package net.schmizz.sshj.transport;

import g0.d.c.c;
import g0.d.c.h.d;
import g0.d.c.h.e;
import g0.d.c.h.g;
import g0.d.c.h.h;
import g0.d.c.h.i;
import g0.d.c.h.j;
import g0.d.c.l.e;
import g0.d.c.l.f;
import g0.d.c.l.i;
import g0.d.c.l.m.m;
import g0.d.c.l.p.a;
import j0.e.b;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import java.util.LinkedList;
import java.util.Objects;
import java.util.Queue;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicBoolean;
import net.schmizz.sshj.common.Buffer;
import net.schmizz.sshj.common.DisconnectReason;
import net.schmizz.sshj.common.KeyType;
import net.schmizz.sshj.common.Message;
import net.schmizz.sshj.common.SSHException;
import net.schmizz.sshj.transport.cipher.Cipher;
import net.schmizz.sshj.transport.compression.Compression;

/* loaded from: classes.dex */
public final class KeyExchanger implements i, d {
    public f A;
    public final b a;
    public final g0.d.c.l.i c;
    public e g3;
    public final g0.d.a.b<TransportException> h3;
    public final g0.d.a.b<TransportException> i3;

    /* renamed from: x, reason: collision with root package name */
    public m f1241x;

    /* renamed from: y, reason: collision with root package name */
    public byte[] f1242y;
    public final Queue<g0.d.c.l.p.d> d = new LinkedList();
    public final Queue<a> h = new LinkedList();
    public final AtomicBoolean i = new AtomicBoolean();
    public Expected q = Expected.KEXINIT;

    /* loaded from: classes.dex */
    public enum Expected {
        KEXINIT,
        FOLLOWUP,
        NEWKEYS
    }

    public KeyExchanger(g0.d.c.l.i iVar) {
        this.c = iVar;
        Objects.requireNonNull((g.a) ((c) iVar.h).j);
        this.a = j0.e.c.e(KeyExchanger.class);
        g0.d.a.c<TransportException> cVar = TransportException.c;
        this.h3 = new g0.d.a.b<>("kexinit sent", cVar, ((c) iVar.h).j);
        this.i3 = new g0.d.a.b<>("kex done", cVar, iVar.r3, ((c) iVar.h).j);
    }

    public static void e(Message message, Message message2) throws TransportException {
        if (message == message2) {
            return;
        }
        throw new TransportException(DisconnectReason.PROTOCOL_ERROR, "Was expecting " + message2);
    }

    public static byte[] g(byte[] bArr, int i, g0.d.c.l.l.b bVar, BigInteger bigInteger, byte[] bArr2) {
        while (i > bArr.length) {
            Buffer.a aVar = new Buffer.a();
            aVar.k(bigInteger);
            aVar.m(bArr2);
            aVar.m(bArr);
            bVar.update(aVar.a, 0, aVar.a());
            byte[] b = bVar.b();
            byte[] bArr3 = new byte[bArr.length + b.length];
            System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
            System.arraycopy(b, 0, bArr3, bArr.length, b.length);
            bArr = bArr3;
        }
        return bArr;
    }

