package org.drasyl.remote.handler.crypto;

import com.google.common.cache.CacheBuilder;
import com.google.protobuf.MessageLite;
import java.time.Duration;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.OptionalLong;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.TimeUnit;
import java.util.function.LongUnaryOperator;
import org.drasyl.crypto.Crypto;
import org.drasyl.crypto.CryptoException;
import org.drasyl.event.LongTimeEncryptionEvent;
import org.drasyl.event.Peer;
import org.drasyl.event.PerfectForwardSecrecyEncryptionEvent;
import org.drasyl.identity.IdentityPublicKey;
import org.drasyl.identity.KeyAgreementPublicKey;
import org.drasyl.pipeline.HandlerContext;
import org.drasyl.pipeline.address.Address;
import org.drasyl.pipeline.skeleton.SimpleDuplexRemoteEnvelopeSkipLoopbackHandler;
import org.drasyl.remote.protocol.Protocol;
import org.drasyl.remote.protocol.RemoteEnvelope;
import org.drasyl.util.FutureCombiner;
import org.drasyl.util.logging.Logger;
import org.drasyl.util.logging.LoggerFactory;

/* loaded from: input_file:org/drasyl/remote/handler/crypto/ArmHandler.class */
public class ArmHandler extends SimpleDuplexRemoteEnvelopeSkipLoopbackHandler<RemoteEnvelope<? extends MessageLite>, RemoteEnvelope<? extends MessageLite>, Address> {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) ArmHandler.class);
    private final Map<IdentityPublicKey, Session> sessions;
    private final Crypto crypto;
    private final Duration expireAfter;
    private final Duration retryInterval;
    private final int maxAgreements;
    private final LongUnaryOperator updateLastModificationTime;

    protected ArmHandler(Map<IdentityPublicKey, Session> map, Crypto crypto, int i, Duration duration, Duration duration2) {
        this.sessions = map;
        this.crypto = crypto;
        this.maxAgreements = i;
        this.expireAfter = duration;
        this.retryInterval = duration2;
        this.updateLastModificationTime = j -> {
            return j < System.currentTimeMillis() - duration2.toMillis() ? System.currentTimeMillis() : j;
        };
    }

    public ArmHandler(int i, int i2, Duration duration, Duration duration2) {
        this(CacheBuilder.newBuilder().expireAfterAccess(duration.toMillis(), TimeUnit.MILLISECONDS).maximumSize(i).build().asMap(), Crypto.INSTANCE, i2, duration, duration2);
    }

    @Override // org.drasyl.pipeline.skeleton.SimpleDuplexRemoteEnvelopeSkipLoopbackHandler
    protected void filteredOutbound(HandlerContext handlerContext, Address address, RemoteEnvelope<? extends MessageLite> remoteEnvelope, CompletableFuture<Void> completableFuture) throws Exception {
        IdentityPublicKey recipient = remoteEnvelope.getRecipient();
        Session session = getSession(handlerContext, recipient);
        if (this.maxAgreements > 0) {
            handlerContext.independentScheduler().scheduleDirect(() -> {
                checkForRenewAgreement(handlerContext, session, address, recipient);
            });
        }
        Optional<Agreement> value = session.getCurrentActiveAgreement().getValue();
        if (value.isPresent() && value.get().isInitialized() && !value.get().isStale()) {
            ArmHandlerUtil.sendEncrypted(value.get().getSessionPair().get(), value.get().getAgreementId().get(), handlerContext, address, remoteEnvelope, completableFuture);
            return;
        }
        ArmHandlerUtil.sendEncrypted(session.getLongTimeAgreementPair(), session.getLongTimeAgreementId(), handlerContext, address, remoteEnvelope, completableFuture);
        if (this.maxAgreements > 0) {
            handlerContext.independentScheduler().scheduleDirect(() -> {
                doKeyExchange(session, handlerContext, address, recipient);
            });
        }
    }

