package io.jenkins.cli.shaded.org.apache.sshd.server.kex;

import io.jenkins.cli.shaded.org.apache.sshd.common.NamedFactory;
import io.jenkins.cli.shaded.org.apache.sshd.common.SshException;
import io.jenkins.cli.shaded.org.apache.sshd.common.kex.AbstractDH;
import io.jenkins.cli.shaded.org.apache.sshd.common.kex.DHFactory;
import io.jenkins.cli.shaded.org.apache.sshd.common.kex.KexProposalOption;
import io.jenkins.cli.shaded.org.apache.sshd.common.kex.KeyExchange;
import io.jenkins.cli.shaded.org.apache.sshd.common.kex.KeyExchangeFactory;
import io.jenkins.cli.shaded.org.apache.sshd.common.session.Session;
import io.jenkins.cli.shaded.org.apache.sshd.common.signature.Signature;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.ValidateUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.buffer.Buffer;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.buffer.BufferUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.buffer.ByteArrayBuffer;
import io.jenkins.cli.shaded.org.apache.sshd.server.session.ServerSession;
import java.security.KeyPair;
import java.util.Objects;

/* loaded from: input_file:WEB-INF/lib/cli-2.456-rc34872.6b_f797935056.jar:io/jenkins/cli/shaded/org/apache/sshd/server/kex/DHGServer.class */
public class DHGServer extends AbstractDHServerKeyExchange {
    protected final DHFactory factory;
    protected AbstractDH dh;

    protected DHGServer(DHFactory dHFactory, Session session) {
        super(session);
        this.factory = (DHFactory) Objects.requireNonNull(dHFactory, "No factory");
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.NamedResource
    public final String getName() {
        return this.factory.getName();
    }

    public static KeyExchangeFactory newFactory(final DHFactory dHFactory) {
        return new KeyExchangeFactory() { // from class: io.jenkins.cli.shaded.org.apache.sshd.server.kex.DHGServer.1
            @Override // io.jenkins.cli.shaded.org.apache.sshd.common.kex.KeyExchangeFactory
            public KeyExchange createKeyExchange(Session session) throws Exception {
                return new DHGServer(DHFactory.this, session);
            }

            @Override // io.jenkins.cli.shaded.org.apache.sshd.common.NamedResource
            public String getName() {
                return DHFactory.this.getName();
            }

            public String toString() {
                return NamedFactory.class.getSimpleName() + "<" + KeyExchange.class.getSimpleName() + ">[" + getName() + "]";
            }
        };
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.kex.dh.AbstractDHKeyExchange, io.jenkins.cli.shaded.org.apache.sshd.common.kex.KeyExchange
    public void init(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) throws Exception {
        super.init(bArr, bArr2, bArr3, bArr4);
        this.dh = this.factory.create(new Object[0]);
        this.hash = this.dh.getHash();
        this.hash.init();
        setF(this.dh.getE());
    }

    @Override // io.jenkins.cli.shaded.org.apache.sshd.common.kex.KeyExchange
    public boolean next(int i, Buffer buffer) throws Exception {
        ServerSession serverSession = getServerSession();
        if (this.log.isDebugEnabled()) {
            this.log.debug("next({})[{}] process command={}", this, serverSession, KeyExchange.getSimpleKexOpcodeName(i));
        }
        if (i != 30) {
            throw new SshException(3, "Protocol error: expected packet SSH_MSG_KEXDH_INIT, got " + KeyExchange.getSimpleKexOpcodeName(i));
        }
        byte[] updateE = updateE(buffer);
        this.dh.setF(updateE);
        this.k = this.dh.getK();
        KeyPair keyPair = (KeyPair) Objects.requireNonNull(serverSession.getHostKey(), "No server key pair available");
        String negotiatedKexParameter = serverSession.getNegotiatedKexParameter(KexProposalOption.SERVERKEYS);
        Signature signature = (Signature) ValidateUtils.checkNotNull((Signature) NamedFactory.create(serverSession.getSignatureFactories(), negotiatedKexParameter), "Unknown negotiated server keys: %s", negotiatedKexParameter);
        signature.initSigner(serverSession, keyPair.getPrivate());
        ByteArrayBuffer byteArrayBuffer = new ByteArrayBuffer();
        byteArrayBuffer.putRawPublicKey(keyPair.getPublic());
        byte[] compactData = byteArrayBuffer.getCompactData();
        byteArrayBuffer.clear();
        byteArrayBuffer.putBytes(this.v_c);
        byteArrayBuffer.putBytes(this.v_s);
        byteArrayBuffer.putBytes(this.i_c);
        byteArrayBuffer.putBytes(this.i_s);
        byteArrayBuffer.putBytes(compactData);
        this.dh.putE(byteArrayBuffer, updateE);
        byte[] f = getF();
        this.dh.putF(byteArrayBuffer, f);
        byteArrayBuffer.putMPInt(this.k);
        this.hash.update(byteArrayBuffer.array(), 0, byteArrayBuffer.available());
        this.h = this.hash.digest();
        signature.update(serverSession, this.h);
        byteArrayBuffer.clear();
        byteArrayBuffer.putString(signature.getSshAlgorithmName(negotiatedKexParameter));
        byteArrayBuffer.putBytes(signature.sign(serverSession));
        byte[] compactData2 = byteArrayBuffer.getCompactData();
        if (this.log.isTraceEnabled()) {
            this.log.trace("next({})[{}][K_S]:  {}", this, serverSession, BufferUtils.toHex(compactData));
            this.log.trace("next({})[{}][f]:    {}", this, serverSession, BufferUtils.toHex(f));
            this.log.trace("next({})[{}][sigH]: {}", this, serverSession, BufferUtils.toHex(compactData2));
        }
        if (this.log.isDebugEnabled()) {
            this.log.debug("next({})[{}] Send SSH_MSG_KEXDH_REPLY", this, serverSession);
        }
        Buffer prepareBuffer = serverSession.prepareBuffer((byte) 31, BufferUtils.clear(byteArrayBuffer));
        prepareBuffer.putBytes(compactData);
        this.dh.putF(prepareBuffer, f);
        prepareBuffer.putBytes(compactData2);
        serverSession.writePacket(prepareBuffer);
        return true;
    }
}
