package com.mindbright.ssh2;

import com.mindbright.jca.security.KeyFactory;
import com.mindbright.jca.security.KeyPair;
import com.mindbright.jca.security.KeyPairGenerator;
import com.mindbright.jca.security.MessageDigest;
import com.mindbright.jca.security.interfaces.DSAPublicKey;
import com.mindbright.jca.security.interfaces.RSAPublicKey;
import com.mindbright.jce.crypto.KeyAgreement;
import com.mindbright.jce.crypto.interfaces.DHPrivateKey;
import com.mindbright.jce.crypto.interfaces.DHPublicKey;
import com.mindbright.jce.crypto.spec.DHParameterSpec;
import com.mindbright.jce.crypto.spec.DHPublicKeySpec;
import java.math.BigInteger;

/* loaded from: input_file:embedded.war:WEB-INF/lib/mindterm.jar:com/mindbright/ssh2/SSH2KEXDHGroupNumSHA1.class */
public abstract class SSH2KEXDHGroupNumSHA1 extends SSH2KeyExchanger {
    public BigInteger groupP;
    public BigInteger groupG;
    public String name;
    protected SSH2Transport transport;
    protected DHPublicKey dhPublicKey;
    protected DHPrivateKey dhPrivateKey;
    protected byte[] serverHostKey;
    protected BigInteger serverF;
    protected BigInteger clientE;
    protected byte[] sharedSecret_K;
    protected byte[] exchangeHash_H;
    protected MessageDigest sha1;
    protected KeyPair serverKey;

    @Override // com.mindbright.ssh2.SSH2KeyExchanger
    public void init(SSH2Transport sSH2Transport) throws SSH2Exception {
        init(sSH2Transport, null);
    }

    public void init(SSH2Transport sSH2Transport, KeyPair keyPair) throws SSH2Exception {
        this.transport = sSH2Transport;
        this.sha1 = createHash();
        this.serverKey = keyPair;
        generateDHKeyPair(new DHParameterSpec(this.groupP, this.groupG));
        if (sSH2Transport.isServer()) {
            return;
        }
        sendDHINIT(30);
    }

    @Override // com.mindbright.ssh2.SSH2KeyExchanger
    public void processKEXMethodPDU(SSH2TransportPDU sSH2TransportPDU) throws SSH2Exception {
        if (sSH2TransportPDU.getType() == 31) {
            if (this.transport.isServer()) {
                throw new SSH2KEXFailedException("Unexpected KEXDH_REPLY");
            }
            this.serverHostKey = sSH2TransportPDU.readString();
            this.serverF = sSH2TransportPDU.readBigInt();
            byte[] readString = sSH2TransportPDU.readString();
            computeSharedSecret_K(new DHPublicKeySpec(this.serverF, this.groupP, this.groupG));
            computeExchangeHash_H();
            this.transport.authenticateHost(this.serverHostKey, readString, this.exchangeHash_H);
            this.transport.sendNewKeys();
            return;
        }
        if (sSH2TransportPDU.getType() == 30) {
            if (!this.transport.isServer()) {
                throw new SSH2KEXFailedException("Unexpected KEXDH_INIT");
            }
            this.clientE = sSH2TransportPDU.readBigInt();
            computeSharedSecret_K(new DHPublicKeySpec(this.clientE, this.groupP, this.groupG));
            String str = null;
            if (this.serverKey.getPublic() instanceof DSAPublicKey) {
                str = SSH2DSS.SSH2_KEY_FORMAT;
            } else if (this.serverKey.getPublic() instanceof RSAPublicKey) {
                str = SSH2RSA.SSH2_KEY_FORMAT;
            }
            SSH2Signature sSH2Signature = SSH2Signature.getInstance(str);
            sSH2Signature.setPublicKey(this.serverKey.getPublic());
            sSH2Signature.initSign(this.serverKey.getPrivate());
            this.serverHostKey = sSH2Signature.getPublicKeyBlob();
            computeExchangeHash_H();
            SSH2TransportPDU createOutgoingPacket = SSH2TransportPDU.createOutgoingPacket(31);
            createOutgoingPacket.writeString(this.serverHostKey);
            createOutgoingPacket.writeBigInt(this.dhPublicKey.getY());
            createOutgoingPacket.writeString(sSH2Signature.sign(this.exchangeHash_H));
            this.transport.transmitInternal(createOutgoingPacket);
            this.transport.sendNewKeys();
        }
    }

    @Override // com.mindbright.ssh2.SSH2KeyExchanger
    public MessageDigest getExchangeHashAlgorithm() {
        this.sha1.reset();
        return this.sha1;
    }

