package com.maverick.ssh.components.jce.client;

import com.maverick.ssh.SshException;
import com.maverick.ssh.components.ComponentManager;
import com.maverick.ssh.components.Digest;
import com.maverick.ssh.components.SshKeyExchange;
import com.maverick.ssh.components.jce.ECUtils;
import com.maverick.ssh.components.jce.JCEProvider;
import com.maverick.ssh2.SshKeyExchangeClient;
import com.maverick.util.ByteArrayReader;
import com.maverick.util.ByteArrayWriter;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECGenParameterSpec;
import javax.crypto.KeyAgreement;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/maverick/ssh/components/jce/client/DiffieHellmanEcdh.class */
public class DiffieHellmanEcdh extends SshKeyExchangeClient implements SshKeyExchange {
    private static final Logger log = LoggerFactory.getLogger(DiffieHellmanEcdh.class);
    public static final int SSH_MSG_KEX_ECDH_INIT = 30;
    public static final int SSH_MSG_KEX_ECDH_REPLY = 31;
    String name;
    String curve;
    byte[] Q_S;
    byte[] Q_C;
    String clientId;
    String serverId;
    byte[] clientKexInit;
    byte[] serverKexInit;
    KeyAgreement keyAgreement;
    KeyPairGenerator keyGen;
    KeyPair keyPair;

    /* JADX INFO: Access modifiers changed from: protected */
    public DiffieHellmanEcdh(String str, String str2, String str3) {
        super(str3);
        this.name = str;
        this.curve = str2;
    }

    @Override // com.maverick.ssh2.SshKeyExchangeClient
    public String getAlgorithm() {
        return this.name;
    }

    private void initCrypto() throws InvalidKeyException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, SshException {
        ComponentManager.getInstance().supportedDigests().getInstance(getHashAlgorithm());
        this.keyGen = JCEProvider.getProviderForAlgorithm("EC") == null ? KeyPairGenerator.getInstance("EC") : KeyPairGenerator.getInstance("EC", JCEProvider.getProviderForAlgorithm("EC"));
        this.keyAgreement = JCEProvider.getProviderForAlgorithm("ECDH") == null ? KeyAgreement.getInstance("ECDH") : KeyAgreement.getInstance("ECDH", JCEProvider.getProviderForAlgorithm("ECDH"));
        this.keyGen.initialize(new ECGenParameterSpec(this.curve), new SecureRandom());
        this.keyPair = this.keyGen.generateKeyPair();
        this.keyAgreement.init(this.keyPair.getPrivate());
    }

    public void test() {
        try {
            initCrypto();
        } catch (Throwable th) {
            throw new IllegalStateException(th);
        }
    }

    @Override // com.maverick.ssh2.SshKeyExchangeClient
    public void performClientExchange(String str, String str2, byte[] bArr, byte[] bArr2) throws SshException {
        this.clientId = str;
        this.serverId = str2;
        this.clientKexInit = bArr;
        this.serverKexInit = bArr2;
        try {
            initCrypto();
            ECPublicKey eCPublicKey = (ECPublicKey) this.keyPair.getPublic();
            ByteArrayWriter byteArrayWriter = new ByteArrayWriter();
            this.Q_C = ECUtils.toByteArray(eCPublicKey.getW(), eCPublicKey.getParams().getCurve());
            try {
                byteArrayWriter.write(30);
                byteArrayWriter.writeBinaryString(this.Q_C);
                if (log.isDebugEnabled()) {
                    log.debug("Sending SSH_MSG_KEX_ECDH_INIT");
                }
                this.transport.sendMessage(byteArrayWriter.toByteArray(), true);
                byteArrayWriter.close();
                byte[] nextMessage = this.transport.nextMessage(0L);
                if (nextMessage[0] != 31) {
                    throw new SshException("Expected SSH_MSG_KEX_ECDH_REPLY but got message id " + ((int) nextMessage[0]), 9);
                }
                ByteArrayReader byteArrayReader = new ByteArrayReader(nextMessage, 1, nextMessage.length - 1);
                try {
                    this.hostKey = byteArrayReader.readBinaryString();
                    this.Q_S = byteArrayReader.readBinaryString();
                    this.signature = byteArrayReader.readBinaryString();
                    this.keyAgreement.doPhase(ECUtils.decodeKey(this.Q_S, this.curve), true);
                    byte[] generateSecret = this.keyAgreement.generateSecret();
                    if ((generateSecret[0] & 128) == 128) {
                        byte[] bArr3 = new byte[generateSecret.length + 1];
                        System.arraycopy(generateSecret, 0, bArr3, 1, generateSecret.length);
                        generateSecret = bArr3;
                    }
                    this.secret = new BigInteger(generateSecret);
                    byteArrayReader.close();
                    calculateExchangeHash();
                } catch (Throwable th) {
                    byteArrayReader.close();
                    throw th;
                }
            } catch (Throwable th2) {
                byteArrayWriter.close();
                throw th2;
            }
        } catch (Exception e) {
            log.error("Key exchange failed", e);
            throw new SshException("Failed to process key exchange", 5, e);
        }
    }

    @Override // com.maverick.ssh2.SshKeyExchangeClient
    public boolean isKeyExchangeMessage(int i) {
        switch (i) {
            case 30:
            case 31:
                return true;
            default:
                return false;
        }
    }

    protected void calculateExchangeHash() throws SshException {
        Digest digest = (Digest) ComponentManager.getInstance().supportedDigests().getInstance(getHashAlgorithm());
        digest.putString(this.clientId);
        digest.putString(this.serverId);
        digest.putInt(this.clientKexInit.length);
        digest.putBytes(this.clientKexInit);
        digest.putInt(this.serverKexInit.length);
        digest.putBytes(this.serverKexInit);
        digest.putInt(this.hostKey.length);
        digest.putBytes(this.hostKey);
        digest.putInt(this.Q_C.length);
        digest.putBytes(this.Q_C);
        digest.putInt(this.Q_S.length);
        digest.putBytes(this.Q_S);
        digest.putBigInteger(this.secret);
        this.exchangeHash = digest.doFinal();
    }

    public String getProvider() {
        return this.keyGen.getProvider().getName();
    }
}
