package org.eclipse.californium.scandium.dtls;

import java.security.InvalidKeyException;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.security.auth.DestroyFailedException;
import javax.security.auth.Destroyable;
import org.eclipse.californium.elements.DtlsEndpointContext;
import org.eclipse.californium.elements.MapBasedEndpointContext;
import org.eclipse.californium.elements.util.Bytes;
import org.eclipse.californium.elements.util.DatagramReader;
import org.eclipse.californium.elements.util.DatagramWriter;
import org.eclipse.californium.elements.util.SerializationUtil;
import org.eclipse.californium.elements.util.StringUtil;
import org.eclipse.californium.elements.util.WipAPI;
import org.eclipse.californium.scandium.util.SecretIvParameterSpec;
import org.eclipse.californium.scandium.util.SecretUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes17.dex */
public final class DTLSContext implements Destroyable {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) DTLSContext.class);
    private static final long RECEIVE_WINDOW_SIZE = 64;
    private static final int SEQN_VERSION = 1;
    private static final int VERSION = 2;
    private SecretKey clusterReadMacKey;
    private SecretKey clusterWriteMacKey;
    private final long handshakeTime;
    private volatile long macErrors;
    private boolean markedAsclosed;
    private ConnectionId readConnectionId;
    private int readEpoch;
    private int readEpochClosed;
    private long readSequenceNumberClosed;
    private DTLSConnectionState readState;
    private volatile long receiveWindowLowerBoundary;
    private volatile long receiveWindowUpperCurrent;
    private volatile long receivedRecordsVector;
    private long[] sequenceNumbers;
    private final DTLSSession session;
    private ConnectionId writeConnectionId;
    private int writeEpoch;
    private DTLSConnectionState writeState;

    /* JADX INFO: Access modifiers changed from: package-private */
    public DTLSContext(long j) {
        this.writeConnectionId = null;
        this.readConnectionId = null;
        this.readState = DTLSConnectionState.NULL;
        this.writeState = DTLSConnectionState.NULL;
        this.clusterWriteMacKey = null;
        this.clusterReadMacKey = null;
        this.readEpoch = 0;
        this.writeEpoch = 0;
        this.sequenceNumbers = new long[2];
        this.receiveWindowUpperCurrent = -1L;
        this.receiveWindowLowerBoundary = 0L;
        this.receivedRecordsVector = 0L;
        this.macErrors = 0L;
        if (j < 0 || j > Record.MAX_SEQUENCE_NO) {
            throw new IllegalArgumentException("Initial sequence number must be greater than 0 and less than 2^48");
        }
        this.session = new DTLSSession();
        this.handshakeTime = System.currentTimeMillis();
        this.sequenceNumbers[0] = j;
    }

    private DTLSContext(DatagramReader datagramReader) {
        this.writeConnectionId = null;
        this.readConnectionId = null;
        this.readState = DTLSConnectionState.NULL;
        this.writeState = DTLSConnectionState.NULL;
        this.clusterWriteMacKey = null;
        this.clusterReadMacKey = null;
        this.readEpoch = 0;
        this.writeEpoch = 0;
        this.sequenceNumbers = new long[2];
        this.receiveWindowUpperCurrent = -1L;
        this.receiveWindowLowerBoundary = 0L;
        this.receivedRecordsVector = 0L;
        this.macErrors = 0L;
        this.handshakeTime = datagramReader.readLong(64);
        DTLSSession fromReader = DTLSSession.fromReader(datagramReader);
        this.session = fromReader;
        if (fromReader == null) {
            throw new IllegalArgumentException("read session must not be null!");
        }
        int read = datagramReader.read(8);
        this.readEpoch = read;
        if (read > 0) {
            this.readState = DTLSConnectionState.fromReader(this.session.getCipherSuite(), this.session.getCompressionMethod(), datagramReader);
        }
        int read2 = datagramReader.read(8);
        this.writeEpoch = read2;
        if (read2 == 1) {
            this.writeState = DTLSConnectionState.fromReader(this.session.getCipherSuite(), this.session.getCompressionMethod(), datagramReader);
        } else if (read2 > 1) {
            throw new IllegalArgumentException("write epoch must be 1!");
        }
        byte[] readVarBytes = datagramReader.readVarBytes(8);
        if (readVarBytes != null) {
            this.writeConnectionId = new ConnectionId(readVarBytes);
        }
        readSequenceNumbers(datagramReader);
        datagramReader.assertFinished("dtls-context");
    }

