package org.apache.plc4x.java.opcua.context;

import java.security.GeneralSecurityException;
import java.security.cert.X509Certificate;
import java.time.Duration;
import java.util.List;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.atomic.AtomicLong;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.BiFunction;
import java.util.function.BiPredicate;
import java.util.function.Function;
import org.apache.commons.lang3.RandomUtils;
import org.apache.plc4x.java.api.exceptions.PlcProtocolException;
import org.apache.plc4x.java.opcua.config.Limits;
import org.apache.plc4x.java.opcua.config.OpcuaConfiguration;
import org.apache.plc4x.java.opcua.protocol.chunk.ChunkStorage;
import org.apache.plc4x.java.opcua.protocol.chunk.MemoryChunkStorage;
import org.apache.plc4x.java.opcua.readwrite.BinaryPayload;
import org.apache.plc4x.java.opcua.readwrite.ChunkType;
import org.apache.plc4x.java.opcua.readwrite.ExpandedNodeId;
import org.apache.plc4x.java.opcua.readwrite.ExtensiblePayload;
import org.apache.plc4x.java.opcua.readwrite.ExtensionObject;
import org.apache.plc4x.java.opcua.readwrite.ExtensionObjectDefinition;
import org.apache.plc4x.java.opcua.readwrite.ExtensionObjectEncodingMask;
import org.apache.plc4x.java.opcua.readwrite.MessagePDU;
import org.apache.plc4x.java.opcua.readwrite.NodeId;
import org.apache.plc4x.java.opcua.readwrite.NodeIdFourByte;
import org.apache.plc4x.java.opcua.readwrite.NodeIdTwoByte;
import org.apache.plc4x.java.opcua.readwrite.NodeIdTypeDefinition;
import org.apache.plc4x.java.opcua.readwrite.NullExtension;
import org.apache.plc4x.java.opcua.readwrite.OpcuaAPU;
import org.apache.plc4x.java.opcua.readwrite.OpcuaAcknowledgeResponse;
import org.apache.plc4x.java.opcua.readwrite.OpcuaCloseRequest;
import org.apache.plc4x.java.opcua.readwrite.OpcuaConstants;
import org.apache.plc4x.java.opcua.readwrite.OpcuaHelloRequest;
import org.apache.plc4x.java.opcua.readwrite.OpcuaMessageRequest;
import org.apache.plc4x.java.opcua.readwrite.OpcuaMessageResponse;
import org.apache.plc4x.java.opcua.readwrite.OpcuaOpenRequest;
import org.apache.plc4x.java.opcua.readwrite.OpcuaOpenResponse;
import org.apache.plc4x.java.opcua.readwrite.OpcuaProtocolLimits;
import org.apache.plc4x.java.opcua.readwrite.OpcuaStatusCode;
import org.apache.plc4x.java.opcua.readwrite.PascalString;
import org.apache.plc4x.java.opcua.readwrite.Payload;
import org.apache.plc4x.java.opcua.readwrite.RequestHeader;
import org.apache.plc4x.java.opcua.readwrite.ResponseHeader;
import org.apache.plc4x.java.opcua.readwrite.SecurityHeader;
import org.apache.plc4x.java.opcua.readwrite.SequenceHeader;
import org.apache.plc4x.java.opcua.readwrite.ServiceFault;
import org.apache.plc4x.java.opcua.readwrite.SignatureData;
import org.apache.plc4x.java.opcua.security.MessageSecurity;
import org.apache.plc4x.java.opcua.security.SecurityPolicy;
import org.apache.plc4x.java.spi.ConversationContext;
import org.apache.plc4x.java.spi.generation.ByteOrder;
import org.apache.plc4x.java.spi.generation.ParseException;
import org.apache.plc4x.java.spi.generation.ReadBuffer;
import org.apache.plc4x.java.spi.generation.ReadBufferByteBased;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/plc4x/java/opcua/context/Conversation.class */
public class Conversation {
    private static final long EPOCH_OFFSET = 116444736000000000L;
    private static final ExpandedNodeId NULL_EXPANDED_NODE_ID = new ExpandedNodeId(false, false, new NodeIdTwoByte(0), null, null);
    protected static final ExtensionObject NULL_EXTENSION_OBJECT = new ExtensionObject(NULL_EXPANDED_NODE_ID, new ExtensionObjectEncodingMask(false, false, false), new NullExtension());
    private final ConversationContext<OpcuaAPU> context;
    private final SecurityPolicy securityPolicy;
    private final MessageSecurity messageSecurity;
    private final EncryptionHandler encryptionHandler;
    private final OpcuaDriverContext driverContext;
    private final OpcuaConfiguration configuration;
    private OpcuaProtocolLimits limits;
    private X509Certificate localCertificate;
    private X509Certificate remoteCertificate;
    private byte[] remoteNonce;
    private byte[] localNonce;
    private final Logger logger = LoggerFactory.getLogger(Conversation.class);
    private final AtomicReference<SecurityHeader> securityHeader = new AtomicReference<>(new SecurityHeader(1, 1));
    private final AtomicLong senderSequenceNumber = new AtomicLong(-1);
    private final AtomicReference<NodeIdTypeDefinition> authenticationToken = new AtomicReference<>(new NodeIdTwoByte(0));
    private final BiPredicate<SequenceHeader, CompletableFuture<?>> sequenceValidator = (sequenceHeader, completableFuture) -> {
        if (this.senderSequenceNumber.get() == -1) {
            this.senderSequenceNumber.set(sequenceHeader.getSequenceNumber());
            return true;
        }
        int sequenceNumber = sequenceHeader.getSequenceNumber() - 1;
        if (this.senderSequenceNumber.compareAndSet(sequenceNumber, sequenceHeader.getSequenceNumber())) {
            return true;
        }
        completableFuture.completeExceptionally(new PlcProtocolException("Lost sequence, expected " + sequenceNumber + " but received " + sequenceHeader.getSequenceNumber()));
        return false;
    };
    private final SecureChannelTransactionManager tm = new SecureChannelTransactionManager();

