integer.parseInt(substring2);
                        String str2 = "";
                        for (int i = 0; i < parseInt; i++) {
                            String readLine2 = bufferedReader.readLine();
                            if (readLine2 == null) {
                                throw new MalformedPPKException("PPK ended prematurely. Was reading " + parseInt + " lines for \"" + substring + "\" but got EOF at line " + i);
                            }
                            str2 = str2 + readLine2;
                        }
                        hashMap.put(substring, str2);
                    } else {
                        hashMap.put(substring, substring2);
                    }
                } catch (IOException e2) {
                    LOG.error("Failed to parse ppk file: " + e2.getMessage(), (Throwable) e2);
                    try {
                        bufferedReader.close();
                    } catch (IOException e3) {
                    }
                    return null;
                }
            } catch (Throwable th) {
                try {
                    bufferedReader.close();
                } catch (IOException e4) {
                }
                throw th;
            }
        }
    }

    private static RSAPublicKey linesToPublicKey(Map<String, String> map) {
        String str = map.get("Public-Lines");
        if (str == null) {
            throw new MalformedPPKException("PPK contains no \"Public-Lines\" lines");
        }
        ByteBuffer order = ByteBuffer.wrap(Base64.decodeBase64(str)).order(ByteOrder.BIG_ENDIAN);
        order.get(new byte[order.getInt()]);
        byte[] bArr = new byte[order.getInt()];
        order.get(bArr);
        BigInteger bigInteger = new BigInteger(bArr);
        byte[] bArr2 = new byte[order.getInt()];
        order.get(bArr2);
        try {
            return (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(bArr2), bigInteger));
        } catch (Exception e) {
            throw new RuntimeException("Error creating RSAPublicKey: " + e.getMessage(), e);
        }
    }

    private static boolean linesToEncrypted(Map<String, String> map) {
        String str = map.get("Encryption");
        if (str == null) {
            throw new MalformedPPKException("PPK contains no \"Encryption\" lines");
        }
        if (str.equals("none")) {
            return false;
        }
        if (str.equals("aes256-cbc")) {
            return true;
        }
        throw new MalformedPPKException("PPK contains unsupported \"Encryption\" line: \"" + str + "\"");
    }

    private static RSAPrivateCrtKey linesToPrivateKey(Map<String, String> map, String str) {
        if (map.get("Private-Lines") == null) {
            throw new MalformedPPKException("PPK contains no \"Private-Lines\" lines");
        }
        map.get("PuTTY-User-Key-File-2");
        String str2 = map.get("Encryption");
        ByteBuffer order = ByteBuffer.wrap(Base64.decodeBase64(map.get("Public-Lines"))).order(ByteOrder.BIG_ENDIAN);
        order.get(new byte[order.getInt()]);
        byte[] bArr = new byte[order.getInt()];
        order.get(bArr);
        BigInteger bigInteger = new BigInteger(bArr);
        byte[] bArr2 = new byte[order.getInt()];
        order.get(bArr2);
        BigInteger bigInteger2 = new BigInteger(bArr2);
        byte[] decodeBase64 = Base64.decodeBase64(map.get("Private-Lines"));
        if (!str2.equalsIgnoreCase("None")) {
            if (!$assertionsDisabled && str == null) {
                throw new AssertionError();
            }
            decodeBase64 = decryptPPkPrivateLines(str2, str, decodeBase64);
        }
        ByteBuffer order2 = ByteBuffer.wrap(decodeBase64).order(ByteOrder.BIG_ENDIAN);
        byte[] bArr3 = new byte[order2.getInt()];
        order2.get(bArr3);
        BigInteger bigInteger3 = new BigInteger(bArr3);
        byte[] bArr4 = new byte[order2.getInt()];
        order2.get(bArr4);
        BigInteger bigInteger4 = new BigInteger(bArr4);
        byte[] bArr5 = new byte[order2.getInt()];
        order2.get(bArr5);
        BigInteger bigInteger5 = new BigInteger(bArr5);
        byte[] bArr6 = new byte[order2.getInt()];
        order2.get(bArr6);
        try {
            return (RSAPrivateCrtKey) KeyFactory.getInstance("RSA").generatePrivate(new RSAPrivateCrtKeySpec(bigInteger2, bigInteger, bigInteger3, bigInteger4, bigInteger5, bigInteger3.mod(bigInteger4.subtract(BigInteger.ONE)), bigInteger3.mod(bigInteger5.subtract(BigInteger.ONE)), new BigInteger(bArr6)));
        } catch (NoSuchAlgorithmException e) {
            LOG.error("Error while creating Rsa Private Key: " + e.getMessage(), (Throwable) e);
            return null;
        } catch (InvalidKeySpecException e2) {
            LOG.error("Error while creating Rsa Private Key: " + e2.getMessage(), (Throwable) e2);
            return null;
        }
    }

