package com.sshtools.ssh.components.jce;

import com.sshtools.ssh.SshException;
import com.sshtools.ssh.components.ComponentManager;
import com.sshtools.ssh.components.DiffieHellmanGroups;
import com.sshtools.ssh.components.Digest;
import com.sshtools.ssh.components.SshKeyExchangeClient;
import com.sshtools.util.ByteArrayReader;
import com.sshtools.util.ByteArrayWriter;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import javax.crypto.KeyAgreement;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPublicKeySpec;

/* loaded from: input_file:WEB-INF/lib/j2ssh-maverick-1.5.2.jar:com/sshtools/ssh/components/jce/DiffieHellmanGroup1Sha1.class */
public class DiffieHellmanGroup1Sha1 extends SshKeyExchangeClient implements AbstractKeyExchange {
    public static final String DIFFIE_HELLMAN_GROUP1_SHA1 = "diffie-hellman-group1-sha1";
    static final int SSH_MSG_KEXDH_INIT = 30;
    static final int SSH_MSG_KEXDH_REPLY = 31;
    static final BigInteger ONE = BigInteger.valueOf(1);
    static final BigInteger TWO = BigInteger.valueOf(2);
    static final BigInteger g = TWO;
    static final BigInteger p = DiffieHellmanGroups.group1;
    BigInteger e;
    BigInteger f;
    BigInteger y;
    String clientId;
    String serverId;
    byte[] clientKexInit;
    byte[] serverKexInit;
    KeyPairGenerator dhKeyPairGen;
    KeyAgreement dhKeyAgreement;
    KeyFactory dhKeyFactory;

    public DiffieHellmanGroup1Sha1() {
        super("SHA-1");
        this.e = null;
        this.f = null;
        this.y = null;
    }

    @Override // com.sshtools.ssh.components.SshKeyExchangeClient
    public String getAlgorithm() {
        return "diffie-hellman-group1-sha1";
    }

    @Override // com.sshtools.ssh.components.jce.AbstractKeyExchange
    public String getProvider() {
        return this.dhKeyAgreement != null ? this.dhKeyAgreement.getProvider().getName() : "";
    }