    public Conversation(ConversationContext<OpcuaAPU> conversationContext, OpcuaDriverContext opcuaDriverContext, OpcuaConfiguration opcuaConfiguration) {
        this.localCertificate = null;
        this.remoteCertificate = null;
        this.context = conversationContext;
        this.driverContext = opcuaDriverContext;
        this.configuration = opcuaConfiguration;
        this.securityPolicy = determineSecurityPolicy(opcuaConfiguration);
        CertificateKeyPair certificateKeyPair = opcuaDriverContext.getCertificateKeyPair();
        if (this.securityPolicy != SecurityPolicy.NONE) {
            this.messageSecurity = opcuaConfiguration.getMessageSecurity();
            this.remoteCertificate = opcuaConfiguration.getServerCertificate();
            this.encryptionHandler = new EncryptionHandler(this, certificateKeyPair.getPrivateKey());
            this.localCertificate = certificateKeyPair.getCertificate();
            this.localNonce = createNonce();
        } else {
            this.messageSecurity = MessageSecurity.NONE;
            this.encryptionHandler = new EncryptionHandler(this, null);
        }
        Limits encodingLimits = opcuaConfiguration.getEncodingLimits();
        this.limits = new OpcuaProtocolLimits(encodingLimits.getReceiveBufferSize(), encodingLimits.getSendBufferSize(), encodingLimits.getMaxMessageSize(), encodingLimits.getMaxChunkCount());
    }

