package org.eclipse.californium.scandium.dtls;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.eclipse.californium.scandium.dtls.AlertMessage;
import org.eclipse.californium.scandium.dtls.cipher.CCMBlockCipher;
import org.eclipse.californium.scandium.dtls.cipher.CipherSuite;
import org.eclipse.californium.scandium.util.ByteArrayUtils;
import org.eclipse.californium.scandium.util.DatagramReader;
import org.eclipse.californium.scandium.util.DatagramWriter;
import org.infinispan.transaction.xa.recovery.RecoveryAdminOperations;

/* loaded from: input_file:org/eclipse/californium/scandium/dtls/Record.class */
public class Record {
    protected static final Logger LOGGER = Logger.getLogger(Record.class.getCanonicalName());
    private static final int CONTENT_TYPE_BITS = 8;
    private static final int VERSION_BITS = 8;
    private static final int EPOCH_BITS = 16;
    private static final int SEQUENCE_NUMBER_BITS = 48;
    private static final int LENGTH_BITS = 16;
    private ContentType type;
    private ProtocolVersion version;
    private int epoch;
    private long sequenceNumber;
    private int length;
    private DTLSMessage fragment;
    private byte[] fragmentBytes;
    private DTLSSession session;

    public Record(ContentType contentType, ProtocolVersion protocolVersion, int i, long j, int i2, byte[] bArr) {
        this.type = null;
        this.version = new ProtocolVersion();
        this.epoch = -1;
        this.length = 0;
        this.fragment = null;
        this.fragmentBytes = null;
        this.type = contentType;
        this.version = protocolVersion;
        this.epoch = i;
        this.sequenceNumber = j;
        this.length = i2;
        this.fragmentBytes = bArr;
    }

    public Record(ContentType contentType, int i, int i2, DTLSMessage dTLSMessage, DTLSSession dTLSSession) {
        this.type = null;
        this.version = new ProtocolVersion();
        this.epoch = -1;
        this.length = 0;
        this.fragment = null;
        this.fragmentBytes = null;
        this.type = contentType;
        this.epoch = i;
        this.sequenceNumber = i2;
        this.session = dTLSSession;
        setFragment(dTLSMessage);
    }

    public byte[] toByteArray() {
        DatagramWriter datagramWriter = new DatagramWriter();
        datagramWriter.write(this.type.getCode(), 8);
        datagramWriter.write(this.version.getMajor(), 8);
        datagramWriter.write(this.version.getMinor(), 8);
        datagramWriter.write(this.epoch, 16);
        datagramWriter.writeLong(this.sequenceNumber, 48);
        this.length = this.fragmentBytes.length;
        datagramWriter.write(this.length, 16);
        datagramWriter.writeBytes(this.fragmentBytes);
        return datagramWriter.toByteArray();
    }

    public static List<Record> fromByteArray(byte[] bArr) {
        ArrayList arrayList = new ArrayList();
        DatagramReader datagramReader = new DatagramReader(bArr);
        while (true) {
            if (!datagramReader.bytesAvailable()) {
                break;
            }
            int read = datagramReader.read(8);
            ContentType typeByValue = ContentType.getTypeByValue(read);
            if (typeByValue != null) {
                ProtocolVersion protocolVersion = new ProtocolVersion(datagramReader.read(8), datagramReader.read(8));
                int read2 = datagramReader.read(16);
                long readLong = datagramReader.readLong(48);
                int read3 = datagramReader.read(16);
                arrayList.add(new Record(typeByValue, protocolVersion, read2, readLong, read3, datagramReader.readBytes(read3)));
            } else if (LOGGER.isLoggable(Level.WARNING)) {
                LOGGER.warning(String.format("Received illegal record content type: %s", Integer.valueOf(read)));
            }
        }
        return arrayList;
    }

    private byte[] encryptFragment(byte[] bArr) {
        if (this.session == null) {
            return bArr;
        }
        byte[] bArr2 = bArr;
        switch (this.session.getWriteState().getCipherSuite().getCipherType()) {
            case AEAD:
                bArr2 = encryptAEAD(bArr);
                break;
        }
        return bArr2;
    }

    private byte[] decryptFragment(byte[] bArr) throws HandshakeException {
        if (this.session == null) {
            return bArr;
        }
        byte[] bArr2 = bArr;
        switch (this.session.getReadState().getCipherSuite().getCipherType()) {
            case AEAD:
                bArr2 = decryptAEAD(bArr);
                break;
        }
        return bArr2;
    }

    protected byte[] encryptAEAD(byte[] bArr) {
        return ByteArrayUtils.concatenate(generateExplicitNonce(), CCMBlockCipher.encrypt(this.session.getWriteState().getEncryptionKey().getEncoded(), generateNonce(this.session.getWriteState().getIv().getIV()), generateAdditionalData(getLength()), bArr, 8));
    }

    protected byte[] decryptAEAD(byte[] bArr) throws HandshakeException {
        byte[] iv = this.session.getReadState().getIv().getIV();
        byte[] encoded = this.session.getReadState().getEncryptionKey().getEncoded();
        byte[] generateAdditionalData = generateAdditionalData(getLength() - 16);
        DatagramReader datagramReader = new DatagramReader(bArr);
        byte[] generateExplicitNonce = generateExplicitNonce();
        byte[] readBytes = datagramReader.readBytes(8);
        if (!Arrays.equals(generateExplicitNonce, readBytes) && LOGGER.isLoggable(Level.FINE)) {
            StringBuffer stringBuffer = new StringBuffer("The explicit nonce used by the sender does not match the values provided in the DTLS record");
            stringBuffer.append("\nUsed    : ").append(ByteArrayUtils.toHexString(readBytes));
            stringBuffer.append("\nExpected: ").append(ByteArrayUtils.toHexString(generateExplicitNonce));
            LOGGER.log(Level.FINE, stringBuffer.toString());
        }
        return CCMBlockCipher.decrypt(encoded, getNonce(iv, readBytes), generateAdditionalData, datagramReader.readBytesLeft(), 8);
    }

