package com.trilead.ssh2.auth;

import com.android.tools.r8.GeneratedOutlineSupport;
import com.google.crypto.tink.subtle.Ed25519Sign;
import com.trilead.ssh2.crypto.keys.Ed25519PrivateKey;
import com.trilead.ssh2.crypto.keys.Ed25519PublicKey;
import com.trilead.ssh2.log.Logger;
import com.trilead.ssh2.packets.TypesReader;
import com.trilead.ssh2.packets.TypesWriter;
import com.trilead.ssh2.signature.DSASHA1Verify;
import com.trilead.ssh2.signature.ECDSASHA2Verify;
import com.trilead.ssh2.signature.RSASHA1Verify;
import com.trilead.ssh2.signature.RSASHA256Verify;
import com.trilead.ssh2.signature.RSASHA512Verify;
import com.trilead.ssh2.transport.MessageHandler;
import com.trilead.ssh2.transport.TransportManager;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.ECParameterSpec;
import java.util.Map;
import java.util.Set;
import java.util.Vector;
import org.apache.commons.codec.binary.BaseNCodec;
import org.apache.commons.codec.binary.Hex;

/* loaded from: classes.dex */
public class AuthenticationManager implements MessageHandler {
    public TransportManager tm;
    public Vector packets = new Vector();
    public boolean connectionClosed = false;
    public String[] remainingMethods = new String[0];
    public boolean authenticated = false;
    public boolean initDone = false;

    public AuthenticationManager(TransportManager transportManager) {
        this.tm = transportManager;
    }

    public boolean authenticatePassword(String str, String str2) throws IOException {
        try {
            initialize(str);
            if (!methodPossible("password")) {
                throw new IOException("Authentication method password not supported by the server at this stage.");
            }
            TransportManager transportManager = this.tm;
            TypesWriter typesWriter = new TypesWriter();
            typesWriter.writeByte(50);
            typesWriter.writeString(str, Hex.DEFAULT_CHARSET_NAME);
            typesWriter.writeString("ssh-connection");
            typesWriter.writeString("password");
            typesWriter.writeBoolean(false);
            typesWriter.writeString(str2, Hex.DEFAULT_CHARSET_NAME);
            transportManager.sendMessage(typesWriter.getBytes());
            return isAuthenticationSuccessful(getNextMessage());
        } catch (IOException e) {
            this.tm.close(e, false);
            throw new IOException("Password authentication failed.", e);
        }
    }