    public CompletableFuture<OpcuaAcknowledgeResponse> requestHello() {
        this.logger.debug("Sending hello message to {}", this.driverContext.getEndpoint());
        MessagePDU opcuaHelloRequest = new OpcuaHelloRequest(ChunkType.FINAL, OpcuaConstants.PROTOCOLVERSION.shortValue(), new OpcuaProtocolLimits(this.limits.getReceiveBufferSize(), this.limits.getSendBufferSize(), this.limits.getMaxMessageSize(), this.limits.getMaxChunkCount()), new PascalString(this.driverContext.getEndpoint()));
        CompletableFuture<OpcuaAcknowledgeResponse> completableFuture = new CompletableFuture<>();
        ConversationContext.SendRequestContext unwrap = sendRequest(opcuaHelloRequest, completableFuture, this.configuration.getNegotiationTimeout()).unwrap((v0) -> {
            return v0.getMessage();
        });
        Class<OpcuaAcknowledgeResponse> cls = OpcuaAcknowledgeResponse.class;
        OpcuaAcknowledgeResponse.class.getClass();
        ConversationContext.SendRequestContext check = unwrap.check((v1) -> {
            return r1.isInstance(v1);
        });
        Class<OpcuaAcknowledgeResponse> cls2 = OpcuaAcknowledgeResponse.class;
        OpcuaAcknowledgeResponse.class.getClass();
        check.unwrap((v1) -> {
            return r1.cast(v1);
        }).handle(opcuaAcknowledgeResponse -> {
            OpcuaProtocolLimits limits = opcuaAcknowledgeResponse.getLimits();
            this.limits = new OpcuaProtocolLimits(Math.min(this.limits.getReceiveBufferSize(), limits.getSendBufferSize()), Math.min(this.limits.getSendBufferSize(), limits.getReceiveBufferSize()), Math.min(this.limits.getMaxMessageSize(), limits.getMaxMessageSize()), Math.min(this.limits.getMaxChunkCount(), limits.getMaxChunkCount()));
            completableFuture.complete(opcuaAcknowledgeResponse);
        });
        return completableFuture;
    }

    public CompletableFuture<OpcuaOpenResponse> requestChannelOpen(Function<CallContext, OpcuaOpenRequest> function) {
        return request(OpcuaOpenResponse.class, function, (opcuaOpenResponse, binaryPayload) -> {
            return new OpcuaOpenResponse(opcuaOpenResponse.getChunk(), opcuaOpenResponse.getOpenResponse(), binaryPayload);
        }, opcuaOpenResponse2 -> {
            return opcuaOpenResponse2.getMessage().getSequenceHeader();
        }, (v0) -> {
            return v0.getMessage();
        });
    }

    public CompletableFuture<Void> requestChannelClose(Function<CallContext, OpcuaCloseRequest> function) {
        this.logger.trace("Got close secure channel request");
        return request(OpcuaMessageResponse.class, function, (opcuaMessageResponse, binaryPayload) -> {
            return new OpcuaMessageResponse(opcuaMessageResponse.getChunk(), opcuaMessageResponse.getSecurityHeader(), binaryPayload);
        }, opcuaMessageResponse2 -> {
            return opcuaMessageResponse2.getMessage().getSequenceHeader();
        }, (v0) -> {
            return v0.getMessage();
        }).whenComplete((opcuaMessageResponse3, th) -> {
            this.context.fireDisconnected();
        }).thenApply(opcuaMessageResponse4 -> {
            return null;
        });
    }

