package com.trilead.ssh2.signature;

import com.trilead.ssh2.IOWarningException;
import com.trilead.ssh2.crypto.SimpleDERReader;
import com.trilead.ssh2.crypto.digest.SHA1;
import com.trilead.ssh2.log.Logger;
import com.trilead.ssh2.packets.TypesReader;
import com.trilead.ssh2.packets.TypesWriter;
import java.io.IOException;
import java.math.BigInteger;

/* loaded from: input_file:WEB-INF/lib/trilead-ssh2-1.0.0-build216.jar:com/trilead/ssh2/signature/RSASHA1Verify.class */
public class RSASHA1Verify {
    private static final Logger log;
    static Class class$com$trilead$ssh2$signature$RSASHA1Verify;

    public static RSAPublicKey decodeSSHRSAPublicKey(byte[] bArr) throws IOException {
        TypesReader typesReader = new TypesReader(bArr);
        String readString = typesReader.readString();
        if (!readString.equals("ssh-rsa")) {
            throw new IOWarningException(new StringBuffer().append("Unsupported key format found '").append(readString).append("' while expecting ssh-rsa").toString());
        }
        BigInteger readMPINT = typesReader.readMPINT();
        BigInteger readMPINT2 = typesReader.readMPINT();
        if (typesReader.remain() != 0) {
            throw new IOException("Padding in RSA public key!");
        }
        return new RSAPublicKey(readMPINT, readMPINT2);
    }

    public static byte[] encodeSSHRSAPublicKey(RSAPublicKey rSAPublicKey) throws IOException {
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeString("ssh-rsa");
        typesWriter.writeMPInt(rSAPublicKey.getE());
        typesWriter.writeMPInt(rSAPublicKey.getN());
        return typesWriter.getBytes();
    }

    public static RSASignature decodeSSHRSASignature(byte[] bArr) throws IOException {
        TypesReader typesReader = new TypesReader(bArr);
        if (!typesReader.readString().equals("ssh-rsa")) {
            throw new IOException("Peer sent wrong signature format");
        }
        byte[] readByteString = typesReader.readByteString();
        if (readByteString.length == 0) {
            throw new IOException("Error in RSA signature, S is empty.");
        }
        if (log.isEnabled()) {
            log.log(80, new StringBuffer().append("Decoding ssh-rsa signature string (length: ").append(readByteString.length).append(")").toString());
        }
        if (typesReader.remain() != 0) {
            throw new IOException("Padding in RSA signature!");
        }
        return new RSASignature(new BigInteger(1, readByteString));
    }

    public static byte[] encodeSSHRSASignature(RSASignature rSASignature) throws IOException {
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeString("ssh-rsa");
        byte[] byteArray = rSASignature.getS().toByteArray();
        if (byteArray.length <= 1 || byteArray[0] != 0) {
            typesWriter.writeString(byteArray, 0, byteArray.length);
        } else {
            typesWriter.writeString(byteArray, 1, byteArray.length - 1);
        }
        return typesWriter.getBytes();
    }

    public static RSASignature generateSignature(byte[] bArr, RSAPrivateKey rSAPrivateKey) throws IOException {
        SHA1 sha1 = new SHA1();
        sha1.update(bArr);
        byte[] bArr2 = new byte[sha1.getDigestLength()];
        sha1.digest(bArr2);
        byte[] bArr3 = {48, 33, 48, 9, 6, 5, 43, 14, 3, 2, 26, 5, 0, 4, 20};
        int bitLength = (((rSAPrivateKey.getN().bitLength() + 7) / 8) - ((2 + bArr3.length) + bArr2.length)) - 1;
        if (bitLength < 8) {
            throw new IOException("Cannot sign with RSA, message too long");
        }
        byte[] bArr4 = new byte[bArr3.length + bArr2.length + 2 + bitLength];
        bArr4[0] = 1;
        for (int i = 0; i < bitLength; i++) {
            bArr4[i + 1] = -1;
        }
        bArr4[bitLength + 1] = 0;
        System.arraycopy(bArr3, 0, bArr4, 2 + bitLength, bArr3.length);
        System.arraycopy(bArr2, 0, bArr4, 2 + bitLength + bArr3.length, bArr2.length);
        return new RSASignature(new BigInteger(1, bArr4).modPow(rSAPrivateKey.getD(), rSAPrivateKey.getN()));
    }

