package org.opendof.core.internal.protocol.trp;

import java.util.Arrays;
import org.opendof.core.internal.core.OALOperation;
import org.opendof.core.internal.core.security.OALSecurityTicket;
import org.opendof.core.internal.protocol.Marshallable;
import org.opendof.core.internal.protocol.PacketData;
import org.opendof.core.internal.protocol.security.AuthenticationException;
import org.opendof.core.internal.protocol.security.Authenticator;
import org.opendof.core.internal.protocol.security.EncryptionUtil;
import org.opendof.core.internal.protocol.security.KeyRequest;
import org.opendof.core.internal.util.BufferedPacket;
import org.opendof.core.oal.DOF;
import org.opendof.core.oal.DOFMarshalContext;
import org.opendof.core.oal.DOFMarshalException;
import org.opendof.core.oal.DOFObjectID;
import org.opendof.core.oal.DOFPacket;
import org.opendof.core.oal.security.DOFAuthenticationFailedException;
import org.opendof.core.oal.security.DOFSecurityException;

/* loaded from: input_file:org/opendof/core/internal/protocol/trp/RandomOperation.class */
public class RandomOperation extends TRPOperation implements Marshallable {
    public static final short OPCODE = 2;
    private Authenticator.RandomRequest randRequest;
    private Authenticator.RandomResponse randResponse;
    private byte[] rand;

    public RandomOperation(OALOperation.State state, Authenticator.RandomResponse randomResponse, short s) {
        super(null, state, null, null, s);
        this.randResponse = randomResponse;
    }

    public RandomOperation(PacketData packetData, DOFMarshalContext dOFMarshalContext, Object obj, BufferedPacket bufferedPacket) throws DOFMarshalException {
        super(null, packetData.opState, null, null, packetData.appVersion);
        bufferedPacket.getByte();
        if (dOFMarshalContext != DOFMarshalContext.COMMAND) {
            this.randResponse = new Authenticator.RandomResponse(new OALSecurityTicket(dOFMarshalContext, DefaultTRP.getCipherAlgorithm(this.appid), bufferedPacket));
            return;
        }
        this.domain = DOFObjectID.Domain.create(bufferedPacket.getOID());
        if (this.domain.hasAttributes() || this.domain.isBroadcast()) {
            throw new DOFMarshalException("RandomOperation unmarshal failed: domain.hasAttributes() || domain.isBroadcast()", null);
        }
        this.randRequest = new Authenticator.RandomRequest(bufferedPacket.readBuffer(), bufferedPacket.getFrontBufferSize(), bufferedPacket.getFrontBufferSize() - this.randRequest.i_offset, new KeyRequest(dOFMarshalContext, this.domain, bufferedPacket));
    }

    @Override // org.opendof.core.internal.protocol.trp.TRPOperation
    public void process(Authenticator authenticator) {
        try {
            respond(new RandomOperation(getState().asResponse(), authenticator.requestRandom(this.randRequest, DefaultTRP.getCipherAlgorithm(this.appid)), this.appid));
        } catch (AuthenticationException e) {
            if (DOF.Log.isLogDebug()) {
                if (this.randRequest != null) {
                    DOF.Log.message(DOF.Log.Level.DEBUG, "Authenticator for domain " + authenticator.getDomainID() + " identity " + this.randRequest.auth.getCredentials().getIdentity() + ", requestRandom failed with authentication error", e);
                } else {
                    DOF.Log.message(DOF.Log.Level.DEBUG, "Authenticator for domain " + authenticator.getDomainID() + ", requestRandom failed with authentication error", e);
                }
            }
            respond(new RejectOperation(getState().asResponse(), e.getErrorCode(), this.appid));
        } catch (Exception e2) {
            if (DOF.Log.isLogWarn()) {
                if (this.randRequest != null) {
                    DOF.Log.message(DOF.Log.Level.WARN, "Authenticator for domain " + authenticator.getDomainID() + " identity " + this.randRequest.auth.getCredentials().getIdentity() + ", requestRandom failed with internal error", e2);
                } else {
                    DOF.Log.message(DOF.Log.Level.WARN, "Authenticator for domain " + authenticator.getDomainID() + ", requestRandom failed with internal error", e2);
                }
            }
            respond(new RejectOperation(getState().asResponse(), AuthenticationException.INTERNAL_ERROR, this.appid));
        }
        asyncSetComplete();
    }

    public Authenticator.RandomRequest getRandomRequest() {
        return this.randRequest != null ? this.randRequest : ((RandomOperation) getCommandOperation()).randRequest;
    }

    public synchronized Authenticator.RandomResponse getRandomResponse() throws DOFSecurityException {
        Authenticator.RandomResponse randomResponse;
        Authenticator.RandomRequest randomRequest;
        if (this.randRequest == null) {
            randomRequest = getRandomRequest();
            randomResponse = this.randResponse;
        } else {
            if (this.randResponse != null) {
                return this.randResponse;
            }
            if (getFirstResponse() instanceof RejectOperation) {
                throw new AuthenticationException(805306368 | ((RejectOperation) getFirstResponse()).getError());
            }
            randomResponse = ((RandomOperation) getFirstResponse()).randResponse;
            if (randomResponse == null) {
                throw new DOFSecurityException();
            }
            randomRequest = this.randRequest;
        }
        if (getCredentials() == null) {
            throw new DOFSecurityException("Credentials not known.");
        }
        byte[] sharedSecret = getCredentials().getSharedSecret();
        byte[] sessionKey = randomResponse.ticket.getSessionKey(sharedSecret);
        if (!Arrays.equals(randomResponse.ticket.mac, EncryptionUtil.hmac_SHA256(sharedSecret, randomRequest.auth.getDomainID(), randomRequest.I, randomRequest.i_offset, randomRequest.i_length, null, 0, 0, null, 0, 0, sessionKey))) {
            throw new DOFAuthenticationFailedException();
        }
        this.randResponse = randomResponse;
        this.randRequest = randomRequest;
        this.rand = sessionKey;
        return this.randResponse;
    }

    public byte[] getRandom() throws DOFSecurityException {
        getRandomResponse();
        return this.rand;
    }

    @Override // org.opendof.core.internal.core.OALOperation, org.opendof.core.internal.protocol.Marshallable
    public void marshal(DOFMarshalContext dOFMarshalContext, Object obj, DOFPacket dOFPacket) throws DOFMarshalException {
        BufferedPacket bufferedPacket = (BufferedPacket) dOFPacket;
        if (dOFMarshalContext == DOFMarshalContext.COMMAND) {
            bufferedPacket.putByteArray(this.randRequest.I, this.randRequest.i_offset, this.randRequest.i_length);
            bufferedPacket.putOID(this.domain);
        } else {
            this.randResponse.ticket.marshal(dOFMarshalContext, null, bufferedPacket);
        }
        bufferedPacket.putByte(2);
    }
}