    @Override // org.drasyl.pipeline.skeleton.SimpleDuplexRemoteEnvelopeSkipLoopbackHandler
    protected void filteredInbound(HandlerContext handlerContext, Address address, RemoteEnvelope<? extends MessageLite> remoteEnvelope, CompletableFuture<Void> completableFuture) throws Exception {
        RemoteEnvelope<? extends MessageLite> decrypt;
        IdentityPublicKey sender = remoteEnvelope.getSender();
        Session session = getSession(handlerContext, sender);
        AgreementId agreementId = remoteEnvelope.getAgreementId();
        boolean z = false;
        if (this.maxAgreements > 0) {
            handlerContext.independentScheduler().scheduleDirect(() -> {
                checkForRenewAgreement(handlerContext, session, address, sender);
            });
        }
        if (agreementId == null) {
            handlerContext.passInbound(address, remoteEnvelope, completableFuture);
            return;
        }
        if (session.getLongTimeAgreementId().equals(agreementId)) {
            decrypt = ArmHandlerUtil.decrypt(session.getLongTimeAgreementPair(), remoteEnvelope);
            z = true;
        } else {
            Agreement agreement = session.getInitializedAgreements().get(agreementId);
            Optional<Agreement> value = session.getCurrentInactiveAgreement().getValue();
            if (agreement != null && agreement.getSessionPair().isPresent()) {
                decrypt = ArmHandlerUtil.decrypt(agreement.getSessionPair().get(), remoteEnvelope);
                if (agreement.isStale()) {
                    session.getInitializedAgreements().remove(agreementId);
                    session.getCurrentActiveAgreement().computeOnCondition(agreement2 -> {
                        return agreementId.equals(agreement2.getAgreementId().orElse(null));
                    }, agreement3 -> {
                        handlerContext.passEvent(LongTimeEncryptionEvent.of(Peer.of(sender)), new CompletableFuture<>());
                        return null;
                    });
                }
            } else {
                if (!value.isPresent() || !agreementId.equals(value.get().getAgreementId().orElse(null))) {
                    completableFuture.completeExceptionally(new CryptoException("Decryption-Error: agreement id could not be found. Message was dropped."));
                    LOG.debug("Agreement id `{}` could not be found. Dropped message: {}", () -> {
                        return agreementId;
                    }, () -> {
                        return remoteEnvelope;
                    });
                    if (this.maxAgreements > 0) {
                        doKeyExchange(session, handlerContext, address, sender);
                        return;
                    }
                    return;
                }
                receivedAcknowledgement(handlerContext, agreementId, session, sender);
                decrypt = ArmHandlerUtil.decrypt(session.getInitializedAgreements().get(agreementId).getSessionPair().orElse(null), remoteEnvelope);
            }
        }
        if (this.maxAgreements > 0 && z && decrypt.getPrivateHeader().getType() == Protocol.MessageType.KEY_EXCHANGE) {
            receivedKeyExchangeMessage(handlerContext, address, decrypt, session, completableFuture);
        } else if (this.maxAgreements <= 0 || decrypt.getPrivateHeader().getType() != Protocol.MessageType.KEY_EXCHANGE_ACKNOWLEDGEMENT) {
            handlerContext.passInbound(address, decrypt, completableFuture);
        } else {
            receivedAcknowledgement(handlerContext, AgreementId.of(decrypt.getBodyAndRelease().getAgreementId().toByteArray()), session, sender);
            completableFuture.complete(null);
        }
    }

    private Session getSession(HandlerContext handlerContext, IdentityPublicKey identityPublicKey) {
        return this.sessions.computeIfAbsent(identityPublicKey, identityPublicKey2 -> {
            try {
                return new Session(AgreementId.of(handlerContext.identity().getKeyAgreementPublicKey(), identityPublicKey.getLongTimeKeyAgreementKey()), this.crypto.generateSessionKeyPair(handlerContext.identity().getKeyAgreementKeyPair(), identityPublicKey.getLongTimeKeyAgreementKey()), this.maxAgreements, this.expireAfter);
            } catch (CryptoException e) {
                throw new RuntimeException(e);
            }
        });
    }

    private Agreement computeOnEmptyOrStaleAgreement(Session session, IdentityPublicKey identityPublicKey, HandlerContext handlerContext) {
        return session.getCurrentActiveAgreement().computeOnCondition(agreement -> {
            return agreement != null && agreement.isStale();
        }, agreement2 -> {
            handlerContext.passEvent(LongTimeEncryptionEvent.of(Peer.of(identityPublicKey)), new CompletableFuture<>());
            return null;
        }).orElseGet(() -> {
            return ArmHandlerUtil.computeInactiveAgreementIfNeeded(this.crypto, session);
        });
    }

