package org.opendof.core.internal.protocol.trp;

import java.util.Arrays;
import org.opendof.core.internal.core.OALOperation;
import org.opendof.core.internal.core.OperationProcessor;
import org.opendof.core.internal.protocol.Marshallable;
import org.opendof.core.internal.protocol.PacketData;
import org.opendof.core.internal.protocol.security.AuthenticationException;
import org.opendof.core.internal.protocol.security.Authenticator;
import org.opendof.core.internal.protocol.security.EncryptionUtil;
import org.opendof.core.internal.protocol.security.credentials.CredPDUFactory;
import org.opendof.core.internal.protocol.security.credentials.Credentials;
import org.opendof.core.internal.protocol.security.credentials.Identification;
import org.opendof.core.internal.util.BufferedPacket;
import org.opendof.core.oal.DOF;
import org.opendof.core.oal.DOFMarshalContext;
import org.opendof.core.oal.DOFMarshalException;
import org.opendof.core.oal.DOFObjectID;
import org.opendof.core.oal.DOFPacket;
import org.opendof.core.oal.security.DOFAuthenticationFailedException;
import org.opendof.core.oal.security.DOFSecurityException;

/* loaded from: input_file:org/opendof/core/internal/protocol/trp/ValidateOperation.class */
public class ValidateOperation extends TRPOperation implements Marshallable {
    public static final short OPCODE = 9;
    private final Identification identification;
    private final byte[] validA;
    private byte[] validB;
    private DOFObjectID.Source sourceID;

    public ValidateOperation(OALOperation.State state, Credentials credentials, short s) {
        super(credentials, state, null, null, s);
        this.validB = null;
        if (credentials == null || !credentials.isResolved()) {
            throw new IllegalArgumentException("ValidateOperation: credentials == null || !credentials.isResolved()");
        }
        this.identification = credentials.getIdentification();
        try {
            this.validA = Authenticator.computeValidA(credentials.getSharedSecret(), EncryptionUtil.createRandomNonce(8));
            this.domain = credentials.getDomainID();
            if (this.domain.hasAttributes() || this.domain.isBroadcast()) {
                throw new IllegalArgumentException("ValidateOperation: domain.hasAttributes() || domain.isBroadcast()");
            }
        } catch (DOFSecurityException e) {
            throw new IllegalArgumentException("Failed to compute validA.");
        }
    }

    public ValidateOperation(OALOperation.State state, Credentials credentials, OperationProcessor operationProcessor, OperationProcessor operationProcessor2, short s) {
        super(credentials, state, operationProcessor, operationProcessor2, s);
        this.validB = null;
        if (credentials == null || !credentials.isResolved()) {
            throw new IllegalArgumentException("ValidateOperation: credentials == null || !credentials.isResolved()");
        }
        this.identification = credentials.getIdentification();
        try {
            this.validA = Authenticator.computeValidA(credentials.getSharedSecret(), EncryptionUtil.createRandomNonce(8));
            this.domain = credentials.getDomainID();
            if (this.domain.hasAttributes() || this.domain.isBroadcast()) {
                throw new IllegalArgumentException("ValidateOperation: domain.hasAttributes() || domain.isBroadcast()");
            }
        } catch (DOFSecurityException e) {
            throw new IllegalArgumentException("Failed to compute validA.");
        }
    }

    public ValidateOperation(OALOperation.State state, byte[] bArr, DOFObjectID.Source source, short s) {
        super(null, state, null, null, s);
        this.validB = null;
        this.identification = null;
        this.validA = null;
        this.validB = bArr;
        this.sourceID = source;
    }

    public ValidateOperation(PacketData packetData, DOFMarshalContext dOFMarshalContext, Object obj, BufferedPacket bufferedPacket) throws DOFMarshalException {
        super(null, packetData.opState, null, null, packetData.appVersion);
        this.validB = null;
        bufferedPacket.getByte();
        if (dOFMarshalContext == DOFMarshalContext.COMMAND) {
            this.domain = DOFObjectID.Domain.create(bufferedPacket.getOID());
            if (this.domain.hasAttributes() || this.domain.isBroadcast()) {
                throw new DOFMarshalException("ValidateOperation unmarshal failed: domain.hasAttributes() || domain.isBroadcast()", null);
            }
            this.identification = CredPDUFactory.createIdentification(dOFMarshalContext, obj, bufferedPacket);
            this.validA = bufferedPacket.getByteArray(40);
            return;
        }
        this.identification = null;
        this.validA = null;
        OALOperation operation = packetData.opState.getCore().getOperation(packetData.opState.getOperationID());
        if (operation != null) {
            this.domain = ((ValidateOperation) operation).domain;
        }
        byte[] byteArray = bufferedPacket.getByteArray(8);
        DOFObjectID oid = bufferedPacket.getOID();
        byte[] bytes = oid.getBytes();
        byte[] byteArray2 = bufferedPacket.getByteArray(32);
        this.sourceID = DOFObjectID.Source.create(oid);
        this.validB = new byte[40 + bytes.length];
        System.arraycopy(byteArray, 0, this.validB, 0, byteArray.length);
        System.arraycopy(bytes, 0, this.validB, byteArray.length, bytes.length);
        System.arraycopy(byteArray2, 0, this.validB, byteArray.length + bytes.length, byteArray2.length);
    }

