package com.urbanvpn.ssh2.transport;

import ae.d;
import com.urbanvpn.ssh2.ConnectionInfo;
import com.urbanvpn.ssh2.DHGexParameters;
import com.urbanvpn.ssh2.ExtendedServerHostKeyVerifier;
import com.urbanvpn.ssh2.ServerHostKeyVerifier;
import com.urbanvpn.ssh2.compression.CompressionFactory;
import com.urbanvpn.ssh2.compression.ICompressor;
import com.urbanvpn.ssh2.crypto.CryptoWishList;
import com.urbanvpn.ssh2.crypto.KeyMaterial;
import com.urbanvpn.ssh2.crypto.cipher.BlockCipher;
import com.urbanvpn.ssh2.crypto.cipher.BlockCipherFactory;
import com.urbanvpn.ssh2.crypto.digest.HMAC;
import com.urbanvpn.ssh2.crypto.digest.MACs;
import com.urbanvpn.ssh2.log.Logger;
import com.urbanvpn.ssh2.packets.PacketKexInit;
import com.urbanvpn.ssh2.packets.PacketNewKeys;
import com.urbanvpn.ssh2.signature.DSASHA1Verify;
import com.urbanvpn.ssh2.signature.ECDSASHA2Verify;
import com.urbanvpn.ssh2.signature.Ed25519Verify;
import com.urbanvpn.ssh2.signature.RSASHA1Verify;
import com.urbanvpn.ssh2.signature.RSASHA256Verify;
import com.urbanvpn.ssh2.signature.RSASHA512Verify;
import java.io.IOException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Set;

/* loaded from: classes.dex */
public class KexManager {

    /* renamed from: q, reason: collision with root package name */
    private static final Logger f9506q = Logger.a(KexManager.class);

    /* renamed from: r, reason: collision with root package name */
    private static final boolean f9507r;

    /* renamed from: s, reason: collision with root package name */
    private static final Set<String> f9508s;

    /* renamed from: t, reason: collision with root package name */
    private static final Set<String> f9509t;

    /* renamed from: a, reason: collision with root package name */
    private KexState f9510a;

    /* renamed from: c, reason: collision with root package name */
    private KeyMaterial f9512c;

    /* renamed from: d, reason: collision with root package name */
    byte[] f9513d;

    /* renamed from: e, reason: collision with root package name */
    private ClientServerHello f9514e;

    /* renamed from: j, reason: collision with root package name */
    private final TransportManager f9519j;

    /* renamed from: k, reason: collision with root package name */
    private CryptoWishList f9520k;

    /* renamed from: m, reason: collision with root package name */
    private ServerHostKeyVerifier f9522m;

    /* renamed from: n, reason: collision with root package name */
    private final String f9523n;

    /* renamed from: o, reason: collision with root package name */
    private final int f9524o;

    /* renamed from: p, reason: collision with root package name */
    private final SecureRandom f9525p;

    /* renamed from: b, reason: collision with root package name */
    private int f9511b = 0;

    /* renamed from: f, reason: collision with root package name */
    private final Object f9515f = new Object();

    /* renamed from: g, reason: collision with root package name */
    private ConnectionInfo f9516g = null;

    /* renamed from: h, reason: collision with root package name */
    private boolean f9517h = false;

    /* renamed from: i, reason: collision with root package name */
    private boolean f9518i = false;

    /* renamed from: l, reason: collision with root package name */
    private DHGexParameters f9521l = new DHGexParameters();

