package com.trilead.ssh2.signature;

import androidx.core.view.MotionEventCompat;
import com.alibaba.aliyun.ssh.org.connectbot.util.PubkeyDatabase;
import com.google.common.base.Ascii;
import com.taobao.weex.wson.Wson;
import com.trilead.ssh2.log.Logger;
import com.trilead.ssh2.packets.TypesReader;
import com.trilead.ssh2.packets.TypesWriter;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey;
import java.security.spec.DSAPublicKeySpec;
import java.security.spec.InvalidKeySpecException;

/* loaded from: classes7.dex */
public class DSASHA1Verify implements SSHSignature {
    public static final String ID_SSH_DSS = "ssh-dss";
    private static final Logger log = Logger.getLogger(DSASHA1Verify.class);

    /* loaded from: classes7.dex */
    public static class b {

        /* renamed from: a, reason: collision with root package name */
        public static DSASHA1Verify f46181a = new DSASHA1Verify();
    }

    private DSASHA1Verify() {
    }

    private byte[] decodeSignature(byte[] bArr) throws IOException {
        byte b4;
        byte b5;
        if (bArr.length != 40) {
            TypesReader typesReader = new TypesReader(bArr);
            if (!typesReader.readString().equals(ID_SSH_DSS)) {
                throw new IOException("Peer sent wrong signature format");
            }
            bArr = typesReader.readByteString();
            if (bArr.length != 40) {
                throw new IOException("Peer sent corrupt signature");
            }
            if (typesReader.remain() != 0) {
                throw new IOException("Padding in DSA signature!");
            }
        }
        byte b6 = bArr[0];
        if (b6 == 0 && (b4 = bArr[1]) == 0 && (b5 = bArr[2]) == 0) {
            int i4 = (((b6 << Ascii.CAN) & (-16777216)) | ((b4 << 16) & 16711680) | ((b5 << 8) & MotionEventCompat.ACTION_POINTER_INDEX_MASK) | (bArr[3] & 255)) + 4;
            int i5 = i4 + 1;
            int i6 = i5 + 1;
            int i7 = ((bArr[i4] << 24) & (-16777216)) | ((bArr[i5] << 16) & 16711680);
            int i8 = i6 + 1;
            int i9 = i8 + 1;
            int i10 = i7 | (65280 & (bArr[i6] << 8)) | (bArr[i8] & 255);
            byte[] bArr2 = new byte[i10];
            System.arraycopy(bArr, i9, bArr2, 0, i10);
            bArr = bArr2;
        }
        int i11 = (bArr[0] & 128) != 0 ? 1 : 0;
        byte b7 = (bArr[20] & 128) != 0 ? (byte) 1 : (byte) 0;
        byte[] bArr3 = new byte[bArr.length + 6 + i11 + b7];
        bArr3[0] = Wson.f45550a;
        if (bArr.length != 40) {
            throw new IOException("Peer sent corrupt signature");
        }
        bArr3[1] = 44;
        byte b8 = (byte) (44 + i11);
        bArr3[1] = b8;
        bArr3[1] = (byte) (b8 + b7);
        bArr3[2] = 2;
        bArr3[3] = Ascii.DC4;
        bArr3[3] = (byte) (20 + i11);
        System.arraycopy(bArr, 0, bArr3, i11 + 4, 20);
        bArr3[bArr3[3] + 4] = 2;
        bArr3[bArr3[3] + 5] = Ascii.DC4;
        int i12 = bArr3[3] + 5;
        bArr3[i12] = (byte) (bArr3[i12] + b7);
        System.arraycopy(bArr, 20, bArr3, bArr3[3] + 6 + b7, 20);
        return bArr3;
    }

    private static byte[] encodeSignature(byte[] bArr) {
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeString(ID_SSH_DSS);
        int i4 = bArr[3] & 255;
        byte[] bArr2 = new byte[i4];
        System.arraycopy(bArr, 4, bArr2, 0, i4);
        int i5 = 4 + i4 + 1;
        int i6 = i5 + 1;
        int i7 = bArr[i5] & 255;
        byte[] bArr3 = new byte[i7];
        System.arraycopy(bArr, i6, bArr3, 0, i7);
        byte[] bArr4 = new byte[40];
        int i8 = i4 < 20 ? i4 : 20;
        int i9 = i7 < 20 ? i7 : 20;
        System.arraycopy(bArr2, i4 - i8, bArr4, 20 - i8, i8);
        System.arraycopy(bArr3, i7 - i9, bArr4, 40 - i9, i9);
        typesWriter.writeString(bArr4, 0, 40);
        return typesWriter.getBytes();
    }

    public static DSASHA1Verify get() {
        return b.f46181a;
    }

    @Override // com.trilead.ssh2.signature.SSHSignature
    public PublicKey decodePublicKey(byte[] bArr) throws IOException {
        TypesReader typesReader = new TypesReader(bArr);
        if (!typesReader.readString().equals(ID_SSH_DSS)) {
            throw new IllegalArgumentException("This is not a ssh-dss public key!");
        }
        BigInteger readMPINT = typesReader.readMPINT();
        BigInteger readMPINT2 = typesReader.readMPINT();
        BigInteger readMPINT3 = typesReader.readMPINT();
        BigInteger readMPINT4 = typesReader.readMPINT();
        if (typesReader.remain() != 0) {
            throw new IOException("Padding in DSA public key!");
        }
        try {
            return (DSAPublicKey) KeyFactory.getInstance(PubkeyDatabase.KEY_TYPE_DSA).generatePublic(new DSAPublicKeySpec(readMPINT4, readMPINT, readMPINT2, readMPINT3));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e4) {
            throw new IOException(e4);
        }
    }

    @Override // com.trilead.ssh2.signature.SSHSignature
    public byte[] encodePublicKey(PublicKey publicKey) throws IOException {
        DSAPublicKey dSAPublicKey = (DSAPublicKey) publicKey;
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeString(ID_SSH_DSS);
        DSAParams params = dSAPublicKey.getParams();
        typesWriter.writeMPInt(params.getP());
        typesWriter.writeMPInt(params.getQ());
        typesWriter.writeMPInt(params.getG());
        typesWriter.writeMPInt(dSAPublicKey.getY());
        return typesWriter.getBytes();
    }

    @Override // com.trilead.ssh2.signature.SSHSignature
    public byte[] generateSignature(byte[] bArr, PrivateKey privateKey, SecureRandom secureRandom) throws IOException {
        try {
            Signature signature = Signature.getInstance("SHA1withDSA");
            signature.initSign(privateKey);
            signature.update(bArr);
            return encodeSignature(signature.sign());
        } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e4) {
            throw new IOException(e4);
        }
    }

    @Override // com.trilead.ssh2.signature.SSHSignature
    public String getKeyFormat() {
        return ID_SSH_DSS;
    }

    @Override // com.trilead.ssh2.signature.SSHSignature
    public boolean verifySignature(byte[] bArr, byte[] bArr2, PublicKey publicKey) throws IOException {
        byte[] decodeSignature = decodeSignature(bArr2);
        try {
            Signature signature = Signature.getInstance("SHA1withDSA");
            signature.initVerify(publicKey);
            signature.update(bArr);
            return signature.verify(decodeSignature);
        } catch (InvalidKeyException e4) {
            e = e4;
            throw new IOException("No such algorithm", e);
        } catch (NoSuchAlgorithmException e5) {
            e = e5;
            throw new IOException("No such algorithm", e);
        } catch (SignatureException e6) {
            throw new IOException(e6);
        }
    }
}
