package com.urbanvpn.ssh2.transport;

import com.google.firebase.crashlytics.g;
import com.urbanvpn.ssh2.ConnectionInfo;
import com.urbanvpn.ssh2.DHGexParameters;
import com.urbanvpn.ssh2.ExtendedServerHostKeyVerifier;
import com.urbanvpn.ssh2.ServerHostKeyVerifier;
import com.urbanvpn.ssh2.compression.CompressionFactory;
import com.urbanvpn.ssh2.compression.ICompressor;
import com.urbanvpn.ssh2.crypto.CryptoWishList;
import com.urbanvpn.ssh2.crypto.KeyMaterial;
import com.urbanvpn.ssh2.crypto.cipher.BlockCipher;
import com.urbanvpn.ssh2.crypto.cipher.BlockCipherFactory;
import com.urbanvpn.ssh2.crypto.digest.HMAC;
import com.urbanvpn.ssh2.crypto.digest.MACs;
import com.urbanvpn.ssh2.log.Logger;
import com.urbanvpn.ssh2.packets.PacketKexInit;
import com.urbanvpn.ssh2.packets.PacketNewKeys;
import com.urbanvpn.ssh2.signature.DSASHA1Verify;
import com.urbanvpn.ssh2.signature.ECDSASHA2Verify;
import com.urbanvpn.ssh2.signature.Ed25519Verify;
import com.urbanvpn.ssh2.signature.RSASHA1Verify;
import com.urbanvpn.ssh2.signature.RSASHA256Verify;
import com.urbanvpn.ssh2.signature.RSASHA512Verify;
import j.a.a.a.d;
import java.io.IOException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Set;

/* loaded from: classes.dex */
public class KexManager {
    private static final Logger q = Logger.a(KexManager.class);
    private static final boolean r;
    private static final Set<String> s;
    private static final Set<String> t;
    private KexState a;

    /* renamed from: c, reason: collision with root package name */
    private KeyMaterial f5046c;

    /* renamed from: d, reason: collision with root package name */
    byte[] f5047d;

    /* renamed from: e, reason: collision with root package name */
    private ClientServerHello f5048e;

    /* renamed from: j, reason: collision with root package name */
    private final TransportManager f5053j;

    /* renamed from: k, reason: collision with root package name */
    private CryptoWishList f5054k;

    /* renamed from: m, reason: collision with root package name */
    private ServerHostKeyVerifier f5056m;

    /* renamed from: n, reason: collision with root package name */
    private final String f5057n;
    private final int o;
    private final SecureRandom p;
    private int b = 0;

    /* renamed from: f, reason: collision with root package name */
    private final Object f5049f = new Object();

    /* renamed from: g, reason: collision with root package name */
    private ConnectionInfo f5050g = null;

    /* renamed from: h, reason: collision with root package name */
    private boolean f5051h = false;

    /* renamed from: i, reason: collision with root package name */
    private boolean f5052i = false;

    /* renamed from: l, reason: collision with root package name */
    private DHGexParameters f5055l = new DHGexParameters();

    static {
        KeyFactory keyFactory;
        try {
            keyFactory = KeyFactory.getInstance("EC");
        } catch (NoSuchAlgorithmException unused) {
            keyFactory = null;
            q.a(10, "Disabling EC support due to lack of KeyFactory");
        }
        r = keyFactory != null;
        s = new LinkedHashSet();
        s.add("ssh-ed25519");
        if (r) {
            s.add("ecdsa-sha2-nistp256");
            s.add("ecdsa-sha2-nistp384");
            s.add("ecdsa-sha2-nistp521");
        }
        s.add("ssh-rsa");
        s.add("ssh-dss");
        s.add("rsa-sha2-256");
        s.add("rsa-sha2-512");
        t = new LinkedHashSet();
        t.add("curve25519-sha256");
        t.add("curve25519-sha256@libssh.org");
        if (r) {
            t.add("ecdh-sha2-nistp256");
            t.add("ecdh-sha2-nistp384");
            t.add("ecdh-sha2-nistp521");
        }
        t.add("diffie-hellman-group18-sha512");
        t.add("diffie-hellman-group16-sha512");
        t.add("diffie-hellman-group-exchange-sha256");
        t.add("diffie-hellman-group14-sha256");
        t.add("diffie-hellman-group-exchange-sha1");
        t.add("diffie-hellman-group14-sha1");
        t.add("diffie-hellman-group1-sha1");
        t.add("ext-info-c");
    }

