package org.opendof.core.internal.protocol.security.credentials.srp6;

import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.util.Arrays;
import java.util.Iterator;
import java.util.Set;
import org.opendof.core.internal.core.OALCore;
import org.opendof.core.internal.core.OALOperation;
import org.opendof.core.internal.core.OperationProcessor;
import org.opendof.core.internal.core.security.OALCipher;
import org.opendof.core.internal.protocol.dsp.DefaultDSP;
import org.opendof.core.internal.protocol.security.AuthenticationException;
import org.opendof.core.internal.protocol.security.EncryptionUtil;
import org.opendof.core.internal.protocol.security.credentials.Credentials;
import org.opendof.core.internal.protocol.security.credentials.Identification;
import org.opendof.core.internal.protocol.security.credentials.ResolutionRequest;
import org.opendof.core.internal.protocol.security.credentials.ResolutionResponse;
import org.opendof.core.internal.protocol.trp.ResolveOperation;
import org.opendof.core.internal.util.BufferedPacket;
import org.opendof.core.oal.DOFErrorException;
import org.opendof.core.oal.DOFMarshalContext;
import org.opendof.core.oal.DOFMarshalException;
import org.opendof.core.oal.DOFObjectID;
import org.opendof.core.oal.DOFPacket;
import org.opendof.core.oal.security.DOFAuthenticationFailedException;
import org.opendof.core.oal.security.DOFSecurityException;

/* loaded from: input_file:org/opendof/core/internal/protocol/security/credentials/srp6/SRP6Credentials.class */
public final class SRP6Credentials implements Credentials {
    private static final long serialVersionUID = 2564439441736558736L;
    static final int GROUP_SIZE = 1024;
    private final DOFObjectID.Domain initialDomainID;
    private final DOFObjectID.Authentication identity;
    private final byte[] partialX;
    private DOFObjectID.Domain domainID;
    private final byte[] a;
    private final byte[] A;
    private transient byte[] S;
    private transient byte[] K_SRP;
    private transient byte[] validA;
    private transient byte[] secret;
    private transient byte[] privateStorage;
    private transient Object monitor;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/opendof/core/internal/protocol/security/credentials/srp6/SRP6Credentials$AsyncResolveComplete.class */
    public class AsyncResolveComplete implements OALOperation.CompleteListener {
        private final SRP6Credentials copy;
        private final OALOperation.CompleteListener listener;

        AsyncResolveComplete(SRP6Credentials sRP6Credentials, OALOperation.CompleteListener completeListener) {
            this.copy = sRP6Credentials;
            this.listener = completeListener;
        }

        @Override // org.opendof.core.internal.core.OALOperation.CompleteListener
        public void complete(OALOperation oALOperation, Exception exc) {
            if (oALOperation.getClass() == ResolveOperation.class) {
                ResolveOperation resolveOperation = (ResolveOperation) oALOperation;
                if (exc != null) {
                    this.listener.complete(resolveOperation, exc);
                    return;
                }
                if (!this.copy.isResolved()) {
                    this.listener.complete(resolveOperation, new DOFSecurityException("Credential resolution failed."));
                    return;
                }
                synchronized (SRP6Credentials.this.monitor) {
                    SRP6Credentials.this.S = this.copy.S;
                    SRP6Credentials.this.K_SRP = this.copy.K_SRP;
                    SRP6Credentials.this.validA = this.copy.validA;
                    SRP6Credentials.this.secret = this.copy.secret;
                    SRP6Credentials.this.domainID = this.copy.domainID;
                }
                this.listener.complete(resolveOperation, null);
            }
        }
    }

    public SRP6Credentials(DOFObjectID.Domain domain, DOFObjectID.Authentication authentication, String str) {
        this.S = null;
        this.K_SRP = null;
        this.validA = null;
        this.secret = null;
        this.privateStorage = null;
        this.monitor = new Object();
        this.initialDomainID = domain;
        this.domainID = domain;
        this.identity = authentication;
        this.partialX = SRP6Engine.compute_partial_x(authentication, str);
        this.a = EncryptionUtil.createSessionKey();
        this.A = SRP6Engine.compute_A(GROUP_SIZE, this.a);
    }

