package org.sufficientlysecure.keychain.ssh.signature;

import java.io.IOException;
import java.math.BigInteger;
import java.security.NoSuchAlgorithmException;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.util.BigIntegers;
import org.sufficientlysecure.keychain.ssh.key.SshDSAPublicKey;
import org.sufficientlysecure.keychain.ssh.key.SshECDSAPublicKey;
import org.sufficientlysecure.keychain.ssh.key.SshEd25519PublicKey;
import org.sufficientlysecure.keychain.ssh.key.SshEncodedData;
import org.sufficientlysecure.keychain.ssh.key.SshRSAPublicKey;
import org.sufficientlysecure.keychain.ssh.utils.SshUtils;

/* loaded from: classes.dex */
public class SshSignatureConverter {
    private static ASN1Sequence getASN1Sequence(byte[] bArr) {
        try {
            return (ASN1Sequence) ASN1Primitive.fromByteArray(bArr);
        } catch (IOException e2) {
            throw new IllegalArgumentException("Could not read ASN.1 object", e2);
        }
    }

    private static byte[] getDsaSignatureBlob(byte[] bArr) {
        BigInteger r2 = getR(bArr);
        BigInteger s2 = getS(bArr);
        byte[] asUnsignedByteArray = BigIntegers.asUnsignedByteArray(r2);
        byte[] asUnsignedByteArray2 = BigIntegers.asUnsignedByteArray(s2);
        int dsaSignatureLength = getDsaSignatureLength(asUnsignedByteArray.length > asUnsignedByteArray2.length ? asUnsignedByteArray.length : asUnsignedByteArray2.length);
        int length = dsaSignatureLength - asUnsignedByteArray.length;
        int length2 = dsaSignatureLength - asUnsignedByteArray2.length;
        byte[] bArr2 = new byte[dsaSignatureLength * 2];
        System.arraycopy(asUnsignedByteArray, 0, bArr2, length, asUnsignedByteArray.length);
        System.arraycopy(asUnsignedByteArray2, 0, bArr2, dsaSignatureLength + length2, asUnsignedByteArray2.length);
        return bArr2;
    }

    private static int getDsaSignatureLength(int i2) {
        return i2 <= 20 ? 20 : 32;
    }

    private static byte[] getEcDsaSignatureBlob(byte[] bArr) {
        BigInteger r2 = getR(bArr);
        BigInteger s2 = getS(bArr);
        SshEncodedData sshEncodedData = new SshEncodedData();
        sshEncodedData.putMPInt(r2);
        sshEncodedData.putMPInt(s2);
        return sshEncodedData.getBytes();
    }

    private static BigInteger getR(byte[] bArr) {
        return ASN1Integer.getInstance(getASN1Sequence(bArr).getObjectAt(0)).getValue();
    }

    private static String getRsaSignatureFormatId(int i2) throws NoSuchAlgorithmException {
        if (i2 == 2) {
            return SshRSAPublicKey.KEY_ID;
        }
        if (i2 == 8) {
            return "rsa-sha2-256";
        }
        if (i2 == 10) {
            return "rsa-sha2-512";
        }
        throw new NoSuchAlgorithmException("Unknown hash algorithm");
    }

    private static BigInteger getS(byte[] bArr) {
        return ASN1Integer.getInstance(getASN1Sequence(bArr).getObjectAt(1)).getValue();
    }

    public static byte[] getSshSignatureDsa(byte[] bArr) {
        SshEncodedData sshEncodedData = new SshEncodedData();
        sshEncodedData.putString(SshDSAPublicKey.KEY_ID);
        sshEncodedData.putString(getDsaSignatureBlob(bArr));
        return sshEncodedData.getBytes();
    }

    public static byte[] getSshSignatureEcDsa(byte[] bArr, String str) throws NoSuchAlgorithmException {
        SshEncodedData sshEncodedData = new SshEncodedData();
        sshEncodedData.putString(SshECDSAPublicKey.KEY_ID + SshUtils.getCurveName(str));
        sshEncodedData.putString(getEcDsaSignatureBlob(bArr));
        return sshEncodedData.getBytes();
    }

    public static byte[] getSshSignatureEdDsa(byte[] bArr) {
        SshEncodedData sshEncodedData = new SshEncodedData();
        sshEncodedData.putString(SshEd25519PublicKey.KEY_ID);
        sshEncodedData.putString(bArr);
        return sshEncodedData.getBytes();
    }

    public static byte[] getSshSignatureRsa(byte[] bArr, int i2) throws NoSuchAlgorithmException {
        SshEncodedData sshEncodedData = new SshEncodedData();
        sshEncodedData.putString(getRsaSignatureFormatId(i2));
        sshEncodedData.putString(bArr);
        return sshEncodedData.getBytes();
    }
}
