package io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.impl;

import io.jenkins.cli.shaded.org.apache.sshd.common.cipher.ECCurves;
import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.KeyEntryResolver;
import io.jenkins.cli.shaded.org.apache.sshd.common.session.SessionContext;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.buffer.BufferUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.security.SecurityUtils;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPrivateKeySpec;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.util.Map;
import java.util.Objects;

/* loaded from: input_file:WEB-INF/lib/cli-2.328-rc31925.367d01811769.jar:io/jenkins/cli/shaded/org/apache/sshd/common/config/keys/impl/ECDSAPublicKeyEntryDecoder.class */
public class ECDSAPublicKeyEntryDecoder extends AbstractPublicKeyEntryDecoder<ECPublicKey, ECPrivateKey> {
    public static final int MAX_ALLOWED_POINT_SIZE = 32767;
    public static final int MAX_CURVE_NAME_LENGTH = 1024;
    public static final ECDSAPublicKeyEntryDecoder INSTANCE = new ECDSAPublicKeyEntryDecoder();
    public static final byte ECPOINT_UNCOMPRESSED_FORM_INDICATOR = 4;
    public static final byte ECPOINT_COMPRESSED_VARIANT_2 = 2;
    public static final byte ECPOINT_COMPRESSED_VARIANT_3 = 2;

    public ECDSAPublicKeyEntryDecoder() {
        super(ECPublicKey.class, ECPrivateKey.class, ECCurves.KEY_TYPES);
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.PublicKeyRawDataDecoder
    public ECPublicKey decodePublicKey(SessionContext sessionContext, String str, InputStream inputStream, Map<String, String> map) throws IOException, GeneralSecurityException {
        ECCurves fromKeyType = ECCurves.fromKeyType(str);
        if (fromKeyType == null) {
            throw new InvalidKeySpecException("Not an EC curve name: " + str);
        }
        return decodePublicKey(fromKeyType, inputStream);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ECPublicKey decodePublicKey(ECCurves eCCurves, InputStream inputStream) throws IOException, GeneralSecurityException {
        if (!SecurityUtils.isECCSupported()) {
            throw new NoSuchProviderException("ECC not supported");
        }
        String name = eCCurves.getName();
        String decodeString = KeyEntryResolver.decodeString(inputStream, 1024);
        if (!name.equals(decodeString)) {
            throw new InvalidKeySpecException("Mismatched key curve name (" + name + ") vs. encoded one (" + decodeString + ")");
        }
        byte[] readRLEBytes = KeyEntryResolver.readRLEBytes(inputStream, 32767);
        try {
            ECPoint octetStringToEcPoint = ECCurves.octetStringToEcPoint(readRLEBytes);
            if (octetStringToEcPoint == null) {
                throw new InvalidKeySpecException("No ECPoint generated for curve=" + name + " from octets=" + BufferUtils.toHex(':', readRLEBytes));
            }
            return (ECPublicKey) generatePublicKey(new ECPublicKeySpec(octetStringToEcPoint, eCCurves.getParameters()));
        } catch (RuntimeException e) {
            throw new InvalidKeySpecException("Failed (" + e.getClass().getSimpleName() + ") to generate ECPoint for curve=" + name + " from octets=" + BufferUtils.toHex(':', readRLEBytes) + ": " + e.getMessage());
        }
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.KeyEntryResolver
    public ECPublicKey clonePublicKey(ECPublicKey eCPublicKey) throws GeneralSecurityException {
        if (!SecurityUtils.isECCSupported()) {
            throw new NoSuchProviderException("ECC not supported");
        }
        if (eCPublicKey == null) {
            return null;
        }
        ECParameterSpec params = eCPublicKey.getParams();
        if (params == null) {
            throw new InvalidKeyException("Missing parameters in key");
        }
        return (ECPublicKey) generatePublicKey(new ECPublicKeySpec(eCPublicKey.getW(), params));
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.KeyEntryResolver
    public ECPrivateKey clonePrivateKey(ECPrivateKey eCPrivateKey) throws GeneralSecurityException {
        if (!SecurityUtils.isECCSupported()) {
            throw new NoSuchProviderException("ECC not supported");
        }
        if (eCPrivateKey == null) {
            return null;
        }
        ECParameterSpec params = eCPrivateKey.getParams();
        if (params == null) {
            throw new InvalidKeyException("Missing parameters in key");
        }
        return (ECPrivateKey) generatePrivateKey(new ECPrivateKeySpec(eCPrivateKey.getS(), params));
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.PublicKeyEntryDecoder
    public String encodePublicKey(OutputStream outputStream, ECPublicKey eCPublicKey) throws IOException {
        Objects.requireNonNull(eCPublicKey, "No public key provided");
        ECCurves eCCurves = (ECCurves) Objects.requireNonNull(ECCurves.fromCurveParameters((ECParameterSpec) Objects.requireNonNull(eCPublicKey.getParams(), "No EC parameters available")), "Cannot determine curve");
        String keyType = eCCurves.getKeyType();
        encodePublicKey(outputStream, keyType, eCCurves, eCPublicKey.getW());
        return keyType;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void encodePublicKey(OutputStream outputStream, String str, ECCurves eCCurves, ECPoint eCPoint) throws IOException {
        String name = eCCurves.getName();
        KeyEntryResolver.encodeString(outputStream, str);
        KeyEntryResolver.encodeString(outputStream, name);
        ECCurves.ECPointCompression.UNCOMPRESSED.writeECPoint(outputStream, name, eCPoint);
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.KeyEntryResolver
    public KeyFactory getKeyFactoryInstance() throws GeneralSecurityException {
        if (SecurityUtils.isECCSupported()) {
            return SecurityUtils.getKeyFactory("EC");
        }
        throw new NoSuchProviderException("ECC not supported");
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.KeyEntryResolver
    public KeyPair generateKeyPair(int i) throws GeneralSecurityException {
        ECCurves fromCurveSize = ECCurves.fromCurveSize(i);
        if (fromCurveSize == null) {
            throw new InvalidKeySpecException("Unknown curve for key size=" + i);
        }
        KeyPairGenerator keyPairGenerator = getKeyPairGenerator();
        keyPairGenerator.initialize(fromCurveSize.getParameters());
        return keyPairGenerator.generateKeyPair();
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.KeyEntryResolver
    public KeyPairGenerator getKeyPairGenerator() throws GeneralSecurityException {
        if (SecurityUtils.isECCSupported()) {
            return SecurityUtils.getKeyPairGenerator("EC");
        }
        throw new NoSuchProviderException("ECC not supported");
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.PublicKeyRawDataDecoder
    public /* bridge */ /* synthetic */ PublicKey decodePublicKey(SessionContext sessionContext, String str, InputStream inputStream, Map map) throws IOException, GeneralSecurityException {
        return decodePublicKey(sessionContext, str, inputStream, (Map<String, String>) map);
    }
}