    private boolean verifyMac(String str) {
        return calcMac(str).equals(this.lines.get("Private-MAC"));
    }

    public String getComment() {
        return this.lines.get("Comment");
    }

    public boolean isEncrypted() {
        return this.encrypted;
    }

    public boolean unlock(String str) {
        this.privateKey = linesToPrivateKey(this.lines, str);
        if (verifyMac(str)) {
            return this.privateKey != null;
        }
        throw new MalformedPPKException("PPK file MAC is incorrect.");
    }

    public PrivateKey getPrivateKey() {
        if (this.privateKey != null) {
            return this.privateKey;
        }
        if ($assertionsDisabled || isEncrypted()) {
            throw new RuntimeException("PPK file is encrypted. Cannot retrieve private key without passphrase.");
        }
        throw new AssertionError();
    }

    public RSAPublicKey getPublicKey() {
        return this.publicKey;
    }

    public String getPublicKeyOpenSshString() {
        return this.lines.get("PuTTY-User-Key-File-2") + " " + this.lines.get("Public-Lines").replace(Indentation.NORMAL_END_OF_LINE, "") + " " + this.lines.get("Comment");
    }

    private static String singleLinesMaker(Map<String, String> map, String str) {
        return str + ": " + map.get(str) + Indentation.NORMAL_END_OF_LINE;
    }

    private static String multiLinesMaker(Map<String, String> map, String str) {
        String str2 = map.get(str);
        if (str2.endsWith(Indentation.NORMAL_END_OF_LINE)) {
            str2 = str2.substring(0, str2.length() - 1);
        }
        return str + ": " + ((str2.length() - str2.replace(Indentation.NORMAL_END_OF_LINE, "").length()) + 1) + Indentation.NORMAL_END_OF_LINE + str2 + Indentation.NORMAL_END_OF_LINE;
    }

    private static String linesToContent(Map<String, String> map) {
        return singleLinesMaker(map, "PuTTY-User-Key-File-2") + singleLinesMaker(map, "Encryption") + singleLinesMaker(map, "Comment") + multiLinesMaker(map, "Public-Lines") + multiLinesMaker(map, "Private-Lines") + singleLinesMaker(map, "Private-MAC");
    }

    private String calcMac(String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
            messageDigest.update("putty-private-key-file-mac-key".getBytes(Charset.forName("US-ASCII")));
            if (str != null) {
                messageDigest.update(str.getBytes(Charset.forName("US-ASCII")));
            }
            SecretKeySpec secretKeySpec = new SecretKeySpec(messageDigest.digest(), "HmacSHA1");
            Mac mac = Mac.getInstance("HmacSHA1");
            mac.init(secretKeySpec);
            byte[] bytes = this.lines.get("PuTTY-User-Key-File-2").getBytes(Charset.forName("US-ASCII"));
            byte[] bytes2 = this.lines.get("Encryption").getBytes(Charset.forName("US-ASCII"));
            byte[] bytes3 = this.lines.get("Comment").getBytes(Charset.forName("US-ASCII"));
            byte[] decodeBase64 = Base64.decodeBase64(this.lines.get("Public-Lines").getBytes(Charset.forName("US-ASCII")));
            byte[] macPrivateKeyBytes = getMacPrivateKeyBytes(this.privateKey, str);
            byte[] bArr = new byte[bytes.length + bytes2.length + bytes3.length + decodeBase64.length + macPrivateKeyBytes.length + 20];
            ByteBuffer wrap = ByteBuffer.wrap(bArr);
            wrap.putInt(bytes.length);
            wrap.put(bytes);
            wrap.putInt(bytes2.length);
            wrap.put(bytes2);
            wrap.putInt(bytes3.length);
            wrap.put(bytes3);
            wrap.putInt(decodeBase64.length);
            wrap.put(decodeBase64);
            wrap.putInt(macPrivateKeyBytes.length);
            wrap.put(macPrivateKeyBytes);
            return new String(new Hex().encode(mac.doFinal(bArr)), "UTF-8");
        } catch (UnsupportedEncodingException e) {
            LOG.error("Failed to calculate PPK MAC: " + e.getMessage(), (Throwable) e);
            return "error";
        } catch (InvalidKeyException e2) {
            LOG.error("Failed to calculate PPK MAC: " + e2.getMessage(), (Throwable) e2);
            return "error";
        } catch (NoSuchAlgorithmException e3) {
            LOG.error("Failed to calculate PPK MAC: " + e3.getMessage(), (Throwable) e3);
            return "error";
        }
    }

