package com.trilead.ssh2.signature;

import com.trilead.ssh2.IOWarningException;
import com.trilead.ssh2.crypto.CertificateDecoder;
import com.trilead.ssh2.crypto.PEMStructure;
import com.trilead.ssh2.crypto.SimpleDERReader;
import com.trilead.ssh2.packets.TypesReader;
import com.trilead.ssh2.packets.TypesWriter;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.Arrays;
import java.util.List;

/* loaded from: input_file:WEB-INF/detached-plugins/trilead-api.hpi:WEB-INF/lib/trilead-ssh2-build-217-jenkins-324.v1d9a_9f4d065e.jar:com/trilead/ssh2/signature/RSAKeyAlgorithm.class */
public class RSAKeyAlgorithm extends KeyAlgorithm<java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey> {
    private static final String SSH_RSA = "ssh-rsa";

    /* loaded from: input_file:WEB-INF/detached-plugins/trilead-api.hpi:WEB-INF/lib/trilead-ssh2-build-217-jenkins-324.v1d9a_9f4d065e.jar:com/trilead/ssh2/signature/RSAKeyAlgorithm$RSACertificateDecoder.class */
    private static class RSACertificateDecoder extends CertificateDecoder {
        private RSACertificateDecoder() {
        }

        @Override // com.trilead.ssh2.crypto.CertificateDecoder
        public String getStartLine() {
            return "-----BEGIN RSA PRIVATE KEY-----";
        }

        @Override // com.trilead.ssh2.crypto.CertificateDecoder
        public String getEndLine() {
            return "-----END RSA PRIVATE KEY-----";
        }

        @Override // com.trilead.ssh2.crypto.CertificateDecoder
        protected KeyPair createKeyPair(PEMStructure pEMStructure) throws IOException {
            SimpleDERReader simpleDERReader = new SimpleDERReader(pEMStructure.getData());
            byte[] readSequenceAsByteArray = simpleDERReader.readSequenceAsByteArray();
            if (simpleDERReader.available() != 0) {
                throw new IOException("Padding in RSA PRIVATE KEY DER stream.");
            }
            simpleDERReader.resetInput(readSequenceAsByteArray);
            BigInteger readInt = simpleDERReader.readInt();
            if (readInt.compareTo(BigInteger.ZERO) != 0 && readInt.compareTo(BigInteger.ONE) != 0) {
                throw new IOException("Wrong version (" + String.valueOf(readInt) + ") in RSA PRIVATE KEY DER stream.");
            }
            BigInteger readInt2 = simpleDERReader.readInt();
            BigInteger readInt3 = simpleDERReader.readInt();
            try {
                RSAPrivateCrtKeySpec rSAPrivateCrtKeySpec = new RSAPrivateCrtKeySpec(readInt2, readInt3, simpleDERReader.readInt(), simpleDERReader.readInt(), simpleDERReader.readInt(), simpleDERReader.readInt(), simpleDERReader.readInt(), simpleDERReader.readInt());
                RSAPublicKeySpec rSAPublicKeySpec = new RSAPublicKeySpec(readInt2, readInt3);
                KeyFactory keyFactory = KeyFactory.getInstance("RSA");
                return new KeyPair(keyFactory.generatePublic(rSAPublicKeySpec), keyFactory.generatePrivate(rSAPrivateCrtKeySpec));
            } catch (GeneralSecurityException e) {
                throw new IOException("Could not decode RSA Key Pair");
            }
        }
    }

    public RSAKeyAlgorithm() {
        this("SHA1WithRSA", "ssh-rsa");
    }

    public RSAKeyAlgorithm(String str, String str2) {
        super(str, str2, java.security.interfaces.RSAPrivateKey.class);
    }

    @Override // com.trilead.ssh2.signature.KeyAlgorithm
    public byte[] encodeSignature(byte[] bArr) throws IOException {
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeString(getKeyFormat());
        if (bArr.length <= 1 || bArr[0] != 0) {
            typesWriter.writeString(bArr, 0, bArr.length);
        } else {
            typesWriter.writeString(bArr, 1, bArr.length - 1);
        }
        return typesWriter.getBytes();
    }

