package org.apache.sshd.common.util.security.eddsa;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Collections;
import java.util.Locale;
import java.util.Objects;
import net.i2p.crypto.eddsa.EdDSAPrivateKey;
import net.i2p.crypto.eddsa.EdDSAPublicKey;
import net.i2p.crypto.eddsa.spec.EdDSANamedCurveTable;
import net.i2p.crypto.eddsa.spec.EdDSAPrivateKeySpec;
import net.i2p.crypto.eddsa.spec.EdDSAPublicKeySpec;
import org.apache.sshd.common.config.keys.FilePasswordProvider;
import org.apache.sshd.common.config.keys.KeyEntryResolver;
import org.apache.sshd.common.config.keys.impl.AbstractPrivateKeyEntryDecoder;
import org.apache.sshd.common.keyprovider.KeyPairProvider;
import org.apache.sshd.common.session.SessionContext;
import org.apache.sshd.common.util.GenericUtils;
import org.apache.sshd.common.util.security.SecurityUtils;

/* JADX WARN: Classes with same name are omitted:
  input_file:BOOT-INF/lib/wildfly-elytron-1.15.3.Final.jar:org/apache/sshd/common/util/security/eddsa/OpenSSHEd25519PrivateKeyEntryDecoder.class
 */
/* loaded from: input_file:BOOT-INF/lib/sshd-common-2.3.0.jar:org/apache/sshd/common/util/security/eddsa/OpenSSHEd25519PrivateKeyEntryDecoder.class */
public class OpenSSHEd25519PrivateKeyEntryDecoder extends AbstractPrivateKeyEntryDecoder<EdDSAPublicKey, EdDSAPrivateKey> {
    public static final OpenSSHEd25519PrivateKeyEntryDecoder INSTANCE = new OpenSSHEd25519PrivateKeyEntryDecoder();
    private static final int PK_SIZE = 32;
    private static final int SK_SIZE = 32;
    private static final int KEYPAIR_SIZE = 64;

    public OpenSSHEd25519PrivateKeyEntryDecoder() {
        super(EdDSAPublicKey.class, EdDSAPrivateKey.class, Collections.unmodifiableList(Collections.singletonList(KeyPairProvider.SSH_ED25519)));
    }

    @Override // org.apache.sshd.common.config.keys.PrivateKeyEntryDecoder
    /* renamed from: decodePrivateKey, reason: merged with bridge method [inline-methods] */
    public EdDSAPrivateKey mo6423decodePrivateKey(SessionContext sessionContext, String str, FilePasswordProvider filePasswordProvider, InputStream inputStream) throws IOException, GeneralSecurityException {
        if (!KeyPairProvider.SSH_ED25519.equals(str)) {
            throw new InvalidKeyException("Unsupported key type: " + str);
        }
        if (!SecurityUtils.isEDDSACurveSupported()) {
            throw new NoSuchAlgorithmException("EdDSA provider not supported");
        }
        byte[] bArr = GenericUtils.EMPTY_BYTE_ARRAY;
        byte[] bArr2 = GenericUtils.EMPTY_BYTE_ARRAY;
        try {
            bArr = KeyEntryResolver.readRLEBytes(inputStream, 64);
            bArr2 = KeyEntryResolver.readRLEBytes(inputStream, 128);
            if (bArr.length != 32) {
                throw new InvalidKeyException(String.format(Locale.ENGLISH, "Unexpected pk size: %s (expected %s)", Integer.valueOf(bArr.length), 32));
            }
            if (bArr2.length != 64) {
                throw new InvalidKeyException(String.format(Locale.ENGLISH, "Unexpected keypair size: %s (expected %s)", Integer.valueOf(bArr2.length), 64));
            }
            if (!Arrays.equals(bArr, Arrays.copyOfRange(bArr2, 32, 64))) {
                throw new InvalidKeyException("Keypair did not contain the public key.");
            }
            byte[] copyOf = Arrays.copyOf(bArr2, 32);
            try {
                EdDSAPrivateKey edDSAPrivateKey = (EdDSAPrivateKey) generatePrivateKey(new EdDSAPrivateKeySpec(copyOf, EdDSANamedCurveTable.getByName(EdDSASecurityProviderUtils.CURVE_ED25519_SHA512)));
                Arrays.fill(copyOf, (byte) 0);
                if (!Arrays.equals(edDSAPrivateKey.getAbyte(), bArr)) {
                    throw new InvalidKeyException("The provided pk does NOT match the computed pk for the given sk.");
                }
                Arrays.fill(bArr, (byte) 0);
                Arrays.fill(bArr2, (byte) 0);
                return edDSAPrivateKey;
            } catch (Throwable th) {
                Arrays.fill(copyOf, (byte) 0);
                throw th;
            }
        } catch (Throwable th2) {
            Arrays.fill(bArr, (byte) 0);
            Arrays.fill(bArr2, (byte) 0);
            throw th2;
        }
    }

