package com.mindbright.ssh2;

import com.mindbright.jce.crypto.spec.DHParameterSpec;
import com.mindbright.jce.crypto.spec.DHPublicKeySpec;
import com.mindbright.ssh2.SSH2SFTP;
import java.math.BigInteger;

/* loaded from: input_file:com/mindbright/ssh2/SSH2KEXDHGroupXSHA1.class */
public class SSH2KEXDHGroupXSHA1 extends SSH2KEXDHGroup1SHA1 {
    private static final int MIN_BITS = 1024;
    private static final int MAX_BITS = 8192;
    private int reqBits;
    private BigInteger p;
    private BigInteger g;

    @Override // com.mindbright.ssh2.SSH2KEXDHGroup1SHA1, com.mindbright.ssh2.SSH2KeyExchanger
    public void init(SSH2Transport sSH2Transport) throws SSH2Exception {
        this.transport = sSH2Transport;
        this.sha1 = createHash();
        if (sSH2Transport.isServer()) {
            return;
        }
        sendGEXRequest();
    }

    @Override // com.mindbright.ssh2.SSH2KEXDHGroup1SHA1, com.mindbright.ssh2.SSH2KeyExchanger
    public void processKEXMethodPDU(SSH2TransportPDU sSH2TransportPDU) throws SSH2Exception {
        switch (sSH2TransportPDU.getType()) {
            case 30:
            case 32:
            case 34:
                return;
            case 31:
                if (this.transport.isServer()) {
                    throw new SSH2KEXFailedException("Unexpected KEXDH_GEX_GROUP");
                }
                this.p = sSH2TransportPDU.readBigInt();
                this.g = sSH2TransportPDU.readBigInt();
                generateDHKeyPair(new DHParameterSpec(this.p, this.g));
                sendDHINIT(32);
                return;
            case 33:
                if (this.transport.isServer()) {
                    throw new SSH2KEXFailedException("Unexpected KEXDH_GEX_REPLY");
                }
                this.serverHostKey = sSH2TransportPDU.readString();
                this.serverF = sSH2TransportPDU.readBigInt();
                byte[] readString = sSH2TransportPDU.readString();
                computeSharedSecret_K(new DHPublicKeySpec(this.serverF, this.p, this.g));
                computeExchangeHash_H();
                this.transport.authenticateHost(this.serverHostKey, readString, this.exchangeHash_H);
                this.transport.sendNewKeys();
                return;
            default:
                throw new SSH2KEXFailedException(new StringBuffer().append("Unexpected KEXDH reply: ").append(sSH2TransportPDU.getType()).toString());
        }
    }

    @Override // com.mindbright.ssh2.SSH2KEXDHGroup1SHA1
    protected void computeExchangeHash_H() {
        SSH2DataBuffer sSH2DataBuffer = new SSH2DataBuffer(8192);
        if (this.transport.isServer()) {
            this.serverF = this.dhPublicKey.getY();
        } else {
            this.clientE = this.dhPublicKey.getY();
        }
        sSH2DataBuffer.writeString(this.transport.getClientVersion());
        sSH2DataBuffer.writeString(this.transport.getServerVersion());
        sSH2DataBuffer.writeString(this.transport.getClientKEXINITPDU().getData(), this.transport.getClientKEXINITPDU().getPayloadOffset(), this.transport.getClientKEXINITPDU().getPayloadLength());
        sSH2DataBuffer.writeString(this.transport.getServerKEXINITPDU().getData(), this.transport.getServerKEXINITPDU().getPayloadOffset(), this.transport.getServerKEXINITPDU().getPayloadLength());
        sSH2DataBuffer.writeString(this.serverHostKey);
        if (this.transport.incompatibleOldDHGex) {
            sSH2DataBuffer.writeInt(this.reqBits);
        } else {
            sSH2DataBuffer.writeInt(1024);
            sSH2DataBuffer.writeInt(this.reqBits);
            sSH2DataBuffer.writeInt(8192);
        }
        sSH2DataBuffer.writeBigInt(this.p);
        sSH2DataBuffer.writeBigInt(this.g);
        sSH2DataBuffer.writeBigInt(this.clientE);
        sSH2DataBuffer.writeBigInt(this.serverF);
        sSH2DataBuffer.writeString(this.sharedSecret_K);
        this.sha1.reset();
        this.sha1.update(sSH2DataBuffer.getData(), 0, sSH2DataBuffer.getWPos());
        this.exchangeHash_H = this.sha1.digest();
        this.transport.getLog().debug2("SSH2KEXDHGroup1SHA1", "computeExchangeHash_H", "E: ", this.clientE.toByteArray());
        this.transport.getLog().debug2("SSH2KEXDHGroup1SHA1", "computeExchangeHash_H", "F: ", this.serverF.toByteArray());
        this.transport.getLog().debug2("SSH2KEXDHGroup1SHA1", "computeExchangeHash_H", "K: ", this.sharedSecret_K);
        this.transport.getLog().debug2("SSH2KEXDHGroup1SHA1", "computeExchangeHash_H", "Hash over: ", sSH2DataBuffer.getData(), 0, sSH2DataBuffer.getWPos());
        this.transport.getLog().debug2("SSH2KEXDHGroup1SHA1", "computeExchangeHash_H", "H: ", this.exchangeHash_H);
    }

    protected void sendGEXRequest() throws SSH2Exception {
        SSH2TransportPDU createOutgoingPacket;
        this.reqBits = estimateGroupBits();
        if (this.transport.incompatibleOldDHGex) {
            createOutgoingPacket = SSH2TransportPDU.createOutgoingPacket(30);
            createOutgoingPacket.writeInt(this.reqBits);
        } else {
            createOutgoingPacket = SSH2TransportPDU.createOutgoingPacket(34);
            createOutgoingPacket.writeInt(1024);
            createOutgoingPacket.writeInt(this.reqBits);
            createOutgoingPacket.writeInt(8192);
        }
        this.transport.transmitInternal(createOutgoingPacket);
    }

    private int estimateGroupBits() {
        SSH2Preferences ourPreferences = this.transport.getOurPreferences();
        int[] iArr = {SSH2Preferences.getCipherKeyLen(ourPreferences.getAgreedCipher(true, false)), SSH2Preferences.getCipherKeyLen(ourPreferences.getAgreedCipher(false, false)), SSH2Preferences.getMacKeyLen(ourPreferences.getAgreedMac(true, false)), SSH2Preferences.getMacKeyLen(ourPreferences.getAgreedMac(false, false))};
        int i = 0;
        for (int i2 = 0; i2 < iArr.length; i2++) {
            if (iArr[i2] > i) {
                i = iArr[i2];
            }
        }
        int i3 = i * 8;
        if (i3 < 128) {
            return 1024;
        }
        if (i3 < 192) {
            return SSH2SFTP.FileAttributes.S_ISUID;
        }
        return 4096;
    }
}
