package ch.ethz.ssh2.signature;

import ch.ethz.ssh2.crypto.SimpleDERReader;
import ch.ethz.ssh2.crypto.digest.SHA1;
import ch.ethz.ssh2.packets.TypesReader;
import java.io.IOException;
import java.math.BigInteger;

/* loaded from: input_file:ch/ethz/ssh2/signature/RSASha1Verify.class */
public class RSASha1Verify {

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:ch/ethz/ssh2/signature/RSASha1Verify$RSASignature.class */
    public static class RSASignature {
        private BigInteger s;

        public BigInteger getS() {
            return this.s;
        }

        public RSASignature(BigInteger bigInteger) {
            this.s = bigInteger;
        }
    }

    public static RSAPublicKey parseRSAPublicKey(byte[] bArr) throws IOException {
        TypesReader typesReader = new TypesReader(bArr);
        if (!typesReader.readString().equals("ssh-rsa")) {
            throw new IllegalArgumentException("This is not a ssh-rsa public host key");
        }
        BigInteger readMPINT = typesReader.readMPINT();
        BigInteger readMPINT2 = typesReader.readMPINT();
        if (typesReader.remain() != 0) {
            throw new IOException("Padding in RSA public key!");
        }
        return new RSAPublicKey(readMPINT, readMPINT2);
    }

    public static RSASignature parseRSASignature(byte[] bArr) throws IOException {
        TypesReader typesReader = new TypesReader(bArr);
        if (!typesReader.readString().equals("ssh-rsa")) {
            throw new IOException("Peer sent wrong signature format");
        }
        byte[] readByteString = typesReader.readByteString();
        if (typesReader.remain() != 0) {
            throw new IOException("Padding in RSA signature!");
        }
        byte[] bArr2 = new byte[readByteString.length + 1];
        System.arraycopy(readByteString, 0, bArr2, 1, readByteString.length);
        return new RSASignature(new BigInteger(bArr2));
    }

    public static boolean verifySignature(byte[] bArr, byte[] bArr2, byte[] bArr3) throws IOException {
        RSAPublicKey parseRSAPublicKey = parseRSAPublicKey(bArr3);
        RSASignature parseRSASignature = parseRSASignature(bArr2);
        SHA1 sha1 = new SHA1();
        sha1.update(bArr);
        byte[] bArr4 = new byte[sha1.getDigestLength()];
        sha1.digest(bArr4);
        BigInteger n = parseRSAPublicKey.getN();
        BigInteger e = parseRSAPublicKey.getE();
        BigInteger s = parseRSASignature.getS();
        if (BigInteger.ZERO.compareTo(s) >= 0 || n.compareTo(s) <= 0) {
            return false;
        }
        byte[] byteArray = s.modPow(e, n).toByteArray();
        if (byteArray.length <= 10) {
            return false;
        }
        int i = byteArray[0] == 0 ? 0 + 1 : 0;
        if (byteArray[i] != 1 && byteArray[i] != 2) {
            return false;
        }
        do {
            i++;
            if (i >= byteArray.length) {
                break;
            }
        } while (byteArray[i] != 0);
        int i2 = i + 1;
        if (i2 < 10 || i2 >= byteArray.length) {
            return false;
        }
        SimpleDERReader simpleDERReader = new SimpleDERReader(byteArray, i2, byteArray.length - i2);
        simpleDERReader.resetInput(simpleDERReader.readSequenceAsByteArray());
        simpleDERReader.readSequenceAsByteArray();
        byte[] readOctetString = simpleDERReader.readOctetString();
        if (readOctetString.length != bArr4.length) {
            return false;
        }
        for (int i3 = 0; i3 < bArr4.length; i3++) {
            if (bArr4[i3] != readOctetString[i3]) {
                return false;
            }
        }
        return true;
    }
}
