package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.client;

import de.fhg.aisec.ids.idscp2.default_drivers.keystores.PreConfiguration;
import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration;
import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.TLSConstants;
import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.TLSSessionVerificationHelper;
import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration;
import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection;
import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelEndpoint;
import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception;
import de.fhg.aisec.ids.idscp2.idscp_core.fsm.AsyncIdscp2Factory;
import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM;
import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener;
import de.fhg.aisec.ids.idscp2.messages.IDSCP2;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.concurrent.CompletableFuture;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLProtocolException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.jvm.functions.Function2;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* compiled from: TLSClient.kt */
@Metadata(mv = {1, 6, IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN_VALUE}, k = 1, xi = 48, d1 = {"��\u0082\u0001\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0010\u000e\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000b\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0002\n\u0002\b\u0004\n\u0002\u0010\b\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u0003\n\u0002\b\u0002\n\u0002\u0010\u0012\n\u0002\b\u0003\u0018�� .*\b\b��\u0010\u0001*\u00020\u00022\u00020\u00032\u00020\u00042\u00020\u0005:\u0001.B=\u0012\u0018\u0010\u0006\u001a\u0014\u0012\u0004\u0012\u00020\b\u0012\u0004\u0012\u00020\t\u0012\u0004\u0012\u00028��0\u0007\u0012\u0006\u0010\n\u001a\u00020\u000b\u0012\u0006\u0010\f\u001a\u00020\r\u0012\f\u0010\u000e\u001a\b\u0012\u0004\u0012\u00028��0\u000f¢\u0006\u0002\u0010\u0010J\b\u0010\u001c\u001a\u00020\u001dH\u0002J\b\u0010\u001e\u001a\u00020\u001dH\u0016J\u0018\u0010\u001f\u001a\u00020\u001d2\b\u0010 \u001a\u0004\u0018\u00010\t2\u0006\u0010!\u001a\u00020\"J\u0010\u0010#\u001a\u00020\u001d2\u0006\u0010$\u001a\u00020%H\u0016J\b\u0010&\u001a\u00020\u001dH\u0016J\u0010\u0010'\u001a\u00020\u001d2\u0006\u0010(\u001a\u00020)H\u0016J\u0010\u0010*\u001a\u00020\u001d2\u0006\u0010+\u001a\u00020,H\u0016J\u0010\u0010-\u001a\u00020\u00182\u0006\u0010+\u001a\u00020,H\u0016R\u000e\u0010\n\u001a\u00020\u000bX\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0011\u001a\u00020\u0012X\u0082\u0004¢\u0006\u0002\n��R \u0010\u0006\u001a\u0014\u0012\u0004\u0012\u00020\b\u0012\u0004\u0012\u00020\t\u0012\u0004\u0012\u00028��0\u0007X\u0082\u0004¢\u0006\u0002\n��R\u0014\u0010\u000e\u001a\b\u0012\u0004\u0012\u00028��0\u000fX\u0082\u0004¢\u0006\u0002\n��R\u0010\u0010\u0013\u001a\u0004\u0018\u00010\u0014X\u0082\u000e¢\u0006\u0002\n��R\u000e\u0010\u0015\u001a\u00020\u0016X\u0082.¢\u0006\u0002\n��R\u0014\u0010\u0017\u001a\u00020\u00188VX\u0096\u0004¢\u0006\u0006\u001a\u0004\b\u0017\u0010\u0019R\u0014\u0010\u001a\u001a\b\u0012\u0004\u0012\u00020\u001b0\u000fX\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\f\u001a\u00020\rX\u0082\u0004¢\u0006\u0002\n��¨\u0006/"}, d2 = {"Lde/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/TLSClient;", "CC", "Lde/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection;", "Ljavax/net/ssl/HandshakeCompletedListener;", "Lde/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/DataAvailableListener;", "Lde/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelEndpoint;", "connectionFactory", "Lkotlin/Function2;", "Lde/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM;", "", "clientConfiguration", "Lde/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2Configuration;", "nativeTlsConfiguration", "Lde/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/NativeTlsConfiguration;", "connectionFuture", "Ljava/util/concurrent/CompletableFuture;", "(Lkotlin/jvm/functions/Function2;Lde/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2Configuration;Lde/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/NativeTlsConfiguration;Ljava/util/concurrent/CompletableFuture;)V", "clientSocket", "Ljava/net/Socket;", "dataOutputStream", "Ljava/io/DataOutputStream;", "inputListenerThread", "Lde/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/InputListenerThread;", "isConnected", "", "()Z", "listenerPromise", "Lde/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener;", "cleanup", "", "close", "connect", "hostname", "port", "", "handshakeCompleted", "handshakeCompletedEvent", "Ljavax/net/ssl/HandshakeCompletedEvent;", "onClose", "onError", "e", "", "onMessage", "bytes", "", "send", "Companion", "idscp2"})
/* loaded from: input_file:de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/TLSClient.class */
public final class TLSClient<CC extends Idscp2Connection> implements HandshakeCompletedListener, DataAvailableListener, SecureChannelEndpoint {

