package net.schmizz.sshj.transport;

import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.Queue;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicBoolean;
import net.schmizz.concurrent.ErrorDeliveryUtil;
import net.schmizz.concurrent.Event;
import net.schmizz.sshj.common.Buffer;
import net.schmizz.sshj.common.DisconnectReason;
import net.schmizz.sshj.common.ErrorNotifiable;
import net.schmizz.sshj.common.Factory;
import net.schmizz.sshj.common.KeyType;
import net.schmizz.sshj.common.Message;
import net.schmizz.sshj.common.SSHException;
import net.schmizz.sshj.common.SSHPacket;
import net.schmizz.sshj.common.SSHPacketHandler;
import net.schmizz.sshj.common.SecurityUtils;
import net.schmizz.sshj.transport.cipher.Cipher;
import net.schmizz.sshj.transport.compression.Compression;
import net.schmizz.sshj.transport.digest.Digest;
import net.schmizz.sshj.transport.kex.KeyExchange;
import net.schmizz.sshj.transport.mac.MAC;
import net.schmizz.sshj.transport.verification.AlgorithmsVerifier;
import net.schmizz.sshj.transport.verification.HostKeyVerifier;

/* loaded from: classes.dex */
public final class KeyExchanger implements SSHPacketHandler, ErrorNotifiable {
    public static String H5;
    static final /* synthetic */ boolean I5 = false;
    private KeyExchange B5;
    private byte[] C5;
    private f D5;
    private NegotiatedAlgorithms E5;
    private final Event F5;
    private final Event G5;
    private final d.a.c v5;
    private final TransportImpl w5;
    private final Queue x5 = new LinkedList();
    private final Queue y5 = new LinkedList();
    private final AtomicBoolean z5 = new AtomicBoolean();
    private e A5 = e.KEXINIT;

    /* JADX INFO: Access modifiers changed from: package-private */
    public KeyExchanger(TransportImpl transportImpl) {
        this.w5 = transportImpl;
        this.v5 = transportImpl.M().c().a(KeyExchanger.class);
        this.F5 = new Event("kexinit sent", TransportException.x5, transportImpl.M().c());
        this.G5 = new Event("kex done", TransportException.x5, transportImpl.G(), transportImpl.M().c());
    }

    private void G() {
        this.v5.b("Sending SSH_MSG_KEXINIT");
        f fVar = new f(this.w5.M());
        this.D5 = fVar;
        this.w5.a(fVar.e());
        this.F5.g();
    }

    private void L() {
        this.v5.b("Sending SSH_MSG_NEWKEYS");
        this.w5.a(new SSHPacket(Message.NEWKEYS));
    }

    private void S() {
        this.z5.set(false);
        this.F5.b();
        this.G5.g();
    }

    private synchronized void a(PublicKey publicKey) {
        for (HostKeyVerifier hostKeyVerifier : this.x5) {
            this.v5.e("Trying to verify host key with {}", hostKeyVerifier);
            if (hostKeyVerifier.a(this.w5.s(), this.w5.O(), publicKey)) {
            }
        }
        this.v5.c("Disconnecting because none of the configured Host key verifiers ({}) could verify '{}' host key with fingerprint {} for {}:{}", (Object[]) new String[]{this.x5.toString(), KeyType.b(publicKey).toString(), SecurityUtils.a(publicKey), this.w5.s(), a.b.a.a.a.f3d + this.w5.O()});
        throw new TransportException(DisconnectReason.HOST_KEY_NOT_VERIFIABLE, "Could not verify `" + KeyType.b(publicKey) + "` host key with fingerprint `" + SecurityUtils.a(publicKey) + "` for `" + this.w5.s() + "` on port " + this.w5.O());
    }

    private static void a(Message message, Message message2) {
        if (message == message2) {
            return;
        }
        throw new TransportException(DisconnectReason.PROTOCOL_ERROR, "Was expecting " + message2);
    }

    private static byte[] a(byte[] bArr, int i, Digest digest, BigInteger bigInteger, byte[] bArr2) {
        while (i > bArr.length) {
            Buffer.PlainBuffer plainBuffer = (Buffer.PlainBuffer) ((Buffer.PlainBuffer) ((Buffer.PlainBuffer) new Buffer.PlainBuffer().a(bigInteger)).b(bArr2)).b(bArr);
            digest.update(plainBuffer.a(), 0, plainBuffer.b());
            byte[] a2 = digest.a();
            byte[] bArr3 = new byte[bArr.length + a2.length];
            System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
            System.arraycopy(a2, 0, bArr3, bArr.length, a2.length);
            bArr = bArr3;
        }
        return bArr;
    }

    private void b(SSHPacket sSHPacket) {
        sSHPacket.c(sSHPacket.r() - 1);
        f fVar = new f(sSHPacket);
        NegotiatedAlgorithms a2 = this.D5.a(fVar);
        this.E5 = a2;
        this.v5.e("Negotiated algorithms: {}", a2);
        H5 = "Negotiated algorithms: " + this.E5.toString();
        for (AlgorithmsVerifier algorithmsVerifier : this.y5) {
            this.v5.e("Trying to verify algorithms with {}", algorithmsVerifier);
            if (!algorithmsVerifier.a(this.E5)) {
                DisconnectReason disconnectReason = DisconnectReason.KEY_EXCHANGE_FAILED;
                StringBuilder a3 = a.a.a.a.a.a("Failed to verify negotiated algorithms `");
                a3.append(this.E5);
                a3.append("`");
                throw new TransportException(disconnectReason, a3.toString());
            }
        }
        this.B5 = (KeyExchange) Factory.Named.Util.a(this.w5.M().l(), this.E5.d());
        ArrayList arrayList = new ArrayList();
        Iterator it = this.E5.h().iterator();
        while (it.hasNext()) {
            arrayList.add(Factory.Named.Util.a(this.w5.M().i(), (String) it.next()));
        }
        this.w5.a(arrayList);
        try {
            this.B5.a(this.w5, this.w5.z(), this.w5.e(), fVar.e().e(), this.D5.e().e());
        } catch (GeneralSecurityException e) {
            throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, e);
        }
    }

