package com.ibm.net.ssh;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.RSAPublicKey;

/* loaded from: input_file:lib/com.ibm.ws.prereq.rxa.2.3_1.0.44.jar:com/ibm/net/ssh/AuthPublicKey.class */
public class AuthPublicKey extends AuthMethod {
    private static final String COPYRIGHT = "\n\nLicensed Materials - Property of IBM\n\n(C) Copyright IBM Corp. 2005, 2010 All Rights Reserved.\n\nUS Government Users Restricted Rights - Use, duplication or\ndisclosure restricted by GSA ADP Schedule Contract with\nIBM Corp.\n\n\n";
    private static final String PUBLIC_KEY_METHOD = "publickey";
    private KeyPair keyPair;
    private static final byte R_SIZE = 20;
    private static final byte S_SIZE = 20;

    public AuthPublicKey(String str, KeyPair keyPair) {
        super(str);
        if (keyPair == null) {
            throw new NullPointerException("keyPair is null");
        }
        this.keyPair = keyPair;
    }

    public AuthPublicKey(String str, KeyPair keyPair, PublicKeyFile publicKeyFile) {
        super(str, publicKeyFile);
        if (keyPair == null) {
            throw new NullPointerException("keyPair is null");
        }
        this.keyPair = keyPair;
    }

    @Override // com.ibm.net.ssh.AuthMethod
    public String getMethodName() {
        return PUBLIC_KEY_METHOD;
    }

    public KeyPair getKeyPair() {
        return this.keyPair;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.ibm.net.ssh.AuthMethod
    public byte[] getRequestPacket(byte[] bArr) throws IOException {
        String str;
        byte[] byteArray;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(50);
        SSHString.writeString(byteArrayOutputStream, this.username);
        SSHString.writeString(byteArrayOutputStream, "ssh-connection");
        SSHString.writeString(byteArrayOutputStream, PUBLIC_KEY_METHOD);
        SSHBoolean.writeBoolean(byteArrayOutputStream, true);
        PublicKey publicKey = this.keyPair.getPublic();
        PrivateKey privateKey = this.keyPair.getPrivate();
        if (publicKey instanceof RSAPublicKey) {
            str = "ssh-rsa";
            SSHString.writeString(byteArrayOutputStream, str);
            RSAPublicKey rSAPublicKey = (RSAPublicKey) publicKey;
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            SSHString.writeString(byteArrayOutputStream2, str);
            SSHMpint.writeBigInteger(byteArrayOutputStream2, rSAPublicKey.getPublicExponent());
            SSHMpint.writeBigInteger(byteArrayOutputStream2, rSAPublicKey.getModulus());
            byteArray = byteArrayOutputStream2.toByteArray();
        } else {
            str = "ssh-dss";
            SSHString.writeString(byteArrayOutputStream, str);
            DSAPublicKey dSAPublicKey = (DSAPublicKey) publicKey;
            DSAParams params = dSAPublicKey.getParams();
            ByteArrayOutputStream byteArrayOutputStream3 = new ByteArrayOutputStream();
            SSHString.writeString(byteArrayOutputStream3, str);
            SSHMpint.writeBigInteger(byteArrayOutputStream3, params.getP());
            SSHMpint.writeBigInteger(byteArrayOutputStream3, params.getQ());
            SSHMpint.writeBigInteger(byteArrayOutputStream3, params.getG());
            SSHMpint.writeBigInteger(byteArrayOutputStream3, dSAPublicKey.getY());
            byteArray = byteArrayOutputStream3.toByteArray();
        }
        SSHString.writeString(byteArrayOutputStream, byteArray);
        SSHString.writeString(byteArrayOutputStream, generateSignature(str, bArr, byteArray, privateKey));
        return byteArrayOutputStream.toByteArray();
    }