    public SRP6Credentials(SRP6Credentials sRP6Credentials) {
        this.S = null;
        this.K_SRP = null;
        this.validA = null;
        this.secret = null;
        this.privateStorage = null;
        this.monitor = new Object();
        this.initialDomainID = sRP6Credentials.initialDomainID;
        this.domainID = sRP6Credentials.domainID;
        this.identity = sRP6Credentials.identity;
        this.partialX = sRP6Credentials.partialX;
        this.a = EncryptionUtil.createSessionKey();
        this.A = SRP6Engine.compute_A(GROUP_SIZE, this.a);
    }

    public SRP6Credentials(DOFMarshalContext dOFMarshalContext, Object obj, DOFPacket dOFPacket) throws DOFMarshalException {
        this.S = null;
        this.K_SRP = null;
        this.validA = null;
        this.secret = null;
        this.privateStorage = null;
        this.monitor = new Object();
        if (dOFMarshalContext != DOFMarshalContext.STORE) {
            throw new DOFMarshalException("Stored credentials marshal context must always be STORE.", null);
        }
        BufferedPacket bufferedPacket = BufferedPacket.getBufferedPacket(dOFPacket);
        if (bufferedPacket.getCompressedShort() != 2) {
            throw new DOFMarshalException("SRP6Credentials: credential type is not password.", null);
        }
        if (bufferedPacket.getByte() != 255) {
            throw new DOFMarshalException("SRP6Credentials: stage is not 255.", null);
        }
        this.initialDomainID = DOFObjectID.Domain.create(bufferedPacket.getOID());
        this.domainID = this.initialDomainID;
        this.identity = DOFObjectID.Authentication.create(bufferedPacket.getOID());
        this.partialX = bufferedPacket.getByteArray(32);
        this.a = EncryptionUtil.createSessionKey();
        this.A = SRP6Engine.compute_A(GROUP_SIZE, this.a);
    }

    @Override // org.opendof.core.internal.protocol.security.credentials.Credentials
    public ResolutionRequest getResolutionRequest() {
        SRP6ResolutionRequestS1 sRP6ResolutionRequestS1;
        if (getStage() == 2) {
            return new SRP6ResolutionRequestS2(this.identity, this.A, OALCipher.getBestAlgorithm());
        }
        if (getStage() != 1) {
            return null;
        }
        synchronized (this.monitor) {
            if (this.validA == null) {
                throw new IllegalArgumentException("validA not set");
            }
            sRP6ResolutionRequestS1 = new SRP6ResolutionRequestS1(this.validA);
        }
        return sRP6ResolutionRequestS1;
    }

    @Override // org.opendof.core.internal.protocol.security.credentials.Credentials
    public void resolutionResponse(ResolutionResponse resolutionResponse) throws DOFSecurityException {
        byte[] encryptBlock;
        byte[] compute_VALID_B;
        if (resolutionResponse.getClass() == SRP6ResolutionResponseS2.class) {
            SRP6ResolutionResponseS2 sRP6ResolutionResponseS2 = (SRP6ResolutionResponseS2) resolutionResponse;
            byte[] b = sRP6ResolutionResponseS2.getB();
            byte[] compute_client_S = SRP6Engine.compute_client_S(GROUP_SIZE, this.a, this.A, b, sRP6ResolutionResponseS2.gets(), this.partialX);
            byte[] compute_K_SRP = SRP6Engine.compute_K_SRP(compute_client_S);
            byte[] compute_VALID_A = SRP6Engine.compute_VALID_A(this.A, b, compute_client_S);
            synchronized (this.monitor) {
                this.S = compute_client_S;
                this.K_SRP = compute_K_SRP;
                this.validA = compute_VALID_A;
            }
            return;
        }
        if (resolutionResponse.getClass() != SRP6ResolutionResponseS1.class) {
            throw new DOFSecurityException("Invalid response.");
        }
        SRP6ResolutionResponseS1 sRP6ResolutionResponseS1 = (SRP6ResolutionResponseS1) resolutionResponse;
        DOFObjectID.Domain domainID = sRP6ResolutionResponseS1.getDomainID();
        byte[] validB = sRP6ResolutionResponseS1.getValidB();
        byte[] key = sRP6ResolutionResponseS1.getKey();
        try {
            synchronized (this.monitor) {
                encryptBlock = EncryptionUtil.encryptBlock(this.K_SRP, validB, OALCipher.getBestAlgorithm());
            }
            for (int i = 0; i < encryptBlock.length && i < key.length; i++) {
                encryptBlock[i] = (byte) (encryptBlock[i] ^ key[i]);
            }
            synchronized (this.monitor) {
                compute_VALID_B = SRP6Engine.compute_VALID_B(this.A, this.validA, this.S, encryptBlock, domainID.getBytes());
            }
            if (!Arrays.equals(compute_VALID_B, validB)) {
                throw new AuthenticationException(AuthenticationException.ACCESS_DENIED, "Failure obtaining shared key");
            }
            synchronized (this.monitor) {
                this.secret = encryptBlock;
                this.domainID = domainID;
            }
        } catch (Throwable th) {
            throw new DOFSecurityException("Encryption failure.", th);
        }
    }