    @Override // g0.d.c.h.i
    public void c(Message message, h hVar) throws TransportException {
        DisconnectReason disconnectReason = DisconnectReason.KEY_EXCHANGE_FAILED;
        int ordinal = this.q.ordinal();
        if (ordinal == 0) {
            e(message, Message.KEXINIT);
            this.a.n("Received SSH_MSG_KEXINIT");
            j(false);
            g0.d.a.b<TransportException> bVar = this.h3;
            Objects.requireNonNull(this.c);
            bVar.a.e(30000, TimeUnit.MILLISECONDS);
            hVar.b--;
            f fVar = new f(hVar);
            f fVar2 = this.A;
            e eVar = new e(f.a(fVar2.a, fVar.a), f.a(fVar2.b, fVar.b), f.a(fVar2.c, fVar.c), f.a(fVar2.d, fVar.d), f.a(fVar2.f1023e, fVar.f1023e), f.a(fVar2.f, fVar.f), f.a(fVar2.g, fVar.g), f.a(fVar2.h, fVar.h), fVar.b.containsAll(e.g.m.a.c.a));
            this.g3 = eVar;
            this.a.q("Negotiated algorithms: {}", eVar);
            for (a aVar : this.h) {
                this.a.q("Trying to verify algorithms with {}", aVar);
                if (!aVar.a(this.g3)) {
                    StringBuilder Y = e.b.a.a.a.Y("Failed to verify negotiated algorithms `");
                    Y.append(this.g3);
                    Y.append("`");
                    throw new TransportException(disconnectReason, Y.toString());
                }
            }
            this.f1241x = (m) e.a.C0141a.a(((c) this.c.h).d, this.g3.a);
            g0.d.c.l.i iVar = this.c;
            iVar.A = (e.g.m.a.b) e.a.C0141a.a(((c) iVar.h).h, this.g3.b);
            g0.d.c.l.i iVar2 = this.c;
            iVar2.g3 = this.g3.i;
            try {
                this.f1241x.a(iVar2, iVar2.p3, iVar2.j3, fVar.b().e(), this.A.b().e());
                this.q = Expected.FOLLOWUP;
                return;
            } catch (GeneralSecurityException e2) {
                throw new TransportException(disconnectReason, e2);
            }
        }
        if (ordinal == 1) {
            d();
            this.a.n("Received kex followup data");
            try {
                if (this.f1241x.c(message, hVar)) {
                    l(this.f1241x.b());
                    this.a.n("Sending SSH_MSG_NEWKEYS");
                    this.c.p(new h(Message.NEWKEYS));
                    this.q = Expected.NEWKEYS;
                    return;
                }
                return;
            } catch (GeneralSecurityException e3) {
                throw new TransportException(disconnectReason, e3);
            }
        }
        if (ordinal != 2) {
            return;
        }
        e(message, Message.NEWKEYS);
        d();
        this.a.n("Received SSH_MSG_NEWKEYS");
        g0.d.c.l.l.b f = this.f1241x.f();
        byte[] e4 = this.f1241x.e();
        if (this.f1242y == null) {
            this.f1242y = e4;
        }
        Buffer.a aVar2 = new Buffer.a();
        aVar2.k(this.f1241x.d());
        aVar2.m(e4);
        aVar2.i((byte) 0);
        aVar2.m(this.f1242y);
        int a = (aVar2.a() - this.f1242y.length) - 1;
        byte[] bArr = aVar2.a;
        bArr[a] = 65;
        f.update(bArr, 0, aVar2.a());
        byte[] b = f.b();
        byte[] bArr2 = aVar2.a;
        bArr2[a] = 66;
        f.update(bArr2, 0, aVar2.a());
        byte[] b2 = f.b();
        byte[] bArr3 = aVar2.a;
        bArr3[a] = 67;
        f.update(bArr3, 0, aVar2.a());
        byte[] b3 = f.b();
        byte[] bArr4 = aVar2.a;
        bArr4[a] = 68;
        f.update(bArr4, 0, aVar2.a());
        byte[] b4 = f.b();
        byte[] bArr5 = aVar2.a;
        bArr5[a] = 69;
        f.update(bArr5, 0, aVar2.a());
        byte[] b5 = f.b();
        byte[] bArr6 = aVar2.a;
        bArr6[a] = 70;
        f.update(bArr6, 0, aVar2.a());
        byte[] b6 = f.b();
        Cipher cipher = (Cipher) e.a.C0141a.a(((c) this.c.h).f998e, this.g3.c);
        cipher.e(Cipher.Mode.Encrypt, g(b3, cipher.d(), f, this.f1241x.d(), this.f1241x.e()), b);
        Cipher cipher2 = (Cipher) e.a.C0141a.a(((c) this.c.h).f998e, this.g3.d);
        cipher2.e(Cipher.Mode.Decrypt, g(b4, cipher2.d(), f, this.f1241x.d(), this.f1241x.e()), b2);
        g0.d.c.l.n.b bVar2 = (g0.d.c.l.n.b) e.a.C0141a.a(((c) this.c.h).g, this.g3.f1022e);
        bVar2.e(g(b5, bVar2.d(), f, this.f1241x.d(), this.f1241x.e()));
        g0.d.c.l.n.b bVar3 = (g0.d.c.l.n.b) e.a.C0141a.a(((c) this.c.h).g, this.g3.f);
        bVar3.e(g(b6, bVar3.d(), f, this.f1241x.d(), this.f1241x.e()));
        Compression compression = (Compression) e.a.C0141a.a(((c) this.c.h).f, this.g3.h);
        this.c.f1024x.b(cipher, bVar2, (Compression) e.a.C0141a.a(((c) this.c.h).f, this.g3.g));
        this.c.f1025y.b(cipher2, bVar3, compression);
        this.i.set(false);
        this.h3.a.a();
        this.i3.c();
        this.q = Expected.KEXINIT;
    }

    public final synchronized void d() throws TransportException {
        if (!f()) {
            throw new TransportException(DisconnectReason.PROTOCOL_ERROR, "Key exchange packet received when key exchange was not ongoing");
        }
    }

    public boolean f() {
        return this.i.get();
    }

    @Override // g0.d.c.h.d
    public void h(SSHException sSHException) {
        this.a.q("Got notified of {}", sSHException.toString());
        g0.d.a.a.a(sSHException, this.h3, this.i3);
    }

    public void j(boolean z2) throws TransportException {
        if (!this.i.getAndSet(true)) {
            this.i3.a.a();
            this.a.n("Sending SSH_MSG_KEXINIT");
            f fVar = new f(this.c.h);
            this.A = fVar;
            this.c.p(fVar.b());
            this.h3.c();
        }
        if (z2) {
            g0.d.a.b<TransportException> bVar = this.i3;
            Objects.requireNonNull(this.c);
            bVar.a.e(30000, TimeUnit.MILLISECONDS);
        }
    }

    public final synchronized void l(PublicKey publicKey) throws TransportException {
        for (g0.d.c.l.p.d dVar : this.d) {
            this.a.q("Trying to verify host key with {}", dVar);
            i.a aVar = this.c.o3;
            if (dVar.a(aVar.a, aVar.b, publicKey)) {
            }
        }
        b bVar = this.a;
        i.a aVar2 = this.c.o3;
        bVar.p("Disconnecting because none of the configured Host key verifiers ({}) could verify '{}' host key with fingerprint {} for {}:{}", this.d, KeyType.f(publicKey), j.a(publicKey), aVar2.a, Integer.valueOf(aVar2.b));
        throw new TransportException(DisconnectReason.HOST_KEY_NOT_VERIFIABLE, "Could not verify `" + KeyType.f(publicKey) + "` host key with fingerprint `" + j.a(publicKey) + "` for `" + this.c.o3.a + "` on port " + this.c.o3.b);
    }
}
