package net.schmizz.sshj.transport;

import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Queue;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicBoolean;
import net.schmizz.sshj.common.Buffer;
import net.schmizz.sshj.common.DisconnectReason;
import net.schmizz.sshj.common.KeyType;
import net.schmizz.sshj.common.Message;
import net.schmizz.sshj.common.SSHException;
import net.schmizz.sshj.common.b;
import net.schmizz.sshj.transport.cipher.Cipher;
import net.schmizz.sshj.transport.compression.Compression;
import tt.db0;
import tt.dx0;
import tt.j30;
import tt.jx0;
import tt.m11;
import tt.mn0;
import tt.n6;
import tt.oa0;
import tt.pa0;
import tt.r01;
import tt.ra0;
import tt.s42;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes3.dex */
public final class KeyExchanger implements s42, pa0 {
    private final r01 a;
    private final g b;
    private final Queue<mn0> c = new LinkedList();
    private final Queue<n6> d = new LinkedList();
    private final AtomicBoolean e = new AtomicBoolean();
    private Expected f = Expected.KEXINIT;
    private jx0 g;
    private byte[] h;
    private e i;
    private d j;
    private final ra0<TransportException> k;
    private final ra0<TransportException> l;

    /* loaded from: classes3.dex */
    private enum Expected {
        KEXINIT,
        FOLLOWUP,
        NEWKEYS
    }

    /* loaded from: classes3.dex */
    static /* synthetic */ class a {
        static final /* synthetic */ int[] a;

        static {
            int[] iArr = new int[Expected.values().length];
            a = iArr;
            try {
                iArr[Expected.KEXINIT.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                a[Expected.FOLLOWUP.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                a[Expected.NEWKEYS.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public KeyExchanger(g gVar) {
        this.b = gVar;
        this.a = gVar.k().f().a(KeyExchanger.class);
        db0<TransportException> db0Var = TransportException.b;
        this.k = new ra0<>("kexinit sent", db0Var, gVar.k().f());
        this.l = new ra0<>("kex done", db0Var, gVar.r(), gVar.k().f());
    }

    private synchronized void b() {
        if (!m()) {
            throw new TransportException(DisconnectReason.PROTOCOL_ERROR, "Key exchange packet received when key exchange was not ongoing");
        }
    }

    private static void d(Message message, Message message2) {
        if (message == message2) {
            return;
        }
        throw new TransportException(DisconnectReason.PROTOCOL_ERROR, "Was expecting " + message2);
    }

    private List<String> e(String str, int i) {
        Iterator<mn0> it = this.c.iterator();
        while (it.hasNext()) {
            List<String> a2 = it.next().a(str, i);
            if (a2 != null && !a2.isEmpty()) {
                return a2;
            }
        }
        return Collections.emptyList();
    }

    private void i(net.schmizz.sshj.common.c cVar) {
        cVar.R(cVar.Q() - 1);
        e eVar = new e(cVar);
        d m = this.i.m(eVar);
        this.j = m;
        this.a.q("Negotiated algorithms: {}", m);
        for (n6 n6Var : this.d) {
            this.a.q("Trying to verify algorithms with {}", n6Var);
            if (!n6Var.a(this.j)) {
                throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, "Failed to verify negotiated algorithms `" + this.j + "`");
            }
        }
        this.g = (jx0) b.a.C0171a.a(this.b.k().b(), this.j.d());
        g gVar = this.b;
        gVar.H((dx0) b.a.C0171a.a(gVar.k().j(), this.j.h()));
        try {
            jx0 jx0Var = this.g;
            g gVar2 = this.b;
            jx0Var.d(gVar2, gVar2.p(), this.b.j(), eVar.i().f(), this.i.i().f());
        } catch (GeneralSecurityException e) {
            throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, e);
        }
    }

