package wl;

import b0.r;
import bl.h;
import cl.p;
import gk.f;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.util.Collection;
import java.util.List;
import java.util.concurrent.TimeUnit;
import li.u;
import yj.l;
import yj.n;

/* compiled from: UserAuthPublicKey.java */
/* loaded from: classes.dex */
public final class f extends tl.a implements h {
    public final List<l<bl.d>> U;

    public f() {
        super("publickey");
        this.U = null;
    }

    @Override // tl.a
    public final Boolean e5(dl.a aVar, boolean z10) {
        int i10;
        int i11;
        p.i("Instance not initialized", z10);
        em.f fVar = this.R;
        String str = this.T;
        boolean j10 = aVar.j();
        String v10 = aVar.v();
        int U = aVar.U();
        int R = aVar.R();
        int y10 = (int) aVar.y();
        dl.d dVar = (dl.d) aVar;
        int i12 = dVar.R - dVar.Q;
        on.b bVar = this.O;
        if (y10 < 0 || y10 > i12) {
            bVar.l("doAuth({}@{}) illogical algorithm={} signature length ({}) when remaining={}", str, fVar, v10, Integer.valueOf(y10), Integer.valueOf(i12));
            throw new IndexOutOfBoundsException("Illogical signature length (" + y10 + ") for algorithm=" + v10);
        }
        aVar.V(aVar.R() + y10);
        PublicKey u10 = aVar.u(el.c.f6061a);
        if (u10 instanceof gk.f) {
            gk.f fVar2 = (gk.f) u10;
            try {
                if (!f.b.USER.equals(fVar2.getType())) {
                    throw new CertificateException("not a user certificate");
                }
                i10 = y10;
                long seconds = TimeUnit.MILLISECONDS.toSeconds(System.currentTimeMillis()) ^ Long.MIN_VALUE;
                if (!(Long.compare(fVar2.u() ^ Long.MIN_VALUE, seconds) <= 0 && Long.compare(seconds, fVar2.T() ^ Long.MIN_VALUE) < 0)) {
                    throw new CertificateException("expired");
                }
                Collection<String> w02 = fVar2.w0();
                if (!cl.e.g(w02) && !w02.contains(str)) {
                    throw new CertificateException("not valid for the given username");
                }
            } catch (CertificateException e10) {
                b5("doAuth({}@{}): public key certificate (id={}) is not valid: {}", str, fVar, fVar2.getId(), e10.getMessage(), e10);
                throw e10;
            }
        } else {
            i10 = y10;
        }
        List<l<bl.d>> p02 = p0();
        if (cl.e.g(p02)) {
            p02 = fVar == null ? null : fVar.p0();
        }
        p.f(p02, "No signature factories for session=%s", fVar);
        boolean d10 = bVar.d();
        if (d10) {
            bVar.o("doAuth({}@{}) verify key type={}, factories={}, fingerprint={}", str, fVar, v10, n.c(p02), gk.e.e(u10));
        }
        bl.d dVar2 = (bl.d) r.c(v10, p02);
        p.b(dVar2, v10, "No verifier located for algorithm=%s");
        dVar2.X2(fVar, u10);
        aVar.V(U);
        byte[] l10 = j10 ? aVar.l() : null;
        c q22 = fVar.q2();
        if (q22 == null) {
            if (d10) {
                bVar.o("doAuth({}@{}) key type={}, fingerprint={} - no authenticator", str, fVar, v10, gk.e.e(u10));
            }
            return Boolean.FALSE;
        }
        try {
            boolean Q0 = q22.Q0(str, u10, fVar);
            if (d10) {
                i11 = 4;
                bVar.o("doAuth({}@{}) key type={}, fingerprint={} - authentication result: {}", str, fVar, v10, gk.e.e(u10), Boolean.valueOf(Q0));
            } else {
                i11 = 4;
            }
            if (!Q0) {
                return Boolean.FALSE;
            }
            if (!j10) {
                byte[] c10 = aVar.c();
                int i13 = i10 + 4;
                if (bVar.d()) {
                    Object[] objArr = new Object[i11];
                    objArr[0] = str;
                    objArr[1] = fVar;
                    objArr[2] = v10;
                    objArr[3] = gk.e.e(u10);
                    bVar.o("doAuth({}@{}) send SSH_MSG_USERAUTH_PK_OK for key type={}, fingerprint={}", objArr);
                }
                dl.d O1 = fVar.O1(cl.e.k(v10) + i13 + 32, (byte) 60);
                O1.K(v10);
                O1.H(R, i13, c10);
                fVar.r(O1);
                return null;
            }
            aVar.S(R);
            aVar.V(R + 4 + i10);
            byte[] W3 = fVar.W3();
            String str2 = this.S;
            int length = str2.length() + str.length() + W3.length;
            String str3 = this.Q;
            dl.d dVar3 = new dl.d(v10.length() + str3.length() + length + 256 + 64, false);
            dVar3.B(W3);
            dVar3.A((byte) 50);
            dVar3.K(str);
            dVar3.K(str2);
            dVar3.K(str3);
            dVar3.A((byte) 1);
            dVar3.K(v10);
            dVar3.Z(aVar, true);
            if (bVar.k()) {
                byte[] bArr = dVar3.P;
                int i14 = dVar3.Q;
                bVar.B("verifySignature({}@{})[{}][{}] key type={}, fingerprint={} - verification data={}", str, fVar, str2, str3, v10, gk.e.e(u10), dl.c.l(bArr, i14, dVar3.R - i14, ' '));
                bVar.B("verifySignature({}@{})[{}][{}] key type={}, fingerprint={} - expected signature={}", str, fVar, str2, str3, v10, gk.e.e(u10), dl.c.k(l10));
            }
            byte[] bArr2 = dVar3.P;
            int i15 = dVar3.Q;
            dVar2.z0(bArr2, i15, dVar3.R - i15);
            if (!dVar2.G(fVar, l10)) {
                throw new SignatureException("Key verification failed");
            }
            if (d10) {
                bVar.o("doAuth({}@{}) key type={}, fingerprint={} - verified", str, fVar, v10, gk.e.e(u10));
            }
            return Boolean.TRUE;
        } catch (Error e11) {
            c5("doAuth({}@{}) failed ({}) to consult delegate for {} key={}: {}", str, fVar, e11.getClass().getSimpleName(), v10, gk.e.e(u10), e11.getMessage(), e11);
            throw new u(2, e11);
        }
    }

    @Override // bl.h
    public final List<l<bl.d>> p0() {
        return this.U;
    }

    @Override // bl.h
    public final List q3() {
        throw null;
    }
}