    static {
        KeyFactory keyFactory;
        try {
            keyFactory = KeyFactory.getInstance("EC");
        } catch (NoSuchAlgorithmException unused) {
            f9506q.c(10, "Disabling EC support due to lack of KeyFactory");
            keyFactory = null;
            int i10 = 4 >> 0;
        }
        boolean z10 = keyFactory != null;
        f9507r = z10;
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        f9508s = linkedHashSet;
        linkedHashSet.add("ssh-ed25519");
        if (z10) {
            linkedHashSet.add("ecdsa-sha2-nistp256");
            linkedHashSet.add("ecdsa-sha2-nistp384");
            linkedHashSet.add("ecdsa-sha2-nistp521");
        }
        linkedHashSet.add("ssh-rsa");
        linkedHashSet.add("ssh-dss");
        linkedHashSet.add("rsa-sha2-256");
        linkedHashSet.add("rsa-sha2-512");
        LinkedHashSet linkedHashSet2 = new LinkedHashSet();
        f9509t = linkedHashSet2;
        linkedHashSet2.add("curve25519-sha256");
        linkedHashSet2.add("curve25519-sha256@libssh.org");
        if (z10) {
            linkedHashSet2.add("ecdh-sha2-nistp256");
            linkedHashSet2.add("ecdh-sha2-nistp384");
            linkedHashSet2.add("ecdh-sha2-nistp521");
        }
        linkedHashSet2.add("diffie-hellman-group18-sha512");
        linkedHashSet2.add("diffie-hellman-group16-sha512");
        linkedHashSet2.add("diffie-hellman-group-exchange-sha256");
        linkedHashSet2.add("diffie-hellman-group14-sha256");
        linkedHashSet2.add("diffie-hellman-group-exchange-sha1");
        linkedHashSet2.add("diffie-hellman-group14-sha1");
        linkedHashSet2.add("diffie-hellman-group1-sha1");
        linkedHashSet2.add("ext-info-c");
    }

    public KexManager(TransportManager transportManager, ClientServerHello clientServerHello, CryptoWishList cryptoWishList, String str, int i10, ServerHostKeyVerifier serverHostKeyVerifier, SecureRandom secureRandom) {
        this.f9519j = transportManager;
        this.f9514e = clientServerHello;
        this.f9520k = cryptoWishList;
        this.f9523n = str;
        this.f9524o = i10;
        this.f9522m = serverHostKeyVerifier;
        this.f9525p = secureRandom;
    }

    private boolean a(String[] strArr, String[] strArr2) {
        if (strArr == null || strArr2 == null) {
            throw new IllegalArgumentException();
        }
        if (strArr.length == 0 && strArr2.length == 0) {
            return true;
        }
        if (strArr.length == 0 || strArr2.length == 0) {
            return false;
        }
        return strArr[0].equals(strArr2[0]);
    }

    private void b() {
        try {
            int a10 = MACs.a(this.f9510a.f9541c.f9555f);
            int e10 = BlockCipherFactory.e(this.f9510a.f9541c.f9553d);
            int b10 = BlockCipherFactory.b(this.f9510a.f9541c.f9553d);
            int a11 = MACs.a(this.f9510a.f9541c.f9556g);
            int e11 = BlockCipherFactory.e(this.f9510a.f9541c.f9554e);
            int b11 = BlockCipherFactory.b(this.f9510a.f9541c.f9554e);
            KexState kexState = this.f9510a;
            this.f9512c = KeyMaterial.b(kexState.f9546h, kexState.f9544f, kexState.f9543e, this.f9513d, e10, b10, a10, e11, b11, a11);
        } catch (IllegalArgumentException e12) {
            throw new IOException("Could not establish key material: " + e12.getMessage());
        }
    }

    private void c(CryptoWishList cryptoWishList) {
        List<String> b10;
        ServerHostKeyVerifier serverHostKeyVerifier = this.f9522m;
        if (!(serverHostKeyVerifier instanceof ExtendedServerHostKeyVerifier) || (b10 = ((ExtendedServerHostKeyVerifier) serverHostKeyVerifier).b(this.f9523n, this.f9524o)) == null || b10.size() <= 0) {
            return;
        }
        ArrayList arrayList = new ArrayList(b10.size());
        for (String str : cryptoWishList.f9285b) {
            for (String str2 : b10) {
                if (str.equals(str2)) {
                    arrayList.add(str2);
                }
            }
        }
        if (arrayList.size() > 0) {
            cryptoWishList.f9285b = (String[]) arrayList.toArray(new String[0]);
        }
    }

    private void d() {
        if (this.f9513d == null) {
            this.f9513d = this.f9510a.f9544f;
        }
        b();
        this.f9519j.v(new PacketNewKeys().a());
        try {
            String str = this.f9510a.f9541c.f9553d;
            KeyMaterial keyMaterial = this.f9512c;
            BlockCipher a10 = BlockCipherFactory.a(str, true, keyMaterial.f9294c, keyMaterial.f9292a);
            HMAC hmac = new HMAC(this.f9510a.f9541c.f9555f, this.f9512c.f9296e);
            ICompressor a11 = CompressionFactory.a(this.f9510a.f9541c.f9557h);
            this.f9519j.f(a10, hmac);
            this.f9519j.g(a11);
            this.f9519j.q();
        } catch (IllegalArgumentException unused) {
            throw new IOException("Fatal error during MAC startup!");
        }
    }