    @NotNull
    private final Function2<FSM, String, CC> connectionFactory;

    @NotNull
    private final Idscp2Configuration clientConfiguration;

    @NotNull
    private final NativeTlsConfiguration nativeTlsConfiguration;

    @NotNull
    private final CompletableFuture<CC> connectionFuture;

    @NotNull
    private final Socket clientSocket;

    @Nullable
    private DataOutputStream dataOutputStream;
    private InputListenerThread inputListenerThread;

    @NotNull
    private final CompletableFuture<SecureChannelListener> listenerPromise;

    @NotNull
    public static final Companion Companion = new Companion(null);
    private static final Logger LOG = LoggerFactory.getLogger(TLSClient.class);

    /* compiled from: TLSClient.kt */
    @Metadata(mv = {1, 6, IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN_VALUE}, k = 1, xi = 48, d1 = {"��\u0014\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\b\u0086\u0003\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002R\u0016\u0010\u0003\u001a\n \u0005*\u0004\u0018\u00010\u00040\u0004X\u0082\u0004¢\u0006\u0002\n��¨\u0006\u0006"}, d2 = {"Lde/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/TLSClient$Companion;", "", "()V", "LOG", "Lorg/slf4j/Logger;", "kotlin.jvm.PlatformType", "idscp2"})
    /* loaded from: input_file:de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/TLSClient$Companion.class */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public TLSClient(@NotNull Function2<? super FSM, ? super String, ? extends CC> function2, @NotNull Idscp2Configuration idscp2Configuration, @NotNull NativeTlsConfiguration nativeTlsConfiguration, @NotNull CompletableFuture<CC> completableFuture) {
        Intrinsics.checkNotNullParameter(function2, "connectionFactory");
        Intrinsics.checkNotNullParameter(idscp2Configuration, "clientConfiguration");
        Intrinsics.checkNotNullParameter(nativeTlsConfiguration, "nativeTlsConfiguration");
        Intrinsics.checkNotNullParameter(completableFuture, "connectionFuture");
        this.connectionFactory = function2;
        this.clientConfiguration = idscp2Configuration;
        this.nativeTlsConfiguration = nativeTlsConfiguration;
        this.connectionFuture = completableFuture;
        this.listenerPromise = new CompletableFuture<>();
        TrustManager[] x509ExtTrustManager = PreConfiguration.INSTANCE.getX509ExtTrustManager(this.nativeTlsConfiguration.getTrustStorePath(), this.nativeTlsConfiguration.getTrustStorePassword());
        KeyManager[] x509ExtKeyManager = PreConfiguration.INSTANCE.getX509ExtKeyManager(this.nativeTlsConfiguration.getKeyPassword(), this.nativeTlsConfiguration.getKeyStorePath(), this.nativeTlsConfiguration.getKeyStorePassword(), this.nativeTlsConfiguration.getCertificateAlias(), this.nativeTlsConfiguration.getKeyStoreKeyType());
        SSLContext sSLContext = SSLContext.getInstance(TLSConstants.TLS_INSTANCE);
        sSLContext.init(x509ExtKeyManager, x509ExtTrustManager, null);
        Socket createSocket = sSLContext.getSocketFactory().createSocket();
        Intrinsics.checkNotNullExpressionValue(createSocket, "socketFactory.createSocket()");
        this.clientSocket = createSocket;
        SSLSocket sSLSocket = (SSLSocket) this.clientSocket;
        SSLParameters sSLParameters = sSLSocket.getSSLParameters();
        sSLParameters.setUseCipherSuitesOrder(false);
        sSLParameters.setNeedClientAuth(true);
        sSLParameters.setProtocols(TLSConstants.INSTANCE.getTLS_ENABLED_PROTOCOLS());
        sSLParameters.setCipherSuites(TLSConstants.INSTANCE.getTLS_ENABLED_CIPHERS());
        sSLSocket.setSSLParameters(sSLParameters);
        if (LOG.isTraceEnabled()) {
            LOG.trace("TLS Client was initialized successfully");
        }
    }

