package cn.schoolwow.ssh.flow.algorithm.hostkey;

import cn.schoolwow.quickflow.domain.FlowContext;
import cn.schoolwow.ssh.domain.exception.SSHException;
import cn.schoolwow.ssh.domain.host.SSHSessionConfig;
import cn.schoolwow.ssh.domain.stream.SSHString;
import cn.schoolwow.ssh.stream.SSHInputStreamImpl;
import cn.schoolwow.ssh.stream.SSHOutputStreamImpl;
import com.hierynomus.asn1.ASN1OutputStream;
import com.hierynomus.asn1.encodingrules.der.DEREncoder;
import com.hierynomus.asn1.types.constructed.ASN1Sequence;
import com.hierynomus.asn1.types.primitive.ASN1Integer;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import org.bouncycastle.asn1.nist.NISTNamedCurves;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.jce.spec.ECNamedCurveSpec;

/* loaded from: input_file:cn/schoolwow/ssh/flow/algorithm/hostkey/ECDSAHostKeyFlow.class */
public class ECDSAHostKeyFlow implements HostKeyFlow {
    @Override // cn.schoolwow.ssh.flow.algorithm.AlgorithmBusinessFlow
    public List<String> algorithmNameList() {
        return Arrays.asList("ecdsa-sha2-nistp256", "ecdsa-sha2-nistp384", "ecdsa-sha2-nistp521");
    }

    @Override // cn.schoolwow.ssh.flow.algorithm.hostkey.HostKeyFlow
    public void formatPublicKey(FlowContext flowContext) throws IOException {
        PublicKey publicKey = (PublicKey) flowContext.checkData("publicKey");
        SSHSessionConfig sSHSessionConfig = (SSHSessionConfig) flowContext.checkData("sshSessionConfig");
        ECPublicKey eCPublicKey = (ECPublicKey) publicKey;
        SSHOutputStreamImpl sSHOutputStreamImpl = new SSHOutputStreamImpl();
        sSHOutputStreamImpl.writeSSHString(new SSHString(sSHSessionConfig.algorithmNameNegotiator.hostKeyName));
        sSHOutputStreamImpl.writeSSHString(new SSHString(eCPublicKey.getEncoded()));
        flowContext.putTemporaryData("publicKeySSHString", new SSHString(sSHOutputStreamImpl.toByteArray()));
    }

    @Override // cn.schoolwow.ssh.flow.algorithm.hostkey.HostKeyFlow
    public void parsePublicKey(FlowContext flowContext) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
        String str;
        SSHSessionConfig sSHSessionConfig = (SSHSessionConfig) flowContext.checkData("sshSessionConfig");
        SSHString sSHString = (SSHString) flowContext.checkData("hostKey");
        String str2 = sSHSessionConfig.algorithmNameNegotiator.hostKeyName;
        int parseInt = Integer.parseInt(str2.substring(str2.length() - 3));
        SSHInputStreamImpl sSHInputStreamImpl = new SSHInputStreamImpl(sSHString.value);
        SSHString readSSHString = sSHInputStreamImpl.readSSHString();
        if (!str2.equals(readSSHString.toString())) {
            throw new SSHException("解析公钥失败!期望值:" + str2 + ",实际值:" + readSSHString.toString());
        }
        String sSHString2 = sSHInputStreamImpl.readSSHString().toString();
        if (!("nistp" + parseInt).equalsIgnoreCase(sSHString2)) {
            throw new SSHException("解析公钥字节数组失败!期望值:nistp" + parseInt + ",实际值:" + sSHString2.toString());
        }
        int readInt = sSHInputStreamImpl.readInt();
        sSHInputStreamImpl.readByte();
        byte[] bArr = new byte[(readInt - 1) / 2];
        byte[] bArr2 = new byte[(readInt - 1) / 2];
        sSHInputStreamImpl.read(bArr);
        sSHInputStreamImpl.read(bArr2);
        BigInteger bigInteger = new BigInteger(1, bArr);
        BigInteger bigInteger2 = new BigInteger(1, bArr2);
        boolean z = -1;
        switch (sSHString2.hashCode()) {
            case 537081663:
                if (sSHString2.equals("nistp256")) {
                    z = false;
                    break;
                }
                break;
            case 537082715:
                if (sSHString2.equals("nistp384")) {
                    z = true;
                    break;
                }
                break;
            case 537084448:
                if (sSHString2.equals("nistp521")) {
                    z = 2;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                str = "p-256";
                break;
            case true:
                str = "p-384";
                break;
            case true:
                str = "p-521";
                break;
            default:
                throw new IllegalArgumentException("不支持的算法名称!算法名:" + readSSHString);
        }
        X9ECParameters byName = NISTNamedCurves.getByName(str);
        flowContext.putTemporaryData("publicKey", (ECPublicKey) KeyFactory.getInstance("ECDSA").generatePublic(new ECPublicKeySpec(new ECPoint(bigInteger, bigInteger2), new ECNamedCurveSpec(str, byName.getCurve(), byName.getG(), byName.getN()))));
    }

