package org.opendof.core.internal.protocol.tep;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.atomic.AtomicLong;
import org.opendof.core.internal.core.IndependentThread;
import org.opendof.core.internal.core.OALBridge;
import org.opendof.core.internal.core.OALChannel;
import org.opendof.core.internal.core.OALCore;
import org.opendof.core.internal.core.OALOperation;
import org.opendof.core.internal.core.OALSecurityScope;
import org.opendof.core.internal.core.OALSecurityScopeList;
import org.opendof.core.internal.core.OperationProcessor;
import org.opendof.core.internal.core.OperationSource;
import org.opendof.core.internal.core.Router;
import org.opendof.core.internal.core.security.DomainStore;
import org.opendof.core.internal.core.security.PermissionStore;
import org.opendof.core.internal.core.security.ScopedPermissionList;
import org.opendof.core.internal.protocol.ConnectionStack;
import org.opendof.core.internal.protocol.DPSException;
import org.opendof.core.internal.protocol.OperationID;
import org.opendof.core.internal.protocol.PacketData;
import org.opendof.core.internal.protocol.SecurityModeLayer;
import org.opendof.core.internal.protocol.security.AuthenticationException;
import org.opendof.core.internal.protocol.security.EncryptionUtil;
import org.opendof.core.internal.protocol.security.KeyRequest;
import org.opendof.core.internal.protocol.security.Validator;
import org.opendof.core.internal.protocol.security.credentials.Credentials;
import org.opendof.core.internal.util.AsyncRunnable;
import org.opendof.core.internal.util.BufferedPacket;
import org.opendof.core.internal.util.ConditionWaiter;
import org.opendof.core.internal.util.WaitCondition;
import org.opendof.core.oal.DOF;
import org.opendof.core.oal.DOFAddress;
import org.opendof.core.oal.DOFConnection;
import org.opendof.core.oal.DOFConnectionStack;
import org.opendof.core.oal.DOFException;
import org.opendof.core.oal.DOFObjectID;
import org.opendof.core.oal.DOFOperation;
import org.opendof.core.oal.DOFPacket;
import org.opendof.core.oal.DOFServer;
import org.opendof.core.oal.DOFTerminatedException;
import org.opendof.core.oal.DOFTimeoutException;
import org.opendof.core.oal.security.DOFAuthenticationFailedException;
import org.opendof.core.oal.security.DOFCipher;
import org.opendof.core.oal.security.DOFPermission;
import org.opendof.core.oal.security.DOFPermissionSet;
import org.opendof.core.oal.security.DOFSecurityException;

/* loaded from: input_file:org/opendof/core/internal/protocol/tep/DefaultTEP.class */
public class DefaultTEP implements TEP, OperationSource {
    public static final short APPID_V1 = 128;
    public static final short APPID_TWOFISH = 132;
    public static final short APPID_SMS4 = 135;
    public static final short MAX_GRANT_DURATION = 2040;
    public static final int TEP_HANDSHAKE_MAX = 45000;
    public static final int TRP_TIMEOUT = 30000;
    private static final int DATAGRAM_RETRY_PERIOD = 3000;
    private static final int DEFAULT_TEP_SESSION_END_WARNING_TIME_UNITS = 5;
    private static final int DEFAULT_TEP_RESPONDER_SESSION_END_WARNING_TIME_UNITS = 4;
    private static final int DEFAULT_TEP_SESSION_ENDING_PERIOD_TIME_UNITS = 1;
    private volatile boolean isDestroyed;
    private final Object isDestroyedMonitor;
    private volatile OALCore core;
    private volatile ConnectionStack stack;
    private volatile State state;
    private final Object stateMonitor;
    private final short app_id;
    private final short securityMode;

    /* loaded from: input_file:org/opendof/core/internal/protocol/tep/DefaultTEP$AsyncBegin.class */
    private static class AsyncBegin extends IndependentThread {
        private final DefaultTEP tep;

        public AsyncBegin(DefaultTEP defaultTEP) {
            this.tep = defaultTEP;
            setDaemon(true);
            setName(defaultTEP.getName());
            start();
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            long currentTimeMillis = System.currentTimeMillis();
            if (DOF.Log.isLogDebug()) {
                DOF.Log.message("TEP", DOF.Log.Level.DEBUG, this.tep.core.getName() + " - Starting IndependentThread: AsyncBegin for " + this.tep.stack.sharedConnection);
            }
            try {
                this.tep.resolveCredentials();
                this.tep.obtainSecureSID(this.tep.getCredentials());
                this.tep.beginSession();
            } catch (DOFSecurityException e) {
                if (DOF.Log.isLogDebug()) {
                    DOF.Log.message("TEP", DOF.Log.Level.DEBUG, this.tep.core.getName() + " - Failed AsyncBegin for " + this.tep.stack.sharedConnection + " with exception " + e);
                }
                this.tep.getStack().sharedConnection.setException(e);
                this.tep.closeConnection(new DOFAuthenticationFailedException(e));
            }
            if (DOF.Log.isLogDebug()) {
                DOF.Log.message("TEP", DOF.Log.Level.DEBUG, this.tep.core.getName() + " - AsyncBegin runtime= " + (System.currentTimeMillis() - currentTimeMillis) + "ms for " + this.tep.stack.sharedConnection);
            }
        }
    }

    /* loaded from: input_file:org/opendof/core/internal/protocol/tep/DefaultTEP$AsyncBeginSession.class */
    static class AsyncBeginSession extends IndependentThread {
        private final DefaultTEP tep;

        /* JADX INFO: Access modifiers changed from: package-private */
        public AsyncBeginSession(DefaultTEP defaultTEP) {
            this.tep = defaultTEP;
            setName("TEP.beginSession-" + OALCore.getSimpleName(this, true));
            setDaemon(true);
            start();
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            this.tep.beginSession();
        }
    }

    /* loaded from: input_file:org/opendof/core/internal/protocol/tep/DefaultTEP$AsyncCloseConnection.class */
    private static class AsyncCloseConnection extends IndependentThread {
        private final DefaultTEP tep;
        private final DOFException cause;

        AsyncCloseConnection(DefaultTEP defaultTEP, DOFException dOFException) {
            this.tep = defaultTEP;
            this.cause = dOFException;
            setName("TEP.closeConnection-" + OALCore.getSimpleName(this, true));
            setDaemon(true);
            start();
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            this.tep.closeConnection(this.cause);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/opendof/core/internal/protocol/tep/DefaultTEP$AsyncFinalizeStack.class */
    public static class AsyncFinalizeStack extends IndependentThread {
        private final DefaultTEP tep;
        private final KeyRequestOperation op;

        AsyncFinalizeStack(DefaultTEP defaultTEP, KeyRequestOperation keyRequestOperation) {
            this.tep = defaultTEP;
            this.op = keyRequestOperation;
            setName(defaultTEP.getName() + "-" + OALCore.getSimpleName(this, true));
            setDaemon(true);
            start();
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            long currentTimeMillis = System.currentTimeMillis();
            if (DOF.Log.isLogDebug()) {
                DOF.Log.message("TEP", DOF.Log.Level.DEBUG, this.tep.core.getName() + " - Starting IndependentThread: AsyncFinalizeStack for " + this.tep.stack.sharedConnection);
            }
            try {
                this.op.waitComplete(DefaultTEP.TEP_HANDSHAKE_MAX);
                SecurityModeLayer securityMode = this.tep.getStack().getSecurityMode();
                if (securityMode != null && !securityMode.isReady()) {
                    try {
                        securityMode.waitReady(DefaultTEP.DATAGRAM_RETRY_PERIOD);
                    } catch (Exception e) {
                        if (DOF.Log.isLogFatal()) {
                            DOF.Log.message("TEP", DOF.Log.Level.FATAL, "SecurityMode.waitReady Exception: " + e);
                        }
                    }
                }
                this.tep.finalizeStack(this.op);
                synchronized (this.tep.getStack()) {
                    this.tep.getStack().stackWaiting = false;
                    this.tep.getStack().notifyAll();
                }
            } catch (DOFException e2) {
                if (DOF.Log.isLogFatal()) {
                    DOF.Log.message("TEP", DOF.Log.Level.FATAL, "TEP KeyRequest failed: TIMEOUT");
                }
            }
            if (DOF.Log.isLogDebug()) {
                DOF.Log.message("TEP", DOF.Log.Level.DEBUG, this.tep.core.getName() + " - AsyncFinalizeStack runtime= " + (System.currentTimeMillis() - currentTimeMillis) + "ms for " + this.tep.stack.sharedConnection);
            }
        }
    }

