package net.schmizz.sshj.transport;

import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Queue;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicBoolean;
import net.schmizz.sshj.common.Buffer;
import net.schmizz.sshj.common.DisconnectReason;
import net.schmizz.sshj.common.KeyType;
import net.schmizz.sshj.common.Message;
import net.schmizz.sshj.common.SSHException;
import net.schmizz.sshj.common.b;
import net.schmizz.sshj.transport.cipher.Cipher;
import net.schmizz.sshj.transport.compression.Compression;
import tt.b33;
import tt.fa4;
import tt.i43;
import tt.jc5;
import tt.m33;
import tt.qp5;
import tt.ue2;
import tt.x19;
import tt.x23;
import tt.xg;
import tt.xs5;
import tt.zb5;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes4.dex */
public final class KeyExchanger implements x19, b33 {
    private final qp5 a;
    private final g b;
    private final Queue c = new LinkedList();
    private final Queue d = new LinkedList();
    private final AtomicBoolean e = new AtomicBoolean();
    private Expected f = Expected.KEXINIT;
    private jc5 g;
    private byte[] h;
    private e i;
    private d j;
    private final m33 k;
    private final m33 l;

    /* loaded from: classes4.dex */
    private enum Expected {
        KEXINIT,
        FOLLOWUP,
        NEWKEYS
    }

    /* loaded from: classes4.dex */
    static /* synthetic */ class a {
        static final /* synthetic */ int[] a;

        static {
            int[] iArr = new int[Expected.values().length];
            a = iArr;
            try {
                iArr[Expected.KEXINIT.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                a[Expected.FOLLOWUP.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                a[Expected.NEWKEYS.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public KeyExchanger(g gVar) {
        this.b = gVar;
        this.a = gVar.g().d().a(KeyExchanger.class);
        i43<TransportException> i43Var = TransportException.chainer;
        this.k = new m33("kexinit sent", i43Var, gVar.g().d());
        this.l = new m33("kex done", i43Var, gVar.C(), gVar.g().d());
    }

    private void A() {
        this.a.debug("Sending SSH_MSG_KEXINIT");
        e eVar = new e(this.b.g(), h(this.b.y(), this.b.A()));
        this.i = eVar;
        this.b.D(eVar.i());
        this.k.h();
    }

    private void B() {
        this.a.debug("Sending SSH_MSG_NEWKEYS");
        this.b.D(new net.schmizz.sshj.common.c(Message.NEWKEYS));
    }

    private void C() {
        this.e.set(false);
        this.k.b();
        this.l.h();
    }

    private synchronized void F(PublicKey publicKey) {
        for (fa4 fa4Var : this.c) {
            this.a.debug("Trying to verify host key with {}", fa4Var);
            if (fa4Var.b(this.b.y(), this.b.A(), publicKey)) {
            }
        }
        this.a.error("Disconnecting because none of the configured Host key verifiers ({}) could verify '{}' host key with fingerprint {} for {}:{}", this.c, KeyType.fromKey(publicKey), net.schmizz.sshj.common.d.b(publicKey), this.b.y(), Integer.valueOf(this.b.A()));
        throw new TransportException(DisconnectReason.HOST_KEY_NOT_VERIFIABLE, "Could not verify `" + KeyType.fromKey(publicKey) + "` host key with fingerprint `" + net.schmizz.sshj.common.d.b(publicKey) + "` for `" + this.b.y() + "` on port " + this.b.A());
    }

    private synchronized void c() {
        if (!x()) {
            throw new TransportException(DisconnectReason.PROTOCOL_ERROR, "Key exchange packet received when key exchange was not ongoing");
        }
    }

    private static void f(Message message, Message message2) {
        if (message == message2) {
            return;
        }
        throw new TransportException(DisconnectReason.PROTOCOL_ERROR, "Was expecting " + message2);
    }

    private List h(String str, int i) {
        Iterator it = this.c.iterator();
        while (it.hasNext()) {
            List a2 = ((fa4) it.next()).a(str, i);
            if (a2 != null && !a2.isEmpty()) {
                return a2;
            }
        }
        return Collections.emptyList();
    }

    private void p(net.schmizz.sshj.common.c cVar) {
        cVar.R(cVar.Q() - 1);
        e eVar = new e(cVar);
        d m = this.i.m(eVar);
        this.j = m;
        this.a.debug("Negotiated algorithms: {}", m);
        for (xg xgVar : this.d) {
            this.a.debug("Trying to verify algorithms with {}", xgVar);
            if (!xgVar.a(this.j)) {
                throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, "Failed to verify negotiated algorithms `" + this.j + "`");
            }
        }
        this.g = (jc5) b.a.C0231a.a(this.b.g().b(), this.j.d());
        g gVar = this.b;
        gVar.P((zb5) b.a.C0231a.a(gVar.g().j(), this.j.h()));
        try {
            jc5 jc5Var = this.g;
            g gVar2 = this.b;
            jc5Var.d(gVar2, gVar2.B(), this.b.r(), eVar.i().f(), this.i.i().f());
        } catch (GeneralSecurityException e) {
            throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, e);
        }
    }

