package ch.ethz.ssh2.signature;

import ch.ethz.ssh2.log.Logger;
import ch.ethz.ssh2.packets.TypesReader;
import ch.ethz.ssh2.packets.TypesWriter;
import com.five_ten_sg.connectbot.util.PubkeyDatabase;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECFieldFp;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.EllipticCurve;
import java.security.spec.InvalidKeySpecException;
import java.util.Map;
import java.util.TreeMap;

/* loaded from: classes.dex */
public class ECDSASHA2Verify {
    private static final Map<String, String> CURVE_OIDS;
    private static final Map<Integer, String> CURVE_SIZES;
    public static final String ECDSA_SHA2_PREFIX = "ecdsa-sha2-";
    private static final String NISTP256 = "nistp256";
    private static final String NISTP256_OID = "1.2.840.10045.3.1.7";
    private static final String NISTP384 = "nistp384";
    private static final String NISTP384_OID = "1.3.132.0.34";
    private static final String NISTP521 = "nistp521";
    private static final String NISTP521_OID = "1.3.132.0.35";
    private static final Logger log = Logger.getLogger(ECDSASHA2Verify.class);
    private static final Map<String, ECParameterSpec> CURVES = new TreeMap();

    /* loaded from: classes.dex */
    public static class EllipticCurves {
        public static ECParameterSpec nistp256 = new ECParameterSpec(new EllipticCurve(new ECFieldFp(new BigInteger("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", 16)), new BigInteger("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC", 16), new BigInteger("5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b", 16)), new ECPoint(new BigInteger("6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", 16), new BigInteger("4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", 16)), new BigInteger("FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", 16), 1);
        public static ECParameterSpec nistp384 = new ECParameterSpec(new EllipticCurve(new ECFieldFp(new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF", 16)), new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC", 16), new BigInteger("B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF", 16)), new ECPoint(new BigInteger("AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7", 16), new BigInteger("3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F", 16)), new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973", 16), 1);
        public static ECParameterSpec nistp521 = new ECParameterSpec(new EllipticCurve(new ECFieldFp(new BigInteger("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", 16)), new BigInteger("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC", 16), new BigInteger("0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00", 16)), new ECPoint(new BigInteger("00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66", 16), new BigInteger("011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650", 16)), new BigInteger("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", 16), 1);
    }

    static {
        CURVES.put(NISTP256, EllipticCurves.nistp256);
        CURVES.put(NISTP384, EllipticCurves.nistp384);
        CURVES.put(NISTP521, EllipticCurves.nistp521);
        CURVE_SIZES = new TreeMap();
        CURVE_SIZES.put(256, NISTP256);
        CURVE_SIZES.put(384, NISTP384);
        CURVE_SIZES.put(521, NISTP521);
        CURVE_OIDS = new TreeMap();
        CURVE_OIDS.put(NISTP256_OID, NISTP256);
        CURVE_OIDS.put(NISTP384_OID, NISTP256);
        CURVE_OIDS.put(NISTP521_OID, NISTP256);
    }

    public static ECPoint decodeECPoint(byte[] bArr, EllipticCurve ellipticCurve) {
        if (bArr.length == 0) {
            return null;
        }
        int fieldSize = (ellipticCurve.getField().getFieldSize() + 7) / 8;
        if (bArr.length != (fieldSize * 2) + 1 || bArr[0] != 4) {
            return null;
        }
        byte[] bArr2 = new byte[fieldSize];
        System.arraycopy(bArr, 1, bArr2, 0, fieldSize);
        byte[] bArr3 = new byte[fieldSize];
        System.arraycopy(bArr, fieldSize + 1, bArr3, 0, fieldSize);
        return new ECPoint(new BigInteger(1, bArr2), new BigInteger(1, bArr3));
    }

    public static ECPublicKey decodeSSHECDSAPublicKey(byte[] bArr) throws IOException {
        TypesReader typesReader = new TypesReader(bArr);
        String readString = typesReader.readString();
        if (!readString.startsWith(ECDSA_SHA2_PREFIX)) {
            throw new IllegalArgumentException("This is not an ECDSA public key");
        }
        String readString2 = typesReader.readString();
        byte[] readByteString = typesReader.readByteString();
        if (typesReader.remain() != 0) {
            throw new IOException("Padding in ECDSA public key!");
        }
        if (!readString.equals(ECDSA_SHA2_PREFIX + readString2)) {
            throw new IOException("Key format is inconsistent with curve name: " + readString + " != " + readString2);
        }
        ECParameterSpec eCParameterSpec = CURVES.get(readString2);
        if (eCParameterSpec == null) {
            throw new IOException("Curve is not supported: " + readString2);
        }
        ECPoint decodeECPoint = decodeECPoint(readByteString, eCParameterSpec.getCurve());
        if (decodeECPoint == null) {
            throw new IOException("Invalid ECDSA group");
        }
        try {
            return (ECPublicKey) KeyFactory.getInstance(PubkeyDatabase.KEY_TYPE_EC).generatePublic(new ECPublicKeySpec(decodeECPoint, eCParameterSpec));
        } catch (NoSuchAlgorithmException e) {
            IOException iOException = new IOException("No EC KeyFactory available");
            iOException.initCause(e);
            throw iOException;
        } catch (InvalidKeySpecException e2) {
            IOException iOException2 = new IOException("No EC KeyFactory available");
            iOException2.initCause(e2);
            throw iOException2;
        }
    }