    /* loaded from: input_file:org/opendof/core/internal/protocol/tep/DefaultTEP$AsyncSendSessionEnding.class */
    private static class AsyncSendSessionEnding extends IndependentThread {
        private final DefaultTEP tep;

        AsyncSendSessionEnding(DefaultTEP defaultTEP) {
            this.tep = defaultTEP;
            setName("TEP.sendSessionEnding-" + OALCore.getSimpleName(this, true));
            setDaemon(true);
            start();
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            this.tep.sendSessionEnding();
        }
    }

    /* loaded from: input_file:org/opendof/core/internal/protocol/tep/DefaultTEP$AsyncWaitForConfirmAck.class */
    private static class AsyncWaitForConfirmAck extends IndependentThread {
        private final DefaultTEP tep;
        private final KeyRequestOperation op;

        AsyncWaitForConfirmAck(DefaultTEP defaultTEP, KeyRequestOperation keyRequestOperation) {
            this.tep = defaultTEP;
            this.op = keyRequestOperation;
            setName(keyRequestOperation.getState().getCore().getName() + "-" + OALCore.getSimpleName(this, true));
            setDaemon(true);
            start();
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            long currentTimeMillis = System.currentTimeMillis();
            if (DOF.Log.isLogDebug()) {
                DOF.Log.message("TEP", DOF.Log.Level.DEBUG, this.tep.core.getName() + " - Starting IndependentThread: AsyncWaitForConfirmAck for " + this.tep.stack.sharedConnection);
            }
            try {
                this.op.waitComplete(DefaultTEP.TEP_HANDSHAKE_MAX);
                this.tep.sendFinalizeStack(this.op);
            } catch (DOFException e) {
                if (DOF.Log.isLogFatal()) {
                    DOF.Log.message("TEP", DOF.Log.Level.FATAL, "TEP KeyRequest failed: TIMEOUT");
                }
            }
            if (DOF.Log.isLogDebug()) {
                DOF.Log.message("TEP", DOF.Log.Level.DEBUG, this.tep.core.getName() + " - AsyncWaitForConfirmAck runtime= " + (System.currentTimeMillis() - currentTimeMillis) + "ms for " + this.tep.stack.sharedConnection);
            }
        }
    }

    /* loaded from: input_file:org/opendof/core/internal/protocol/tep/DefaultTEP$AsyncWaitForNoOp.class */
    private static class AsyncWaitForNoOp extends IndependentThread {
        private final DefaultTEP tep;
        private final KeyRequestOperation op;

        AsyncWaitForNoOp(DefaultTEP defaultTEP, KeyRequestOperation keyRequestOperation) {
            this.tep = defaultTEP;
            this.op = keyRequestOperation;
            setName(keyRequestOperation.getState().getCore().getName() + "-" + OALCore.getSimpleName(this, true));
            setDaemon(true);
            start();
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            long currentTimeMillis = System.currentTimeMillis();
            if (DOF.Log.isLogDebug()) {
                DOF.Log.message("TEP", DOF.Log.Level.DEBUG, this.tep.core.getName() + " - Starting IndependentThread: AsyncWaitForNoOp for " + this.tep.stack.sharedConnection);
            }
            ConditionWaiter.waitForCondition(new StackWaiter(this.tep.stack), this.tep.stack, DefaultTEP.TEP_HANDSHAKE_MAX);
            this.tep.sendFinalizeStack(this.op);
            if (DOF.Log.isLogDebug()) {
                DOF.Log.message("TEP", DOF.Log.Level.DEBUG, this.tep.core.getName() + " - AsyncWaitForNoOp runtime= " + (System.currentTimeMillis() - currentTimeMillis) + "ms for " + this.tep.stack.sharedConnection);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/opendof/core/internal/protocol/tep/DefaultTEP$ExtendCompleteListener.class */
    public class ExtendCompleteListener implements OALOperation.CompleteListener {
        private final OALOperation.CompleteListener listener;
        private final boolean isInbound;

        ExtendCompleteListener(OALOperation.CompleteListener completeListener, boolean z) {
            this.listener = completeListener;
            this.isInbound = z;
        }

        @Override // org.opendof.core.internal.core.OALOperation.CompleteListener
        public void complete(OALOperation oALOperation, Exception exc) {
            if (DOF.Log.isLogDebug()) {
                DOF.Log.message("TEP", DOF.Log.Level.DEBUG, DefaultTEP.this.core.getName() + " - extend complete with exception=" + exc + ": " + DefaultTEP.this.stack.sharedConnection);
            }
            synchronized (DefaultTEP.this.stateMonitor) {
                DefaultTEP.this.state.isExtending = false;
            }
            if (exc != null) {
                DefaultTEP.this.closeConnection(new DOFTerminatedException("TEP failed to extend outbound permissions", exc));
            } else {
                KeyRequestOperation keyRequestOperation = (KeyRequestOperation) oALOperation;
                OALSecurityScopeList initiatorScopeList = keyRequestOperation.getInitiatorScopeList();
                if (initiatorScopeList != null) {
                    ScopedPermissionList create = ScopedPermissionList.create(keyRequestOperation.getInitiatorRequest().getPermissions(), initiatorScopeList.intersectWith(DefaultTEP.this.state.connectionScope));
                    synchronized (DefaultTEP.this.stateMonitor) {
                        DefaultTEP.this.state.isExtending = false;
                        if (this.isInbound) {
                            DefaultTEP.this.state.permissionStore.getInbound(DefaultTEP.this.state.securityMode.getCurrentKeyPeriod()).add(create);
                        } else {
                            DefaultTEP.this.state.permissionStore.getOutbound(DefaultTEP.this.state.securityMode.getCurrentKeyPeriod()).add(create);
                        }
                    }
                }
            }
            this.listener.complete(oALOperation, exc);
        }
    }

    /* loaded from: input_file:org/opendof/core/internal/protocol/tep/DefaultTEP$InboundExtendPermissionListener.class */
    private class InboundExtendPermissionListener implements OALOperation.CompleteListener {
        private InboundExtendPermissionListener() {
        }

        @Override // org.opendof.core.internal.core.OALOperation.CompleteListener
        public void complete(OALOperation oALOperation, Exception exc) {
            KeyRequestOperation keyRequestOperation = (KeyRequestOperation) oALOperation;
            OALSecurityScopeList initiatorScopeList = keyRequestOperation.getInitiatorScopeList();
            if (initiatorScopeList != null) {
                ScopedPermissionList create = ScopedPermissionList.create(keyRequestOperation.getInitiatorRequest().getPermissions(), initiatorScopeList.intersectWith(DefaultTEP.this.state.connectionScope));
                if (DOF.Log.isLogTrace()) {
                    DOF.Log.message("TEP", DOF.Log.Level.TRACE, "Inbound connection permission extension complete. scopedResult=" + create);
                }
            }
        }
    }

    /* loaded from: input_file:org/opendof/core/internal/protocol/tep/DefaultTEP$StackWaiter.class */
    private static class StackWaiter implements WaitCondition {
        private final ConnectionStack waitStack;

        StackWaiter(ConnectionStack connectionStack) {
            this.waitStack = connectionStack;
        }

        @Override // org.opendof.core.internal.util.WaitCondition
        public boolean isDoneWaiting() {
            return !this.waitStack.stackWaiting;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/opendof/core/internal/protocol/tep/DefaultTEP$State.class */
    public static class State {
        volatile boolean isServer;
        final AtomicLong connectStart;
        final AtomicLong sessionStart;
        final AtomicLong sessionWarn;
        final AtomicLong sessionEnd;
        volatile SecurityModeLayer securityMode;
        volatile Credentials credentials;
        volatile DOFPermissionSet initialPermissions;
        volatile PermissionStore permissionStore;
        volatile PermissionStore.ScheduledPermissionRemover permissionCleanup;
        volatile OALSecurityScope connectionScope;
        volatile boolean isComplete;
        volatile boolean inHandshake;
        volatile boolean isRekeying;
        volatile boolean isExtending;
        volatile boolean hasSentNoOp;
        volatile int stateID;
        public final Map<OperationID, byte[]> nextConfirmations;

        private State() {
            this.isServer = false;
            this.connectStart = new AtomicLong(System.currentTimeMillis());
            this.sessionStart = new AtomicLong(this.connectStart.get());
            this.sessionWarn = new AtomicLong(this.sessionStart.get() + 300000);
            this.sessionEnd = new AtomicLong(this.sessionWarn.get());
            this.permissionStore = new PermissionStore();
            this.isComplete = false;
            this.inHandshake = false;
            this.isRekeying = false;
            this.isExtending = false;
            this.hasSentNoOp = false;
            this.stateID = 0;
            this.nextConfirmations = new HashMap();
        }
    }