    public boolean authenticatePublicKey(String str, KeyPair keyPair, SecureRandom secureRandom) throws IOException {
        byte[] encodeSSHRSASignature;
        String str2 = "rsa-sha2-512";
        PrivateKey privateKey = keyPair.getPrivate();
        PublicKey publicKey = keyPair.getPublic();
        try {
            initialize(str);
            if (!methodPossible("publickey")) {
                throw new IOException("Authentication method publickey not supported by the server at this stage.");
            }
            if (publicKey instanceof DSAPublicKey) {
                DSAPublicKey dSAPublicKey = (DSAPublicKey) publicKey;
                TypesWriter typesWriter = new TypesWriter();
                typesWriter.writeString("ssh-dss");
                DSAParams params = dSAPublicKey.getParams();
                typesWriter.writeMPInt(params.getP());
                typesWriter.writeMPInt(params.getQ());
                typesWriter.writeMPInt(params.getG());
                typesWriter.writeMPInt(dSAPublicKey.getY());
                byte[] bytes = typesWriter.getBytes();
                byte[] encodeSSHDSASignature = DSASHA1Verify.encodeSSHDSASignature(DSASHA1Verify.generateSignature(generatePublicKeyUserAuthenticationRequest(str, "ssh-dss", bytes), privateKey));
                TransportManager transportManager = this.tm;
                TypesWriter typesWriter2 = new TypesWriter();
                typesWriter2.writeByte(50);
                typesWriter2.writeString(str, Hex.DEFAULT_CHARSET_NAME);
                typesWriter2.writeString("ssh-connection");
                typesWriter2.writeString("publickey");
                typesWriter2.writeBoolean(true);
                typesWriter2.writeString("ssh-dss");
                int length = bytes.length;
                typesWriter2.writeUINT32(length);
                typesWriter2.writeBytes(bytes, 0, length);
                int length2 = encodeSSHDSASignature.length;
                typesWriter2.writeUINT32(length2);
                typesWriter2.writeBytes(encodeSSHDSASignature, 0, length2);
                transportManager.sendMessage(typesWriter2.getBytes());
            } else if (publicKey instanceof RSAPublicKey) {
                RSAPublicKey rSAPublicKey = (RSAPublicKey) publicKey;
                Logger logger = RSASHA1Verify.log;
                TypesWriter typesWriter3 = new TypesWriter();
                typesWriter3.writeString("ssh-rsa");
                typesWriter3.writeMPInt(rSAPublicKey.getPublicExponent());
                typesWriter3.writeMPInt(rSAPublicKey.getModulus());
                byte[] bytes2 = typesWriter3.getBytes();
                Set<String> set = this.tm.extensionInfo.signatureAlgorithmsAccepted;
                if (set.contains("rsa-sha2-512")) {
                    encodeSSHRSASignature = RSASHA512Verify.encodeRSASHA512Signature(RSASHA512Verify.generateSignature(generatePublicKeyUserAuthenticationRequest(str, "rsa-sha2-512", bytes2), privateKey));
                } else if (set.contains("rsa-sha2-256")) {
                    encodeSSHRSASignature = RSASHA256Verify.encodeRSASHA256Signature(RSASHA256Verify.generateSignature(generatePublicKeyUserAuthenticationRequest(str, "rsa-sha2-256", bytes2), privateKey));
                    str2 = "rsa-sha2-256";
                } else {
                    encodeSSHRSASignature = RSASHA1Verify.encodeSSHRSASignature(RSASHA1Verify.generateSignature(generatePublicKeyUserAuthenticationRequest(str, "ssh-rsa", bytes2), privateKey));
                    str2 = "ssh-rsa";
                }
                TransportManager transportManager2 = this.tm;
                TypesWriter typesWriter4 = new TypesWriter();
                typesWriter4.writeByte(50);
                typesWriter4.writeString(str, Hex.DEFAULT_CHARSET_NAME);
                typesWriter4.writeString("ssh-connection");
                typesWriter4.writeString("publickey");
                typesWriter4.writeBoolean(true);
                typesWriter4.writeString(str2);
                int length3 = bytes2.length;
                typesWriter4.writeUINT32(length3);
                typesWriter4.writeBytes(bytes2, 0, length3);
                int length4 = encodeSSHRSASignature.length;
                typesWriter4.writeUINT32(length4);
                typesWriter4.writeBytes(encodeSSHRSASignature, 0, length4);
                transportManager2.sendMessage(typesWriter4.getBytes());
            } else if (publicKey instanceof ECPublicKey) {
                ECPublicKey eCPublicKey = (ECPublicKey) publicKey;
                ECParameterSpec params2 = eCPublicKey.getParams();
                Map<String, ECParameterSpec> map = ECDSASHA2Verify.CURVES;
                String str3 = "ecdsa-sha2-" + ECDSASHA2Verify.getCurveName(params2);
                byte[] encodeSSHECDSAPublicKey = ECDSASHA2Verify.encodeSSHECDSAPublicKey(eCPublicKey);
                byte[] generatePublicKeyUserAuthenticationRequest = generatePublicKeyUserAuthenticationRequest(str, str3, encodeSSHECDSAPublicKey);
                try {
                    Signature signature = Signature.getInstance(ECDSASHA2Verify.getSignatureAlgorithmForParams(((ECKey) privateKey).getParams()));
                    signature.initSign(privateKey);
                    signature.update(generatePublicKeyUserAuthenticationRequest);
                    byte[] encodeSSHECDSASignature = ECDSASHA2Verify.encodeSSHECDSASignature(signature.sign(), eCPublicKey.getParams());
                    TransportManager transportManager3 = this.tm;
                    TypesWriter typesWriter5 = new TypesWriter();
                    typesWriter5.writeByte(50);
                    typesWriter5.writeString(str, Hex.DEFAULT_CHARSET_NAME);
                    typesWriter5.writeString("ssh-connection");
                    typesWriter5.writeString("publickey");
                    typesWriter5.writeBoolean(true);
                    typesWriter5.writeString(str3);
                    int length5 = encodeSSHECDSAPublicKey.length;
                    typesWriter5.writeUINT32(length5);
                    typesWriter5.writeBytes(encodeSSHECDSAPublicKey, 0, length5);
                    int length6 = encodeSSHECDSASignature.length;
                    typesWriter5.writeUINT32(length6);
                    typesWriter5.writeBytes(encodeSSHECDSASignature, 0, length6);
                    transportManager3.sendMessage(typesWriter5.getBytes());
                } catch (InvalidKeyException e) {
                    e = e;
                    throw new IOException(e);
                } catch (NoSuchAlgorithmException e2) {
                    e = e2;
                    throw new IOException(e);
                } catch (SignatureException e3) {
                    e = e3;
                    throw new IOException(e);
                }
            } else {
                if (!(publicKey instanceof Ed25519PublicKey)) {
                    throw new IOException("Unknown public key type.");
                }
                TypesWriter typesWriter6 = new TypesWriter();
                typesWriter6.writeString("ssh-ed25519");
                byte[] bArr = ((Ed25519PublicKey) publicKey).keyBytes;
                int length7 = bArr.length;
                typesWriter6.writeUINT32(length7);
                typesWriter6.writeBytes(bArr, 0, length7);
                byte[] bytes3 = typesWriter6.getBytes();
                try {
                    byte[] sign = new Ed25519Sign(((Ed25519PrivateKey) privateKey).seed).sign(generatePublicKeyUserAuthenticationRequest(str, "ssh-ed25519", bytes3));
                    TypesWriter typesWriter7 = new TypesWriter();
                    typesWriter7.writeString("ssh-ed25519");
                    int length8 = sign.length;
                    typesWriter7.writeUINT32(length8);
                    typesWriter7.writeBytes(sign, 0, length8);
                    byte[] bytes4 = typesWriter7.getBytes();
                    TransportManager transportManager4 = this.tm;
                    TypesWriter typesWriter8 = new TypesWriter();
                    typesWriter8.writeByte(50);
                    typesWriter8.writeString(str, Hex.DEFAULT_CHARSET_NAME);
                    typesWriter8.writeString("ssh-connection");
                    typesWriter8.writeString("publickey");
                    typesWriter8.writeBoolean(true);
                    typesWriter8.writeString("ssh-ed25519");
                    int length9 = bytes3.length;
                    typesWriter8.writeUINT32(length9);
                    typesWriter8.writeBytes(bytes3, 0, length9);
                    int length10 = bytes4.length;
                    typesWriter8.writeUINT32(length10);
                    typesWriter8.writeBytes(bytes4, 0, length10);
                    transportManager4.sendMessage(typesWriter8.getBytes());
                } catch (GeneralSecurityException e4) {
                    throw new IOException(e4);
                }
            }
            return isAuthenticationSuccessful(getNextMessage());
        } catch (IOException e5) {
            e5.printStackTrace();
            this.tm.close(e5, false);
            throw new IOException("Publickey authentication failed.", e5);
        }
    }