    public static String[] e() {
        return (String[]) f9509t.toArray(new String[0]);
    }

    public static String[] f() {
        return (String[]) f9508s.toArray(new String[0]);
    }

    private String g(String[] strArr, String[] strArr2) {
        if (strArr == null || strArr2 == null) {
            throw new IllegalArgumentException();
        }
        if (strArr.length == 0) {
            return null;
        }
        for (String str : strArr) {
            for (String str2 : strArr2) {
                if (str.equals(str2)) {
                    return str;
                }
            }
        }
        throw new NegotiateException();
    }

    private boolean k(KexParameters kexParameters, KexParameters kexParameters2) {
        if (kexParameters == null || kexParameters2 == null) {
            throw new IllegalArgumentException();
        }
        if (a(kexParameters.f9527b, kexParameters2.f9527b)) {
            return a(kexParameters.f9528c, kexParameters2.f9528c);
        }
        return false;
    }

    private NegotiatedParameters l(KexParameters kexParameters, KexParameters kexParameters2) {
        NegotiatedParameters negotiatedParameters = new NegotiatedParameters();
        try {
            negotiatedParameters.f9551b = g(kexParameters.f9527b, kexParameters2.f9527b);
            Logger logger = f9506q;
            logger.c(20, "kex_algo=" + negotiatedParameters.f9551b);
            negotiatedParameters.f9552c = g(kexParameters.f9528c, kexParameters2.f9528c);
            logger.c(20, "server_host_key_algo=" + negotiatedParameters.f9552c);
            negotiatedParameters.f9553d = g(kexParameters.f9529d, kexParameters2.f9529d);
            negotiatedParameters.f9554e = g(kexParameters.f9530e, kexParameters2.f9530e);
            logger.c(20, "enc_algo_client_to_server=" + negotiatedParameters.f9553d);
            logger.c(20, "enc_algo_server_to_client=" + negotiatedParameters.f9554e);
            negotiatedParameters.f9555f = g(kexParameters.f9531f, kexParameters2.f9531f);
            negotiatedParameters.f9556g = g(kexParameters.f9532g, kexParameters2.f9532g);
            logger.c(20, "mac_algo_client_to_server=" + negotiatedParameters.f9555f);
            logger.c(20, "mac_algo_server_to_client=" + negotiatedParameters.f9556g);
            negotiatedParameters.f9557h = g(kexParameters.f9533h, kexParameters2.f9533h);
            negotiatedParameters.f9558i = g(kexParameters.f9534i, kexParameters2.f9534i);
            logger.c(20, "comp_algo_client_to_server=" + negotiatedParameters.f9557h);
            logger.c(20, "comp_algo_server_to_client=" + negotiatedParameters.f9558i);
            try {
                negotiatedParameters.f9559j = g(kexParameters.f9535j, kexParameters2.f9535j);
            } catch (NegotiateException unused) {
                negotiatedParameters.f9559j = null;
            }
            try {
                negotiatedParameters.f9560k = g(kexParameters.f9536k, kexParameters2.f9536k);
            } catch (NegotiateException unused2) {
                negotiatedParameters.f9560k = null;
            }
            if (k(kexParameters, kexParameters2)) {
                negotiatedParameters.f9550a = true;
            }
            return negotiatedParameters;
        } catch (NegotiateException unused3) {
            return null;
        }
    }

