package org.apache.sshd.server.kex;

import java.math.BigInteger;
import java.security.KeyPair;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import org.apache.sshd.common.Factory;
import org.apache.sshd.common.NamedFactory;
import org.apache.sshd.common.SshConstants;
import org.apache.sshd.common.SshException;
import org.apache.sshd.common.digest.Digest;
import org.apache.sshd.common.kex.DHFactory;
import org.apache.sshd.common.kex.DHG;
import org.apache.sshd.common.kex.DHGroupData;
import org.apache.sshd.common.kex.KexProposalOption;
import org.apache.sshd.common.kex.KeyExchange;
import org.apache.sshd.common.kex.KeyExchangeFactory;
import org.apache.sshd.common.random.Random;
import org.apache.sshd.common.session.Session;
import org.apache.sshd.common.signature.Signature;
import org.apache.sshd.common.util.GenericUtils;
import org.apache.sshd.common.util.ValidateUtils;
import org.apache.sshd.common.util.buffer.Buffer;
import org.apache.sshd.common.util.buffer.BufferUtils;
import org.apache.sshd.common.util.buffer.ByteArrayBuffer;
import org.apache.sshd.common.util.security.SecurityUtils;
import org.apache.sshd.core.CoreModuleProperties;
import org.apache.sshd.server.ServerFactoryManager;
import org.apache.sshd.server.kex.Moduli;
import org.apache.sshd.server.session.ServerSession;
import org.bouncycastle.jce.provider.a;

/* loaded from: classes.dex */
public class DHGEXServer extends AbstractDHServerKeyExchange {
    protected DHG dh;
    protected byte expected;
    protected final DHFactory factory;
    protected int max;
    protected int min;
    protected boolean oldRequest;
    protected int prf;

    public DHGEXServer(DHFactory dHFactory, Session session) {
        super(session);
        Objects.requireNonNull(dHFactory, "No factory");
        this.factory = dHFactory;
    }

    public static KeyExchangeFactory newFactory(final DHFactory dHFactory) {
        return new KeyExchangeFactory() { // from class: org.apache.sshd.server.kex.DHGEXServer.1
            @Override // org.apache.sshd.common.kex.KeyExchangeFactory
            public KeyExchange createKeyExchange(Session session) {
                return new DHGEXServer(DHFactory.this, session);
            }

            @Override // org.apache.sshd.common.NamedResource
            public String getName() {
                return DHFactory.this.getName();
            }

            public String toString() {
                return a.k(new StringBuilder("NamedFactory<KeyExchange>["), getName(), "]");
            }
        };
    }

    public DHG chooseDH(int i3, int i4, int i5) {
        ServerSession serverSession = getServerSession();
        List<Moduli.DhGroup> selectModuliGroups = selectModuliGroups(serverSession, i3, i4, i5, loadModuliGroups(serverSession));
        if (GenericUtils.isEmpty((Collection<?>) selectModuliGroups)) {
            if (CoreModuleProperties.ALLOW_DHG1_KEX_FALLBACK.getRequired(serverSession).booleanValue()) {
                this.log.warn("chooseDH({})[{}][prf={}, min={}, max={}] No suitable primes found - defaulting to DHG1", this, serverSession, Integer.valueOf(i4), Integer.valueOf(i3), Integer.valueOf(i5));
                return getDH(new BigInteger(DHGroupData.getP1()), new BigInteger(DHGroupData.getG()));
            }
            this.log.error("chooseDH({})[{}][prf={}, min={}, max={}] No suitable primes found - failing", this, serverSession, Integer.valueOf(i4), Integer.valueOf(i3), Integer.valueOf(i5));
            throw new SshException(3, "No suitable primes found for DH group exchange");
        }
        ServerFactoryManager factoryManager = serverSession.getFactoryManager();
        Objects.requireNonNull(factoryManager, "No factory manager");
        Factory<? extends Random> randomFactory = factoryManager.getRandomFactory();
        Objects.requireNonNull(randomFactory, "No random factory");
        Random create = randomFactory.create();
        Objects.requireNonNull(create, "No random generator");
        Moduli.DhGroup dhGroup = selectModuliGroups.get(create.random(selectModuliGroups.size()));
        if (this.log.isTraceEnabled()) {
            this.log.trace("chooseDH({})[{}][prf={}, min={}, max={}] selected {}", this, serverSession, Integer.valueOf(i4), Integer.valueOf(i3), Integer.valueOf(i5), dhGroup);
        }
        return getDH(dhGroup.getP(), dhGroup.getG());
    }

    public DHG getDH(BigInteger bigInteger, BigInteger bigInteger2) {
        return (DHG) this.factory.create(bigInteger, bigInteger2);
    }

