package net.schmizz.sshj.transport.kex;

import java.math.BigInteger;
import java.security.GeneralSecurityException;
import javax.crypto.spec.DHParameterSpec;
import net.schmizz.sshj.common.Buffer;
import net.schmizz.sshj.common.DisconnectReason;
import net.schmizz.sshj.common.Factory;
import net.schmizz.sshj.common.KeyType;
import net.schmizz.sshj.common.Message;
import net.schmizz.sshj.common.SSHPacket;
import net.schmizz.sshj.signature.Signature;
import net.schmizz.sshj.transport.Transport;
import net.schmizz.sshj.transport.TransportException;
import net.schmizz.sshj.transport.digest.Digest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes2.dex */
public abstract class AbstractDHGex extends AbstractDH {
    private final Logger log;
    private int maxBits;
    private int minBits;
    private int preferredBits;

    /* renamed from: net.schmizz.sshj.transport.kex.AbstractDHGex$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$net$schmizz$sshj$common$Message = new int[Message.values().length];

        static {
            try {
                $SwitchMap$net$schmizz$sshj$common$Message[Message.KEXDH_31.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$net$schmizz$sshj$common$Message[Message.KEX_DH_GEX_REPLY.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    public AbstractDHGex(Digest digest) {
        super(new DH(), digest);
        this.log = LoggerFactory.getLogger(getClass());
        this.minBits = 1024;
        this.maxBits = 8192;
        this.preferredBits = 2048;
    }

    private boolean parseGexGroup(SSHPacket sSHPacket) throws Buffer.BufferException, GeneralSecurityException, TransportException {
        BigInteger readMPInt = sSHPacket.readMPInt();
        BigInteger readMPInt2 = sSHPacket.readMPInt();
        int bitLength = readMPInt.bitLength();
        if (bitLength < this.minBits || bitLength > this.maxBits) {
            throw new GeneralSecurityException("Server generated gex p is out of range (" + bitLength + " bits)");
        }
        this.log.debug("Received server p bitlength {}", Integer.valueOf(bitLength));
        this.dh.init(new DHParameterSpec(readMPInt, readMPInt2), this.trans.getConfig().getRandomFactory());
        this.log.debug("Sending {}", Message.KEX_DH_GEX_INIT);
        this.trans.write(new SSHPacket(Message.KEX_DH_GEX_INIT).putBytes(this.dh.getE()));
        return false;
    }

    private boolean parseGexReply(SSHPacket sSHPacket) throws Buffer.BufferException, GeneralSecurityException, TransportException {
        byte[] readBytes = sSHPacket.readBytes();
        byte[] readBytes2 = sSHPacket.readBytes();
        byte[] readBytes3 = sSHPacket.readBytes();
        this.hostKey = new Buffer.PlainBuffer(readBytes).readPublicKey();
        this.dh.computeK(readBytes2);
        Buffer.PlainBuffer putMPInt = initializedBuffer().putString(readBytes).putUInt32(this.minBits).putUInt32(this.preferredBits).putUInt32(this.maxBits).putMPInt(((DH) this.dh).getP()).putMPInt(((DH) this.dh).getG()).putBytes(this.dh.getE()).putBytes(readBytes2).putMPInt(this.dh.getK());
        this.digest.update(putMPInt.array(), putMPInt.rpos(), putMPInt.available());
        this.H = this.digest.digest();
        Signature signature = (Signature) Factory.Named.Util.create(this.trans.getConfig().getSignatureFactories(), KeyType.fromKey(this.hostKey).toString());
        signature.initVerify(this.hostKey);
        signature.update(this.H, 0, this.H.length);
        if (signature.verify(readBytes3)) {
            return true;
        }
        throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, "KeyExchange signature verification failed");
    }

    @Override // net.schmizz.sshj.transport.kex.KeyExchangeBase, net.schmizz.sshj.transport.kex.KeyExchange
    public void init(Transport transport, String str, String str2, byte[] bArr, byte[] bArr2) throws GeneralSecurityException, TransportException {
        super.init(transport, str, str2, bArr, bArr2);
        this.digest.init();
        this.log.debug("Sending {}", Message.KEX_DH_GEX_REQUEST);
        transport.write(new SSHPacket(Message.KEX_DH_GEX_REQUEST).putUInt32(this.minBits).putUInt32(this.preferredBits).putUInt32(this.maxBits));
    }

    @Override // net.schmizz.sshj.transport.kex.KeyExchange
    public boolean next(Message message, SSHPacket sSHPacket) throws GeneralSecurityException, TransportException {
        this.log.debug("Got message {}", message);
        try {
            int i = AnonymousClass1.$SwitchMap$net$schmizz$sshj$common$Message[message.ordinal()];
            if (i == 1) {
                return parseGexGroup(sSHPacket);
            }
            if (i == 2) {
                return parseGexReply(sSHPacket);
            }
            throw new TransportException("Unexpected message " + message);
        } catch (Buffer.BufferException e) {
            throw new TransportException(e);
        }
    }
}
