package com.trilead.ssh2.transport;

import com.android.tools.r8.GeneratedOutlineSupport;
import com.trilead.ssh2.ConnectionInfo;
import com.trilead.ssh2.DHGexParameters;
import com.trilead.ssh2.ExtendedServerHostKeyVerifier;
import com.trilead.ssh2.ServerHostKeyVerifier;
import com.trilead.ssh2.compression.CompressionFactory;
import com.trilead.ssh2.compression.ICompressor;
import com.trilead.ssh2.crypto.CryptoWishList;
import com.trilead.ssh2.crypto.KeyMaterial;
import com.trilead.ssh2.crypto.cipher.BlockCipher;
import com.trilead.ssh2.crypto.cipher.BlockCipherFactory;
import com.trilead.ssh2.crypto.cipher.NullCipher;
import com.trilead.ssh2.crypto.digest.HMAC;
import com.trilead.ssh2.crypto.digest.MACs;
import com.trilead.ssh2.log.Logger;
import com.trilead.ssh2.packets.TypesWriter;
import com.trilead.ssh2.signature.DSASHA1Verify;
import com.trilead.ssh2.signature.ECDSASHA2Verify;
import com.trilead.ssh2.signature.Ed25519Verify;
import com.trilead.ssh2.signature.RSASHA1Verify;
import com.trilead.ssh2.signature.RSASHA256Verify;
import com.trilead.ssh2.signature.RSASHA512Verify;
import com.trilead.ssh2.signature.SSHSignature;
import java.io.IOException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Set;

/* loaded from: classes.dex */
public class KexManager {
    public static final Set<String> HOSTKEY_ALGS;
    public static final Set<String> KEX_ALGS;
    public static final Logger log = new Logger(KexManager.class);
    public static final boolean supportsEc;
    public ClientServerHello csh;
    public final String hostname;
    public KeyMaterial km;
    public KexState kxs;
    public CryptoWishList nextKEXcryptoWishList;
    public final int port;
    public final SecureRandom rnd;
    public byte[] sessionId;
    public final TransportManager tm;
    public ServerHostKeyVerifier verifier;
    public int kexCount = 0;
    public final Object accessLock = new Object();
    public ConnectionInfo lastConnInfo = null;
    public boolean connectionClosed = false;
    public boolean ignore_next_kex_packet = false;
    public DHGexParameters nextKEXdhgexParameters = new DHGexParameters();

    static {
        KeyFactory keyFactory = null;
        try {
            keyFactory = KeyFactory.getInstance("EC");
        } catch (NoSuchAlgorithmException unused) {
            if (log == null) {
                throw null;
            }
        }
        supportsEc = keyFactory != null;
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        HOSTKEY_ALGS = linkedHashSet;
        linkedHashSet.add("ssh-ed25519");
        if (supportsEc) {
            HOSTKEY_ALGS.add("ecdsa-sha2-nistp256");
            HOSTKEY_ALGS.add("ecdsa-sha2-nistp384");
            HOSTKEY_ALGS.add("ecdsa-sha2-nistp521");
        }
        HOSTKEY_ALGS.add("rsa-sha2-512");
        HOSTKEY_ALGS.add("rsa-sha2-256");
        HOSTKEY_ALGS.add("ssh-rsa");
        HOSTKEY_ALGS.add("ssh-dss");
        LinkedHashSet linkedHashSet2 = new LinkedHashSet();
        KEX_ALGS = linkedHashSet2;
        linkedHashSet2.add("curve25519-sha256");
        KEX_ALGS.add("curve25519-sha256@libssh.org");
        if (supportsEc) {
            KEX_ALGS.add("ecdh-sha2-nistp256");
            KEX_ALGS.add("ecdh-sha2-nistp384");
            KEX_ALGS.add("ecdh-sha2-nistp521");
        }
        KEX_ALGS.add("diffie-hellman-group18-sha512");
        KEX_ALGS.add("diffie-hellman-group16-sha512");
        KEX_ALGS.add("diffie-hellman-group-exchange-sha256");
        KEX_ALGS.add("diffie-hellman-group14-sha256");
        KEX_ALGS.add("diffie-hellman-group-exchange-sha1");
        KEX_ALGS.add("diffie-hellman-group14-sha1");
        KEX_ALGS.add("diffie-hellman-group1-sha1");
        KEX_ALGS.add("ext-info-c");
    }