    /* loaded from: input_file:org/opendof/core/internal/protocol/tep/DefaultTEP$ValidateCompleteListener.class */
    private class ValidateCompleteListener implements OALOperation.CompleteListener {
        private final Validator validator;
        private final OALOperation.CompleteListener listener;

        ValidateCompleteListener(Validator validator, OALOperation.CompleteListener completeListener) {
            this.validator = validator;
            this.listener = completeListener;
        }

        @Override // org.opendof.core.internal.core.OALOperation.CompleteListener
        public void complete(OALOperation oALOperation, Exception exc) {
            if (this.validator.isValid()) {
                DefaultTEP.this.stack.setSecureSID(this.validator.getSourceID());
            }
            DefaultTEP.this.setIAmPermission(new DOFPermission.IAm(DefaultTEP.this.stack.getSecureSID()));
            DefaultTEP.this.core.getThreadPool().submit(new OALOperation.AsyncNotifyCompleteListener(oALOperation, exc, this.listener));
        }
    }

    public DefaultTEP() {
        this.isDestroyed = false;
        this.isDestroyedMonitor = new Object();
        this.stateMonitor = new Object();
        this.app_id = (short) 128;
        this.securityMode = (short) 24577;
    }

    public DefaultTEP(short s, short s2) {
        this.isDestroyed = false;
        this.isDestroyedMonitor = new Object();
        this.stateMonitor = new Object();
        this.app_id = s;
        this.securityMode = s2;
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public short getAppId() {
        return this.app_id;
    }

    @Override // org.opendof.core.internal.protocol.AuthenticationLayer
    public void init(ConnectionStack connectionStack, SecurityModeLayer securityModeLayer) throws DPSException {
        try {
            this.stack = connectionStack;
            this.core = connectionStack.core;
            if (connectionStack.sharedConnection != null || connectionStack.isDatagram) {
                this.state = new State();
                synchronized (this.stateMonitor) {
                    this.state.isServer = connectionStack.direction == DOFConnection.Direction.INBOUND;
                    setSecurityMode(securityModeLayer);
                    this.state.credentials = connectionStack.sharedConnection != null ? connectionStack.sharedConnection.getCredential() : null;
                    this.state.initialPermissions = (connectionStack.sharedConnection == null || connectionStack.sharedConnection.getConfig().getPermissions() == null) ? new DOFPermissionSet.Builder().build() : connectionStack.sharedConnection.getConfig().getPermissions();
                    DOFPermissionSet.Builder builder = new DOFPermissionSet.Builder(this.state.initialPermissions);
                    builder.addPermissions(OALBridge.GENERAL_BINDING_PERMS);
                    builder.addPermission(new DOFPermission.ActAsAny());
                    builder.addPermission(new DOFPermission.TunnelDomain(1073741823));
                    this.state.initialPermissions = builder.build();
                    if (!this.state.isServer) {
                        if (this.state.credentials == null) {
                            throw new AuthenticationException(AuthenticationException.ACCESS_DENIED, "No Credentials Supplied.");
                        }
                        new AsyncBegin(this);
                        return;
                    }
                    new AsyncBeginSession(this);
                }
            }
        } catch (AuthenticationException e) {
            if (DOF.Log.isLogError()) {
                DOF.Log.message("TEP", DOF.Log.Level.ERROR, "init Exception: " + e + ". Closing connection.", e);
            }
            connectionStack.sharedConnection.setException(e);
            closeConnection(new DOFTerminatedException("TEP initialization failed", e));
        } catch (Exception e2) {
            if (DOF.Log.isLogError()) {
                DOF.Log.message("TEP", DOF.Log.Level.ERROR, "init Exception: " + e2 + ". Closing connection.", e2);
            }
            closeConnection(new DOFTerminatedException("Failure to initialize layer.", e2));
        }
    }

    @Override // org.opendof.core.internal.protocol.ProtocolLayer
    public void init(ConnectionStack connectionStack) {
        if (connectionStack.sharedServer != null) {
            connectionStack.setAuthID(this.app_id);
            connectionStack.setSecurityMode(this.securityMode);
            this.stack = connectionStack;
            this.core = connectionStack.core;
            this.state = new State();
            synchronized (this.stateMonitor) {
                this.state.isServer = connectionStack.direction == DOFConnection.Direction.INBOUND;
                setSecurityMode(connectionStack.getSecurityMode());
                this.state.credentials = connectionStack.sharedConnection != null ? connectionStack.sharedConnection.getCredential() : null;
                this.state.initialPermissions = (connectionStack.sharedConnection == null || connectionStack.sharedConnection.getConfig().getPermissions() == null) ? new DOFPermissionSet.Builder().build() : connectionStack.sharedConnection.getConfig().getPermissions();
                DOFPermissionSet.Builder builder = new DOFPermissionSet.Builder(this.state.initialPermissions);
                builder.addPermissions(OALBridge.GENERAL_BINDING_PERMS);
                builder.addPermission(new DOFPermission.ActAsAny());
                builder.addPermission(new DOFPermission.TunnelDomain(1073741823));
                this.state.initialPermissions = builder.build();
                if (connectionStack.sharedServer.getStack().getAuthenticationLayer() != null) {
                    this.state.stateID = ((DefaultTEP) connectionStack.sharedServer.getStack().getAuthenticationLayer()).getStateID();
                }
            }
        }
    }

    @Override // org.opendof.core.internal.core.OperationSource
    public String getName() {
        return this.core.getName() + "'TEP";
    }

    @Override // org.opendof.core.internal.protocol.ApplicationLayer
    public boolean isCCMFamily(short s) {
        return false;
    }

    @Override // org.opendof.core.internal.protocol.ApplicationLayer
    public boolean isTEPFamily(short s) {
        return true;
    }

    @Override // org.opendof.core.internal.protocol.ApplicationLayer
    public boolean isOAPFamily(short s) {
        return false;
    }

    @Override // org.opendof.core.internal.protocol.ApplicationLayer
    public boolean isTRPFamily(short s) {
        return false;
    }

    public ConnectionStack getStack() {
        return this.stack;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sendFinalizeStack(KeyRequestOperation keyRequestOperation) {
        synchronized (this.stateMonitor) {
            if (!this.state.isComplete) {
                this.stack.stackWaiting = true;
                new AsyncFinalizeStack(this, keyRequestOperation);
                this.state.isComplete = true;
            }
            this.state.inHandshake = false;
        }
    }

    @Override // org.opendof.core.internal.protocol.AuthenticationLayer, org.opendof.core.internal.core.OperationSource
    public OALSecurityScope getInboundScope(DOFPermission dOFPermission) {
        OALSecurityScope securityScope = this.state.permissionStore.getInbound(this.state.securityMode.getCurrentKeyPeriod()).getSecurityScope(this.core, dOFPermission, false);
        this.core.permissionRequested(this.stack.sharedConnection.getPeerCredentials().getIdentity(), dOFPermission, securityScope);
        return securityScope;
    }

    @Override // org.opendof.core.internal.protocol.AuthenticationLayer
    public OALSecurityScope getInboundScope(byte b, DOFPermission dOFPermission) {
        OALSecurityScope securityScope = this.state.permissionStore.getInbound(b).getSecurityScope(this.core, dOFPermission, false);
        this.core.permissionRequested(this.stack.sharedConnection.getPeerCredentials().getIdentity(), dOFPermission, securityScope);
        return securityScope;
    }

    protected void rekeyComplete(long j) {
    }

    protected boolean isIgnoreSessionEnding() {
        return false;
    }

    @Override // org.opendof.core.internal.protocol.AuthenticationLayer
    public void setOutboundScope(OALSecurityScope oALSecurityScope) {
        synchronized (this.stateMonitor) {
            this.state.connectionScope = this.core.globalFactory.createSecurityScope(this.core, this.core.getDomainStore().getDomainAlias(getCredentials()), oALSecurityScope.getIDs(), oALSecurityScope.isAllScopes(), oALSecurityScope.isMasking());
        }
    }