    private void doKeyExchange(Session session, HandlerContext handlerContext, Address address, IdentityPublicKey identityPublicKey) {
        Agreement computeOnEmptyOrStaleAgreement = computeOnEmptyOrStaleAgreement(session, identityPublicKey, handlerContext);
        if (session.getLastKeyExchangeAt().getAndUpdate(this.updateLastModificationTime) < System.currentTimeMillis() - this.retryInterval.toMillis()) {
            LOG.trace("[{} => {}] Send key exchange message, do to key exchange overdue", () -> {
                return handlerContext.identity().getIdentityPublicKey().toString().substring(0, 4);
            }, () -> {
                return identityPublicKey.toString().substring(0, 4);
            });
            ArmHandlerUtil.sendKeyExchangeMsg(handlerContext, session, computeOnEmptyOrStaleAgreement, address, identityPublicKey);
        }
    }

    private void receivedAcknowledgement(HandlerContext handlerContext, AgreementId agreementId, Session session, IdentityPublicKey identityPublicKey) {
        LOG.trace("[{} <= {}] Received ack message", () -> {
            return handlerContext.identity().getIdentityPublicKey().toString().substring(0, 4);
        }, () -> {
            return identityPublicKey.toString().substring(0, 4);
        });
        session.getCurrentInactiveAgreement().computeOnCondition(agreement -> {
            return agreement != null && agreementId.equals(agreement.getAgreementId().orElse(null));
        }, agreement2 -> {
            Agreement build = agreement2.toBuilder().setStaleAt(OptionalLong.of(System.currentTimeMillis() + this.expireAfter.toMillis())).build();
            session.getInitializedAgreements().put(agreementId, build);
            session.getCurrentActiveAgreement().computeOnCondition(agreement2 -> {
                return true;
            }, agreement3 -> {
                return build;
            });
            handlerContext.passEvent(PerfectForwardSecrecyEncryptionEvent.of(Peer.of(identityPublicKey)), new CompletableFuture<>());
            return null;
        });
    }

    private void receivedKeyExchangeMessage(HandlerContext handlerContext, Address address, RemoteEnvelope<? extends MessageLite> remoteEnvelope, Session session, CompletableFuture<Void> completableFuture) {
        handlerContext.independentScheduler().scheduleDirect(() -> {
            try {
                IdentityPublicKey sender = remoteEnvelope.getSender();
                KeyAgreementPublicKey of = KeyAgreementPublicKey.of(remoteEnvelope.getBodyAndRelease().getSessionKey().toByteArray());
                LOG.trace("[{} <= {}] Received key exchange message", () -> {
                    return handlerContext.identity().getIdentityPublicKey().toString().substring(0, 4);
                }, () -> {
                    return sender.toString().substring(0, 4);
                });
                ArmHandlerUtil.computeInactiveAgreementIfNeeded(this.crypto, session);
                session.getCurrentInactiveAgreement().computeOnCondition((v0) -> {
                    return Objects.nonNull(v0);
                }, agreement -> {
                    return agreement.toBuilder().setRecipientsKeyAgreementKey(Optional.of(of)).setAgreementId(Optional.of(AgreementId.of(agreement.getKeyPair().getPublicKey(), of))).build();
                });
                doKeyExchange(session, handlerContext, address, sender);
                FutureCombiner.getInstance().add(ArmHandlerUtil.sendAck(handlerContext, address, sender, session)).combine(completableFuture);
            } catch (Exception e) {
                completableFuture.completeExceptionally(new CryptoException(e));
            }
        });
    }

    private void checkForRenewAgreement(HandlerContext handlerContext, Session session, Address address, IdentityPublicKey identityPublicKey) {
        Optional<Agreement> computeOnCondition = session.getCurrentActiveAgreement().computeOnCondition(agreement -> {
            return agreement != null && agreement.isStale();
        }, agreement2 -> {
            handlerContext.passEvent(LongTimeEncryptionEvent.of(Peer.of(identityPublicKey)), new CompletableFuture<>());
            return null;
        });
        if (computeOnCondition.isPresent() && computeOnCondition.get().isRenewable() && session.getLastRenewAttemptAt().getAndUpdate(this.updateLastModificationTime) < System.currentTimeMillis() - this.retryInterval.toMillis()) {
            Agreement computeInactiveAgreementIfNeeded = ArmHandlerUtil.computeInactiveAgreementIfNeeded(this.crypto, session);
            LOG.trace("[{} => {}] Send key exchange message, do to renewable", () -> {
                return handlerContext.identity().getIdentityPublicKey().toString().substring(0, 4);
            }, () -> {
                return identityPublicKey.toString().substring(0, 4);
            });
            ArmHandlerUtil.sendKeyExchangeMsg(handlerContext, session, computeInactiveAgreementIfNeeded, address, identityPublicKey);
        }
    }
}
