package com.trilead.ssh2.signature;

import android.support.v4.media.c;
import androidx.appcompat.widget.d;
import com.trilead.ssh2.crypto.SimpleDERReader;
import com.trilead.ssh2.crypto.digest.SHA1;
import com.trilead.ssh2.log.Logger;
import com.trilead.ssh2.packets.TypesReader;
import com.trilead.ssh2.packets.TypesWriter;
import java.io.IOException;
import java.math.BigInteger;

/* loaded from: classes.dex */
public class RSASHA1Verify {
    private static final Logger log = Logger.getLogger(RSASHA1Verify.class);

    public static RSAPublicKey decodeSSHRSAPublicKey(byte[] bArr) {
        TypesReader typesReader = new TypesReader(bArr);
        if (!typesReader.readString().equals("ssh-rsa")) {
            throw new IllegalArgumentException("This is not a ssh-rsa public key");
        }
        BigInteger readMPINT = typesReader.readMPINT();
        BigInteger readMPINT2 = typesReader.readMPINT();
        if (typesReader.remain() == 0) {
            return new RSAPublicKey(readMPINT, readMPINT2);
        }
        throw new IOException("Padding in RSA public key!");
    }

    public static RSASignature decodeSSHRSASignature(byte[] bArr) {
        TypesReader typesReader = new TypesReader(bArr);
        if (!typesReader.readString().equals("ssh-rsa")) {
            throw new IOException("Peer sent wrong signature format");
        }
        byte[] readByteString = typesReader.readByteString();
        if (readByteString.length == 0) {
            throw new IOException("Error in RSA signature, S is empty.");
        }
        Logger logger = log;
        if (logger.isEnabled()) {
            StringBuilder a10 = c.a("Decoding ssh-rsa signature string (length: ");
            a10.append(readByteString.length);
            a10.append(")");
            logger.log(80, a10.toString());
        }
        if (typesReader.remain() == 0) {
            return new RSASignature(new BigInteger(1, readByteString));
        }
        throw new IOException("Padding in RSA signature!");
    }

    public static byte[] encodeSSHRSAPublicKey(RSAPublicKey rSAPublicKey) {
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeString("ssh-rsa");
        typesWriter.writeMPInt(rSAPublicKey.getE());
        typesWriter.writeMPInt(rSAPublicKey.getN());
        return typesWriter.getBytes();
    }

    public static byte[] encodeSSHRSASignature(RSASignature rSASignature) {
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeString("ssh-rsa");
        byte[] byteArray = rSASignature.getS().toByteArray();
        if (byteArray.length <= 1 || byteArray[0] != 0) {
            typesWriter.writeString(byteArray, 0, byteArray.length);
        } else {
            typesWriter.writeString(byteArray, 1, byteArray.length - 1);
        }
        return typesWriter.getBytes();
    }

    public static RSASignature generateSignature(byte[] bArr, RSAPrivateKey rSAPrivateKey) {
        SHA1 sha1 = new SHA1();
        sha1.update(bArr);
        int digestLength = sha1.getDigestLength();
        byte[] bArr2 = new byte[digestLength];
        sha1.digest(bArr2);
        byte[] bArr3 = {48, 33, 48, 9, 6, 5, 43, 14, 3, 2, 26, 5, 0, 4, 20};
        int bitLength = (((rSAPrivateKey.getN().bitLength() + 7) / 8) - (digestLength + 17)) - 1;
        if (bitLength < 8) {
            throw new IOException("Cannot sign with RSA, message too long");
        }
        byte[] bArr4 = new byte[d.a(digestLength, 15, 2, bitLength)];
        bArr4[0] = 1;
        int i10 = 0;
        while (i10 < bitLength) {
            i10++;
            bArr4[i10] = -1;
        }
        bArr4[bitLength + 1] = 0;
        int i11 = bitLength + 2;
        System.arraycopy(bArr3, 0, bArr4, i11, 15);
        System.arraycopy(bArr2, 0, bArr4, i11 + 15, digestLength);
        return new RSASignature(new BigInteger(1, bArr4).modPow(rSAPrivateKey.getD(), rSAPrivateKey.getN()));
    }

