package com.maverick.ssh.components.bc.client;

import com.maverick.ssh.SecurityLevel;
import com.maverick.ssh.SshException;
import com.maverick.ssh.components.ComponentManager;
import com.maverick.ssh.components.DiffieHellmanGroups;
import com.maverick.ssh.components.Digest;
import com.maverick.ssh.components.jce.AbstractKeyExchange;
import com.maverick.ssh2.SshKeyExchangeClient;
import com.maverick.util.ByteArrayReader;
import com.maverick.util.ByteArrayWriter;
import com.sshtools.common.logger.Log;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import javax.crypto.KeyAgreement;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.agreement.DHBasicAgreement;
import org.bouncycastle.crypto.generators.DHBasicKeyPairGenerator;
import org.bouncycastle.crypto.params.DHKeyGenerationParameters;
import org.bouncycastle.crypto.params.DHParameters;
import org.bouncycastle.crypto.params.DHPublicKeyParameters;
import org.bouncycastle.util.BigIntegers;

/* loaded from: input_file:com/maverick/ssh/components/bc/client/DiffieHellmanGroup14Sha1.class */
public class DiffieHellmanGroup14Sha1 extends SshKeyExchangeClient implements AbstractKeyExchange {
    public static final String DIFFIE_HELLMAN_GROUP14_SHA1 = "diffie-hellman-group14-sha1";
    static final int SSH_MSG_KEXDH_INIT = 30;
    static final int SSH_MSG_KEXDH_REPLY = 31;
    static final BigInteger ONE = BigInteger.valueOf(1);
    static final BigInteger TWO = BigInteger.valueOf(2);
    static final BigInteger g = TWO;
    static final BigInteger p = DiffieHellmanGroups.group14;
    BigInteger e;
    BigInteger f;
    DHBasicAgreement agreement;
    DHParameters parameters;
    String clientId;
    String serverId;
    byte[] clientKexInit;
    byte[] serverKexInit;
    KeyPairGenerator dhKeyPairGen;
    KeyAgreement dhKeyAgreement;
    KeyFactory dhKeyFactory;
    KeyPair dhKeyPair;

    public DiffieHellmanGroup14Sha1() {
        super("SHA-1", SecurityLevel.WEAK, 14);
        this.e = null;
        this.f = null;
    }

    public void test() {
    }

    @Override // com.maverick.ssh2.SshKeyExchangeClient
    public void performClientExchange(String str, String str2, byte[] bArr, byte[] bArr2) throws SshException {
        this.clientId = str;
        this.serverId = str2;
        this.clientKexInit = bArr;
        this.serverKexInit = bArr2;
        int i = 3;
        while (i != 0) {
            this.parameters = new DHParameters(p, g);
            DHBasicKeyPairGenerator dHBasicKeyPairGenerator = new DHBasicKeyPairGenerator();
            dHBasicKeyPairGenerator.init(new DHKeyGenerationParameters(new SecureRandom(), this.parameters));
            AsymmetricCipherKeyPair generateKeyPair = dHBasicKeyPairGenerator.generateKeyPair();
            this.agreement = new DHBasicAgreement();
            this.agreement.init(generateKeyPair.getPrivate());
            i--;
            this.e = generateKeyPair.getPublic().getY();
            if (DiffieHellmanGroups.verifyParameters(this.e, p)) {
                ByteArrayWriter byteArrayWriter = new ByteArrayWriter();
                try {
                    try {
                        byteArrayWriter.write(30);
                        byteArrayWriter.writeBigInteger(this.e);
                        if (Log.isDebugEnabled()) {
                            Log.debug("Sending SSH_MSG_KEXDH_INIT", new Object[0]);
                        }
                        this.transport.sendMessage(byteArrayWriter.toByteArray(), true);
                        byte[] nextMessage = this.transport.nextMessage(0L);
                        if (nextMessage[0] != 31) {
                            this.transport.disconnect(3, "Key exchange failed [id=" + ((int) nextMessage[0]) + "]");
                            throw new SshException("Key exchange failed [id=" + ((int) nextMessage[0]) + "]", 5);
                        }
                        if (Log.isDebugEnabled()) {
                            Log.debug("Received SSH_MSG_KEXDH_REPLY", new Object[0]);
                        }
                        ByteArrayReader byteArrayReader = new ByteArrayReader(nextMessage, 1, nextMessage.length - 1);
                        try {
                            try {
                                this.hostKey = byteArrayReader.readBinaryString();
                                this.f = byteArrayReader.readBigInteger();
                                this.signature = byteArrayReader.readBinaryString();
                                if (!DiffieHellmanGroups.verifyParameters(this.f, p)) {
                                    throw new SshException(String.format("Key exchange detected invalid f value %s", this.f.toString(16)), 3);
                                }
                                this.secret = new BigInteger(1, BigIntegers.asUnsignedByteArray(this.agreement.calculateAgreement(new DHPublicKeyParameters(this.f, this.parameters))));
                                if (!DiffieHellmanGroups.verifyParameters(this.secret, p)) {
                                    throw new SshException(String.format("Key exchange detected invalid k value %s", this.e.toString(16)), 3);
                                }
                                calculateExchangeHash();
                                try {
                                    return;
                                } catch (IOException e) {
                                    return;
                                }
                            } finally {
                                try {
                                    byteArrayReader.close();
                                } catch (IOException e2) {
                                }
                            }
                        } catch (IOException e3) {
                            Log.error("Key exchange failed", e3, new Object[0]);
                            throw new SshException("Failed to read SSH_MSG_KEXDH_REPLY", 5);
                        }
                    } finally {
                        try {
                            byteArrayWriter.close();
                        } catch (IOException e4) {
                        }
                    }
                } catch (IOException e5) {
                    throw new SshException("Failed to write SSH_MSG_KEXDH_INIT to message buffer", 5);
                }
            }
        }
        this.transport.disconnect(3, "Failed to generate key exchange value");
        throw new SshException("Key exchange failed to generate e value", 5);
    }

    public String getProvider() {
        return "JADAPTIVE";
    }

    protected void calculateExchangeHash() throws SshException {
        Digest digest = (Digest) ComponentManager.getInstance().supportedDigests().getInstance("SHA-1");
        digest.putString(this.clientId);
        digest.putString(this.serverId);
        digest.putInt(this.clientKexInit.length);
        digest.putBytes(this.clientKexInit);
        digest.putInt(this.serverKexInit.length);
        digest.putBytes(this.serverKexInit);
        digest.putInt(this.hostKey.length);
        digest.putBytes(this.hostKey);
        digest.putBigInteger(this.e);
        digest.putBigInteger(this.f);
        digest.putBigInteger(this.secret);
        this.exchangeHash = digest.doFinal();
    }

    @Override // com.maverick.ssh2.SshKeyExchangeClient
    public String getAlgorithm() {
        return "diffie-hellman-group14-sha1";
    }

    @Override // com.maverick.ssh2.SshKeyExchangeClient
    public boolean isKeyExchangeMessage(int i) {
        switch (i) {
            case 30:
            case 31:
                return true;
            default:
                return false;
        }
    }
}