    public KexManager(TransportManager transportManager, ClientServerHello clientServerHello, CryptoWishList cryptoWishList, String str, int i2, ServerHostKeyVerifier serverHostKeyVerifier, SecureRandom secureRandom) {
        this.f5053j = transportManager;
        this.f5048e = clientServerHello;
        this.f5054k = cryptoWishList;
        this.f5057n = str;
        this.o = i2;
        this.f5056m = serverHostKeyVerifier;
        this.p = secureRandom;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    private void a() {
        try {
            int a = MACs.a(this.a.f5069c.f5081f);
            this.f5046c = KeyMaterial.a(this.a.f5074h, this.a.f5072f, this.a.f5071e, this.f5047d, BlockCipherFactory.c(this.a.f5069c.f5079d), BlockCipherFactory.a(this.a.f5069c.f5079d), a, BlockCipherFactory.c(this.a.f5069c.f5080e), BlockCipherFactory.a(this.a.f5069c.f5080e), MACs.a(this.a.f5069c.f5082g));
        } catch (IllegalArgumentException e2) {
            throw new IOException("Could not establish key material: " + e2.getMessage());
        }
    }

    private void a(CryptoWishList cryptoWishList) {
        List<String> a;
        ServerHostKeyVerifier serverHostKeyVerifier = this.f5056m;
        if ((serverHostKeyVerifier instanceof ExtendedServerHostKeyVerifier) && (a = ((ExtendedServerHostKeyVerifier) serverHostKeyVerifier).a(this.f5057n, this.o)) != null && a.size() > 0) {
            ArrayList arrayList = new ArrayList(a.size());
            for (String str : cryptoWishList.b) {
                for (String str2 : a) {
                    if (str.equals(str2)) {
                        arrayList.add(str2);
                    }
                }
            }
            if (arrayList.size() > 0) {
                cryptoWishList.b = (String[]) arrayList.toArray(new String[0]);
            }
        }
    }

    private boolean a(KexParameters kexParameters, KexParameters kexParameters2) {
        if (kexParameters == null || kexParameters2 == null) {
            throw new IllegalArgumentException();
        }
        if (a(kexParameters.b, kexParameters2.b)) {
            return a(kexParameters.f5058c, kexParameters2.f5058c);
        }
        return false;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    private boolean a(byte[] bArr, byte[] bArr2) {
        if (this.a.f5069c.f5078c.equals("ssh-ed25519")) {
            byte[] b = Ed25519Verify.b(bArr);
            d a = Ed25519Verify.a(bArr2);
            q.a(50, "Verifying ed25519 signature");
            return Ed25519Verify.a(this.a.f5072f, b, a);
        }
        if (this.a.f5069c.f5078c.startsWith("ecdsa-sha2-")) {
            byte[] b2 = ECDSASHA2Verify.b(bArr);
            ECPublicKey a2 = ECDSASHA2Verify.a(bArr2);
            q.a(50, "Verifying ecdsa signature");
            return ECDSASHA2Verify.a(this.a.f5072f, b2, a2);
        }
        if (this.a.f5069c.f5078c.equals("ssh-rsa")) {
            byte[] b3 = RSASHA1Verify.b(bArr);
            RSAPublicKey a3 = RSASHA1Verify.a(bArr2);
            q.a(50, "Verifying ssh-rsa signature");
            return RSASHA1Verify.a(this.a.f5072f, b3, a3);
        }
        if (this.a.f5069c.f5078c.equals("rsa-sha2-256")) {
            byte[] a4 = RSASHA256Verify.a(bArr);
            RSAPublicKey a5 = RSASHA1Verify.a(bArr2);
            q.a(50, "Verifying rsa-sha2-256 signature");
            return RSASHA256Verify.a(this.a.f5072f, a4, a5);
        }
        if (this.a.f5069c.f5078c.equals("rsa-sha2-512")) {
            byte[] a6 = RSASHA512Verify.a(bArr);
            RSAPublicKey a7 = RSASHA1Verify.a(bArr2);
            q.a(50, "Verifying rsa-sha2-512 signature");
            return RSASHA512Verify.a(this.a.f5072f, a6, a7);
        }
        if (this.a.f5069c.f5078c.equals("ssh-dss")) {
            byte[] b4 = DSASHA1Verify.b(bArr);
            DSAPublicKey a8 = DSASHA1Verify.a(bArr2);
            q.a(50, "Verifying ssh-dss signature");
            return DSASHA1Verify.a(this.a.f5072f, b4, a8);
        }
        throw new IOException("Unknown server host key algorithm '" + this.a.f5069c.f5078c + "'");
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    private boolean a(String[] strArr, String[] strArr2) {
        if (strArr == null || strArr2 == null) {
            throw new IllegalArgumentException();
        }
        if (strArr.length == 0 && strArr2.length == 0) {
            return true;
        }
        if (strArr.length != 0 && strArr2.length != 0) {
            return strArr[0].equals(strArr2[0]);
        }
        return false;
    }

