package org.eclipse.californium.scandium.dtls;

import java.net.InetSocketAddress;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.eclipse.californium.elements.RawData;
import org.eclipse.californium.scandium.dtls.cipher.CipherSuite;
import org.eclipse.californium.scandium.dtls.cipher.ECDHECryptography;
import org.eclipse.californium.scandium.util.ByteArrayUtils;

/* loaded from: input_file:org/eclipse/californium/scandium/dtls/Handshaker.class */
public abstract class Handshaker {
    protected static final Logger LOGGER = Logger.getLogger(Handshaker.class.getCanonicalName());
    private static final int MASTER_SECRET_LABEL = 1;
    private static final int KEY_EXPANSION_LABEL = 2;
    public static final int CLIENT_FINISHED_LABEL = 3;
    public static final int SERVER_FINISHED_LABEL = 4;
    public static final int TEST_LABEL = 5;
    public static final int TEST_LABEL_2 = 6;
    public static final int TEST_LABEL_3 = 7;
    protected boolean isClient;
    protected InetSocketAddress endpointAddress;
    protected ProtocolVersion usedProtocol;
    protected Random clientRandom;
    protected Random serverRandom;
    private CipherSuite cipherSuite;
    private CompressionMethod compressionMethod;
    protected CipherSuite.KeyExchangeAlgorithm keyExchange;
    protected ECDHECryptography ecdhe;
    private byte[] masterSecret;
    private SecretKey clientWriteMACKey;
    private SecretKey serverWriteMACKey;
    private IvParameterSpec clientWriteIV;
    private IvParameterSpec serverWriteIV;
    private SecretKey clientWriteKey;
    private SecretKey serverWriteKey;
    protected DTLSSession session;
    protected MessageDigest md;
    protected PrivateKey privateKey;
    protected PublicKey publicKey;
    protected Certificate[] certificates;
    protected final Certificate[] rootCertificates;
    protected int state = -1;
    private int sequenceNumber = 0;
    private int nextReceiveSeq = 0;
    protected RawData message = null;
    protected Map<Integer, List<FragmentedHandshakeMessage>> fragmentedMessages = new HashMap();
    protected byte[] handshakeMessages = new byte[0];
    protected DTLSFlight lastFlight = null;
    private int maxFragmentLength = 4096;
    protected Collection<Record> queuedMessages = new HashSet();

    public Handshaker(InetSocketAddress inetSocketAddress, boolean z, DTLSSession dTLSSession, Certificate[] certificateArr) {
        this.session = null;
        this.endpointAddress = inetSocketAddress;
        this.isClient = z;
        this.session = dTLSSession;
        this.rootCertificates = certificateArr == null ? new Certificate[0] : certificateArr;
        try {
            this.md = MessageDigest.getInstance("SHA-256");
        } catch (NoSuchAlgorithmException e) {
            LOGGER.log(Level.SEVERE, "Could not initialize the message digest algorithm.", (Throwable) e);
        }
    }

    public abstract DTLSFlight processMessage(Record record) throws HandshakeException;

    public abstract DTLSFlight getStartHandshakeMessage();

    /* JADX INFO: Access modifiers changed from: protected */
    public void generateKeys(byte[] bArr) {
        this.masterSecret = generateMasterSecret(bArr);
        this.session.setMasterSecret(this.masterSecret);
        calculateKeys(this.masterSecret);
    }

    private void calculateKeys(byte[] bArr) {
        byte[] doPRF = doPRF(bArr, 2, ByteArrayUtils.concatenate(this.serverRandom.getRandomBytes(), this.clientRandom.getRandomBytes()));
        if (this.cipherSuite == null) {
            this.cipherSuite = this.session.getCipherSuite();
        }
        int macKeyLength = this.cipherSuite.getBulkCipher().getMacKeyLength();
        int encKeyLength = this.cipherSuite.getBulkCipher().getEncKeyLength();
        int fixedIvLength = this.cipherSuite.getBulkCipher().getFixedIvLength();
        this.clientWriteMACKey = new SecretKeySpec(doPRF, 0, macKeyLength, "Mac");
        this.serverWriteMACKey = new SecretKeySpec(doPRF, macKeyLength, macKeyLength, "Mac");
        this.clientWriteKey = new SecretKeySpec(doPRF, 2 * macKeyLength, encKeyLength, "AES");
        this.serverWriteKey = new SecretKeySpec(doPRF, (2 * macKeyLength) + encKeyLength, encKeyLength, "AES");
        this.clientWriteIV = new IvParameterSpec(doPRF, (2 * macKeyLength) + (2 * encKeyLength), fixedIvLength);
        this.serverWriteIV = new IvParameterSpec(doPRF, (2 * macKeyLength) + (2 * encKeyLength) + fixedIvLength, fixedIvLength);
    }

