package com.mindbright.ssh2;

import com.mindbright.jca.security.GeneralSecurityException;
import com.mindbright.jca.security.MessageDigest;
import com.mindbright.jce.crypto.Cipher;
import com.mindbright.jce.crypto.Mac;
import com.mindbright.jce.crypto.spec.SecretKeySpec;
import com.mindbright.util.Base64;
import com.mindbright.util.HexDump;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.StringTokenizer;
import org.eclipse.jdt.internal.compiler.batch.Main;

/* loaded from: input_file:embedded.war:WEB-INF/lib/mindterm.jar:com/mindbright/ssh2/SSH2PuttyKeyFile.class */
public class SSH2PuttyKeyFile {
    private boolean version1;
    private String format;
    private String encryption;
    private String comment;
    private String pubblob;
    private byte[] pubbytes;
    private String privblob;
    private byte[] privbytes;
    private String privmacorhash;
    private boolean isprivmac;

    public SSH2PuttyKeyFile(InputStream inputStream) throws IOException {
        load(inputStream);
    }

    public void load(InputStream inputStream) throws IOException {
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
        StringTokenizer stringTokenizer = new StringTokenizer(bufferedReader.readLine());
        this.version1 = stringTokenizer.nextToken().endsWith("-1:");
        this.format = stringTokenizer.nextToken();
        StringTokenizer stringTokenizer2 = new StringTokenizer(bufferedReader.readLine());
        stringTokenizer2.nextToken();
        this.encryption = stringTokenizer2.nextToken();
        StringTokenizer stringTokenizer3 = new StringTokenizer(bufferedReader.readLine());
        stringTokenizer3.nextToken();
        this.comment = stringTokenizer3.nextToken();
        StringTokenizer stringTokenizer4 = new StringTokenizer(bufferedReader.readLine());
        stringTokenizer4.nextToken();
        int parseInt = Integer.parseInt(stringTokenizer4.nextToken());
        this.pubblob = "";
        for (int i = 0; i < parseInt; i++) {
            this.pubblob = new StringBuffer().append(this.pubblob).append(bufferedReader.readLine()).toString();
        }
        this.pubbytes = Base64.decode(this.pubblob.getBytes());
        StringTokenizer stringTokenizer5 = new StringTokenizer(bufferedReader.readLine());
        stringTokenizer5.nextToken();
        int parseInt2 = Integer.parseInt(stringTokenizer5.nextToken());
        this.privblob = "";
        for (int i2 = 0; i2 < parseInt2; i2++) {
            this.privblob = new StringBuffer().append(this.privblob).append(bufferedReader.readLine()).toString();
        }
        StringTokenizer stringTokenizer6 = new StringTokenizer(bufferedReader.readLine());
        this.isprivmac = stringTokenizer6.nextToken().equals("Private-MAC:");
        this.privmacorhash = stringTokenizer6.nextToken();
    }

    public boolean validate(String str) throws SSH2FatalException {
        byte[] readRestRaw;
        byte[] digest;
        byte[] decode = Base64.decode(this.privblob.getBytes());
        if (this.encryption.equals(Main.NONE)) {
            this.privbytes = decode;
        } else {
            if (!this.encryption.equals("aes256-cbc")) {
                throw new SSH2FatalException(new StringBuffer().append("Failed to decrypt PuTTY private key - unsupported encryption type: ").append(this.encryption).toString());
            }
            try {
                byte[] bArr = new byte[40];
                MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
                byte[] bytes = str == null ? new byte[0] : str.getBytes();
                messageDigest.update(new byte[]{0, 0, 0, 0});
                messageDigest.update(bytes);
                messageDigest.digest(bArr, 0, 20);
                messageDigest.reset();
                messageDigest.update(new byte[]{0, 0, 0, 1});
                messageDigest.update(bytes);
                messageDigest.digest(bArr, 20, 20);
                Cipher cipher = Cipher.getInstance("AES/CBC");
                cipher.init(1, new SecretKeySpec(bArr, 0, 32, cipher.getAlgorithm()));
                this.privbytes = cipher.doFinal(decode);
            } catch (GeneralSecurityException e) {
                throw new SSH2FatalException("Failed to decrypt PuTTY private key");
            }
        }
        if (this.version1) {
            readRestRaw = this.privbytes;
        } else {
            SSH2DataBuffer sSH2DataBuffer = new SSH2DataBuffer(32768);
            sSH2DataBuffer.writeString(this.format);
            sSH2DataBuffer.writeString(this.encryption);
            sSH2DataBuffer.writeString(this.comment);
            sSH2DataBuffer.writeString(this.pubbytes);
            sSH2DataBuffer.writeString(this.privbytes);
            readRestRaw = sSH2DataBuffer.readRestRaw();
        }
        try {
            MessageDigest messageDigest2 = MessageDigest.getInstance("SHA1");
            if (this.isprivmac) {
                messageDigest2.update("putty-private-key-file-mac-key".getBytes());
                if (!this.encryption.equals(Main.NONE) && str != null) {
                    messageDigest2.update(str.getBytes());
                }
                byte[] digest2 = messageDigest2.digest();
                Mac mac = Mac.getInstance("HmacSHA1");
                mac.init(new SecretKeySpec(digest2, 0, 20, mac.getAlgorithm()));
                digest = mac.doFinal(readRestRaw);
            } else {
                digest = messageDigest2.digest(readRestRaw);
            }
            return digest != null && this.privmacorhash.equals(HexDump.toString(digest));
        } catch (GeneralSecurityException e2) {
            throw new SSH2FatalException("Failed to calculate hash for PuTTY key file");
        }
    }

    public byte[] getPublicKeyBlob() {
        return this.pubbytes;
    }

    public byte[] getPrivateKeyBlob() {
        return this.privbytes;
    }

    public String getFormat() {
        return this.format;
    }

    public String getComment() {
        return this.comment;
    }

    public String toString() {
        return new StringBuffer().append("version1=").append(this.version1).append(",format=").append(this.format).append(",encryption=").append(this.encryption).append(",comment=").append(this.comment).append(",pubblob=").append(this.pubblob).append(",privblob=").append(this.privblob).append(",privmacorhash=").append(this.privmacorhash).append(",isprivmac=").append(this.isprivmac).toString();
    }
}