    private NegotiatedParameters b(KexParameters kexParameters, KexParameters kexParameters2) {
        NegotiatedParameters negotiatedParameters = new NegotiatedParameters();
        try {
            negotiatedParameters.b = b(kexParameters.b, kexParameters2.b);
            q.a(20, "kex_algo=" + negotiatedParameters.b);
            negotiatedParameters.f5078c = b(kexParameters.f5058c, kexParameters2.f5058c);
            q.a(20, "server_host_key_algo=" + negotiatedParameters.f5078c);
            negotiatedParameters.f5079d = b(kexParameters.f5059d, kexParameters2.f5059d);
            negotiatedParameters.f5080e = b(kexParameters.f5060e, kexParameters2.f5060e);
            q.a(20, "enc_algo_client_to_server=" + negotiatedParameters.f5079d);
            q.a(20, "enc_algo_server_to_client=" + negotiatedParameters.f5080e);
            negotiatedParameters.f5081f = b(kexParameters.f5061f, kexParameters2.f5061f);
            negotiatedParameters.f5082g = b(kexParameters.f5062g, kexParameters2.f5062g);
            q.a(20, "mac_algo_client_to_server=" + negotiatedParameters.f5081f);
            q.a(20, "mac_algo_server_to_client=" + negotiatedParameters.f5082g);
            negotiatedParameters.f5083h = b(kexParameters.f5063h, kexParameters2.f5063h);
            negotiatedParameters.f5084i = b(kexParameters.f5064i, kexParameters2.f5064i);
            q.a(20, "comp_algo_client_to_server=" + negotiatedParameters.f5083h);
            q.a(20, "comp_algo_server_to_client=" + negotiatedParameters.f5084i);
            try {
                b(kexParameters.f5065j, kexParameters2.f5065j);
            } catch (NegotiateException unused) {
            }
            try {
                b(kexParameters.f5066k, kexParameters2.f5066k);
            } catch (NegotiateException unused2) {
            }
            if (a(kexParameters, kexParameters2)) {
                negotiatedParameters.a = true;
            }
            return negotiatedParameters;
        } catch (NegotiateException unused3) {
            return null;
        }
    }

