package com.jcraft.jsch;

import com.google.android.material.motion.MotionUtils;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import jcifs.internal.smb1.ServerMessageBlock;
import org.bouncycastle.crypto.util.OpenSSHPublicKeyUtil;

/* loaded from: classes3.dex */
public class UserAuthPublicKey extends UserAuth {
    public final boolean _start(Session session, List<Identity> list, List<String> list2, List<String> list3) throws Exception {
        ArrayList arrayList;
        boolean z;
        ArrayList arrayList2;
        ArrayList arrayList3;
        byte[] bArr;
        Iterator<Identity> it;
        ArrayList arrayList4;
        int i;
        int i2;
        ArrayList arrayList5;
        Iterator<Identity> it2;
        List<String> list4 = list3;
        boolean z2 = false;
        if (session.auth_failures >= session.max_auth_tries) {
            return false;
        }
        boolean equals = session.getConfig("enable_pubkey_auth_query").equals("yes");
        boolean equals2 = session.getConfig("try_additional_pubkey_algorithms").equals("yes");
        ArrayList arrayList6 = new ArrayList();
        ArrayList arrayList7 = new ArrayList();
        for (String str : list2) {
            if (str.equals(OpenSSHPublicKeyUtil.RSA) || str.equals("rsa-sha2-256") || str.equals("rsa-sha2-512") || str.equals("ssh-rsa-sha224@ssh.com") || str.equals("ssh-rsa-sha256@ssh.com") || str.equals("ssh-rsa-sha384@ssh.com") || str.equals("ssh-rsa-sha512@ssh.com")) {
                arrayList6.add(str);
            } else {
                arrayList7.add(str);
            }
        }
        byte[] str2byte = Util.str2byte(this.username);
        Iterator<Identity> it3 = list.iterator();
        while (it3.hasNext()) {
            Identity next = it3.next();
            if (session.auth_failures >= session.max_auth_tries) {
                return z2;
            }
            decryptKey(session, next);
            String algName = next.getAlgName();
            if (algName.equals(OpenSSHPublicKeyUtil.RSA)) {
                arrayList = new ArrayList(arrayList6);
            } else if (arrayList7.contains(algName)) {
                arrayList = new ArrayList(1);
                arrayList.add(algName);
            } else {
                arrayList = null;
            }
            if (arrayList == null || arrayList.isEmpty()) {
                z = equals;
                arrayList2 = arrayList6;
                arrayList3 = arrayList7;
                bArr = str2byte;
                it = it3;
                if (session.getLogger().isEnabled(0)) {
                    session.getLogger().log(0, algName + " cannot be used as public key type for identity " + next.getName());
                }
            } else {
                while (!arrayList.isEmpty() && session.auth_failures < session.max_auth_tries) {
                    byte[] publicKeyBlob = next.getPublicKeyBlob();
                    if (publicKeyBlob != null && equals) {
                        Iterator it4 = arrayList.iterator();
                        int i3 = 51;
                        while (true) {
                            if (!it4.hasNext()) {
                                z = equals;
                                arrayList2 = arrayList6;
                                arrayList3 = arrayList7;
                                it = it3;
                                i = i3;
                                i2 = 60;
                                arrayList4 = null;
                                break;
                            }
                            String str2 = (String) it4.next();
                            it4.remove();
                            if (list4.contains(str2)) {
                                z = equals;
                                if (!(next instanceof AgentIdentity)) {
                                    ArrayList arrayList8 = arrayList6;
                                    if (session.getLogger().isEnabled(0)) {
                                        session.getLogger().log(0, str2 + " not available for identity " + next.getName());
                                    }
                                    equals = z;
                                    arrayList6 = arrayList8;
                                }
                            } else {
                                z = equals;
                            }
                            arrayList2 = arrayList6;
                            this.packet.reset();
                            this.buf.putByte(ServerMessageBlock.SMB_COM_TRANSACTION2);
                            this.buf.putString(str2byte);
                            this.buf.putString(Util.str2byte("ssh-connection"));
                            this.buf.putString(Util.str2byte("publickey"));
                            this.buf.putByte((byte) 0);
                            this.buf.putString(Util.str2byte(str2));
                            this.buf.putString(publicKeyBlob);
                            session.write(this.packet);
                            while (true) {
                                Buffer read = session.read(this.buf);
                                this.buf = read;
                                i = read.getCommand() & 255;
                                if (i == 60) {
                                    arrayList3 = arrayList7;
                                    if (session.getLogger().isEnabled(0)) {
                                        Logger logger = session.getLogger();
                                        StringBuilder sb = new StringBuilder();
                                        sb.append(str2);
                                        it = it3;
                                        sb.append(" preauth success");
                                        logger.log(0, sb.toString());
                                    } else {
                                        it = it3;
                                    }
                                    arrayList4 = new ArrayList(1);
                                    arrayList4.add(str2);
                                    i2 = 60;
                                } else {
                                    arrayList5 = arrayList7;
                                    it2 = it3;
                                    if (i == 51) {
                                        if (session.getLogger().isEnabled(0)) {
                                            session.getLogger().log(0, str2 + " preauth failure");
                                        }
                                    } else if (i == 53) {
                                        this.buf.getInt();
                                        this.buf.getByte();
                                        this.buf.getByte();
                                        byte[] string = this.buf.getString();
                                        this.buf.getString();
                                        String byte2str = Util.byte2str(string);
