package org.apache.sshd.client.kex;

import java.math.BigInteger;
import java.util.Objects;
import org.apache.batik.util.XMLConstants;
import org.apache.sshd.common.NamedFactory;
import org.apache.sshd.common.SshException;
import org.apache.sshd.common.config.keys.KeyUtils;
import org.apache.sshd.common.kex.AbstractDH;
import org.apache.sshd.common.kex.DHFactory;
import org.apache.sshd.common.kex.KeyExchange;
import org.apache.sshd.common.kex.KeyExchangeFactory;
import org.apache.sshd.common.session.Session;
import org.apache.sshd.common.session.helpers.AbstractSession;
import org.apache.sshd.common.signature.Signature;
import org.apache.sshd.common.util.GenericUtils;
import org.apache.sshd.common.util.ValidateUtils;
import org.apache.sshd.common.util.buffer.Buffer;
import org.apache.sshd.common.util.buffer.ByteArrayBuffer;
import org.apache.sshd.common.util.security.SecurityUtils;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/atlassian-bundled-plugins/bitbucket-mirroring-mirror-6.0.0.jar:org/apache/sshd/client/kex/DHGEXClient.class
 */
/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/bitbucket-ssh-6.0.0.jar:org/apache/sshd/client/kex/DHGEXClient.class */
public class DHGEXClient extends AbstractDHClientKeyExchange {
    protected final DHFactory factory;
    protected byte expected;
    protected AbstractDH dh;
    protected byte[] p;
    protected byte[] g;
    protected int min = 1024;
    protected int max = SecurityUtils.getMaxDHGroupExchangeKeySize();
    protected int prf = Math.min(4096, this.max);

    protected DHGEXClient(DHFactory dHFactory) {
        this.factory = (DHFactory) Objects.requireNonNull(dHFactory, "No factory");
    }

    @Override // org.apache.sshd.common.NamedResource
    public final String getName() {
        return this.factory.getName();
    }

    public static KeyExchangeFactory newFactory(final DHFactory dHFactory) {
        return new KeyExchangeFactory() { // from class: org.apache.sshd.client.kex.DHGEXClient.1
            @Override // org.apache.sshd.common.NamedResource
            public String getName() {
                return DHFactory.this.getName();
            }

            @Override // org.apache.sshd.common.Factory
            public KeyExchange create() {
                return new DHGEXClient(DHFactory.this);
            }

            public String toString() {
                return NamedFactory.class.getSimpleName() + XMLConstants.XML_OPEN_TAG_START + KeyExchange.class.getSimpleName() + ">[" + getName() + "]";
            }
        };
    }

    @Override // org.apache.sshd.client.kex.AbstractDHClientKeyExchange, org.apache.sshd.common.kex.dh.AbstractDHKeyExchange, org.apache.sshd.common.kex.KeyExchange
    public void init(Session session, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) throws Exception {
        super.init(session, bArr, bArr2, bArr3, bArr4);
        if (this.log.isDebugEnabled()) {
            this.log.debug("init({}) Send SSH_MSG_KEX_DH_GEX_REQUEST", session);
        }
        Buffer createBuffer = session.createBuffer((byte) 34, 32);
        createBuffer.putInt(this.min);
        createBuffer.putInt(this.prf);
        createBuffer.putInt(this.max);
        session.writePacket(createBuffer);
        this.expected = (byte) 31;
    }

    @Override // org.apache.sshd.common.kex.KeyExchange
    public boolean next(int i, Buffer buffer) throws Exception {
        AbstractSession session = getSession();
        boolean isDebugEnabled = this.log.isDebugEnabled();
        if (isDebugEnabled) {
            this.log.debug("next({})[{}] process command={}", this, session, KeyExchange.getGroupKexOpcodeName(i));
        }
        if (i != this.expected) {
            throw new SshException(3, "Protocol error: expected packet " + KeyExchange.getGroupKexOpcodeName(this.expected) + ", got " + KeyExchange.getGroupKexOpcodeName(i));
        }
        if (i == 31) {
            this.p = buffer.getMPIntAsBytes();
            this.g = buffer.getMPIntAsBytes();
            this.dh = getDH(new BigInteger(this.p), new BigInteger(this.g));
            this.hash = this.dh.getHash();
            this.hash.init();
            this.e = this.dh.getE();
            if (isDebugEnabled) {
                this.log.debug("next({})[{}] Send SSH_MSG_KEX_DH_GEX_INIT", this, session);
            }
            Buffer createBuffer = session.createBuffer((byte) 32, this.e.length + 8);
            createBuffer.putMPInt(this.e);
            session.writePacket(createBuffer);
            this.expected = (byte) 33;
            return false;
        }
        if (i != 33) {
            throw new IllegalStateException("Unknown command value: " + KeyExchange.getGroupKexOpcodeName(i));
        }
        byte[] bytes = buffer.getBytes();
        this.f = buffer.getMPIntAsBytes();
        byte[] bytes2 = buffer.getBytes();
        this.dh.setF(this.f);
        this.k = this.dh.getK();
        this.serverKey = new ByteArrayBuffer(bytes).getRawPublicKey();
        String keyType = KeyUtils.getKeyType(this.serverKey);
        if (GenericUtils.isEmpty(keyType)) {
            throw new SshException("Unsupported server key type");
        }
        ByteArrayBuffer byteArrayBuffer = new ByteArrayBuffer();
        byteArrayBuffer.putBytes(this.v_c);
        byteArrayBuffer.putBytes(this.v_s);
        byteArrayBuffer.putBytes(this.i_c);
        byteArrayBuffer.putBytes(this.i_s);
        byteArrayBuffer.putBytes(bytes);
        byteArrayBuffer.putInt(this.min);
        byteArrayBuffer.putInt(this.prf);
        byteArrayBuffer.putInt(this.max);
        byteArrayBuffer.putMPInt(this.p);
        byteArrayBuffer.putMPInt(this.g);
        byteArrayBuffer.putMPInt(this.e);
        byteArrayBuffer.putMPInt(this.f);
        byteArrayBuffer.putMPInt(this.k);
        this.hash.update(byteArrayBuffer.array(), 0, byteArrayBuffer.available());
        this.h = this.hash.digest();
        Signature signature = (Signature) ValidateUtils.checkNotNull(NamedFactory.create(session.getSignatureFactories(), keyType), "No verifier located for algorithm=%s", keyType);
        signature.initVerifier(this.serverKey);
        signature.update(this.h);
        if (signature.verify(bytes2)) {
            return true;
        }
        throw new SshException(3, "KeyExchange signature verification failed for key type=" + keyType);
    }

    protected AbstractDH getDH(BigInteger bigInteger, BigInteger bigInteger2) throws Exception {
        return this.factory.create(bigInteger, bigInteger2);
    }
}
