package net.schmizz.sshj.transport;

import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Queue;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicBoolean;
import net.schmizz.sshj.common.Buffer;
import net.schmizz.sshj.common.DisconnectReason;
import net.schmizz.sshj.common.KeyType;
import net.schmizz.sshj.common.Message;
import net.schmizz.sshj.common.SSHException;
import net.schmizz.sshj.common.b;
import net.schmizz.sshj.transport.cipher.Cipher;
import net.schmizz.sshj.transport.compression.Compression;
import tt.a10;
import tt.c10;
import tt.dl0;
import tt.i5;
import tt.o10;
import tt.oc0;
import tt.ro0;
import tt.sj1;
import tt.tu;
import tt.vn0;
import tt.xk0;
import tt.z00;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public final class KeyExchanger implements sj1, a10 {
    private final vn0 a;
    private final g c;
    private final Queue<oc0> d = new LinkedList();
    private final Queue<i5> e = new LinkedList();
    private final AtomicBoolean g = new AtomicBoolean();
    private Expected h = Expected.KEXINIT;
    private dl0 i;
    private byte[] j;
    private e k;

    /* renamed from: l, reason: collision with root package name */
    private d f351l;
    private final c10<TransportException> m;
    private final c10<TransportException> n;

    /* loaded from: classes2.dex */
    private enum Expected {
        KEXINIT,
        FOLLOWUP,
        NEWKEYS
    }

    /* loaded from: classes2.dex */
    static /* synthetic */ class a {
        static final /* synthetic */ int[] a;

        static {
            int[] iArr = new int[Expected.values().length];
            a = iArr;
            try {
                iArr[Expected.KEXINIT.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                a[Expected.FOLLOWUP.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                a[Expected.NEWKEYS.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public KeyExchanger(g gVar) {
        this.c = gVar;
        this.a = gVar.A().f().a(KeyExchanger.class);
        o10<TransportException> o10Var = TransportException.c;
        this.m = new c10<>("kexinit sent", o10Var, gVar.A().f());
        this.n = new c10<>("kex done", o10Var, gVar.r(), gVar.A().f());
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    private synchronized void b() {
        try {
            if (!j()) {
                throw new TransportException(DisconnectReason.PROTOCOL_ERROR, "Key exchange packet received when key exchange was not ongoing");
            }
        } catch (Throwable th) {
            throw th;
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    private static void c(Message message, Message message2) {
        if (message == message2) {
            return;
        }
        throw new TransportException(DisconnectReason.PROTOCOL_ERROR, "Was expecting " + message2);
    }

    private List<String> d(String str, int i) {
        Iterator<oc0> it = this.d.iterator();
        while (it.hasNext()) {
            List<String> b = it.next().b(str, i);
            if (b != null && !b.isEmpty()) {
                return b;
            }
        }
        return Collections.emptyList();
    }

    /* JADX WARN: Unreachable blocks removed: 2, instructions: 2 */
    private void h(net.schmizz.sshj.common.c cVar) {
        cVar.R(cVar.Q() - 1);
        e eVar = new e(cVar);
        d m = this.k.m(eVar);
        this.f351l = m;
        this.a.z("Negotiated algorithms: {}", m);
        for (i5 i5Var : this.e) {
            this.a.z("Trying to verify algorithms with {}", i5Var);
            if (!i5Var.a(this.f351l)) {
                throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, "Failed to verify negotiated algorithms `" + this.f351l + "`");
            }
        }
        this.i = (dl0) b.a.C0180a.a(this.c.A().d(), this.f351l.d());
        g gVar = this.c;
        gVar.F((xk0) b.a.C0180a.a(gVar.A().j(), this.f351l.h()));
        try {
            dl0 dl0Var = this.i;
            g gVar2 = this.c;
            dl0Var.a(gVar2, gVar2.q(), this.c.i(), eVar.i().f(), this.k.i().f());
        } catch (GeneralSecurityException e) {
            throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, e);
        }
    }