    public static byte[] decodeSSHECDSASignature(byte[] bArr) throws IOException {
        TypesReader typesReader = new TypesReader(bArr);
        String readString = typesReader.readString();
        if (!readString.startsWith(ECDSA_SHA2_PREFIX)) {
            throw new IOException("Peer sent wrong signature format");
        }
        String substring = readString.substring(11);
        if (!CURVES.containsKey(substring)) {
            throw new IOException("Unsupported curve: " + substring);
        }
        byte[] readByteString = typesReader.readByteString();
        if (typesReader.remain() != 0) {
            throw new IOException("Padding in ECDSA signature!");
        }
        TypesReader typesReader2 = new TypesReader(readByteString);
        byte[] byteArray = typesReader2.readMPINT().toByteArray();
        byte[] byteArray2 = typesReader2.readMPINT().toByteArray();
        int length = byteArray.length;
        int length2 = byteArray2.length;
        if ((byteArray[0] & 128) != 0) {
            length++;
        }
        if ((byteArray2[0] & 128) != 0) {
            length2++;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(length + 6 + length2);
        byteArrayOutputStream.write(48);
        writeLength(length + 4 + length2, byteArrayOutputStream);
        byteArrayOutputStream.write(2);
        writeLength(length, byteArrayOutputStream);
        if (length != byteArray.length) {
            byteArrayOutputStream.write(0);
        }
        byteArrayOutputStream.write(byteArray);
        byteArrayOutputStream.write(2);
        writeLength(length2, byteArrayOutputStream);
        if (length2 != byteArray2.length) {
            byteArrayOutputStream.write(0);
        }
        byteArrayOutputStream.write(byteArray2);
        return byteArrayOutputStream.toByteArray();
    }

    public static byte[] encodeECPoint(ECPoint eCPoint, EllipticCurve ellipticCurve) {
        int fieldSize = (ellipticCurve.getField().getFieldSize() + 7) / 8;
        byte[] bArr = new byte[(fieldSize * 2) + 1];
        bArr[0] = 4;
        byte[] removeLeadingZeroes = removeLeadingZeroes(eCPoint.getAffineX().toByteArray());
        int i = fieldSize + 1;
        System.arraycopy(removeLeadingZeroes, 0, bArr, i - removeLeadingZeroes.length, removeLeadingZeroes.length);
        byte[] removeLeadingZeroes2 = removeLeadingZeroes(eCPoint.getAffineY().toByteArray());
        System.arraycopy(removeLeadingZeroes2, 0, bArr, (i + fieldSize) - removeLeadingZeroes2.length, removeLeadingZeroes2.length);
        return bArr;
    }

    public static byte[] encodeSSHECDSAPublicKey(ECPublicKey eCPublicKey) throws IOException {
        TypesWriter typesWriter = new TypesWriter();
        String curveName = getCurveName(eCPublicKey.getParams());
        typesWriter.writeString(ECDSA_SHA2_PREFIX + curveName);
        typesWriter.writeString(curveName);
        byte[] encodeECPoint = encodeECPoint(eCPublicKey.getW(), eCPublicKey.getParams().getCurve());
        typesWriter.writeString(encodeECPoint, 0, encodeECPoint.length);
        return typesWriter.getBytes();
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static byte[] encodeSSHECDSASignature(byte[] bArr, ECParameterSpec eCParameterSpec) throws IOException {
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeString(ECDSA_SHA2_PREFIX + getCurveName(eCParameterSpec));
        if (bArr[0] != 48 || bArr[1] != bArr.length - 2 || bArr[2] != 2) {
            throw new IOException("Invalid signature format");
        }
        int i = bArr[3];
        int i2 = i + 6;
        if (i2 > bArr.length || bArr[i + 4] != 2) {
            throw new IOException("Invalid signature format");
        }
        int i3 = bArr[i + 5];
        if (i2 + i3 > bArr.length) {
            throw new IOException("Invalid signature format");
        }
        byte[] bArr2 = new byte[i];
        byte[] bArr3 = new byte[i3];
        System.arraycopy(bArr, 4, bArr2, 0, i);
        System.arraycopy(bArr, i2, bArr3, 0, i3);
        BigInteger bigInteger = new BigInteger(bArr2);
        BigInteger bigInteger2 = new BigInteger(bArr3);
        TypesWriter typesWriter2 = new TypesWriter();
        typesWriter2.writeMPInt(bigInteger);
        typesWriter2.writeMPInt(bigInteger2);
        byte[] bytes = typesWriter2.getBytes();
        typesWriter.writeString(bytes, 0, bytes.length);
        return typesWriter.getBytes();
    }