    public KexManager(TransportManager transportManager, ClientServerHello clientServerHello, CryptoWishList cryptoWishList, String str, int i, ServerHostKeyVerifier serverHostKeyVerifier, SecureRandom secureRandom) {
        this.tm = transportManager;
        this.csh = clientServerHello;
        this.nextKEXcryptoWishList = cryptoWishList;
        this.hostname = str;
        this.port = i;
        this.verifier = serverHostKeyVerifier;
        this.rnd = secureRandom;
    }

    public final boolean compareFirstOfNameList(String[] strArr, String[] strArr2) {
        if (strArr == null || strArr2 == null) {
            throw new IllegalArgumentException();
        }
        if (strArr.length == 0 && strArr2.length == 0) {
            return true;
        }
        if (strArr.length == 0 || strArr2.length == 0) {
            return false;
        }
        return strArr[0].equals(strArr2[0]);
    }

    public final void filterHostKeyTypes(CryptoWishList cryptoWishList) {
        List<String> knownKeyAlgorithmsForHost;
        ServerHostKeyVerifier serverHostKeyVerifier = this.verifier;
        if (!(serverHostKeyVerifier instanceof ExtendedServerHostKeyVerifier) || (knownKeyAlgorithmsForHost = ((ExtendedServerHostKeyVerifier) serverHostKeyVerifier).getKnownKeyAlgorithmsForHost(this.hostname, this.port)) == null || knownKeyAlgorithmsForHost.size() <= 0) {
            return;
        }
        ArrayList arrayList = new ArrayList(knownKeyAlgorithmsForHost.size());
        for (String str : cryptoWishList.serverHostKeyAlgorithms) {
            for (String str2 : knownKeyAlgorithmsForHost) {
                if (str.equals(str2)) {
                    arrayList.add(str2);
                }
            }
        }
        if (arrayList.size() > 0) {
            cryptoWishList.serverHostKeyAlgorithms = (String[]) arrayList.toArray(new String[0]);
        }
    }

    public final void finishKex() throws IOException {
        if (this.sessionId == null) {
            this.sessionId = this.kxs.H;
        }
        try {
            int keyLen = MACs.getKeyLen(this.kxs.np.mac_algo_client_to_server);
            this.km = KeyMaterial.create(this.kxs.hashAlgo, this.kxs.H, this.kxs.K, this.sessionId, BlockCipherFactory.getEntry(this.kxs.np.enc_algo_client_to_server).keysize, BlockCipherFactory.getEntry(this.kxs.np.enc_algo_client_to_server).blocksize, keyLen, BlockCipherFactory.getEntry(this.kxs.np.enc_algo_server_to_client).keysize, BlockCipherFactory.getEntry(this.kxs.np.enc_algo_server_to_client).blocksize, MACs.getKeyLen(this.kxs.np.mac_algo_server_to_client));
            TransportManager transportManager = this.tm;
            TypesWriter typesWriter = new TypesWriter();
            typesWriter.writeByte(21);
            transportManager.sendKexMessage(typesWriter.getBytes());
            try {
                BlockCipher createCipher = BlockCipherFactory.createCipher(this.kxs.np.enc_algo_client_to_server, true, this.km.enc_key_client_to_server, this.km.initial_iv_client_to_server);
                HMAC hmac = new HMAC(this.kxs.np.mac_algo_client_to_server, this.km.integrity_key_client_to_server);
                ICompressor createCompressor = CompressionFactory.createCompressor(this.kxs.np.comp_algo_client_to_server);
                TransportConnection transportConnection = this.tm.tc;
                if (transportConnection == null) {
                    throw null;
                }
                if (!(createCipher instanceof NullCipher)) {
                    transportConnection.useRandomPadding = true;
                }
                transportConnection.cos.changeCipher(createCipher);
                transportConnection.send_mac = hmac;
                transportConnection.send_mac_buffer = new byte[hmac.outSize];
                int blockSize = createCipher.getBlockSize();
                transportConnection.send_padd_blocksize = blockSize;
                if (blockSize < 8) {
                    transportConnection.send_padd_blocksize = 8;
                }
                TransportConnection transportConnection2 = this.tm.tc;
                transportConnection2.send_comp = createCompressor;
                if (createCompressor != null) {
                    transportConnection2.send_comp_buffer = new byte[createCompressor.getBufferSize()];
                    transportConnection2.can_send_compress |= transportConnection2.send_comp.canCompressPreauth();
                }
                TransportManager transportManager2 = this.tm;
                synchronized (transportManager2.connectionSemaphore) {
                    transportManager2.flagKexOngoing = false;
                    transportManager2.connectionSemaphore.notifyAll();
                }
            } catch (IllegalArgumentException unused) {
                throw new IOException("Fatal error during MAC startup!");
            }
        } catch (IllegalArgumentException e) {
            StringBuilder outline9 = GeneratedOutlineSupport.outline9("Could not establish key material: ");
            outline9.append(e.getMessage());
            throw new IOException(outline9.toString());
        }
    }

