package com.maverick.ssh.components.jce;

import com.maverick.ssh.SshException;
import com.maverick.ssh.SshKeyFingerprint;
import com.maverick.ssh.components.SshPublicKey;
import com.maverick.util.ByteArrayReader;
import com.maverick.util.ByteArrayWriter;
import com.maverick.util.SimpleASNWriter;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.EllipticCurve;
import org.bouncycastle.jce.spec.ECNamedCurveSpec;

/* loaded from: input_file:com/maverick/ssh/components/jce/Ssh2EcdsaSha2NistPublicKey.class */
public class Ssh2EcdsaSha2NistPublicKey implements SshPublicKey {
    String name;
    String spec;
    String curve;
    protected ECPublicKey pub;

    public Ssh2EcdsaSha2NistPublicKey(ECPublicKey eCPublicKey) throws IOException {
        this.pub = eCPublicKey;
        if (!(eCPublicKey.getParams() instanceof ECNamedCurveSpec)) {
            throw new IOException("Key parameters are not ECNamedCurveSpec parameters");
        }
        String name = eCPublicKey.getParams().getName();
        if (name.equals("prime256v1") || name.equals("secp256r1")) {
            this.curve = "secp256r1";
            this.name = "ecdsa-sha2-nistp256";
            this.spec = "SHA256/ECDSA";
        } else if (name.equals("secp384r1")) {
            this.curve = "secp384r1";
            this.name = "ecdsa-sha2-nistp384";
            this.spec = "SHA384/ECDSA";
        } else {
            if (!name.equals("secp521r1")) {
                throw new IOException("Unsupported curve name " + name);
            }
            this.curve = "secp521r1";
            this.name = "ecdsa-sha2-nistp521";
            this.spec = "SHA512/ECDSA";
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Ssh2EcdsaSha2NistPublicKey(String str, String str2, String str3) {
        this.name = str;
        this.spec = str2;
        this.curve = str3;
    }

    @Override // com.maverick.ssh.components.SshPublicKey
    public void init(byte[] bArr, int i, int i2) throws SshException {
        ByteArrayReader byteArrayReader = new ByteArrayReader(bArr, i, i2);
        try {
            try {
                byteArrayReader.readString();
                byteArrayReader.readString();
                byte[] readBinaryString = byteArrayReader.readBinaryString();
                ECParameterSpec curveParams = getCurveParams(this.curve);
                this.pub = (ECPublicKey) (JCEProvider.getProviderForAlgorithm(JCEAlgorithms.JCE_EC) == null ? KeyFactory.getInstance(JCEAlgorithms.JCE_EC) : KeyFactory.getInstance(JCEAlgorithms.JCE_EC, JCEProvider.getProviderForAlgorithm(JCEAlgorithms.JCE_EC))).generatePublic(new ECPublicKeySpec(fromByteArray(readBinaryString, curveParams.getCurve()), curveParams));
            } finally {
                try {
                    byteArrayReader.close();
                } catch (IOException e) {
                }
            }
        } catch (Throwable th) {
            th.printStackTrace();
            throw new SshException("Failed to decode public key blob", 5);
        }
    }

    @Override // com.maverick.ssh.components.SshPublicKey
    public String getAlgorithm() {
        return this.name;
    }

    @Override // com.maverick.ssh.components.SshPublicKey
    public int getBitLength() {
        return this.pub.getParams().getOrder().bitLength();
    }

    @Override // com.maverick.ssh.components.SshPublicKey
    public byte[] getEncoded() throws SshException {
        SshException sshException;
        ByteArrayWriter byteArrayWriter = new ByteArrayWriter();
        try {
            try {
                byteArrayWriter.writeString(this.name);
                byteArrayWriter.writeString(this.name.substring(this.name.lastIndexOf("-") + 1));
                byteArrayWriter.writeBinaryString(getPublicOctet());
                return byteArrayWriter.toByteArray();
            } finally {
            }
        } finally {
            try {
                byteArrayWriter.close();
            } catch (IOException e) {
            }
        }
    }

    public byte[] getPublicOctet() {
        return toByteArray(this.pub.getW(), this.pub.getParams().getCurve());
    }

    @Override // com.maverick.ssh.components.SshPublicKey
    public String getFingerprint() throws SshException {
        return SshKeyFingerprint.getFingerprint(getEncoded());
    }

