package net.lag.jaramiko;

import java.io.IOException;
import java.math.BigInteger;
import net.lag.crai.Crai;
import net.lag.crai.CraiDigest;
import net.lag.jaramiko.ModulusPack;

/* loaded from: input_file:net/lag/jaramiko/KexGex.class */
class KexGex implements Kex {
    private KexTransportInterface mTransport;
    private Crai mCrai;
    private BigInteger mP;
    private BigInteger mQ;
    private BigInteger mG;
    private BigInteger mX;
    private BigInteger mE;
    private BigInteger mF;
    protected static final byte KEX_GEX_REQUEST_OLD = 30;
    protected static final byte KEX_GEX_GROUP = 31;
    protected static final byte KEX_GEX_INIT = 32;
    protected static final byte KEX_GEX_REPLY = 33;
    protected static final byte KEX_GEX_REQUEST = 34;
    private int mMinBits = 1024;
    private int mMaxBits = 8192;
    private int mPreferredBits = 2048;
    boolean mTestOldStyle = false;
    private boolean mUseOldStyle = false;
    protected ModulusPack mModulusPack = BaseTransport.getModulusPack();

    @Override // net.lag.jaramiko.Kex
    public String getName() {
        return "diffie-hellman-group-exchange-sha1";
    }

    @Override // net.lag.jaramiko.Kex
    public void startKex(KexTransportInterface kexTransportInterface, Crai crai) throws IOException {
        this.mTransport = kexTransportInterface;
        this.mCrai = crai;
        if (kexTransportInterface.getServerKey() != null) {
            kexTransportInterface.expectPacket((byte) 34, (byte) 30);
            return;
        }
        Message message = new Message();
        if (this.mTestOldStyle) {
            message.putByte((byte) 30);
            message.putInt(this.mPreferredBits);
        } else {
            message.putByte((byte) 34);
            message.putInt(this.mMinBits);
            message.putInt(this.mPreferredBits);
            message.putInt(this.mMaxBits);
        }
        kexTransportInterface.sendMessage(message);
        kexTransportInterface.expectPacket((byte) 31);
    }

    @Override // net.lag.jaramiko.MessageHandler
    public boolean handleMessage(byte b, Message message) throws IOException {
        switch (b) {
            case 30:
                parseRequestOld(message);
                return true;
            case 31:
                parseGroup(message);
                return true;
            case 32:
                parseInit(message);
                return true;
            case 33:
                parseReply(message);
                return true;
            case 34:
                parseRequest(message);
                return true;
            default:
                throw new SSHException(new StringBuffer().append("KexGex asked to handle packet type ").append(MessageType.getDescription(b)).toString());
        }
    }

    private void parseRequest(Message message) throws IOException {
        int i = message.getInt();
        int i2 = message.getInt();
        int i3 = message.getInt();
        if (i2 > this.mMaxBits) {
            i2 = this.mMaxBits;
        }
        if (i2 < this.mMinBits) {
            i2 = this.mMinBits;
        }
        if (i > i2) {
            i = i2;
        }
        if (i3 < i2) {
            i3 = i2;
        }
        this.mMinBits = i;
        this.mPreferredBits = i2;
        this.mMaxBits = i3;
        if (this.mModulusPack.size() == 0) {
            throw new SSHException("Can't do server-side gex; no modulus list");
        }
        this.mTransport.getLog().debug(new StringBuffer().append("Picking p (").append(this.mMinBits).append(" <= ").append(this.mPreferredBits).append(" <= ").append(this.mMaxBits).append(" bits)").toString());
        ModulusPack.ModulusPair modulusPair = this.mModulusPack.get(this.mCrai, this.mMinBits, this.mPreferredBits, this.mMaxBits);
        this.mG = BigInteger.valueOf(modulusPair.mGenerator);
        this.mP = modulusPair.mModulus;
        Message message2 = new Message();
        message2.putByte((byte) 31);
        message2.putMPZ(this.mP);
        message2.putMPZ(this.mG);
        this.mTransport.sendMessage(message2);
        this.mTransport.expectPacket((byte) 32);
    }

    private void parseRequestOld(Message message) throws IOException {
        int i = message.getInt();
        if (i > this.mMaxBits) {
            i = this.mMaxBits;
        }
        if (i < this.mMinBits) {
            i = this.mMinBits;
        }
        this.mPreferredBits = i;
        if (this.mModulusPack.size() == 0) {
            throw new SSHException("Can't do server-side gex; no modulus list");
        }
        this.mTransport.getLog().debug(new StringBuffer().append("Picking p (~ ").append(this.mPreferredBits).append(" bits)").toString());
        ModulusPack.ModulusPair modulusPair = this.mModulusPack.get(this.mCrai, this.mMinBits, this.mPreferredBits, this.mMaxBits);
        this.mG = BigInteger.valueOf(modulusPair.mGenerator);
        this.mP = modulusPair.mModulus;
        Message message2 = new Message();
        message2.putByte((byte) 31);
        message2.putMPZ(this.mP);
        message2.putMPZ(this.mG);
        this.mTransport.sendMessage(message2);
        this.mTransport.expectPacket((byte) 32);
        this.mUseOldStyle = true;
    }

