package cn.schoolwow.ssh.flow.algorithm.kex;

import cn.schoolwow.quickflow.domain.FlowContext;
import cn.schoolwow.ssh.domain.SSHMessageCode;
import cn.schoolwow.ssh.domain.host.SSHSessionConfig;
import cn.schoolwow.ssh.domain.stream.SSHString;
import cn.schoolwow.ssh.flow.algorithm.kex.template.KexTemplateFlow;
import cn.schoolwow.ssh.stream.SSHOutputStreamImpl;
import cn.schoolwow.ssh.util.SSHDigest;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.List;
import javax.crypto.KeyAgreement;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:cn/schoolwow/ssh/flow/algorithm/kex/Curve25519KexFlow.class */
public class Curve25519KexFlow implements KexFlow {
    @Override // cn.schoolwow.ssh.flow.algorithm.AlgorithmBusinessFlow
    public List<String> algorithmNameList() {
        return Arrays.asList("curve25519-sha256", "curve25519-sha256@libssh.org");
    }

    @Override // cn.schoolwow.ssh.flow.algorithm.kex.KexFlow
    public void exchange(FlowContext flowContext) throws Exception {
        flowContext.startFlow(new KexTemplateFlow()).putTemporaryData("algorithmNameList", algorithmNameList()).putTemporaryData("kexInit", SSHMessageCode.SSH_MSG_KEX_ECDH_INIT).putTemporaryData("kexReply", SSHMessageCode.SSH_MSG_KEX_ECDH_REPLY).putTemporaryData("messageDigest", SSHDigest.getDigest("SHA256").getMessageDigest()).putTemporaryData("publicKeyType", "SSHString").putFunctionFlow("setClientPublicKey", () -> {
            setClientPublicKey(flowContext);
        }).putFunctionFlow("setShareSecret", () -> {
            setShareSecret(flowContext);
        }).putFunctionFlow("setConcatenationOfH", () -> {
            setConcatenationOfH(flowContext);
        }).execute();
    }

    private void setClientPublicKey(FlowContext flowContext) throws NoSuchAlgorithmException, NoSuchProviderException {
        KeyPair generateKeyPair = KeyPairGenerator.getInstance("X25519", "BC").generateKeyPair();
        PublicKey publicKey = generateKeyPair.getPublic();
        PrivateKey privateKey = generateKeyPair.getPrivate();
        byte[] encoded = publicKey.getEncoded();
        if (encoded.length != 44) {
            throw new IllegalArgumentException("X25519生成的公钥长度不对!期望长度:44,实际长度:" + encoded.length);
        }
        byte[] bArr = new byte[32];
        System.arraycopy(encoded, 12, bArr, 0, 32);
        flowContext.putTemporaryData("clientPublicKey", new SSHString(bArr));
        byte[] bArr2 = new byte[12];
        System.arraycopy(encoded, 0, bArr2, 0, 12);
        flowContext.putCurrentFlowData("algorithmId", bArr2);
        flowContext.putCurrentFlowData("publicKey", publicKey);
        flowContext.putCurrentFlowData("privateKey", privateKey);
    }

    private void setShareSecret(FlowContext flowContext) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, NoSuchProviderException {
        SSHSessionConfig sSHSessionConfig = (SSHSessionConfig) flowContext.checkData("sshSessionConfig");
        byte[] bArr = (byte[]) flowContext.checkData("algorithmId");
        PrivateKey privateKey = (PrivateKey) flowContext.checkData("privateKey");
        SSHString sSHString = (SSHString) flowContext.checkData("serverPublicKey");
        KeyFactory keyFactory = KeyFactory.getInstance("X25519", "BC");
        byte[] bArr2 = new byte[44];
        System.arraycopy(bArr, 0, bArr2, 0, 12);
        System.arraycopy(sSHString.value, 0, bArr2, 12, 32);
        PublicKey generatePublic = keyFactory.generatePublic(new X509EncodedKeySpec(bArr2));
        KeyAgreement keyAgreement = KeyAgreement.getInstance("X25519");
        keyAgreement.init(privateKey);
        keyAgreement.doPhase(generatePublic, true);
        sSHSessionConfig.kexHolder.shareSecret = new BigInteger(keyAgreement.generateSecret());
    }

    private void setConcatenationOfH(FlowContext flowContext) throws Exception {
        SSHSessionConfig sSHSessionConfig = (SSHSessionConfig) flowContext.checkData("sshSessionConfig");
        SSHString sSHString = (SSHString) flowContext.checkData("hostKey");
        SSHString sSHString2 = (SSHString) flowContext.checkData("clientPublicKey");
        SSHString sSHString3 = (SSHString) flowContext.checkData("serverPublicKey");
        SSHOutputStreamImpl sSHOutputStreamImpl = new SSHOutputStreamImpl();
        sSHOutputStreamImpl.writeSSHString(sSHSessionConfig.kexHolder.V_C);
        sSHOutputStreamImpl.writeSSHString(sSHSessionConfig.kexHolder.V_S);
        sSHOutputStreamImpl.writeSSHString(sSHSessionConfig.kexHolder.I_C);
        sSHOutputStreamImpl.writeSSHString(sSHSessionConfig.kexHolder.I_S);
        sSHOutputStreamImpl.writeSSHString(sSHString);
        sSHOutputStreamImpl.writeSSHString(sSHString2);
        sSHOutputStreamImpl.writeSSHString(sSHString3);
        sSHOutputStreamImpl.writeMPInt(sSHSessionConfig.kexHolder.shareSecret);
        sSHSessionConfig.kexHolder.concatenationOfH = sSHOutputStreamImpl.toByteArray();
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