    @Override // org.apache.sshd.common.config.keys.PrivateKeyEntryDecoder
    public String encodePrivateKey(OutputStream outputStream, EdDSAPrivateKey edDSAPrivateKey) throws IOException {
        Objects.requireNonNull(edDSAPrivateKey, "No private key provided");
        byte[] seed = edDSAPrivateKey.getSeed();
        byte[] abyte = edDSAPrivateKey.getAbyte();
        Objects.requireNonNull(seed, "No seed");
        byte[] bArr = new byte[64];
        System.arraycopy(seed, 0, bArr, 0, 32);
        System.arraycopy(abyte, 0, bArr, 32, 32);
        KeyEntryResolver.writeRLEBytes(outputStream, abyte);
        KeyEntryResolver.writeRLEBytes(outputStream, bArr);
        return KeyPairProvider.SSH_ED25519;
    }

    @Override // org.apache.sshd.common.config.keys.PrivateKeyEntryDecoder
    public boolean isPublicKeyRecoverySupported() {
        return true;
    }

    @Override // org.apache.sshd.common.config.keys.PrivateKeyEntryDecoder
    public EdDSAPublicKey recoverPublicKey(EdDSAPrivateKey edDSAPrivateKey) throws GeneralSecurityException {
        return EdDSASecurityProviderUtils.recoverEDDSAPublicKey(edDSAPrivateKey);
    }

    @Override // org.apache.sshd.common.config.keys.KeyEntryResolver
    public EdDSAPublicKey clonePublicKey(EdDSAPublicKey edDSAPublicKey) throws GeneralSecurityException {
        if (edDSAPublicKey == null) {
            return null;
        }
        return (EdDSAPublicKey) generatePublicKey(new EdDSAPublicKeySpec(edDSAPublicKey.getA(), edDSAPublicKey.getParams()));
    }

    @Override // org.apache.sshd.common.config.keys.KeyEntryResolver
    public EdDSAPrivateKey clonePrivateKey(EdDSAPrivateKey edDSAPrivateKey) throws GeneralSecurityException {
        if (edDSAPrivateKey == null) {
            return null;
        }
        return (EdDSAPrivateKey) generatePrivateKey(new EdDSAPrivateKeySpec(edDSAPrivateKey.getSeed(), edDSAPrivateKey.getParams()));
    }

    @Override // org.apache.sshd.common.config.keys.KeyEntryResolver
    public KeyPairGenerator getKeyPairGenerator() throws GeneralSecurityException {
        return SecurityUtils.getKeyPairGenerator(SecurityUtils.EDDSA);
    }

    @Override // org.apache.sshd.common.config.keys.KeyEntryResolver
    public KeyFactory getKeyFactoryInstance() throws GeneralSecurityException {
        return SecurityUtils.getKeyFactory(SecurityUtils.EDDSA);
    }
}
