package nl.sidnlabs.pcap.decoder;

import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import nl.sidnlabs.pcap.PcapReaderUtil;
import nl.sidnlabs.pcap.packet.DNSPacket;
import nl.sidnlabs.pcap.packet.FlowData;
import nl.sidnlabs.pcap.packet.Packet;
import nl.sidnlabs.pcap.packet.SequencePayload;
import nl.sidnlabs.pcap.packet.TCPFlow;
import nl.sidnlabs.pcap.packet.TcpHandshake;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:nl/sidnlabs/pcap/decoder/TCPDecoder.class */
public class TCPDecoder implements Decoder {
    private static final Logger log = LogManager.getLogger(TCPDecoder.class);
    private static final int PROTOCOL_HEADER_TCP_SEQ_OFFSET = 4;
    private static final int PROTOCOL_HEADER_TCP_ACK_OFFSET = 8;
    private static final int TCP_HEADER_DATA_OFFSET = 12;
    private static final int PROTOCOL_HEADER_WINDOW_SIZE_OFFSET = 14;
    private static final int PROTOCOL_HEADER_OPTIONS_OFFSET = 20;
    private static final int PROTOCOL_HEADER_OPTION_LEN_MASK = 31;
    private static final int PROTOCOL_HEADER_OPTION_TIMESTAMP = 8;
    private static final int TCP_DNS_LENGTH_PREFIX = 2;
    private DNSDecoder dnsDecoder;
    private Map<TCPFlow, FlowData> flows;
    private Map<TCPFlow, TcpHandshake> handshakes;
    private int packetCounter;
    private int reqPacketCounter;
    private int rspPacketCounter;
    private int dnsRspMsgCounter;
    private int dnsReqMsgCounter;

    public TCPDecoder() {
        this(false);
    }

    public TCPDecoder(boolean z) {
        this.flows = new HashMap();
        this.handshakes = new HashMap();
        this.packetCounter = 0;
        this.reqPacketCounter = 0;
        this.rspPacketCounter = 0;
        this.dnsRspMsgCounter = 0;
        this.dnsReqMsgCounter = 0;
        this.dnsDecoder = new DNSDecoder(z);
    }