    public final void connect(@Nullable String str, int i) {
        SSLSocket sSLSocket = (SSLSocket) this.clientSocket;
        if (sSLSocket == null || sSLSocket.isClosed()) {
            throw new Idscp2Exception("Client socket is not available");
        }
        try {
            sSLSocket.connect(new InetSocketAddress(str, i));
            if (LOG.isTraceEnabled()) {
                LOG.trace("Client is connected to server {}:{}", str, Integer.valueOf(i));
            }
            ((SSLSocket) this.clientSocket).setSoTimeout(this.nativeTlsConfiguration.getSocketTimeout());
            this.dataOutputStream = new DataOutputStream(this.clientSocket.getOutputStream());
            InputStream inputStream = this.clientSocket.getInputStream();
            Intrinsics.checkNotNullExpressionValue(inputStream, "clientSocket.getInputStream()");
            this.inputListenerThread = new InputListenerThread(inputStream, this);
            if (LOG.isTraceEnabled()) {
                LOG.trace("Start TLS Handshake");
            }
            sSLSocket.addHandshakeCompletedListener(this);
            sSLSocket.startHandshake();
        } catch (SSLHandshakeException e) {
            cleanup();
            throw new Idscp2Exception("TLS Handshake failed", e);
        } catch (SSLProtocolException e2) {
            cleanup();
            throw new Idscp2Exception("TLS Handshake failed", e2);
        } catch (IOException e3) {
            cleanup();
            throw new Idscp2Exception("Connecting TLS client to server failed", e3);
        }
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockSplitter
        jadx.core.utils.exceptions.JadxRuntimeException: Unexpected missing predecessor for block: B:13:0x003c
        	at jadx.core.dex.visitors.blocks.BlockSplitter.addTempConnectionsForExcHandlers(BlockSplitter.java:275)
        	at jadx.core.dex.visitors.blocks.BlockSplitter.visit(BlockSplitter.java:68)
        */
    private final void cleanup() {
        /*
            r3 = this;
            org.slf4j.Logger r0 = de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.client.TLSClient.LOG
            boolean r0 = r0.isTraceEnabled()
            if (r0 == 0) goto L16
            org.slf4j.Logger r0 = de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.client.TLSClient.LOG
            java.lang.String r1 = "Cleanup broken TLS connection .."
            r0.trace(r1)
        L16:
            r0 = r3
            de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.client.InputListenerThread r0 = r0.inputListenerThread
            if (r0 == 0) goto L32
            r0 = r3
            de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.client.InputListenerThread r0 = r0.inputListenerThread
            r4 = r0
            r0 = r4
            r1 = r0
            if (r1 != 0) goto L2f
        L28:
            java.lang.String r0 = "inputListenerThread"
            kotlin.jvm.internal.Intrinsics.throwUninitializedPropertyAccessException(r0)
            r0 = 0
        L2f:
            r0.safeStop()
        L32:
            r0 = r3
            java.net.Socket r0 = r0.clientSocket
            boolean r0 = r0.isClosed()
            if (r0 != 0) goto L48
        L3d:
            r0 = r3
            java.net.Socket r0 = r0.clientSocket     // Catch: java.io.IOException -> L47
            r0.close()     // Catch: java.io.IOException -> L47
            goto L48
        L47:
            r4 = move-exception
        L48:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.client.TLSClient.cleanup():void");
    }

    @Override // de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.client.DataAvailableListener
    public void onClose() {
        this.listenerPromise.thenAccept(TLSClient::m13onClose$lambda0);
    }

    @Override // de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.client.DataAvailableListener
    public void onError(@NotNull Throwable th) {
        Intrinsics.checkNotNullParameter(th, "e");
        this.listenerPromise.thenAccept((v1) -> {
            m14onError$lambda1(r1, v1);
        });
    }

    @Override // de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.client.DataAvailableListener
    public void onMessage(@NotNull byte[] bArr) {
        Intrinsics.checkNotNullParameter(bArr, "bytes");
        this.listenerPromise.thenAccept((v1) -> {
            m15onMessage$lambda2(r1, v1);
        });
    }

    @Override // de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelEndpoint
    public void close() {
        cleanup();
    }