    private byte[] generateSignature(String str, byte[] bArr, byte[] bArr2, PrivateKey privateKey) throws IOException {
        try {
            Signature signature = str.equals("ssh-rsa") ? Signature.getInstance("SHA1withRSA") : Signature.getInstance("SHA1withDSA");
            signature.initSign(privateKey, SSHConstants.SECURE_RANDOM);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            SSHString.writeString(byteArrayOutputStream, bArr);
            byteArrayOutputStream.write(50);
            SSHString.writeString(byteArrayOutputStream, this.username);
            SSHString.writeString(byteArrayOutputStream, "ssh-connection");
            SSHString.writeString(byteArrayOutputStream, PUBLIC_KEY_METHOD);
            SSHBoolean.writeBoolean(byteArrayOutputStream, true);
            SSHString.writeString(byteArrayOutputStream, str);
            SSHString.writeString(byteArrayOutputStream, bArr2);
            signature.update(byteArrayOutputStream.toByteArray());
            byte[] sign = signature.sign();
            if (str.equals("ssh-dss")) {
                sign = removeDerEncoding(sign);
            }
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            SSHString.writeString(byteArrayOutputStream2, str);
            SSHString.writeString(byteArrayOutputStream2, sign);
            return byteArrayOutputStream2.toByteArray();
        } catch (InvalidKeyException e) {
            throw new DisconnectException(11, "Invalid key for signature: " + e.toString());
        } catch (NoSuchAlgorithmException e2) {
            throw new DisconnectException(11, "No such algorithm for signature: " + e2.toString());
        } catch (SignatureException e3) {
            throw new DisconnectException(11, "Signature exception during update or sign: " + e3.toString());
        }
    }

    private byte[] removeDerEncoding(byte[] bArr) {
        byte[] bArr2 = new byte[40];
        if (bArr[3] == 20 && bArr[25] == 20) {
            System.arraycopy(bArr, 4, bArr2, 0, 20);
            System.arraycopy(bArr, 26, bArr2, 20, 20);
        } else {
            byte[] bArr3 = new byte[20];
            byte b = bArr[3];
            if (b == 20) {
                System.arraycopy(bArr, 4, bArr3, 0, 20);
            } else if (b <= 20) {
                bArr3[0] = 0;
                System.arraycopy(bArr, 4, bArr3, 1, 19);
            } else if (bArr[4] == 0) {
                System.arraycopy(bArr, 4 + 1, bArr3, 0, 20);
            } else {
                logger.fine("r size larger than 20, but not zero padded!");
            }
            byte[] bArr4 = new byte[20];
            int i = 4 + b + 2;
            byte b2 = bArr[4 + b + 1];
            if (b2 == 20) {
                System.arraycopy(bArr, i, bArr4, 0, 20);
            } else if (b2 <= 20) {
                bArr4[0] = 0;
                System.arraycopy(bArr, i, bArr4, 1, 19);
            } else if (bArr[i] == 0) {
                System.arraycopy(bArr, i + 1, bArr4, 0, 20);
            } else {
                logger.fine("s size larger than 20, but not zero padded!");
            }
            System.arraycopy(bArr3, 0, bArr2, 0, 20);
            System.arraycopy(bArr4, 0, bArr2, 20, 20);
        }
        return bArr2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.ibm.net.ssh.AuthMethod
    public AuthMethod handlePacket(int i, ByteBuffer byteBuffer) throws IOException {
        switch (i) {
            case 60:
                logger.fine("handlePacket: SSH_MSG_USERAUTH_PK_OK");
                handleUserauthPublicKeyOk(byteBuffer);
                return null;
            default:
                super.handlePacket(i, byteBuffer);
                return null;
        }
    }

    private void handleUserauthPublicKeyOk(ByteBuffer byteBuffer) throws IOException {
        String readString = SSHString.readString(byteBuffer);
        String readString2 = SSHString.readString(byteBuffer);
        logger.finer("handleUserauthPublicKeyOk: publicKeyAlgorithm = " + readString);
        logger.finer("handleUserauthPublicKeyOk: publicKeyBlob = " + readString2);
    }
}