    private void j() {
        m11 m11Var;
        j30 f = this.g.f();
        byte[] e = this.g.e();
        if (this.h == null) {
            this.h = e;
        }
        Buffer.a p = new Buffer.a().n(this.g.c()).p(e).k((byte) 0).p(this.h);
        int b = (p.b() - this.h.length) - 1;
        p.a()[b] = 65;
        f.update(p.a(), 0, p.b());
        byte[] b2 = f.b();
        p.a()[b] = 66;
        f.update(p.a(), 0, p.b());
        byte[] b3 = f.b();
        p.a()[b] = 67;
        f.update(p.a(), 0, p.b());
        byte[] b4 = f.b();
        p.a()[b] = 68;
        f.update(p.a(), 0, p.b());
        byte[] b5 = f.b();
        p.a()[b] = 69;
        f.update(p.a(), 0, p.b());
        byte[] b6 = f.b();
        p.a()[b] = 70;
        f.update(p.a(), 0, p.b());
        byte[] b7 = f.b();
        Cipher cipher = (Cipher) b.a.C0171a.a(this.b.k().e(), this.j.a());
        cipher.d(Cipher.Mode.Encrypt, n(b4, cipher.getBlockSize(), f, this.g.c(), this.g.e()), b2);
        Cipher cipher2 = (Cipher) b.a.C0171a.a(this.b.k().e(), this.j.e());
        cipher2.d(Cipher.Mode.Decrypt, n(b5, cipher2.getBlockSize(), f, this.g.c(), this.g.e()), b3);
        m11 m11Var2 = null;
        if (cipher.b() == 0) {
            m11Var = (m11) b.a.C0171a.a(this.b.k().g(), this.j.c());
            m11Var.init(n(b6, m11Var.getBlockSize(), f, this.g.c(), this.g.e()));
        } else {
            m11Var = null;
        }
        if (cipher2.b() == 0) {
            m11Var2 = (m11) b.a.C0171a.a(this.b.k().g(), this.j.g());
            m11Var2.init(n(b7, m11Var2.getBlockSize(), f, this.g.c(), this.g.e()));
        }
        Compression compression = (Compression) b.a.C0171a.a(this.b.k().h(), this.j.f());
        this.b.n().c(cipher, m11Var, (Compression) b.a.C0171a.a(this.b.k().h(), this.j.b()));
        this.b.m().c(cipher2, m11Var2, compression);
    }

    private static byte[] n(byte[] bArr, int i, j30 j30Var, BigInteger bigInteger, byte[] bArr2) {
        while (i > bArr.length) {
            Buffer.a p = new Buffer.a().n(bigInteger).p(bArr2).p(bArr);
            j30Var.update(p.a(), 0, p.b());
            byte[] b = j30Var.b();
            byte[] bArr3 = new byte[bArr.length + b.length];
            System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
            System.arraycopy(b, 0, bArr3, bArr.length, b.length);
            bArr = bArr3;
        }
        return bArr;
    }

    private void o() {
        this.a.debug("Sending SSH_MSG_KEXINIT");
        e eVar = new e(this.b.k(), e(this.b.c0(), this.b.o()));
        this.i = eVar;
        this.b.d0(eVar.i());
        this.k.h();
    }

    private void p() {
        this.a.debug("Sending SSH_MSG_NEWKEYS");
        this.b.d0(new net.schmizz.sshj.common.c(Message.NEWKEYS));
    }

    private void r() {
        this.e.set(false);
        this.k.b();
        this.l.h();
    }

    private synchronized void u(PublicKey publicKey) {
        for (mn0 mn0Var : this.c) {
            this.a.q("Trying to verify host key with {}", mn0Var);
            if (mn0Var.b(this.b.c0(), this.b.o(), publicKey)) {
            }
        }
        this.a.o("Disconnecting because none of the configured Host key verifiers ({}) could verify '{}' host key with fingerprint {} for {}:{}", this.c, KeyType.a(publicKey), net.schmizz.sshj.common.d.b(publicKey), this.b.c0(), Integer.valueOf(this.b.o()));
        throw new TransportException(DisconnectReason.HOST_KEY_NOT_VERIFIABLE, "Could not verify `" + KeyType.a(publicKey) + "` host key with fingerprint `" + net.schmizz.sshj.common.d.b(publicKey) + "` for `" + this.b.c0() + "` on port " + this.b.o());
    }

    @Override // tt.s42
    public void E(Message message, net.schmizz.sshj.common.c cVar) {
        int i = a.a[this.f.ordinal()];
        if (i == 1) {
            d(message, Message.KEXINIT);
            this.a.debug("Received SSH_MSG_KEXINIT");
            s(false);
            this.k.a(this.b.g(), TimeUnit.MILLISECONDS);
            i(cVar);
            this.f = Expected.FOLLOWUP;
            return;
        }
        if (i != 2) {
            if (i != 3) {
                return;
            }
            d(message, Message.NEWKEYS);
            b();
            this.a.debug("Received SSH_MSG_NEWKEYS");
            j();
            r();
            this.f = Expected.KEXINIT;
            return;
        }
        b();
        this.a.debug("Received kex followup data");
        try {
            if (this.g.b(message, cVar)) {
                u(this.g.a());
                p();
                this.f = Expected.NEWKEYS;
            }
        } catch (GeneralSecurityException e) {
            throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, e);
        }
    }

    @Override // tt.pa0
    public void F(SSHException sSHException) {
        this.a.q("Got notified of {}", sSHException.toString());
        oa0.b(sSHException, this.k, this.l);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void N(mn0 mn0Var) {
        this.c.add(mn0Var);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] getSessionID() {
        byte[] bArr = this.h;
        return Arrays.copyOf(bArr, bArr.length);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean l() {
        return this.l.f();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean m() {
        return this.e.get();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void s(boolean z) {
        if (!this.e.getAndSet(true)) {
            this.l.b();
            o();
        }
        if (z) {
            v();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void v() {
        this.l.a(this.b.g(), TimeUnit.MILLISECONDS);
    }
}
