package org.openmuc.jdlms;

import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.EOFException;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.List;
import java.util.concurrent.BlockingQueue;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import org.openmuc.jasn1.ber.types.BerObjectIdentifier;
import org.openmuc.jasn1.ber.types.BerOctetString;
import org.openmuc.jdlms.internal.APdu;
import org.openmuc.jdlms.internal.ConfirmedMode;
import org.openmuc.jdlms.internal.EncryptionSettings;
import org.openmuc.jdlms.internal.Settings;
import org.openmuc.jdlms.internal.asn1.axdr.types.AxdrBoolean;
import org.openmuc.jdlms.internal.asn1.cosem.COSEMpdu;
import org.openmuc.jdlms.internal.asn1.cosem.Conformance;
import org.openmuc.jdlms.internal.asn1.cosem.InitiateRequest;
import org.openmuc.jdlms.internal.asn1.cosem.Invoke_Id_And_Priority;
import org.openmuc.jdlms.internal.asn1.cosem.Unsigned16;
import org.openmuc.jdlms.internal.asn1.cosem.Unsigned8;
import org.openmuc.jdlms.internal.asn1.iso.acse.AARE_apdu;
import org.openmuc.jdlms.internal.asn1.iso.acse.AARQ_apdu;
import org.openmuc.jdlms.internal.asn1.iso.acse.ACSE_apdu;
import org.openmuc.jdlms.internal.asn1.iso.acse.ACSE_requirements;
import org.openmuc.jdlms.internal.asn1.iso.acse.AP_title;
import org.openmuc.jdlms.internal.asn1.iso.acse.AP_title_form2;
import org.openmuc.jdlms.internal.asn1.iso.acse.Authentication_value;
import org.openmuc.jdlms.internal.asn1.iso.acse.Mechanism_name;
import org.openmuc.jdlms.internal.security.HlsProcessorGmac;
import org.openmuc.jdlms.internal.security.HlsSecretProcessor;
import org.openmuc.jdlms.internal.transportlayer.TransportLayerConnection;
import org.openmuc.jdlms.internal.transportlayer.TransportLayerConnectionListener;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/openmuc/jdlms/ClientConnection.class */
public abstract class ClientConnection implements TransportLayerConnectionListener {
    private final Settings connectionSettings;
    private final TransportLayerConnection transLayerCon;
    private Conformance negotiatedFeatures;
    private IOException ioException;
    byte[] serverSystemTitle;
    private int maxSendPduSize = 65535;
    private final BlockingQueue<APdu> incomingResponses = new LinkedBlockingQueue();
    private final EncryptionSettings encryptionSettings = new EncryptionSettings();
    private final byte[] buffer = new byte[1000];
    private int invokeId = 1;
    private final SecureRandom random = new SecureRandom();

    /* JADX INFO: Access modifiers changed from: package-private */
    public ClientConnection(Settings settings, TransportLayerConnection transportLayerConnection) throws IOException {
        this.connectionSettings = settings;
        this.transLayerCon = transportLayerConnection;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void connect() throws IOException {
        this.transLayerCon.startListening(this);
        int buildContextId = buildContextId();
        AARQ_apdu aARQ_apdu = new AARQ_apdu();
        aARQ_apdu.application_context_name = new BerObjectIdentifier(new int[]{2, 16, 756, 5, 8, 1, buildContextId});
        HlsProcessorGmac hlsProcessorGmac = null;
        byte[] bArr = null;
        switch (this.connectionSettings.authenticationMechanism()) {
            case NONE:
                break;
            case LOW:
                setupAarqAuthentication(aARQ_apdu, this.connectionSettings.authenticationKey());
                break;
            case HLS5_GMAC:
                bArr = generateRandomSequence();
                setupAarqAuthentication(aARQ_apdu, bArr);
                hlsProcessorGmac = new HlsProcessorGmac();
                aARQ_apdu.calling_AP_title = new AP_title(new AP_title_form2(this.connectionSettings.systemTitle()));
                break;
            default:
                throw new IllegalStateException("Authentication mechanism not supported.");
        }
        ACSE_apdu aCSE_apdu = new ACSE_apdu(aARQ_apdu, null, null, null);
        COSEMpdu cOSEMpdu = new COSEMpdu();
        cOSEMpdu.setinitiateRequest(new InitiateRequest(null, new AxdrBoolean(confirmedModeEnabled()), null, new Unsigned8(6L), proposedConformance(), new Unsigned16(65535L)));
        int encode = new APdu(aCSE_apdu, cOSEMpdu).encode(this.buffer, this.connectionSettings, this.encryptionSettings);
        this.transLayerCon.send(this.buffer, this.buffer.length - encode, encode);
        if (confirmedModeEnabled()) {
            connectWithEnablededConfirmedMode(hlsProcessorGmac, bArr);
        } else {
            connectWithDisabledConfirmedMode();
        }
    }