    @Override // com.maverick.ssh.components.SshPublicKey
    public boolean verifySignature(byte[] bArr, byte[] bArr2) throws SshException {
        ByteArrayReader byteArrayReader = new ByteArrayReader(bArr);
        try {
            try {
                int readInt = (int) byteArrayReader.readInt();
                if (byteArrayReader.available() > readInt) {
                    byte[] bArr3 = new byte[readInt];
                    byteArrayReader.read(bArr3);
                    if (!new String(bArr3).equals(this.name)) {
                        throw new SshException("The encoded signature is not ECDSA", 5);
                    }
                    bArr = byteArrayReader.readBinaryString();
                }
                byteArrayReader.close();
                byteArrayReader = new ByteArrayReader(bArr);
                BigInteger readBigInteger = byteArrayReader.readBigInteger();
                BigInteger readBigInteger2 = byteArrayReader.readBigInteger();
                SimpleASNWriter simpleASNWriter = new SimpleASNWriter();
                simpleASNWriter.writeByte(2);
                simpleASNWriter.writeData(readBigInteger.toByteArray());
                simpleASNWriter.writeByte(2);
                simpleASNWriter.writeData(readBigInteger2.toByteArray());
                SimpleASNWriter simpleASNWriter2 = new SimpleASNWriter();
                simpleASNWriter2.writeByte(48);
                simpleASNWriter2.writeData(simpleASNWriter.toByteArray());
                byte[] byteArray = simpleASNWriter2.toByteArray();
                Signature signature = JCEProvider.getProviderForAlgorithm(this.spec) == null ? Signature.getInstance(this.spec) : Signature.getInstance(this.spec, JCEProvider.getProviderForAlgorithm(this.spec));
                signature.initVerify(this.pub);
                signature.update(bArr2);
                return signature.verify(byteArray);
            } catch (Exception e) {
                throw new SshException(16, e);
            }
        } finally {
            try {
                byteArrayReader.close();
            } catch (IOException e2) {
            }
        }
    }

    public ECParameterSpec getCurveParams(String str) {
        try {
            KeyPairGenerator keyPairGenerator = JCEProvider.getProviderForAlgorithm(JCEAlgorithms.JCE_EC) == null ? KeyPairGenerator.getInstance(JCEAlgorithms.JCE_EC) : KeyPairGenerator.getInstance(JCEAlgorithms.JCE_EC, JCEProvider.getProviderForAlgorithm(JCEAlgorithms.JCE_EC));
            keyPairGenerator.initialize(new ECGenParameterSpec(str), JCEProvider.getSecureRandom());
            return ((ECPublicKey) keyPairGenerator.generateKeyPair().getPublic()).getParams();
        } catch (Throwable th) {
            return null;
        }
    }

    public static byte[] toByteArray(ECPoint eCPoint, EllipticCurve ellipticCurve) {
        byte[] byteArray = eCPoint.getAffineX().toByteArray();
        byte[] byteArray2 = eCPoint.getAffineY().toByteArray();
        int i = 0;
        int i2 = 0;
        int i3 = 0;
        while (true) {
            if (i3 >= byteArray.length - 1) {
                break;
            }
            if (byteArray[i3] != 0) {
                i = i3;
                break;
            }
            i3++;
        }
        int i4 = 0;
        while (true) {
            if (i4 >= byteArray2.length - 1) {
                break;
            }
            if (byteArray2[i4] != 0) {
                i2 = i4;
                break;
            }
            i4++;
        }
        int fieldSize = (ellipticCurve.getField().getFieldSize() + 7) / 8;
        if (byteArray.length - i > fieldSize || byteArray2.length - i2 > fieldSize) {
            return null;
        }
        byte[] bArr = new byte[(fieldSize * 2) + 1];
        bArr[0] = 4;
        System.arraycopy(byteArray, i, bArr, (1 + fieldSize) - (byteArray.length - i), byteArray.length - i);
        System.arraycopy(byteArray2, i2, bArr, bArr.length - (byteArray2.length - i2), byteArray2.length - i2);
        return bArr;
    }

    public static ECPoint fromByteArray(byte[] bArr, EllipticCurve ellipticCurve) {
        int fieldSize = (ellipticCurve.getField().getFieldSize() + 7) / 8;
        if (bArr.length != (2 * fieldSize) + 1 || bArr[0] != 4) {
            return null;
        }
        byte[] bArr2 = new byte[fieldSize];
        byte[] bArr3 = new byte[fieldSize];
        System.arraycopy(bArr, 1, bArr2, 0, fieldSize);
        System.arraycopy(bArr, fieldSize + 1, bArr3, 0, fieldSize);
        return new ECPoint(new BigInteger(1, bArr2), new BigInteger(1, bArr3));
    }

    public PublicKey getJCEPublicKey() {
        return this.pub;
    }
}