    public final String getFirstMatch(String[] strArr, String[] strArr2) throws NegotiateException {
        if (strArr == null || strArr2 == null) {
            throw new IllegalArgumentException();
        }
        if (strArr.length == 0) {
            return null;
        }
        for (String str : strArr) {
            for (String str2 : strArr2) {
                if (str.equals(str2)) {
                    return str;
                }
            }
        }
        throw new NegotiateException();
    }

    /* JADX WARN: Removed duplicated region for block: B:87:0x0223 A[Catch: all -> 0x061c, TryCatch #5 {, blocks: (B:5:0x0004, B:6:0x0006, B:16:0x0013, B:17:0x0014, B:19:0x001b, B:22:0x0020, B:23:0x003d, B:24:0x003e, B:26:0x0042, B:29:0x0046, B:31:0x004a, B:33:0x004e, B:36:0x0055, B:37:0x005c, B:38:0x005d, B:40:0x0061, B:41:0x0080, B:43:0x00a7, B:45:0x00b1, B:47:0x00b9, B:48:0x00bb, B:50:0x00cb, B:53:0x00db, B:55:0x00e9, B:57:0x00f7, B:59:0x0105, B:61:0x0113, B:63:0x0121, B:65:0x012f, B:67:0x013d, B:69:0x014b, B:71:0x0159, B:74:0x0168, B:75:0x016f, B:76:0x0170, B:79:0x01bd, B:81:0x01c7, B:84:0x01d4, B:85:0x0215, B:87:0x0223, B:88:0x0230, B:91:0x022a, B:92:0x01fb, B:93:0x0236, B:94:0x023d, B:95:0x023e, B:97:0x0244, B:102:0x0248, B:103:0x0273, B:104:0x02bf, B:109:0x02c9, B:115:0x02cf, B:99:0x02ec, B:100:0x02f3, B:118:0x02d1, B:119:0x02eb, B:120:0x02f4, B:122:0x02f8, B:124:0x02fe, B:126:0x030f, B:129:0x031f, B:131:0x032d, B:133:0x033b, B:135:0x0349, B:137:0x0357, B:139:0x0365, B:141:0x0373, B:143:0x0381, B:145:0x038f, B:147:0x039d, B:149:0x0486, B:150:0x04a7, B:151:0x03ab, B:153:0x03b1, B:155:0x03c1, B:157:0x03d3, B:174:0x03db, B:176:0x03f2, B:177:0x03f9, B:159:0x0403, B:161:0x040a, B:162:0x0432, B:164:0x043c, B:167:0x0451, B:168:0x0458, B:171:0x045a, B:172:0x0461, B:180:0x03fb, B:181:0x0402, B:182:0x0462, B:183:0x0469, B:184:0x046a, B:185:0x0485, B:186:0x04a8, B:188:0x04af, B:190:0x04bf, B:192:0x04cd, B:195:0x0503, B:196:0x050a, B:197:0x050b, B:198:0x0526, B:199:0x0527, B:201:0x052d, B:203:0x053f, B:205:0x0551, B:222:0x0559, B:224:0x0570, B:225:0x0577, B:207:0x0581, B:209:0x0588, B:210:0x05b8, B:212:0x05c2, B:215:0x05d7, B:216:0x05de, B:219:0x05e0, B:220:0x05e7, B:228:0x0579, B:229:0x0580, B:230:0x05e8, B:231:0x05ef, B:232:0x05f0, B:233:0x060b, B:234:0x060c, B:235:0x0613, B:236:0x0614, B:237:0x061b, B:8:0x0007, B:9:0x000e, B:106:0x02c0, B:107:0x02c7), top: B:3:0x0002, inners: #0, #1, #2, #3, #4, #6, #7 }] */
    /* JADX WARN: Removed duplicated region for block: B:91:0x022a A[Catch: all -> 0x061c, TryCatch #5 {, blocks: (B:5:0x0004, B:6:0x0006, B:16:0x0013, B:17:0x0014, B:19:0x001b, B:22:0x0020, B:23:0x003d, B:24:0x003e, B:26:0x0042, B:29:0x0046, B:31:0x004a, B:33:0x004e, B:36:0x0055, B:37:0x005c, B:38:0x005d, B:40:0x0061, B:41:0x0080, B:43:0x00a7, B:45:0x00b1, B:47:0x00b9, B:48:0x00bb, B:50:0x00cb, B:53:0x00db, B:55:0x00e9, B:57:0x00f7, B:59:0x0105, B:61:0x0113, B:63:0x0121, B:65:0x012f, B:67:0x013d, B:69:0x014b, B:71:0x0159, B:74:0x0168, B:75:0x016f, B:76:0x0170, B:79:0x01bd, B:81:0x01c7, B:84:0x01d4, B:85:0x0215, B:87:0x0223, B:88:0x0230, B:91:0x022a, B:92:0x01fb, B:93:0x0236, B:94:0x023d, B:95:0x023e, B:97:0x0244, B:102:0x0248, B:103:0x0273, B:104:0x02bf, B:109:0x02c9, B:115:0x02cf, B:99:0x02ec, B:100:0x02f3, B:118:0x02d1, B:119:0x02eb, B:120:0x02f4, B:122:0x02f8, B:124:0x02fe, B:126:0x030f, B:129:0x031f, B:131:0x032d, B:133:0x033b, B:135:0x0349, B:137:0x0357, B:139:0x0365, B:141:0x0373, B:143:0x0381, B:145:0x038f, B:147:0x039d, B:149:0x0486, B:150:0x04a7, B:151:0x03ab, B:153:0x03b1, B:155:0x03c1, B:157:0x03d3, B:174:0x03db, B:176:0x03f2, B:177:0x03f9, B:159:0x0403, B:161:0x040a, B:162:0x0432, B:164:0x043c, B:167:0x0451, B:168:0x0458, B:171:0x045a, B:172:0x0461, B:180:0x03fb, B:181:0x0402, B:182:0x0462, B:183:0x0469, B:184:0x046a, B:185:0x0485, B:186:0x04a8, B:188:0x04af, B:190:0x04bf, B:192:0x04cd, B:195:0x0503, B:196:0x050a, B:197:0x050b, B:198:0x0526, B:199:0x0527, B:201:0x052d, B:203:0x053f, B:205:0x0551, B:222:0x0559, B:224:0x0570, B:225:0x0577, B:207:0x0581, B:209:0x0588, B:210:0x05b8, B:212:0x05c2, B:215:0x05d7, B:216:0x05de, B:219:0x05e0, B:220:0x05e7, B:228:0x0579, B:229:0x0580, B:230:0x05e8, B:231:0x05ef, B:232:0x05f0, B:233:0x060b, B:234:0x060c, B:235:0x0613, B:236:0x0614, B:237:0x061b, B:8:0x0007, B:9:0x000e, B:106:0x02c0, B:107:0x02c7), top: B:3:0x0002, inners: #0, #1, #2, #3, #4, #6, #7 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public synchronized void handleMessage(byte[] r12, int r13) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 1567
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.trilead.ssh2.transport.KexManager.handleMessage(byte[], int):void");
    }

