package com.sshtools.callback.client;

import com.sshtools.common.auth.AbstractAuthenticationProtocol;
import com.sshtools.common.auth.AuthenticationMechanism;
import com.sshtools.common.logger.Log;
import com.sshtools.common.ssh.ConnectionAwareTask;
import com.sshtools.common.ssh.Context;
import com.sshtools.common.ssh.ExecutorOperationSupport;
import com.sshtools.common.ssh.SshConnection;
import com.sshtools.common.ssh.components.SshKeyPair;
import com.sshtools.common.ssh.components.SshPublicKey;
import com.sshtools.common.ssh.components.jce.JCEComponentManager;
import com.sshtools.common.sshd.AbstractServerTransport;
import com.sshtools.common.sshd.SshMessage;
import com.sshtools.common.util.ByteArrayReader;
import com.sshtools.common.util.ByteArrayWriter;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.util.Objects;

/* loaded from: input_file:com/sshtools/callback/client/MutualCallbackAuthentication.class */
public class MutualCallbackAuthentication<C extends Context> implements AuthenticationMechanism {
    public static final int SSH_MSG_USERAUTH_SIGNED_CHALLENGE = 60;
    private AbstractServerTransport<C> transport;
    private AbstractAuthenticationProtocol<C> authentication;
    private SshConnection con;
    private MutualCallbackAuthenticationProvider provider;
    public static final String AUTHENTICATION_METHOD = "publickey";

    /* loaded from: input_file:com/sshtools/callback/client/MutualCallbackAuthentication$ProcessLocalChallenge.class */
    class ProcessLocalChallenge extends ConnectionAwareTask {
        byte[] msg;

        public ProcessLocalChallenge(SshConnection sshConnection, byte[] bArr) {
            super(sshConnection);
            this.msg = bArr;
        }

        protected void doTask() throws Throwable {
            ByteArrayReader byteArrayReader = new ByteArrayReader(this.msg);
            try {
                byteArrayReader.skip(1L);
                byte[] readBinaryString = byteArrayReader.readBinaryString();
                String obj = this.con.getProperty("username").toString();
                ByteArrayWriter byteArrayWriter = new ByteArrayWriter();
                try {
                    byteArrayWriter.writeBinaryString((byte[]) this.con.getProperty("ourChallenge"));
                    byteArrayWriter.writeString(obj);
                    byteArrayWriter.writeBinaryString(MutualCallbackAuthentication.this.transport.getSessionKey());
                    SshPublicKey remotePublicKey = MutualCallbackAuthentication.this.provider.getRemotePublicKey(this.con);
                    if (Objects.isNull(remotePublicKey)) {
                        MutualCallbackAuthentication.this.authentication.failedAuthentication();
                    }
                    if (remotePublicKey.verifySignature(readBinaryString, byteArrayWriter.toByteArray())) {
                        MutualCallbackAuthentication.this.authentication.completedAuthentication();
                    } else {
                        MutualCallbackAuthentication.this.authentication.failedAuthentication();
                    }
                    byteArrayWriter.close();
                    byteArrayReader.close();
                } finally {
                }
            } catch (Throwable th) {
                try {
                    byteArrayReader.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        }
    }

    /* loaded from: input_file:com/sshtools/callback/client/MutualCallbackAuthentication$ProcessRemoteChallenge.class */
    class ProcessRemoteChallenge extends ConnectionAwareTask {
        byte[] msg;
        String username;

        public ProcessRemoteChallenge(SshConnection sshConnection, String str, byte[] bArr) {
            super(sshConnection);
            this.username = str;
            this.msg = bArr;
        }

        protected void doTask() throws Throwable {
            ByteArrayReader byteArrayReader = new ByteArrayReader(this.msg);
            try {
                byte[] readBinaryString = byteArrayReader.readBinaryString();
                ByteArrayWriter byteArrayWriter = new ByteArrayWriter();
                try {
                    byteArrayWriter.writeBinaryString(readBinaryString);
                    byteArrayWriter.writeString(this.username);
                    byteArrayWriter.writeBinaryString(MutualCallbackAuthentication.this.transport.getSessionKey());
                    SshKeyPair localPrivateKey = MutualCallbackAuthentication.this.provider.getLocalPrivateKey(this.con);
                    if (Objects.isNull(localPrivateKey)) {
                        MutualCallbackAuthentication.this.authentication.failedAuthentication();
                        byteArrayWriter.close();
                        byteArrayReader.close();
                        return;
                    }
                    final byte[] sign = localPrivateKey.getPrivateKey().sign(byteArrayWriter.toByteArray());
                    if (!localPrivateKey.getPublicKey().verifySignature(sign, byteArrayWriter.toByteArray())) {
                        throw new IllegalStateException();
                    }
                    final byte[] bArr = new byte[512];
                    JCEComponentManager.getSecureRandom().nextBytes(bArr);
                    this.con.setProperty("ourChallenge", bArr);
                    this.con.setProperty("username", this.username);
                    MutualCallbackAuthentication.this.transport.postMessage(new SshMessage() { // from class: com.sshtools.callback.client.MutualCallbackAuthentication.ProcessRemoteChallenge.1
                        public boolean writeMessageIntoBuffer(ByteBuffer byteBuffer) {
                            byteBuffer.put((byte) 60);
                            byteBuffer.putInt(sign.length);
                            byteBuffer.put(sign);
                            byteBuffer.putInt(bArr.length);
                            byteBuffer.put(bArr);
                            return true;
                        }

                        public void messageSent(Long l) {
                            if (Log.isDebugEnabled()) {
                                Log.debug("Sent SSH_MSG_USERAUTH_SIGNED_CHALLENGE", new Object[0]);
                            }
                        }
                    });
                    byteArrayWriter.close();
                    byteArrayReader.close();
                } finally {
                }
            } catch (Throwable th) {
                try {
                    byteArrayReader.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        }
    }

    public MutualCallbackAuthentication(AbstractServerTransport<C> abstractServerTransport, AbstractAuthenticationProtocol<C> abstractAuthenticationProtocol, SshConnection sshConnection, MutualCallbackAuthenticationProvider mutualCallbackAuthenticationProvider) {
        this.transport = abstractServerTransport;
        this.authentication = abstractAuthenticationProtocol;
        this.con = sshConnection;
        this.provider = mutualCallbackAuthenticationProvider;
    }

    public boolean startRequest(String str, byte[] bArr) throws IOException {
        this.transport.addTask(ExecutorOperationSupport.EVENTS, new ProcessRemoteChallenge(this.con, str, bArr));
        return true;
    }

    public boolean processMessage(byte[] bArr) throws IOException {
        if (bArr[0] != 60) {
            return false;
        }
        this.transport.addTask(ExecutorOperationSupport.EVENTS, new ProcessLocalChallenge(this.con, bArr));
        return true;
    }

    public String getMethod() {
        return MutualCallbackAuthenticationProvider.MUTUAL_KEY_AUTHENTICATION;
    }
}