    private void setupAarqAuthentication(AARQ_apdu aARQ_apdu, byte[] bArr) {
        aARQ_apdu.mechanism_name = new Mechanism_name(new int[]{2, 16, 756, 5, 8, 2, this.connectionSettings.authenticationMechanism().getCode()});
        aARQ_apdu.sender_acse_requirements = new ACSE_requirements(new byte[]{Byte.MIN_VALUE}, 2);
        aARQ_apdu.calling_authentication_value = new Authentication_value(new BerOctetString(bArr), null);
    }

    protected abstract int buildContextId();

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean confirmedModeEnabled() {
        return this.connectionSettings.confirmedMode() == ConfirmedMode.CONFIRMED;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Conformance negotiatedFeatures() {
        return this.negotiatedFeatures;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public int maxSendPduSize() {
        return this.maxSendPduSize;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Invoke_Id_And_Priority invokeIdAndPriorityFor(boolean z) {
        byte[] bArr = {(byte) (this.invokeId & 15)};
        if (confirmedModeEnabled()) {
            bArr[0] = (byte) (bArr[0] | 64);
        }
        if (z) {
            bArr[0] = (byte) (bArr[0] | 128);
        }
        Invoke_Id_And_Priority invoke_Id_And_Priority = new Invoke_Id_And_Priority(bArr);
        this.invokeId = (this.invokeId + 1) % 16;
        return invoke_Id_And_Priority;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void send(COSEMpdu cOSEMpdu) throws IOException {
        int encode = new APdu(null, cOSEMpdu).encode(this.buffer, this.connectionSettings, this.encryptionSettings);
        this.transLayerCon.send(this.buffer, this.buffer.length - encode, encode);
    }

    public void disconnect(boolean z) {
        if (z) {
        }
        try {
            this.transLayerCon.close();
        } catch (IOException e) {
        }
    }

    public final List<GetResult> get(AttributeAddress... attributeAddressArr) throws IOException, TimeoutException {
        return get(false, attributeAddressArr);
    }

    public abstract List<GetResult> get(boolean z, AttributeAddress... attributeAddressArr) throws IOException, TimeoutException;

    public final List<AccessResultCode> set(SetParameter... setParameterArr) throws IOException {
        return set(false, setParameterArr);
    }

    public abstract List<AccessResultCode> set(boolean z, SetParameter... setParameterArr) throws IOException;

    public final List<MethodResult> action(MethodParameter... methodParameterArr) throws IOException {
        return action(false, methodParameterArr);
    }

    public abstract List<MethodResult> action(boolean z, MethodParameter... methodParameterArr) throws IOException;

    public void disconnect() {
        disconnect(true);
    }

    public void close() {
        disconnect(false);
    }

    @Override // org.openmuc.jdlms.internal.transportlayer.TransportLayerConnectionListener
    public void dataReceived(byte[] bArr) {
        try {
            APdu aPdu = new APdu(new DataInputStream(new ByteArrayInputStream(bArr)), this.connectionSettings, bArr[0] & 255, this.encryptionSettings);
            try {
                if (aPdu.acseAPdu != null) {
                    this.incomingResponses.put(aPdu);
                } else {
                    processPdu(aPdu.cosemPdu);
                }
            } catch (InterruptedException e) {
            }
        } catch (IOException e2) {
            this.ioException = e2;
            try {
                this.incomingResponses.put(new APdu(null, null));
            } catch (InterruptedException e3) {
            }
        }
    }