    private boolean m(byte[] bArr, byte[] bArr2) {
        if (this.f9510a.f9541c.f9552c.equals("ssh-ed25519")) {
            byte[] b10 = Ed25519Verify.b(bArr);
            d a10 = Ed25519Verify.a(bArr2);
            f9506q.c(50, "Verifying ed25519 signature");
            return Ed25519Verify.f(this.f9510a.f9544f, b10, a10);
        }
        if (this.f9510a.f9541c.f9552c.startsWith("ecdsa-sha2-")) {
            byte[] c10 = ECDSASHA2Verify.c(bArr);
            ECPublicKey b11 = ECDSASHA2Verify.b(bArr2);
            f9506q.c(50, "Verifying ecdsa signature");
            return ECDSASHA2Verify.p(this.f9510a.f9544f, c10, b11);
        }
        if (this.f9510a.f9541c.f9552c.equals("ssh-rsa")) {
            byte[] b12 = RSASHA1Verify.b(bArr);
            RSAPublicKey a11 = RSASHA1Verify.a(bArr2);
            f9506q.c(50, "Verifying ssh-rsa signature");
            return RSASHA1Verify.f(this.f9510a.f9544f, b12, a11);
        }
        if (this.f9510a.f9541c.f9552c.equals("rsa-sha2-256")) {
            byte[] a12 = RSASHA256Verify.a(bArr);
            RSAPublicKey a13 = RSASHA1Verify.a(bArr2);
            f9506q.c(50, "Verifying rsa-sha2-256 signature");
            return RSASHA256Verify.d(this.f9510a.f9544f, a12, a13);
        }
        if (this.f9510a.f9541c.f9552c.equals("rsa-sha2-512")) {
            byte[] a14 = RSASHA512Verify.a(bArr);
            RSAPublicKey a15 = RSASHA1Verify.a(bArr2);
            f9506q.c(50, "Verifying rsa-sha2-512 signature");
            return RSASHA512Verify.d(this.f9510a.f9544f, a14, a15);
        }
        if (this.f9510a.f9541c.f9552c.equals("ssh-dss")) {
            byte[] b13 = DSASHA1Verify.b(bArr);
            DSAPublicKey a16 = DSASHA1Verify.a(bArr2);
            f9506q.c(50, "Verifying ssh-dss signature");
            return DSASHA1Verify.f(this.f9510a.f9544f, b13, a16);
        }
        throw new IOException("Unknown server host key algorithm '" + this.f9510a.f9541c.f9552c + "'");
    }

    /* JADX WARN: Finally extract failed */
    public ConnectionInfo h(int i10) {
        ConnectionInfo connectionInfo;
        synchronized (this.f9515f) {
            while (true) {
                try {
                    connectionInfo = this.f9516g;
                    if (connectionInfo == null || connectionInfo.f9140h < i10) {
                        if (this.f9517h) {
                            throw new IOException("Key exchange was not finished, connection is closed.", this.f9519j.n());
                        }
                        try {
                            this.f9515f.wait();
                        } catch (InterruptedException unused) {
                        }
                    }
                } catch (Throwable th) {
                    throw th;
                }
            }
        }
        return connectionInfo;
    }