    public final NegotiatedParameters mergeKexParameters(KexParameters kexParameters, KexParameters kexParameters2) {
        NegotiatedParameters negotiatedParameters = new NegotiatedParameters();
        try {
            negotiatedParameters.kex_algo = getFirstMatch(kexParameters.kex_algorithms, kexParameters2.kex_algorithms);
            if (log == null) {
                throw null;
            }
            negotiatedParameters.server_host_key_algo = getFirstMatch(kexParameters.server_host_key_algorithms, kexParameters2.server_host_key_algorithms);
            if (log == null) {
                throw null;
            }
            negotiatedParameters.enc_algo_client_to_server = getFirstMatch(kexParameters.encryption_algorithms_client_to_server, kexParameters2.encryption_algorithms_client_to_server);
            negotiatedParameters.enc_algo_server_to_client = getFirstMatch(kexParameters.encryption_algorithms_server_to_client, kexParameters2.encryption_algorithms_server_to_client);
            if (log == null) {
                throw null;
            }
            if (log == null) {
                throw null;
            }
            negotiatedParameters.mac_algo_client_to_server = getFirstMatch(kexParameters.mac_algorithms_client_to_server, kexParameters2.mac_algorithms_client_to_server);
            negotiatedParameters.mac_algo_server_to_client = getFirstMatch(kexParameters.mac_algorithms_server_to_client, kexParameters2.mac_algorithms_server_to_client);
            if (log == null) {
                throw null;
            }
            if (log == null) {
                throw null;
            }
            negotiatedParameters.comp_algo_client_to_server = getFirstMatch(kexParameters.compression_algorithms_client_to_server, kexParameters2.compression_algorithms_client_to_server);
            negotiatedParameters.comp_algo_server_to_client = getFirstMatch(kexParameters.compression_algorithms_server_to_client, kexParameters2.compression_algorithms_server_to_client);
            if (log == null) {
                throw null;
            }
            if (log == null) {
                throw null;
            }
            try {
                getFirstMatch(kexParameters.languages_client_to_server, kexParameters2.languages_client_to_server);
            } catch (NegotiateException unused) {
            }
            try {
                getFirstMatch(kexParameters.languages_server_to_client, kexParameters2.languages_server_to_client);
            } catch (NegotiateException unused2) {
            }
            if (!compareFirstOfNameList(kexParameters.kex_algorithms, kexParameters2.kex_algorithms) ? false : compareFirstOfNameList(kexParameters.server_host_key_algorithms, kexParameters2.server_host_key_algorithms)) {
                negotiatedParameters.guessOK = true;
            }
            return negotiatedParameters;
        } catch (NegotiateException unused3) {
            return null;
        }
    }

