// // Decompiled by Procyon v0.6.0 // package org.bouncycastle.crypto.util; import org.bouncycastle.math.ec.ECCurve; import org.bouncycastle.asn1.x9.X9ECParameters; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.crypto.params.ECDomainParameters; import org.bouncycastle.crypto.params.ECNamedDomainParameters; import java.io.IOException; import org.bouncycastle.crypto.params.DSAParameters; import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters; import org.bouncycastle.crypto.params.DSAPublicKeyParameters; import org.bouncycastle.crypto.params.ECPublicKeyParameters; import org.bouncycastle.crypto.params.RSAKeyParameters; import org.bouncycastle.crypto.params.AsymmetricKeyParameter; public class OpenSSHPublicKeyUtil { private static final String RSA = "ssh-rsa"; private static final String ECDSA = "ecdsa"; private static final String ED_25519 = "ssh-ed25519"; private static final String DSS = "ssh-dss"; private static final String FIDO2_EC_P256 = "sk-ecdsa-sha2-nistp256@openssh.com"; private static final String FIDO_ED_25519 = "sk-ssh-ed25519@openssh.com"; private OpenSSHPublicKeyUtil() { } public static AsymmetricKeyParameter parsePublicKey(final byte[] array) { return parsePublicKey(new SSHBuffer(array)); } public static byte[] encodePublicKey(final AsymmetricKeyParameter asymmetricKeyParameter) throws IOException { if (asymmetricKeyParameter == null) { throw new IllegalArgumentException("cipherParameters was null."); } if (asymmetricKeyParameter instanceof RSAKeyParameters) { if (asymmetricKeyParameter.isPrivate()) { throw new IllegalArgumentException("RSAKeyParamaters was for encryption"); } final RSAKeyParameters rsaKeyParameters = (RSAKeyParameters)asymmetricKeyParameter; final SSHBuilder sshBuilder = new SSHBuilder(); sshBuilder.writeString("ssh-rsa"); sshBuilder.writeBigNum(rsaKeyParameters.getExponent()); sshBuilder.writeBigNum(rsaKeyParameters.getModulus()); return sshBuilder.getBytes(); } else if (asymmetricKeyParameter instanceof ECPublicKeyParameters) { final SSHBuilder sshBuilder2 = new SSHBuilder(); final String nameForParameters = SSHNamedCurves.getNameForParameters(((ECPublicKeyParameters)asymmetricKeyParameter).getParameters()); if (nameForParameters == null) { throw new IllegalArgumentException("unable to derive ssh curve name for " + ((ECPublicKeyParameters)asymmetricKeyParameter).getParameters().getCurve().getClass().getName()); } sshBuilder2.writeString("ecdsa-sha2-" + nameForParameters); sshBuilder2.writeString(nameForParameters); sshBuilder2.writeBlock(((ECPublicKeyParameters)asymmetricKeyParameter).getQ().getEncoded(false)); return sshBuilder2.getBytes(); } else { if (asymmetricKeyParameter instanceof DSAPublicKeyParameters) { final DSAPublicKeyParameters dsaPublicKeyParameters = (DSAPublicKeyParameters)asymmetricKeyParameter; final DSAParameters parameters = dsaPublicKeyParameters.getParameters(); final SSHBuilder sshBuilder3 = new SSHBuilder(); sshBuilder3.writeString("ssh-dss"); sshBuilder3.writeBigNum(parameters.getP()); sshBuilder3.writeBigNum(parameters.getQ()); sshBuilder3.writeBigNum(parameters.getG()); sshBuilder3.writeBigNum(dsaPublicKeyParameters.getY()); return sshBuilder3.getBytes(); } if (asymmetricKeyParameter instanceof Ed25519PublicKeyParameters) { final SSHBuilder sshBuilder4 = new SSHBuilder(); sshBuilder4.writeString("ssh-ed25519"); sshBuilder4.writeBlock(((Ed25519PublicKeyParameters)asymmetricKeyParameter).getEncoded()); return sshBuilder4.getBytes(); } throw new IllegalArgumentException("unable to convert " + asymmetricKeyParameter.getClass().getName() + " to public key"); } } public static AsymmetricKeyParameter parsePublicKey(final SSHBuffer sshBuffer) { AsymmetricKeyParameter asymmetricKeyParameter = null; final String string = sshBuffer.readString(); if ("ssh-rsa".equals(string)) { asymmetricKeyParameter = new RSAKeyParameters(false, sshBuffer.readBigNumPositive(), sshBuffer.readBigNumPositive()); } else if ("ssh-dss".equals(string)) { asymmetricKeyParameter = new DSAPublicKeyParameters(sshBuffer.readBigNumPositive(), new DSAParameters(sshBuffer.readBigNumPositive(), sshBuffer.readBigNumPositive(), sshBuffer.readBigNumPositive())); } else if (string.startsWith("ecdsa")) { final String string2 = sshBuffer.readString(); final ASN1ObjectIdentifier byName = SSHNamedCurves.getByName(string2); final X9ECParameters parameters = SSHNamedCurves.getParameters(byName); if (parameters == null) { throw new IllegalStateException("unable to find curve for " + string + " using curve name " + string2); } asymmetricKeyParameter = new ECPublicKeyParameters(parameters.getCurve().decodePoint(sshBuffer.readBlock()), new ECNamedDomainParameters(byName, parameters)); } else if (string.equals("sk-ecdsa-sha2-nistp256@openssh.com")) { final String string3 = sshBuffer.readString(); final ASN1ObjectIdentifier byName2 = SSHNamedCurves.getByName(string3); final X9ECParameters parameters2 = SSHNamedCurves.getParameters(byName2); if (parameters2 == null) { throw new IllegalStateException("unable to find curve for " + string + " using curve name " + string3); } final ECCurve curve = parameters2.getCurve(); final byte[] block = sshBuffer.readBlock(); sshBuffer.readString(); asymmetricKeyParameter = new ECPublicKeyParameters(curve.decodePoint(block), new ECNamedDomainParameters(byName2, parameters2)); } else if ("ssh-ed25519".equals(string)) { final byte[] block2 = sshBuffer.readBlock(); if (block2.length != 32) { throw new IllegalStateException("public key value of wrong length"); } asymmetricKeyParameter = new Ed25519PublicKeyParameters(block2, 0); } else if ("sk-ecdsa-sha2-nistp256@openssh.com".equals(string)) { final byte[] block3 = sshBuffer.readBlock(); if (block3.length != 32) { throw new IllegalStateException("public key value of wrong length"); } sshBuffer.readString(); asymmetricKeyParameter = new Ed25519PublicKeyParameters(block3, 0); } if (asymmetricKeyParameter == null) { throw new IllegalArgumentException("unable to parse key"); } if (sshBuffer.hasRemaining()) { throw new IllegalArgumentException("decoded key has trailing data"); } return asymmetricKeyParameter; } }