    private void addEndpointContext(MapBasedEndpointContext.Attributes attributes, int i) {
        ConnectionId connectionId;
        this.session.addEndpintContext(attributes);
        attributes.add(DtlsEndpointContext.KEY_EPOCH, Integer.valueOf(i));
        attributes.add(DtlsEndpointContext.KEY_HANDSHAKE_TIMESTAMP, Long.valueOf(this.handshakeTime));
        if (this.writeConnectionId == null || (connectionId = this.readConnectionId) == null) {
            return;
        }
        attributes.add(DtlsEndpointContext.KEY_READ_CONNECTION_ID, connectionId);
        attributes.add(DtlsEndpointContext.KEY_WRITE_CONNECTION_ID, this.writeConnectionId);
    }

    @WipAPI
    public static DTLSContext fromReader(DatagramReader datagramReader) {
        int readStartItem = SerializationUtil.readStartItem(datagramReader, 2, 16);
        if (readStartItem > 0) {
            return new DTLSContext(datagramReader.createRangeReader(readStartItem));
        }
        return null;
    }

    private void incrementWriteEpoch() {
        int i = this.writeEpoch + 1;
        this.writeEpoch = i;
        this.sequenceNumbers[i] = 0;
    }

    private void resetReceiveWindow() {
        this.receivedRecordsVector = 0L;
        this.receiveWindowUpperCurrent = -1L;
        this.receiveWindowLowerBoundary = 0L;
    }

    public final void addReadEndpointContext(MapBasedEndpointContext.Attributes attributes) {
        addEndpointContext(attributes, this.readEpoch);
    }

    public final void addWriteEndpointContext(MapBasedEndpointContext.Attributes attributes) {
        addEndpointContext(attributes, this.writeEpoch);
    }

    public final void createReadState(SecretKey secretKey, SecretIvParameterSpec secretIvParameterSpec, SecretKey secretKey2) {
        DTLSConnectionState create = DTLSConnectionState.create(this.session.getCipherSuite(), this.session.getCompressionMethod(), secretKey, secretIvParameterSpec, secretKey2);
        SecretUtil.destroy(this.readState);
        this.readState = create;
        incrementReadEpoch();
        LOGGER.trace("Setting current read state to{}{}", StringUtil.lineSeparator(), create);
    }

    public final void createWriteState(SecretKey secretKey, SecretIvParameterSpec secretIvParameterSpec, SecretKey secretKey2) {
        DTLSConnectionState create = DTLSConnectionState.create(this.session.getCipherSuite(), this.session.getCompressionMethod(), secretKey, secretIvParameterSpec, secretKey2);
        SecretUtil.destroy(this.writeState);
        this.writeState = create;
        incrementWriteEpoch();
        LOGGER.trace("Setting current write state to{}{}", StringUtil.lineSeparator(), create);
    }

