package net.schmizz.sshj.transport;

import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import java.util.Arrays;
import java.util.LinkedList;
import java.util.Queue;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicBoolean;
import net.schmizz.sshj.common.Buffer;
import net.schmizz.sshj.common.DisconnectReason;
import net.schmizz.sshj.common.KeyType;
import net.schmizz.sshj.common.Message;
import net.schmizz.sshj.common.SSHException;
import net.schmizz.sshj.transport.cipher.Cipher;
import net.schmizz.sshj.transport.compression.Compression;
import q.d.c.h.d;
import q.d.c.h.e;
import q.d.c.h.h;
import q.d.c.h.i;
import q.d.c.h.j;
import q.d.c.l.e;
import q.d.c.l.f;
import q.d.c.l.m.m;
import q.d.c.l.p.c;
import t.e.b;

/* loaded from: classes3.dex */
public final class KeyExchanger implements i, d {
    public f A;
    public final b a;
    public final q.d.c.l.i c;
    public e g3;
    public final q.d.a.b<TransportException> h3;
    public final q.d.a.b<TransportException> i3;
    public m x;
    public byte[] y;
    public final Queue<c> d = new LinkedList();

    /* renamed from: h, reason: collision with root package name */
    public final Queue<q.d.c.l.p.a> f5831h = new LinkedList();

    /* renamed from: i, reason: collision with root package name */
    public final AtomicBoolean f5832i = new AtomicBoolean();

    /* renamed from: q, reason: collision with root package name */
    public Expected f5833q = Expected.KEXINIT;

    /* loaded from: classes3.dex */
    public enum Expected {
        KEXINIT,
        FOLLOWUP,
        NEWKEYS
    }

    /* loaded from: classes3.dex */
    public static /* synthetic */ class a {
        public static final /* synthetic */ int[] a;

        static {
            int[] iArr = new int[Expected.values().length];
            a = iArr;
            try {
                iArr[Expected.KEXINIT.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                a[Expected.FOLLOWUP.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                a[Expected.NEWKEYS.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    public KeyExchanger(q.d.c.l.i iVar) {
        this.c = iVar;
        this.a = iVar.l().h().a(KeyExchanger.class);
        q.d.a.c<TransportException> cVar = TransportException.c;
        this.h3 = new q.d.a.b<>("kexinit sent", cVar, iVar.l().h());
        this.i3 = new q.d.a.b<>("kex done", cVar, iVar.x(), iVar.l().h());
    }

    public static void g(Message message, Message message2) throws TransportException {
        if (message == message2) {
            return;
        }
        throw new TransportException(DisconnectReason.PROTOCOL_ERROR, "Was expecting " + message2);
    }

    public static byte[] p(byte[] bArr, int i2, q.d.c.l.l.b bVar, BigInteger bigInteger, byte[] bArr2) {
        while (i2 > bArr.length) {
            Buffer.a aVar = new Buffer.a();
            aVar.n(bigInteger);
            Buffer.a aVar2 = aVar;
            aVar2.p(bArr2);
            Buffer.a aVar3 = aVar2;
            aVar3.p(bArr);
            Buffer.a aVar4 = aVar3;
            bVar.update(aVar4.a(), 0, aVar4.b());
            byte[] b = bVar.b();
            byte[] bArr3 = new byte[bArr.length + b.length];
            System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
            System.arraycopy(b, 0, bArr3, bArr.length, b.length);
            bArr = bArr3;
        }
        return bArr;
    }

    @Override // q.d.c.h.d
    public void B(SSHException sSHException) {
        this.a.p("Got notified of {}", sSHException.toString());
        q.d.a.a.b(sSHException, this.h3, this.i3);
    }

    public final synchronized void a() throws TransportException {
        if (!n()) {
            throw new TransportException(DisconnectReason.PROTOCOL_ERROR, "Key exchange packet received when key exchange was not ongoing");
        }
    }

    public final void i(h hVar) throws TransportException {
        hVar.Q(hVar.P() - 1);
        f fVar = new f(hVar);
        e l2 = this.A.l(fVar);
        this.g3 = l2;
        this.a.p("Negotiated algorithms: {}", l2);
        for (q.d.c.l.p.a aVar : this.f5831h) {
            this.a.p("Trying to verify algorithms with {}", aVar);
            if (!aVar.a(this.g3)) {
                throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, "Failed to verify negotiated algorithms `" + this.g3 + "`");
            }
        }
        this.x = (m) e.a.C0269a.a(this.c.l().i(), this.g3.d());
        q.d.c.l.i iVar = this.c;
        iVar.K((g.f.m.a.b) e.a.C0269a.a(iVar.l().o(), this.g3.i()));
        this.c.L(this.g3.e());
        try {
            m mVar = this.x;
            q.d.c.l.i iVar2 = this.c;
            mVar.a(iVar2, iVar2.w(), this.c.n(), fVar.h().f(), this.A.h().f());
        } catch (GeneralSecurityException e2) {
            throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, e2);
        }
    }