    public static byte[] generateSignature(byte[] bArr, ECPrivateKey eCPrivateKey) throws IOException {
        try {
            Signature signature = Signature.getInstance(getSignatureAlgorithmForParams(eCPrivateKey.getParams()));
            signature.initSign(eCPrivateKey);
            signature.update(bArr);
            return signature.sign();
        } catch (InvalidKeyException e) {
            IOException iOException = new IOException();
            iOException.initCause(e);
            throw iOException;
        } catch (NoSuchAlgorithmException e2) {
            IOException iOException2 = new IOException();
            iOException2.initCause(e2);
            throw iOException2;
        } catch (SignatureException e3) {
            IOException iOException3 = new IOException();
            iOException3.initCause(e3);
            throw iOException3;
        }
    }

    public static ECParameterSpec getCurveForOID(String str) {
        String str2 = CURVE_OIDS.get(str);
        if (str2 == null) {
            return null;
        }
        return CURVES.get(str2);
    }

    public static ECParameterSpec getCurveForSize(int i) {
        String str = CURVE_SIZES.get(Integer.valueOf(i));
        if (str == null) {
            return null;
        }
        return CURVES.get(str);
    }

    public static String getCurveName(int i) {
        String str = CURVE_SIZES.get(Integer.valueOf(i));
        if (str == null) {
            return null;
        }
        return str;
    }

    public static String getCurveName(ECParameterSpec eCParameterSpec) throws IOException {
        int curveSize = getCurveSize(eCParameterSpec);
        String curveName = getCurveName(curveSize);
        if (curveName != null) {
            return curveName;
        }
        throw new IOException("invalid curve size " + curveSize);
    }

    public static int getCurveSize(ECParameterSpec eCParameterSpec) {
        return eCParameterSpec.getCurve().getField().getFieldSize();
    }

    public static int[] getCurveSizes() {
        int[] iArr = new int[CURVE_SIZES.size()];
        Integer[] numArr = (Integer[]) CURVE_SIZES.keySet().toArray(new Integer[iArr.length]);
        int length = numArr.length;
        int i = 0;
        int i2 = 0;
        while (i < length) {
            iArr[i2] = numArr[i].intValue();
            i++;
            i2++;
        }
        return iArr;
    }

    public static String getDigestAlgorithmForParams(ECParameterSpec eCParameterSpec) {
        int curveSize = getCurveSize(eCParameterSpec);
        return curveSize <= 256 ? "SHA256" : curveSize <= 384 ? "SHA384" : "SHA512";
    }

    private static String getSignatureAlgorithmForParams(ECParameterSpec eCParameterSpec) {
        int curveSize = getCurveSize(eCParameterSpec);
        return curveSize <= 256 ? "SHA256withECDSA" : curveSize <= 384 ? "SHA384withECDSA" : "SHA512withECDSA";
    }

    private static byte[] removeLeadingZeroes(byte[] bArr) {
        if (bArr[0] != 0) {
            return bArr;
        }
        int i = 1;
        while (i < bArr.length - 1 && bArr[i] == 0) {
            i++;
        }
        byte[] bArr2 = new byte[bArr.length - i];
        System.arraycopy(bArr, i, bArr2, 0, bArr2.length);
        return bArr2;
    }

    public static boolean verifySignature(byte[] bArr, byte[] bArr2, ECPublicKey eCPublicKey) throws IOException {
        try {
            Signature signature = Signature.getInstance(getSignatureAlgorithmForParams(eCPublicKey.getParams()));
            signature.initVerify(eCPublicKey);
            signature.update(bArr);
            return signature.verify(bArr2);
        } catch (InvalidKeyException e) {
            IOException iOException = new IOException("No such algorithm");
            iOException.initCause(e);
            throw iOException;
        } catch (NoSuchAlgorithmException e2) {
            IOException iOException2 = new IOException("No such algorithm");
            iOException2.initCause(e2);
            throw iOException2;
        } catch (SignatureException e3) {
            IOException iOException3 = new IOException();
            iOException3.initCause(e3);
            throw iOException3;
        }
    }

    private static final void writeLength(int i, OutputStream outputStream) throws IOException {
        if (i <= 127) {
            outputStream.write(i);
            return;
        }
        int i2 = 0;
        int i3 = i;
        while (i3 != 0) {
            i3 >>>= 8;
            i2++;
        }
        outputStream.write(i2 | 128);
        for (int i4 = (i2 - 1) * 8; i4 >= 0; i4 -= 8) {
            outputStream.write((byte) (i >> i4));
        }
    }
}
