package net.schmizz.sshj.transport.kex;

import com.hierynomus.sshj.userauth.certificate.Certificate;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import net.schmizz.sshj.common.d0;
import net.schmizz.sshj.common.f0;
import net.schmizz.sshj.common.g0;
import net.schmizz.sshj.common.i0;
import net.schmizz.sshj.common.j0;
import net.schmizz.sshj.common.z;

/* loaded from: classes.dex */
public abstract class b extends a {
    private final kq.b log;

    public b(j jVar, dp.b bVar) {
        super(jVar, bVar);
        this.log = kq.d.b(getClass());
    }

    @Override // net.schmizz.sshj.transport.kex.v, net.schmizz.sshj.transport.kex.u
    public void init(bp.h hVar, String str, String str2, byte[] bArr, byte[] bArr2) throws GeneralSecurityException, bp.j {
        super.init(hVar, str, str2, bArr, bArr2);
        dp.a aVar = (dp.a) this.digest;
        aVar.getClass();
        try {
            aVar.f25043b = j0.f(aVar.f25042a);
            initDH(this.f34060dh);
            this.log.l("Sending SSH_MSG_KEXDH_INIT");
            g0 g0Var = new g0(d0.KEXDH_INIT);
            byte[] bArr3 = this.f34060dh.f34068c;
            g0Var.h(0, bArr3.length, bArr3);
            ((bp.m) hVar).h(g0Var);
        } catch (GeneralSecurityException e10) {
            throw new i0(e10.getMessage(), e10);
        }
    }

    public abstract void initDH(j jVar);

    @Override // net.schmizz.sshj.transport.kex.u
    public boolean next(d0 d0Var, g0 g0Var) throws GeneralSecurityException, bp.j {
        String str;
        String str2;
        if (d0Var != d0.KEXDH_31) {
            throw new f0(net.schmizz.sshj.common.f.KEY_EXCHANGE_FAILED, "Unexpected packet: " + d0Var, null);
        }
        this.log.l("Received SSH_MSG_KEXDH_REPLY");
        try {
            byte[] t10 = g0Var.t();
            byte[] t11 = g0Var.t();
            byte[] t12 = g0Var.t();
            this.hostKey = new net.schmizz.sshj.common.d(t10, true).v();
            this.f34060dh.a(t11);
            net.schmizz.sshj.common.c initializedBuffer = initializedBuffer();
            initializedBuffer.getClass();
            initializedBuffer.h(0, t10.length, t10);
            byte[] bArr = this.f34060dh.f34068c;
            initializedBuffer.h(0, bArr.length, bArr);
            initializedBuffer.h(0, t11.length, t11);
            initializedBuffer.i(this.f34060dh.f34069d);
            ((dp.a) this.digest).a(initializedBuffer.f34036a, initializedBuffer.f34037b, initializedBuffer.a());
            this.H = ((dp.a) this.digest).f25043b.digest();
            net.schmizz.sshj.signature.c newSignature = ((bp.m) this.trans).f7458i.newSignature();
            PublicKey publicKey = this.hostKey;
            if (publicKey instanceof Certificate) {
                newSignature.initVerify(((Certificate) publicKey).getKey());
            } else {
                newSignature.initVerify(publicKey);
            }
            byte[] bArr2 = this.H;
            newSignature.update(bArr2, 0, bArr2.length);
            if (!newSignature.verify(t12)) {
                throw new f0(net.schmizz.sshj.common.f.KEY_EXCHANGE_FAILED, "KeyExchange signature verification failed", null);
            }
            PublicKey publicKey2 = this.hostKey;
            if ((publicKey2 instanceof Certificate) && ((bp.m) this.trans).f7453d.f44428k) {
                Certificate certificate = (Certificate) publicKey2;
                try {
                    str = new net.schmizz.sshj.common.d(certificate.getSignature(), true).x(net.schmizz.sshj.common.l.f34049a);
                } catch (net.schmizz.sshj.common.b unused) {
                    str = null;
                }
                try {
                    str2 = new net.schmizz.sshj.common.d(certificate.getSignatureKey(), true).x(net.schmizz.sshj.common.l.f34049a);
                } catch (net.schmizz.sshj.common.b unused2) {
                    str2 = null;
                }
                this.log.s("Verifying signature of the key with type {} (signature type {}, CA key type {})", Long.valueOf(certificate.getType()), str, str2);
                try {
                    String f10 = z.f(t10, certificate, ((bp.m) this.trans).f7466q.f39763b);
                    if (f10 != null) {
                        throw new f0(net.schmizz.sshj.common.f.KEY_EXCHANGE_FAILED, "KeyExchange certificate check failed: ".concat(f10), null);
                    }
                } catch (net.schmizz.sshj.common.b | i0 e10) {
                    throw new f0(net.schmizz.sshj.common.f.KEY_EXCHANGE_FAILED, "KeyExchange certificate check failed", e10);
                }
            }
            return true;
        } catch (net.schmizz.sshj.common.b e11) {
            throw new f0(e11);
        }
    }
}
