package com.msyvpn.tunnel.ssh2.signature;

import com.google.common.base.Ascii;
import com.google.common.primitives.UnsignedBytes;
import com.msyvpn.tunnel.ssh2.IOWarningException;
import com.msyvpn.tunnel.ssh2.crypto.CertificateDecoder;
import com.msyvpn.tunnel.ssh2.crypto.PEMStructure;
import com.msyvpn.tunnel.ssh2.crypto.SimpleDERReader;
import com.msyvpn.tunnel.ssh2.packets.TypesReader;
import com.msyvpn.tunnel.ssh2.packets.TypesWriter;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.interfaces.DSAParams;
import java.security.spec.DSAPrivateKeySpec;
import java.security.spec.DSAPublicKeySpec;
import java.util.Arrays;
import java.util.List;

/* loaded from: classes2.dex */
public class DSAKeyAlgorithm extends KeyAlgorithm<java.security.interfaces.DSAPublicKey, java.security.interfaces.DSAPrivateKey> {

    /* loaded from: classes2.dex */
    private static class DsaCertificateDecoder extends CertificateDecoder {
        private DsaCertificateDecoder() {
        }

        @Override // com.msyvpn.tunnel.ssh2.crypto.CertificateDecoder
        protected KeyPair createKeyPair(PEMStructure pEMStructure) {
            SimpleDERReader simpleDERReader = new SimpleDERReader(pEMStructure.getData());
            byte[] readSequenceAsByteArray = simpleDERReader.readSequenceAsByteArray();
            if (simpleDERReader.available() != 0) {
                throw new IOException("Padding in DSA PRIVATE KEY DER stream.");
            }
            simpleDERReader.resetInput(readSequenceAsByteArray);
            BigInteger readInt = simpleDERReader.readInt();
            if (readInt.compareTo(BigInteger.ZERO) != 0) {
                throw new IOException("Wrong version (" + readInt + ") in DSA PRIVATE KEY DER stream.");
            }
            BigInteger readInt2 = simpleDERReader.readInt();
            BigInteger readInt3 = simpleDERReader.readInt();
            BigInteger readInt4 = simpleDERReader.readInt();
            BigInteger readInt5 = simpleDERReader.readInt();
            BigInteger readInt6 = simpleDERReader.readInt();
            if (simpleDERReader.available() != 0) {
                throw new IOException("Padding in DSA PRIVATE KEY DER stream.");
            }
            try {
                DSAPrivateKeySpec dSAPrivateKeySpec = new DSAPrivateKeySpec(readInt6, readInt2, readInt3, readInt4);
                DSAPublicKeySpec dSAPublicKeySpec = new DSAPublicKeySpec(readInt5, readInt2, readInt3, readInt4);
                KeyFactory keyFactory = KeyFactory.getInstance("DSA");
                return new KeyPair(keyFactory.generatePublic(dSAPublicKeySpec), keyFactory.generatePrivate(dSAPrivateKeySpec));
            } catch (GeneralSecurityException unused) {
                throw new IOException("Could not decode DSA key pair");
            }
        }

        @Override // com.msyvpn.tunnel.ssh2.crypto.CertificateDecoder
        public String getEndLine() {
            return "-----END DSA PRIVATE KEY-----";
        }

        @Override // com.msyvpn.tunnel.ssh2.crypto.CertificateDecoder
        public String getStartLine() {
            return "-----BEGIN DSA PRIVATE KEY-----";
        }
    }

    public DSAKeyAlgorithm() {
        super("SHA1WithDSA", "ssh-dss", java.security.interfaces.DSAPrivateKey.class);
    }

    @Override // com.msyvpn.tunnel.ssh2.signature.KeyAlgorithm
    public java.security.interfaces.DSAPublicKey decodePublicKey(byte[] bArr) {
        TypesReader typesReader = new TypesReader(bArr);
        String readString = typesReader.readString();
        if (!readString.equals(getKeyFormat())) {
            throw new IOWarningException("Unsupported key format found '" + readString + "' while expecting " + getKeyFormat());
        }
        BigInteger readMPINT = typesReader.readMPINT();
        BigInteger readMPINT2 = typesReader.readMPINT();
        BigInteger readMPINT3 = typesReader.readMPINT();
        BigInteger readMPINT4 = typesReader.readMPINT();
        if (typesReader.remain() != 0) {
            throw new IOException("Padding in DSA public key!");
        }
        try {
            return (java.security.interfaces.DSAPublicKey) KeyFactory.getInstance("DSA").generatePublic(new DSAPublicKeySpec(readMPINT4, readMPINT, readMPINT2, readMPINT3));
        } catch (GeneralSecurityException e) {
            throw new IOException("Could not generate DSA Key", e);
        }
    }