    @Override // com.trilead.ssh2.signature.KeyAlgorithm
    public byte[] decodeSignature(byte[] bArr) throws IOException {
        TypesReader typesReader = new TypesReader(bArr);
        if (!typesReader.readString().equals(getKeyFormat())) {
            throw new IOException("Peer sent wrong signature format");
        }
        byte[] readByteString = typesReader.readByteString();
        if (readByteString.length == 0) {
            throw new IOException("Error in RSA signature, S is empty.");
        }
        if (typesReader.remain() != 0) {
            throw new IOException("Padding in RSA signature!");
        }
        return readByteString;
    }

    @Override // com.trilead.ssh2.signature.KeyAlgorithm
    public byte[] encodePublicKey(java.security.interfaces.RSAPublicKey rSAPublicKey) throws IOException {
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeString("ssh-rsa");
        typesWriter.writeMPInt(rSAPublicKey.getPublicExponent());
        typesWriter.writeMPInt(rSAPublicKey.getModulus());
        return typesWriter.getBytes();
    }

    @Override // com.trilead.ssh2.signature.KeyAlgorithm
    public java.security.interfaces.RSAPublicKey decodePublicKey(byte[] bArr) throws IOException {
        TypesReader typesReader = new TypesReader(bArr);
        String readString = typesReader.readString();
        if (!readString.equals("ssh-rsa")) {
            throw new IOWarningException("Unsupported key format found '" + readString + "' while expecting " + getKeyFormat());
        }
        BigInteger readMPINT = typesReader.readMPINT();
        BigInteger readMPINT2 = typesReader.readMPINT();
        if (typesReader.remain() != 0) {
            throw new IOException("Padding in RSA public key!");
        }
        try {
            return (java.security.interfaces.RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(readMPINT2, readMPINT));
        } catch (GeneralSecurityException e) {
            throw new IOException("Could not generate RSA key", e);
        }
    }

    @Override // com.trilead.ssh2.signature.KeyAlgorithm
    public List<CertificateDecoder> getCertificateDecoders() {
        return Arrays.asList(new RSACertificateDecoder(), new OpenSshCertificateDecoder("ssh-rsa") { // from class: com.trilead.ssh2.signature.RSAKeyAlgorithm.1
            @Override // com.trilead.ssh2.signature.OpenSshCertificateDecoder
            KeyPair generateKeyPair(TypesReader typesReader) throws GeneralSecurityException, IOException {
                RSAPrivateKeySpec rSAPrivateKeySpec;
                BigInteger readMPINT = typesReader.readMPINT();
                BigInteger readMPINT2 = typesReader.readMPINT();
                BigInteger readMPINT3 = typesReader.readMPINT();
                BigInteger readMPINT4 = typesReader.readMPINT();
                BigInteger readMPINT5 = typesReader.readMPINT();
                RSAPublicKeySpec rSAPublicKeySpec = new RSAPublicKeySpec(readMPINT, readMPINT2);
                if (null == readMPINT5 || null == readMPINT4) {
                    rSAPrivateKeySpec = new RSAPrivateKeySpec(readMPINT, readMPINT3);
                } else {
                    BigInteger modInverse = readMPINT4.modInverse(readMPINT5);
                    rSAPrivateKeySpec = new RSAPrivateCrtKeySpec(readMPINT, readMPINT2, readMPINT3, readMPINT5, modInverse, readMPINT3.mod(readMPINT5.subtract(BigInteger.ONE)), readMPINT3.mod(modInverse.subtract(BigInteger.ONE)), readMPINT4);
                }
                KeyFactory keyFactory = KeyFactory.getInstance("RSA");
                return new KeyPair(keyFactory.generatePublic(rSAPublicKeySpec), keyFactory.generatePrivate(rSAPrivateKeySpec));
            }
        });
    }
}