    @Override // org.opendof.core.internal.protocol.security.credentials.Credentials
    public int getStage() {
        synchronized (this.monitor) {
            if (this.secret != null) {
                return 0;
            }
            return this.validA != null ? 1 : 2;
        }
    }

    @Override // org.opendof.core.internal.protocol.security.credentials.Credentials
    public boolean isResolved() {
        boolean z;
        synchronized (this.monitor) {
            z = this.secret != null;
        }
        return z;
    }

    @Override // org.opendof.core.internal.protocol.security.credentials.Credentials
    public void reset() {
        synchronized (this.monitor) {
            this.domainID = this.initialDomainID;
            this.validA = null;
            this.secret = null;
        }
    }

    @Override // org.opendof.core.internal.protocol.security.credentials.Credentials
    public byte[] getPrivateStorage() {
        byte[] bArr;
        synchronized (this.monitor) {
            if (this.privateStorage == null) {
                byte[] createSessionKey = EncryptionUtil.createSessionKey();
                byte[] createSessionKey2 = EncryptionUtil.createSessionKey();
                byte[] compute_v = SRP6Engine.compute_v(GROUP_SIZE, createSessionKey, this.partialX);
                this.privateStorage = new byte[32 + compute_v.length + 32];
                System.arraycopy(createSessionKey, 0, this.privateStorage, 0, 32);
                System.arraycopy(compute_v, 0, this.privateStorage, 32, compute_v.length);
                System.arraycopy(createSessionKey2, 0, this.privateStorage, 32 + compute_v.length, 32);
            }
            bArr = this.privateStorage;
        }
        return bArr;
    }

    @Override // org.opendof.core.internal.protocol.security.credentials.Credentials
    public short getType() {
        return (short) 2;
    }

    @Override // org.opendof.core.internal.protocol.security.credentials.Credentials
    public DOFObjectID.Authentication getIdentity() {
        return this.identity;
    }

    @Override // org.opendof.core.internal.protocol.security.credentials.Credentials
    public DOFObjectID.Domain getDomainID() {
        return this.domainID;
    }

    @Override // org.opendof.core.internal.protocol.security.credentials.Credentials
    public DOFObjectID.Domain getTargetDomainID() {
        return this.domainID;
    }

    @Override // org.opendof.core.internal.protocol.security.credentials.Credentials
    public byte[] getSharedSecret() throws DOFSecurityException {
        byte[] bArr;
        synchronized (this.monitor) {
            if (this.secret == null || this.secret.length != 32) {
                throw new DOFSecurityException("SRP6Credentials: The secret is not available.");
            }
            bArr = this.secret;
        }
        return bArr;
    }

    @Override // org.opendof.core.internal.protocol.security.credentials.Credentials
    public Identification getIdentification() {
        return new SRP6Identification(this.identity, this.domainID);
    }