    public static boolean verifySignature(byte[] bArr, RSASignature rSASignature, RSAPublicKey rSAPublicKey) {
        SHA1 sha1 = new SHA1();
        sha1.update(bArr);
        int digestLength = sha1.getDigestLength();
        byte[] bArr2 = new byte[digestLength];
        sha1.digest(bArr2);
        BigInteger n8 = rSAPublicKey.getN();
        BigInteger e10 = rSAPublicKey.getE();
        BigInteger s = rSASignature.getS();
        if (n8.compareTo(s) <= 0) {
            log.log(20, "ssh-rsa signature: n.compareTo(s) <= 0");
            return false;
        }
        int bitLength = (n8.bitLength() + 7) / 8;
        if (bitLength < 1) {
            log.log(20, "ssh-rsa signature: rsa_block_len < 1");
            return false;
        }
        byte[] byteArray = s.modPow(e10, n8).toByteArray();
        int i10 = (byteArray.length <= 0 || byteArray[0] != 0) ? 0 : 1;
        if (byteArray.length - i10 != bitLength - 1) {
            log.log(20, "ssh-rsa signature: (v.length - startpos) != (rsa_block_len - 1)");
            return false;
        }
        if (byteArray[i10] != 1) {
            log.log(20, "ssh-rsa signature: v[startpos] != 0x01");
            return false;
        }
        int i11 = i10 + 1;
        for (int i12 = i11; i12 < byteArray.length; i12++) {
            byte b10 = byteArray[i12];
            if (b10 == 0) {
                if (i12 - i11 < 8) {
                    log.log(20, "ssh-rsa signature: num_pad < 8");
                    return false;
                }
                int i13 = i12 + 1;
                if (i13 >= byteArray.length) {
                    log.log(20, "ssh-rsa signature: pos >= v.length");
                    return false;
                }
                SimpleDERReader simpleDERReader = new SimpleDERReader(byteArray, i13, byteArray.length - i13);
                byte[] readSequenceAsByteArray = simpleDERReader.readSequenceAsByteArray();
                if (simpleDERReader.available() != 0) {
                    log.log(20, "ssh-rsa signature: dr.available() != 0");
                    return false;
                }
                simpleDERReader.resetInput(readSequenceAsByteArray);
                byte[] readSequenceAsByteArray2 = simpleDERReader.readSequenceAsByteArray();
                if (readSequenceAsByteArray2.length < 8 || readSequenceAsByteArray2.length > 9) {
                    log.log(20, "ssh-rsa signature: (digestAlgorithm.length < 8) || (digestAlgorithm.length > 9)");
                    return false;
                }
                byte[] bArr3 = {6, 5, 43, 14, 3, 2, 26, 5, 0};
                for (int i14 = 0; i14 < readSequenceAsByteArray2.length; i14++) {
                    if (readSequenceAsByteArray2[i14] != bArr3[i14]) {
                        log.log(20, "ssh-rsa signature: digestAlgorithm[i] != digestAlgorithm_sha1[i]");
                        return false;
                    }
                }
                byte[] readOctetString = simpleDERReader.readOctetString();
                if (simpleDERReader.available() != 0) {
                    log.log(20, "ssh-rsa signature: dr.available() != 0 (II)");
                    return false;
                }
                if (readOctetString.length != digestLength) {
                    log.log(20, "ssh-rsa signature: digest.length != sha_message.length");
                    return false;
                }
                for (int i15 = 0; i15 < digestLength; i15++) {
                    if (bArr2[i15] != readOctetString[i15]) {
                        log.log(20, "ssh-rsa signature: sha_message[i] != digest[i]");
                        return false;
                    }
                }
                return true;
            }
            if (b10 != -1) {
                log.log(20, "ssh-rsa signature: v[pos] != (byte) 0xff");
                return false;
            }
        }
        log.log(20, "ssh-rsa signature: pos >= v.length");
        return false;
    }
}
