package com.trilead.ssh2.signature;

import com.trilead.ssh2.IOWarningException;
import com.trilead.ssh2.crypto.CertificateDecoder;
import com.trilead.ssh2.crypto.PEMStructure;
import com.trilead.ssh2.crypto.SimpleDERReader;
import com.trilead.ssh2.packets.TypesReader;
import com.trilead.ssh2.packets.TypesWriter;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.interfaces.DSAParams;
import java.security.spec.DSAPrivateKeySpec;
import java.security.spec.DSAPublicKeySpec;
import java.util.Arrays;
import java.util.List;
import org.glassfish.rmic.iiop.Constants;
import org.netbeans.modules.schema2beans.Common;

/* loaded from: input_file:com/trilead/ssh2/signature/DSAKeyAlgorithm.class */
public class DSAKeyAlgorithm extends KeyAlgorithm<java.security.interfaces.DSAPublicKey, java.security.interfaces.DSAPrivateKey> {

    /* loaded from: input_file:com/trilead/ssh2/signature/DSAKeyAlgorithm$DsaCertificateDecoder.class */
    private static class DsaCertificateDecoder extends CertificateDecoder {
        private DsaCertificateDecoder() {
        }

        @Override // com.trilead.ssh2.crypto.CertificateDecoder
        public String getStartLine() {
            return "-----BEGIN DSA PRIVATE KEY-----";
        }

        @Override // com.trilead.ssh2.crypto.CertificateDecoder
        public String getEndLine() {
            return "-----END DSA PRIVATE KEY-----";
        }

        @Override // com.trilead.ssh2.crypto.CertificateDecoder
        protected KeyPair createKeyPair(PEMStructure pEMStructure) throws IOException {
            SimpleDERReader simpleDERReader = new SimpleDERReader(pEMStructure.getData());
            byte[] readSequenceAsByteArray = simpleDERReader.readSequenceAsByteArray();
            if (simpleDERReader.available() != 0) {
                throw new IOException("Padding in DSA PRIVATE KEY DER stream.");
            }
            simpleDERReader.resetInput(readSequenceAsByteArray);
            BigInteger readInt = simpleDERReader.readInt();
            if (readInt.compareTo(BigInteger.ZERO) != 0) {
                throw new IOException("Wrong version (" + readInt + ") in DSA PRIVATE KEY DER stream.");
            }
            BigInteger readInt2 = simpleDERReader.readInt();
            BigInteger readInt3 = simpleDERReader.readInt();
            BigInteger readInt4 = simpleDERReader.readInt();
            BigInteger readInt5 = simpleDERReader.readInt();
            BigInteger readInt6 = simpleDERReader.readInt();
            if (simpleDERReader.available() != 0) {
                throw new IOException("Padding in DSA PRIVATE KEY DER stream.");
            }
            try {
                DSAPrivateKeySpec dSAPrivateKeySpec = new DSAPrivateKeySpec(readInt6, readInt2, readInt3, readInt4);
                DSAPublicKeySpec dSAPublicKeySpec = new DSAPublicKeySpec(readInt5, readInt2, readInt3, readInt4);
                KeyFactory keyFactory = KeyFactory.getInstance("DSA");
                return new KeyPair(keyFactory.generatePublic(dSAPublicKeySpec), keyFactory.generatePrivate(dSAPrivateKeySpec));
            } catch (GeneralSecurityException e) {
                throw new IOException("Could not decode DSA key pair");
            }
        }
    }

    public DSAKeyAlgorithm() {
        super("SHA1WithDSA", "ssh-dss", java.security.interfaces.DSAPrivateKey.class);
    }

    @Override // com.trilead.ssh2.signature.KeyAlgorithm
    public byte[] encodeSignature(byte[] bArr) throws IOException {
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeString(getKeyFormat());
        int i = 3 + 1;
        int i2 = bArr[3] & 255;
        byte[] bArr2 = new byte[i2];
        System.arraycopy(bArr, i, bArr2, 0, bArr2.length);
        int i3 = i + i2 + 1;
        int i4 = i3 + 1;
        byte[] bArr3 = new byte[bArr[i3] & 255];
        System.arraycopy(bArr, i4, bArr3, 0, bArr3.length);
        byte[] bArr4 = new byte[40];
        int length = bArr2.length < 20 ? bArr2.length : 20;
        int length2 = bArr3.length < 20 ? bArr3.length : 20;
        System.arraycopy(bArr2, bArr2.length - length, bArr4, 20 - length, length);
        System.arraycopy(bArr3, bArr3.length - length2, bArr4, 40 - length2, length2);
        typesWriter.writeString(bArr4, 0, 40);
        return typesWriter.getBytes();
    }

