package fl;

import ai.i0;
import androidx.fragment.app.m;
import hj.l;
import hj.n;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.util.Collection;
import java.util.List;
import java.util.concurrent.TimeUnit;
import kk.i;
import lk.o;
import pj.e;

/* compiled from: UserAuthPublicKey.java */
/* loaded from: classes.dex */
public final class f extends cl.a implements i {
    public final List<l<kk.e>> U;

    public f() {
        super("publickey");
        this.U = null;
    }

    @Override // cl.a
    public final Boolean d5(mk.a aVar, boolean z10) {
        wm.b bVar;
        int i10;
        o.i("Instance not initialized", z10);
        nl.f fVar = this.R;
        String str = this.T;
        boolean j10 = aVar.j();
        String v10 = aVar.v();
        int U = aVar.U();
        int R = aVar.R();
        int y9 = (int) aVar.y();
        mk.d dVar = (mk.d) aVar;
        int i11 = dVar.R - dVar.Q;
        wm.b bVar2 = this.O;
        if (y9 < 0 || y9 > i11) {
            bVar2.l("doAuth({}@{}) illogical algorithm={} signature length ({}) when remaining={}", str, fVar, v10, Integer.valueOf(y9), Integer.valueOf(i11));
            throw new IndexOutOfBoundsException("Illogical signature length (" + y9 + ") for algorithm=" + v10);
        }
        aVar.V(aVar.R() + y9);
        PublicKey u10 = aVar.u(nk.c.f11580a);
        if (u10 instanceof pj.e) {
            pj.e eVar = (pj.e) u10;
            try {
                if (!e.b.USER.equals(eVar.getType())) {
                    throw new CertificateException("not a user certificate");
                }
                bVar = bVar2;
                long seconds = TimeUnit.MILLISECONDS.toSeconds(System.currentTimeMillis()) ^ Long.MIN_VALUE;
                if (!(Long.compare(eVar.C() ^ Long.MIN_VALUE, seconds) <= 0 && Long.compare(seconds, eVar.W() ^ Long.MIN_VALUE) < 0)) {
                    throw new CertificateException("expired");
                }
                Collection<String> v02 = eVar.v0();
                if (!lk.e.g(v02) && !v02.contains(str)) {
                    throw new CertificateException("not valid for the given username");
                }
            } catch (CertificateException e10) {
                a5("doAuth({}@{}): public key certificate (id={}) is not valid: {}", str, fVar, eVar.getId(), e10.getMessage(), e10);
                throw e10;
            }
        } else {
            bVar = bVar2;
        }
        List<l<kk.e>> y02 = y0();
        if (lk.e.g(y02)) {
            y02 = fVar == null ? null : fVar.y0();
        }
        o.f(y02, "No signature factories for session=%s", fVar);
        boolean d10 = bVar.d();
        if (d10) {
            bVar.o("doAuth({}@{}) verify key type={}, factories={}, fingerprint={}", str, fVar, v10, n.c(y02), pj.d.e(u10));
        }
        kk.e eVar2 = (kk.e) m.a(v10, y02);
        o.b(eVar2, v10, "No verifier located for algorithm=%s");
        eVar2.M(fVar, u10);
        aVar.V(U);
        byte[] l10 = j10 ? aVar.l() : null;
        c q22 = fVar.q2();
        if (q22 == null) {
            if (d10) {
                bVar.o("doAuth({}@{}) key type={}, fingerprint={} - no authenticator", str, fVar, v10, pj.d.e(u10));
            }
            return Boolean.FALSE;
        }
        try {
            boolean c42 = q22.c4(str, u10, fVar);
            if (d10) {
                i10 = 4;
                bVar.o("doAuth({}@{}) key type={}, fingerprint={} - authentication result: {}", str, fVar, v10, pj.d.e(u10), Boolean.valueOf(c42));
            } else {
                i10 = 4;
            }
            if (!c42) {
                return Boolean.FALSE;
            }
            if (!j10) {
                byte[] c10 = aVar.c();
                int i12 = y9 + i10;
                if (bVar.d()) {
                    Object[] objArr = new Object[i10];
                    objArr[0] = str;
                    objArr[1] = fVar;
                    objArr[2] = v10;
                    objArr[3] = pj.d.e(u10);
                    bVar.o("doAuth({}@{}) send SSH_MSG_USERAUTH_PK_OK for key type={}, fingerprint={}", objArr);
                }
                mk.d S1 = fVar.S1(lk.e.k(v10) + i12 + 32, (byte) 60);
                S1.L(v10);
                S1.H(R, i12, c10);
                fVar.n(S1);
                return null;
            }
            aVar.S(R);
            aVar.V(R + 4 + y9);
            byte[] S3 = fVar.S3();
            String str2 = this.S;
            int length = str2.length() + str.length() + S3.length;
            String str3 = this.Q;
            mk.d dVar2 = new mk.d(v10.length() + str3.length() + length + 256 + 64, false);
            dVar2.B(S3);
            dVar2.A((byte) 50);
            dVar2.L(str);
            dVar2.L(str2);
            dVar2.L(str3);
            dVar2.A((byte) 1);
            dVar2.L(v10);
            dVar2.a0(aVar, true);
            if (bVar.k()) {
                byte[] bArr = dVar2.P;
                int i13 = dVar2.Q;
                bVar.z("verifySignature({}@{})[{}][{}] key type={}, fingerprint={} - verification data={}", str, fVar, str2, str3, v10, pj.d.e(u10), mk.c.l(bArr, i13, dVar2.R - i13, ' '));
                bVar.z("verifySignature({}@{})[{}][{}] key type={}, fingerprint={} - expected signature={}", str, fVar, str2, str3, v10, pj.d.e(u10), mk.c.k(l10));
            }
            byte[] bArr2 = dVar2.P;
            int i14 = dVar2.Q;
            eVar2.J0(bArr2, i14, dVar2.R - i14);
            if (!eVar2.I3(fVar, l10)) {
                throw new SignatureException("Key verification failed");
            }
            if (d10) {
                bVar.o("doAuth({}@{}) key type={}, fingerprint={} - verified", str, fVar, v10, pj.d.e(u10));
            }
            return Boolean.TRUE;
        } catch (Error e11) {
            b5("doAuth({}@{}) failed ({}) to consult delegate for {} key={}: {}", str, fVar, e11.getClass().getSimpleName(), v10, pj.d.e(u10), e11.getMessage(), e11);
            throw new i0(null, e11);
        }
    }

    @Override // kk.i
    public final List o3() {
        throw null;
    }

    @Override // kk.i
    public final List<l<kk.e>> y0() {
        return this.U;
    }
}