    /* JADX WARN: Unreachable blocks removed: 2, instructions: 2 */
    private String b(String[] strArr, String[] strArr2) {
        if (strArr == null || strArr2 == null) {
            throw new IllegalArgumentException();
        }
        if (strArr.length == 0) {
            return null;
        }
        for (String str : strArr) {
            for (String str2 : strArr2) {
                if (str.equals(str2)) {
                    return str;
                }
            }
        }
        throw new NegotiateException();
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    private void b() {
        g.a().a("Finishing KEX");
        if (this.f5047d == null) {
            this.f5047d = this.a.f5072f;
        }
        a();
        this.f5053j.b(new PacketNewKeys().a());
        try {
            g.a().a("Create cbc: " + this.a.f5069c.f5079d + ", " + this.f5046c.f4941c + ", " + this.f5046c.a);
            BlockCipher a = BlockCipherFactory.a(this.a.f5069c.f5079d, true, this.f5046c.f4941c, this.f5046c.a);
            g.a().a("Create mac: " + this.a.f5069c.f5081f + ", " + this.f5046c.f4943e);
            HMAC hmac = new HMAC(this.a.f5069c.f5081f, this.f5046c.f4943e);
            g.a().a("Create comp: " + this.a.f5069c.f5083h);
            ICompressor a2 = CompressionFactory.a(this.a.f5069c.f5083h);
            this.f5053j.b(a, hmac);
            this.f5053j.b(a2);
            this.f5053j.e();
        } catch (IllegalArgumentException e2) {
            g.a().a("Fatal error during MAC startup: " + e2.getMessage() + ", cause: " + e2.getCause());
            throw new IOException("Fatal error during MAC startup!");
        }
    }

    public static String[] c() {
        return (String[]) t.toArray(new String[0]);
    }

    public static String[] d() {
        return (String[]) s.toArray(new String[0]);
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public ConnectionInfo a(int i2) {
        ConnectionInfo connectionInfo;
        synchronized (this.f5049f) {
            while (true) {
                if (this.f5050g != null && this.f5050g.a >= i2) {
                    connectionInfo = this.f5050g;
                } else {
                    if (this.f5051h) {
                        throw new IOException("Key exchange was not finished, connection is closed.", this.f5053j.c());
                    }
                    try {
                        this.f5049f.wait();
                    } catch (InterruptedException unused) {
                    }
                }
            }
        }
        return connectionInfo;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public synchronized void a(CryptoWishList cryptoWishList, DHGexParameters dHGexParameters) {
        this.f5054k = cryptoWishList;
        a(this.f5054k);
        this.f5055l = dHGexParameters;
        if (this.a == null) {
            this.a = new KexState();
            this.a.f5077k = this.f5055l;
            PacketKexInit packetKexInit = new PacketKexInit(this.f5054k);
            this.a.a = packetKexInit;
            this.f5053j.b(packetKexInit.b());
        }
    }

