package com.mindbright.ssh2;

import com.mindbright.util.Crypto;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.ECFieldFp;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.EllipticCurve;
import javax.crypto.KeyAgreement;

/* loaded from: input_file:com/mindbright/ssh2/SSH2KEXECDHSHA2NIST.class */
public abstract class SSH2KEXECDHSHA2NIST extends SSH2KeyExchanger {
    protected SSH2Transport transport;
    protected ECPublicKey ecPublicKey;
    protected ECPrivateKey ecPrivateKey;
    protected byte[] serverHostKey;
    protected ECPoint serverF;
    protected ECPoint clientE;
    protected byte[] sharedSecret_K;
    protected byte[] exchangeHash_H;
    protected MessageDigest sha2;
    protected KeyPair serverKey;

    /* loaded from: input_file:com/mindbright/ssh2/SSH2KEXECDHSHA2NIST$P256.class */
    public static class P256 extends SSH2KEXECDHSHA2NIST {
        private final String[] C = {"ecdh-sha2-nistp256", "secp256r1", "SHA-256"};

        @Override // com.mindbright.ssh2.SSH2KEXECDHSHA2NIST
        public String getName() {
            return this.C[0];
        }

        @Override // com.mindbright.ssh2.SSH2KEXECDHSHA2NIST
        public String getECName() {
            return this.C[1];
        }

        @Override // com.mindbright.ssh2.SSH2KEXECDHSHA2NIST
        public String getHashName() {
            return this.C[2];
        }
    }

    /* loaded from: input_file:com/mindbright/ssh2/SSH2KEXECDHSHA2NIST$P384.class */
    public static class P384 extends SSH2KEXECDHSHA2NIST {
        private final String[] C = {"ecdh-sha2-nistp384", "secp384r1", "SHA-384"};

        @Override // com.mindbright.ssh2.SSH2KEXECDHSHA2NIST
        public String getName() {
            return this.C[0];
        }

        @Override // com.mindbright.ssh2.SSH2KEXECDHSHA2NIST
        public String getECName() {
            return this.C[1];
        }

        @Override // com.mindbright.ssh2.SSH2KEXECDHSHA2NIST
        public String getHashName() {
            return this.C[2];
        }
    }

    /* loaded from: input_file:com/mindbright/ssh2/SSH2KEXECDHSHA2NIST$P521.class */
    public static class P521 extends SSH2KEXECDHSHA2NIST {
        private final String[] C = {"ecdh-sha2-nistp521", "secp521r1", "SHA-512"};

        @Override // com.mindbright.ssh2.SSH2KEXECDHSHA2NIST
        public String getName() {
            return this.C[0];
        }

        @Override // com.mindbright.ssh2.SSH2KEXECDHSHA2NIST
        public String getECName() {
            return this.C[1];
        }

        @Override // com.mindbright.ssh2.SSH2KEXECDHSHA2NIST
        public String getHashName() {
            return this.C[2];
        }
    }

    public abstract String getName();

    public abstract String getECName();

    public abstract String getHashName();

    @Override // com.mindbright.ssh2.SSH2KeyExchanger
    public void init(SSH2Transport sSH2Transport) throws SSH2Exception {
        init(sSH2Transport, null);
    }

    public void init(SSH2Transport sSH2Transport, KeyPair keyPair) throws SSH2Exception {
        this.transport = sSH2Transport;
        this.sha2 = createHash();
        this.serverKey = keyPair;
        generateECKeyPair();
        if (sSH2Transport.isServer()) {
            return;
        }
        sendECDHINIT(30);
    }

    public static byte[] tobytes(ECPoint eCPoint, EllipticCurve ellipticCurve) {
        byte[] byteArray = eCPoint.getAffineX().toByteArray();
        byte[] byteArray2 = eCPoint.getAffineY().toByteArray();
        int i = 0;
        int i2 = 0;
        int i3 = 0;
        while (true) {
            if (i3 >= byteArray.length - 1) {
                break;
            }
            if (byteArray[i3] != 0) {
                i = i3;
                break;
            }
            i3++;
        }
        int i4 = 0;
        while (true) {
            if (i4 >= byteArray2.length - 1) {
                break;
            }
            if (byteArray2[i4] != 0) {
                i2 = i4;
                break;
            }
            i4++;
        }
        int fieldSize = (ellipticCurve.getField().getFieldSize() + 7) / 8;
        if (byteArray.length - i > fieldSize || byteArray2.length - i2 > fieldSize) {
            return null;
        }
        byte[] bArr = new byte[(fieldSize * 2) + 1];
        bArr[0] = 4;
        System.arraycopy(byteArray, i, bArr, (1 + fieldSize) - (byteArray.length - i), byteArray.length - i);
        System.arraycopy(byteArray2, i2, bArr, bArr.length - (byteArray2.length - i2), byteArray2.length - i2);
        return bArr;
    }