    private void parseInit(Message message) throws IOException {
        this.mE = message.getMPZ();
        if (this.mE.compareTo(BigInteger.ONE) < 0 || this.mE.compareTo(this.mP.subtract(BigInteger.ONE)) > 0) {
            throw new SSHException("Client kex 'e' is out of range");
        }
        generateX();
        this.mF = this.mG.modPow(this.mX, this.mP);
        BigInteger modPow = this.mE.modPow(this.mX, this.mP);
        PKey serverKey = this.mTransport.getServerKey();
        byte[] byteArray = serverKey.toByteArray();
        Message message2 = new Message();
        message2.putString(this.mTransport.getRemoteVersion());
        message2.putString(this.mTransport.getLocalVersion());
        message2.putByteString(this.mTransport.getRemoteKexInit());
        message2.putByteString(this.mTransport.getLocalKexInit());
        message2.putByteString(byteArray);
        if (!this.mUseOldStyle) {
            message2.putInt(this.mMinBits);
        }
        message2.putInt(this.mPreferredBits);
        if (!this.mUseOldStyle) {
            message2.putInt(this.mMaxBits);
        }
        message2.putMPZ(this.mP);
        message2.putMPZ(this.mG);
        message2.putMPZ(this.mE);
        message2.putMPZ(this.mF);
        message2.putMPZ(modPow);
        CraiDigest makeSHA1 = this.mCrai.makeSHA1();
        byte[] byteArray2 = message2.toByteArray();
        makeSHA1.update(byteArray2, 0, byteArray2.length);
        byte[] finish = makeSHA1.finish();
        this.mTransport.setKH(modPow, finish);
        byte[] byteArray3 = serverKey.signSSHData(this.mCrai, finish).toByteArray();
        Message message3 = new Message();
        message3.putByte((byte) 33);
        message3.putByteString(byteArray);
        message3.putMPZ(this.mF);
        message3.putByteString(byteArray3);
        this.mTransport.sendMessage(message3);
        this.mTransport.kexComplete();
    }

    private void parseGroup(Message message) throws IOException {
        this.mP = message.getMPZ();
        this.mG = message.getMPZ();
        int bitLength = this.mP.bitLength();
        if (bitLength < 1024 || bitLength > 8192) {
            throw new SSHException(new StringBuffer().append("Server-generated gex p (don't ask) is out of range (").append(bitLength).append(" bits)").toString());
        }
        this.mTransport.getLog().debug(new StringBuffer().append("Got server p (").append(bitLength).append(" bits)").toString());
        generateX();
        this.mE = this.mG.modPow(this.mX, this.mP);
        Message message2 = new Message();
        message2.putByte((byte) 32);
        message2.putMPZ(this.mE);
        this.mTransport.sendMessage(message2);
        this.mTransport.expectPacket((byte) 33);
    }

    private void parseReply(Message message) throws IOException {
        byte[] byteString = message.getByteString();
        this.mF = message.getMPZ();
        byte[] byteString2 = message.getByteString();
        if (this.mF.compareTo(BigInteger.ONE) < 0 || this.mF.compareTo(this.mP.subtract(BigInteger.ONE)) > 0) {
            throw new SSHException("Server kex 'f' is out of range");
        }
        BigInteger modPow = this.mF.modPow(this.mX, this.mP);
        Message message2 = new Message();
        message2.putString(this.mTransport.getLocalVersion());
        message2.putString(this.mTransport.getRemoteVersion());
        message2.putByteString(this.mTransport.getLocalKexInit());
        message2.putByteString(this.mTransport.getRemoteKexInit());
        message2.putByteString(byteString);
        if (!this.mTestOldStyle) {
            message2.putInt(this.mMinBits);
        }
        message2.putInt(this.mPreferredBits);
        if (!this.mTestOldStyle) {
            message2.putInt(this.mMaxBits);
        }
        message2.putMPZ(this.mP);
        message2.putMPZ(this.mG);
        message2.putMPZ(this.mE);
        message2.putMPZ(this.mF);
        message2.putMPZ(modPow);
        CraiDigest makeSHA1 = this.mCrai.makeSHA1();
        byte[] byteArray = message2.toByteArray();
        makeSHA1.update(byteArray, 0, byteArray.length);
        this.mTransport.setKH(modPow, makeSHA1.finish());
        this.mTransport.verifyKey(byteString, byteString2);
        this.mTransport.kexComplete();
    }

    private void generateX() {
        this.mQ = this.mP.subtract(BigInteger.ONE).shiftRight(1);
        do {
            this.mX = Util.rollRandom(this.mCrai, this.mQ);
        } while (this.mX.compareTo(BigInteger.ONE) <= 0);
    }
}