    private void r() {
        xs5 xs5Var;
        ue2 hash = this.g.getHash();
        byte[] e = this.g.e();
        if (this.h == null) {
            this.h = e;
        }
        Buffer.a aVar = (Buffer.a) ((Buffer.a) ((Buffer.a) ((Buffer.a) new Buffer.a().n(this.g.c())).p(e)).k((byte) 0)).p(this.h);
        int b = (aVar.b() - this.h.length) - 1;
        aVar.a()[b] = 65;
        hash.update(aVar.a(), 0, aVar.b());
        byte[] a2 = hash.a();
        aVar.a()[b] = 66;
        hash.update(aVar.a(), 0, aVar.b());
        byte[] a3 = hash.a();
        aVar.a()[b] = 67;
        hash.update(aVar.a(), 0, aVar.b());
        byte[] a4 = hash.a();
        aVar.a()[b] = 68;
        hash.update(aVar.a(), 0, aVar.b());
        byte[] a5 = hash.a();
        aVar.a()[b] = 69;
        hash.update(aVar.a(), 0, aVar.b());
        byte[] a6 = hash.a();
        aVar.a()[b] = 70;
        hash.update(aVar.a(), 0, aVar.b());
        byte[] a7 = hash.a();
        Cipher cipher = (Cipher) b.a.C0231a.a(this.b.g().f(), this.j.a());
        cipher.d(Cipher.Mode.Encrypt, z(a4, cipher.getBlockSize(), hash, this.g.c(), this.g.e()), a2);
        Cipher cipher2 = (Cipher) b.a.C0231a.a(this.b.g().f(), this.j.e());
        cipher2.d(Cipher.Mode.Decrypt, z(a5, cipher2.getBlockSize(), hash, this.g.c(), this.g.e()), a3);
        xs5 xs5Var2 = null;
        if (cipher.b() == 0) {
            xs5Var = (xs5) b.a.C0231a.a(this.b.g().g(), this.j.c());
            xs5Var.init(z(a6, xs5Var.getBlockSize(), hash, this.g.c(), this.g.e()));
        } else {
            xs5Var = null;
        }
        if (cipher2.b() == 0) {
            xs5Var2 = (xs5) b.a.C0231a.a(this.b.g().g(), this.j.g());
            xs5Var2.init(z(a7, xs5Var2.getBlockSize(), hash, this.g.c(), this.g.e()));
        }
        Compression compression = (Compression) b.a.C0231a.a(this.b.g().h(), this.j.f());
        this.b.z().c(cipher, xs5Var, (Compression) b.a.C0231a.a(this.b.g().h(), this.j.b()));
        this.b.x().c(cipher2, xs5Var2, compression);
    }

    private static byte[] z(byte[] bArr, int i, ue2 ue2Var, BigInteger bigInteger, byte[] bArr2) {
        while (i > bArr.length) {
            Buffer.a aVar = (Buffer.a) ((Buffer.a) ((Buffer.a) new Buffer.a().n(bigInteger)).p(bArr2)).p(bArr);
            ue2Var.update(aVar.a(), 0, aVar.b());
            byte[] a2 = ue2Var.a();
            byte[] bArr3 = new byte[bArr.length + a2.length];
            System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
            System.arraycopy(a2, 0, bArr3, bArr.length, a2.length);
            bArr = bArr3;
        }
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void E(boolean z) {
        if (!this.e.getAndSet(true)) {
            this.l.b();
            A();
        }
        if (z) {
            H();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void H() {
        this.l.a(this.b.a(), TimeUnit.MILLISECONDS);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] getSessionID() {
        byte[] bArr = this.h;
        return Arrays.copyOf(bArr, bArr.length);
    }

    @Override // tt.x19
    public void o(Message message, net.schmizz.sshj.common.c cVar) {
        int i = a.a[this.f.ordinal()];
        if (i == 1) {
            f(message, Message.KEXINIT);
            this.a.debug("Received SSH_MSG_KEXINIT");
            E(false);
            this.k.a(this.b.a(), TimeUnit.MILLISECONDS);
            p(cVar);
            this.f = Expected.FOLLOWUP;
            return;
        }
        if (i != 2) {
            if (i != 3) {
                return;
            }
            f(message, Message.NEWKEYS);
            c();
            this.a.debug("Received SSH_MSG_NEWKEYS");
            r();
            C();
            this.f = Expected.KEXINIT;
            return;
        }
        c();
        this.a.debug("Received kex followup data");
        try {
            if (this.g.b(message, cVar)) {
                F(this.g.a());
                B();
                this.f = Expected.NEWKEYS;
            }
        } catch (GeneralSecurityException e) {
            throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, e);
        }
    }

    @Override // tt.b33
    public void q(SSHException sSHException) {
        this.a.debug("Got notified of {}", sSHException.toString());
        x23.b(sSHException, this.k, this.l);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void t(fa4 fa4Var) {
        this.c.add(fa4Var);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean w() {
        return this.l.f();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean x() {
        return this.e.get();
    }
}