                                        UserInfo userInfo = this.userinfo;
                                        if (userInfo != null) {
                                            userInfo.showMessage(byte2str);
                                        }
                                        arrayList7 = arrayList5;
                                        it3 = it2;
                                    } else if (session.getLogger().isEnabled(0)) {
                                        session.getLogger().log(0, str2 + " preauth failure command (" + i + MotionUtils.EASING_TYPE_FORMAT_END);
                                    }
                                }
                            }
                            i3 = i;
                            equals = z;
                            arrayList6 = arrayList2;
                            arrayList7 = arrayList5;
                            it3 = it2;
                        }
                        if (i != i2) {
                            equals = z;
                            break;
                        }
                    } else {
                        z = equals;
                        arrayList2 = arrayList6;
                        arrayList3 = arrayList7;
                        it = it3;
                        arrayList4 = null;
                    }
                    if (!next.isEncrypted()) {
                        if (publicKeyBlob == null) {
                            publicKeyBlob = next.getPublicKeyBlob();
                        }
                        if (publicKeyBlob != null) {
                            if (arrayList4 == null) {
                                arrayList4 = arrayList;
                            }
                            if (!arrayList4.isEmpty()) {
                                Iterator it5 = arrayList4.iterator();
                                while (it5.hasNext() && session.auth_failures < session.max_auth_tries) {
                                    String str3 = (String) it5.next();
                                    it5.remove();
                                    if (!list4.contains(str3) || (next instanceof AgentIdentity)) {
                                        this.packet.reset();
                                        this.buf.putByte(ServerMessageBlock.SMB_COM_TRANSACTION2);
                                        this.buf.putString(str2byte);
                                        this.buf.putString(Util.str2byte("ssh-connection"));
                                        this.buf.putString(Util.str2byte("publickey"));
                                        this.buf.putByte((byte) 1);
                                        this.buf.putString(Util.str2byte(str3));
                                        this.buf.putString(publicKeyBlob);
                                        byte[] sessionId = session.getSessionId();
                                        int length = sessionId.length;
                                        int i4 = length + 4;
                                        Iterator it6 = it5;
                                        byte[] bArr2 = new byte[(this.buf.index + i4) - 5];
                                        bArr2[0] = (byte) (length >>> 24);
                                        bArr2[1] = (byte) (length >>> 16);
                                        bArr2[2] = (byte) (length >>> 8);
                                        bArr = str2byte;
                                        bArr2[3] = (byte) length;
                                        System.arraycopy(sessionId, 0, bArr2, 4, length);
                                        Buffer buffer = this.buf;
                                        System.arraycopy(buffer.buffer, 5, bArr2, i4, buffer.index - 5);
                                        byte[] signature = next.getSignature(bArr2, str3);
                                        if (signature != null) {
                                            this.buf.putString(signature);
                                            session.write(this.packet);
                                            while (true) {
                                                Buffer read2 = session.read(this.buf);
                                                this.buf = read2;
                                                int command = read2.getCommand() & 255;
                                                if (command == 52) {
                                                    if (!session.getLogger().isEnabled(0)) {
                                                        return true;
                                                    }
                                                    session.getLogger().log(0, str3 + " auth success");
                                                    return true;
                                                }
                                                if (command == 53) {
                                                    this.buf.getInt();
                                                    this.buf.getByte();
                                                    this.buf.getByte();
                                                    byte[] string2 = this.buf.getString();
                                                    this.buf.getString();
                                                    String byte2str2 = Util.byte2str(string2);
                                                    UserInfo userInfo2 = this.userinfo;
                                                    if (userInfo2 != null) {
                                                        userInfo2.showMessage(byte2str2);
                                                    }
                                                } else if (command == 51) {
                                                    this.buf.getInt();
                                                    this.buf.getByte();
                                                    this.buf.getByte();
                                                    byte[] string3 = this.buf.getString();
                                                    if (this.buf.getByte() != 0) {
                                                        throw new JSchPartialAuthException(Util.byte2str(string3));
                                                    }
                                                    session.auth_failures++;
                                                    if (session.getLogger().isEnabled(0)) {
                                                        session.getLogger().log(0, str3 + " auth failure");
                                                    }
                                                    if (session.auth_failures >= session.max_auth_tries) {
                                                        return false;
                                                    }
                                                    if (!equals2) {