    @Override // nl.sidnlabs.pcap.decoder.Decoder
    public Packet reassemble(Packet packet, byte[] bArr) {
        this.packetCounter++;
        if (log.isDebugEnabled()) {
            log.debug("Received {} packets", Integer.valueOf(this.packetCounter));
        }
        byte[] decode = decode(packet, bArr);
        if (!isDNS(packet)) {
            return Packet.NULL;
        }
        if (packet.isTcpFlagRst()) {
            if (log.isDebugEnabled()) {
                log.debug("Connection RESET for src: {} dst: {}", packet.getSrc(), packet.getDst());
            }
            TCPFlow flow = packet.getFlow();
            this.handshakes.remove(flow);
            this.flows.remove(flow);
            return Packet.NULL;
        }
        TCPFlow flow2 = packet.getFlow();
        boolean z = packet.getSrcPort() == 53;
        boolean z2 = decode.length > 0;
        if (handshake(packet, z)) {
            return Packet.NULL;
        }
        if (packet.isTcpFlagAck() && !z2) {
            return Packet.NULL;
        }
        FlowData flowData = this.flows.get(flow2);
        if (flowData == null) {
            if (decode.length < 2) {
                return Packet.NULL;
            }
            flowData = new FlowData();
            this.flows.put(flow2, flowData);
        }
        if (z2) {
            flowData.addPayload(new SequencePayload(Long.valueOf(packet.getTcpSeq()), decode, System.currentTimeMillis(), flow2));
            if (flowData.size() == 1) {
                flowData.setBytesAvail(decode.length);
            } else {
                flowData.setBytesAvail(flowData.getBytesAvail() + decode.length);
            }
        }
        if (packet.isTcpFlagFin() && flowData != null && !flowData.isMinPayloadAvail()) {
            this.flows.remove(flow2);
            return Packet.NULL;
        }
        if (packet.isTcpFlagFin() || packet.isTcpFlagPsh() || packet.isTcpFlagAck()) {
            if (!flowData.isMinPayloadAvail()) {
                return Packet.NULL;
            }
            this.flows.remove(flow2);
            if (flowData != null && flowData.size() > 0) {
                packet.setReassembledTCPFragments(flowData.size());
                byte[] bArr2 = new byte[flowData.getBytesAvail()];
                List<SequencePayload> linkSequencePayloads = linkSequencePayloads(flowData.getSortedPayloads(), packet);
                flowData.setBytesAvail(linkSequencePayloads.stream().mapToInt(sequencePayload -> {
                    return sequencePayload.getBytes().length;
                }).sum());
                if (linkSequencePayloads.isEmpty() || !flowData.isMinPayloadAvail()) {
                    return Packet.NULL;
                }
                int i = 0;
                SequencePayload sequencePayload2 = null;
                for (SequencePayload sequencePayload3 : linkSequencePayloads) {
                    System.arraycopy(sequencePayload3.getBytes(), 0, bArr2, i, sequencePayload3.getBytes().length);
                    i += sequencePayload3.getBytes().length;
                    sequencePayload2 = sequencePayload3;
                }
                TcpHandshake remove = this.handshakes.remove(flow2);
                if (remove != null && TcpHandshake.HANDSHAKE_STATE.ACK_RECV == remove.getState()) {
                    packet.setTcpHandshake(remove);
                }
                if (!z) {
                    this.reqPacketCounter++;
                    byte[] decodeDnsPayload = decodeDnsPayload(packet, bArr2);
                    if (log.isDebugEnabled()) {
                        this.dnsReqMsgCounter += ((DNSPacket) packet).getMessageCount();
                        log.debug("Decoded {} request messages", Integer.valueOf(this.dnsReqMsgCounter));
                    }
                    if (decodeDnsPayload.length > 0 && sequencePayload2 != null) {
                        createNewFlowWithRemainder(flow2, decodeDnsPayload, sequencePayload2, flowData.getLastSize());
                    }
                    return packet;
                }
                byte[] decodeDnsPayload2 = decodeDnsPayload(packet, bArr2);
                if (log.isDebugEnabled()) {
                    this.dnsRspMsgCounter += ((DNSPacket) packet).getMessageCount();
                    log.debug("Decoded {} response messages", Integer.valueOf(this.dnsRspMsgCounter));
                }
                if (decodeDnsPayload2.length > 0 && sequencePayload2 != null) {
                    createNewFlowWithRemainder(flow2, decodeDnsPayload2, sequencePayload2, flowData.getLastSize());
                }
                if (packet != Packet.NULL) {
                    this.rspPacketCounter++;
                    if (log.isDebugEnabled()) {
                        log.debug("Reassembled packet with {} DNS messages", Integer.valueOf(((DNSPacket) packet).getMessageCount()));
                    }
                    return packet;
                }
            }
        }
        return Packet.NULL;
    }

    public byte[] decode(Packet packet, byte[] bArr) {
        packet.setSrcPort(PcapReaderUtil.convertShort(bArr, 0));
        packet.setDstPort(PcapReaderUtil.convertShort(bArr, 2));
        int tcpHeaderLength = getTcpHeaderLength(bArr);
        if (tcpHeaderLength == -1) {
            return new byte[0];
        }
        packet.setTcpHeaderLen(tcpHeaderLength);
        packet.setTcpSeq(PcapReaderUtil.convertUnsignedInt(bArr, 4));
        packet.setTcpAck(PcapReaderUtil.convertUnsignedInt(bArr, 8));
        int convertShort = PcapReaderUtil.convertShort(new byte[]{bArr[12], bArr[13]}) & 511;
        packet.setTcpFlagNs((convertShort & 256) != 0);
        packet.setTcpFlagCwr((convertShort & 128) != 0);
        packet.setTcpFlagEce((convertShort & 64) != 0);
        packet.setTcpFlagUrg((convertShort & 32) != 0);
        packet.setTcpFlagAck((convertShort & 16) != 0);
        packet.setTcpFlagPsh((convertShort & 8) != 0);
        packet.setTcpFlagRst((convertShort & 4) != 0);
        packet.setTcpFlagSyn((convertShort & 2) != 0);
        packet.setTcpFlagFin((convertShort & 1) != 0);
        packet.setTcpWindowSize(PcapReaderUtil.convertShort(bArr, 14));
        int length = bArr.length - tcpHeaderLength;
        byte[] readPayload = PcapReaderUtil.readPayload(bArr, tcpHeaderLength, length);
        packet.setPayloadLength(length);
        packet.setLen(bArr.length);
        return readPayload;
    }

    public long readUnsignedInt(byte[] bArr) {
        int i = 255 & bArr[0];
        int i2 = 255 & bArr[1];
        int i3 = 255 & bArr[2];
        return ((i << 24) | (i2 << 16) | (i3 << 8) | (255 & bArr[3])) & 4294967295L;
    }