    private void i() {
        ro0 ro0Var;
        tu f = this.i.f();
        byte[] e = this.i.e();
        if (this.j == null) {
            this.j = e;
        }
        Buffer.a p = new Buffer.a().n(this.i.d()).p(e).k((byte) 0).p(this.j);
        int b = (p.b() - this.j.length) - 1;
        p.a()[b] = 65;
        f.update(p.a(), 0, p.b());
        byte[] b2 = f.b();
        p.a()[b] = 66;
        f.update(p.a(), 0, p.b());
        byte[] b3 = f.b();
        p.a()[b] = 67;
        f.update(p.a(), 0, p.b());
        byte[] b4 = f.b();
        p.a()[b] = 68;
        f.update(p.a(), 0, p.b());
        byte[] b5 = f.b();
        p.a()[b] = 69;
        f.update(p.a(), 0, p.b());
        byte[] b6 = f.b();
        p.a()[b] = 70;
        f.update(p.a(), 0, p.b());
        byte[] b7 = f.b();
        Cipher cipher = (Cipher) b.a.C0180a.a(this.c.A().a(), this.f351l.a());
        cipher.d(Cipher.Mode.Encrypt, l(b4, cipher.getBlockSize(), f, this.i.d(), this.i.e()), b2);
        Cipher cipher2 = (Cipher) b.a.C0180a.a(this.c.A().a(), this.f351l.e());
        cipher2.d(Cipher.Mode.Decrypt, l(b5, cipher2.getBlockSize(), f, this.i.d(), this.i.e()), b3);
        ro0 ro0Var2 = null;
        if (cipher.b() == 0) {
            ro0Var = (ro0) b.a.C0180a.a(this.c.A().b(), this.f351l.c());
            ro0Var.init(l(b6, ro0Var.getBlockSize(), f, this.i.d(), this.i.e()));
        } else {
            ro0Var = null;
        }
        if (cipher2.b() == 0) {
            ro0Var2 = (ro0) b.a.C0180a.a(this.c.A().b(), this.f351l.g());
            ro0Var2.init(l(b7, ro0Var2.getBlockSize(), f, this.i.d(), this.i.e()));
        }
        Compression compression = (Compression) b.a.C0180a.a(this.c.A().e(), this.f351l.f());
        this.c.n().c(cipher, ro0Var, (Compression) b.a.C0180a.a(this.c.A().e(), this.f351l.b()));
        this.c.l().c(cipher2, ro0Var2, compression);
    }

    private static byte[] l(byte[] bArr, int i, tu tuVar, BigInteger bigInteger, byte[] bArr2) {
        while (i > bArr.length) {
            Buffer.a p = new Buffer.a().n(bigInteger).p(bArr2).p(bArr);
            tuVar.update(p.a(), 0, p.b());
            byte[] b = tuVar.b();
            byte[] bArr3 = new byte[bArr.length + b.length];
            System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
            System.arraycopy(b, 0, bArr3, bArr.length, b.length);
            bArr = bArr3;
        }
        return bArr;
    }

    private void n() {
        this.a.debug("Sending SSH_MSG_KEXINIT");
        e eVar = new e(this.c.A(), d(this.c.s(), this.c.p()));
        this.k = eVar;
        this.c.v(eVar.i());
        this.m.h();
    }

    private void p() {
        this.a.debug("Sending SSH_MSG_NEWKEYS");
        this.c.v(new net.schmizz.sshj.common.c(Message.NEWKEYS));
    }

    private void q() {
        this.g.set(false);
        this.m.b();
        this.n.h();
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    private synchronized void t(PublicKey publicKey) {
        try {
            for (oc0 oc0Var : this.d) {
                this.a.z("Trying to verify host key with {}", oc0Var);
                if (oc0Var.a(this.c.s(), this.c.p(), publicKey)) {
                }
            }
            this.a.x("Disconnecting because none of the configured Host key verifiers ({}) could verify '{}' host key with fingerprint {} for {}:{}", this.d, KeyType.a(publicKey), net.schmizz.sshj.common.d.b(publicKey), this.c.s(), Integer.valueOf(this.c.p()));
            throw new TransportException(DisconnectReason.HOST_KEY_NOT_VERIFIABLE, "Could not verify `" + KeyType.a(publicKey) + "` host key with fingerprint `" + net.schmizz.sshj.common.d.b(publicKey) + "` for `" + this.c.s() + "` on port " + this.c.p());
        } catch (Throwable th) {
            throw th;
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Override // tt.sj1
    public void T(Message message, net.schmizz.sshj.common.c cVar) {
        int i = a.a[this.h.ordinal()];
        if (i == 1) {
            c(message, Message.KEXINIT);
            this.a.debug("Received SSH_MSG_KEXINIT");
            r(false);
            this.m.a(this.c.e(), TimeUnit.MILLISECONDS);
            h(cVar);
            this.h = Expected.FOLLOWUP;
        } else {
            if (i != 2) {
                if (i != 3) {
                    return;
                }
                c(message, Message.NEWKEYS);
                b();
                this.a.debug("Received SSH_MSG_NEWKEYS");
                i();
                q();
                this.h = Expected.KEXINIT;
                return;
            }
            b();
            this.a.debug("Received kex followup data");
            try {
                if (this.i.c(message, cVar)) {
                    t(this.i.b());
                    p();
                    this.h = Expected.NEWKEYS;
                }
            } catch (GeneralSecurityException e) {
                throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, e);
            }
        }
    }

    @Override // tt.a10
    public void V(SSHException sSHException) {
        this.a.z("Got notified of {}", sSHException.toString());
        z00.b(sSHException, this.m, this.n);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public synchronized void Z(oc0 oc0Var) {
        try {
            this.d.add(oc0Var);
        } catch (Throwable th) {
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] getSessionID() {
        byte[] bArr = this.j;
        return Arrays.copyOf(bArr, bArr.length);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean j() {
        return this.g.get();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void r(boolean z) {
        if (!this.g.getAndSet(true)) {
            this.n.b();
            n();
        }
        if (z) {
            u();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void u() {
        this.n.a(this.c.e(), TimeUnit.MILLISECONDS);
    }
}