                                                        break;
                                                    }
                                                } else if (session.getLogger().isEnabled(0)) {
                                                    session.getLogger().log(0, str3 + " auth failure command (" + command + MotionUtils.EASING_TYPE_FORMAT_END);
                                                }
                                            }
                                        } else if (session.getLogger().isEnabled(0)) {
                                            session.getLogger().log(0, str3 + " signature failure");
                                        }
                                        list4 = list3;
                                        it5 = it6;
                                        str2byte = bArr;
                                    } else if (session.getLogger().isEnabled(0)) {
                                        session.getLogger().log(0, str3 + " not available for identity " + next.getName());
                                    }
                                }
                                list4 = list3;
                                equals = z;
                                str2byte = str2byte;
                                arrayList6 = arrayList2;
                                arrayList7 = arrayList3;
                                it3 = it;
                            }
                        }
                    }
                    equals = z;
                    break;
                }
                z = equals;
                arrayList2 = arrayList6;
                arrayList3 = arrayList7;
                bArr = str2byte;
                it = it3;
            }
            list4 = list3;
            equals = z;
            str2byte = bArr;
            arrayList6 = arrayList2;
            arrayList7 = arrayList3;
            it3 = it;
            z2 = false;
        }
        return false;
    }

    public final void decryptKey(Session session, Identity identity) throws JSchException {
        byte[] bArr;
        byte[] bArr2;
        int i = 5;
        while (true) {
            bArr = null;
            if (identity.isEncrypted()) {
                if (this.userinfo == null) {
                    throw new JSchException("USERAUTH fail");
                }
                if (identity.isEncrypted()) {
                    if (!this.userinfo.promptPassphrase("Passphrase for " + identity.getName())) {
                        throw new JSchAuthCancelException("publickey");
                    }
                }
                String passphrase = this.userinfo.getPassphrase();
                if (passphrase != null) {
                    bArr2 = Util.str2byte(passphrase);
                    if ((identity.isEncrypted() || bArr2 != null) && identity.setPassphrase(bArr2)) {
                        if (bArr2 != null && (session.getIdentityRepository() instanceof IdentityRepositoryWrapper)) {
                            ((IdentityRepositoryWrapper) session.getIdentityRepository()).check();
                        }
                        bArr = bArr2;
                    } else {
                        Util.bzero(bArr2);
                        i--;
                        if (i == 0) {
                            break;
                        }
                    }
                }
            }
            bArr2 = null;
            if (identity.isEncrypted()) {
            }
            if (bArr2 != null) {
                ((IdentityRepositoryWrapper) session.getIdentityRepository()).check();
            }
            bArr = bArr2;
        }
        Util.bzero(bArr);
    }

    @Override // com.jcraft.jsch.UserAuth
    public boolean start(Session session) throws Exception {
        super.start(session);
        Vector<Identity> identities = session.getIdentityRepository().getIdentities();
        synchronized (identities) {
            try {
                if (identities.size() <= 0) {
                    return false;
                }
                String config = session.getConfig("PubkeyAcceptedAlgorithms");
                if (session.getLogger().isEnabled(0)) {
                    session.getLogger().log(0, "PubkeyAcceptedAlgorithms = " + config);
                }
                String[] unavailableSignatures = session.getUnavailableSignatures();
                List<String> emptyList = (unavailableSignatures == null || unavailableSignatures.length <= 0) ? Collections.emptyList() : Arrays.asList(unavailableSignatures);
                if (!emptyList.isEmpty() && session.getLogger().isEnabled(0)) {
                    session.getLogger().log(0, "Signature algorithms unavailable for non-agent identities = " + emptyList);
                }
                List<String> asList = Arrays.asList(Util.split(config, ","));
                if (asList.isEmpty()) {
                    return false;
                }
                String[] serverSigAlgs = session.getServerSigAlgs();
                if (serverSigAlgs != null && serverSigAlgs.length > 0) {
                    ArrayList arrayList = new ArrayList();
                    ArrayList arrayList2 = new ArrayList();
                    for (String str : asList) {
                        int length = serverSigAlgs.length;
                        int i = 0;
                        while (true) {
                            if (i >= length) {
                                arrayList2.add(str);
                                break;
                            }
                            if (str.equals(serverSigAlgs[i])) {
                                arrayList.add(str);
                                break;
                            }
                            i++;
                        }
                    }
                    if (!arrayList.isEmpty() && session.getLogger().isEnabled(0)) {
                        session.getLogger().log(0, "PubkeyAcceptedAlgorithms in server-sig-algs = " + arrayList);
                    }
                    if (!arrayList2.isEmpty() && session.getLogger().isEnabled(0)) {
                        session.getLogger().log(0, "PubkeyAcceptedAlgorithms not in server-sig-algs = " + arrayList2);
                    }
                    if (!arrayList.isEmpty() && !arrayList2.isEmpty()) {
                        if (_start(session, identities, arrayList, emptyList)) {
                            return true;
                        }
                        return _start(session, identities, arrayList2, emptyList);
                    }
                } else if (session.getLogger().isEnabled(0)) {
                    session.getLogger().log(0, "No server-sig-algs found, using PubkeyAcceptedAlgorithms = " + asList);
                }
                return _start(session, identities, asList, emptyList);
            } catch (Throwable th) {
                throw th;
            }
        }
    }
}
