package net.schmizz.sshj.transport.kex;

import com.hierynomus.sshj.userauth.certificate.Certificate;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import zf.C7803A;
import zf.C7806c;
import zf.C7807d;
import zf.C7816m;
import zf.E;
import zf.EnumC7810g;
import zf.G;
import zf.H;
import zf.J;
import zf.K;

/* loaded from: classes3.dex */
public abstract class b extends a {
    private final Sg.b log;

    public b(g gVar, Gf.b bVar) {
        super(gVar, bVar);
        this.log = Sg.d.b(getClass());
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Override // net.schmizz.sshj.transport.kex.q, net.schmizz.sshj.transport.kex.p
    public void init(Ef.g gVar, String str, String str2, byte[] bArr, byte[] bArr2) throws GeneralSecurityException, Ef.i {
        super.init(gVar, str, str2, bArr, bArr2);
        Gf.a aVar = (Gf.a) this.digest;
        aVar.getClass();
        try {
            aVar.f5768b = K.e(aVar.f5767a);
            initDH(this.dh);
            this.log.w("Sending SSH_MSG_KEXDH_INIT");
            H h7 = new H(E.KEXDH_INIT);
            byte[] bArr3 = this.dh.f58770c;
            h7.h(0, bArr3.length, bArr3);
            ((Ef.l) gVar).i(h7);
        } catch (GeneralSecurityException e10) {
            throw new J(e10.getMessage(), e10);
        }
    }

    public abstract void initDH(g gVar);

    /* JADX WARN: Unreachable blocks removed: 4, instructions: 4 */
    @Override // net.schmizz.sshj.transport.kex.p
    public boolean next(E e10, H h7) throws GeneralSecurityException, Ef.i {
        String str;
        String str2;
        E e11 = E.KEXDH_31;
        EnumC7810g enumC7810g = EnumC7810g.f67561c;
        if (e10 != e11) {
            throw new G(enumC7810g, "Unexpected packet: " + e10, null);
        }
        this.log.w("Received SSH_MSG_KEXDH_REPLY");
        try {
            byte[] u10 = h7.u();
            byte[] u11 = h7.u();
            byte[] u12 = h7.u();
            this.hostKey = new C7807d(u10, true).w();
            this.dh.a(u11);
            C7807d.a initializedBuffer = initializedBuffer();
            initializedBuffer.getClass();
            initializedBuffer.h(0, u10.length, u10);
            byte[] bArr = this.dh.f58770c;
            initializedBuffer.h(0, bArr.length, bArr);
            initializedBuffer.h(0, u11.length, u11);
            initializedBuffer.i(this.dh.f58771d);
            ((Gf.a) this.digest).a(initializedBuffer.f67555a, initializedBuffer.f67556b, initializedBuffer.a());
            this.f58781H = ((Gf.a) this.digest).f5768b.digest();
            net.schmizz.sshj.signature.c newSignature = ((Ef.l) this.trans).f4116i.newSignature();
            PublicKey publicKey = this.hostKey;
            if (publicKey instanceof Certificate) {
                newSignature.initVerify(((Certificate) publicKey).getKey());
            } else {
                newSignature.initVerify(publicKey);
            }
            byte[] bArr2 = this.f58781H;
            newSignature.update(bArr2, 0, bArr2.length);
            if (!newSignature.verify(u12)) {
                throw new G(enumC7810g, "KeyExchange signature verification failed", null);
            }
            PublicKey publicKey2 = this.hostKey;
            if (publicKey2 instanceof Certificate) {
                ((Ef.l) this.trans).f4111d.getClass();
                Certificate certificate = (Certificate) publicKey2;
                try {
                    str = new C7807d(certificate.getSignature(), true).y(C7816m.f67570a);
                } catch (C7806c unused) {
                    str = null;
                }
                try {
                    str2 = new C7807d(certificate.getSignatureKey(), true).y(C7816m.f67570a);
                } catch (C7806c unused2) {
                    str2 = null;
                }
                this.log.k("Verifying signature of the key with type {} (signature type {}, CA key type {})", Long.valueOf(certificate.getType()), str, str2);
                try {
                    String f10 = C7803A.f(u10, certificate, (String) ((Ef.l) this.trans).f4124q.f4105c);
                    if (f10 != null) {
                        throw new G(enumC7810g, "KeyExchange certificate check failed: ".concat(f10), null);
                    }
                } catch (J | C7806c e12) {
                    throw new G(enumC7810g, "KeyExchange certificate check failed", e12);
                }
            }
            return true;
        } catch (C7806c e13) {
            throw new G(e13);
        }
    }
}
