package com.maverick.sshd.components.jce.server;

import com.maverick.ssh.SshException;
import com.maverick.ssh.components.ComponentManager;
import com.maverick.ssh.components.Digest;
import com.maverick.ssh.components.SshKeyPair;
import com.maverick.ssh.components.SshPrivateKey;
import com.maverick.ssh.components.SshPublicKey;
import com.maverick.ssh.components.jce.AbstractKeyExchange;
import com.maverick.ssh.components.jce.JCEComponentManager;
import com.maverick.sshd.AbstractServerTransport;
import com.maverick.sshd.SftpFileAttributes;
import com.maverick.sshd.SshMessage;
import com.maverick.sshd.components.SshKeyExchangeServer;
import com.maverick.util.ByteArrayReader;
import com.maverick.util.ByteArrayWriter;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/maverick/sshd/components/jce/server/Rsa1024SHA1KeyExchange.class */
public class Rsa1024SHA1KeyExchange extends SshKeyExchangeServer implements AbstractKeyExchange {
    static Logger log = LoggerFactory.getLogger(Rsa1024SHA1KeyExchange.class);
    public static final String RSA_1024_SHA1 = "rsa1024-sha1";
    static final int SSH_MSG_KEXRSA_PUBKEY = 30;
    static final int SSH_MSG_KEXRSA_SECRET = 31;
    static final int SSH_MSG_KEXRSA_DONE = 32;
    Cipher cipher;
    SshKeyPair transientKey;
    byte[] encryptedSecret;

    public Rsa1024SHA1KeyExchange() {
        super("SHA-1");
    }

    @Override // com.maverick.sshd.components.SshKeyExchangeServer
    public String getAlgorithm() {
        return "rsa1024-sha1";
    }

    public void test() {
        try {
            ComponentManager.getInstance().supportedDigests().getInstance(getHashAlgorithm());
            initCrypto();
        } catch (Throwable th) {
            throw new IllegalStateException(th.getMessage(), th);
        }
    }

    void initCrypto() throws SshException, NoSuchAlgorithmException, NoSuchPaddingException {
        this.transientKey = JCEComponentManager.getInstance().generateRsaKeyPair(SftpFileAttributes.S_ISGID, 2);
        this.cipher = Cipher.getInstance("RSA/None/OAEPWithSHA1AndMGF1Padding");
    }

    @Override // com.maverick.sshd.components.SshKeyExchangeServer
    public void init(AbstractServerTransport abstractServerTransport, String str, String str2, byte[] bArr, byte[] bArr2, SshPrivateKey sshPrivateKey, final SshPublicKey sshPublicKey, boolean z, boolean z2) throws IOException {
        this.clientId = str;
        this.serverId = str2;
        this.clientKexInit = bArr;
        this.serverKexInit = bArr2;
        this.prvkey = sshPrivateKey;
        this.pubkey = sshPublicKey;
        this.firstPacketFollows = z;
        this.useFirstPacket = z2;
        this.transport = abstractServerTransport;
        try {
            initCrypto();
            abstractServerTransport.postMessage(new SshMessage() { // from class: com.maverick.sshd.components.jce.server.Rsa1024SHA1KeyExchange.1
                @Override // com.maverick.sshd.SshMessage
                public boolean writeMessageIntoBuffer(ByteBuffer byteBuffer) {
                    try {
                        byteBuffer.put((byte) 30);
                        byte[] encoded = sshPublicKey.getEncoded();
                        byteBuffer.putInt(encoded.length);
                        byteBuffer.put(encoded);
                        byte[] encoded2 = Rsa1024SHA1KeyExchange.this.transientKey.getPublicKey().getEncoded();
                        byteBuffer.putInt(encoded2.length);
                        byteBuffer.put(encoded2);
                        return true;
                    } catch (SshException e) {
                        Rsa1024SHA1KeyExchange.this.transport.disconnect(3, "Could not send transient key");
                        return true;
                    }
                }