    @Override // com.sshtools.ssh.components.SshKeyExchangeClient
    public void performClientExchange(String str, String str2, byte[] bArr, byte[] bArr2) throws SshException {
        this.clientId = str;
        this.serverId = str2;
        this.clientKexInit = bArr;
        this.serverKexInit = bArr2;
        try {
            this.dhKeyFactory = JCEProvider.getProviderForAlgorithm(JCEAlgorithms.JCE_DH) == null ? KeyFactory.getInstance(JCEAlgorithms.JCE_DH) : KeyFactory.getInstance(JCEAlgorithms.JCE_DH, JCEProvider.getProviderForAlgorithm(JCEAlgorithms.JCE_DH));
            this.dhKeyAgreement = JCEProvider.getProviderForAlgorithm(JCEAlgorithms.JCE_DH) == null ? KeyAgreement.getInstance(JCEAlgorithms.JCE_DH) : KeyAgreement.getInstance(JCEAlgorithms.JCE_DH, JCEProvider.getProviderForAlgorithm(JCEAlgorithms.JCE_DH));
            int i = 3;
            while (i != 0) {
                i--;
                try {
                    this.dhKeyPairGen = JCEProvider.getProviderForAlgorithm(JCEAlgorithms.JCE_DH) == null ? KeyPairGenerator.getInstance(JCEAlgorithms.JCE_DH) : KeyPairGenerator.getInstance(JCEAlgorithms.JCE_DH, JCEProvider.getProviderForAlgorithm(JCEAlgorithms.JCE_DH));
                    this.dhKeyPairGen.initialize(new DHParameterSpec(p, g));
                    KeyPair generateKeyPair = this.dhKeyPairGen.generateKeyPair();
                    this.e = ((DHPublicKey) generateKeyPair.getPublic()).getY();
                    if (this.e.compareTo(ONE) >= 0 && this.e.compareTo(p.subtract(ONE)) <= 0) {
                        ByteArrayWriter byteArrayWriter = new ByteArrayWriter();
                        try {
                            try {
                                this.dhKeyAgreement.init(generateKeyPair.getPrivate());
                                byteArrayWriter.write(30);
                                byteArrayWriter.writeBigInteger(this.e);
                                this.transport.sendMessage(byteArrayWriter.toByteArray(), true);
                                byte[] nextMessage = this.transport.nextMessage();
                                if (nextMessage[0] != 31) {
                                    this.transport.disconnect(3, "Key exchange failed [id=" + ((int) nextMessage[0]) + "]");
                                    throw new SshException("Key exchange failed [id=" + ((int) nextMessage[0]) + "]", 5);
                                }
                                ByteArrayReader byteArrayReader = new ByteArrayReader(nextMessage, 1, nextMessage.length - 1);
                                try {
                                    try {
                                        this.hostKey = byteArrayReader.readBinaryString();
                                        this.f = byteArrayReader.readBigInteger();
                                        this.signature = byteArrayReader.readBinaryString();
                                        this.dhKeyAgreement.doPhase(this.dhKeyFactory.generatePublic(new DHPublicKeySpec(this.f, p, g)), true);
                                        byte[] generateSecret = this.dhKeyAgreement.generateSecret();
                                        if ((generateSecret[0] & 128) == 128) {
                                            byte[] bArr3 = new byte[generateSecret.length + 1];
                                            System.arraycopy(generateSecret, 0, bArr3, 1, generateSecret.length);
                                            generateSecret = bArr3;
                                        }
                                        this.secret = new BigInteger(generateSecret);
                                        calculateExchangeHash();
                                        try {
                                            return;
                                        } catch (IOException e) {
                                            return;
                                        }
                                    } finally {
                                        try {
                                            byteArrayReader.close();
                                        } catch (IOException e2) {
                                        }
                                    }
                                } catch (Exception e3) {
                                    throw new SshException("Failed to read SSH_MSG_KEXDH_REPLY from message buffer", 5, e3);
                                }
                            } catch (IOException e4) {
                                throw new SshException("Failed to write SSH_MSG_KEXDH_INIT to message buffer", 5);
                            } catch (InvalidKeyException e5) {
                                throw new SshException("JCE reported Diffie Hellman invalid key", 16);
                            }
                        } finally {
                            try {
                                byteArrayWriter.close();
                            } catch (IOException e6) {
                            }
                        }
                    }
                } catch (InvalidAlgorithmParameterException e7) {
                    throw new SshException("Failed to generate DH value", 16);
                } catch (NoSuchAlgorithmException e8) {
                    throw new SshException("JCE does not support Diffie Hellman key exchange", 16);
                }
            }
            this.transport.disconnect(3, "Failed to generate key exchange value");
            throw new SshException("Key exchange failed to generate e value", 5);
        } catch (NoSuchAlgorithmException e9) {
            throw new SshException("JCE does not support Diffie Hellman key exchange", 16);
        }
    }

    protected void calculateExchangeHash() throws SshException {
        Digest digest = (Digest) ComponentManager.getInstance().supportedDigests().getInstance("SHA-1");
        digest.putString(this.clientId);
        digest.putString(this.serverId);
        digest.putInt(this.clientKexInit.length);
        digest.putBytes(this.clientKexInit);
        digest.putInt(this.serverKexInit.length);
        digest.putBytes(this.serverKexInit);
        digest.putInt(this.hostKey.length);
        digest.putBytes(this.hostKey);
        digest.putBigInteger(this.e);
        digest.putBigInteger(this.f);
        digest.putBigInteger(this.secret);
        this.exchangeHash = digest.doFinal();
    }

    @Override // com.sshtools.ssh.components.SshKeyExchangeClient
    public boolean isKeyExchangeMessage(int i) {
        switch (i) {
            case 30:
            case 31:
                return true;
            default:
                return false;
        }
    }
}