    @Override // org.opendof.core.internal.protocol.security.credentials.Credentials
    public void resolve(OALCore oALCore, OperationProcessor operationProcessor, int i) throws DOFSecurityException {
        if (isResolved()) {
            return;
        }
        OALOperation.WaitingListener waitingListener = new OALOperation.WaitingListener();
        beginResolve(oALCore, operationProcessor, i, waitingListener);
        try {
            waitingListener.waitComplete(i);
        } catch (DOFSecurityException e) {
            throw e;
        } catch (DOFErrorException e2) {
            throw new DOFSecurityException("Credential Resolution Failed: TIMEOUT");
        } catch (Exception e3) {
            throw new DOFAuthenticationFailedException(e3);
        }
    }

    @Override // org.opendof.core.internal.protocol.security.credentials.Credentials
    public void beginResolve(OALCore oALCore, OperationProcessor operationProcessor, int i, OALOperation.CompleteListener completeListener) {
        if (isResolved()) {
            oALCore.getThreadPool().submit(new OALOperation.AsyncNotifyCompleteListener(null, null, completeListener));
            return;
        }
        SRP6Credentials sRP6Credentials = new SRP6Credentials(this);
        Set<Short> tRPAppIDsForDomain = oALCore.getTRPAppIDsForDomain(sRP6Credentials.getDomainID());
        OALOperation.MultiResponseCompleteListener multiResponseCompleteListener = new OALOperation.MultiResponseCompleteListener(new AsyncResolveComplete(sRP6Credentials, completeListener), tRPAppIDsForDomain.size());
        Iterator<Short> it = tRPAppIDsForDomain.iterator();
        while (it.hasNext()) {
            ResolveOperation resolveOperation = new ResolveOperation(new OALOperation.State(oALCore, new OALCore.EmptyOperationSource(), oALCore.createOperationID(), i), sRP6Credentials, (OperationProcessor) null, operationProcessor, it.next().shortValue());
            resolveOperation.setCompleteListener(multiResponseCompleteListener);
            oALCore.process(resolveOperation);
        }
    }

    @Override // org.opendof.core.internal.protocol.security.credentials.Credentials
    public int getRdid() {
        return -1;
    }

    public String toString() {
        return getIdentification().toString();
    }

    @Override // org.opendof.core.internal.protocol.security.credentials.Credentials
    public byte[] getBytes() {
        BufferedPacket bufferedPacket = new BufferedPacket();
        try {
            marshal(DOFMarshalContext.STORE, null, bufferedPacket);
            return bufferedPacket.readByteArray();
        } catch (DOFErrorException e) {
            return null;
        }
    }

    @Override // org.opendof.core.internal.protocol.Marshallable
    public void marshal(DOFMarshalContext dOFMarshalContext, Object obj, DOFPacket dOFPacket) throws DOFMarshalException {
        if (dOFMarshalContext != DOFMarshalContext.STORE) {
            throw new DOFMarshalException("Stored credentials marshal context must always be STORE.", null);
        }
        BufferedPacket bufferedPacket = BufferedPacket.getBufferedPacket(dOFPacket);
        bufferedPacket.putByteArray(this.partialX);
        bufferedPacket.putOID(this.identity);
        bufferedPacket.putOID(this.domainID);
        bufferedPacket.putByte(DefaultDSP.CODE_GENERAL);
        bufferedPacket.putCompressedShort((short) 2);
    }

    @Override // org.opendof.core.internal.protocol.security.credentials.Credentials
    public byte[] getStorageKey() {
        return this.identity.getBytes();
    }

    public int hashCode() {
        return super.hashCode();
    }

    public boolean equals(Object obj) {
        return super.equals(obj);
    }

    private void writeObject(ObjectOutputStream objectOutputStream) throws IOException {
        objectOutputStream.defaultWriteObject();
    }

    private void readObject(ObjectInputStream objectInputStream) throws IOException, ClassNotFoundException {
        objectInputStream.defaultReadObject();
        this.monitor = new Object();
    }
}