    @Override // org.opendof.core.internal.protocol.AuthenticationLayer, org.opendof.core.internal.core.OperationProcessor
    public OALSecurityScope getOutboundScope() {
        return this.state.connectionScope;
    }

    @Override // org.opendof.core.internal.protocol.AuthenticationLayer, org.opendof.core.internal.core.OperationProcessor
    public OALSecurityScope getOutboundScope(DOFPermission dOFPermission) {
        if (dOFPermission == null) {
            return getOutboundScope();
        }
        OALSecurityScope securityScope = this.state.permissionStore.getOutbound(this.state.securityMode.getCurrentKeyPeriod()).getSecurityScope(this.core, dOFPermission, this.stack.sharedConnection.getConfig().isPermissionsExtendAllowed());
        this.core.permissionRequested(getCredentials().getIdentity(), dOFPermission, securityScope);
        return securityScope;
    }

    @Override // org.opendof.core.internal.protocol.AuthenticationLayer
    public OALSecurityScope getOutboundScope(DOFPermissionSet dOFPermissionSet) {
        if (dOFPermissionSet == null) {
            return getOutboundScope();
        }
        ArrayList arrayList = new ArrayList();
        for (DOFPermission dOFPermission : dOFPermissionSet.getPermissions()) {
            OALSecurityScope securityScope = this.state.permissionStore.getOutbound(this.state.securityMode.getCurrentKeyPeriod()).getSecurityScope(this.core, dOFPermission, this.stack.sharedConnection.getConfig().isPermissionsExtendAllowed());
            this.core.permissionRequested(getCredentials().getIdentity(), dOFPermission, securityScope);
            arrayList.add(securityScope);
        }
        return OALSecurityScope.intersectScopes(arrayList);
    }

    @Override // org.opendof.core.internal.protocol.AuthenticationLayer
    public ArrayList<DOFPermission> getUnobtainedOutboundPermissions(ArrayList<DOFPermission> arrayList) throws DOFSecurityException {
        ArrayList<DOFPermission> arrayList2 = new ArrayList<>();
        for (int size = arrayList.size() - 1; size >= 0; size--) {
            DOFPermission dOFPermission = arrayList.get(size);
            OALSecurityScope outboundScope = getOutboundScope(dOFPermission);
            if (outboundScope == null) {
                if (dOFPermission instanceof DOFPermission.IAm) {
                    throw new DOFSecurityException("No IAm permission.");
                }
                arrayList2.add(dOFPermission);
            } else if (!outboundScope.hasIDs()) {
                throw new DOFSecurityException("TEP Permission has been denied.");
            }
            if (dOFPermission.getPermissionType() == 133 && !this.stack.sharedConnection.getConfig().isTunnelDomains()) {
                throw new DOFSecurityException("Connection cannot tunnel domains.");
            }
        }
        return arrayList2;
    }

    @Override // org.opendof.core.internal.protocol.AuthenticationLayer
    public ArrayList<DOFPermission> getUnobtainedInboundPermissions(ArrayList<DOFPermission> arrayList) throws DOFSecurityException {
        ArrayList<DOFPermission> arrayList2 = new ArrayList<>();
        for (int size = arrayList.size() - 1; size >= 0; size--) {
            DOFPermission dOFPermission = arrayList.get(size);
            OALSecurityScope inboundScope = getInboundScope(dOFPermission);
            if (inboundScope == null) {
                if (dOFPermission instanceof DOFPermission.IAm) {
                    throw new DOFSecurityException("No IAm permission.");
                }
                arrayList2.add(dOFPermission);
            } else if (!inboundScope.hasIDs()) {
                throw new DOFSecurityException("Permission has been denied");
            }
            if (dOFPermission.getPermissionType() == 133 && !this.stack.sharedConnection.getConfig().isTunnelDomains()) {
                throw new DOFSecurityException("Connection cannot tunnel domains.");
            }
        }
        return arrayList2;
    }

    @Override // org.opendof.core.internal.protocol.AuthenticationLayer
    public ArrayList<DOFPermission> checkPermissions(ArrayList<DOFPermission> arrayList) throws DOFSecurityException {
        OALSecurityScope compatibleScope;
        DOFPermissionSet complement;
        ArrayList<DOFPermission> arrayList2 = new ArrayList<>();
        OALSecurityScope oALSecurityScope = null;
        OALSecurityScope oALSecurityScope2 = null;
        Iterator<DOFPermission> it = arrayList.iterator();
        while (it.hasNext()) {
            DOFPermission next = it.next();
            if (next.getPermissionType() == 133 && !this.stack.sharedConnection.getConfig().isTunnelDomains()) {
                throw new DOFSecurityException("Connection cannot tunnel domains.");
            }
            OALSecurityScope outboundScope = getOutboundScope(next);
            if (outboundScope == null) {
                if (next instanceof DOFPermission.IAm) {
                    throw new DOFSecurityException("No IAm permission.");
                }
                arrayList2.add(next);
            } else {
                if (!outboundScope.hasIDs()) {
                    throw new DOFSecurityException("TEP Permission has been denied.");
                }
                if (outboundScope != null && outboundScope.hasIDs() && (complement = next.getComplement()) != null) {
                    oALSecurityScope = oALSecurityScope == null ? outboundScope : outboundScope.getCompatibleScope(oALSecurityScope);
                    boolean z = false;
                    Iterator<DOFPermission> it2 = complement.getPermissions().iterator();
                    while (true) {
                        if (!it2.hasNext()) {
                            break;
                        }
                        OALSecurityScope inboundScope = getInboundScope(it2.next());
                        if (inboundScope == null) {
                            z = true;
                            break;
                        }
                        if (inboundScope.hasIDs()) {
                            oALSecurityScope2 = oALSecurityScope2 == null ? inboundScope : inboundScope.getCompatibleScope(oALSecurityScope2);
                            z = true;
                        }
                    }
                    if (!z) {
                        return null;
                    }
                }
            }
        }
        if (oALSecurityScope == null || oALSecurityScope2 == null || ((compatibleScope = oALSecurityScope.getCompatibleScope(oALSecurityScope2)) != null && compatibleScope.hasIDs())) {
            return arrayList2;
        }
        return null;
    }

    public void addOutboundPermission(ScopedPermissionList scopedPermissionList) {
        synchronized (this.stateMonitor) {
            this.state.permissionStore.getOutbound(this.state.securityMode.getCurrentKeyPeriod()).add(scopedPermissionList);
        }
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public void addInboundPermissions(ScopedPermissionList scopedPermissionList) {
        synchronized (this.stateMonitor) {
            this.state.permissionStore.getInbound(this.state.securityMode.getCurrentKeyPeriod()).add(scopedPermissionList);
        }
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public void addInboundPermissions(byte b, ScopedPermissionList scopedPermissionList) {
        synchronized (this.stateMonitor) {
            this.state.permissionStore.getInbound(b).add(scopedPermissionList);
        }
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public void addOutboundPermissions(ScopedPermissionList scopedPermissionList) {
        synchronized (this.stateMonitor) {
            this.state.permissionStore.getOutbound(this.state.securityMode.getCurrentKeyPeriod()).add(scopedPermissionList);
        }
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public void addOutboundPermissions(byte b, ScopedPermissionList scopedPermissionList) {
        synchronized (this.stateMonitor) {
            this.state.permissionStore.getOutbound(b).add(scopedPermissionList);
        }
    }

    public void setIAmPermission(DOFPermission dOFPermission) {
        if (dOFPermission instanceof DOFPermission.IAm) {
            this.state.initialPermissions = new DOFPermissionSet.Builder(this.state.initialPermissions).addPermission(dOFPermission).build();
        }
    }

