package org.apache.sshd.common.config.keys.loader.openpgp;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.DSAPublicKeySpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.Objects;
import org.apache.sshd.common.NamedResource;
import org.apache.sshd.common.cipher.ECCurves;
import org.apache.sshd.common.util.buffer.BufferUtils;
import org.apache.sshd.common.util.security.SecurityUtils;
import org.bouncycastle.bcpg.BCPGKey;
import org.bouncycastle.bcpg.DSAPublicBCPGKey;
import org.bouncycastle.bcpg.ECDHPublicBCPGKey;
import org.bouncycastle.bcpg.ECDSAPublicBCPGKey;
import org.bouncycastle.bcpg.ECPublicBCPGKey;
import org.bouncycastle.bcpg.EdDSAPublicBCPGKey;
import org.bouncycastle.bcpg.PublicKeyPacket;
import org.bouncycastle.bcpg.RSAPublicBCPGKey;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.c02e.jpgpj.Subkey;

@FunctionalInterface
/* loaded from: input_file:org/apache/sshd/common/config/keys/loader/openpgp/PGPPublicKeyExtractor.class */
public interface PGPPublicKeyExtractor {
    default PublicKey extractPublicKey(NamedResource namedResource, Subkey subkey) throws IOException, GeneralSecurityException {
        if (subkey == null) {
            return null;
        }
        BCPGKey bCPGKey = (BCPGKey) Objects.requireNonNull(((PublicKeyPacket) Objects.requireNonNull(((PGPPublicKey) Objects.requireNonNull(subkey.getPublicKey(), "Missing sub-key public key")).getPublicKeyPacket(), "Missing public key packet")).getKey(), "Missing BC key");
        if (bCPGKey instanceof RSAPublicBCPGKey) {
            return extractRSAPublicKey(namedResource, (RSAPublicBCPGKey) bCPGKey);
        }
        if (bCPGKey instanceof ECPublicBCPGKey) {
            return extractECPublicKey(namedResource, (ECPublicBCPGKey) bCPGKey);
        }
        if (bCPGKey instanceof DSAPublicBCPGKey) {
            return extractDSSPublicKey(namedResource, (DSAPublicBCPGKey) bCPGKey);
        }
        throw new NoSuchAlgorithmException("Unsupported BC public key type: " + bCPGKey.getClass().getSimpleName());
    }

    default RSAPublicKey extractRSAPublicKey(NamedResource namedResource, RSAPublicBCPGKey rSAPublicBCPGKey) throws IOException, GeneralSecurityException {
        if (rSAPublicBCPGKey == null) {
            return null;
        }
        return (RSAPublicKey) generatePublicKey("RSA", RSAPublicKey.class, new RSAPublicKeySpec(rSAPublicBCPGKey.getModulus(), rSAPublicBCPGKey.getPublicExponent()));
    }

    default PublicKey extractECPublicKey(NamedResource namedResource, ECPublicBCPGKey eCPublicBCPGKey) throws IOException, GeneralSecurityException {
        if (eCPublicBCPGKey == null) {
            return null;
        }
        if (eCPublicBCPGKey instanceof EdDSAPublicBCPGKey) {
            return extractEdDSAPublicKey(namedResource, (EdDSAPublicBCPGKey) eCPublicBCPGKey);
        }
        if ((eCPublicBCPGKey instanceof ECDSAPublicBCPGKey) || (eCPublicBCPGKey instanceof ECDHPublicBCPGKey)) {
            return extractECDSAPublicKey(namedResource, eCPublicBCPGKey);
        }
        throw new NoSuchAlgorithmException("Unsupported EC public key type: " + eCPublicBCPGKey.getClass().getSimpleName());
    }

    default ECPublicKey extractECDSAPublicKey(NamedResource namedResource, ECPublicBCPGKey eCPublicBCPGKey) throws IOException, GeneralSecurityException {
        if (eCPublicBCPGKey == null) {
            return null;
        }
        String id = eCPublicBCPGKey.getCurveOID().getId();
        ECCurves fromOID = ECCurves.fromOID(id);
        if (fromOID == null) {
            throw new InvalidKeySpecException("Not an EC curve OID: " + id);
        }
        if (!SecurityUtils.isECCSupported()) {
            throw new NoSuchProviderException("ECC not supported");
        }
        byte[] byteArray = eCPublicBCPGKey.getEncodedPoint().toByteArray();
        try {
            ECPoint octetStringToEcPoint = ECCurves.octetStringToEcPoint(byteArray);
            if (octetStringToEcPoint == null) {
                throw new InvalidKeySpecException("No ECPoint generated for curve=" + fromOID.getName() + " from octets=" + BufferUtils.toHex(':', byteArray));
            }
            return (ECPublicKey) generatePublicKey("EC", ECPublicKey.class, new ECPublicKeySpec(octetStringToEcPoint, fromOID.getParameters()));
        } catch (RuntimeException e) {
            throw new InvalidKeySpecException("Failed (" + e.getClass().getSimpleName() + ") to generate ECPoint for curve=" + fromOID.getName() + " from octets=" + BufferUtils.toHex(':', byteArray) + ": " + e.getMessage());
        }
    }

    default PublicKey extractEdDSAPublicKey(NamedResource namedResource, EdDSAPublicBCPGKey edDSAPublicBCPGKey) throws IOException, GeneralSecurityException {
        if (edDSAPublicBCPGKey == null) {
            return null;
        }
        if (SecurityUtils.isEDDSACurveSupported()) {
            throw new NoSuchAlgorithmException("Unsupported EdDSA public key type: " + edDSAPublicBCPGKey.getClass().getSimpleName());
        }
        throw new NoSuchProviderException("EdDSA not supported");
    }

    default DSAPublicKey extractDSSPublicKey(NamedResource namedResource, DSAPublicBCPGKey dSAPublicBCPGKey) throws IOException, GeneralSecurityException {
        if (dSAPublicBCPGKey == null) {
            return null;
        }
        return (DSAPublicKey) generatePublicKey("DSA", DSAPublicKey.class, new DSAPublicKeySpec(dSAPublicBCPGKey.getY(), dSAPublicBCPGKey.getP(), dSAPublicBCPGKey.getQ(), dSAPublicBCPGKey.getG()));
    }

    <K extends PublicKey> K generatePublicKey(String str, Class<K> cls, KeySpec keySpec) throws GeneralSecurityException;
}