    private List<SequencePayload> linkSequencePayloads(List<SequencePayload> list, Packet packet) {
        SequencePayload sequencePayload = null;
        for (SequencePayload sequencePayload2 : list) {
            if (sequencePayload != null && !sequencePayload2.linked(sequencePayload)) {
                log.warn("Packet src: " + packet.getSrc() + " dst: " + packet.getDst() + " has Broken sequence chain between " + sequencePayload2 + " and " + sequencePayload);
                sequencePayload2.setIgnore(true);
                return Collections.emptyList();
            }
            sequencePayload = sequencePayload2;
        }
        return list;
    }

    private void createNewFlowWithRemainder(TCPFlow tCPFlow, byte[] bArr, SequencePayload sequencePayload, long j) {
        sequencePayload.setBytes(bArr);
        FlowData flowData = new FlowData();
        flowData.setBytesAvail(bArr.length);
        flowData.addPayload(sequencePayload);
        flowData.setLastSize(j);
        this.flows.put(tCPFlow, flowData);
    }

    private boolean handshake(Packet packet, boolean z) {
        TcpHandshake tcpHandshake;
        if (!z && packet.isTcpFlagSyn() && !packet.isTcpFlagAck()) {
            if (this.handshakes.containsKey(packet.getFlow())) {
                this.handshakes.remove(packet.getFlow());
                return true;
            }
            TcpHandshake tcpHandshake2 = new TcpHandshake(packet.getTcpSeq());
            tcpHandshake2.setSynTs(packet.getTsMilli());
            this.handshakes.put(packet.getFlow(), tcpHandshake2);
            return true;
        }
        if (!z || !packet.isTcpFlagSyn() || !packet.isTcpFlagAck()) {
            if (z || !packet.isTcpFlagAck() || (tcpHandshake = this.handshakes.get(packet.getFlow())) == null || TcpHandshake.HANDSHAKE_STATE.SYN_ACK_SENT != tcpHandshake.getState() || packet.getTcpAck() - 1 != tcpHandshake.getServerSynSeq()) {
                return false;
            }
            tcpHandshake.setAckTs(packet.getTsMilli());
            tcpHandshake.setState(TcpHandshake.HANDSHAKE_STATE.ACK_RECV);
            tcpHandshake.setClientAckSeq(packet.getTcpSeq());
            return !packet.isTcpFlagPsh();
        }
        TCPFlow reverseFlow = packet.getReverseFlow();
        TcpHandshake tcpHandshake3 = this.handshakes.get(reverseFlow);
        if (tcpHandshake3 == null || tcpHandshake3.getClientSynSeq() != packet.getTcpAck() - 1) {
            if (!log.isDebugEnabled()) {
                return true;
            }
            log.debug("Cannot find handshake for SYN/ACK, maybe a retry?");
            return true;
        }
        if (TcpHandshake.HANDSHAKE_STATE.SYN_RECV != tcpHandshake3.getState()) {
            this.handshakes.remove(reverseFlow);
            return true;
        }
        tcpHandshake3.setState(TcpHandshake.HANDSHAKE_STATE.SYN_ACK_SENT);
        tcpHandshake3.setServerAckSeq(packet.getTcpAck());
        tcpHandshake3.setServerSynSeq(packet.getTcpSeq());
        return true;
    }

    private int getTcpHeaderLength(byte[] bArr) {
        if (12 < bArr.length) {
            return ((bArr[12] >> 4) & 15) * 4;
        }
        return -1;
    }

    private int dnsMessageLen(byte[] bArr, int i) {
        if (bArr != null && bArr.length >= 2) {
            byte[] bArr2 = new byte[2];
            System.arraycopy(bArr, i, bArr2, 0, 2);
            return PcapReaderUtil.convertShort(bArr2);
        }
        if (!log.isDebugEnabled()) {
            return 0;
        }
        log.debug("Reading DNS message len from failed failed, only {} bytes available", Integer.valueOf(bArr.length));
        return 0;
    }