    public static ECPoint frombytes(byte[] bArr, EllipticCurve ellipticCurve) {
        int fieldSize = (ellipticCurve.getField().getFieldSize() + 7) / 8;
        if (bArr.length != (2 * fieldSize) + 1 || bArr[0] != 4) {
            return null;
        }
        byte[] bArr2 = new byte[fieldSize];
        byte[] bArr3 = new byte[fieldSize];
        System.arraycopy(bArr, 1, bArr2, 0, fieldSize);
        System.arraycopy(bArr, fieldSize + 1, bArr3, 0, fieldSize);
        return new ECPoint(new BigInteger(1, bArr2), new BigInteger(1, bArr3));
    }

    private boolean validate(ECPoint eCPoint) {
        if (eCPoint == null || eCPoint.equals(ECPoint.POINT_INFINITY)) {
            return false;
        }
        BigInteger p = ((ECFieldFp) this.ecPrivateKey.getParams().getCurve().getField()).getP();
        BigInteger affineX = eCPoint.getAffineX();
        if (affineX.compareTo(BigInteger.ZERO) < 0 || affineX.compareTo(p) >= 0) {
            return false;
        }
        BigInteger affineY = eCPoint.getAffineY();
        if (affineY.compareTo(BigInteger.ZERO) < 0 || affineY.compareTo(p) >= 0) {
            return false;
        }
        return affineY.modPow(BigInteger.valueOf(2L), p).compareTo(affineX.modPow(BigInteger.valueOf(3L), p).add(affineX.multiply(this.ecPrivateKey.getParams().getCurve().getA())).add(this.ecPrivateKey.getParams().getCurve().getB()).mod(p)) == 0;
    }

    @Override // com.mindbright.ssh2.SSH2KeyExchanger
    public void processKEXMethodPDU(SSH2TransportPDU sSH2TransportPDU) throws SSH2Exception {
        if (sSH2TransportPDU.getType() == 31) {
            if (this.transport.isServer()) {
                throw new SSH2KEXFailedException("Unexpected KEX_ECDH_REPLY");
            }
            this.serverHostKey = sSH2TransportPDU.readString();
            this.serverF = frombytes(sSH2TransportPDU.readString(), this.ecPrivateKey.getParams().getCurve());
            if (!validate(this.serverF)) {
                throw new SSH2KEXFailedException("Failed to verify server ephemeral public key");
            }
            byte[] readString = sSH2TransportPDU.readString();
            computeSharedSecret_K(this.serverF);
            computeExchangeHash_H();
            this.transport.authenticateHost(this.serverHostKey, readString, this.exchangeHash_H);
            this.transport.sendNewKeys();
            return;
        }
        if (sSH2TransportPDU.getType() == 30) {
            if (!this.transport.isServer()) {
                throw new SSH2KEXFailedException("Unexpected KEX_ECDH_INIT");
            }
            this.clientE = frombytes(sSH2TransportPDU.readString(), this.ecPrivateKey.getParams().getCurve());
            if (!validate(this.clientE)) {
                throw new SSH2KEXFailedException("Failed to verify client ephemeral public key");
            }
            computeSharedSecret_K(this.clientE);
            String str = null;
            if (this.serverKey.getPublic() instanceof DSAPublicKey) {
                str = SSH2DSS.SSH2_KEY_FORMAT;
            } else if (this.serverKey.getPublic() instanceof RSAPublicKey) {
                str = "ssh-rsa";
            }
            SSH2Signature sSH2Signature = SSH2Signature.getInstance(str);
            sSH2Signature.setPublicKey(this.serverKey.getPublic());
            sSH2Signature.initSign(this.serverKey.getPrivate());
            this.serverHostKey = sSH2Signature.getPublicKeyBlob();
            computeExchangeHash_H();
            SSH2TransportPDU createOutgoingPacket = SSH2TransportPDU.createOutgoingPacket(31);
            createOutgoingPacket.writeString(this.serverHostKey);
            createOutgoingPacket.writeString(tobytes(this.ecPublicKey.getW(), this.ecPrivateKey.getParams().getCurve()));
            createOutgoingPacket.writeString(sSH2Signature.sign(this.exchangeHash_H));
            this.transport.transmitInternal(createOutgoingPacket);
            this.transport.sendNewKeys();
        }
    }

    @Override // com.mindbright.ssh2.SSH2KeyExchanger
    public MessageDigest getExchangeHashAlgorithm() {
        this.sha2.reset();
        return this.sha2;
    }

    @Override // com.mindbright.ssh2.SSH2KeyExchanger
    public byte[] getSharedSecret_K() {
        SSH2DataBuffer sSH2DataBuffer = new SSH2DataBuffer(128);
        sSH2DataBuffer.writeString(this.sharedSecret_K);
        return sSH2DataBuffer.readRestRaw();
    }

