package com.trilead.ssh2.crypto.dh;

import androidx.core.os.BundleKt$$ExternalSyntheticOutline0;
import androidx.databinding.ViewDataBinding;
import com.google.crypto.tink.internal.Random;
import com.trilead.ssh2.signature.ECDSASHA2Verify;
import java.io.IOException;
import java.io.Serializable;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.KeyAgreement;
import kotlin.ResultKt;

/* loaded from: classes.dex */
public final class EcDhExchange extends GenericDhExchange {
    public final /* synthetic */ int $r8$classId;
    public Serializable clientPrivate;
    public Serializable clientPublic;
    public Serializable serverPublic;

    public EcDhExchange(int i) {
        this.$r8$classId = i;
    }

    @Override // com.trilead.ssh2.crypto.dh.GenericDhExchange
    public final byte[] getE() {
        switch (this.$r8$classId) {
            case ViewDataBinding.SDK_INT:
                return ECDSASHA2Verify.encodeECPoint(((ECPublicKey) this.clientPublic).getW(), ((ECPublicKey) this.clientPublic).getParams().getCurve());
            default:
                return (byte[]) ((byte[]) this.clientPrivate).clone();
        }
    }

    @Override // com.trilead.ssh2.crypto.dh.GenericDhExchange
    public final String getHashAlgo() {
        switch (this.$r8$classId) {
            case ViewDataBinding.SDK_INT:
                ECDSASHA2Verify verifierForKey = ECDSASHA2Verify.getVerifierForKey((ECPublicKey) this.clientPublic);
                if (verifierForKey == null) {
                    return null;
                }
                return verifierForKey.getDigestAlgorithm();
            default:
                return "SHA-256";
        }
    }

    @Override // com.trilead.ssh2.crypto.dh.GenericDhExchange
    public final byte[] getServerE() {
        switch (this.$r8$classId) {
            case ViewDataBinding.SDK_INT:
                return ECDSASHA2Verify.encodeECPoint(((ECPublicKey) this.serverPublic).getW(), ((ECPublicKey) this.serverPublic).getParams().getCurve());
            default:
                return (byte[]) ((byte[]) this.serverPublic).clone();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r5v20, types: [byte[], java.io.Serializable] */
    @Override // com.trilead.ssh2.crypto.dh.GenericDhExchange
    public final void init(String str) {
        ECParameterSpec eCParameterSpec;
        switch (this.$r8$classId) {
            case ViewDataBinding.SDK_INT:
                if ("ecdh-sha2-nistp256".equals(str)) {
                    ECParameterSpec eCParameterSpec2 = ECDSASHA2Verify.ECDSASHA2NISTP256Verify.nistp256;
                    ECDSASHA2Verify.ECDSASHA2NISTP256Verify.InstanceHolder.sInstance.getClass();
                    eCParameterSpec = ECDSASHA2Verify.ECDSASHA2NISTP256Verify.nistp256;
                } else if ("ecdh-sha2-nistp384".equals(str)) {
                    ECParameterSpec eCParameterSpec3 = ECDSASHA2Verify.ECDSASHA2NISTP384Verify.nistp384;
                    ECDSASHA2Verify.ECDSASHA2NISTP384Verify.InstanceHolder.sInstance.getClass();
                    eCParameterSpec = ECDSASHA2Verify.ECDSASHA2NISTP384Verify.nistp384;
                } else {
                    if (!"ecdh-sha2-nistp521".equals(str)) {
                        throw new IllegalArgumentException(BundleKt$$ExternalSyntheticOutline0.m$1("Unknown EC curve ", str));
                    }
                    ECParameterSpec eCParameterSpec4 = ECDSASHA2Verify.ECDSASHA2NISTP521Verify.nistp521;
                    ECDSASHA2Verify.ECDSASHA2NISTP521Verify.InstanceHolder.sInstance.getClass();
                    eCParameterSpec = ECDSASHA2Verify.ECDSASHA2NISTP521Verify.nistp521;
                }
                try {
                    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
                    keyPairGenerator.initialize(eCParameterSpec);
                    KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
                    this.clientPrivate = (ECPrivateKey) generateKeyPair.getPrivate();
                    this.clientPublic = (ECPublicKey) generateKeyPair.getPublic();
                    return;
                } catch (InvalidAlgorithmParameterException e) {
                    throw new IOException("Invalid DH parameters", e);
                } catch (NoSuchAlgorithmException e2) {
                    throw new IOException("No DH keypair generator", e2);
                }
            default:
                if (!"curve25519-sha256".equals(str) && !"curve25519-sha256@libssh.org".equals(str)) {
                    throw new IOException(BundleKt$$ExternalSyntheticOutline0.m$1("Invalid name ", str));
                }
                byte[] bArr = new byte[32];
                ((SecureRandom) Random.localRandom.get()).nextBytes(bArr);
                bArr[0] = (byte) (bArr[0] | 7);
                byte b = (byte) (bArr[31] & 63);
                bArr[31] = b;
                bArr[31] = (byte) (b | 128);
                this.clientPublic = bArr;
                try {
                    byte[] bArr2 = new byte[32];
                    bArr2[0] = 9;
                    this.clientPrivate = ResultKt.computeSharedSecret(bArr, bArr2);
                    return;
                } catch (InvalidKeyException e3) {
                    throw new IOException(e3);
                }
        }
    }

