package com.sshtools.j2ssh.transport.publickey;

import com.sshtools.j2ssh.configuration.ConfigurationLoader;
import com.sshtools.j2ssh.io.ByteArrayReader;
import com.sshtools.j2ssh.io.ByteArrayWriter;
import com.sshtools.j2ssh.util.Hash;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: input_file:D_/Java/Genesis/toInstall/StandardEditionNew/Genesis.jar:com/sshtools/j2ssh/transport/publickey/SshtoolsPrivateKeyFormat.class */
public class SshtoolsPrivateKeyFormat extends Base64EncodedFileFormat implements SshPrivateKeyFormat {
    private static String BEGIN = "---- BEGIN SSHTOOLS ENCRYPTED PRIVATE KEY ----";
    private static String END = "---- END SSHTOOLS ENCRYPTED PRIVATE KEY ----";
    private int cookie;

    public SshtoolsPrivateKeyFormat(String str, String str2) {
        super(BEGIN, END);
        this.cookie = 1391688382;
        setHeaderValue("Subject", str);
        setHeaderValue("Comment", str2);
    }

    public SshtoolsPrivateKeyFormat() {
        super(BEGIN, END);
        this.cookie = 1391688382;
    }

    @Override // com.sshtools.j2ssh.transport.publickey.Base64EncodedFileFormat, com.sshtools.j2ssh.transport.publickey.SshKeyFormatConversion
    public String getFormatType() {
        return new StringBuffer().append("SSHTools-PrivateKey-").append(super.getFormatType()).toString();
    }

    @Override // com.sshtools.j2ssh.transport.publickey.SshPrivateKeyFormat
    public boolean isPassphraseProtected(byte[] bArr) {
        try {
            String readString = new ByteArrayReader(getKeyBlob(bArr)).readString();
            if (readString.equals("none")) {
                return false;
            }
            return readString.equalsIgnoreCase("3des-cbc");
        } catch (IOException e) {
            return false;
        }
    }

    @Override // com.sshtools.j2ssh.transport.publickey.SshPrivateKeyFormat
    public byte[] decryptKeyblob(byte[] bArr, String str) throws InvalidSshKeyException {
        byte[] readBinaryString;
        try {
            ByteArrayReader byteArrayReader = new ByteArrayReader(getKeyBlob(bArr));
            String readString = byteArrayReader.readString();
            if (readString.equalsIgnoreCase("3des-cbc")) {
                byte[] makePassphraseKey = makePassphraseKey(str);
                byte[] bArr2 = new byte[8];
                if (readString.equals("3DES-CBC")) {
                    byteArrayReader.read(bArr2);
                }
                byte[] readBinaryString2 = byteArrayReader.readBinaryString();
                Cipher cipher = Cipher.getInstance("DESede/CBC/PKCS5Padding");
                cipher.init(2, SecretKeyFactory.getInstance("DESede").generateSecret(new DESedeKeySpec(makePassphraseKey)), new IvParameterSpec(bArr2, 0, cipher.getBlockSize()));
                ByteArrayReader byteArrayReader2 = new ByteArrayReader(cipher.doFinal(readBinaryString2));
                if (byteArrayReader2.readInt() != this.cookie) {
                    throw new InvalidSshKeyException("The host key is invalid, check the passphrase supplied");
                }
                readBinaryString = byteArrayReader2.readBinaryString();
            } else {
                readBinaryString = byteArrayReader.readBinaryString();
            }
            return readBinaryString;
        } catch (Exception e) {
            throw new InvalidSshKeyException("Failed to read host key");
        }
    }

    @Override // com.sshtools.j2ssh.transport.publickey.SshPrivateKeyFormat
    public byte[] encryptKeyblob(byte[] bArr, String str) {
        try {
            ByteArrayWriter byteArrayWriter = new ByteArrayWriter();
            if (str == null || str.trim().equals("")) {
                byteArrayWriter.writeString("none");
                byteArrayWriter.writeBinaryString(bArr);
                return formatKey(byteArrayWriter.toByteArray());
            }
            byte[] makePassphraseKey = makePassphraseKey(str);
            byte[] bArr2 = new byte[8];
            ConfigurationLoader.getRND().nextBytes(bArr2);
            Cipher cipher = Cipher.getInstance("DESede/CBC/PKCS5Padding");
            cipher.init(1, SecretKeyFactory.getInstance("DESede").generateSecret(new DESedeKeySpec(makePassphraseKey)), new IvParameterSpec(bArr2, 0, cipher.getBlockSize()));
            ByteArrayWriter byteArrayWriter2 = new ByteArrayWriter();
            byteArrayWriter.writeString("3DES-CBC");
            byteArrayWriter.write(bArr2);
            byteArrayWriter2.writeInt(this.cookie);
            byteArrayWriter2.writeBinaryString(bArr);
            byteArrayWriter.writeBinaryString(cipher.doFinal(byteArrayWriter2.toByteArray()));
            return formatKey(byteArrayWriter.toByteArray());
        } catch (Exception e) {
            return null;
        }
    }

    @Override // com.sshtools.j2ssh.transport.publickey.SshPrivateKeyFormat
    public boolean supportsAlgorithm(String str) {
        return true;
    }

    private byte[] makePassphraseKey(String str) {
        try {
            Hash hash = new Hash("MD5");
            hash.putBytes(str.getBytes());
            byte[] doFinal = hash.doFinal();
            hash.reset();
            hash.putBytes(str.getBytes());
            hash.putBytes(doFinal);
            byte[] doFinal2 = hash.doFinal();
            byte[] bArr = new byte[32];
            System.arraycopy(doFinal, 0, bArr, 0, 16);
            System.arraycopy(doFinal2, 0, bArr, 16, 16);
            return bArr;
        } catch (NoSuchAlgorithmException e) {
            return null;
        }
    }
}