    public final boolean verifySignature(byte[] bArr, byte[] bArr2) throws IOException {
        SSHSignature sSHSignature;
        if (this.kxs.np.server_host_key_algo.equals("ssh-ed25519")) {
            sSHSignature = Ed25519Verify.InstanceHolder.sInstance;
        } else {
            String str = this.kxs.np.server_host_key_algo;
            if (ECDSASHA2Verify.ECDSASHA2NISTP256Verify.get() == null) {
                throw null;
            }
            if (str.equals("ecdsa-sha2-nistp256")) {
                sSHSignature = ECDSASHA2Verify.ECDSASHA2NISTP256Verify.InstanceHolder.sInstance;
            } else {
                String str2 = this.kxs.np.server_host_key_algo;
                if (ECDSASHA2Verify.ECDSASHA2NISTP384Verify.get() == null) {
                    throw null;
                }
                if (str2.equals("ecdsa-sha2-nistp384")) {
                    sSHSignature = ECDSASHA2Verify.ECDSASHA2NISTP384Verify.InstanceHolder.sInstance;
                } else {
                    String str3 = this.kxs.np.server_host_key_algo;
                    if (ECDSASHA2Verify.ECDSASHA2NISTP521Verify.get() == null) {
                        throw null;
                    }
                    if (str3.equals("ecdsa-sha2-nistp521")) {
                        sSHSignature = ECDSASHA2Verify.ECDSASHA2NISTP521Verify.InstanceHolder.sInstance;
                    } else {
                        String str4 = this.kxs.np.server_host_key_algo;
                        if (RSASHA512Verify.get() == null) {
                            throw null;
                        }
                        if (str4.equals("rsa-sha2-512")) {
                            sSHSignature = RSASHA512Verify.InstanceHolder.sInstance;
                        } else {
                            String str5 = this.kxs.np.server_host_key_algo;
                            if (RSASHA256Verify.get() == null) {
                                throw null;
                            }
                            if (str5.equals("rsa-sha2-256")) {
                                sSHSignature = RSASHA256Verify.InstanceHolder.sInstance;
                            } else {
                                String str6 = this.kxs.np.server_host_key_algo;
                                if (RSASHA1Verify.get() == null) {
                                    throw null;
                                }
                                if (str6.equals("ssh-rsa")) {
                                    sSHSignature = RSASHA1Verify.InstanceHolder.sInstance;
                                } else {
                                    if (!this.kxs.np.server_host_key_algo.equals("ssh-dss")) {
                                        StringBuilder outline9 = GeneratedOutlineSupport.outline9("Unknown server host key algorithm '");
                                        outline9.append(this.kxs.np.server_host_key_algo);
                                        outline9.append("'");
                                        throw new IOException(outline9.toString());
                                    }
                                    sSHSignature = DSASHA1Verify.InstanceHolder.sInstance;
                                }
                            }
                        }
                    }
                }
            }
        }
        PublicKey decodePublicKey = sSHSignature.decodePublicKey(bArr2);
        Logger logger = log;
        sSHSignature.getKeyFormat();
        if (logger != null) {
            return sSHSignature.verifySignature(this.kxs.H, bArr, decodePublicKey);
        }
        throw null;
    }
}
