package org.jboss.security.srp;

import java.io.Serializable;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import org.jboss.crypto.CryptoUtil;
import org.jboss.logging.Logger;

/* loaded from: input_file:org/jboss/security/srp/SRPServerSession.class */
public class SRPServerSession implements Serializable {
    static final long serialVersionUID = -2448005747721323704L;
    private static int B_LEN = 64;
    private static Logger log = Logger.getLogger((Class<?>) SRPServerSession.class);
    private SRPParameters params;
    private BigInteger N;
    private BigInteger g;
    private BigInteger v;
    private BigInteger b;
    private BigInteger B;
    private byte[] K;
    private transient MessageDigest clientHash;
    private byte[] M1;
    private transient MessageDigest serverHash;
    private byte[] M2;

    public SRPServerSession(String str, byte[] bArr, SRPParameters sRPParameters) {
        this.params = sRPParameters;
        this.v = new BigInteger(1, bArr);
        this.g = new BigInteger(1, sRPParameters.g);
        this.N = new BigInteger(1, sRPParameters.N);
        if (log.isTraceEnabled()) {
            log.trace("g: " + CryptoUtil.tob64(sRPParameters.g));
        }
        if (log.isTraceEnabled()) {
            log.trace("v: " + CryptoUtil.tob64(bArr));
        }
        this.serverHash = CryptoUtil.newDigest();
        this.clientHash = CryptoUtil.newDigest();
        byte[] digest = CryptoUtil.newDigest().digest(sRPParameters.N);
        if (log.isTraceEnabled()) {
            log.trace("H(N): " + CryptoUtil.tob64(digest));
        }
        byte[] digest2 = CryptoUtil.newDigest().digest(sRPParameters.g);
        if (log.isTraceEnabled()) {
            log.trace("H(g): " + CryptoUtil.tob64(digest2));
        }
        byte[] xor = CryptoUtil.xor(digest, digest2, 20);
        if (log.isTraceEnabled()) {
            log.trace("H(N) xor H(g): " + CryptoUtil.tob64(xor));
        }
        this.clientHash.update(xor);
        if (log.isTraceEnabled()) {
            log.trace("H[H(N) xor H(g)]: " + CryptoUtil.tob64(CryptoUtil.copy(this.clientHash).digest()));
        }
        this.clientHash.update(CryptoUtil.newDigest().digest(str.getBytes()));
        if (log.isTraceEnabled()) {
            log.trace("H[H(N) xor H(g) | H(U)]: " + CryptoUtil.tob64(CryptoUtil.copy(this.clientHash).digest()));
        }
        this.clientHash.update(sRPParameters.s);
        if (log.isTraceEnabled()) {
            log.trace("H[H(N) xor H(g) | H(U) | s]: " + CryptoUtil.tob64(CryptoUtil.copy(this.clientHash).digest()));
        }
        this.K = null;
    }

    public SRPParameters getParameters() {
        return this.params;
    }

    public byte[] exponential() {
        if (this.B == null) {
            BigInteger valueOf = BigInteger.valueOf(1L);
            do {
                this.b = new BigInteger(B_LEN, CryptoUtil.getPRNG());
            } while (this.b.compareTo(valueOf) <= 0);
            this.B = this.v.add(this.g.modPow(this.b, this.N));
            if (this.B.compareTo(this.N) >= 0) {
                this.B = this.B.subtract(this.N);
            }
        }
        return CryptoUtil.trim(this.B.toByteArray());
    }

    public void buildSessionKey(byte[] bArr) throws NoSuchAlgorithmException {
        if (log.isTraceEnabled()) {
            log.trace("A: " + CryptoUtil.tob64(bArr));
        }
        byte[] trim = CryptoUtil.trim(this.B.toByteArray());
        this.clientHash.update(bArr);
        if (log.isTraceEnabled()) {
            log.trace("H[H(N) xor H(g) | H(U) | s | A]: " + CryptoUtil.tob64(CryptoUtil.copy(this.clientHash).digest()));
        }
        this.clientHash.update(trim);
        if (log.isTraceEnabled()) {
            log.trace("H[H(N) xor H(g) | H(U) | s | A | B]: " + CryptoUtil.tob64(CryptoUtil.copy(this.clientHash).digest()));
        }
        this.serverHash.update(bArr);
        byte[] digest = CryptoUtil.newDigest().digest(trim);
        byte[] bArr2 = {digest[0], digest[1], digest[2], digest[3]};
        BigInteger bigInteger = new BigInteger(1, bArr);
        if (log.isTraceEnabled()) {
            log.trace("A: " + CryptoUtil.tob64(bigInteger.toByteArray()));
        }
        if (log.isTraceEnabled()) {
            log.trace("B: " + CryptoUtil.tob64(this.B.toByteArray()));
        }
        if (log.isTraceEnabled()) {
            log.trace("v: " + CryptoUtil.tob64(this.v.toByteArray()));
        }
        BigInteger bigInteger2 = new BigInteger(1, bArr2);
        if (log.isTraceEnabled()) {
            log.trace("u: " + CryptoUtil.tob64(bigInteger2.toByteArray()));
        }
        BigInteger mod = bigInteger.multiply(this.v.modPow(bigInteger2, this.N)).mod(this.N);
        if (log.isTraceEnabled()) {
            log.trace("A * v^u: " + CryptoUtil.tob64(mod.toByteArray()));
        }
        BigInteger modPow = mod.modPow(this.b, this.N);
        if (log.isTraceEnabled()) {
            log.trace("S: " + CryptoUtil.tob64(modPow.toByteArray()));
        }
        this.K = MessageDigest.getInstance(this.params.hashAlgorithm).digest(modPow.toByteArray());
        if (log.isTraceEnabled()) {
            log.trace("K: " + CryptoUtil.tob64(this.K));
        }
        this.clientHash.update(this.K);
        if (log.isTraceEnabled()) {
            log.trace("H[H(N) xor H(g) | H(U) | s | A | B | K]: " + CryptoUtil.tob64(CryptoUtil.copy(this.clientHash).digest()));
        }
    }

    public byte[] getSessionKey() throws SecurityException {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(new SRPPermission("getSessionKey"));
        }
        return this.K;
    }

    public byte[] getServerResponse() {
        if (this.M2 == null) {
            this.M2 = this.serverHash.digest();
        }
        return this.M2;
    }

    public byte[] getClientResponse() {
        return this.M1;
    }

    public boolean verify(byte[] bArr) {
        boolean z = false;
        this.M1 = this.clientHash.digest();
        if (log.isTraceEnabled()) {
            log.trace("verify M1: " + CryptoUtil.tob64(this.M1));
            log.trace("verify clientM1: " + CryptoUtil.tob64(bArr));
        }
        if (Arrays.equals(bArr, this.M1)) {
            this.serverHash.update(this.M1);
            this.serverHash.update(this.K);
            if (log.isTraceEnabled()) {
                log.trace("H(A | M1 | K)" + CryptoUtil.tob64(CryptoUtil.copy(this.serverHash).digest()));
            }
            z = true;
        }
        return z;
    }
}