    private byte[] generateMasterSecret(byte[] bArr) {
        return doPRF(bArr, 1, ByteArrayUtils.concatenate(this.clientRandom.getRandomBytes(), this.serverRandom.getRandomBytes()));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] generatePremasterSecretFromPSK(byte[] bArr) {
        int length = bArr.length;
        byte[] bArr2 = {(byte) (length >> 8), (byte) length};
        return ByteArrayUtils.concatenate(bArr2, ByteArrayUtils.concatenate(ByteArrayUtils.padArray(new byte[0], (byte) 0, length), ByteArrayUtils.concatenate(bArr2, bArr)));
    }

    public static byte[] doPRF(byte[] bArr, int i, byte[] bArr2) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            switch (i) {
                case 1:
                    return doExpansion(messageDigest, bArr, ByteArrayUtils.concatenate("master secret".getBytes(), bArr2), 48);
                case 2:
                    return doExpansion(messageDigest, bArr, ByteArrayUtils.concatenate("key expansion".getBytes(), bArr2), 128);
                case 3:
                    return doExpansion(messageDigest, bArr, ByteArrayUtils.concatenate("client finished".getBytes(), bArr2), 12);
                case 4:
                    return doExpansion(messageDigest, bArr, ByteArrayUtils.concatenate("server finished".getBytes(), bArr2), 12);
                case 5:
                    return doExpansion(messageDigest, bArr, ByteArrayUtils.concatenate("test label".getBytes(), bArr2), 100);
                case 6:
                    return doExpansion(MessageDigest.getInstance("SHA-512"), bArr, ByteArrayUtils.concatenate("test label".getBytes(), bArr2), 196);
                case 7:
                    return doExpansion(MessageDigest.getInstance("SHA-384"), bArr, ByteArrayUtils.concatenate("test label".getBytes(), bArr2), 148);
                default:
                    LOGGER.severe("Unknwon label: " + i);
                    return null;
            }
        } catch (NoSuchAlgorithmException e) {
            LOGGER.log(Level.SEVERE, "Message digest algorithm not available.", (Throwable) e);
            return null;
        }
    }

    protected static byte[] doExpansion(MessageDigest messageDigest, byte[] bArr, byte[] bArr2, int i) {
        double d = 32.0d;
        if (messageDigest.getAlgorithm().equals("SHA-1")) {
            d = 20.0d;
        } else if (messageDigest.getAlgorithm().equals("SHA-384")) {
            d = 48.0d;
        }
        int ceil = (int) Math.ceil(i / d);
        byte[] bArr3 = new byte[0];
        byte[] bArr4 = bArr2;
        for (int i2 = 0; i2 < ceil; i2++) {
            bArr4 = doHMAC(messageDigest, bArr, bArr4);
            bArr3 = ByteArrayUtils.concatenate(bArr3, doHMAC(messageDigest, bArr, ByteArrayUtils.concatenate(bArr4, bArr2)));
        }
        return ByteArrayUtils.truncate(bArr3, i);
    }