    @Override // javax.security.auth.Destroyable
    public final void destroy() throws DestroyFailedException {
        SecretUtil.destroy(this.session);
        SecretUtil.destroy(this.clusterWriteMacKey);
        this.clusterWriteMacKey = null;
        SecretUtil.destroy(this.clusterReadMacKey);
        this.clusterReadMacKey = null;
        if (this.readState != DTLSConnectionState.NULL) {
            this.readState.destroy();
            this.readState = DTLSConnectionState.NULL;
        }
        if (this.writeState != DTLSConnectionState.NULL) {
            this.writeState.destroy();
            this.writeState = DTLSConnectionState.NULL;
        }
    }

    public final boolean equals(Object obj) {
        boolean z;
        int i;
        if (this == obj) {
            return true;
        }
        if (obj == null || getClass() != obj.getClass()) {
            return false;
        }
        DTLSContext dTLSContext = (DTLSContext) obj;
        if (this.session.equals(dTLSContext.session) && this.handshakeTime == dTLSContext.handshakeTime && (z = this.markedAsclosed) == dTLSContext.markedAsclosed) {
            return (!z || (this.readEpochClosed == dTLSContext.readEpochClosed && this.readSequenceNumberClosed == dTLSContext.readSequenceNumberClosed)) && Bytes.equals(this.readConnectionId, dTLSContext.readConnectionId) && Bytes.equals(this.writeConnectionId, dTLSContext.writeConnectionId) && this.readEpoch == dTLSContext.readEpoch && this.receiveWindowLowerBoundary == dTLSContext.receiveWindowLowerBoundary && this.receiveWindowUpperCurrent == dTLSContext.receiveWindowUpperCurrent && this.receivedRecordsVector == dTLSContext.receivedRecordsVector && (i = this.writeEpoch) == dTLSContext.writeEpoch && this.sequenceNumbers[i] == dTLSContext.sequenceNumbers[i];
        }
        return false;
    }

    public final long getLastHandshakeTime() {
        return this.handshakeTime;
    }

    public final long getMacErrors() {
        return this.macErrors;
    }

    public final long getNextSequenceNumber() {
        return getNextSequenceNumber(this.writeEpoch);
    }

    public final long getNextSequenceNumber(int i) {
        long[] jArr = this.sequenceNumbers;
        long j = jArr[i];
        if (j > Record.MAX_SEQUENCE_NO) {
            throw new IllegalStateException("Maximum sequence number for epoch has been reached");
        }
        jArr[i] = 1 + j;
        return j;
    }

    public final ConnectionId getReadConnectionId() {
        return this.readConnectionId;
    }

    public final int getReadEpoch() {
        return this.readEpoch;
    }

    public final DTLSConnectionState getReadState() {
        return this.readState;
    }

    public final String getReadStateCipher() {
        return this.readState.getCipherSuite().name();
    }

    public final DTLSSession getSession() {
        return this.session;
    }

    public final Mac getThreadLocalClusterReadMac() {
        if (this.clusterReadMacKey == null) {
            return null;
        }
        try {
            Mac threadLocalPseudoRandomFunctionMac = this.session.getCipherSuite().getThreadLocalPseudoRandomFunctionMac();
            threadLocalPseudoRandomFunctionMac.init(this.clusterReadMacKey);
            return threadLocalPseudoRandomFunctionMac;
        } catch (InvalidKeyException e) {
            LOGGER.info("cluster read MAC failed!", (Throwable) e);
            return null;
        }
    }

    public final Mac getThreadLocalClusterWriteMac() {
        if (this.clusterWriteMacKey == null) {
            return null;
        }
        try {
            Mac threadLocalPseudoRandomFunctionMac = this.session.getCipherSuite().getThreadLocalPseudoRandomFunctionMac();
            threadLocalPseudoRandomFunctionMac.init(this.clusterWriteMacKey);
            return threadLocalPseudoRandomFunctionMac;
        } catch (InvalidKeyException e) {
            LOGGER.info("cluster write MAC failed!", (Throwable) e);
            return null;
        }
    }

    public final ConnectionId getWriteConnectionId() {
        return this.writeConnectionId;
    }

    public final int getWriteEpoch() {
        return this.writeEpoch;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final DTLSConnectionState getWriteState() {
        return getWriteState(this.writeEpoch);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final DTLSConnectionState getWriteState(int i) {
        return i == 0 ? DTLSConnectionState.NULL : this.writeState;
    }

    public final String getWriteStateCipher() {
        return this.writeState.getCipherSuite().name();
    }