    @Override // org.openmuc.jdlms.internal.transportlayer.TransportLayerConnectionListener
    public void connectionInterrupted(IOException iOException) {
        this.ioException = iOException;
        try {
            this.incomingResponses.put(new APdu(null, null));
        } catch (InterruptedException e) {
        }
    }

    protected abstract Conformance proposedConformance();

    protected abstract void processPdu(COSEMpdu cOSEMpdu);

    protected abstract void validateReferencingMethod() throws IOException;

    protected abstract byte[] hlsAuthentication(byte[] bArr) throws IOException;

    private void connectWithEnablededConfirmedMode(HlsSecretProcessor hlsSecretProcessor, byte[] bArr) throws IOException {
        APdu retrieveServerResponsePdu = retrieveServerResponsePdu();
        try {
            validate(retrieveServerResponsePdu);
            AARE_apdu aARE_apdu = retrieveServerResponsePdu.acseAPdu.aare;
            if (aARE_apdu.result.value != 0) {
                this.transLayerCon.close();
                throw new IOException("Error on establishing connection. Error code from AARE message: " + (aARE_apdu.result_source_diagnostic.acse_service_user != null ? "ACSE service user = " + aARE_apdu.result_source_diagnostic.acse_service_user.value : "ACSE service provider = " + aARE_apdu.result_source_diagnostic.acse_service_provider.value));
            }
            COSEMpdu cOSEMpdu = retrieveServerResponsePdu.cosemPdu;
            this.maxSendPduSize = (int) cOSEMpdu.initiateResponse.server_max_receive_pdu_size.getValue();
            this.negotiatedFeatures = cOSEMpdu.initiateResponse.negotiated_conformance;
            validateReferencingMethod();
            if (this.connectionSettings.authenticationMechanism().getCode() > 1) {
                byte[] bArr2 = aARE_apdu.responding_authentication_value.charstring.value;
                byte[] bArr3 = new byte[4];
                try {
                    byte[] hlsAuthentication = hlsAuthentication(hlsSecretProcessor.process(bArr2, this.connectionSettings.authenticationKey(), this.connectionSettings.globalEncryptionKey(), this.connectionSettings.systemTitle(), this.encryptionSettings.frameCounter));
                    if (hlsAuthentication == null) {
                        throw new IOException("Got no remote response challenge for HLS authentication steps 4.");
                    }
                    System.arraycopy(hlsAuthentication, 1, bArr3, 0, 4);
                    validate(hlsSecretProcessor.process(bArr, this.connectionSettings.authenticationKey(), this.connectionSettings.globalEncryptionKey(), aARE_apdu.responding_AP_title.ap_title_form2.value, ByteBuffer.wrap(bArr3).getInt()), hlsAuthentication);
                } catch (IOException e) {
                    throw new IOException("Exception during HLS authentication steps 3 and 4.", e);
                }
            }
        } catch (EOFException e2) {
            throw new IOException("Connection closed by remote host while waiting for association response (AARE).", e2);
        } catch (IOException e3) {
            throw new IOException("Error while receiving association response: " + e3.getMessage() + ".", e3);
        }
    }

    private void validate(byte[] bArr, byte[] bArr2) throws IOException {
        if (bArr2 == null) {
            throw new IOException("Authentication failed");
        }
        if (!Arrays.equals(bArr2, bArr)) {
            throw new IOException("Server wasn't able to authenticate itself");
        }
    }

    private APdu retrieveServerResponsePdu() throws IllegalStateException {
        try {
            return this.connectionSettings.responseTimeout() == 0 ? this.incomingResponses.take() : this.incomingResponses.poll(this.connectionSettings.responseTimeout(), TimeUnit.MILLISECONDS);
        } catch (InterruptedException e) {
            throw new IllegalStateException(e);
        }
    }

    private void validate(APdu aPdu) throws IOException {
        if (aPdu == null) {
            if (this.ioException == null) {
                throw new IOException("Timeout waiting for associate response message (AARE). No further information.");
            }
            throw this.ioException;
        }
        if (aPdu.cosemPdu == null) {
            throw this.ioException;
        }
        if (aPdu.acseAPdu == null || aPdu.acseAPdu.aare == null) {
            throw new IOException("Did not receive expected associate response (AARE) message.");
        }
    }

    private void connectWithDisabledConfirmedMode() throws IOException {
        this.maxSendPduSize = 65535;
        this.negotiatedFeatures = proposedConformance();
        validateReferencingMethod();
    }

    private byte[] generateRandomSequence() {
        int challengeLength = this.connectionSettings.challengeLength();
        byte[] bArr = new byte[challengeLength];
        for (int i = 0; i < challengeLength; i++) {
            byte[] bArr2 = new byte[1];
            do {
                this.random.nextBytes(bArr2);
                if (bArr2[0] >= 0) {
                }
                bArr[i] = bArr2[0];
            } while (bArr2[0] <= 31);
            bArr[i] = bArr2[0];
        }
        return bArr;
    }

    public Settings connectionSettings() {
        return this.connectionSettings;
    }
}
