package ch.ethz.ssh2.transport;

import ch.ethz.ssh2.ConnectionInfo;
import ch.ethz.ssh2.DHGexParameters;
import ch.ethz.ssh2.ServerHostKeyVerifier;
import ch.ethz.ssh2.crypto.CryptoWishList;
import ch.ethz.ssh2.crypto.KeyMaterial;
import ch.ethz.ssh2.crypto.cipher.BlockCipherFactory;
import ch.ethz.ssh2.crypto.digest.MAC;
import ch.ethz.ssh2.log.Logger;
import ch.ethz.ssh2.packets.PacketKexInit;
import ch.ethz.ssh2.packets.PacketNewKeys;
import ch.ethz.ssh2.signature.DSAPublicKey;
import ch.ethz.ssh2.signature.DSASHA1Verify;
import ch.ethz.ssh2.signature.DSASignature;
import ch.ethz.ssh2.signature.RSAPublicKey;
import ch.ethz.ssh2.signature.RSASHA1Verify;
import ch.ethz.ssh2.signature.RSASignature;
import java.io.IOException;
import java.security.SecureRandom;

/* loaded from: classes.dex */
public class KexManager {
    static /* synthetic */ Class class$0;
    private static final Logger log;
    ClientServerHello csh;
    final String hostname;
    KeyMaterial km;
    KexState kxs;
    CryptoWishList nextKEXcryptoWishList;
    final int port;
    final SecureRandom rnd;
    byte[] sessionId;
    final TransportManager tm;
    ServerHostKeyVerifier verifier;
    int kexCount = 0;
    final Object accessLock = new Object();
    ConnectionInfo lastConnInfo = null;
    boolean connectionClosed = false;
    boolean ignore_next_kex_packet = false;
    DHGexParameters nextKEXdhgexParameters = new DHGexParameters();

    static {
        Class<KexManager> cls = class$0;
        if (cls == null) {
            cls = KexManager.class;
            class$0 = cls;
        }
        log = Logger.getLogger(cls);
    }

    public KexManager(TransportManager transportManager, ClientServerHello clientServerHello, CryptoWishList cryptoWishList, String str, int i2, ServerHostKeyVerifier serverHostKeyVerifier, SecureRandom secureRandom) {
        this.tm = transportManager;
        this.csh = clientServerHello;
        this.nextKEXcryptoWishList = cryptoWishList;
        this.hostname = str;
        this.port = i2;
        this.verifier = serverHostKeyVerifier;
        this.rnd = secureRandom;
    }

    public static final void checkKexAlgorithmList(String[] strArr) {
        for (int i2 = 0; i2 < strArr.length; i2++) {
            if (!"diffie-hellman-group-exchange-sha1".equals(strArr[i2]) && !"diffie-hellman-group14-sha1".equals(strArr[i2]) && !"diffie-hellman-group1-sha1".equals(strArr[i2])) {
                StringBuffer stringBuffer = new StringBuffer("Unknown kex algorithm '");
                stringBuffer.append(strArr[i2]);
                stringBuffer.append("'");
                throw new IllegalArgumentException(stringBuffer.toString());
            }
        }
    }

    public static final void checkServerHostkeyAlgorithmsList(String[] strArr) {
        for (int i2 = 0; i2 < strArr.length; i2++) {
            if (!"ssh-rsa".equals(strArr[i2]) && !"ssh-dss".equals(strArr[i2])) {
                StringBuffer stringBuffer = new StringBuffer("Unknown server host key algorithm '");
                stringBuffer.append(strArr[i2]);
                stringBuffer.append("'");
                throw new IllegalArgumentException(stringBuffer.toString());
            }
        }
    }

    private boolean compareFirstOfNameList(String[] strArr, String[] strArr2) {
        if (strArr == null || strArr2 == null) {
            throw new IllegalArgumentException();
        }
        if (strArr.length == 0 && strArr2.length == 0) {
            return true;
        }
        if (strArr.length == 0 || strArr2.length == 0) {
            return false;
        }
        return strArr[0].equals(strArr2[0]);
    }

    private boolean establishKeyMaterial() {
        try {
            int keyLen = MAC.getKeyLen(this.kxs.np.mac_algo_client_to_server);
            int keySize = BlockCipherFactory.getKeySize(this.kxs.np.enc_algo_client_to_server);
            int blockSize = BlockCipherFactory.getBlockSize(this.kxs.np.enc_algo_client_to_server);
            int keyLen2 = MAC.getKeyLen(this.kxs.np.mac_algo_server_to_client);
            int keySize2 = BlockCipherFactory.getKeySize(this.kxs.np.enc_algo_server_to_client);
            int blockSize2 = BlockCipherFactory.getBlockSize(this.kxs.np.enc_algo_server_to_client);
            KexState kexState = this.kxs;
            this.km = KeyMaterial.create("SHA1", kexState.f1188H, kexState.K, this.sessionId, keySize, blockSize, keyLen, keySize2, blockSize2, keyLen2);
            return true;
        } catch (IllegalArgumentException unused) {
            return false;
        }
    }

