package net.schmizz.sshj.transport.kex;

import com.android.tools.r8.GeneratedOutlineSupport;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import javax.crypto.spec.DHParameterSpec;
import net.schmizz.sshj.common.Buffer;
import net.schmizz.sshj.common.DisconnectReason;
import net.schmizz.sshj.common.Factory;
import net.schmizz.sshj.common.Message;
import net.schmizz.sshj.common.SSHPacket;
import net.schmizz.sshj.signature.Signature;
import net.schmizz.sshj.transport.Transport;
import net.schmizz.sshj.transport.TransportException;
import net.schmizz.sshj.transport.TransportImpl;
import net.schmizz.sshj.transport.digest.BaseDigest;
import net.schmizz.sshj.transport.digest.SHA256;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public class DHGexSHA256 extends AbstractDH {
    public final Logger log;

    /* loaded from: classes.dex */
    public class Factory implements Factory.Named {
        @Override // net.schmizz.sshj.common.Factory
        public Object create() {
            return new DHGexSHA256();
        }

        @Override // net.schmizz.sshj.common.Factory.Named
        public String getName() {
            return "diffie-hellman-group-exchange-sha256";
        }
    }

    public DHGexSHA256() {
        super(new DH(), new SHA256());
        this.log = LoggerFactory.getLogger(DHGexSHA256.class);
    }

    @Override // net.schmizz.sshj.transport.kex.KeyExchangeBase
    public void init(Transport transport, String str, String str2, byte[] bArr, byte[] bArr2) {
        super.init(transport, str, str2, bArr, bArr2);
        this.digest.init();
        Logger logger = this.log;
        Message message = Message.KEX_DH_GEX_REQUEST;
        logger.debug("Sending {}", message);
        SSHPacket sSHPacket = new SSHPacket(message);
        sSHPacket.putUInt32(1024L);
        sSHPacket.putUInt32(2048L);
        sSHPacket.putUInt32(8192L);
        ((TransportImpl) transport).write(sSHPacket);
    }

    @Override // net.schmizz.sshj.transport.kex.KeyExchangeBase
    public boolean next(Message message, SSHPacket sSHPacket) {
        this.log.debug("Got message {}", message);
        try {
            int ordinal = message.ordinal();
            if (ordinal == 11) {
                return parseGexGroup(sSHPacket);
            }
            if (ordinal == 13) {
                return parseGexReply(sSHPacket);
            }
            throw new TransportException("Unexpected message " + message);
        } catch (Buffer.BufferException e) {
            throw new TransportException(e);
        }
    }

    public final boolean parseGexGroup(SSHPacket sSHPacket) {
        BigInteger readMPInt = sSHPacket.readMPInt();
        BigInteger readMPInt2 = sSHPacket.readMPInt();
        int bitLength = readMPInt.bitLength();
        if (bitLength < 1024 || bitLength > 8192) {
            throw new GeneralSecurityException(GeneratedOutlineSupport.outline20("Server generated gex p is out of range (", bitLength, " bits)"));
        }
        this.log.debug("Received server p bitlength {}", Integer.valueOf(bitLength));
        this.dh.init(new DHParameterSpec(readMPInt, readMPInt2), ((TransportImpl) this.trans).config.randomFactory);
        Logger logger = this.log;
        Message message = Message.KEX_DH_GEX_INIT;
        logger.debug("Sending {}", message);
        Transport transport = this.trans;
        SSHPacket sSHPacket2 = new SSHPacket(message);
        sSHPacket2.putBytes(this.dh.e);
        ((TransportImpl) transport).write(sSHPacket2);
        return false;
    }

    public final boolean parseGexReply(SSHPacket sSHPacket) {
        byte[] readBytes = sSHPacket.readBytes();
        byte[] readBytes2 = sSHPacket.readBytes();
        byte[] readBytes3 = sSHPacket.readBytes();
        this.hostKey = new Buffer.PlainBuffer(readBytes).readPublicKey();
        this.dh.computeK(readBytes2);
        BigInteger bigInteger = this.dh.K;
        Buffer.PlainBuffer initializedBuffer = initializedBuffer();
        initializedBuffer.putBytes(readBytes);
        initializedBuffer.putUInt32(1024L);
        initializedBuffer.putUInt32(2048L);
        initializedBuffer.putUInt32(8192L);
        initializedBuffer.putMPInt(((DH) this.dh).p);
        initializedBuffer.putMPInt(((DH) this.dh).g);
        initializedBuffer.putBytes(this.dh.e);
        initializedBuffer.putBytes(readBytes2);
        initializedBuffer.putMPInt(bigInteger);
        BaseDigest baseDigest = this.digest;
        baseDigest.md.update(initializedBuffer.data, initializedBuffer.rpos, initializedBuffer.available());
        this.H = this.digest.digest();
        Signature newSignature = ((TransportImpl) this.trans).hostKeyAlgorithm.newSignature();
        newSignature.initVerify(this.hostKey);
        byte[] bArr = this.H;
        newSignature.update(bArr, 0, bArr.length);
        if (newSignature.verify(readBytes3)) {
            return true;
        }
        throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, "KeyExchange signature verification failed");
    }
}