    @Override // com.trilead.ssh2.signature.KeyAlgorithm
    public byte[] decodeSignature(byte[] bArr) throws IOException {
        byte[] readByteString;
        if (bArr.length == 40) {
            readByteString = bArr;
        } else {
            TypesReader typesReader = new TypesReader(bArr);
            if (!typesReader.readString().equals(getKeyFormat())) {
                throw new IOException("Peer sent wrong signature format");
            }
            readByteString = typesReader.readByteString();
            if (readByteString.length != 40) {
                throw new IOException("Peer sent corrupt signature");
            }
            if (typesReader.remain() != 0) {
                throw new IOException("Padding in DSA signature!");
            }
        }
        if (readByteString[0] == 0 && readByteString[1] == 0 && readByteString[2] == 0) {
            int i = 0 + 1;
            int i2 = i + 1;
            int i3 = ((readByteString[0] << 24) & Constants.TM_MASK) | ((readByteString[i] << 16) & 16711680);
            int i4 = i2 + 1;
            int i5 = i4 + 1 + (i3 | ((readByteString[i2] << 8) & Common.MASK_TYPE) | (readByteString[i4] & 255));
            int i6 = i5 + 1;
            int i7 = i6 + 1;
            int i8 = ((readByteString[i5] << 24) & Constants.TM_MASK) | ((readByteString[i6] << 16) & 16711680);
            int i9 = i7 + 1;
            int i10 = i8 | ((readByteString[i7] << 8) & Common.MASK_TYPE) | (readByteString[i9] & 255);
            byte[] bArr2 = new byte[i10];
            System.arraycopy(readByteString, i9 + 1, bArr2, 0, i10);
            readByteString = bArr2;
        }
        byte b = (readByteString[0] & 128) != 0 ? (byte) 1 : (byte) 0;
        byte b2 = (readByteString[20] & 128) != 0 ? (byte) 1 : (byte) 0;
        byte[] bArr3 = new byte[readByteString.length + 6 + b + b2];
        bArr3[0] = 48;
        if (readByteString.length != 40) {
            throw new IOException("Peer sent corrupt signature");
        }
        bArr3[1] = 44;
        bArr3[1] = (byte) (bArr3[1] + b);
        bArr3[1] = (byte) (bArr3[1] + b2);
        bArr3[2] = 2;
        bArr3[3] = 20;
        bArr3[3] = (byte) (bArr3[3] + b);
        System.arraycopy(readByteString, 0, bArr3, 4 + b, 20);
        bArr3[4 + bArr3[3]] = 2;
        bArr3[5 + bArr3[3]] = 20;
        int i11 = 5 + bArr3[3];
        bArr3[i11] = (byte) (bArr3[i11] + b2);
        System.arraycopy(readByteString, 20, bArr3, 6 + bArr3[3] + b2, 20);
        return bArr3;
    }

    @Override // com.trilead.ssh2.signature.KeyAlgorithm
    public byte[] encodePublicKey(java.security.interfaces.DSAPublicKey dSAPublicKey) throws IOException {
        DSAParams params = dSAPublicKey.getParams();
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeString(getKeyFormat());
        typesWriter.writeMPInt(params.getP());
        typesWriter.writeMPInt(params.getQ());
        typesWriter.writeMPInt(params.getG());
        typesWriter.writeMPInt(dSAPublicKey.getY());
        return typesWriter.getBytes();
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.trilead.ssh2.signature.KeyAlgorithm
    public java.security.interfaces.DSAPublicKey decodePublicKey(byte[] bArr) throws IOException {
        TypesReader typesReader = new TypesReader(bArr);
        String readString = typesReader.readString();
        if (!readString.equals(getKeyFormat())) {
            throw new IOWarningException("Unsupported key format found '" + readString + "' while expecting " + getKeyFormat());
        }
        BigInteger readMPINT = typesReader.readMPINT();
        BigInteger readMPINT2 = typesReader.readMPINT();
        BigInteger readMPINT3 = typesReader.readMPINT();
        BigInteger readMPINT4 = typesReader.readMPINT();
        if (typesReader.remain() != 0) {
            throw new IOException("Padding in DSA public key!");
        }
        try {
            return (java.security.interfaces.DSAPublicKey) KeyFactory.getInstance("DSA").generatePublic(new DSAPublicKeySpec(readMPINT4, readMPINT, readMPINT2, readMPINT3));
        } catch (GeneralSecurityException e) {
            throw new IOException("Could not generate DSA Key", e);
        }
    }

    @Override // com.trilead.ssh2.signature.KeyAlgorithm
    public List<CertificateDecoder> getCertificateDecoders() {
        return Arrays.asList(new DsaCertificateDecoder(), new OpenSshCertificateDecoder(getKeyFormat()) { // from class: com.trilead.ssh2.signature.DSAKeyAlgorithm.1
            @Override // com.trilead.ssh2.signature.OpenSshCertificateDecoder
            KeyPair generateKeyPair(TypesReader typesReader) throws GeneralSecurityException, IOException {
                BigInteger readMPINT = typesReader.readMPINT();
                BigInteger readMPINT2 = typesReader.readMPINT();
                BigInteger readMPINT3 = typesReader.readMPINT();
                BigInteger readMPINT4 = typesReader.readMPINT();
                DSAPrivateKeySpec dSAPrivateKeySpec = new DSAPrivateKeySpec(typesReader.readMPINT(), readMPINT, readMPINT2, readMPINT3);
                DSAPublicKeySpec dSAPublicKeySpec = new DSAPublicKeySpec(readMPINT4, readMPINT, readMPINT2, readMPINT3);
                KeyFactory keyFactory = KeyFactory.getInstance("DSA");
                return new KeyPair(keyFactory.generatePublic(dSAPublicKeySpec), keyFactory.generatePrivate(dSAPrivateKeySpec));
            }
        });
    }
}