    public static boolean verifySignature(byte[] bArr, RSASignature rSASignature, RSAPublicKey rSAPublicKey) throws IOException {
        SHA1 sha1 = new SHA1();
        sha1.update(bArr);
        byte[] bArr2 = new byte[sha1.getDigestLength()];
        sha1.digest(bArr2);
        BigInteger n = rSAPublicKey.getN();
        BigInteger e = rSAPublicKey.getE();
        BigInteger s = rSASignature.getS();
        if (n.compareTo(s) <= 0) {
            log.log(20, "ssh-rsa signature: n.compareTo(s) <= 0");
            return false;
        }
        int bitLength = (n.bitLength() + 7) / 8;
        if (bitLength < 1) {
            log.log(20, "ssh-rsa signature: rsa_block_len < 1");
            return false;
        }
        byte[] byteArray = s.modPow(e, n).toByteArray();
        int i = 0;
        if (byteArray.length > 0 && byteArray[0] == 0) {
            i = 0 + 1;
        }
        if (byteArray.length - i != bitLength - 1) {
            log.log(20, "ssh-rsa signature: (v.length - startpos) != (rsa_block_len - 1)");
            return false;
        }
        if (byteArray[i] != 1) {
            log.log(20, "ssh-rsa signature: v[startpos] != 0x01");
            return false;
        }
        for (int i2 = i + 1; i2 < byteArray.length; i2++) {
            if (byteArray[i2] == 0) {
                if (i2 - (i + 1) < 8) {
                    log.log(20, "ssh-rsa signature: num_pad < 8");
                    return false;
                }
                int i3 = i2 + 1;
                if (i3 >= byteArray.length) {
                    log.log(20, "ssh-rsa signature: pos >= v.length");
                    return false;
                }
                SimpleDERReader simpleDERReader = new SimpleDERReader(byteArray, i3, byteArray.length - i3);
                byte[] readSequenceAsByteArray = simpleDERReader.readSequenceAsByteArray();
                if (simpleDERReader.available() != 0) {
                    log.log(20, "ssh-rsa signature: dr.available() != 0");
                    return false;
                }
                simpleDERReader.resetInput(readSequenceAsByteArray);
                byte[] readSequenceAsByteArray2 = simpleDERReader.readSequenceAsByteArray();
                if (readSequenceAsByteArray2.length < 8 || readSequenceAsByteArray2.length > 9) {
                    log.log(20, "ssh-rsa signature: (digestAlgorithm.length < 8) || (digestAlgorithm.length > 9)");
                    return false;
                }
                byte[] bArr3 = {6, 5, 43, 14, 3, 2, 26, 5, 0};
                for (int i4 = 0; i4 < readSequenceAsByteArray2.length; i4++) {
                    if (readSequenceAsByteArray2[i4] != bArr3[i4]) {
                        log.log(20, "ssh-rsa signature: digestAlgorithm[i] != digestAlgorithm_sha1[i]");
                        return false;
                    }
                }
                byte[] readOctetString = simpleDERReader.readOctetString();
                if (simpleDERReader.available() != 0) {
                    log.log(20, "ssh-rsa signature: dr.available() != 0 (II)");
                    return false;
                }
                if (readOctetString.length != bArr2.length) {
                    log.log(20, "ssh-rsa signature: digest.length != sha_message.length");
                    return false;
                }
                for (int i5 = 0; i5 < bArr2.length; i5++) {
                    if (bArr2[i5] != readOctetString[i5]) {
                        log.log(20, "ssh-rsa signature: sha_message[i] != digest[i]");
                        return false;
                    }
                }
                return true;
            }
            if (byteArray[i2] != -1) {
                log.log(20, "ssh-rsa signature: v[pos] != (byte) 0xff");
                return false;
            }
        }
        log.log(20, "ssh-rsa signature: pos >= v.length");
        return false;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$trilead$ssh2$signature$RSASHA1Verify == null) {
            cls = class$("com.trilead.ssh2.signature.RSASHA1Verify");
            class$com$trilead$ssh2$signature$RSASHA1Verify = cls;
        } else {
            cls = class$com$trilead$ssh2$signature$RSASHA1Verify;
        }
        log = Logger.getLogger(cls);
    }
}