    @Override // com.msyvpn.tunnel.ssh2.signature.KeyAlgorithm
    public byte[] decodeSignature(byte[] bArr) {
        if (bArr.length != 40) {
            TypesReader typesReader = new TypesReader(bArr);
            if (!typesReader.readString().equals(getKeyFormat())) {
                throw new IOException("Peer sent wrong signature format");
            }
            bArr = typesReader.readByteString();
            if (bArr.length != 40) {
                throw new IOException("Peer sent corrupt signature");
            }
            if (typesReader.remain() != 0) {
                throw new IOException("Padding in DSA signature!");
            }
        }
        if (bArr[0] == 0 && bArr[1] == 0 && bArr[2] == 0) {
            int i = (((bArr[0] << Ascii.CAN) & (-16777216)) | ((bArr[1] << Ascii.DLE) & 16711680) | ((bArr[2] << 8) & 65280) | (bArr[3] & 255)) + 4;
            int i2 = i + 1;
            int i3 = i2 + 1;
            int i4 = ((bArr[i] << 24) & (-16777216)) | ((bArr[i2] << 16) & 16711680);
            int i5 = i3 + 1;
            int i6 = i4 | ((bArr[i3] << 8) & 65280);
            int i7 = i5 + 1;
            int i8 = i6 | (bArr[i5] & 255);
            byte[] bArr2 = new byte[i8];
            System.arraycopy(bArr, i7, bArr2, 0, i8);
            bArr = bArr2;
        }
        byte b = (bArr[0] & UnsignedBytes.MAX_POWER_OF_TWO) != 0 ? (byte) 1 : (byte) 0;
        byte b2 = (bArr[20] & UnsignedBytes.MAX_POWER_OF_TWO) != 0 ? (byte) 1 : (byte) 0;
        byte[] bArr3 = new byte[bArr.length + 6 + b + b2];
        bArr3[0] = 48;
        if (bArr.length != 40) {
            throw new IOException("Peer sent corrupt signature");
        }
        bArr3[1] = 44;
        bArr3[1] = (byte) (bArr3[1] + b);
        bArr3[1] = (byte) (bArr3[1] + b2);
        bArr3[2] = 2;
        bArr3[3] = Ascii.DC4;
        bArr3[3] = (byte) (bArr3[3] + b);
        System.arraycopy(bArr, 0, bArr3, b + 4, 20);
        bArr3[bArr3[3] + 4] = 2;
        bArr3[bArr3[3] + 5] = Ascii.DC4;
        int i9 = bArr3[3] + 5;
        bArr3[i9] = (byte) (bArr3[i9] + b2);
        System.arraycopy(bArr, 20, bArr3, bArr3[3] + 6 + b2, 20);
        return bArr3;
    }

    @Override // com.msyvpn.tunnel.ssh2.signature.KeyAlgorithm
    public byte[] encodePublicKey(java.security.interfaces.DSAPublicKey dSAPublicKey) {
        DSAParams params = dSAPublicKey.getParams();
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeString(getKeyFormat());
        typesWriter.writeMPInt(params.getP());
        typesWriter.writeMPInt(params.getQ());
        typesWriter.writeMPInt(params.getG());
        typesWriter.writeMPInt(dSAPublicKey.getY());
        return typesWriter.getBytes();
    }

    @Override // com.msyvpn.tunnel.ssh2.signature.KeyAlgorithm
    public byte[] encodeSignature(byte[] bArr) {
        TypesWriter typesWriter = new TypesWriter();
        typesWriter.writeString(getKeyFormat());
        int i = bArr[3] & 255;
        byte[] bArr2 = new byte[i];
        System.arraycopy(bArr, 4, bArr2, 0, i);
        int i2 = 4 + i + 1;
        int i3 = i2 + 1;
        int i4 = bArr[i2] & 255;
        byte[] bArr3 = new byte[i4];
        System.arraycopy(bArr, i3, bArr3, 0, i4);
        byte[] bArr4 = new byte[40];
        int i5 = i < 20 ? i : 20;
        int i6 = i4 < 20 ? i4 : 20;
        System.arraycopy(bArr2, i - i5, bArr4, 20 - i5, i5);
        System.arraycopy(bArr3, i4 - i6, bArr4, 40 - i6, i6);
        typesWriter.writeString(bArr4, 0, 40);
        return typesWriter.getBytes();
    }

    @Override // com.msyvpn.tunnel.ssh2.signature.KeyAlgorithm
    public List<CertificateDecoder> getCertificateDecoders() {
        return Arrays.asList(new DsaCertificateDecoder(), new OpenSshCertificateDecoder(getKeyFormat()) { // from class: com.msyvpn.tunnel.ssh2.signature.DSAKeyAlgorithm.1
            @Override // com.msyvpn.tunnel.ssh2.signature.OpenSshCertificateDecoder
            KeyPair generateKeyPair(TypesReader typesReader) {
                BigInteger readMPINT = typesReader.readMPINT();
                BigInteger readMPINT2 = typesReader.readMPINT();
                BigInteger readMPINT3 = typesReader.readMPINT();
                BigInteger readMPINT4 = typesReader.readMPINT();
                DSAPrivateKeySpec dSAPrivateKeySpec = new DSAPrivateKeySpec(typesReader.readMPINT(), readMPINT, readMPINT2, readMPINT3);
                DSAPublicKeySpec dSAPublicKeySpec = new DSAPublicKeySpec(readMPINT4, readMPINT, readMPINT2, readMPINT3);
                KeyFactory keyFactory = KeyFactory.getInstance("DSA");
                return new KeyPair(keyFactory.generatePublic(dSAPublicKeySpec), keyFactory.generatePrivate(dSAPrivateKeySpec));
            }
        });
    }
}
