package anon.tor;

import anon.crypto.MyAES;
import anon.crypto.MyRSA;
import anon.crypto.MyRSAPublicKey;
import anon.crypto.tinytls.util.hash;
import anon.tor.cells.Cell;
import anon.tor.cells.CreateCell;
import anon.tor.cells.RelayCell;
import anon.tor.ordescription.ORDescriptor;
import anon.util.ByteArrayUtil;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.net.InetAddress;
import java.security.SecureRandom;
import logging.LogHolder;
import logging.LogType;
import mybouncycastle.org.bouncycastle.asn1.DEROutputStream;
import mybouncycastle.org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import mybouncycastle.org.bouncycastle.crypto.CryptoException;
import mybouncycastle.org.bouncycastle.crypto.InvalidCipherTextException;
import mybouncycastle.org.bouncycastle.crypto.agreement.DHBasicAgreement;
import mybouncycastle.org.bouncycastle.crypto.digests.SHA1Digest;
import mybouncycastle.org.bouncycastle.crypto.generators.DHKeyPairGenerator;
import mybouncycastle.org.bouncycastle.crypto.params.DHKeyGenerationParameters;
import mybouncycastle.org.bouncycastle.crypto.params.DHParameters;
import mybouncycastle.org.bouncycastle.crypto.params.DHPrivateKeyParameters;
import mybouncycastle.org.bouncycastle.crypto.params.DHPublicKeyParameters;

/* loaded from: classes.dex */
public class OnionRouter {
    private int m_circID;
    private MyAES m_decryptionEngine;
    private ORDescriptor m_description;
    private DHBasicAgreement m_dhe;
    private SHA1Digest m_digestDb;
    private SHA1Digest m_digestDf;
    private MyAES m_encryptionEngine;
    private static final BigInteger SAFEPRIME = new BigInteger("00FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF", 16);
    private static final BigInteger MINKEY = new BigInteger(new byte[]{1, 0, 0, 0});
    private static final BigInteger MAXKEY = SAFEPRIME.subtract(MINKEY);
    private static final DHParameters DH_PARAMS = new DHParameters(SAFEPRIME, new BigInteger("2"));
    private OnionRouter m_nextOR = null;
    private boolean m_extended = false;

    public OnionRouter(int i, ORDescriptor oRDescriptor) throws IOException {
        this.m_description = oRDescriptor;
        this.m_circID = i;
    }

    private void checkExtendParameters(byte[] bArr, int i, int i2) throws Exception {
        byte[] bArr2 = new byte[128];
        System.arraycopy(bArr, i, bArr2, 0, 128);
        BigInteger calculateAgreement = this.m_dhe.calculateAgreement(new DHPublicKeyParameters(new BigInteger(1, bArr2), DH_PARAMS));
        byte[] byteArray = calculateAgreement.toByteArray();
        byte[] bArr3 = new byte[129];
        if (byteArray[0] == 0) {
            System.arraycopy(byteArray, 1, bArr3, 0, 128);
        } else {
            System.arraycopy(byteArray, 0, bArr3, 0, 128);
        }
        byte[] sha = hash.sha(bArr3);
        for (int i3 = 0; i3 < sha.length; i3++) {
            if (sha[i3] != bArr[i3 + i + 128]) {
                throw new Exception("wrong derivative key");
            }
        }
        if (calculateAgreement.compareTo(MINKEY) == -1 || calculateAgreement.compareTo(MAXKEY) == 1) {
            throw new CryptoException("Calculated DH-Key is not in allowed range (KEY:" + calculateAgreement.doubleValue() + ")");
        }
        if (calculateAgreement.bitCount() < 16 || 1024 - calculateAgreement.bitCount() < 16) {
            throw new CryptoException("Calculated DH-Key is not valid. Not enough zeros ore ones");
        }
        bArr3[128] = 1;
        this.m_digestDf = new SHA1Digest();
        this.m_digestDf.update(hash.sha(bArr3), 0, 20);
        bArr3[128] = 2;
        this.m_digestDb = new SHA1Digest();
        this.m_digestDb.update(hash.sha(bArr3), 0, 20);
        bArr3[128] = 3;
        byte[] sha2 = hash.sha(bArr3);
        this.m_encryptionEngine = new MyAES();
        this.m_encryptionEngine.init(true, sha2, 0, 16);
        byte[] bArr4 = new byte[16];
        System.arraycopy(sha2, 16, bArr4, 0, 4);
        bArr3[128] = 4;
        System.arraycopy(hash.sha(bArr3), 0, bArr4, 4, 12);
        this.m_decryptionEngine = new MyAES();
        this.m_decryptionEngine.init(true, bArr4);
    }