    private synchronized void w() {
        if (!l()) {
            throw new TransportException(DisconnectReason.PROTOCOL_ERROR, "Key exchange packet received when key exchange was not ongoing");
        }
    }

    private void z() {
        Digest d2 = this.B5.d();
        byte[] c2 = this.B5.c();
        if (this.C5 == null) {
            this.C5 = c2;
        }
        Buffer.PlainBuffer plainBuffer = (Buffer.PlainBuffer) ((Buffer.PlainBuffer) ((Buffer.PlainBuffer) ((Buffer.PlainBuffer) new Buffer.PlainBuffer().a(this.B5.a())).b(c2)).a((byte) 0)).b(this.C5);
        int b2 = (plainBuffer.b() - this.C5.length) - 1;
        plainBuffer.a()[b2] = 65;
        d2.update(plainBuffer.a(), 0, plainBuffer.b());
        byte[] a2 = d2.a();
        plainBuffer.a()[b2] = 66;
        d2.update(plainBuffer.a(), 0, plainBuffer.b());
        byte[] a3 = d2.a();
        plainBuffer.a()[b2] = 67;
        d2.update(plainBuffer.a(), 0, plainBuffer.b());
        byte[] a4 = d2.a();
        plainBuffer.a()[b2] = 68;
        d2.update(plainBuffer.a(), 0, plainBuffer.b());
        byte[] a5 = d2.a();
        plainBuffer.a()[b2] = 69;
        d2.update(plainBuffer.a(), 0, plainBuffer.b());
        byte[] a6 = d2.a();
        plainBuffer.a()[b2] = 70;
        d2.update(plainBuffer.a(), 0, plainBuffer.b());
        byte[] a7 = d2.a();
        Cipher cipher = (Cipher) Factory.Named.Util.a(this.w5.M().d(), this.E5.a());
        cipher.a(Cipher.Mode.Encrypt, a(a4, cipher.c(), d2, this.B5.a(), this.B5.c()), a2);
        Cipher cipher2 = (Cipher) Factory.Named.Util.a(this.w5.M().d(), this.E5.e());
        cipher2.a(Cipher.Mode.Decrypt, a(a5, cipher2.c(), d2, this.B5.a(), this.B5.c()), a3);
        MAC mac = (MAC) Factory.Named.Util.a(this.w5.M().e(), this.E5.c());
        mac.a(a(a6, mac.c(), d2, this.B5.a(), this.B5.c()));
        MAC mac2 = (MAC) Factory.Named.Util.a(this.w5.M().e(), this.E5.g());
        mac2.a(a(a7, mac2.c(), d2, this.B5.a(), this.B5.c()));
        Compression compression = (Compression) Factory.Named.Util.a(this.w5.M().f(), this.E5.f());
        this.w5.w().a(cipher, mac, (Compression) Factory.Named.Util.a(this.w5.M().f(), this.E5.b()));
        this.w5.t().a(cipher2, mac2, compression);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] F() {
        byte[] bArr = this.C5;
        return Arrays.copyOf(bArr, bArr.length);
    }

    @Override // net.schmizz.sshj.common.SSHPacketHandler
    public void a(Message message, SSHPacket sSHPacket) {
        e eVar;
        int ordinal = this.A5.ordinal();
        if (ordinal == 0) {
            a(message, Message.KEXINIT);
            this.v5.b("Received SSH_MSG_KEXINIT");
            b(false);
            this.F5.a(this.w5.a(), TimeUnit.MILLISECONDS);
            b(sSHPacket);
            eVar = e.FOLLOWUP;
        } else {
            if (ordinal == 1) {
                w();
                this.v5.b("Received kex followup data");
                try {
                    if (this.B5.a(message, sSHPacket)) {
                        a(this.B5.b());
                        L();
                        this.A5 = e.NEWKEYS;
                        return;
                    }
                    return;
                } catch (GeneralSecurityException e) {
                    throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, e);
                }
            }
            if (ordinal != 2) {
                return;
            }
            a(message, Message.NEWKEYS);
            w();
            this.v5.b("Received SSH_MSG_NEWKEYS");
            z();
            S();
            eVar = e.KEXINIT;
        }
        this.A5 = eVar;
    }

    @Override // net.schmizz.sshj.common.ErrorNotifiable
    public void a(SSHException sSHException) {
        this.v5.e("Got notified of {}", sSHException.toString());
        ErrorDeliveryUtil.a(sSHException, this.F5, this.G5);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void a(AlgorithmsVerifier algorithmsVerifier) {
        this.y5.add(algorithmsVerifier);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void a(HostKeyVerifier hostKeyVerifier) {
        this.x5.add(hostKeyVerifier);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void b(boolean z) {
        if (!this.z5.getAndSet(true)) {
            this.G5.b();
            G();
        }
        if (z) {
            t();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean e() {
        return this.G5.e();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean l() {
        return this.z5.get();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void t() {
        this.G5.a(this.w5.a(), TimeUnit.MILLISECONDS);
    }
}
