package net.luminis.tls.engine.impl;

import java.security.SecureRandom;
import java.time.Instant;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import java.util.NoSuchElementException;
import java.util.Random;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import net.luminis.tls.TlsConstants;
import net.luminis.tls.engine.TlsSession;
import net.luminis.tls.engine.TlsSessionRegistry;
import net.luminis.tls.extension.ClientHelloPreSharedKeyExtension;
import net.luminis.tls.handshake.NewSessionTicketMessage;

/* loaded from: input_file:net/luminis/tls/engine/impl/TlsSessionRegistryImpl.class */
public class TlsSessionRegistryImpl implements TlsSessionRegistry {
    private static final int DEFAULT_TICKET_LIFETIME_HOURS = 24;
    private static final int DEFAULT_TICKET_LENGTH = 16;
    private Random randomGenerator;
    private Map<BytesKey, Session> sessions;
    private int ticketLifeTimeInSeconds;
    private volatile boolean closed;
    private ScheduledExecutorService scheduledExecutorService;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/luminis/tls/engine/impl/TlsSessionRegistryImpl$BytesKey.class */
    public class BytesKey {
        private final byte[] data;

        public BytesKey(byte[] bArr) {
            this.data = bArr;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            return Arrays.equals(this.data, ((BytesKey) obj).data);
        }

        public int hashCode() {
            return Arrays.hashCode(this.data);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/luminis/tls/engine/impl/TlsSessionRegistryImpl$Session.class */
    public class Session implements TlsSession {
        final byte[] ticketId;
        final byte ticketNonce;
        final long addAdd;
        final byte[] psk;
        final TlsConstants.CipherSuite cipher;
        final Instant created;
        private final Instant expiry;
        final String applicationProtocol;
        private final byte[] data;

        public Session(byte[] bArr, byte b, long j, byte[] bArr2, TlsConstants.CipherSuite cipherSuite, Instant instant, Instant instant2, String str, byte[] bArr3) {
            this.ticketId = bArr;
            this.ticketNonce = b;
            this.addAdd = j;
            this.psk = bArr2;
            this.cipher = cipherSuite;
            this.created = instant;
            this.expiry = instant2;
            this.applicationProtocol = str;
            this.data = bArr3;
        }

        @Override // net.luminis.tls.engine.TlsSession
        public byte[] getPsk() {
            return this.psk;
        }

        @Override // net.luminis.tls.engine.TlsSession
        public String getApplicationLayerProtocol() {
            return this.applicationProtocol;
        }

        @Override // net.luminis.tls.engine.TlsSession
        public byte[] getData() {
            return this.data;
        }
    }

    public TlsSessionRegistryImpl() {
        this.randomGenerator = new SecureRandom();
        this.sessions = new ConcurrentHashMap();
        this.ticketLifeTimeInSeconds = (int) TimeUnit.HOURS.toSeconds(24L);
        this.scheduledExecutorService = Executors.newSingleThreadScheduledExecutor();
        this.scheduledExecutorService.scheduleAtFixedRate(this::cleanupExpiredPsks, 1L, 1L, TimeUnit.MINUTES);
    }

    public TlsSessionRegistryImpl(int i) {
        this();
        this.ticketLifeTimeInSeconds = i;
    }

    @Override // net.luminis.tls.engine.TlsSessionRegistry
    public NewSessionTicketMessage createNewSessionTicketMessage(byte b, TlsConstants.CipherSuite cipherSuite, TlsState tlsState, String str) {
        return createNewSessionTicketMessage(b, cipherSuite, tlsState, str, null, null);
    }

    @Override // net.luminis.tls.engine.TlsSessionRegistry
    public NewSessionTicketMessage createNewSessionTicketMessage(byte b, TlsConstants.CipherSuite cipherSuite, TlsState tlsState, String str, Long l, byte[] bArr) {
        if (this.closed) {
            return null;
        }
        byte[] computePSK = tlsState.computePSK(new byte[]{b});
        long nextLong = this.randomGenerator.nextLong();
        byte[] bArr2 = new byte[DEFAULT_TICKET_LENGTH];
        this.randomGenerator.nextBytes(bArr2);
        this.sessions.put(new BytesKey(bArr2), new Session(bArr2, b, nextLong, computePSK, cipherSuite, Instant.now(), Instant.now().plusMillis(TimeUnit.SECONDS.toMillis(this.ticketLifeTimeInSeconds)), str, bArr));
        return l != null ? new NewSessionTicketMessage(this.ticketLifeTimeInSeconds, nextLong, new byte[]{b}, bArr2, l.longValue()) : new NewSessionTicketMessage(this.ticketLifeTimeInSeconds, nextLong, new byte[]{b}, bArr2);
    }

    @Override // net.luminis.tls.engine.TlsSessionRegistry
    public Integer selectIdentity(List<ClientHelloPreSharedKeyExtension.PskIdentity> list, TlsConstants.CipherSuite cipherSuite) {
        for (int i = 0; i < list.size(); i++) {
            Session session = this.sessions.get(new BytesKey(list.get(i).getIdentity()));
            if (session != null && session.expiry.isAfter(Instant.now()) && session.cipher == cipherSuite) {
                return Integer.valueOf(i);
            }
        }
        return null;
    }

    @Override // net.luminis.tls.engine.TlsSessionRegistry
    public TlsSession useSession(ClientHelloPreSharedKeyExtension.PskIdentity pskIdentity) {
        return this.sessions.remove(new BytesKey(pskIdentity.getIdentity()));
    }

    @Override // net.luminis.tls.engine.TlsSessionRegistry
    public byte[] peekSessionData(ClientHelloPreSharedKeyExtension.PskIdentity pskIdentity) {
        if (this.sessions.containsKey(new BytesKey(pskIdentity.getIdentity()))) {
            return this.sessions.get(new BytesKey(pskIdentity.getIdentity())).getData();
        }
        throw new NoSuchElementException();
    }

    @Override // net.luminis.tls.engine.TlsSessionRegistry
    public void shutdown() {
        this.closed = true;
        this.scheduledExecutorService.shutdown();
        this.sessions.clear();
    }

    void cleanupExpiredPsks() {
        Instant now = Instant.now();
        ((List) this.sessions.entrySet().stream().filter(entry -> {
            return ((Session) entry.getValue()).expiry.isBefore(now);
        }).map(entry2 -> {
            return (BytesKey) entry2.getKey();
        }).collect(Collectors.toList())).forEach(bytesKey -> {
            this.sessions.remove(bytesKey);
        });
    }
}