    @Override // org.apache.sshd.common.NamedResource
    public final String getName() {
        return this.factory.getName();
    }

    @Override // org.apache.sshd.common.kex.dh.AbstractDHKeyExchange, org.apache.sshd.common.kex.KeyExchange
    public void init(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) {
        super.init(bArr, bArr2, bArr3, bArr4);
        this.expected = SshConstants.SSH_MSG_KEX_DH_GEX_REQUEST;
    }

    /* JADX WARN: Removed duplicated region for block: B:19:0x0072  */
    /* JADX WARN: Removed duplicated region for block: B:5:0x0033  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.util.List<org.apache.sshd.server.kex.Moduli.DhGroup> loadModuliGroups(org.apache.sshd.server.session.ServerSession r6) {
        /*
            r5 = this;
            org.apache.sshd.common.Property<java.lang.String> r0 = org.apache.sshd.core.CoreModuleProperties.MODULI_URL
            java.lang.Object r0 = r0.getOrNull(r6)
            java.lang.String r0 = (java.lang.String) r0
            boolean r1 = org.apache.sshd.common.util.GenericUtils.isEmpty(r0)
            if (r1 != 0) goto L30
            java.net.URL r1 = new java.net.URL     // Catch: java.io.IOException -> L18
            r1.<init>(r0)     // Catch: java.io.IOException -> L18
            java.util.List r1 = org.apache.sshd.server.kex.Moduli.parseModuli(r1)     // Catch: java.io.IOException -> L18
            goto L31
        L18:
            r1 = move-exception
            org.slf4j.Logger r2 = r5.log
            java.lang.Class r3 = r1.getClass()
            java.lang.String r3 = r3.getSimpleName()
            java.lang.String r1 = r1.getMessage()
            java.lang.Object[] r1 = new java.lang.Object[]{r5, r6, r3, r0, r1}
            java.lang.String r3 = "loadModuliGroups({})[{}] Error ({}) loading external moduli from {}: {}"
            r2.warn(r3, r1)
        L30:
            r1 = 0
        L31:
            if (r1 != 0) goto L6a
            java.lang.String r0 = "/org/apache/sshd/moduli"
            java.lang.Class r1 = r5.getClass()     // Catch: java.io.IOException -> L48
            java.net.URL r1 = r1.getResource(r0)     // Catch: java.io.IOException -> L48
            if (r1 == 0) goto L4a
            java.lang.String r0 = r1.toExternalForm()     // Catch: java.io.IOException -> L48
            java.util.List r1 = org.apache.sshd.server.kex.Moduli.loadInternalModuli(r1)     // Catch: java.io.IOException -> L48
            goto L6a
        L48:
            r1 = move-exception
            goto L52
        L4a:
            java.io.FileNotFoundException r1 = new java.io.FileNotFoundException     // Catch: java.io.IOException -> L48
            java.lang.String r2 = "Missing internal moduli file"
            r1.<init>(r2)     // Catch: java.io.IOException -> L48
            throw r1     // Catch: java.io.IOException -> L48
        L52:
            org.slf4j.Logger r2 = r5.log
            java.lang.Class r3 = r1.getClass()
            java.lang.String r3 = r3.getSimpleName()
            java.lang.String r4 = r1.getMessage()
            java.lang.Object[] r6 = new java.lang.Object[]{r5, r6, r3, r0, r4}
            java.lang.String r0 = "loadModuliGroups({})[{}] Error ({}) loading internal moduli from {}: {}"
            r2.warn(r0, r6)
            throw r1
        L6a:
            org.slf4j.Logger r2 = r5.log
            boolean r2 = r2.isDebugEnabled()
            if (r2 == 0) goto L85
            org.slf4j.Logger r2 = r5.log
            int r3 = org.apache.sshd.common.util.GenericUtils.size(r1)
            java.lang.Integer r3 = java.lang.Integer.valueOf(r3)
            java.lang.Object[] r6 = new java.lang.Object[]{r5, r6, r3, r0}
            java.lang.String r0 = "loadModuliGroups({})[{}] Loaded {} moduli groups from {}"
            r2.debug(r0, r6)
        L85:
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.sshd.server.kex.DHGEXServer.loadModuliGroups(org.apache.sshd.server.session.ServerSession):java.util.List");
    }