    @Override // cn.schoolwow.ssh.flow.algorithm.hostkey.HostKeyFlow
    public void sign(FlowContext flowContext) throws InvalidKeyException, SignatureException, NoSuchAlgorithmException {
        PrivateKey privateKey = (PrivateKey) flowContext.checkData("privateKey");
        byte[] bArr = (byte[]) flowContext.checkData("content");
        Signature signature = getSignature((SSHSessionConfig) flowContext.checkData("sshSessionConfig"));
        signature.initSign(privateKey);
        signature.update(bArr);
        flowContext.putTemporaryData("signBytes", signature.sign());
    }

    @Override // cn.schoolwow.ssh.flow.algorithm.hostkey.HostKeyFlow
    public void verify(FlowContext flowContext) throws Exception {
        SSHSessionConfig sSHSessionConfig = (SSHSessionConfig) flowContext.checkData("sshSessionConfig");
        byte[] bArr = (byte[]) flowContext.checkData("signatureOfH");
        String str = sSHSessionConfig.algorithmNameNegotiator.hostKeyName;
        SSHInputStreamImpl sSHInputStreamImpl = new SSHInputStreamImpl(bArr);
        SSHString readSSHString = sSHInputStreamImpl.readSSHString();
        if (!str.equals(readSSHString.toString())) {
            throw new SSHException("解析公钥失败!期望值:" + str + ",实际值:" + readSSHString.toString());
        }
        SSHInputStreamImpl sSHInputStreamImpl2 = new SSHInputStreamImpl(sSHInputStreamImpl.readSSHString().value);
        BigInteger readMPInt = sSHInputStreamImpl2.readMPInt();
        BigInteger readMPInt2 = sSHInputStreamImpl2.readMPInt();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new ASN1Integer(readMPInt));
        arrayList.add(new ASN1Integer(readMPInt2));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ASN1OutputStream aSN1OutputStream = new ASN1OutputStream(new DEREncoder(), byteArrayOutputStream);
        Throwable th = null;
        try {
            aSN1OutputStream.writeObject(new ASN1Sequence(arrayList));
            aSN1OutputStream.flush();
            if (aSN1OutputStream != null) {
                if (0 != 0) {
                    try {
                        aSN1OutputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    aSN1OutputStream.close();
                }
            }
            flowContext.putTemporaryData("signatureBytes", byteArrayOutputStream.toByteArray());
        } catch (Throwable th3) {
            if (aSN1OutputStream != null) {
                if (0 != 0) {
                    try {
                        aSN1OutputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    aSN1OutputStream.close();
                }
            }
            throw th3;
        }
    }

    @Override // cn.schoolwow.ssh.flow.algorithm.hostkey.HostKeyFlow
    public Signature getSignature(SSHSessionConfig sSHSessionConfig) throws NoSuchAlgorithmException {
        Signature signature;
        String str = sSHSessionConfig.algorithmNameNegotiator.hostKeyName;
        boolean z = -1;
        switch (str.hashCode()) {
            case 1437975149:
                if (str.equals("ecdsa-sha2-nistp256")) {
                    z = false;
                    break;
                }
                break;
            case 1437976201:
                if (str.equals("ecdsa-sha2-nistp384")) {
                    z = true;
                    break;
                }
                break;
            case 1437977934:
                if (str.equals("ecdsa-sha2-nistp521")) {
                    z = 2;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                signature = Signature.getInstance("SHA256withECDSA");
                break;
            case true:
                signature = Signature.getInstance("SHA384withECDSA");
                break;
            case true:
                signature = Signature.getInstance("SHA512withECDSA");
                break;
            default:
                throw new IllegalArgumentException("不支持的算法!算法名称:" + sSHSessionConfig.algorithmNameNegotiator.hostKeyName);
        }
        return signature;
    }
}