    private <T extends MessagePDU, R extends MessagePDU> CompletableFuture<R> request(Class<R> cls, Function<CallContext, T> function, BiFunction<R, BinaryPayload, R> biFunction, Function<R, SequenceHeader> function2, Function<R, Payload> function3) {
        int transactionIdentifier = this.tm.getTransactionIdentifier();
        this.logger.debug("Firing request {}", Integer.valueOf(transactionIdentifier));
        T apply = function.apply(new CallContext(this.securityHeader.get(), this.tm.getSequenceSupplier(), transactionIdentifier));
        MemoryChunkStorage memoryChunkStorage = new MemoryChunkStorage();
        List<MessagePDU> encodeMessage = this.encryptionHandler.encodeMessage(apply, this.tm.getSequenceSupplier());
        CompletableFuture<R> completableFuture = new CompletableFuture<>();
        int size = encodeMessage.size();
        for (int i = 0; i < size; i++) {
            if (i + 1 == size) {
                ConversationContext.SendRequestContext unwrap = sendRequest(encodeMessage.get(i), completableFuture, this.configuration.getNegotiationTimeout()).unwrap((v0) -> {
                    return v0.getMessage();
                });
                cls.getClass();
                ConversationContext.SendRequestContext check = unwrap.check((v1) -> {
                    return r1.isInstance(v1);
                });
                cls.getClass();
                ConversationContext.SendRequestContext unwrap2 = check.unwrap((v1) -> {
                    return r1.cast(v1);
                }).unwrap(messagePDU -> {
                    return this.encryptionHandler.decodeMessage(messagePDU);
                });
                cls.getClass();
                ConversationContext.SendRequestContext check2 = unwrap2.check((v1) -> {
                    return r1.isInstance(v1);
                });
                cls.getClass();
                check2.unwrap((v1) -> {
                    return r1.cast(v1);
                }).check(messagePDU2 -> {
                    return transactionIdentifier == ((SequenceHeader) function2.apply(messagePDU2)).getRequestId();
                }).check(messagePDU3 -> {
                    return this.sequenceValidator.test((SequenceHeader) function2.apply(messagePDU3), completableFuture);
                }).check(messagePDU4 -> {
                    return accumulateChunkUntilFinal(memoryChunkStorage, messagePDU4.getChunk(), (Payload) function3.apply(messagePDU4));
                }).unwrap(messagePDU5 -> {
                    return (MessagePDU) mergeChunks(memoryChunkStorage, messagePDU5, (SequenceHeader) function2.apply(messagePDU5), biFunction);
                }).handle(messagePDU6 -> {
                    completableFuture.complete(messagePDU6);
                });
            } else {
                this.context.sendToWire(new OpcuaAPU(encodeMessage.get(i)));
            }
        }
        return completableFuture;
    }

    public <T extends ExtensionObjectDefinition, R extends ExtensionObjectDefinition> CompletableFuture<R> submit(T t, Class<R> cls) {
        return (CompletableFuture<R>) submit(t).thenApply(obj -> {
            if (cls.isInstance(obj)) {
                return (ExtensionObjectDefinition) cls.cast(obj);
            }
            throw new IllegalStateException("Received reply of unexpected type " + obj.getClass().getName() + " while " + cls.getName() + " has been expected");
        });
    }