    @Override // org.apache.sshd.common.kex.KeyExchange
    public boolean next(int i3, Buffer buffer) {
        int i4;
        ServerSession serverSession = getServerSession();
        boolean isDebugEnabled = this.log.isDebugEnabled();
        if (isDebugEnabled) {
            this.log.debug("next({})[{}] process command={} (expected={})", this, serverSession, KeyExchange.getGroupKexOpcodeName(i3), KeyExchange.getGroupKexOpcodeName(this.expected));
        }
        if (i3 == 30 && this.expected == 34) {
            this.oldRequest = true;
            this.min = CoreModuleProperties.PROP_DHGEX_SERVER_MIN_KEY.get(serverSession).orElse(Integer.valueOf(SecurityUtils.getMinDHGroupExchangeKeySize())).intValue();
            this.prf = buffer.getInt();
            int intValue = CoreModuleProperties.PROP_DHGEX_SERVER_MAX_KEY.get(serverSession).orElse(Integer.valueOf(SecurityUtils.getMaxDHGroupExchangeKeySize())).intValue();
            this.max = intValue;
            int i5 = this.min;
            if (intValue < i5 || (i4 = this.prf) < i5 || intValue < i4) {
                throw new SshException(3, "Protocol error: bad parameters " + this.min + " !< " + this.prf + " !< " + this.max);
            }
            DHG chooseDH = chooseDH(i5, i4, intValue);
            this.dh = chooseDH;
            setF(chooseDH.getE());
            BigInteger p3 = this.dh.getP();
            validateFValue(p3);
            Digest hash = this.dh.getHash();
            this.hash = hash;
            hash.init();
            if (isDebugEnabled) {
                this.log.debug("next({})[{}] send (old request) SSH_MSG_KEX_DH_GEX_GROUP - min={}, prf={}, max={}", this, serverSession, Integer.valueOf(this.min), Integer.valueOf(this.prf), Integer.valueOf(this.max));
            }
            Buffer createBuffer = serverSession.createBuffer((byte) 31);
            createBuffer.putMPInt(p3);
            createBuffer.putMPInt(this.dh.getG());
            serverSession.writePacket(createBuffer);
            this.expected = (byte) 32;
            return false;
        }
        if (i3 == 34 && this.expected == 34) {
            this.min = buffer.getInt();
            this.prf = buffer.getInt();
            int i6 = buffer.getInt();
            this.max = i6;
            int i7 = this.prf;
            int i8 = this.min;
            if (i7 < i8 || i6 < i7) {
                throw new SshException(3, "Protocol error: bad parameters " + this.min + " !< " + this.prf + " !< " + this.max);
            }
            DHG chooseDH2 = chooseDH(i8, i7, i6);
            this.dh = chooseDH2;
            setF(chooseDH2.getE());
            BigInteger p4 = this.dh.getP();
            validateFValue(p4);
            Digest hash2 = this.dh.getHash();
            this.hash = hash2;
            hash2.init();
            if (isDebugEnabled) {
                this.log.debug("next({})[{}] Send SSH_MSG_KEX_DH_GEX_GROUP - min={}, prf={}, max={}", this, serverSession, Integer.valueOf(this.min), Integer.valueOf(this.prf), Integer.valueOf(this.max));
            }
            Buffer createBuffer2 = serverSession.createBuffer((byte) 31);
            createBuffer2.putMPInt(p4);
            createBuffer2.putMPInt(this.dh.getG());
            serverSession.writePacket(createBuffer2);
            this.expected = (byte) 32;
            return false;
        }
        if (i3 != this.expected) {
            throw new SshException(3, "Protocol error: expected packet " + KeyExchange.getGroupKexOpcodeName(this.expected) + ", got " + KeyExchange.getGroupKexOpcodeName(i3));
        }
        if (i3 != 32) {
            return false;
        }
        byte[] updateE = updateE(buffer.getMPIntAsBytes());
        BigInteger p5 = this.dh.getP();
        validateEValue(p5);
        this.dh.setF(updateE);
        this.f6334k = normalize(this.dh.getK());
        KeyPair hostKey = serverSession.getHostKey();
        Objects.requireNonNull(hostKey, "No server key pair available");
        String negotiatedKexParameter = serverSession.getNegotiatedKexParameter(KexProposalOption.SERVERKEYS);
        Signature signature = (Signature) ValidateUtils.checkNotNull(NamedFactory.create(serverSession.getSignatureFactories(), negotiatedKexParameter), "Unknown negotiated server keys: %s", negotiatedKexParameter);
        signature.initSigner(serverSession, hostKey.getPrivate());
        ByteArrayBuffer byteArrayBuffer = new ByteArrayBuffer();
        byteArrayBuffer.putRawPublicKey(hostKey.getPublic());
        byte[] compactData = byteArrayBuffer.getCompactData();
        byteArrayBuffer.clear();
        byteArrayBuffer.putBytes(this.v_c);
        byteArrayBuffer.putBytes(this.v_s);
        byteArrayBuffer.putBytes(this.i_c);
        byteArrayBuffer.putBytes(this.i_s);
        byteArrayBuffer.putBytes(compactData);
        if (this.oldRequest) {
            byteArrayBuffer.putInt(this.prf);
        } else {
            byteArrayBuffer.putInt(this.min);
            byteArrayBuffer.putInt(this.prf);
            byteArrayBuffer.putInt(this.max);
        }
        byteArrayBuffer.putMPInt(p5);
        byteArrayBuffer.putMPInt(this.dh.getG());
        byteArrayBuffer.putMPInt(updateE);
        byte[] f = getF();
        byteArrayBuffer.putMPInt(f);
        byteArrayBuffer.putBytes(this.f6334k);
        this.hash.update(byteArrayBuffer.array(), 0, byteArrayBuffer.available());
        byte[] digest = this.hash.digest();
        this.f6333h = digest;
        signature.update(serverSession, digest);
        byteArrayBuffer.clear();
        byteArrayBuffer.putString(negotiatedKexParameter);
        byteArrayBuffer.putBytes(signature.sign(serverSession));
        byte[] compactData2 = byteArrayBuffer.getCompactData();
        if (this.log.isTraceEnabled()) {
            this.log.trace("next({})[{}][K_S]:  {}", this, serverSession, BufferUtils.toHex(compactData));
            this.log.trace("next({})[{}][f]:    {}", this, serverSession, BufferUtils.toHex(f));
            this.log.trace("next({})[{}][sigH]: {}", this, serverSession, BufferUtils.toHex(compactData2));
        }
        if (isDebugEnabled) {
            this.log.debug("next({})[{}] Send SSH_MSG_KEX_DH_GEX_REPLY - old={}, min={}, prf={}, max={}", this, serverSession, Boolean.valueOf(this.oldRequest), Integer.valueOf(this.min), Integer.valueOf(this.prf), Integer.valueOf(this.max));
        }
        Buffer prepareBuffer = serverSession.prepareBuffer(SshConstants.SSH_MSG_KEX_DH_GEX_REPLY, BufferUtils.clear(byteArrayBuffer));
        prepareBuffer.putBytes(compactData);
        prepareBuffer.putBytes(f);
        prepareBuffer.putBytes(compactData2);
        serverSession.writePacket(prepareBuffer);
        return true;
    }