    private byte[] generateNonce(byte[] bArr) {
        return getNonce(bArr, generateExplicitNonce());
    }

    private byte[] getNonce(byte[] bArr, byte[] bArr2) {
        DatagramWriter datagramWriter = new DatagramWriter();
        datagramWriter.writeBytes(bArr);
        datagramWriter.writeBytes(bArr2);
        return datagramWriter.toByteArray();
    }

    private byte[] generateExplicitNonce() {
        DatagramWriter datagramWriter = new DatagramWriter();
        datagramWriter.write(this.epoch, 16);
        datagramWriter.writeLong(this.sequenceNumber, 48);
        return datagramWriter.toByteArray();
    }

    private byte[] generateAdditionalData(int i) {
        DatagramWriter datagramWriter = new DatagramWriter();
        datagramWriter.write(this.epoch, 16);
        datagramWriter.writeLong(this.sequenceNumber, 48);
        datagramWriter.write(this.type.getCode(), 8);
        datagramWriter.write(this.version.getMajor(), 8);
        datagramWriter.write(this.version.getMinor(), 8);
        datagramWriter.write(i, 16);
        return datagramWriter.toByteArray();
    }

    public ContentType getType() {
        return this.type;
    }

    public void setType(ContentType contentType) {
        this.type = contentType;
    }

    public ProtocolVersion getVersion() {
        return this.version;
    }

    public void setVersion(ProtocolVersion protocolVersion) {
        this.version = protocolVersion;
    }

    public int getEpoch() {
        return this.epoch;
    }

    public void setEpoch(int i) {
        this.epoch = i;
    }

    public long getSequenceNumber() {
        return this.sequenceNumber;
    }

    public void setSequenceNumber(int i) {
        this.sequenceNumber = i;
    }

    public int getLength() {
        return this.length;
    }

    public void setLength(int i) {
        this.length = i;
    }

    public DTLSSession getSession() {
        return this.session;
    }

    public void setSession(DTLSSession dTLSSession) {
        this.session = dTLSSession;
    }

    public byte[] getFragmentBytes() {
        return this.fragmentBytes;
    }

    public DTLSMessage getFragment() throws HandshakeException {
        if (this.fragment == null) {
            switch (this.type) {
                case ALERT:
                    byte[] decryptFragment = decryptFragment(this.fragmentBytes);
                    if (decryptFragment != null) {
                        this.fragment = AlertMessage.fromByteArray(decryptFragment);
                        break;
                    }
                    break;
                case APPLICATION_DATA:
                    byte[] decryptFragment2 = decryptFragment(this.fragmentBytes);
                    if (decryptFragment2 != null) {
                        this.fragment = ApplicationMessage.fromByteArray(decryptFragment2);
                        break;
                    }
                    break;
                case CHANGE_CIPHER_SPEC:
                    byte[] decryptFragment3 = decryptFragment(this.fragmentBytes);
                    if (decryptFragment3 != null) {
                        this.fragment = ChangeCipherSpecMessage.fromByteArray(decryptFragment3);
                        break;
                    }
                    break;
                case HANDSHAKE:
                    byte[] decryptFragment4 = decryptFragment(this.fragmentBytes);
                    CipherSuite.KeyExchangeAlgorithm keyExchangeAlgorithm = CipherSuite.KeyExchangeAlgorithm.NULL;
                    boolean z = false;
                    if (this.session != null) {
                        keyExchangeAlgorithm = this.session.getKeyExchange();
                        z = this.session.receiveRawPublicKey();
                    }
                    if (decryptFragment4 != null) {
                        this.fragment = HandshakeMessage.fromByteArray(decryptFragment4, keyExchangeAlgorithm, z);
                        break;
                    }
                    break;
                default:
                    LOGGER.severe("Unknown content type: " + this.type);
                    break;
            }
        }
        if (this.fragment == null) {
            throw new HandshakeException("The decryption failed.", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.BAD_RECORD_MAC));
        }
        return this.fragment;
    }

    public void setFragment(DTLSMessage dTLSMessage) {
        if (this.fragmentBytes == null) {
            byte[] byteArray = dTLSMessage.toByteArray();
            this.length = byteArray.length;
            switch (this.type) {
                case ALERT:
                case APPLICATION_DATA:
                case CHANGE_CIPHER_SPEC:
                case HANDSHAKE:
                    byteArray = encryptFragment(byteArray);
                    break;
                default:
                    LOGGER.severe("Unknown content type: " + this.type.toString());
                    break;
            }
            this.fragmentBytes = byteArray;
        }
        this.fragment = dTLSMessage;
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("==[ DTLS Message  ]============================================\n");
        sb.append("Content Type: " + this.type.toString() + "\n");
        sb.append("Version: " + this.version.getMajor() + RecoveryAdminOperations.SEPARATOR + this.version.getMinor() + "\n");
        sb.append("Epoch: " + this.epoch + "\n");
        sb.append("Sequence Number: " + this.sequenceNumber + "\n");
        sb.append("Length: " + this.length + "\n");
        sb.append(this.fragment.toString());
        sb.append("===============================================================");
        return sb.toString();
    }
}
