package com.sshtools.client.components;

import com.sshtools.client.SshClientContext;
import com.sshtools.client.SshKeyExchangeClient;
import com.sshtools.ssh.SshException;
import com.sshtools.ssh.SshMessage;
import com.sshtools.ssh.TransportProtocol;
import com.sshtools.ssh.components.DiffieHellmanGroups;
import com.sshtools.ssh.components.Digest;
import com.sshtools.ssh.components.SshPrivateKey;
import com.sshtools.ssh.components.SshPublicKey;
import com.sshtools.ssh.components.jce.JCEProvider;
import com.sshtools.util.ByteArrayReader;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import javax.crypto.KeyAgreement;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPublicKeySpec;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/sshtools/client/components/DiffieHellmanGroup14Sha1JCE.class */
public class DiffieHellmanGroup14Sha1JCE extends SshKeyExchangeClient {
    public static final String DIFFIE_HELLMAN_GROUP14_SHA1 = "diffie-hellman-group14-sha1";
    static final int SSH_MSG_KEXDH_INIT = 30;
    static final int SSH_MSG_KEXDH_REPLY = 31;
    BigInteger e = null;
    BigInteger f = null;
    KeyPairGenerator dhKeyPairGen;
    KeyAgreement dhKeyAgreement;
    KeyFactory dhKeyFactory;
    static final BigInteger ONE = BigInteger.valueOf(1);
    static final BigInteger TWO = BigInteger.valueOf(2);
    static final BigInteger g = TWO;
    static final BigInteger p = DiffieHellmanGroups.group14;
    static Logger log = LoggerFactory.getLogger(DiffieHellmanGroup14Sha1JCE.class);

    public String getAlgorithm() {
        return DIFFIE_HELLMAN_GROUP14_SHA1;
    }

    public void init(TransportProtocol<SshClientContext> transportProtocol, String str, String str2, byte[] bArr, byte[] bArr2, SshPrivateKey sshPrivateKey, SshPublicKey sshPublicKey, boolean z, boolean z2) throws IOException, SshException {
        this.clientId = str;
        this.serverId = str2;
        this.clientKexInit = bArr;
        this.serverKexInit = bArr2;
        this.firstPacketFollows = z;
        this.useFirstPacket = z2;
        this.transport = transportProtocol;
        try {
            this.dhKeyFactory = JCEProvider.getProviderForAlgorithm("DH") == null ? KeyFactory.getInstance("DH") : KeyFactory.getInstance("DH", JCEProvider.getProviderForAlgorithm("DH"));
            this.dhKeyPairGen = JCEProvider.getProviderForAlgorithm("DH") == null ? KeyPairGenerator.getInstance("DH") : KeyPairGenerator.getInstance("DH", JCEProvider.getProviderForAlgorithm("DH"));
            this.dhKeyAgreement = JCEProvider.getProviderForAlgorithm("DH") == null ? KeyAgreement.getInstance("DH") : KeyAgreement.getInstance("DH", JCEProvider.getProviderForAlgorithm("DH"));
            try {
                this.dhKeyPairGen.initialize(new DHParameterSpec(p, g), JCEProvider.getSecureRandom());
                KeyPair generateKeyPair = this.dhKeyPairGen.generateKeyPair();
                this.dhKeyAgreement.init(generateKeyPair.getPrivate());
                this.e = ((DHPublicKey) generateKeyPair.getPublic()).getY();
                final byte[] byteArray = this.e.toByteArray();
                transportProtocol.postMessage(new SshMessage() { // from class: com.sshtools.client.components.DiffieHellmanGroup14Sha1JCE.1
                    public boolean writeMessageIntoBuffer(ByteBuffer byteBuffer) {
                        byteBuffer.put((byte) 30);
                        byteBuffer.putInt(byteArray.length);
                        byteBuffer.put(byteArray);
                        return true;
                    }

                    public void messageSent() {
                        if (DiffieHellmanGroup14Sha1JCE.log.isDebugEnabled()) {
                            DiffieHellmanGroup14Sha1JCE.log.debug("Sent SSH_MSG_KEXDH_INIT");
                        }
                    }
                });
            } catch (Exception e) {
                throw new IOException("Failed to generate DH value: " + e.getMessage());
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new IOException("JCE does not support Diffie Hellman key exchange");
        }
    }

    public String getProvider() {
        return this.dhKeyAgreement != null ? this.dhKeyAgreement.getProvider().getName() : "";
    }

    @Override // com.sshtools.client.SshKeyExchangeClient
    public boolean processMessage(byte[] bArr) throws SshException, IOException {
        ByteArrayReader byteArrayReader = new ByteArrayReader(bArr);
        try {
            switch (byteArrayReader.read()) {
                case 31:
                    if (log.isDebugEnabled()) {
                        log.debug("Processing SSH_MSG_KEXDH_INIT");
                    }
                    try {
                        this.hostKey = byteArrayReader.readBinaryString();
                        this.f = byteArrayReader.readBigInteger();
                        this.signature = byteArrayReader.readBinaryString();
                        this.dhKeyAgreement.doPhase(this.dhKeyFactory.generatePublic(new DHPublicKeySpec(this.f, p, g)), true);
                        byte[] generateSecret = this.dhKeyAgreement.generateSecret();
                        if ((generateSecret[0] & 128) == 128) {
                            byte[] bArr2 = new byte[generateSecret.length + 1];
                            System.arraycopy(generateSecret, 0, bArr2, 1, generateSecret.length);
                            generateSecret = bArr2;
                        }
                        this.secret = new BigInteger(generateSecret);
                        calculateExchangeHash();
                        this.transport.sendNewKeys();
                        return true;
                    } catch (Exception e) {
                        throw new SshException("Failed to read SSH_MSG_KEXDH_REPLY from message buffer", 5, e);
                    }
                default:
                    byteArrayReader.close();
                    return false;
            }
        } finally {
            byteArrayReader.close();
        }
        byteArrayReader.close();
    }

    protected void calculateExchangeHash() throws SshException {
        Digest digest = (Digest) ((SshClientContext) this.transport.getContext()).getComponentManager().supportedDigests().getInstance("SHA-1");
        digest.putString(this.clientId);
        digest.putString(this.serverId);
        digest.putInt(this.clientKexInit.length);
        digest.putBytes(this.clientKexInit);
        digest.putInt(this.serverKexInit.length);
        digest.putBytes(this.serverKexInit);
        digest.putInt(this.hostKey.length);
        digest.putBytes(this.hostKey);
        digest.putBigInteger(this.e);
        digest.putBigInteger(this.f);
        digest.putBigInteger(this.secret);
        this.exchangeHash = digest.doFinal();
    }

    public boolean isKeyExchangeMessage(int i) {
        switch (i) {
            case 30:
            case 31:
                return true;
            default:
                return false;
        }
    }

    public String getHashAlgorithm() {
        return "SHA-1";
    }

    public void test() throws IOException, SshException {
    }
}