    @Override // org.opendof.core.internal.protocol.AuthenticationLayer
    public void extendOutboundPermission(DOFPermissionSet dOFPermissionSet, OperationProcessor operationProcessor, OALOperation.CompleteListener completeListener) {
        KeyRequestOperation createExtendRequest = createExtendRequest(OALBridge.optimizeRequestPermissions(dOFPermissionSet, this.state.permissionStore.getOutbound(this.state.securityMode.getCurrentKeyPeriod())), operationProcessor);
        if (createExtendRequest == null) {
            this.core.getThreadPool().submit(new OALOperation.AsyncNotifyCompleteListener(null, null, completeListener));
        } else {
            createExtendRequest.setCompleteListener(new ExtendCompleteListener(completeListener, false));
            this.core.process(createExtendRequest);
        }
    }

    @Override // org.opendof.core.internal.protocol.AuthenticationLayer
    public void extendInboundPermission(DOFPermissionSet dOFPermissionSet, OperationProcessor operationProcessor, OALOperation.CompleteListener completeListener) {
        KeyRequestOperation createExtendRequest = createExtendRequest(OALBridge.optimizeRequestPermissions(dOFPermissionSet, this.state.permissionStore.getOutbound(this.state.securityMode.getCurrentKeyPeriod())), operationProcessor);
        if (createExtendRequest == null) {
            this.core.getThreadPool().submit(new OALOperation.AsyncNotifyCompleteListener(null, null, completeListener));
        } else {
            createExtendRequest.setCompleteListener(new ExtendCompleteListener(completeListener, true));
            this.core.process(createExtendRequest);
        }
    }

    @Override // org.opendof.core.internal.protocol.AuthenticationLayer
    public boolean isInboundExtendResponsible() {
        return false;
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public DOFPermissionSet removeDisallowed(DOFPermissionSet dOFPermissionSet) {
        DOFPermissionSet.Builder builder = new DOFPermissionSet.Builder();
        for (DOFPermission dOFPermission : dOFPermissionSet.getPermissions()) {
            if (dOFPermission.getPermissionType() != 133) {
                builder.addPermission(dOFPermission);
            } else if (this.stack.sharedConnection.getConfig().isTunnelDomains()) {
                builder.addPermission(dOFPermission);
            }
        }
        return builder.build();
    }

    private KeyRequestOperation createExtendRequest(DOFPermissionSet dOFPermissionSet, OperationProcessor operationProcessor) {
        DOFPermissionSet removeDisallowed = removeDisallowed(dOFPermissionSet);
        if (removeDisallowed.size() == 0 || this.core.isDestroying()) {
            return null;
        }
        try {
            synchronized (this.stateMonitor) {
                if (this.state.isExtending) {
                    return null;
                }
                if (this.state.isRekeying) {
                    return null;
                }
                this.state.isExtending = true;
                if (DOF.Log.isLogDebug()) {
                    DOF.Log.message("TEP", DOF.Log.Level.DEBUG, this.core.getName() + " - extending permissions: " + this.stack.sharedConnection);
                }
                DOFObjectID.Domain domain = null;
                Credentials credentials = null;
                if (this.stack.sharedConnection == null || this.stack.sharedConnection.getAssociatedServer() != null) {
                    credentials = this.state.credentials;
                    domain = credentials.getDomainID();
                } else if (this.stack.sharedConnection != null) {
                    credentials = this.stack.sharedConnection.getCredential();
                    domain = credentials.getDomainID();
                }
                DOFOperation.Control control = null;
                if (this.stack.isDatagram) {
                    control = new DOFOperation.Control();
                    control.setRetryPeriod(DATAGRAM_RETRY_PERIOD);
                }
                return new KeyRequestOperation(this.core, new OALOperation.State(this.core, this, this.core.createOperationID(), TEP_HANDSHAKE_MAX, !this.state.securityMode.providesEncryption() ? OALOperation.State.RequiredSecurity.AUTHENTICATE : OALOperation.State.RequiredSecurity.ENCRYPT), (OALChannel) (this.stack.sharedConnection != null ? this.stack.sharedConnection : operationProcessor), domain, this, this.state.securityMode, new KeyRequest(EncryptionUtil.createRandomNonce(8), credentials.getIdentification(), removeDisallowed, (short) 1), credentials, control);
            }
        } catch (Exception e) {
            if (!DOF.Log.isLogError()) {
                return null;
            }
            DOF.Log.message("TEP", DOF.Log.Level.DEBUG, this.core.getName() + " - failed extending permissions: " + this.stack.sharedConnection, e);
            return null;
        }
    }

    @Override // org.opendof.core.internal.core.OperationSource
    public void sendResponse(OALOperation oALOperation) {
        KeyRequestOperation keyRequestOperation;
        boolean z = false;
        try {
            try {
                if (oALOperation instanceof KeyRequestOperation) {
                    KeyRequestOperation keyRequestOperation2 = (KeyRequestOperation) ((KeyRequestOperation) oALOperation).getCommandOperation();
                    synchronized (this.stateMonitor) {
                        if (keyRequestOperation2.isRekey()) {
                            long grantMinutes = keyRequestOperation2.getGrantMinutes() * this.core.getGrantTimeUnit();
                            long grantTimeUnit = 5 * this.core.getGrantTimeUnit();
                            this.state.securityMode.setKey(keyRequestOperation2.getSessionKey(), keyRequestOperation2.getSessionState(), false);
                            this.stack.resetConnectTime();
                            this.state.sessionStart.set(OALCore.currentTimeMillis());
                            this.state.sessionEnd.set(this.state.sessionStart.get() + grantMinutes);
                            this.state.sessionWarn.set(this.state.sessionEnd.get() - grantTimeUnit);
                            rekeyComplete(grantMinutes);
                            if (DOF.Log.isLogDebug()) {
                                DOF.Log.message("TEP", DOF.Log.Level.DEBUG, this.core.getName() + " - TEP Rekey complete with session duration=" + grantMinutes + "ms and warning=" + grantTimeUnit + " on " + this.stack.sharedConnection);
                            }
                            if (this.state.connectionScope == null) {
                                z = true;
                            }
                            setOutboundScope(keyRequestOperation2.getOutboundScope());
                            this.state.stateID = keyRequestOperation2.getStateID();
                        }
                        byte[] bArr = new byte[16];
                        System.arraycopy(keyRequestOperation2.getInitiatorRequest().getNonce(), 0, bArr, 16 - keyRequestOperation2.getInitiatorRequest().getNonce().length, keyRequestOperation2.getInitiatorRequest().getNonce().length);
                        byte[] bArr2 = new byte[16];
                        System.arraycopy(keyRequestOperation2.getResponderRequest().getNonce(), 0, bArr2, 16 - keyRequestOperation2.getResponderRequest().getNonce().length, keyRequestOperation2.getResponderRequest().getNonce().length);
                        byte[] hmac_SHA256 = EncryptionUtil.hmac_SHA256(keyRequestOperation2.getSessionKey(), null, bArr, 0, 16, bArr2, 0, 16, null, 0, 0, null);
                        keyRequestOperation2.setConfirmation(hmac_SHA256);
                        keyRequestOperation2.setSecurityModeLayer(this.state.securityMode);
                        keyRequestOperation2.setKeyState(keyRequestOperation2.getSessionState());
                        keyRequestOperation2.setSessionStage((byte) 1);
                        OALOperation.State.RequiredSecurity requiredSecurity = OALOperation.State.RequiredSecurity.NONE;
                        if (this.state.isComplete) {
                            requiredSecurity = this.state.securityMode.providesEncryption() ? OALOperation.State.RequiredSecurity.ENCRYPT : OALOperation.State.RequiredSecurity.AUTHENTICATE;
                        }
                        DOFOperation.Control control = null;
                        if (this.stack.isDatagram) {
                            control = new DOFOperation.Control();
                            control.setRetryPeriod(DATAGRAM_RETRY_PERIOD);
                        }
                        keyRequestOperation = new KeyRequestOperation(this.core, keyRequestOperation2.getState().asRetry(requiredSecurity), this.stack.sharedConnection, this, this.state.securityMode, keyRequestOperation2.getSessionState(), hmac_SHA256, keyRequestOperation2.isRekey(), control);
                    }
                    this.core.process(keyRequestOperation);
                    if (!this.stack.isDatagram) {
                        setSentNoOp();
                        sendFinalizeStack(keyRequestOperation2);
                    } else if (hasSentNoOp()) {
                        new AsyncWaitForConfirmAck(this, keyRequestOperation2);
                    } else {
                        setSentNoOp();
                        keyRequestOperation2.asyncSetComplete();
                        this.stack.stackWaiting = true;
                        new AsyncWaitForNoOp(this, keyRequestOperation2);
                    }
                    synchronized (this.stateMonitor) {
                        addOutboundPermission(ScopedPermissionList.create(keyRequestOperation2.getInitiatorRequest().getPermissions(), keyRequestOperation2.getInitiatorScopeList().intersectWith(this.state.connectionScope)));
                        addInboundPermissions(ScopedPermissionList.create(keyRequestOperation2.getResponderRequest().getPermissions(), keyRequestOperation2.getResponderScopeList().intersectWith(this.state.connectionScope)));
                    }
                } else {
                    if (!(oALOperation instanceof RejectOperation)) {
                        throw new AuthenticationException("TEP failed to get a valid response.");
                    }
                    if (this.state.isRekeying) {
                        rekeyFailed();
                        if (!this.state.isComplete) {
                            throw new AuthenticationException(((RejectOperation) oALOperation).getAuthenticationError());
                        }
                    }
                }
                if (z) {
                    synchronized (this.stateMonitor) {
                        this.state.isRekeying = false;
                    }
                    this.stack.sharedConnection.processRekeyBlockedQueue();
                }
                if (this.stack.isStreaming) {
                    oALOperation.asyncSetComplete();
                }
            } catch (DOFException e) {
                this.stack.sharedConnection.setException(e);
                closeConnection(new DOFAuthenticationFailedException(e));
                if (0 != 0) {
                    synchronized (this.stateMonitor) {
                        this.state.isRekeying = false;
                        this.stack.sharedConnection.processRekeyBlockedQueue();
                    }
                }
                if (this.stack.isStreaming) {
                    oALOperation.asyncSetComplete();
                }
            }
        } catch (Throwable th) {
            if (0 != 0) {
                synchronized (this.stateMonitor) {
                    this.state.isRekeying = false;
                    this.stack.sharedConnection.processRekeyBlockedQueue();
                }
            }
            if (this.stack.isStreaming) {
                oALOperation.asyncSetComplete();
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void finalizeStack(KeyRequestOperation keyRequestOperation) {
        this.stack.securing(this.state.securityMode);
        this.stack.finalized(this.state.securityMode);
        if (this.stack.state == null || !keyRequestOperation.isRekey()) {
            return;
        }
        this.stack.state.ssid = keyRequestOperation.getStateID();
        this.stack.state.isSSIDFromAS = false;
        this.stack.register(this.stack.state.ssid, this.stack.sharedConnection, this.stack.state.isSSIDFromAS);
    }

