package com.ibm.net.ssh;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.ByteBuffer;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:wlp/lib/com.ibm.ws.prereq.rxa.2.3_1.0.16.jar:com/ibm/net/ssh/DHKeyExchange.class */
public final class DHKeyExchange extends KeyExchange {
    private static final String COPYRIGHT = "\n\nLicensed Materials - Property of IBM\n\n(C) Copyright IBM Corp. 2005, 2012 All Rights Reserved.\n\nUS Government Users Restricted Rights - Use, duplication or\ndisclosure restricted by GSA ADP Schedule Contract with\nIBM Corp.\n\n\n";
    private static final BigInteger OAKLEY_GROUP2 = new BigInteger("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF", 16);
    private static final BigInteger OAKLEY_GROUP14 = new BigInteger("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF", 16);

    /* JADX INFO: Access modifiers changed from: package-private */
    public DHKeyExchange(SecureSession secureSession, String str, byte[] bArr, byte[] bArr2) {
        super(secureSession, str, bArr, bArr2);
    }

    @Override // com.ibm.net.ssh.KeyExchange
    boolean handlePacket(int i, ByteBuffer byteBuffer) throws IOException {
        boolean z = true;
        switch (i) {
            case 20:
                handleKeyExchangeInit(byteBuffer);
                break;
            case 31:
                logger.fine("handlePacket: SSH_MSG_KEXDH_REPLY");
                handleKeyExchangeDHReply(byteBuffer);
                break;
            default:
                z = super.handlePacket(i, byteBuffer);
                break;
        }
        return z;
    }

    @Override // com.ibm.net.ssh.KeyExchange
    protected void handleKeyExchangeInit(ByteBuffer byteBuffer) throws IOException {
        super.handleKeyExchangeInit(byteBuffer);
        this.byteOutputStream.reset();
        this.byteOutputStream.write(30);
        if (this.kexAlgorithm.equals("diffie-hellman-group1-sha1")) {
            this.primeP = OAKLEY_GROUP2;
        } else if (this.kexAlgorithm.equals("diffie-hellman-group14-sha1")) {
            this.primeP = OAKLEY_GROUP14;
        }
        this.clientE = generateE(BigInteger.valueOf(2L));
        SSHMpint.writeBigInteger(this.byteOutputStream, this.clientE);
        this.sshSession.socketChannel.write(ByteBuffer.wrap(this.byteOutputStream.toByteArray()));
    }

    private void handleKeyExchangeDHReply(ByteBuffer byteBuffer) throws IOException {
        byte[] readStringAsBytes = SSHString.readStringAsBytes(byteBuffer);
        this.serverF = SSHMpint.readBigInteger(byteBuffer);
        byte[] readStringAsBytes2 = SSHString.readStringAsBytes(byteBuffer);
        if (!verifyValueRange(this.serverF)) {
            throw new DisconnectException(3, "Server's f value out of range!");
        }
        this.sharedSecretK = computeSharedSecret(BigInteger.valueOf(2L));
        if (!verifyValueRange(new BigInteger(1, this.sharedSecretK))) {
            throw new DisconnectException(3, "Shared secret k value out of range!");
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        SSHString.writeString(byteArrayOutputStream, this.sshSession.clientVersion);
        SSHString.writeString(byteArrayOutputStream, this.sshSession.serverVersion);
        SSHString.writeString(byteArrayOutputStream, this.clientKexInitPayload);
        SSHString.writeString(byteArrayOutputStream, this.serverKexInitPayload);
        SSHString.writeString(byteArrayOutputStream, readStringAsBytes);
        SSHMpint.writeBigInteger(byteArrayOutputStream, this.clientE);
        SSHMpint.writeBigInteger(byteArrayOutputStream, this.serverF);
        SSHMpint.writeBigInteger(byteArrayOutputStream, new BigInteger(1, this.sharedSecretK));
        this.shaDigest.reset();
        this.shaDigest.update(byteArrayOutputStream.toByteArray());
        this.exchangeHashH = this.shaDigest.digest();
        if (this.sessionIdentifier == null) {
            this.sessionIdentifier = new byte[this.exchangeHashH.length];
            System.arraycopy(this.exchangeHashH, 0, this.sessionIdentifier, 0, this.exchangeHashH.length);
            this.sshSession.setSessionIdentifier(this.sessionIdentifier);
        }
        if (verifySignature(readStringAsBytes, readStringAsBytes2)) {
            logger.fine("handleKeyExchangeDHReply: Server signature verifed");
        } else {
            logger.fine("handleKeyExchangeDHReply: Server signature wrong!");
        }
        computeKeys();
        sendNewKeys();
    }
}