    public final byte[] generatePublicKeyUserAuthenticationRequest(String str, String str2, byte[] bArr) {
        TypesWriter typesWriter = new TypesWriter();
        byte[] bArr2 = this.tm.km.sessionId;
        int length = bArr2.length;
        typesWriter.writeUINT32(length);
        typesWriter.writeBytes(bArr2, 0, length);
        typesWriter.writeByte(50);
        typesWriter.writeString(str);
        typesWriter.writeString("ssh-connection");
        typesWriter.writeString("publickey");
        typesWriter.writeBoolean(true);
        typesWriter.writeString(str2);
        int length2 = bArr.length;
        typesWriter.writeUINT32(length2);
        typesWriter.writeBytes(bArr, 0, length2);
        return typesWriter.getBytes();
    }

    public byte[] getNextMessage() throws IOException {
        byte[] bArr;
        TypesReader typesReader;
        Throwable th;
        do {
            synchronized (this.packets) {
                while (this.packets.size() == 0) {
                    if (this.connectionClosed) {
                        TransportManager transportManager = this.tm;
                        synchronized (transportManager.connectionSemaphore) {
                            th = transportManager.reasonClosedCause;
                        }
                        throw new IOException("The connection is closed.", th);
                    }
                    try {
                        this.packets.wait();
                    } catch (InterruptedException unused) {
                    }
                }
                bArr = (byte[]) this.packets.firstElement();
                this.packets.removeElementAt(0);
            }
            if (bArr[0] != 53) {
                return bArr;
            }
            int length = bArr.length;
            System.arraycopy(bArr, 0, new byte[length], 0, length);
            typesReader = new TypesReader(bArr, 0, length);
            int readByte = typesReader.readByte();
            if (readByte != 53) {
                throw new IOException(GeneratedOutlineSupport.outline13("This is not a SSH_MSG_USERAUTH_BANNER! (", readByte, ")"));
            }
            typesReader.readString(Hex.DEFAULT_CHARSET_NAME);
            typesReader.readString();
        } while (typesReader.remain() == 0);
        throw new IOException("Padding in SSH_MSG_USERAUTH_REQUEST packet!");
    }