    /* JADX WARN: Type inference failed for: r6v16, types: [byte[], java.io.Serializable] */
    @Override // com.trilead.ssh2.crypto.dh.GenericDhExchange
    public final void setF(byte[] bArr) {
        switch (this.$r8$classId) {
            case ViewDataBinding.SDK_INT:
                if (((ECPublicKey) this.clientPublic) == null) {
                    throw new IllegalStateException("DhDsaExchange not initialized!");
                }
                try {
                    KeyFactory keyFactory = KeyFactory.getInstance("EC");
                    ECDSASHA2Verify verifierForKey = ECDSASHA2Verify.getVerifierForKey((ECPublicKey) this.clientPublic);
                    if (verifierForKey == null) {
                        throw new IOException("No such EC group");
                    }
                    this.serverPublic = (ECPublicKey) keyFactory.generatePublic(new ECPublicKeySpec(verifierForKey.decodeECPoint(bArr), verifierForKey.getParameterSpec()));
                    KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH");
                    keyAgreement.init((ECPrivateKey) this.clientPrivate);
                    keyAgreement.doPhase((ECPublicKey) this.serverPublic, true);
                    this.sharedSecret = new BigInteger(1, keyAgreement.generateSecret());
                    return;
                } catch (InvalidKeyException e) {
                    e = e;
                    throw new IOException("Invalid ECDH key", e);
                } catch (NoSuchAlgorithmException e2) {
                    throw new IOException("No ECDH key agreement method", e2);
                } catch (InvalidKeySpecException e3) {
                    e = e3;
                    throw new IOException("Invalid ECDH key", e);
                }
            default:
                if (bArr.length != 32) {
                    throw new IOException(BundleKt$$ExternalSyntheticOutline0.m("Server sent invalid key length ", bArr.length, " (expected 32)"));
                }
                ?? r6 = (byte[]) bArr.clone();
                this.serverPublic = r6;
                try {
                    byte[] computeSharedSecret = ResultKt.computeSharedSecret((byte[]) this.clientPublic, r6);
                    int i = 0;
                    for (int i2 = 0; i2 < 32; i2++) {
                        i |= computeSharedSecret[i2];
                    }
                    if (i == 0) {
                        throw new IOException("Invalid key computed; all zeroes");
                    }
                    this.sharedSecret = new BigInteger(1, computeSharedSecret);
                    return;
                } catch (InvalidKeyException e4) {
                    throw new IOException(e4);
                }
        }
    }
}