    private void finishKex() throws IOException {
        if (this.sessionId == null) {
            this.sessionId = this.kxs.f1188H;
        }
        establishKeyMaterial();
        this.tm.sendKexMessage(new PacketNewKeys().getPayload());
        try {
            String str = this.kxs.np.enc_algo_client_to_server;
            KeyMaterial keyMaterial = this.km;
            this.tm.changeSendCipher(BlockCipherFactory.createCipher(str, true, keyMaterial.enc_key_client_to_server, keyMaterial.initial_iv_client_to_server), new MAC(this.kxs.np.mac_algo_client_to_server, this.km.integrity_key_client_to_server));
            this.tm.kexFinished();
        } catch (IllegalArgumentException unused) {
            throw new IOException("Fatal error during MAC startup!");
        }
    }

    public static final String[] getDefaultKexAlgorithmList() {
        return new String[]{"diffie-hellman-group-exchange-sha1", "diffie-hellman-group14-sha1", "diffie-hellman-group1-sha1"};
    }

    public static final String[] getDefaultServerHostkeyAlgorithmList() {
        return new String[]{"ssh-rsa", "ssh-dss"};
    }

    private String getFirstMatch(String[] strArr, String[] strArr2) throws NegotiateException {
        if (strArr == null || strArr2 == null) {
            throw new IllegalArgumentException();
        }
        if (strArr.length == 0) {
            return null;
        }
        for (int i2 = 0; i2 < strArr.length; i2++) {
            for (String str : strArr2) {
                if (strArr[i2].equals(str)) {
                    return strArr[i2];
                }
            }
        }
        throw new NegotiateException();
    }

    private boolean isGuessOK(KexParameters kexParameters, KexParameters kexParameters2) {
        if (kexParameters == null || kexParameters2 == null) {
            throw new IllegalArgumentException();
        }
        return compareFirstOfNameList(kexParameters.kex_algorithms, kexParameters2.kex_algorithms) && compareFirstOfNameList(kexParameters.server_host_key_algorithms, kexParameters2.server_host_key_algorithms);
    }

    private NegotiatedParameters mergeKexParameters(KexParameters kexParameters, KexParameters kexParameters2) {
        NegotiatedParameters negotiatedParameters = new NegotiatedParameters();
        try {
            negotiatedParameters.kex_algo = getFirstMatch(kexParameters.kex_algorithms, kexParameters2.kex_algorithms);
            Logger logger = log;
            StringBuffer stringBuffer = new StringBuffer("kex_algo=");
            stringBuffer.append(negotiatedParameters.kex_algo);
            logger.log(20, stringBuffer.toString());
            negotiatedParameters.server_host_key_algo = getFirstMatch(kexParameters.server_host_key_algorithms, kexParameters2.server_host_key_algorithms);
            StringBuffer stringBuffer2 = new StringBuffer("server_host_key_algo=");
            stringBuffer2.append(negotiatedParameters.server_host_key_algo);
            logger.log(20, stringBuffer2.toString());
            negotiatedParameters.enc_algo_client_to_server = getFirstMatch(kexParameters.encryption_algorithms_client_to_server, kexParameters2.encryption_algorithms_client_to_server);
            negotiatedParameters.enc_algo_server_to_client = getFirstMatch(kexParameters.encryption_algorithms_server_to_client, kexParameters2.encryption_algorithms_server_to_client);
            StringBuffer stringBuffer3 = new StringBuffer("enc_algo_client_to_server=");
            stringBuffer3.append(negotiatedParameters.enc_algo_client_to_server);
            logger.log(20, stringBuffer3.toString());
            StringBuffer stringBuffer4 = new StringBuffer("enc_algo_server_to_client=");
            stringBuffer4.append(negotiatedParameters.enc_algo_server_to_client);
            logger.log(20, stringBuffer4.toString());
            negotiatedParameters.mac_algo_client_to_server = getFirstMatch(kexParameters.mac_algorithms_client_to_server, kexParameters2.mac_algorithms_client_to_server);
            negotiatedParameters.mac_algo_server_to_client = getFirstMatch(kexParameters.mac_algorithms_server_to_client, kexParameters2.mac_algorithms_server_to_client);
            StringBuffer stringBuffer5 = new StringBuffer("mac_algo_client_to_server=");
            stringBuffer5.append(negotiatedParameters.mac_algo_client_to_server);
            logger.log(20, stringBuffer5.toString());
            StringBuffer stringBuffer6 = new StringBuffer("mac_algo_server_to_client=");
            stringBuffer6.append(negotiatedParameters.mac_algo_server_to_client);
            logger.log(20, stringBuffer6.toString());
            negotiatedParameters.comp_algo_client_to_server = getFirstMatch(kexParameters.compression_algorithms_client_to_server, kexParameters2.compression_algorithms_client_to_server);
            negotiatedParameters.comp_algo_server_to_client = getFirstMatch(kexParameters.compression_algorithms_server_to_client, kexParameters2.compression_algorithms_server_to_client);
            StringBuffer stringBuffer7 = new StringBuffer("comp_algo_client_to_server=");
            stringBuffer7.append(negotiatedParameters.comp_algo_client_to_server);
            logger.log(20, stringBuffer7.toString());
            StringBuffer stringBuffer8 = new StringBuffer("comp_algo_server_to_client=");
            stringBuffer8.append(negotiatedParameters.comp_algo_server_to_client);
            logger.log(20, stringBuffer8.toString());
            try {
                negotiatedParameters.lang_client_to_server = getFirstMatch(kexParameters.languages_client_to_server, kexParameters2.languages_client_to_server);
            } catch (NegotiateException unused) {
                negotiatedParameters.lang_client_to_server = null;
            }
            try {
                negotiatedParameters.lang_server_to_client = getFirstMatch(kexParameters.languages_server_to_client, kexParameters2.languages_server_to_client);
            } catch (NegotiateException unused2) {
                negotiatedParameters.lang_server_to_client = null;
            }
            if (isGuessOK(kexParameters, kexParameters2)) {
                negotiatedParameters.guessOK = true;
            }
            return negotiatedParameters;
        } catch (NegotiateException unused3) {
            return null;
        }
    }

