package com.trilead.ssh2.crypto.dh;

import androidx.core.R$id$$ExternalSyntheticOutline0;
import com.google.crypto.tink.subtle.Random;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.SecureRandom;
import kotlin.TuplesKt;

/* loaded from: classes.dex */
public class Curve25519Exchange extends GenericDhExchange {
    public byte[] clientPrivate;
    public byte[] clientPublic;
    public byte[] serverPublic;

    @Override // com.trilead.ssh2.crypto.dh.GenericDhExchange
    public final byte[] getE() {
        return (byte[]) this.clientPublic.clone();
    }

    @Override // com.trilead.ssh2.crypto.dh.GenericDhExchange
    public final String getHashAlgo() {
        return "SHA-256";
    }

    @Override // com.trilead.ssh2.crypto.dh.GenericDhExchange
    public final byte[] getServerE() {
        return (byte[]) this.serverPublic.clone();
    }

    @Override // com.trilead.ssh2.crypto.dh.GenericDhExchange
    public final void init(String str) {
        if (!"curve25519-sha256".equals(str) && !"curve25519-sha256@libssh.org".equals(str)) {
            throw new IOException(R$id$$ExternalSyntheticOutline0.m$1("Invalid name ", str));
        }
        byte[] bArr = new byte[32];
        ((SecureRandom) Random.localRandom.get()).nextBytes(bArr);
        bArr[0] = (byte) (bArr[0] | 7);
        byte b = (byte) (bArr[31] & 63);
        bArr[31] = b;
        bArr[31] = (byte) (b | 128);
        this.clientPrivate = bArr;
        try {
            byte[] bArr2 = new byte[32];
            bArr2[0] = 9;
            this.clientPublic = TuplesKt.computeSharedSecret(bArr, bArr2);
        } catch (InvalidKeyException e) {
            throw new IOException(e);
        }
    }

    @Override // com.trilead.ssh2.crypto.dh.GenericDhExchange
    public final void setF(byte[] bArr) {
        if (bArr.length != 32) {
            throw new IOException(R$id$$ExternalSyntheticOutline0.m(new StringBuilder("Server sent invalid key length "), bArr.length, " (expected 32)"));
        }
        byte[] bArr2 = (byte[]) bArr.clone();
        this.serverPublic = bArr2;
        try {
            byte[] computeSharedSecret = TuplesKt.computeSharedSecret(this.clientPrivate, bArr2);
            int i = 0;
            for (int i2 = 0; i2 < 32; i2++) {
                i |= computeSharedSecret[i2];
            }
            if (i == 0) {
                throw new IOException("Invalid key computed; all zeroes");
            }
            this.sharedSecret = new BigInteger(1, computeSharedSecret);
        } catch (InvalidKeyException e) {
            throw new IOException(e);
        }
    }
}