    @Override // org.opendof.core.internal.core.OperationSource
    public boolean isSameAs(OperationProcessor operationProcessor) {
        return false;
    }

    @Override // org.opendof.core.internal.core.OperationSource
    public boolean isBetter(OperationSource operationSource) {
        return false;
    }

    @Override // org.opendof.core.internal.core.OperationSource
    public boolean isSameAs(OperationSource operationSource) {
        return this == operationSource;
    }

    @Override // org.opendof.core.internal.core.OperationSource
    public OperationProcessor getOperationProcessor() {
        return null;
    }

    @Override // org.opendof.core.internal.core.OperationSource
    public boolean isCompatible(OALSecurityScope oALSecurityScope) {
        return true;
    }

    @Override // org.opendof.core.internal.protocol.ApplicationLayer
    public Map<Class<? extends Router>, Object> getRouters() {
        return new HashMap();
    }

    @Override // org.opendof.core.internal.protocol.ApplicationLayer
    public void modifyRequest(short s, DOFConnectionStack dOFConnectionStack, DOFPacket dOFPacket) {
    }

    @Override // org.opendof.core.internal.protocol.ProtocolLayer
    public void recv(PacketData packetData) {
    }

    @Override // org.opendof.core.internal.protocol.ApplicationLayer
    public void writeRequest(short s, DOFConnectionStack dOFConnectionStack, DOFPacket dOFPacket) {
        BufferedPacket bufferedPacket = (BufferedPacket) dOFPacket;
        bufferedPacket.putByte(0);
        bufferedPacket.putShort(s);
        bufferedPacket.putByte(0);
    }

    @Override // org.opendof.core.internal.protocol.ApplicationLayer
    public void checkRequest(short s, DOFConnectionStack dOFConnectionStack, DOFPacket dOFPacket, DOFPacket dOFPacket2) {
        if (((BufferedPacket) dOFPacket).readByte(0) != 0) {
            writeRequest(s, dOFConnectionStack, dOFPacket2);
        }
    }

    @Override // org.opendof.core.internal.protocol.ApplicationLayer
    public int getAttributeCode() {
        return 0;
    }

    public static short getAppID(DOFCipher.Algorithm algorithm) {
        switch (algorithm) {
            case AES:
                return (short) 128;
            case TWOFISH:
                return (short) 132;
            case SMS4:
                return (short) 135;
            default:
                return (short) 0;
        }
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public boolean hasSentNoOp() {
        boolean z;
        synchronized (this.stateMonitor) {
            z = this.state.hasSentNoOp;
        }
        return z;
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public void setSentNoOp() {
        synchronized (this.stateMonitor) {
            this.state.hasSentNoOp = true;
        }
    }

    private KeyRequest createAuthenticationBlock(short s) {
        KeyRequest keyRequest = null;
        synchronized (this.stateMonitor) {
            try {
                if (this.state != null) {
                    boolean z = this.stack.getSecurityMode() != null;
                    keyRequest = new KeyRequest(EncryptionUtil.createRandomNonce(8), (z ? this.stack.sharedConnection.getCredential() : this.state.credentials).getIdentification(), this.state.initialPermissions, s, z);
                }
            } catch (Exception e) {
                if (DOF.Log.isLogError()) {
                    DOF.Log.message("TEP", DOF.Log.Level.ERROR, "createAuthenticationBlock Exception: " + e + ". Closing connection.", e);
                }
                this.stack.sharedConnection.terminate(new DOFTerminatedException("Failure to initialize security", e));
                return null;
            }
        }
        return keyRequest;
    }

    @Override // org.opendof.core.internal.protocol.ProtocolLayer
    public void destroy() {
        synchronized (this.isDestroyedMonitor) {
            if (this.isDestroyed) {
                return;
            }
            this.isDestroyed = true;
            if (this.state == null || this.state.permissionCleanup == null) {
                return;
            }
            this.state.permissionCleanup.destroy();
        }
    }