    public final int hashCode() {
        int i;
        long j;
        long j2 = this.handshakeTime;
        int i2 = ((int) (j2 ^ (j2 >>> 32))) + 31;
        if (this.markedAsclosed) {
            i = ((i2 * 31) + this.readEpochClosed) * 31;
            j = this.readSequenceNumberClosed;
        } else {
            i = ((i2 * 31) + this.readEpoch) * 31;
            j = this.receiveWindowUpperCurrent;
        }
        int i3 = this.writeEpoch;
        int i4 = (((((((((i + ((int) j)) * 31) + i3) * 31) + ((int) this.sequenceNumbers[i3])) * 31) + ((int) this.receiveWindowLowerBoundary)) * 31) + ((int) (this.receivedRecordsVector ^ (this.receivedRecordsVector >>> 32)))) * 31;
        ConnectionId connectionId = this.readConnectionId;
        int hashCode = (i4 + (connectionId == null ? 0 : connectionId.hashCode())) * 31;
        ConnectionId connectionId2 = this.writeConnectionId;
        return ((hashCode + (connectionId2 != null ? connectionId2.hashCode() : 0)) * 31) + this.session.hashCode();
    }

    public final void incrementMacErrors() {
        this.macErrors++;
    }

    final void incrementReadEpoch() {
        resetReceiveWindow();
        this.readEpoch++;
    }

    @Override // javax.security.auth.Destroyable
    public final boolean isDestroyed() {
        return SecretUtil.isDestroyed(this.session) && SecretUtil.isDestroyed(this.readState) && SecretUtil.isDestroyed(this.writeState) && SecretUtil.isDestroyed(this.clusterReadMacKey) && SecretUtil.isDestroyed(this.clusterWriteMacKey);
    }

    final boolean isDuplicate(long j) {
        if (j > this.receiveWindowUpperCurrent) {
            return false;
        }
        long j2 = 1 << ((int) (j - this.receiveWindowLowerBoundary));
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("Checking sequence no [{}] using bit mask [{}] against received records [{}] with lower boundary [{}]", Long.valueOf(j), Long.toBinaryString(j2), Long.toBinaryString(this.receivedRecordsVector), Long.valueOf(this.receiveWindowLowerBoundary));
        }
        return (this.receivedRecordsVector & j2) == j2;
    }

    public final boolean isMarkedAsClosed() {
        return this.markedAsclosed;
    }

    public final boolean isRecordProcessable(int i, long j, int i2) {
        int readEpoch = getReadEpoch();
        if (i != readEpoch) {
            StringBuilder sb = new StringBuilder("wrong epoch! ");
            sb.append(i);
            sb.append(" != ");
            sb.append(readEpoch);
            throw new IllegalArgumentException(sb.toString());
        }
        if (j < this.receiveWindowLowerBoundary) {
            return i2 < 0 || j > this.receiveWindowLowerBoundary - ((long) i2);
        }
        if (this.markedAsclosed) {
            int i3 = this.readEpochClosed;
            if (i > i3) {
                return false;
            }
            if (i == i3 && j >= this.readSequenceNumberClosed) {
                return false;
            }
        }
        return !isDuplicate(j);
    }

    public final void markCloseNotify(int i, long j) {
        this.markedAsclosed = true;
        this.readEpochClosed = i;
        this.readSequenceNumberClosed = j;
    }