    public static byte[] doHMAC(MessageDigest messageDigest, byte[] bArr, byte[] bArr2) {
        int i = 64;
        if (messageDigest.getAlgorithm().equals("SHA-512") || messageDigest.getAlgorithm().equals("SHA-384")) {
            i = 128;
        }
        byte[] bArr3 = new byte[i];
        Arrays.fill(bArr3, (byte) 54);
        byte[] bArr4 = new byte[i];
        Arrays.fill(bArr4, (byte) 92);
        byte[] bArr5 = bArr;
        if (bArr.length < i) {
            bArr5 = ByteArrayUtils.padArray(bArr, (byte) 0, i);
        } else if (bArr.length > i) {
            messageDigest.update(bArr);
            byte[] digest = messageDigest.digest();
            messageDigest.reset();
            bArr5 = ByteArrayUtils.padArray(digest, (byte) 0, i);
        }
        messageDigest.update(ByteArrayUtils.concatenate(ByteArrayUtils.xorArrays(bArr5, bArr3), bArr2));
        byte[] digest2 = messageDigest.digest();
        messageDigest.reset();
        messageDigest.update(ByteArrayUtils.concatenate(ByteArrayUtils.xorArrays(bArr5, bArr4), digest2));
        return messageDigest.digest();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setCurrentReadState() {
        this.session.setReadState(this.isClient ? new DTLSConnectionState(this.cipherSuite, this.compressionMethod, this.serverWriteKey, this.serverWriteIV, this.serverWriteMACKey) : new DTLSConnectionState(this.cipherSuite, this.compressionMethod, this.clientWriteKey, this.clientWriteIV, this.clientWriteMACKey));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setCurrentWriteState() {
        this.session.setWriteState(this.isClient ? new DTLSConnectionState(this.cipherSuite, this.compressionMethod, this.clientWriteKey, this.clientWriteIV, this.clientWriteMACKey) : new DTLSConnectionState(this.cipherSuite, this.compressionMethod, this.serverWriteKey, this.serverWriteIV, this.serverWriteMACKey));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<Record> wrapMessage(DTLSMessage dTLSMessage) {
        ArrayList arrayList = new ArrayList();
        ContentType contentType = null;
        if (dTLSMessage instanceof ApplicationMessage) {
            contentType = ContentType.APPLICATION_DATA;
        } else if (dTLSMessage instanceof AlertMessage) {
            contentType = ContentType.ALERT;
        } else if (dTLSMessage instanceof ChangeCipherSpecMessage) {
            contentType = ContentType.CHANGE_CIPHER_SPEC;
        } else if (dTLSMessage instanceof HandshakeMessage) {
            contentType = ContentType.HANDSHAKE;
            HandshakeMessage handshakeMessage = (HandshakeMessage) dTLSMessage;
            setSequenceNumber(handshakeMessage);
            byte[] fragmentToByteArray = handshakeMessage.fragmentToByteArray();
            if (fragmentToByteArray.length > this.maxFragmentLength) {
                int messageSeq = handshakeMessage.getMessageSeq();
                int length = (fragmentToByteArray.length / this.maxFragmentLength) + 1;
                int i = 0;
                for (int i2 = 0; i2 < length; i2++) {
                    int i3 = this.maxFragmentLength;
                    if (i + i3 > fragmentToByteArray.length) {
                        i3 = fragmentToByteArray.length - i;
                    }
                    byte[] bArr = new byte[i3];
                    System.arraycopy(fragmentToByteArray, i, bArr, 0, i3);
                    FragmentedHandshakeMessage fragmentedHandshakeMessage = new FragmentedHandshakeMessage(bArr, handshakeMessage.getMessageType(), i, fragmentToByteArray.length);
                    fragmentedHandshakeMessage.setMessageSeq(messageSeq);
                    i += bArr.length;
                    arrayList.add(new Record(contentType, this.session.getWriteEpoch(), this.session.getSequenceNumber(), fragmentedHandshakeMessage, this.session));
                }
            }
        }
        if (arrayList.isEmpty()) {
            arrayList.add(new Record(contentType, this.session.getWriteEpoch(), this.session.getSequenceNumber(), dTLSMessage, this.session));
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean processMessageNext(Record record) throws HandshakeException {
        int epoch = record.getEpoch();
        if (epoch < this.session.getReadEpoch()) {
            if (!LOGGER.isLoggable(Level.INFO)) {
                return false;
            }
            LOGGER.info("Discarded message from " + this.endpointAddress.toString() + " due to older epoch.");
            return false;
        }
        if (epoch != this.session.getReadEpoch()) {
            this.queuedMessages.add(record);
            return false;
        }
        DTLSMessage fragment = record.getFragment();
        if ((fragment instanceof AlertMessage) || (fragment instanceof ChangeCipherSpecMessage)) {
            return true;
        }
        if (!(fragment instanceof HandshakeMessage)) {
            return false;
        }
        int messageSeq = ((HandshakeMessage) fragment).getMessageSeq();
        if (messageSeq == this.nextReceiveSeq) {
            if (fragment instanceof FragmentedHandshakeMessage) {
                return true;
            }
            incrementNextReceiveSeq();
            return true;
        }
        if (messageSeq > this.nextReceiveSeq) {
            if (LOGGER.isLoggable(Level.INFO)) {
                LOGGER.info("Queued newer message from same epoch, message_seq: " + messageSeq + ", next_receive_seq: " + this.nextReceiveSeq);
            }
            this.queuedMessages.add(record);
            return false;
        }
        if (!LOGGER.isLoggable(Level.INFO)) {
            return false;
        }
        LOGGER.info("Discarded message due to older message_seq: " + messageSeq + ", next_receive_seq: " + this.nextReceiveSeq);
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public HandshakeMessage handleFragmentation(FragmentedHandshakeMessage fragmentedHandshakeMessage) throws HandshakeException {
        int messageSeq = fragmentedHandshakeMessage.getMessageSeq();
        if (this.fragmentedMessages.get(Integer.valueOf(messageSeq)) == null) {
            this.fragmentedMessages.put(Integer.valueOf(messageSeq), new ArrayList());
        }
        this.fragmentedMessages.get(Integer.valueOf(messageSeq)).add(fragmentedHandshakeMessage);
        HandshakeMessage reassembleFragments = reassembleFragments(messageSeq, fragmentedHandshakeMessage.getMessageLength(), fragmentedHandshakeMessage.getMessageType(), this.session);
        if (reassembleFragments != null) {
            incrementNextReceiveSeq();
            this.fragmentedMessages.remove(Integer.valueOf(messageSeq));
        }
        return reassembleFragments;
    }