    /* JADX WARN: Code restructure failed: missing block: B:10:0x0049, code lost:
    
        r0 = r9 - 2;
        r0 = new byte[r8.length - r0];
        java.lang.System.arraycopy(r8, r0, r0, 0, r0.length);
     */
    /* JADX WARN: Code restructure failed: missing block: B:11:0x0065, code lost:
    
        return r0;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private byte[] decodeDnsPayload(nl.sidnlabs.pcap.packet.Packet r7, byte[] r8) {
        /*
            r6 = this;
            r0 = 0
            r9 = r0
        L2:
            r0 = r9
            r1 = 2
            int r0 = r0 + r1
            r1 = r8
            int r1 = r1.length
            if (r0 >= r1) goto L69
            r0 = r6
            r1 = r8
            r2 = r9
            int r0 = r0.dnsMessageLen(r1, r2)
            r10 = r0
            int r9 = r9 + 2
            r0 = r10
            if (r0 <= 0) goto L49
            r0 = r9
            r1 = r10
            int r0 = r0 + r1
            r1 = r8
            int r1 = r1.length
            if (r0 > r1) goto L49
            r0 = r10
            byte[] r0 = new byte[r0]
            r11 = r0
            r0 = r8
            r1 = r9
            r2 = r11
            r3 = 0
            r4 = r10
            java.lang.System.arraycopy(r0, r1, r2, r3, r4)
            r0 = r6
            nl.sidnlabs.pcap.decoder.DNSDecoder r0 = r0.dnsDecoder
            r1 = r7
            nl.sidnlabs.pcap.packet.DNSPacket r1 = (nl.sidnlabs.pcap.packet.DNSPacket) r1
            r2 = r11
            nl.sidnlabs.pcap.packet.Packet r0 = r0.decode(r1, r2)
            r7 = r0
            r0 = r9
            r1 = r10
            int r0 = r0 + r1
            r9 = r0
            goto L66
        L49:
            r0 = r9
            r1 = 2
            int r0 = r0 - r1
            r11 = r0
            r0 = r8
            int r0 = r0.length
            r1 = r11
            int r0 = r0 - r1
            byte[] r0 = new byte[r0]
            r12 = r0
            r0 = r8
            r1 = r11
            r2 = r12
            r3 = 0
            r4 = r12
            int r4 = r4.length
            java.lang.System.arraycopy(r0, r1, r2, r3, r4)
            r0 = r12
            return r0
        L66:
            goto L2
        L69:
            org.apache.logging.log4j.Logger r0 = nl.sidnlabs.pcap.decoder.TCPDecoder.log
            boolean r0 = r0.isDebugEnabled()
            if (r0 == 0) goto L89
            r0 = r7
            nl.sidnlabs.pcap.packet.DNSPacket r0 = (nl.sidnlabs.pcap.packet.DNSPacket) r0
            int r0 = r0.getMessageCount()
            r1 = 1
            if (r0 <= r1) goto L89
            org.apache.logging.log4j.Logger r0 = nl.sidnlabs.pcap.decoder.TCPDecoder.log
            java.lang.String r1 = "multiple msg in TCP stream"
            r0.debug(r1)
        L89:
            r0 = r8
            int r0 = r0.length
            r1 = r9
            int r0 = r0 - r1
            r10 = r0
            r0 = r10
            if (r0 <= 0) goto La8
            r0 = r10
            byte[] r0 = new byte[r0]
            r11 = r0
            r0 = r8
            r1 = r9
            r2 = r11
            r3 = 0
            r4 = r11
            int r4 = r4.length
            java.lang.System.arraycopy(r0, r1, r2, r3, r4)
            r0 = r11
            return r0
        La8:
            r0 = 0
            byte[] r0 = new byte[r0]
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: nl.sidnlabs.pcap.decoder.TCPDecoder.decodeDnsPayload(nl.sidnlabs.pcap.packet.Packet, byte[]):byte[]");
    }

    public void clearCache(int i) {
        ArrayList arrayList = new ArrayList();
        long currentTimeMillis = System.currentTimeMillis();
        for (Map.Entry<TCPFlow, FlowData> entry : this.flows.entrySet()) {
            Iterator<SequencePayload> it = entry.getValue().getPayloads().iterator();
            while (true) {
                if (it.hasNext()) {
                    if (it.next().getTime() + i <= currentTimeMillis) {
                        arrayList.add(entry.getKey());
                        break;
                    }
                } else {
                    break;
                }
            }
        }
        log.info("TCP flow cache size: " + this.flows.size());
        log.info("Expired (to be removed) TCP flows: " + arrayList.size());
        arrayList.stream().forEach(tCPFlow -> {
            this.flows.remove(tCPFlow);
        });
    }