    private static byte[] getMacPrivateKeyBytes(RSAPrivateCrtKey rSAPrivateCrtKey, String str) {
        BigInteger privateExponent = rSAPrivateCrtKey.getPrivateExponent();
        BigInteger primeP = rSAPrivateCrtKey.getPrimeP();
        BigInteger primeQ = rSAPrivateCrtKey.getPrimeQ();
        BigInteger crtCoefficient = rSAPrivateCrtKey.getCrtCoefficient();
        byte[] byteArray = privateExponent.toByteArray();
        byte[] byteArray2 = primeP.toByteArray();
        byte[] byteArray3 = primeQ.toByteArray();
        byte[] byteArray4 = crtCoefficient.toByteArray();
        int length = 16 + byteArray.length + byteArray2.length + byteArray3.length + byteArray4.length;
        byte[] bArr = new byte[length];
        ByteBuffer order = ByteBuffer.wrap(bArr).order(ByteOrder.BIG_ENDIAN);
        order.clear();
        order.putInt(byteArray.length);
        order.put(byteArray);
        order.putInt(byteArray2.length);
        order.put(byteArray2);
        order.putInt(byteArray3.length);
        order.put(byteArray3);
        order.putInt(byteArray4.length);
        order.put(byteArray4);
        if ($assertionsDisabled || order.position() == length) {
            return str != null ? padPPkPrivateLinesForEncryption(bArr) : bArr;
        }
        throw new AssertionError("bb.position() (" + order.position() + ") != totalLen (" + length + DefaultExpressionEngine.DEFAULT_INDEX_END);
    }

    private static String privateKeyToLines(RSAPrivateCrtKey rSAPrivateCrtKey, String str) {
        byte[] macPrivateKeyBytes = getMacPrivateKeyBytes(rSAPrivateCrtKey, str);
        return str != null ? TextUtil.wrap(new String(Base64.encodeBase64(encryptPPkPrivateLines("aes256-cbc", str, macPrivateKeyBytes)), Charset.forName("UTF-8")), 64) : TextUtil.wrap(new String(Base64.encodeBase64(macPrivateKeyBytes), Charset.forName("UTF-8")), 64);
    }

    private static String publicKeyToLines(RSAPublicKey rSAPublicKey) {
        return TextUtil.wrap(KeyUtil.rsaPublicKeyToOpenSshAuthorizedKeysFormatData(rSAPublicKey), 64);
    }

    public static String createContent(String str, RSAPublicKey rSAPublicKey, RSAPrivateCrtKey rSAPrivateCrtKey, String str2) {
        PuTTYPrivateKeyFile puTTYPrivateKeyFile = new PuTTYPrivateKeyFile();
        puTTYPrivateKeyFile.publicKey = rSAPublicKey;
        puTTYPrivateKeyFile.privateKey = rSAPrivateCrtKey;
        puTTYPrivateKeyFile.encrypted = str2 != null;
        puTTYPrivateKeyFile.lines.put("PuTTY-User-Key-File-2", "ssh-rsa");
        puTTYPrivateKeyFile.lines.put("Comment", str == null ? "" : str);
        if (str2 != null) {
            puTTYPrivateKeyFile.lines.put("Encryption", "aes256-cbc");
        } else {
            puTTYPrivateKeyFile.lines.put("Encryption", "none");
        }
        puTTYPrivateKeyFile.lines.put("Public-Lines", publicKeyToLines(rSAPublicKey));
        puTTYPrivateKeyFile.lines.put("Private-Lines", privateKeyToLines(rSAPrivateCrtKey, str2));
        puTTYPrivateKeyFile.lines.put("Private-MAC", puTTYPrivateKeyFile.calcMac(str2));
        return linesToContent(puTTYPrivateKeyFile.lines);
    }