    public final boolean markRecordAsRead(int i, long j) {
        int readEpoch = getReadEpoch();
        if (i != readEpoch) {
            StringBuilder sb = new StringBuilder("wrong epoch! ");
            sb.append(i);
            sb.append(" != ");
            sb.append(readEpoch);
            throw new IllegalArgumentException(sb.toString());
        }
        boolean z = j > this.receiveWindowUpperCurrent;
        if (z) {
            this.receiveWindowUpperCurrent = j;
            long max = Math.max(0L, (j - 64) + 1);
            long j2 = max - this.receiveWindowLowerBoundary;
            if (j2 > 0) {
                this.receivedRecordsVector >>>= (int) j2;
                this.receiveWindowLowerBoundary = max;
            }
        }
        this.receivedRecordsVector = (1 << ((int) (j - this.receiveWindowLowerBoundary))) | this.receivedRecordsVector;
        LOGGER.debug("Updated receive window with sequence number [{}]: new upper boundary [{}], new bit vector [{}]", Long.valueOf(j), Long.valueOf(this.receiveWindowUpperCurrent), Long.toBinaryString(this.receivedRecordsVector));
        return z;
    }

    @WipAPI
    public final void readSequenceNumbers(DatagramReader datagramReader) {
        int readStartItem = SerializationUtil.readStartItem(datagramReader, 1, 8);
        if (readStartItem > 0) {
            DatagramReader createRangeReader = datagramReader.createRangeReader(readStartItem);
            long readLong = createRangeReader.readLong(48);
            long readLong2 = createRangeReader.readLong(48);
            long readLong3 = createRangeReader.readLong(64);
            long readLong4 = createRangeReader.readLong(64);
            createRangeReader.assertFinished("dtls-context-sequence-numbers");
            int numberOfLeadingZeros = Long.numberOfLeadingZeros(readLong3);
            this.sequenceNumbers[this.writeEpoch] = readLong;
            this.receiveWindowLowerBoundary = readLong2;
            this.receivedRecordsVector = readLong3;
            this.receiveWindowUpperCurrent = ((readLong2 + 64) - numberOfLeadingZeros) - 1;
            this.macErrors = readLong4;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void setClusterMacKeys(SecretKey secretKey, SecretKey secretKey2) {
        this.clusterWriteMacKey = SecretUtil.create(secretKey);
        this.clusterReadMacKey = SecretUtil.create(secretKey2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void setReadConnectionId(ConnectionId connectionId) {
        this.readConnectionId = connectionId;
    }

    final void setReadEpoch(int i) {
        if (i < 0) {
            throw new IllegalArgumentException("Read epoch must not be negative");
        }
        resetReceiveWindow();
        this.readEpoch = i;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void setWriteConnectionId(ConnectionId connectionId) {
        this.writeConnectionId = connectionId;
    }

    final void setWriteEpoch(int i) {
        if (i < 0) {
            throw new IllegalArgumentException("Write epoch must not be negative");
        }
        this.writeEpoch = i;
    }

    @WipAPI
    public final void writeSequenceNumbers(DatagramWriter datagramWriter) {
        int writeStartItem = SerializationUtil.writeStartItem(datagramWriter, 1, 8);
        datagramWriter.writeLong(this.sequenceNumbers[this.writeEpoch], 48);
        datagramWriter.writeLong(this.receiveWindowLowerBoundary, 48);
        datagramWriter.writeLong(this.receivedRecordsVector, 64);
        datagramWriter.writeLong(this.macErrors, 64);
        SerializationUtil.writeFinishedItem(datagramWriter, writeStartItem, 8);
    }

    @WipAPI
    public final boolean writeTo(DatagramWriter datagramWriter) {
        if (this.markedAsclosed) {
            return false;
        }
        int writeStartItem = SerializationUtil.writeStartItem(datagramWriter, 2, 16);
        datagramWriter.writeLong(this.handshakeTime, 64);
        this.session.writeTo(datagramWriter);
        datagramWriter.write(this.readEpoch, 8);
        if (this.readEpoch > 0) {
            getReadState().writeTo(datagramWriter);
        }
        datagramWriter.write(this.writeEpoch, 8);
        if (this.writeEpoch > 0) {
            getWriteState().writeTo(datagramWriter);
        }
        datagramWriter.writeVarBytes(this.writeConnectionId, 8);
        writeSequenceNumbers(datagramWriter);
        SerializationUtil.writeFinishedItem(datagramWriter, writeStartItem, 16);
        return true;
    }
}