    public final void j() {
        q.d.c.l.l.b f2 = this.x.f();
        byte[] e2 = this.x.e();
        if (this.y == null) {
            this.y = e2;
        }
        Buffer.a aVar = new Buffer.a();
        aVar.n(this.x.d());
        Buffer.a aVar2 = aVar;
        aVar2.p(e2);
        Buffer.a aVar3 = aVar2;
        aVar3.k((byte) 0);
        Buffer.a aVar4 = aVar3;
        aVar4.p(this.y);
        Buffer.a aVar5 = aVar4;
        int b = (aVar5.b() - this.y.length) - 1;
        aVar5.a()[b] = 65;
        f2.update(aVar5.a(), 0, aVar5.b());
        byte[] b2 = f2.b();
        aVar5.a()[b] = 66;
        f2.update(aVar5.a(), 0, aVar5.b());
        byte[] b3 = f2.b();
        aVar5.a()[b] = 67;
        f2.update(aVar5.a(), 0, aVar5.b());
        byte[] b4 = f2.b();
        aVar5.a()[b] = 68;
        f2.update(aVar5.a(), 0, aVar5.b());
        byte[] b5 = f2.b();
        aVar5.a()[b] = 69;
        f2.update(aVar5.a(), 0, aVar5.b());
        byte[] b6 = f2.b();
        aVar5.a()[b] = 70;
        f2.update(aVar5.a(), 0, aVar5.b());
        byte[] b7 = f2.b();
        Cipher cipher = (Cipher) e.a.C0269a.a(this.c.l().k(), this.g3.a());
        cipher.e(Cipher.Mode.Encrypt, p(b4, cipher.d(), f2, this.x.d(), this.x.e()), b2);
        Cipher cipher2 = (Cipher) e.a.C0269a.a(this.c.l().k(), this.g3.f());
        cipher2.e(Cipher.Mode.Decrypt, p(b5, cipher2.d(), f2, this.x.d(), this.x.e()), b3);
        q.d.c.l.n.b bVar = (q.d.c.l.n.b) e.a.C0269a.a(this.c.l().l(), this.g3.c());
        bVar.e(p(b6, bVar.d(), f2, this.x.d(), this.x.e()));
        q.d.c.l.n.b bVar2 = (q.d.c.l.n.b) e.a.C0269a.a(this.c.l().l(), this.g3.h());
        bVar2.e(p(b7, bVar2.d(), f2, this.x.d(), this.x.e()));
        Compression compression = (Compression) e.a.C0269a.a(this.c.l().m(), this.g3.g());
        this.c.s().c(cipher, bVar, (Compression) e.a.C0269a.a(this.c.l().m(), this.g3.b()));
        this.c.r().c(cipher2, bVar2, compression);
    }

    public byte[] k() {
        byte[] bArr = this.y;
        return Arrays.copyOf(bArr, bArr.length);
    }

    public boolean n() {
        return this.f5832i.get();
    }

    public synchronized void q(c cVar) {
        this.d.add(cVar);
    }

    public final void r() throws TransportException {
        this.a.k("Sending SSH_MSG_KEXINIT");
        f fVar = new f(this.c.l());
        this.A = fVar;
        this.c.O(fVar.h());
        this.h3.h();
    }

    public final void s() throws TransportException {
        this.a.k("Sending SSH_MSG_NEWKEYS");
        this.c.O(new h(Message.NEWKEYS));
    }

    public final void t() {
        this.f5832i.set(false);
        this.h3.b();
        this.i3.h();
    }

    @Override // q.d.c.h.i
    public void v(Message message, h hVar) throws TransportException {
        int i2 = a.a[this.f5833q.ordinal()];
        if (i2 == 1) {
            g(message, Message.KEXINIT);
            this.a.k("Received SSH_MSG_KEXINIT");
            w(false);
            this.h3.a(this.c.d(), TimeUnit.MILLISECONDS);
            i(hVar);
            this.f5833q = Expected.FOLLOWUP;
            return;
        }
        if (i2 != 2) {
            if (i2 != 3) {
                return;
            }
            g(message, Message.NEWKEYS);
            a();
            this.a.k("Received SSH_MSG_NEWKEYS");
            j();
            t();
            this.f5833q = Expected.KEXINIT;
            return;
        }
        a();
        this.a.k("Received kex followup data");
        try {
            if (this.x.c(message, hVar)) {
                x(this.x.b());
                s();
                this.f5833q = Expected.NEWKEYS;
            }
        } catch (GeneralSecurityException e2) {
            throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, e2);
        }
    }

    public void w(boolean z) throws TransportException {
        if (!this.f5832i.getAndSet(true)) {
            this.i3.b();
            r();
        }
        if (z) {
            y();
        }
    }

    public final synchronized void x(PublicKey publicKey) throws TransportException {
        for (c cVar : this.d) {
            this.a.p("Trying to verify host key with {}", cVar);
            if (cVar.a(this.c.J(), this.c.t(), publicKey)) {
            }
        }
        this.a.n("Disconnecting because none of the configured Host key verifiers ({}) could verify '{}' host key with fingerprint {} for {}:{}", this.d, KeyType.e(publicKey), j.b(publicKey), this.c.J(), Integer.valueOf(this.c.t()));
        throw new TransportException(DisconnectReason.HOST_KEY_NOT_VERIFIABLE, "Could not verify `" + KeyType.e(publicKey) + "` host key with fingerprint `" + j.b(publicKey) + "` for `" + this.c.J() + "` on port " + this.c.t());
    }

    public void y() throws TransportException {
        this.i3.a(this.c.d(), TimeUnit.MILLISECONDS);
    }
}