    @Override // com.mindbright.ssh2.SSH2KeyExchanger
    public byte[] getSharedSecret_K() {
        SSH2DataBuffer sSH2DataBuffer = new SSH2DataBuffer(1024);
        sSH2DataBuffer.writeString(this.sharedSecret_K);
        return sSH2DataBuffer.readRestRaw();
    }

    @Override // com.mindbright.ssh2.SSH2KeyExchanger
    public byte[] getExchangeHash_H() {
        return this.exchangeHash_H;
    }

    @Override // com.mindbright.ssh2.SSH2KeyExchanger
    public String getHostKeyAlgorithms() {
        return "ssh-dss,ssh-rsa";
    }

    protected void computeExchangeHash_H() {
        SSH2DataBuffer sSH2DataBuffer = new SSH2DataBuffer(65536);
        if (this.transport.isServer()) {
            this.serverF = this.dhPublicKey.getY();
        } else {
            this.clientE = this.dhPublicKey.getY();
        }
        sSH2DataBuffer.writeString(this.transport.getClientVersion());
        sSH2DataBuffer.writeString(this.transport.getServerVersion());
        sSH2DataBuffer.writeString(this.transport.getClientKEXINITPDU().getData(), this.transport.getClientKEXINITPDU().getPayloadOffset(), this.transport.getClientKEXINITPDU().getPayloadLength());
        sSH2DataBuffer.writeString(this.transport.getServerKEXINITPDU().getData(), this.transport.getServerKEXINITPDU().getPayloadOffset(), this.transport.getServerKEXINITPDU().getPayloadLength());
        sSH2DataBuffer.writeString(this.serverHostKey);
        sSH2DataBuffer.writeBigInt(this.clientE);
        sSH2DataBuffer.writeBigInt(this.serverF);
        sSH2DataBuffer.writeString(this.sharedSecret_K);
        this.sha1.reset();
        this.sha1.update(sSH2DataBuffer.getData(), 0, sSH2DataBuffer.getWPos());
        this.exchangeHash_H = this.sha1.digest();
        this.transport.getLog().debug2(this.name, "computeExchangeHash_H", "E: ", this.clientE.toByteArray());
        this.transport.getLog().debug2(this.name, "computeExchangeHash_H", "F: ", this.serverF.toByteArray());
        this.transport.getLog().debug2(this.name, "computeExchangeHash_H", "K: ", this.sharedSecret_K);
        this.transport.getLog().debug2(this.name, "computeExchangeHash_H", "Hash over: ", sSH2DataBuffer.getData(), 0, sSH2DataBuffer.getWPos());
        this.transport.getLog().debug2(this.name, "computeExchangeHash_H", "H: ", this.exchangeHash_H);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void computeSharedSecret_K(DHPublicKeySpec dHPublicKeySpec) throws SSH2Exception {
        try {
            KeyFactory keyFactory = KeyFactory.getInstance("DH");
            KeyAgreement keyAgreement = KeyAgreement.getInstance("DH");
            DHPublicKey dHPublicKey = (DHPublicKey) keyFactory.generatePublic(dHPublicKeySpec);
            keyAgreement.init(this.dhPrivateKey);
            keyAgreement.doPhase(dHPublicKey, true);
            this.sharedSecret_K = keyAgreement.generateSecret();
        } catch (Exception e) {
            e.printStackTrace();
            throw new SSH2FatalException(new StringBuffer().append("Error computing shared secret: ").append(e).toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void sendDHINIT(int i) throws SSH2Exception {
        SSH2TransportPDU createOutgoingPacket = SSH2TransportPDU.createOutgoingPacket(i);
        createOutgoingPacket.writeBigInt(this.dhPublicKey.getY());
        this.transport.transmitInternal(createOutgoingPacket);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public MessageDigest createHash() throws SSH2Exception {
        try {
            return MessageDigest.getInstance("SHA1");
        } catch (Exception e) {
            throw new SSH2KEXFailedException("SHA1 not implemented", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void generateDHKeyPair(DHParameterSpec dHParameterSpec) throws SSH2Exception {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DH");
            keyPairGenerator.initialize(dHParameterSpec, this.transport.getSecureRandom());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            this.dhPrivateKey = (DHPrivateKey) generateKeyPair.getPrivate();
            this.dhPublicKey = (DHPublicKey) generateKeyPair.getPublic();
        } catch (Exception e) {
            throw new SSH2FatalException(new StringBuffer().append("Error generating DiffieHellman keys: ").append(e).toString());
        }
    }
}