    @Override // com.mindbright.ssh2.SSH2KeyExchanger
    public byte[] getExchangeHash_H() {
        return this.exchangeHash_H;
    }

    protected void computeExchangeHash_H() {
        SSH2DataBuffer sSH2DataBuffer = new SSH2DataBuffer(65536);
        if (this.transport.isServer()) {
            this.serverF = this.ecPublicKey.getW();
        } else {
            this.clientE = this.ecPublicKey.getW();
        }
        sSH2DataBuffer.writeString(this.transport.getClientVersion());
        sSH2DataBuffer.writeString(this.transport.getServerVersion());
        sSH2DataBuffer.writeString(this.transport.getClientKEXINITPDU().getData(), this.transport.getClientKEXINITPDU().getPayloadOffset(), this.transport.getClientKEXINITPDU().getPayloadLength());
        sSH2DataBuffer.writeString(this.transport.getServerKEXINITPDU().getData(), this.transport.getServerKEXINITPDU().getPayloadOffset(), this.transport.getServerKEXINITPDU().getPayloadLength());
        sSH2DataBuffer.writeString(this.serverHostKey);
        sSH2DataBuffer.writeString(tobytes(this.clientE, this.ecPrivateKey.getParams().getCurve()));
        sSH2DataBuffer.writeString(tobytes(this.serverF, this.ecPrivateKey.getParams().getCurve()));
        sSH2DataBuffer.writeString(this.sharedSecret_K);
        this.sha2.reset();
        this.sha2.update(sSH2DataBuffer.getData(), 0, sSH2DataBuffer.getWPos());
        this.exchangeHash_H = this.sha2.digest();
        this.transport.getLog().debug2(getName(), "computeExchangeHash_H", "E: ", tobytes(this.clientE, this.ecPrivateKey.getParams().getCurve()));
        this.transport.getLog().debug2(getName(), "computeExchangeHash_H", "F: ", tobytes(this.serverF, this.ecPrivateKey.getParams().getCurve()));
        this.transport.getLog().debug2(getName(), "computeExchangeHash_H", "K: ", this.sharedSecret_K);
        this.transport.getLog().debug2(getName(), "computeExchangeHash_H", "Hash over: ", sSH2DataBuffer.getData(), 0, sSH2DataBuffer.getWPos());
        this.transport.getLog().debug2(getName(), "computeExchangeHash_H", "H: ", this.exchangeHash_H);
    }

    protected void computeSharedSecret_K(ECPoint eCPoint) throws SSH2Exception {
        try {
            KeyFactory keyFactory = Crypto.getKeyFactory("EC");
            KeyAgreement keyAgreement = Crypto.getKeyAgreement("ECDH");
            ECPublicKey eCPublicKey = (ECPublicKey) keyFactory.generatePublic(new ECPublicKeySpec(eCPoint, this.ecPrivateKey.getParams()));
            keyAgreement.init(this.ecPrivateKey);
            keyAgreement.doPhase(eCPublicKey, true);
            this.sharedSecret_K = keyAgreement.generateSecret();
            if ((this.sharedSecret_K[0] & 128) == 128) {
                byte[] bArr = this.sharedSecret_K;
                this.sharedSecret_K = new byte[this.sharedSecret_K.length + 1];
                this.sharedSecret_K[0] = 0;
                System.arraycopy(bArr, 0, this.sharedSecret_K, 1, bArr.length);
            }
            this.sharedSecret_K = new BigInteger(1, this.sharedSecret_K).toByteArray();
        } catch (Exception e) {
            e.printStackTrace();
            throw new SSH2FatalException("Error computing shared secret: " + e);
        }
    }

    protected void sendECDHINIT(int i) throws SSH2Exception {
        SSH2TransportPDU createOutgoingPacket = SSH2TransportPDU.createOutgoingPacket(i);
        createOutgoingPacket.writeString(tobytes(this.ecPublicKey.getW(), this.ecPrivateKey.getParams().getCurve()));
        this.transport.transmitInternal(createOutgoingPacket);
    }

    protected MessageDigest createHash() throws SSH2Exception {
        try {
            return Crypto.getMessageDigest(getHashName());
        } catch (Exception e) {
            throw new SSH2KEXFailedException(getHashName() + " not implemented", e);
        }
    }

    protected void generateECKeyPair() throws SSH2Exception {
        try {
            KeyPairGenerator keyPairGenerator = Crypto.getKeyPairGenerator("EC");
            keyPairGenerator.initialize(new ECGenParameterSpec(getECName()), this.transport.getSecureRandom());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            this.ecPrivateKey = (ECPrivateKey) generateKeyPair.getPrivate();
            this.ecPublicKey = (ECPublicKey) generateKeyPair.getPublic();
        } catch (Exception e) {
            throw new SSH2FatalException("Error generating EC keys: " + e);
        }
    }
}
