package com.trilead.ssh2.signature;

import com.trilead.ssh2.log.Logger;
import com.trilead.ssh2.packets.TypesReader;
import com.trilead.ssh2.packets.TypesWriter;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPublicKeySpec;
import java.util.Objects;

/* loaded from: classes.dex */
public class RSASHA1Verify implements SSHSignature {
    public static final Logger log = new Logger(RSASHA1Verify.class);

    /* loaded from: classes.dex */
    public static class InstanceHolder {
        public static RSASHA1Verify sInstance = new RSASHA1Verify(null);
    }

    public RSASHA1Verify() {
    }

    public RSASHA1Verify(AnonymousClass1 anonymousClass1) {
    }

    public static byte[] encodeSignature(byte[] bArr) throws IOException {
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeString("ssh-rsa");
        if (bArr.length <= 1 || bArr[0] != 0) {
            int length = bArr.length;
            typesWriter.writeUINT32(length);
            typesWriter.writeBytes(bArr, 0, length);
        } else {
            int length2 = bArr.length - 1;
            typesWriter.writeUINT32(length2);
            typesWriter.writeBytes(bArr, 1, length2);
        }
        return typesWriter.getBytes();
    }

    @Override // com.trilead.ssh2.signature.SSHSignature
    public PublicKey decodePublicKey(byte[] bArr) throws IOException {
        TypesReader typesReader = new TypesReader(bArr);
        if (!typesReader.readString().equals("ssh-rsa")) {
            throw new IllegalArgumentException("This is not a ssh-rsa public key");
        }
        BigInteger readMPINT = typesReader.readMPINT();
        BigInteger readMPINT2 = typesReader.readMPINT();
        if (typesReader.remain() != 0) {
            throw new IOException("Padding in RSA public key!");
        }
        try {
            return KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(readMPINT2, readMPINT));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new IOException("No RSA KeyFactory available", e);
        }
    }

    public byte[] encodePublicKey(PublicKey publicKey) throws IOException {
        RSAPublicKey rSAPublicKey = (RSAPublicKey) publicKey;
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeString("ssh-rsa");
        typesWriter.writeMPInt(rSAPublicKey.getPublicExponent());
        typesWriter.writeMPInt(rSAPublicKey.getModulus());
        return typesWriter.getBytes();
    }

    public byte[] generateSignature(byte[] bArr, PrivateKey privateKey, SecureRandom secureRandom) throws IOException {
        try {
            Signature signature = Signature.getInstance("SHA1withRSA");
            signature.initSign(privateKey, secureRandom);
            signature.update(bArr);
            return encodeSignature(signature.sign());
        } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e) {
            throw new IOException(e);
        }
    }

    @Override // com.trilead.ssh2.signature.SSHSignature
    public String getKeyFormat() {
        return "ssh-rsa";
    }

    @Override // com.trilead.ssh2.signature.SSHSignature
    public boolean verifySignature(byte[] bArr, byte[] bArr2, PublicKey publicKey) throws IOException {
        TypesReader typesReader = new TypesReader(bArr2);
        if (!typesReader.readString().equals("ssh-rsa")) {
            throw new IOException("Peer sent wrong signature format");
        }
        byte[] readByteString = typesReader.readByteString();
        if (readByteString.length == 0) {
            throw new IOException("Error in RSA signature, S is empty.");
        }
        Objects.requireNonNull(log);
        if (typesReader.remain() != 0) {
            throw new IOException("Padding in RSA signature!");
        }
        try {
            Signature signature = Signature.getInstance("SHA1withRSA");
            signature.initVerify(publicKey);
            signature.update(bArr);
            return signature.verify(readByteString);
        } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e) {
            throw new IOException(e);
        }
    }
}