    @Override // com.trilead.ssh2.transport.MessageHandler
    public void handleMessage(byte[] bArr, int i) throws IOException {
        synchronized (this.packets) {
            if (bArr == null) {
                this.connectionClosed = true;
            } else {
                byte[] bArr2 = new byte[i];
                System.arraycopy(bArr, 0, bArr2, 0, i);
                this.packets.addElement(bArr2);
            }
            this.packets.notifyAll();
            if (this.packets.size() > 5) {
                this.connectionClosed = true;
                throw new IOException("Error, peer is flooding us with authentication packets.");
            }
        }
    }

    public final boolean initialize(String str) throws IOException {
        if (this.initDone) {
            return this.authenticated;
        }
        this.tm.registerMessageHandler(this, 0, BaseNCodec.MASK_8BITS);
        TransportManager transportManager = this.tm;
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeByte(5);
        typesWriter.writeString("ssh-userauth");
        transportManager.sendMessage(typesWriter.getBytes());
        TransportManager transportManager2 = this.tm;
        TypesWriter typesWriter2 = new TypesWriter();
        typesWriter2.writeByte(50);
        typesWriter2.writeString(str, Hex.DEFAULT_CHARSET_NAME);
        typesWriter2.writeString("ssh-connection");
        typesWriter2.writeString("none");
        transportManager2.sendMessage(typesWriter2.getBytes());
        byte[] nextMessage = getNextMessage();
        int length = nextMessage.length;
        System.arraycopy(nextMessage, 0, new byte[length], 0, length);
        TypesReader typesReader = new TypesReader(nextMessage, 0, length);
        int readByte = typesReader.readByte();
        if (readByte != 6) {
            throw new IOException(GeneratedOutlineSupport.outline13("This is not a SSH_MSG_SERVICE_ACCEPT! (", readByte, ")"));
        }
        if (typesReader.remain() > 0) {
            typesReader.readString();
        }
        if (typesReader.remain() != 0) {
            throw new IOException("Padding in SSH_MSG_SERVICE_ACCEPT packet!");
        }
        byte[] nextMessage2 = getNextMessage();
        this.initDone = true;
        if (nextMessage2[0] == 52) {
            this.authenticated = true;
            this.tm.removeMessageHandler(this, 0, BaseNCodec.MASK_8BITS);
            return true;
        }
        if (nextMessage2[0] != 51) {
            StringBuilder outline26 = GeneratedOutlineSupport.outline26("Unexpected SSH message (type ");
            outline26.append((int) nextMessage2[0]);
            outline26.append(")");
            throw new IOException(outline26.toString());
        }
        int length2 = nextMessage2.length;
        System.arraycopy(nextMessage2, 0, new byte[length2], 0, length2);
        TypesReader typesReader2 = new TypesReader(nextMessage2, 0, length2);
        int readByte2 = typesReader2.readByte();
        if (readByte2 != 51) {
            throw new IOException(GeneratedOutlineSupport.outline13("This is not a SSH_MSG_USERAUTH_FAILURE! (", readByte2, ")"));
        }
        String[] readNameList = typesReader2.readNameList();
        typesReader2.readBoolean();
        if (typesReader2.remain() != 0) {
            throw new IOException("Padding in SSH_MSG_USERAUTH_FAILURE packet!");
        }
        this.remainingMethods = readNameList;
        return false;
    }

    public final boolean isAuthenticationSuccessful(byte[] bArr) throws IOException {
        if (bArr[0] == 52) {
            this.authenticated = true;
            this.tm.removeMessageHandler(this, 0, BaseNCodec.MASK_8BITS);
            return true;
        }
        if (bArr[0] != 51) {
            StringBuilder outline26 = GeneratedOutlineSupport.outline26("Unexpected SSH message (type ");
            outline26.append((int) bArr[0]);
            outline26.append(")");
            throw new IOException(outline26.toString());
        }
        int length = bArr.length;
        System.arraycopy(bArr, 0, new byte[length], 0, length);
        TypesReader typesReader = new TypesReader(bArr, 0, length);
        int readByte = typesReader.readByte();
        if (readByte != 51) {
            throw new IOException(GeneratedOutlineSupport.outline13("This is not a SSH_MSG_USERAUTH_FAILURE! (", readByte, ")"));
        }
        String[] readNameList = typesReader.readNameList();
        typesReader.readBoolean();
        if (typesReader.remain() != 0) {
            throw new IOException("Padding in SSH_MSG_USERAUTH_FAILURE packet!");
        }
        this.remainingMethods = readNameList;
        return false;
    }

    public boolean methodPossible(String str) {
        if (this.remainingMethods == null) {
            return false;
        }
        int i = 0;
        while (true) {
            String[] strArr = this.remainingMethods;
            if (i >= strArr.length) {
                return false;
            }
            if (strArr[i].compareTo(str) == 0) {
                return true;
            }
            i++;
        }
    }
}