    public void closeConnection(DOFException dOFException) {
        if (this.stack == null || this.stack.sharedConnection == null) {
            return;
        }
        if (dOFException == null && this.stack.sharedConnection.isConnected()) {
            try {
                this.stack.sharedConnection.process(new EndOperation(new OALOperation.State(this.core, OALOperation.State.Type.COMMAND), this, this.stack.sharedConnection));
            } catch (OALOperation.ProcessException e) {
                if (DOF.Log.isLogWarn()) {
                    DOF.Log.message(DOF.Log.Level.WARN, "Process exception: " + e, e);
                }
            }
        }
        this.stack.sharedConnection.terminate(dOFException);
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:37:0x0101. Please report as an issue. */
    /* JADX WARN: Removed duplicated region for block: B:105:0x03c9  */
    /* JADX WARN: Removed duplicated region for block: B:119:0x0434 A[ORIG_RETURN, RETURN] */
    /* JADX WARN: Removed duplicated region for block: B:120:0x0206 A[Catch: Exception -> 0x03f4, all -> 0x0403, TryCatch #6 {Exception -> 0x03f4, blocks: (B:3:0x0002, B:5:0x000c, B:7:0x0023, B:8:0x0052, B:9:0x005b, B:29:0x0092, B:31:0x00a2, B:34:0x00ed, B:37:0x0101, B:38:0x013c, B:39:0x0143, B:41:0x0144, B:42:0x014e, B:47:0x0156, B:49:0x0159, B:50:0x015a, B:54:0x016e, B:56:0x0175, B:58:0x017f, B:60:0x0185, B:61:0x0190, B:78:0x01cb, B:80:0x01e6, B:81:0x01f6, B:83:0x0200, B:84:0x0209, B:103:0x03b7, B:120:0x0206, B:122:0x024c, B:123:0x0253, B:125:0x0254, B:127:0x026f, B:128:0x0278, B:130:0x0287, B:133:0x0296, B:135:0x02a5, B:137:0x02af, B:138:0x02c5, B:140:0x02cf, B:141:0x02d6, B:160:0x0312, B:163:0x0304, B:167:0x0275, B:170:0x031a, B:172:0x031d, B:173:0x0321, B:174:0x033e, B:193:0x0372, B:194:0x038f, B:195:0x03ac, B:196:0x03b6), top: B:2:0x0002, outer: #2 }] */
    /* JADX WARN: Removed duplicated region for block: B:121:0x01f5  */
    /* JADX WARN: Removed duplicated region for block: B:80:0x01e6 A[Catch: Exception -> 0x03f4, all -> 0x0403, TryCatch #6 {Exception -> 0x03f4, blocks: (B:3:0x0002, B:5:0x000c, B:7:0x0023, B:8:0x0052, B:9:0x005b, B:29:0x0092, B:31:0x00a2, B:34:0x00ed, B:37:0x0101, B:38:0x013c, B:39:0x0143, B:41:0x0144, B:42:0x014e, B:47:0x0156, B:49:0x0159, B:50:0x015a, B:54:0x016e, B:56:0x0175, B:58:0x017f, B:60:0x0185, B:61:0x0190, B:78:0x01cb, B:80:0x01e6, B:81:0x01f6, B:83:0x0200, B:84:0x0209, B:103:0x03b7, B:120:0x0206, B:122:0x024c, B:123:0x0253, B:125:0x0254, B:127:0x026f, B:128:0x0278, B:130:0x0287, B:133:0x0296, B:135:0x02a5, B:137:0x02af, B:138:0x02c5, B:140:0x02cf, B:141:0x02d6, B:160:0x0312, B:163:0x0304, B:167:0x0275, B:170:0x031a, B:172:0x031d, B:173:0x0321, B:174:0x033e, B:193:0x0372, B:194:0x038f, B:195:0x03ac, B:196:0x03b6), top: B:2:0x0002, outer: #2 }] */
    /* JADX WARN: Removed duplicated region for block: B:83:0x0200 A[Catch: Exception -> 0x03f4, all -> 0x0403, TryCatch #6 {Exception -> 0x03f4, blocks: (B:3:0x0002, B:5:0x000c, B:7:0x0023, B:8:0x0052, B:9:0x005b, B:29:0x0092, B:31:0x00a2, B:34:0x00ed, B:37:0x0101, B:38:0x013c, B:39:0x0143, B:41:0x0144, B:42:0x014e, B:47:0x0156, B:49:0x0159, B:50:0x015a, B:54:0x016e, B:56:0x0175, B:58:0x017f, B:60:0x0185, B:61:0x0190, B:78:0x01cb, B:80:0x01e6, B:81:0x01f6, B:83:0x0200, B:84:0x0209, B:103:0x03b7, B:120:0x0206, B:122:0x024c, B:123:0x0253, B:125:0x0254, B:127:0x026f, B:128:0x0278, B:130:0x0287, B:133:0x0296, B:135:0x02a5, B:137:0x02af, B:138:0x02c5, B:140:0x02cf, B:141:0x02d6, B:160:0x0312, B:163:0x0304, B:167:0x0275, B:170:0x031a, B:172:0x031d, B:173:0x0321, B:174:0x033e, B:193:0x0372, B:194:0x038f, B:195:0x03ac, B:196:0x03b6), top: B:2:0x0002, outer: #2 }] */
    /* JADX WARN: Removed duplicated region for block: B:86:0x021f  */
    @Override // org.opendof.core.internal.protocol.ApplicationLayer
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void recv(short r12, org.opendof.core.internal.protocol.PacketData r13) throws org.opendof.core.internal.protocol.DPSException {
        /*
            Method dump skipped, instructions count: 1077
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.opendof.core.internal.protocol.tep.DefaultTEP.recv(short, org.opendof.core.internal.protocol.PacketData):void");
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public Credentials getResponder(KeyRequest keyRequest) throws DOFSecurityException {
        Credentials credentials;
        synchronized (this.stateMonitor) {
            if (this.stack.sharedConnection != null) {
                this.state.credentials = this.stack.sharedConnection.getCredential(keyRequest.getDomainID());
            } else {
                this.state.credentials = this.stack.sharedServer.getServerCredentials(keyRequest.getDomainID());
            }
            credentials = this.state.credentials;
        }
        return credentials;
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public void setCredentials(Credentials credentials) {
        synchronized (this.stateMonitor) {
            this.state.credentials = credentials;
        }
    }

    @Override // org.opendof.core.internal.protocol.AuthenticationLayer
    public Credentials getCredentials() {
        return this.state.credentials;
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public int getStateID() {
        return this.state.stateID;
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public void setExpectedConfirmation(OperationID operationID, byte[] bArr) {
        synchronized (this.stateMonitor) {
            this.state.nextConfirmations.put(operationID, bArr);
        }
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public void removeExpectedConfirmation(OperationID operationID) {
        synchronized (this.stateMonitor) {
            this.state.nextConfirmations.remove(operationID);
        }
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public byte[] getExpectedConfirmation(OperationID operationID) {
        byte[] bArr;
        synchronized (this.stateMonitor) {
            byte[] bArr2 = null;
            if (this.state.nextConfirmations.containsKey(operationID)) {
                bArr2 = this.state.nextConfirmations.get(operationID);
            }
            bArr = bArr2;
        }
        return bArr;
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public void beginSession() {
        if (this.state != null) {
            OALOperation.State state = null;
            synchronized (this.stateMonitor) {
                this.state.nextConfirmations.clear();
                if (!this.state.isServer && !this.state.inHandshake) {
                    this.state.inHandshake = true;
                    OALOperation.State.RequiredSecurity requiredSecurity = OALOperation.State.RequiredSecurity.NONE;
                    if (this.state.isComplete) {
                        requiredSecurity = this.state.securityMode.providesEncryption() ? OALOperation.State.RequiredSecurity.ENCRYPT : OALOperation.State.RequiredSecurity.AUTHENTICATE;
                    }
                    state = new OALOperation.State(this.core, this, this.core.createOperationID(), TEP_HANDSHAKE_MAX, requiredSecurity);
                    this.state.isRekeying = true;
                }
            }
            if (state != null) {
                DOFOperation.Control control = null;
                if (this.stack.isDatagram) {
                    control = new DOFOperation.Control();
                    control.setRetryPeriod(DATAGRAM_RETRY_PERIOD);
                }
                this.core.process(new KeyRequestOperation(this.core, state, this.stack.sharedConnection, this.state.credentials.getDomainID(), (short) 2040, this, this.state.securityMode, createAuthenticationBlock((short) 17), this.state.credentials, !this.state.isComplete, control));
            }
        }
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public boolean isComplete() {
        if (this.state != null) {
            return this.state.isComplete;
        }
        return false;
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public void setSecurityMode(SecurityModeLayer securityModeLayer) {
        this.state.securityMode = securityModeLayer;
        if (this.state.permissionCleanup != null) {
            this.state.permissionCleanup.destroy();
        }
        if (this.state.securityMode != null) {
            this.state.permissionCleanup = new PermissionStore.ScheduledPermissionRemover(this.state.securityMode, this.state.permissionStore);
            this.core.getScheduler().addTask(this.state.permissionCleanup);
        }
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public void open(int i, int i2) {
        synchronized (this.stateMonitor) {
            if (i > 0) {
                long grantTimeUnit = i * this.core.getGrantTimeUnit();
                long grantTimeUnit2 = 4 * this.core.getGrantTimeUnit();
                this.state.sessionStart.set(OALCore.currentTimeMillis());
                this.state.sessionEnd.set(this.state.sessionStart.get() + grantTimeUnit);
                this.state.sessionWarn.set(this.state.sessionEnd.get() - grantTimeUnit2);
                this.state.stateID = i2;
                rekeyComplete(grantTimeUnit);
                if (DOF.Log.isLogDebug()) {
                    DOF.Log.message("TEP", DOF.Log.Level.DEBUG, this.core.getName() + " - TEP Rekey complete with session duration=" + grantTimeUnit + "ms and warning=" + grantTimeUnit2 + " on " + this.stack.sharedConnection);
                }
            }
        }
        if (this.stack.state != null) {
            this.stack.state.ssid = i2;
            this.stack.state.isSSIDFromAS = false;
        }
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public void receiveStateFinalized(boolean z) {
        synchronized (this.stateMonitor) {
            if (!this.state.isComplete) {
                this.state.isComplete = true;
                this.state.inHandshake = false;
            }
            if (z && this.state.securityMode != null) {
                this.stack.securing(this.state.securityMode);
                this.stack.finalized(this.state.securityMode);
                final DOFPermissionSet initialPermissionSet = getInitialPermissionSet();
                if (initialPermissionSet != null && !initialPermissionSet.getPermissions().isEmpty()) {
                    this.stack.core.getThreadPool().submit(new AsyncRunnable() { // from class: org.opendof.core.internal.protocol.tep.DefaultTEP.1
                        @Override // java.lang.Runnable
                        public void run() {
                            DefaultTEP.this.extendOutboundPermission(initialPermissionSet, DefaultTEP.this.stack.sharedConnection, new InboundExtendPermissionListener());
                        }