    public DNSDecoder getDnsDecoder() {
        return this.dnsDecoder;
    }

    public Map<TCPFlow, FlowData> getFlows() {
        return this.flows;
    }

    public Map<TCPFlow, TcpHandshake> getHandshakes() {
        return this.handshakes;
    }

    public int getPacketCounter() {
        return this.packetCounter;
    }

    public int getReqPacketCounter() {
        return this.reqPacketCounter;
    }

    public int getRspPacketCounter() {
        return this.rspPacketCounter;
    }

    public int getDnsRspMsgCounter() {
        return this.dnsRspMsgCounter;
    }

    public int getDnsReqMsgCounter() {
        return this.dnsReqMsgCounter;
    }

    public void setDnsDecoder(DNSDecoder dNSDecoder) {
        this.dnsDecoder = dNSDecoder;
    }

    public void setFlows(Map<TCPFlow, FlowData> map) {
        this.flows = map;
    }

    public void setHandshakes(Map<TCPFlow, TcpHandshake> map) {
        this.handshakes = map;
    }

    public void setPacketCounter(int i) {
        this.packetCounter = i;
    }

    public void setReqPacketCounter(int i) {
        this.reqPacketCounter = i;
    }

    public void setRspPacketCounter(int i) {
        this.rspPacketCounter = i;
    }

    public void setDnsRspMsgCounter(int i) {
        this.dnsRspMsgCounter = i;
    }

    public void setDnsReqMsgCounter(int i) {
        this.dnsReqMsgCounter = i;
    }

    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof TCPDecoder)) {
            return false;
        }
        TCPDecoder tCPDecoder = (TCPDecoder) obj;
        if (!tCPDecoder.canEqual(this)) {
            return false;
        }
        DNSDecoder dnsDecoder = getDnsDecoder();
        DNSDecoder dnsDecoder2 = tCPDecoder.getDnsDecoder();
        if (dnsDecoder == null) {
            if (dnsDecoder2 != null) {
                return false;
            }
        } else if (!dnsDecoder.equals(dnsDecoder2)) {
            return false;
        }
        Map<TCPFlow, FlowData> flows = getFlows();
        Map<TCPFlow, FlowData> flows2 = tCPDecoder.getFlows();
        if (flows == null) {
            if (flows2 != null) {
                return false;
            }
        } else if (!flows.equals(flows2)) {
            return false;
        }
        Map<TCPFlow, TcpHandshake> handshakes = getHandshakes();
        Map<TCPFlow, TcpHandshake> handshakes2 = tCPDecoder.getHandshakes();
        if (handshakes == null) {
            if (handshakes2 != null) {
                return false;
            }
        } else if (!handshakes.equals(handshakes2)) {
            return false;
        }
        return getPacketCounter() == tCPDecoder.getPacketCounter() && getReqPacketCounter() == tCPDecoder.getReqPacketCounter() && getRspPacketCounter() == tCPDecoder.getRspPacketCounter() && getDnsRspMsgCounter() == tCPDecoder.getDnsRspMsgCounter() && getDnsReqMsgCounter() == tCPDecoder.getDnsReqMsgCounter();
    }

    protected boolean canEqual(Object obj) {
        return obj instanceof TCPDecoder;
    }

    public int hashCode() {
        DNSDecoder dnsDecoder = getDnsDecoder();
        int hashCode = (1 * 59) + (dnsDecoder == null ? 43 : dnsDecoder.hashCode());
        Map<TCPFlow, FlowData> flows = getFlows();
        int hashCode2 = (hashCode * 59) + (flows == null ? 43 : flows.hashCode());
        Map<TCPFlow, TcpHandshake> handshakes = getHandshakes();
        return (((((((((((hashCode2 * 59) + (handshakes == null ? 43 : handshakes.hashCode())) * 59) + getPacketCounter()) * 59) + getReqPacketCounter()) * 59) + getRspPacketCounter()) * 59) + getDnsRspMsgCounter()) * 59) + getDnsReqMsgCounter();
    }

    public String toString() {
        return "TCPDecoder(dnsDecoder=" + getDnsDecoder() + ", flows=" + getFlows() + ", handshakes=" + getHandshakes() + ", packetCounter=" + getPacketCounter() + ", reqPacketCounter=" + getReqPacketCounter() + ", rspPacketCounter=" + getRspPacketCounter() + ", dnsRspMsgCounter=" + getDnsRspMsgCounter() + ", dnsReqMsgCounter=" + getDnsReqMsgCounter() + ")";
    }
}