    private CompletableFuture<Object> submit(ExtensionObjectDefinition extensionObjectDefinition) {
        Integer valueOf = Integer.valueOf(this.tm.getTransactionIdentifier());
        ExtensiblePayload extensiblePayload = new ExtensiblePayload(new SequenceHeader(this.tm.getSequenceSupplier().get().intValue(), valueOf.intValue()), new ExtensionObject(new ExpandedNodeId(false, false, new NodeIdFourByte((short) 0, Integer.parseInt(extensionObjectDefinition.getIdentifier())), null, null), null, extensionObjectDefinition));
        MemoryChunkStorage memoryChunkStorage = new MemoryChunkStorage();
        SecurityHeader securityHeader = this.securityHeader.get();
        OpcuaMessageRequest opcuaMessageRequest = new OpcuaMessageRequest(ChunkType.FINAL, securityHeader, extensiblePayload);
        this.logger.debug("Submitting Transaction to TransactionManager {}, security channel {}, token {}", new Object[]{valueOf, Long.valueOf(securityHeader.getSecureChannelId()), Long.valueOf(securityHeader.getSecureTokenId())});
        List<MessagePDU> encodeMessage = this.encryptionHandler.encodeMessage(opcuaMessageRequest, this.tm.getSequenceSupplier());
        CompletableFuture<?> completableFuture = new CompletableFuture<>();
        int size = encodeMessage.size();
        for (int i = 0; i < size; i++) {
            if (i + 1 == size) {
                BiFunction biFunction = (opcuaMessageResponse, binaryPayload) -> {
                    return new OpcuaMessageResponse(opcuaMessageResponse.getChunk(), opcuaMessageResponse.getSecurityHeader(), binaryPayload);
                };
                ConversationContext.SendRequestContext unwrap = sendRequest(encodeMessage.get(i), completableFuture, this.configuration.getRequestTimeout()).unwrap((v0) -> {
                    return v0.getMessage();
                });
                Class<OpcuaMessageResponse> cls = OpcuaMessageResponse.class;
                OpcuaMessageResponse.class.getClass();
                ConversationContext.SendRequestContext check = unwrap.check((v1) -> {
                    return r1.isInstance(v1);
                });
                Class<OpcuaMessageResponse> cls2 = OpcuaMessageResponse.class;
                OpcuaMessageResponse.class.getClass();
                ConversationContext.SendRequestContext unwrap2 = check.unwrap((v1) -> {
                    return r1.cast(v1);
                }).unwrap(opcuaMessageResponse2 -> {
                    return this.encryptionHandler.decodeMessage(opcuaMessageResponse2);
                });
                Class<OpcuaMessageResponse> cls3 = OpcuaMessageResponse.class;
                OpcuaMessageResponse.class.getClass();
                ConversationContext.SendRequestContext check2 = unwrap2.check((v1) -> {
                    return r1.isInstance(v1);
                });
                Class<OpcuaMessageResponse> cls4 = OpcuaMessageResponse.class;
                OpcuaMessageResponse.class.getClass();
                ConversationContext.SendRequestContext unwrap3 = check2.unwrap((v1) -> {
                    return r1.cast(v1);
                });
                Class<OpcuaMessageResponse> cls5 = OpcuaMessageResponse.class;
                OpcuaMessageResponse.class.getClass();
                ConversationContext.SendRequestContext check3 = unwrap3.check((v1) -> {
                    return r1.isInstance(v1);
                });
                Class<OpcuaMessageResponse> cls6 = OpcuaMessageResponse.class;
                OpcuaMessageResponse.class.getClass();
                check3.unwrap((v1) -> {
                    return r1.cast(v1);
                }).check(opcuaMessageResponse3 -> {
                    return opcuaMessageResponse3.getMessage().getSequenceHeader().getRequestId() == valueOf.intValue();
                }).check(opcuaMessageResponse4 -> {
                    return this.sequenceValidator.test(opcuaMessageResponse4.getMessage().getSequenceHeader(), completableFuture);
                }).check(opcuaMessageResponse5 -> {
                    return accumulateChunkUntilFinal(memoryChunkStorage, opcuaMessageResponse5.getChunk(), opcuaMessageResponse5.getMessage());
                }).unwrap(opcuaMessageResponse6 -> {
                    return (OpcuaMessageResponse) mergeChunks(memoryChunkStorage, opcuaMessageResponse6, opcuaMessageResponse6.getMessage().getSequenceHeader(), biFunction);
                }).handle(opcuaMessageResponse7 -> {
                    ExtensionObjectDefinition body;
                    if (opcuaMessageResponse7.getChunk().equals(ChunkType.FINAL)) {
                        this.logger.debug("Received response made of {} bytes for message id: {}, channel id:{}, token:{}", new Object[]{Integer.valueOf(opcuaMessageResponse7.getLengthInBytes()), valueOf, Long.valueOf(opcuaMessageResponse7.getSecurityHeader().getSecureChannelId()), Long.valueOf(opcuaMessageResponse7.getSecurityHeader().getSecureTokenId())});
                        this.securityHeader.set(opcuaMessageResponse7.getSecurityHeader());
                        Payload message = opcuaMessageResponse7.getMessage();
                        if (message instanceof ExtensiblePayload) {
                            body = ((ExtensiblePayload) message).getPayload().getBody();
                        } else {
                            try {
                                body = ExtensionObject.staticParse((ReadBuffer) new ReadBufferByteBased(((BinaryPayload) message).getPayload(), ByteOrder.LITTLE_ENDIAN), (Boolean) false).getBody();
                            } catch (ParseException e) {
                                completableFuture.completeExceptionally(e);
                                return;
                            }
                        }
                        if (body instanceof ServiceFault) {
                            completableFuture.completeExceptionally(toProtocolException((ServiceFault) body));
                        } else {
                            completableFuture.complete(body);
                        }
                    }
                });
            } else {
                this.context.sendToWire(new OpcuaAPU(encodeMessage.get(i)));
            }
        }
        return completableFuture;
    }