                        @Override // org.opendof.core.internal.util.NameableRunnable
                        public String getName() {
                            return DefaultTEP.this.stack.core.getName() + "-Extend outbound permission.";
                        }
                    });
                }
            }
        }
    }

    private DOFPermissionSet getInitialPermissionSet() {
        if (this.stack.sharedConnection == null || this.stack.sharedConnection.getAssociatedServer() == null) {
            return null;
        }
        DOFServer.Config config = this.stack.sharedConnection.getAssociatedServer().getConfig();
        DOFPermissionSet permissions = config.getPermissions(this.state.credentials.getDomainID());
        return (permissions == null || permissions.getPermissions().isEmpty()) ? config.getWildcardPermissions() : config.getPermissions(this.state.credentials.getDomainID());
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public void sendStateFinalized(boolean z) {
        synchronized (this.stateMonitor) {
            if (z) {
                if (this.state.securityMode != null) {
                    if (this.stack.isDatagram) {
                        this.state.securityMode.promoteKey(this.stack.getKeyState(), (short) 5);
                    }
                    if (this.stack.isStreaming) {
                        this.state.securityMode.promoteKey(this.stack.getKeyState(), (short) 5);
                    }
                }
            }
        }
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public void close(DOFException dOFException) {
        closeConnection(dOFException);
    }

    @Override // org.opendof.core.internal.protocol.ProtocolLayer
    public void run() {
        if (this.state != null) {
            synchronized (this.stateMonitor) {
                long currentTimeMillis = OALCore.currentTimeMillis();
                if (!this.state.isComplete) {
                    if (currentTimeMillis > this.state.connectStart.get() + 45000) {
                        DOFAddress address = this.stack.sharedConnection != null ? this.stack.sharedConnection.getConfig().getAddress() : this.stack.sharedServer.getConfig().getAddress();
                        if (DOF.Log.isLogWarn()) {
                            DOF.Log.message("TEP", DOF.Log.Level.WARN, "Timed-out. Address: '" + address.toString() + "'");
                        }
                        new AsyncCloseConnection(this, new DOFTimeoutException("TEP Initialization Timeout"));
                    }
                    return;
                }
                if (currentTimeMillis > this.state.sessionEnd.get()) {
                    DOF.Log.message("TEP", DOF.Log.Level.WARN, "session Timed-out. Address: '" + (this.stack.sharedConnection != null ? this.stack.sharedConnection.getConfig().getAddress() : this.stack.sharedServer.getConfig().getAddress()).toString() + "'");
                    new AsyncCloseConnection(this, new DOFTimeoutException("TEP session Timeout"));
                    return;
                }
                if (this.state.isServer) {
                    if (currentTimeMillis > this.state.sessionWarn.get()) {
                        if (DOF.Log.isLogDebug()) {
                            DOF.Log.message("TEP", DOF.Log.Level.DEBUG, this.core.getName() + " - Session ending soon, warning initiator: " + this.stack.sharedConnection);
                        }
                        this.state.sessionWarn.set(currentTimeMillis + (this.core.getGrantTimeUnit() * 1));
                        new AsyncSendSessionEnding(this);
                    }
                } else if (currentTimeMillis > this.state.sessionWarn.get() && !this.state.isRekeying) {
                    if (DOF.Log.isLogDebug()) {
                        DOF.Log.message("TEP", DOF.Log.Level.DEBUG, this.core.getName() + " - Attempting TEP Rekey: " + this.stack.sharedConnection);
                    }
                    this.state.sessionWarn.set(currentTimeMillis + (this.core.getGrantTimeUnit() * 1));
                    new AsyncBeginSession(this);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sendSessionEnding() {
        this.core.process(new EndingOperation(new OALOperation.State(this.core, this, this.core.createOperationID(), TEP_HANDSHAKE_MAX), this, this.stack.sharedConnection));
    }

    @Override // org.opendof.core.internal.protocol.ProtocolLayer
    public void send(PacketData packetData) {
        try {
            packetData.appVersion = getAppId();
            this.stack.sendApp(packetData);
        } catch (DPSException e) {
        }
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public void obtainSecureSID(Credentials credentials) throws DOFSecurityException {
        if (this.stack.getSecureSID() == null) {
            Validator validator = new Validator(this.core);
            validator.validate(credentials, null, this.stack.sharedConnection, 30000);
            if (validator.isValid()) {
                this.stack.setSecureSID(validator.getSourceID());
            }
            setIAmPermission(new DOFPermission.IAm(this.stack.getSecureSID()));
        }
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public void beginObtainSecureSID(Credentials credentials, OALOperation.CompleteListener completeListener) {
        if (this.stack.getSecureSID() != null) {
            this.core.getThreadPool().submit(new OALOperation.AsyncNotifyCompleteListener(null, null, completeListener));
        } else {
            Validator validator = new Validator(this.core);
            validator.beginValidate(credentials, null, this.stack.sharedConnection, 30000, new ValidateCompleteListener(validator, completeListener));
        }
    }

    public void resolveCredentials() throws DOFSecurityException {
        if (!this.state.credentials.isResolved()) {
            this.state.credentials.resolve(this.core, this.stack.sharedConnection, 30000);
        }
        this.core.getDomainStore().registerCredentials(this.state.credentials, this.stack.sharedConnection);
    }

    public static short getAssociatedTRP(short s) {
        switch (s) {
            case 128:
            default:
                return (short) 129;
            case 132:
                return (short) 133;
            case APPID_SMS4 /* 135 */:
                return (short) 136;
        }
    }

    public static short getAssociatedCCM(short s) {
        switch (s) {
            case 128:
            default:
                return (short) 24577;
            case 132:
                return (short) 24578;
            case APPID_SMS4 /* 135 */:
                return (short) 24579;
        }
    }

    @Override // org.opendof.core.internal.protocol.AuthenticationLayer
    public boolean canTunnel(DomainStore.DomainAlias domainAlias) {
        int rdid;
        if (domainAlias == null || domainAlias.equals(this.state.connectionScope.getDomainAlias()) || (rdid = this.core.getDomainStore().getRDID(this.state.connectionScope.getDomainAlias(), domainAlias)) == -1) {
            return false;
        }
        OALSecurityScope outboundScope = getOutboundScope(new DOFPermission.TunnelDomain(rdid));
        return outboundScope == null ? this.stack.sharedConnection.getConfig().isTunnelDomains() : outboundScope != null && outboundScope.hasIDs();
    }

    @Override // org.opendof.core.internal.protocol.AuthenticationLayer
    public SecurityModeLayer getSecurityMode() {
        return this.state.securityMode;
    }

    @Override // org.opendof.core.internal.core.OperationSource
    public DOFObjectID.Source getInboundSourceID() {
        return null;
    }

    @Override // org.opendof.core.internal.protocol.tep.TEP
    public void rekeyFailed() {
        if (DOF.Log.isLogDebug()) {
            DOF.Log.message("TEP", DOF.Log.Level.DEBUG, this.core.getName() + " - TEP Rekey failed: " + this.stack.sharedConnection);
        }
        synchronized (this.stateMonitor) {
            this.state.isRekeying = false;
            this.state.inHandshake = false;
        }
    }

    public static DOFCipher.Algorithm getCipherAlgorithm(short s) {
        switch (s) {
            case 128:
            default:
                return DOFCipher.Algorithm.AES;
            case 132:
                return DOFCipher.Algorithm.TWOFISH;
            case APPID_SMS4 /* 135 */:
                return DOFCipher.Algorithm.SMS4;
        }
    }
}