    /* JADX WARN: Finally extract failed */
    /* JADX WARN: Removed duplicated region for block: B:90:0x026e A[Catch: all -> 0x0666, TryCatch #3 {all -> 0x0666, blocks: (B:5:0x0005, B:6:0x0009, B:18:0x0018, B:19:0x0019, B:21:0x0022, B:24:0x0028, B:25:0x004c, B:26:0x004d, B:28:0x0052, B:33:0x0059, B:36:0x0060, B:39:0x0067, B:40:0x0071, B:43:0x0075, B:44:0x009b, B:46:0x00c7, B:48:0x00d1, B:50:0x00dc, B:51:0x00de, B:53:0x00ef, B:56:0x0102, B:58:0x0117, B:60:0x0127, B:62:0x013a, B:64:0x014c, B:66:0x015f, B:68:0x0172, B:70:0x0183, B:72:0x0196, B:74:0x01a9, B:77:0x01be, B:78:0x01c6, B:79:0x01c7, B:82:0x0212, B:84:0x021d, B:87:0x022f, B:88:0x025c, B:90:0x026e, B:91:0x0283, B:94:0x027a, B:95:0x0245, B:96:0x0289, B:97:0x0295, B:100:0x029a, B:106:0x029f, B:107:0x02d0, B:108:0x031c, B:113:0x0328, B:120:0x032f, B:103:0x0353, B:104:0x035c, B:123:0x0331, B:124:0x0352, B:126:0x035f, B:128:0x0365, B:130:0x0373, B:133:0x038a, B:135:0x039d, B:137:0x03af, B:139:0x03c0, B:141:0x03d0, B:143:0x03e1, B:145:0x03f4, B:147:0x0407, B:149:0x041a, B:151:0x042d, B:153:0x0508, B:154:0x0534, B:155:0x0440, B:157:0x0448, B:175:0x045d, B:178:0x0475, B:179:0x0480, B:160:0x048c, B:162:0x0499, B:163:0x04cc, B:165:0x04dd, B:168:0x04f4, B:169:0x04fb, B:172:0x04fd, B:173:0x0507, B:182:0x0482, B:183:0x048b, B:184:0x0535, B:186:0x053d, B:191:0x0586, B:210:0x059c, B:213:0x05b6, B:214:0x05bf, B:193:0x05ca, B:195:0x05d5, B:196:0x0611, B:198:0x0621, B:203:0x063b, B:204:0x0646, B:207:0x0648, B:208:0x0650, B:217:0x05c1, B:218:0x05c9, B:219:0x0651, B:220:0x065b, B:221:0x065c, B:222:0x0665, B:8:0x000a, B:9:0x0011, B:110:0x031d, B:111:0x0326), top: B:3:0x0003, inners: #0, #1, #2, #4, #5, #6, #7 }] */
    /* JADX WARN: Removed duplicated region for block: B:94:0x027a A[Catch: all -> 0x0666, TryCatch #3 {all -> 0x0666, blocks: (B:5:0x0005, B:6:0x0009, B:18:0x0018, B:19:0x0019, B:21:0x0022, B:24:0x0028, B:25:0x004c, B:26:0x004d, B:28:0x0052, B:33:0x0059, B:36:0x0060, B:39:0x0067, B:40:0x0071, B:43:0x0075, B:44:0x009b, B:46:0x00c7, B:48:0x00d1, B:50:0x00dc, B:51:0x00de, B:53:0x00ef, B:56:0x0102, B:58:0x0117, B:60:0x0127, B:62:0x013a, B:64:0x014c, B:66:0x015f, B:68:0x0172, B:70:0x0183, B:72:0x0196, B:74:0x01a9, B:77:0x01be, B:78:0x01c6, B:79:0x01c7, B:82:0x0212, B:84:0x021d, B:87:0x022f, B:88:0x025c, B:90:0x026e, B:91:0x0283, B:94:0x027a, B:95:0x0245, B:96:0x0289, B:97:0x0295, B:100:0x029a, B:106:0x029f, B:107:0x02d0, B:108:0x031c, B:113:0x0328, B:120:0x032f, B:103:0x0353, B:104:0x035c, B:123:0x0331, B:124:0x0352, B:126:0x035f, B:128:0x0365, B:130:0x0373, B:133:0x038a, B:135:0x039d, B:137:0x03af, B:139:0x03c0, B:141:0x03d0, B:143:0x03e1, B:145:0x03f4, B:147:0x0407, B:149:0x041a, B:151:0x042d, B:153:0x0508, B:154:0x0534, B:155:0x0440, B:157:0x0448, B:175:0x045d, B:178:0x0475, B:179:0x0480, B:160:0x048c, B:162:0x0499, B:163:0x04cc, B:165:0x04dd, B:168:0x04f4, B:169:0x04fb, B:172:0x04fd, B:173:0x0507, B:182:0x0482, B:183:0x048b, B:184:0x0535, B:186:0x053d, B:191:0x0586, B:210:0x059c, B:213:0x05b6, B:214:0x05bf, B:193:0x05ca, B:195:0x05d5, B:196:0x0611, B:198:0x0621, B:203:0x063b, B:204:0x0646, B:207:0x0648, B:208:0x0650, B:217:0x05c1, B:218:0x05c9, B:219:0x0651, B:220:0x065b, B:221:0x065c, B:222:0x0665, B:8:0x000a, B:9:0x0011, B:110:0x031d, B:111:0x0326), top: B:3:0x0003, inners: #0, #1, #2, #4, #5, #6, #7 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public synchronized void i(byte[] r13, int r14) {
        /*
            Method dump skipped, instructions count: 1643
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.urbanvpn.ssh2.transport.KexManager.i(byte[], int):void");
    }

    public synchronized void j(CryptoWishList cryptoWishList, DHGexParameters dHGexParameters) {
        try {
            this.f9520k = cryptoWishList;
            c(cryptoWishList);
            this.f9521l = dHGexParameters;
            if (this.f9510a == null) {
                KexState kexState = new KexState();
                this.f9510a = kexState;
                kexState.f9549k = this.f9521l;
                PacketKexInit packetKexInit = new PacketKexInit(this.f9520k);
                this.f9510a.f9539a = packetKexInit;
                this.f9519j.v(packetKexInit.b());
            }
        } catch (Throwable th) {
            throw th;
        }
    }
}