    @Override // org.opendof.core.internal.protocol.trp.TRPOperation
    public void process(Authenticator authenticator) {
        try {
            Authenticator.ValidateResponse requestValidate = authenticator.requestValidate(new Authenticator.ValidateRequest(this.identification, this.validA), DefaultTRP.getCipherAlgorithm(this.appid));
            respond(new ValidateOperation(getState().asResponse(), requestValidate.VALID_B, requestValidate.sourceID, this.appid));
        } catch (AuthenticationException e) {
            if (DOF.Log.isLogDebug()) {
                if (this.identification != null) {
                    DOF.Log.message(DOF.Log.Level.DEBUG, "Authenticator for domain " + authenticator.getDomainID() + " identity " + this.identification.getIdentity() + ", requestValidate failed with authentication error", e);
                } else {
                    DOF.Log.message(DOF.Log.Level.DEBUG, "Authenticator for domain " + authenticator.getDomainID() + ", requestValidate failed with authentication error", e);
                }
            }
            respond(new RejectOperation(getState().asResponse(), e.getErrorCode(), this.appid));
        } catch (Exception e2) {
            if (DOF.Log.isLogWarn()) {
                if (this.identification != null) {
                    DOF.Log.message(DOF.Log.Level.WARN, "Authenticator for domain " + authenticator.getDomainID() + " identity " + this.identification.getIdentity() + ", requestValidate failed with internal error", e2);
                } else {
                    DOF.Log.message(DOF.Log.Level.WARN, "Authenticator for domain " + authenticator.getDomainID() + ", requestValidate failed with internal error", e2);
                }
            }
            respond(new RejectOperation(getState().asResponse(), AuthenticationException.INTERNAL_ERROR, this.appid));
        }
        asyncSetComplete();
    }

    public boolean isValid() {
        try {
            if (getCredentials() == null) {
                throw new DOFSecurityException("Credentials not known.");
            }
            Authenticator.ValidateResponse resolutionResponse = getResolutionResponse();
            byte[] bArr = new byte[8];
            System.arraycopy(this.validA, 0, bArr, 0, bArr.length);
            byte[] bytes = resolutionResponse.sourceID.getBytes();
            byte[] bArr2 = new byte[8];
            System.arraycopy(resolutionResponse.VALID_B, 0, bArr2, 0, 8);
            boolean equals = Arrays.equals(Authenticator.computeValidB(getCredentials().getSharedSecret(), bArr, bArr2, bytes, getCredentials().getDomainID()), resolutionResponse.VALID_B);
            if (!equals) {
                throw new DOFAuthenticationFailedException("Credential validation failed.");
            }
            validResponse();
            return equals;
        } catch (Exception e) {
            if (DOF.Log.isLogDebug()) {
                DOF.Log.message("ValidateOperation", DOF.Log.Level.DEBUG, "ValidateOperation: isValid() credential validation failed Exception: '" + e, e);
            }
            if (getCredentials() == null) {
                return false;
            }
            getCredentials().reset();
            return false;
        }
    }

    public Authenticator.ValidateResponse getResolutionResponse() throws DOFSecurityException {
        if (this.validB != null && this.sourceID != null) {
            return new Authenticator.ValidateResponse(this.validB, this.sourceID);
        }
        TRPOperation tRPOperation = getFirstResponse() instanceof TRPOperation ? (TRPOperation) getFirstResponse() : null;
        if (tRPOperation instanceof RejectOperation) {
            throw new AuthenticationException(((RejectOperation) tRPOperation).getError() | 805306368);
        }
        if (tRPOperation == null) {
            throw new AuthenticationException(DOFSecurityException.AUTHENTICATION_FAILED, "Credential validation failed.");
        }
        return ((ValidateOperation) tRPOperation).getResolutionResponse();
    }

    @Override // org.opendof.core.internal.core.OALOperation, org.opendof.core.internal.protocol.Marshallable
    public void marshal(DOFMarshalContext dOFMarshalContext, Object obj, DOFPacket dOFPacket) throws DOFMarshalException {
        BufferedPacket bufferedPacket = (BufferedPacket) dOFPacket;
        if (dOFMarshalContext == DOFMarshalContext.COMMAND) {
            bufferedPacket.putByteArray(this.validA);
            this.identification.marshal(dOFMarshalContext, null, bufferedPacket);
            bufferedPacket.putOID(this.domain);
        } else {
            bufferedPacket.putByteArray(this.validB);
        }
        bufferedPacket.putByte(9);
    }
}