    public List<Moduli.DhGroup> selectModuliGroups(ServerSession serverSession, int i3, int i4, int i5, List<Moduli.DhGroup> list) {
        Iterator<Moduli.DhGroup> it;
        int i6;
        int maxDHGroupExchangeKeySize = SecurityUtils.getMaxDHGroupExchangeKeySize();
        int minDHGroupExchangeKeySize = SecurityUtils.getMinDHGroupExchangeKeySize();
        int max = Math.max(i3, minDHGroupExchangeKeySize);
        int min = Math.min(Math.max(i4, minDHGroupExchangeKeySize), maxDHGroupExchangeKeySize);
        int min2 = Math.min(i5, maxDHGroupExchangeKeySize);
        ArrayList arrayList = new ArrayList();
        boolean isTraceEnabled = this.log.isTraceEnabled();
        Iterator<Moduli.DhGroup> it2 = list.iterator();
        int i7 = 0;
        while (it2.hasNext()) {
            Moduli.DhGroup next = it2.next();
            int size = next.getSize();
            if (size < max || size > min2) {
                Iterator<Moduli.DhGroup> it3 = it2;
                if (isTraceEnabled) {
                    this.log.trace("selectModuliGroups({})[{}] - skip group={} - size not in range [{}-{}]", this, serverSession, next, Integer.valueOf(max), Integer.valueOf(min2));
                }
                it2 = it3;
            } else {
                if ((size <= min || size >= i7) && (size <= i7 || i7 >= min)) {
                    it = it2;
                    i6 = i7;
                } else {
                    if (isTraceEnabled) {
                        it = it2;
                        this.log.trace("selectModuliGroups({})[{}][prf={}, min={}, max={}] new best size={} from group={}", this, serverSession, Integer.valueOf(min), Integer.valueOf(max), Integer.valueOf(min2), Integer.valueOf(size), next);
                    } else {
                        it = it2;
                    }
                    arrayList.clear();
                    i6 = size;
                }
                if (size == i6) {
                    if (isTraceEnabled) {
                        this.log.trace("selectModuliGroups({})[{}][prf={}, min={}, max={}] selected {}", this, serverSession, Integer.valueOf(min), Integer.valueOf(max), Integer.valueOf(min2), next);
                    }
                    arrayList.add(next);
                }
                it2 = it;
                i7 = i6;
            }
        }
        return arrayList;
    }
}