    /* JADX WARN: Finally extract failed */
    /* JADX WARN: Removed duplicated region for block: B:87:0x0288 A[Catch: all -> 0x06c8, TryCatch #6 {, blocks: (B:6:0x0006, B:7:0x0009, B:18:0x0019, B:19:0x001b, B:21:0x0025, B:24:0x004e, B:26:0x0053, B:30:0x0059, B:32:0x005f, B:34:0x0064, B:37:0x0078, B:39:0x007d, B:40:0x00a3, B:42:0x00d5, B:44:0x00e1, B:46:0x00e9, B:47:0x00eb, B:49:0x00fd, B:52:0x0113, B:54:0x0127, B:56:0x0139, B:58:0x014c, B:60:0x015e, B:62:0x016f, B:64:0x017f, B:66:0x0191, B:68:0x01a4, B:70:0x01b6, B:73:0x01ca, B:74:0x01d3, B:75:0x01d4, B:79:0x0228, B:81:0x0236, B:84:0x0248, B:85:0x0276, B:87:0x0288, B:88:0x029b, B:92:0x0291, B:93:0x025f, B:95:0x02a4, B:96:0x02ad, B:97:0x006d, B:98:0x0076, B:100:0x02af, B:102:0x02b6, B:107:0x02bb, B:108:0x02f4, B:109:0x035f, B:114:0x036d, B:120:0x0373, B:104:0x0393, B:105:0x039d, B:123:0x0375, B:124:0x0392, B:125:0x039f, B:127:0x03a4, B:129:0x03ab, B:131:0x03be, B:134:0x03d1, B:136:0x03e2, B:138:0x03f4, B:140:0x0406, B:142:0x0419, B:144:0x042b, B:146:0x043e, B:148:0x0450, B:150:0x0462, B:152:0x0472, B:155:0x0559, B:156:0x0581, B:157:0x0485, B:159:0x048c, B:163:0x04a2, B:166:0x04bf, B:167:0x04c8, B:170:0x04ca, B:171:0x04d4, B:172:0x04d6, B:174:0x04e3, B:175:0x0516, B:177:0x0527, B:182:0x0545, B:183:0x054d, B:186:0x054f, B:187:0x0557, B:188:0x0583, B:190:0x058c, B:195:0x05da, B:197:0x05e1, B:215:0x05f5, B:217:0x0613, B:218:0x061d, B:199:0x0629, B:201:0x0636, B:202:0x0676, B:204:0x0686, B:208:0x069f, B:209:0x06a8, B:212:0x06aa, B:213:0x06b3, B:221:0x061f, B:222:0x0627, B:223:0x06b5, B:224:0x06be, B:225:0x06c0, B:226:0x06c7, B:227:0x002c, B:228:0x004c, B:111:0x0360, B:112:0x036a, B:9:0x000a, B:10:0x0013), top: B:3:0x0003, inners: #0, #1, #2, #3, #4, #5, #7 }] */
    /* JADX WARN: Removed duplicated region for block: B:92:0x0291 A[Catch: all -> 0x06c8, TryCatch #6 {, blocks: (B:6:0x0006, B:7:0x0009, B:18:0x0019, B:19:0x001b, B:21:0x0025, B:24:0x004e, B:26:0x0053, B:30:0x0059, B:32:0x005f, B:34:0x0064, B:37:0x0078, B:39:0x007d, B:40:0x00a3, B:42:0x00d5, B:44:0x00e1, B:46:0x00e9, B:47:0x00eb, B:49:0x00fd, B:52:0x0113, B:54:0x0127, B:56:0x0139, B:58:0x014c, B:60:0x015e, B:62:0x016f, B:64:0x017f, B:66:0x0191, B:68:0x01a4, B:70:0x01b6, B:73:0x01ca, B:74:0x01d3, B:75:0x01d4, B:79:0x0228, B:81:0x0236, B:84:0x0248, B:85:0x0276, B:87:0x0288, B:88:0x029b, B:92:0x0291, B:93:0x025f, B:95:0x02a4, B:96:0x02ad, B:97:0x006d, B:98:0x0076, B:100:0x02af, B:102:0x02b6, B:107:0x02bb, B:108:0x02f4, B:109:0x035f, B:114:0x036d, B:120:0x0373, B:104:0x0393, B:105:0x039d, B:123:0x0375, B:124:0x0392, B:125:0x039f, B:127:0x03a4, B:129:0x03ab, B:131:0x03be, B:134:0x03d1, B:136:0x03e2, B:138:0x03f4, B:140:0x0406, B:142:0x0419, B:144:0x042b, B:146:0x043e, B:148:0x0450, B:150:0x0462, B:152:0x0472, B:155:0x0559, B:156:0x0581, B:157:0x0485, B:159:0x048c, B:163:0x04a2, B:166:0x04bf, B:167:0x04c8, B:170:0x04ca, B:171:0x04d4, B:172:0x04d6, B:174:0x04e3, B:175:0x0516, B:177:0x0527, B:182:0x0545, B:183:0x054d, B:186:0x054f, B:187:0x0557, B:188:0x0583, B:190:0x058c, B:195:0x05da, B:197:0x05e1, B:215:0x05f5, B:217:0x0613, B:218:0x061d, B:199:0x0629, B:201:0x0636, B:202:0x0676, B:204:0x0686, B:208:0x069f, B:209:0x06a8, B:212:0x06aa, B:213:0x06b3, B:221:0x061f, B:222:0x0627, B:223:0x06b5, B:224:0x06be, B:225:0x06c0, B:226:0x06c7, B:227:0x002c, B:228:0x004c, B:111:0x0360, B:112:0x036a, B:9:0x000a, B:10:0x0013), top: B:3:0x0003, inners: #0, #1, #2, #3, #4, #5, #7 }] */
    /* JADX WARN: Unreachable blocks removed: 10, instructions: 10 */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public synchronized void a(byte[] r14, int r15) {
        /*
            Method dump skipped, instructions count: 1740
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.urbanvpn.ssh2.transport.KexManager.a(byte[], int):void");
    }
}
