package net.schmizz.sshj.transport.kex;

import com.hierynomus.sshj.userauth.certificate.Certificate;
import dk.tacit.android.providers.client.s3.AwsS3Client;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import javax.crypto.spec.DHParameterSpec;
import od.C6472F;
import od.C6473G;
import od.C6475I;
import od.C6476J;
import od.C6481b;
import od.C6482c;
import od.C6483d;
import od.EnumC6470D;
import od.EnumC6485f;
import org.apache.commons.io.FileUtils;
import vd.AbstractC7247a;

/* loaded from: classes.dex */
public abstract class c extends a {

    /* renamed from: a, reason: collision with root package name */
    public final he.b f57069a;

    public c(AbstractC7247a abstractC7247a) {
        super(new h(), abstractC7247a);
        this.f57069a = he.d.b(getClass());
    }

    public final void a(C6473G c6473g) {
        BigInteger v10 = c6473g.v();
        BigInteger v11 = c6473g.v();
        int bitLength = v10.bitLength();
        if (bitLength < 1024 || bitLength > 8192) {
            throw new GeneralSecurityException(A6.a.m("Server generated gex p is out of range (", bitLength, " bits)"));
        }
        Integer valueOf = Integer.valueOf(bitLength);
        he.b bVar = this.f57069a;
        bVar.v("Received server p bitlength {}", valueOf);
        this.dh.b(new DHParameterSpec(v10, v11), ((td.j) this.trans).f62226d.f57036b);
        EnumC6470D enumC6470D = EnumC6470D.KEX_DH_GEX_INIT;
        bVar.v("Sending {}", enumC6470D);
        td.f fVar = this.trans;
        C6473G c6473g2 = new C6473G(enumC6470D);
        byte[] bArr = this.dh.f57075c;
        c6473g2.h(0, bArr.length, bArr);
        ((td.j) fVar).h(c6473g2);
    }

    public final void b(C6473G c6473g) {
        byte[] u10 = c6473g.u();
        byte[] u11 = c6473g.u();
        byte[] u12 = c6473g.u();
        this.hostKey = new C6483d(u10, true).w();
        this.dh.a(u11);
        BigInteger bigInteger = this.dh.f57076d;
        C6482c initializedBuffer = initializedBuffer();
        initializedBuffer.getClass();
        initializedBuffer.h(0, u10.length, u10);
        initializedBuffer.n(FileUtils.ONE_KB);
        initializedBuffer.n(2048L);
        initializedBuffer.n(AwsS3Client.DEFAULT_BUFFER_SIZE);
        initializedBuffer.i(((h) this.dh).f57071e);
        initializedBuffer.i(((h) this.dh).f57072f);
        byte[] bArr = this.dh.f57075c;
        initializedBuffer.h(0, bArr.length, bArr);
        initializedBuffer.h(0, u11.length, u11);
        initializedBuffer.i(bigInteger);
        ((AbstractC7247a) this.digest).a(initializedBuffer.f57783a, initializedBuffer.f57784b, initializedBuffer.a());
        this.f57086H = ((AbstractC7247a) this.digest).f63331b.digest();
        net.schmizz.sshj.signature.c newSignature = ((td.j) this.trans).f62231i.newSignature();
        PublicKey publicKey = this.hostKey;
        if (publicKey instanceof Certificate) {
            newSignature.initVerify(((Certificate) publicKey).getKey());
        } else {
            newSignature.initVerify(publicKey);
        }
        byte[] bArr2 = this.f57086H;
        newSignature.update(bArr2, 0, bArr2.length);
        if (!newSignature.verify(u12)) {
            throw new C6472F(EnumC6485f.f57789c, "KeyExchange signature verification failed", null);
        }
    }

    @Override // net.schmizz.sshj.transport.kex.u, net.schmizz.sshj.transport.kex.t
    public final void init(td.f fVar, String str, String str2, byte[] bArr, byte[] bArr2) {
        super.init(fVar, str, str2, bArr, bArr2);
        AbstractC7247a abstractC7247a = (AbstractC7247a) this.digest;
        abstractC7247a.getClass();
        try {
            abstractC7247a.f63331b = C6476J.e(abstractC7247a.f63330a);
            EnumC6470D enumC6470D = EnumC6470D.KEX_DH_GEX_REQUEST;
            this.f57069a.v("Sending {}", enumC6470D);
            C6473G c6473g = new C6473G(enumC6470D);
            c6473g.n(FileUtils.ONE_KB);
            c6473g.n(2048L);
            c6473g.n(AwsS3Client.DEFAULT_BUFFER_SIZE);
            ((td.j) fVar).h(c6473g);
        } catch (GeneralSecurityException e10) {
            throw new C6475I(e10.getMessage(), e10);
        }
    }

    @Override // net.schmizz.sshj.transport.kex.t
    public final boolean next(EnumC6470D enumC6470D, C6473G c6473g) {
        this.f57069a.v("Got message {}", enumC6470D);
        try {
            int ordinal = enumC6470D.ordinal();
            if (ordinal == 11) {
                a(c6473g);
                return false;
            }
            if (ordinal == 13) {
                b(c6473g);
                return true;
            }
            throw new C6472F("Unexpected message " + enumC6470D);
        } catch (C6481b e10) {
            throw new C6472F(e10);
        }
    }
}