    @Override // de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelEndpoint
    public boolean send(@NotNull byte[] bArr) {
        boolean z;
        Unit unit;
        Intrinsics.checkNotNullParameter(bArr, "bytes");
        if (!isConnected()) {
            LOG.warn("Client cannot send data because TLS socket is not connected");
            return false;
        }
        try {
            DataOutputStream dataOutputStream = this.dataOutputStream;
            if (dataOutputStream == null) {
                unit = null;
            } else {
                dataOutputStream.writeInt(bArr.length);
                dataOutputStream.write(bArr);
                dataOutputStream.flush();
                unit = Unit.INSTANCE;
            }
        } catch (Exception e) {
            LOG.warn("Client cannot send data", e);
            z = false;
        }
        if (unit == null) {
            throw new IOException("DataOutputStream not available");
        }
        if (LOG.isTraceEnabled()) {
            LOG.trace("Sending message...");
        }
        z = true;
        return z;
    }

    @Override // de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelEndpoint
    public boolean isConnected() {
        return this.clientSocket.isConnected();
    }

    @Override // javax.net.ssl.HandshakeCompletedListener
    public void handshakeCompleted(@NotNull HandshakeCompletedEvent handshakeCompletedEvent) {
        Intrinsics.checkNotNullParameter(handshakeCompletedEvent, "handshakeCompletedEvent");
        if (LOG.isTraceEnabled()) {
            LOG.trace("TLS Handshake was successful");
        }
        if (this.connectionFuture.isCancelled()) {
            cleanup();
            return;
        }
        try {
            SSLSession session = handshakeCompletedEvent.getSession();
            Certificate[] peerCertificates = session.getPeerCertificates();
            Intrinsics.checkNotNullExpressionValue(peerCertificates, "certificates");
            if (peerCertificates.length == 0) {
                throw new SSLPeerUnverifiedException("Missing peer certificate");
            }
            Certificate certificate = peerCertificates[0];
            if (certificate == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.security.cert.X509Certificate");
            }
            X509Certificate x509Certificate = (X509Certificate) certificate;
            TLSSessionVerificationHelper tLSSessionVerificationHelper = TLSSessionVerificationHelper.INSTANCE;
            String peerHost = session.getPeerHost();
            Intrinsics.checkNotNullExpressionValue(peerHost, "sslSession.peerHost");
            TLSSessionVerificationHelper.verifyTlsSession$default(tLSSessionVerificationHelper, peerHost, session.getPeerPort(), x509Certificate, this.nativeTlsConfiguration.getHostnameVerificationEnabled(), false, 16, null);
            if (LOG.isTraceEnabled()) {
                LOG.trace("TLS session is valid");
            }
            SecureChannel secureChannel = new SecureChannel(this, x509Certificate);
            this.listenerPromise.complete(secureChannel);
            if (AsyncIdscp2Factory.INSTANCE.initiateIdscp2Connection(secureChannel, this.clientConfiguration, this.connectionFactory, this.connectionFuture)) {
                InputListenerThread inputListenerThread = this.inputListenerThread;
                if (inputListenerThread == null) {
                    Intrinsics.throwUninitializedPropertyAccessException("inputListenerThread");
                    inputListenerThread = null;
                }
                inputListenerThread.start();
            }
        } catch (Exception e) {
            cleanup();
            this.connectionFuture.completeExceptionally(new Idscp2Exception("TLS session was not valid", e));
        }
    }

    /* renamed from: onClose$lambda-0, reason: not valid java name */
    private static final void m13onClose$lambda0(SecureChannelListener secureChannelListener) {
        Intrinsics.checkNotNullParameter(secureChannelListener, "obj");
        secureChannelListener.onClose();
    }

    /* renamed from: onError$lambda-1, reason: not valid java name */
    private static final void m14onError$lambda1(Throwable th, SecureChannelListener secureChannelListener) {
        Intrinsics.checkNotNullParameter(th, "$e");
        Intrinsics.checkNotNullParameter(secureChannelListener, "listener");
        secureChannelListener.onError(th);
    }

    /* renamed from: onMessage$lambda-2, reason: not valid java name */
    private static final void m15onMessage$lambda2(byte[] bArr, SecureChannelListener secureChannelListener) {
        Intrinsics.checkNotNullParameter(bArr, "$bytes");
        Intrinsics.checkNotNullParameter(secureChannelListener, "listener");
        secureChannelListener.onMessage(bArr);
    }
}
