package org.jpos.q2.ssh;

import java.io.File;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.PublicKey;
import java.security.spec.DSAPublicKeySpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.ArrayList;
import java.util.List;
import java.util.Scanner;
import net.i2p.crypto.eddsa.spec.EdDSANamedCurveTable;
import net.i2p.crypto.eddsa.spec.EdDSAPublicKeySpec;
import org.apache.sshd.common.cipher.ECCurves;
import org.apache.sshd.common.util.buffer.BufferUtils;
import org.apache.sshd.common.util.security.SecurityUtils;
import org.bouncycastle.util.encoders.Base64;

/* loaded from: input_file:org/jpos/q2/ssh/AuthorizedKeysFileBasedPKA.class */
public class AuthorizedKeysFileBasedPKA extends AbstractPKA {
    String username;
    String filename;

    /* loaded from: input_file:org/jpos/q2/ssh/AuthorizedKeysFileBasedPKA$AuthorizedKeysDecoder.class */
    class AuthorizedKeysDecoder {
        private byte[] bytes;
        private int pos;

        AuthorizedKeysDecoder() {
        }

        public PublicKey decodePublicKey(String str) throws Exception {
            this.bytes = null;
            this.pos = 0;
            String[] split = str.split(" ");
            int length = split.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                String str2 = split[i];
                if (str2.startsWith("AAAA")) {
                    this.bytes = Base64.decode(str2.getBytes());
                    break;
                }
                i++;
            }
            if (this.bytes == null) {
                throw new IllegalArgumentException("no Base64 part to decode");
            }
            String decodeType = decodeType();
            if ("ssh-rsa".equals(decodeType)) {
                return SecurityUtils.getKeyFactory("RSA").generatePublic(new RSAPublicKeySpec(decodeBigInt(), decodeBigInt()));
            }
            if ("ssh-dss".equals(decodeType)) {
                return SecurityUtils.getKeyFactory("DSA").generatePublic(new DSAPublicKeySpec(decodeBigInt(), decodeBigInt(), decodeBigInt(), decodeBigInt()));
            }
            if ("ssh-ed25519".equals(decodeType)) {
                return SecurityUtils.getKeyFactory("EdDSA").generatePublic(new EdDSAPublicKeySpec(readRLEBytes(1024), EdDSANamedCurveTable.getByName("Ed25519")));
            }
            ECCurves fromKeyType = ECCurves.fromKeyType(decodeType);
            if (fromKeyType == null) {
                throw new IllegalArgumentException("unknown type " + decodeType);
            }
            String name = fromKeyType.getName();
            String decodeString = decodeString(1024);
            if (!name.equals(decodeString)) {
                throw new IllegalArgumentException("Mismatched key curve name (" + name + ") vs. encoded one (" + decodeString + ")");
            }
            byte[] readRLEBytes = readRLEBytes(32767);
            try {
                ECPoint octetStringToEcPoint = ECCurves.octetStringToEcPoint(readRLEBytes);
                if (octetStringToEcPoint == null) {
                    throw new IllegalArgumentException("No ECPoint generated for curve=" + fromKeyType.getName() + " from octets=" + BufferUtils.toHex(':', readRLEBytes));
                }
                return SecurityUtils.getKeyFactory("EC").generatePublic(new ECPublicKeySpec(octetStringToEcPoint, fromKeyType.getParameters()));
            } catch (RuntimeException e) {
                throw new IllegalArgumentException("Failed (" + e.getClass().getSimpleName() + ") to generate ECPoint for curve=" + fromKeyType.getName() + " from octets=" + BufferUtils.toHex(':', readRLEBytes) + ": " + e.getMessage());
            }
        }

        private String decodeType() {
            int decodeInt = decodeInt();
            String str = new String(this.bytes, this.pos, decodeInt);
            this.pos += decodeInt;
            return str;
        }

        private int decodeInt() {
            byte[] bArr = this.bytes;
            int i = this.pos;
            this.pos = i + 1;
            int i2 = (bArr[i] & 255) << 24;
            byte[] bArr2 = this.bytes;
            int i3 = this.pos;
            this.pos = i3 + 1;
            int i4 = i2 | ((bArr2[i3] & 255) << 16);
            byte[] bArr3 = this.bytes;
            int i5 = this.pos;
            this.pos = i5 + 1;
            int i6 = i4 | ((bArr3[i5] & 255) << 8);
            byte[] bArr4 = this.bytes;
            int i7 = this.pos;
            this.pos = i7 + 1;
            return i6 | (bArr4[i7] & 255);
        }

        private BigInteger decodeBigInt() {
            int decodeInt = decodeInt();
            byte[] bArr = new byte[decodeInt];
            System.arraycopy(this.bytes, this.pos, bArr, 0, decodeInt);
            this.pos += decodeInt;
            return new BigInteger(bArr);
        }

        private byte[] readRLEBytes(int i) {
            int decodeInt = decodeInt();
            if (decodeInt > i) {
                throw new IllegalArgumentException("Requested block length (" + decodeInt + ") exceeds max. allowed (" + i + ")");
            }
            if (decodeInt < 0) {
                throw new IllegalArgumentException("Negative block length requested: " + decodeInt);
            }
            byte[] bArr = new byte[decodeInt];
            System.arraycopy(this.bytes, this.pos, bArr, 0, decodeInt);
            this.pos += decodeInt;
            return bArr;
        }

        private String decodeString(int i) {
            return new String(readRLEBytes(i * 4), StandardCharsets.UTF_8);
        }
    }

    public AuthorizedKeysFileBasedPKA(String str, String str2) {
        this.filename = str2;
        this.username = str;
    }

    @Override // org.jpos.q2.ssh.AbstractPKA
    protected String getUsername() {
        return this.username;
    }

    @Override // org.jpos.q2.ssh.AbstractPKA
    protected List<PublicKey> parseAuthorizedKeys() throws Exception {
        ArrayList arrayList = new ArrayList();
        AuthorizedKeysDecoder authorizedKeysDecoder = new AuthorizedKeysDecoder();
        Scanner scanner = null;
        try {
            scanner = new Scanner(new File(this.filename)).useDelimiter("\n");
            while (scanner.hasNext()) {
                arrayList.add(authorizedKeysDecoder.decodePublicKey(scanner.next()));
            }
            if (scanner != null) {
                scanner.close();
            }
            return arrayList;
        } catch (Throwable th) {
            if (scanner != null) {
                scanner.close();
            }
            throw th;
        }
    }
}
