package com.trilead.ssh2.signature;

import com.trilead.ssh2.crypto.CertificateDecoder;
import com.trilead.ssh2.crypto.PEMStructure;
import com.trilead.ssh2.crypto.SimpleDERReader;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.spec.KeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.Arrays;
import java.util.List;
import l3.g;
import p3.w;
import p3.x;

/* loaded from: classes.dex */
public class RSAKeyAlgorithm extends KeyAlgorithm<java.security.interfaces.RSAPublicKey, java.security.interfaces.RSAPrivateKey> {

    /* loaded from: classes.dex */
    private static class RSACertificateDecoder extends CertificateDecoder {
        private RSACertificateDecoder() {
        }

        @Override // com.trilead.ssh2.crypto.CertificateDecoder
        protected KeyPair createKeyPair(PEMStructure pEMStructure) {
            SimpleDERReader simpleDERReader = new SimpleDERReader(pEMStructure.getData());
            byte[] readSequenceAsByteArray = simpleDERReader.readSequenceAsByteArray();
            if (simpleDERReader.available() != 0) {
                throw new IOException("Padding in RSA PRIVATE KEY DER stream.");
            }
            simpleDERReader.resetInput(readSequenceAsByteArray);
            BigInteger readInt = simpleDERReader.readInt();
            if (readInt.compareTo(BigInteger.ZERO) != 0 && readInt.compareTo(BigInteger.ONE) != 0) {
                throw new IOException("Wrong version (" + readInt + ") in RSA PRIVATE KEY DER stream.");
            }
            BigInteger readInt2 = simpleDERReader.readInt();
            BigInteger readInt3 = simpleDERReader.readInt();
            try {
                RSAPrivateCrtKeySpec rSAPrivateCrtKeySpec = new RSAPrivateCrtKeySpec(readInt2, readInt3, simpleDERReader.readInt(), simpleDERReader.readInt(), simpleDERReader.readInt(), simpleDERReader.readInt(), simpleDERReader.readInt(), simpleDERReader.readInt());
                RSAPublicKeySpec rSAPublicKeySpec = new RSAPublicKeySpec(readInt2, readInt3);
                KeyFactory keyFactory = KeyFactory.getInstance("RSA");
                return new KeyPair(keyFactory.generatePublic(rSAPublicKeySpec), keyFactory.generatePrivate(rSAPrivateCrtKeySpec));
            } catch (GeneralSecurityException unused) {
                throw new IOException("Could not decode RSA Key Pair");
            }
        }

        @Override // com.trilead.ssh2.crypto.CertificateDecoder
        public String getEndLine() {
            return "-----END RSA PRIVATE KEY-----";
        }

        @Override // com.trilead.ssh2.crypto.CertificateDecoder
        public String getStartLine() {
            return "-----BEGIN RSA PRIVATE KEY-----";
        }
    }

    public RSAKeyAlgorithm() {
        super("SHA1WithRSA", "ssh-rsa", java.security.interfaces.RSAPrivateKey.class);
    }

    @Override // com.trilead.ssh2.signature.KeyAlgorithm
    public java.security.interfaces.RSAPublicKey decodePublicKey(byte[] bArr) {
        w wVar = new w(bArr);
        String g5 = wVar.g();
        if (!g5.equals(getKeyFormat())) {
            throw new g("Unsupported key format found '" + g5 + "' while expecting " + getKeyFormat());
        }
        BigInteger e5 = wVar.e();
        BigInteger e6 = wVar.e();
        if (wVar.j() != 0) {
            throw new IOException("Padding in RSA public key!");
        }
        try {
            return (java.security.interfaces.RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(e6, e5));
        } catch (GeneralSecurityException e7) {
            throw new IOException("Could not generate RSA key", e7);
        }
    }

    @Override // com.trilead.ssh2.signature.KeyAlgorithm
    public byte[] decodeSignature(byte[] bArr) {
        w wVar = new w(bArr);
        if (!wVar.g().equals(getKeyFormat())) {
            throw new IOException("Peer sent wrong signature format");
        }
        byte[] c5 = wVar.c();
        if (c5.length == 0) {
            throw new IOException("Error in RSA signature, S is empty.");
        }
        if (wVar.j() == 0) {
            return c5;
        }
        throw new IOException("Padding in RSA signature!");
    }

    @Override // com.trilead.ssh2.signature.KeyAlgorithm
    public byte[] encodePublicKey(java.security.interfaces.RSAPublicKey rSAPublicKey) {
        x xVar = new x();
        xVar.i(getKeyFormat());
        xVar.g(rSAPublicKey.getPublicExponent());
        xVar.g(rSAPublicKey.getModulus());
        return xVar.a();
    }

    @Override // com.trilead.ssh2.signature.KeyAlgorithm
    public byte[] encodeSignature(byte[] bArr) {
        x xVar = new x();
        xVar.i(getKeyFormat());
        if (bArr.length <= 1 || bArr[0] != 0) {
            xVar.j(bArr, 0, bArr.length);
        } else {
            xVar.j(bArr, 1, bArr.length - 1);
        }
        return xVar.a();
    }

    @Override // com.trilead.ssh2.signature.KeyAlgorithm
    public List<CertificateDecoder> getCertificateDecoders() {
        return Arrays.asList(new RSACertificateDecoder(), new OpenSshCertificateDecoder("ssh-rsa") { // from class: com.trilead.ssh2.signature.RSAKeyAlgorithm.1
            @Override // com.trilead.ssh2.signature.OpenSshCertificateDecoder
            KeyPair generateKeyPair(w wVar) {
                KeySpec rSAPrivateKeySpec;
                BigInteger e5 = wVar.e();
                BigInteger e6 = wVar.e();
                BigInteger e7 = wVar.e();
                BigInteger e8 = wVar.e();
                BigInteger e9 = wVar.e();
                RSAPublicKeySpec rSAPublicKeySpec = new RSAPublicKeySpec(e5, e6);
                if (e9 == null || e8 == null) {
                    rSAPrivateKeySpec = new RSAPrivateKeySpec(e5, e7);
                } else {
                    BigInteger modInverse = e8.modInverse(e9);
                    BigInteger bigInteger = BigInteger.ONE;
                    rSAPrivateKeySpec = new RSAPrivateCrtKeySpec(e5, e6, e7, e9, modInverse, e7.mod(e9.subtract(bigInteger)), e7.mod(modInverse.subtract(bigInteger)), e8);
                }
                KeyFactory keyFactory = KeyFactory.getInstance("RSA");
                return new KeyPair(keyFactory.generatePublic(rSAPublicKeySpec), keyFactory.generatePrivate(rSAPrivateKeySpec));
            }
        });
    }
}