    private byte[] createExtendOnionSkin() throws IOException, InvalidCipherTextException, Exception {
        byte[] bArr = new byte[86];
        byte[] bArr2 = new byte[16];
        MyAES myAES = new MyAES();
        new SecureRandom().nextBytes(bArr2);
        myAES.init(true, bArr2);
        DHKeyGenerationParameters dHKeyGenerationParameters = new DHKeyGenerationParameters(new SecureRandom(), DH_PARAMS);
        DHKeyPairGenerator dHKeyPairGenerator = new DHKeyPairGenerator();
        dHKeyPairGenerator.init(dHKeyGenerationParameters);
        AsymmetricCipherKeyPair generateKeyPair = dHKeyPairGenerator.generateKeyPair();
        DHPublicKeyParameters dHPublicKeyParameters = (DHPublicKeyParameters) generateKeyPair.getPublic();
        DHPrivateKeyParameters dHPrivateKeyParameters = (DHPrivateKeyParameters) generateKeyPair.getPrivate();
        this.m_dhe = new DHBasicAgreement();
        this.m_dhe.init(dHPrivateKeyParameters);
        byte[] byteArray = dHPublicKeyParameters.getY().toByteArray();
        int i = byteArray[0] == 0 ? 1 : 0;
        System.arraycopy(bArr2, 0, bArr, 0, 16);
        System.arraycopy(byteArray, i, bArr, 16, 70);
        MyRSA myRSA = new MyRSA();
        myRSA.init(this.m_description.getOnionKey());
        byte[] bArr3 = new byte[186];
        System.arraycopy(myRSA.processBlockOAEP(bArr, 0, bArr.length), 0, bArr3, 0, 128);
        myAES.processBytesCTR(byteArray, i + 70, bArr3, 128, 58);
        return bArr3;
    }

    private RelayCell extendConnection(String str, int i) throws IOException, InvalidCipherTextException, Exception {
        byte[] conc = ByteArrayUtil.conc(InetAddress.getByName(str).getAddress(), ByteArrayUtil.inttobyte(i, 2), createExtendOnionSkin());
        MyRSAPublicKey signingKey = this.m_description.getSigningKey();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
        dEROutputStream.writeObject(signingKey.getAsSubjectPublicKeyInfo().getPublicKey());
        dEROutputStream.flush();
        return new RelayCell(this.m_circID, (byte) 6, 0, ByteArrayUtil.conc(conc, hash.sha(byteArrayOutputStream.toByteArray())));
    }

    public boolean checkCreatedCell(Cell cell) {
        try {
            checkExtendParameters(cell.getPayload(), 0, 148);
            return true;
        } catch (Throwable th) {
            return false;
        }
    }

    public boolean checkExtendedCell(RelayCell relayCell) {
        try {
            if (this.m_nextOR == null) {
                checkExtendParameters(relayCell.getPayload(), 11, 148);
                LogHolder.log(7, LogType.MISC, "[TOR] Circuit '" + this.m_circID + "' Extended");
                return true;
            }
            relayCell.doCryptography(this.m_decryptionEngine);
            if (this.m_extended) {
                return this.m_nextOR.checkExtendedCell(relayCell);
            }
            relayCell.checkDigest(this.m_digestDb);
            this.m_extended = this.m_nextOR.checkExtendedCell(relayCell);
            if (!this.m_extended) {
                this.m_nextOR = null;
            }
            return this.m_extended;
        } catch (Exception e) {
            return false;
        }
    }

    public CreateCell createConnection() throws Exception {
        CreateCell createCell = new CreateCell(this.m_circID);
        createCell.setPayload(createExtendOnionSkin(), 0);
        return createCell;
    }

    public synchronized RelayCell decryptCell(RelayCell relayCell) throws Exception {
        RelayCell relayCell2;
        relayCell2 = relayCell;
        relayCell2.doCryptography(this.m_decryptionEngine);
        if (this.m_nextOR == null || !this.m_extended) {
            relayCell2.checkDigest(this.m_digestDb);
        } else {
            relayCell2 = this.m_nextOR.decryptCell(relayCell2);
        }
        return relayCell2;
    }

    public synchronized RelayCell encryptCell(RelayCell relayCell) throws Exception {
        if (this.m_nextOR != null) {
            relayCell = this.m_nextOR.encryptCell(relayCell);
        } else {
            relayCell.generateDigest(this.m_digestDf);
        }
        relayCell.doCryptography(this.m_encryptionEngine);
        return relayCell;
    }

    public RelayCell extendConnection(ORDescriptor oRDescriptor) throws IOException, InvalidCipherTextException, Exception {
        RelayCell extendConnection;
        if (this.m_nextOR == null) {
            this.m_nextOR = new OnionRouter(this.m_circID, oRDescriptor);
            extendConnection = this.m_nextOR.extendConnection(oRDescriptor.getAddress(), oRDescriptor.getPort());
            extendConnection.generateDigest(this.m_digestDf);
        } else {
            extendConnection = this.m_nextOR.extendConnection(oRDescriptor);
        }
        extendConnection.doCryptography(this.m_encryptionEngine);
        return extendConnection;
    }

    public ORDescriptor getDescription() {
        return this.m_description;
    }
}