    protected HandshakeMessage reassembleFragments(int i, int i2, HandshakeType handshakeType, DTLSSession dTLSSession) throws HandshakeException {
        List<FragmentedHandshakeMessage> list = this.fragmentedMessages.get(Integer.valueOf(i));
        HandshakeMessage handshakeMessage = null;
        Collections.sort(list, new Comparator<FragmentedHandshakeMessage>() { // from class: org.eclipse.californium.scandium.dtls.Handshaker.1
            @Override // java.util.Comparator
            public int compare(FragmentedHandshakeMessage fragmentedHandshakeMessage, FragmentedHandshakeMessage fragmentedHandshakeMessage2) {
                if (fragmentedHandshakeMessage.getFragmentOffset() == fragmentedHandshakeMessage2.getFragmentOffset()) {
                    return 0;
                }
                return fragmentedHandshakeMessage.getFragmentOffset() < fragmentedHandshakeMessage2.getFragmentOffset() ? -1 : 1;
            }
        });
        byte[] bArr = new byte[0];
        int i3 = 0;
        for (FragmentedHandshakeMessage fragmentedHandshakeMessage : list) {
            int fragmentOffset = fragmentedHandshakeMessage.getFragmentOffset();
            int fragmentLength = fragmentedHandshakeMessage.getFragmentLength();
            if (fragmentOffset == i3) {
                bArr = ByteArrayUtils.concatenate(bArr, fragmentedHandshakeMessage.fragmentToByteArray());
                i3 = bArr.length;
            } else if (fragmentOffset < i3 && fragmentOffset + fragmentLength > i3) {
                int i4 = i3 - fragmentOffset;
                int i5 = fragmentLength - i4;
                byte[] bArr2 = new byte[i5];
                System.arraycopy(fragmentedHandshakeMessage.fragmentToByteArray(), i4, bArr2, 0, i5);
                bArr = ByteArrayUtils.concatenate(bArr, bArr2);
                i3 = bArr.length;
            }
        }
        if (bArr.length == i2) {
            byte[] byteArray = new FragmentedHandshakeMessage(handshakeType, i2, i, 0, bArr).toByteArray();
            CipherSuite.KeyExchangeAlgorithm keyExchangeAlgorithm = CipherSuite.KeyExchangeAlgorithm.NULL;
            boolean z = false;
            if (dTLSSession != null) {
                keyExchangeAlgorithm = dTLSSession.getKeyExchange();
                z = dTLSSession.receiveRawPublicKey();
            }
            handshakeMessage = HandshakeMessage.fromByteArray(byteArray, keyExchangeAlgorithm, z);
        }
        return handshakeMessage;
    }

    public CipherSuite getCipherSuite() {
        return this.cipherSuite;
    }

    public void setCipherSuite(CipherSuite cipherSuite) {
        this.cipherSuite = cipherSuite;
        this.keyExchange = cipherSuite.getKeyExchange();
        this.session.setKeyExchange(this.keyExchange);
        this.session.setCipherSuite(cipherSuite);
    }

    public byte[] getMasterSecret() {
        return this.masterSecret;
    }

    public SecretKey getClientWriteMACKey() {
        return this.clientWriteMACKey;
    }

    public SecretKey getServerWriteMACKey() {
        return this.serverWriteMACKey;
    }

    public IvParameterSpec getClientWriteIV() {
        return this.clientWriteIV;
    }

    public IvParameterSpec getServerWriteIV() {
        return this.serverWriteIV;
    }

    public SecretKey getClientWriteKey() {
        return this.clientWriteKey;
    }

    public SecretKey getServerWriteKey() {
        return this.serverWriteKey;
    }

    public DTLSSession getSession() {
        return this.session;
    }

    public void setSession(DTLSSession dTLSSession) {
        this.session = dTLSSession;
    }

    public void setSequenceNumber(HandshakeMessage handshakeMessage) {
        handshakeMessage.setMessageSeq(this.sequenceNumber);
        this.sequenceNumber++;
    }

    public RawData getMessage() {
        return this.message;
    }

    public void setMessage(RawData rawData) {
        this.message = rawData;
    }

    public int getNextReceiveSeq() {
        return this.nextReceiveSeq;
    }

    public void incrementNextReceiveSeq() {
        this.nextReceiveSeq++;
    }

    public CompressionMethod getCompressionMethod() {
        return this.compressionMethod;
    }

    public void setCompressionMethod(CompressionMethod compressionMethod) {
        this.compressionMethod = compressionMethod;
        this.session.setCompressionMethod(compressionMethod);
    }

    public int getMaxFragmentLength() {
        return this.maxFragmentLength;
    }

    public void setMaxFragmentLength(int i) {
        this.maxFragmentLength = i;
    }
}
