package com.trilead.ssh2.signature;

import com.trilead.ssh2.log.Logger;
import com.trilead.ssh2.packets.TypesReader;
import com.trilead.ssh2.packets.TypesWriter;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;

/* loaded from: classes7.dex */
public class RSASHA512Verify implements SSHSignature {
    public static final String ID_RSA_SHA_2_512 = "rsa-sha2-512";
    private static final Logger log = Logger.getLogger(RSASHA512Verify.class);

    /* loaded from: classes7.dex */
    public static class b {

        /* renamed from: a, reason: collision with root package name */
        public static final RSASHA512Verify f46188a = new RSASHA512Verify();
    }

    private RSASHA512Verify() {
    }

    private static byte[] decodeRSASHA512Signature(byte[] bArr) throws IOException {
        TypesReader typesReader = new TypesReader(bArr);
        if (!typesReader.readString().equals(ID_RSA_SHA_2_512)) {
            throw new IOException("Peer sent wrong signature format");
        }
        byte[] readByteString = typesReader.readByteString();
        if (readByteString.length == 0) {
            throw new IOException("Error in RSA signature, S is empty.");
        }
        Logger logger = log;
        if (logger.isEnabled()) {
            logger.log(80, "Decoding rsa-sha2-512 signature string (length: " + readByteString.length + ")");
        }
        if (typesReader.remain() == 0) {
            return readByteString;
        }
        throw new IOException("Padding in RSA signature!");
    }

    private static byte[] encodeRSASHA512Signature(byte[] bArr) {
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeString(ID_RSA_SHA_2_512);
        if (bArr.length <= 1 || bArr[0] != 0) {
            typesWriter.writeString(bArr, 0, bArr.length);
        } else {
            typesWriter.writeString(bArr, 1, bArr.length - 1);
        }
        return typesWriter.getBytes();
    }

    public static RSASHA512Verify get() {
        return b.f46188a;
    }

    @Override // com.trilead.ssh2.signature.SSHSignature
    public PublicKey decodePublicKey(byte[] bArr) throws IOException {
        return RSASHA1Verify.get().decodePublicKey(bArr);
    }

    @Override // com.trilead.ssh2.signature.SSHSignature
    public byte[] encodePublicKey(PublicKey publicKey) throws IOException {
        return RSASHA1Verify.get().encodePublicKey(publicKey);
    }

    @Override // com.trilead.ssh2.signature.SSHSignature
    public byte[] generateSignature(byte[] bArr, PrivateKey privateKey, SecureRandom secureRandom) throws IOException {
        try {
            Signature signature = Signature.getInstance("SHA512withRSA");
            signature.initSign(privateKey, secureRandom);
            signature.update(bArr);
            return encodeRSASHA512Signature(signature.sign());
        } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e4) {
            throw new IOException(e4);
        }
    }

    @Override // com.trilead.ssh2.signature.SSHSignature
    public String getKeyFormat() {
        return ID_RSA_SHA_2_512;
    }

    @Override // com.trilead.ssh2.signature.SSHSignature
    public boolean verifySignature(byte[] bArr, byte[] bArr2, PublicKey publicKey) throws IOException {
        byte[] decodeRSASHA512Signature = decodeRSASHA512Signature(bArr2);
        try {
            Signature signature = Signature.getInstance("SHA512withRSA");
            signature.initVerify(publicKey);
            signature.update(bArr);
            return signature.verify(decodeRSASHA512Signature);
        } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e4) {
            throw new IOException(e4);
        }
    }
}