                @Override // com.maverick.sshd.SshMessage
                public void messageSent() {
                    if (Rsa1024SHA1KeyExchange.log.isDebugEnabled()) {
                        Rsa1024SHA1KeyExchange.log.debug("Sent SSH_MSG_KEXRSA_PUBKEY");
                    }
                }
            }, true);
        } catch (Exception e) {
            throw new IOException("JCE does not support " + getAlgorithm() + " key exchange");
        }
    }

    public String getProvider() {
        return "";
    }

    @Override // com.maverick.sshd.components.SshKeyExchangeServer
    public boolean processMessage(byte[] bArr) throws SshException, IOException {
        switch (bArr[0]) {
            case 31:
                if (log.isDebugEnabled()) {
                    log.debug("Processing SSH_MSG_KEXRSA_SECRET");
                }
                ByteArrayReader byteArrayReader = new ByteArrayReader(bArr);
                byteArrayReader.skip(1L);
                this.encryptedSecret = byteArrayReader.readBinaryString();
                try {
                    this.cipher.init(2, this.transientKey.getPrivateKey().getJCEPrivateKey());
                    ByteArrayReader byteArrayReader2 = new ByteArrayReader(this.cipher.doFinal(this.encryptedSecret));
                    Throwable th = null;
                    try {
                        try {
                            this.secret = new BigInteger(byteArrayReader2.readBinaryString());
                            if (byteArrayReader2 != null) {
                                if (0 != 0) {
                                    try {
                                        byteArrayReader2.close();
                                    } catch (Throwable th2) {
                                        th.addSuppressed(th2);
                                    }
                                } else {
                                    byteArrayReader2.close();
                                }
                            }
                            this.hostKey = this.pubkey.getEncoded();
                            calculateExchangeHash();
                            this.signature = this.prvkey.sign(this.exchangeHash, this.pubkey.getSigningAlgorithm());
                            this.transport.postMessage(new SshMessage() { // from class: com.maverick.sshd.components.jce.server.Rsa1024SHA1KeyExchange.2
                                @Override // com.maverick.sshd.SshMessage
                                public boolean writeMessageIntoBuffer(ByteBuffer byteBuffer) {
                                    ByteArrayWriter byteArrayWriter = new ByteArrayWriter();
                                    try {
                                        try {
                                            byteBuffer.put((byte) 32);
                                            byteArrayWriter.writeString(Rsa1024SHA1KeyExchange.this.pubkey.getSigningAlgorithm());
                                            byteArrayWriter.writeBinaryString(Rsa1024SHA1KeyExchange.this.signature);
                                            byte[] byteArray = byteArrayWriter.toByteArray();
                                            byteBuffer.putInt(byteArray.length);
                                            byteBuffer.put(byteArray);
                                            try {
                                                return true;
                                            } catch (IOException e) {
                                                return true;
                                            }
                                        } catch (IOException e2) {
                                            Rsa1024SHA1KeyExchange.this.transport.disconnect(3, "Could not read host key");
                                            try {
                                                byteArrayWriter.close();
                                                return true;
                                            } catch (IOException e3) {
                                                return true;
                                            }
                                        }
                                    } finally {
                                        try {
                                            byteArrayWriter.close();
                                        } catch (IOException e4) {
                                        }
                                    }
                                }

                                @Override // com.maverick.sshd.SshMessage
                                public void messageSent() {
                                    if (Rsa1024SHA1KeyExchange.log.isDebugEnabled()) {
                                        Rsa1024SHA1KeyExchange.log.debug("Sent SSH_MSG_KEXRSA_DONE");
                                    }
                                }
                            }, true);
                            this.transport.sendNewKeys();
                            return true;
                        } finally {
                        }
                    } finally {
                    }
                } catch (Throwable th3) {
                    this.transport.disconnect(3, "Could not decrypt secret");
                    throw new SshException(th3);
                }
            default:
                return false;
        }
    }

    protected void calculateExchangeHash() throws SshException {
        Digest digest = (Digest) ComponentManager.getInstance().supportedDigests().getInstance(getHashAlgorithm());
        digest.putString(this.clientId);
        digest.putString(this.serverId);
        digest.putInt(this.clientKexInit.length);
        digest.putBytes(this.clientKexInit);
        digest.putInt(this.serverKexInit.length);
        digest.putBytes(this.serverKexInit);
        digest.putInt(this.hostKey.length);
        digest.putBytes(this.hostKey);
        byte[] encoded = this.transientKey.getPublicKey().getEncoded();
        digest.putInt(encoded.length);
        digest.putBytes(encoded);
        digest.putInt(this.encryptedSecret.length);
        digest.putBytes(this.encryptedSecret);
        digest.putBigInteger(this.secret);
        this.exchangeHash = digest.doFinal();
    }
}