    public static void createFile(String str, RSAPublicKey rSAPublicKey, RSAPrivateCrtKey rSAPrivateCrtKey, File file, String str2) {
        IOUtils.stringToFile(file, createContent(str, rSAPublicKey, rSAPrivateCrtKey, str2));
    }

    private static byte[] passPhraseToPuttyKey(String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
            messageDigest.update(new byte[]{0, 0, 0, 0});
            messageDigest.update(str.getBytes());
            byte[] digest = messageDigest.digest();
            messageDigest.update(new byte[]{0, 0, 0, 1});
            messageDigest.update(str.getBytes());
            byte[] digest2 = messageDigest.digest();
            byte[] bArr = new byte[32];
            System.arraycopy(digest, 0, bArr, 0, 20);
            System.arraycopy(digest2, 0, bArr, 20, 12);
            return bArr;
        } catch (NoSuchAlgorithmException e) {
            throw new AssertionError(e);
        }
    }

    private static byte[] decryptPPkPrivateLines(String str, String str2, byte[] bArr) {
        if (!$assertionsDisabled && bArr.length % 16 != 0) {
            throw new AssertionError("data.length=" + bArr.length + " data.length%16=" + (bArr.length % 16));
        }
        if (!str.equals("aes256-cbc")) {
            throw new RuntimeException("Unsupported encryption: \"" + str + "\"");
        }
        AES aes = new AES();
        aes.init(false, passPhraseToPuttyKey(str2));
        CBCMode cBCMode = new CBCMode(aes, new byte[16], false);
        LOG.trace("DEC cbc.getBlockSize()=" + cBCMode.getBlockSize() + " data.length=" + bArr.length + " d.len/bs=" + ((bArr.length * 1.0d) / cBCMode.getBlockSize()));
        byte[] bArr2 = new byte[bArr.length];
        for (int i = 0; i < bArr.length / cBCMode.getBlockSize(); i++) {
            cBCMode.transformBlock(bArr, i * cBCMode.getBlockSize(), bArr2, i * cBCMode.getBlockSize());
        }
        return bArr2;
    }

    private static byte[] padPPkPrivateLinesForEncryption(byte[] bArr) {
        int length = (bArr.length + 16) - 1;
        byte[] bArr2 = new byte[length - (length % 16)];
        LOG.trace("Padding " + bArr.length + " bytes to " + bArr2.length + " diff=" + (bArr2.length - bArr.length) + " mods:" + (bArr.length % 16) + " to " + (bArr2.length % 16));
        System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
        if (bArr.length % 16 == 0) {
            return bArr2;
        }
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
            messageDigest.update(bArr);
            System.arraycopy(messageDigest.digest(), 0, bArr2, bArr.length, bArr2.length - bArr.length);
        } catch (NoSuchAlgorithmException e) {
            LOG.error("SHA-1 not working: " + e.getMessage(), (Throwable) e);
        }
        return bArr2;
    }

    private static byte[] encryptPPkPrivateLines(String str, String str2, byte[] bArr) {
        if (!$assertionsDisabled && bArr.length % 16 != 0) {
            throw new AssertionError("data.length=" + bArr.length + " data.length%16=" + (bArr.length % 16));
        }
        if (!str.equals("aes256-cbc")) {
            throw new RuntimeException("Unsupported encryption: \"" + str + "\"");
        }
        byte[] passPhraseToPuttyKey = passPhraseToPuttyKey(str2);
        if (!$assertionsDisabled && passPhraseToPuttyKey.length != 32) {
            throw new AssertionError();
        }
        AES aes = new AES();
        aes.init(true, passPhraseToPuttyKey);
        CBCMode cBCMode = new CBCMode(aes, new byte[16], true);
        LOG.trace("ENC cbc.getBlockSize()=" + cBCMode.getBlockSize() + " data.length=" + bArr.length + " d.len/bs=" + ((bArr.length * 1.0d) / cBCMode.getBlockSize()));
        byte[] bArr2 = new byte[bArr.length];
        for (int i = 0; i < bArr.length / cBCMode.getBlockSize(); i++) {
            cBCMode.transformBlock(bArr, i * cBCMode.getBlockSize(), bArr2, i * cBCMode.getBlockSize());
        }
        return bArr2;
    }

    static {
        $assertionsDisabled = !PuTTYPrivateKeyFile.class.desiredAssertionStatus();
        LOG = LoggerFactory.getLogger((Class<?>) PuTTYPrivateKeyFile.class);
    }
}