    private boolean verifySignature(byte[] bArr, byte[] bArr2) throws IOException {
        if (this.kxs.np.server_host_key_algo.equals("ssh-rsa")) {
            RSASignature decodeSSHRSASignature = RSASHA1Verify.decodeSSHRSASignature(bArr);
            RSAPublicKey decodeSSHRSAPublicKey = RSASHA1Verify.decodeSSHRSAPublicKey(bArr2);
            log.log(50, "Verifying ssh-rsa signature");
            return RSASHA1Verify.verifySignature(this.kxs.f1188H, decodeSSHRSASignature, decodeSSHRSAPublicKey);
        }
        if (this.kxs.np.server_host_key_algo.equals("ssh-dss")) {
            DSASignature decodeSSHDSASignature = DSASHA1Verify.decodeSSHDSASignature(bArr);
            DSAPublicKey decodeSSHDSAPublicKey = DSASHA1Verify.decodeSSHDSAPublicKey(bArr2);
            log.log(50, "Verifying ssh-dss signature");
            return DSASHA1Verify.verifySignature(this.kxs.f1188H, decodeSSHDSASignature, decodeSSHDSAPublicKey);
        }
        StringBuffer stringBuffer = new StringBuffer("Unknown server host key algorithm '");
        stringBuffer.append(this.kxs.np.server_host_key_algo);
        stringBuffer.append("'");
        throw new IOException(stringBuffer.toString());
    }

    public ConnectionInfo getOrWaitForConnectionInfo(int i2) throws IOException {
        ConnectionInfo connectionInfo;
        synchronized (this.accessLock) {
            while (true) {
                connectionInfo = this.lastConnInfo;
                if (connectionInfo == null || connectionInfo.keyExchangeCounter < i2) {
                    if (this.connectionClosed) {
                        throw ((IOException) new IOException("Key exchange was not finished, connection is closed.").initCause(this.tm.getReasonClosedCause()));
                    }
                    try {
                        this.accessLock.wait();
                    } catch (InterruptedException unused) {
                    }
                }
            }
        }
        return connectionInfo;
    }

    /* JADX WARN: Code restructure failed: missing block: B:38:0x0058, code lost:
    
        r1 = new ch.ethz.ssh2.transport.KexState();
        r10.kxs = r1;
        r1.dhgexParameters = r10.nextKEXdhgexParameters;
        r1 = new ch.ethz.ssh2.packets.PacketKexInit(r10.nextKEXcryptoWishList, r10.rnd);
        r10.kxs.localKEX = r1;
        r10.tm.sendKexMessage(r1.getPayload());
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public synchronized void handleMessage(byte[] r11, int r12) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 988
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: ch.ethz.ssh2.transport.KexManager.handleMessage(byte[], int):void");
    }

    public synchronized void initiateKEX(CryptoWishList cryptoWishList, DHGexParameters dHGexParameters) throws IOException {
        this.nextKEXcryptoWishList = cryptoWishList;
        this.nextKEXdhgexParameters = dHGexParameters;
        if (this.kxs == null) {
            KexState kexState = new KexState();
            this.kxs = kexState;
            kexState.dhgexParameters = this.nextKEXdhgexParameters;
            PacketKexInit packetKexInit = new PacketKexInit(this.nextKEXcryptoWishList, this.rnd);
            this.kxs.localKEX = packetKexInit;
            this.tm.sendKexMessage(packetKexInit.getPayload());
        }
    }
}