    private ConversationContext.SendRequestContext<OpcuaAPU> sendRequest(MessagePDU messagePDU, CompletableFuture<?> completableFuture, long j) {
        return this.context.sendRequest(new OpcuaAPU(messagePDU)).onError((opcuaAPU, th) -> {
            completableFuture.completeExceptionally(th);
        }).expectResponse(OpcuaAPU.class, Duration.ofMillis(j)).onTimeout(timeoutException -> {
            completableFuture.completeExceptionally(timeoutException);
        });
    }

    private <T> T mergeChunks(ChunkStorage chunkStorage, T t, SequenceHeader sequenceHeader, BiFunction<T, BinaryPayload, T> biFunction) {
        return biFunction.apply(t, new BinaryPayload(sequenceHeader, chunkStorage.get()));
    }

    private boolean accumulateChunkUntilFinal(ChunkStorage chunkStorage, ChunkType chunkType, Payload payload) {
        if (ChunkType.ABORT.equals(chunkType)) {
            chunkStorage.reset();
            return true;
        }
        if (!(payload instanceof BinaryPayload)) {
            throw new IllegalArgumentException("Unexpected payload type " + payload.getClass());
        }
        chunkStorage.append(((BinaryPayload) payload).getPayload());
        return ChunkType.FINAL.equals(chunkType);
    }

    private byte[] createNonce() {
        return createNonce(this.securityPolicy.getNonceLength());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] createNonce(int i) {
        return RandomUtils.nextBytes(i);
    }

    public boolean isSymmetricEncryptionEnabled() {
        return this.messageSecurity == MessageSecurity.SIGN_ENCRYPT;
    }

    public boolean isSymmetricSigningEnabled() {
        return this.messageSecurity == MessageSecurity.SIGN_ENCRYPT || this.messageSecurity == MessageSecurity.SIGN;
    }

    static SecurityPolicy determineSecurityPolicy(OpcuaConfiguration opcuaConfiguration) {
        return (opcuaConfiguration.isDiscovery() && opcuaConfiguration.getServerCertificate() == null) ? SecurityPolicy.NONE : opcuaConfiguration.getSecurityPolicy();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PlcProtocolException toProtocolException(ServiceFault serviceFault) {
        if (!(serviceFault.getResponseHeader() instanceof ResponseHeader)) {
            return new PlcProtocolException("Unexpected service fault");
        }
        long statusCode = ((ResponseHeader) serviceFault.getResponseHeader()).getServiceResult().getStatusCode();
        return new PlcProtocolException("Server returned error " + (OpcuaStatusCode.isDefined(statusCode).booleanValue() ? OpcuaStatusCode.enumForValue(statusCode).name() : "<unknown>") + " (0x" + Long.toHexString(statusCode) + ")");
    }

    public OpcuaProtocolLimits getLimits() {
        return this.limits;
    }

    public byte[] getLocalNonce() {
        return this.localNonce;
    }

    public X509Certificate getLocalCertificate() {
        return this.localCertificate;
    }

    public void setRemoteNonce(byte[] bArr) {
        this.remoteNonce = bArr;
    }

    public byte[] getRemoteNonce() {
        return this.remoteNonce;
    }

    public X509Certificate getRemoteCertificate() {
        return this.remoteCertificate;
    }

    public SecurityPolicy getSecurityPolicy() {
        return this.securityPolicy;
    }

    public MessageSecurity getMessageSecurity() {
        return this.messageSecurity;
    }

    public byte[] encryptPassword(byte[] bArr) {
        return this.encryptionHandler.encryptPassword(bArr);
    }

    public void setSecurityHeader(SecurityHeader securityHeader) {
        this.securityHeader.set(securityHeader);
    }

    public SignatureData createClientSignature() throws GeneralSecurityException {
        return this.encryptionHandler.createClientSignature();
    }

    public void setRemoteCertificate(X509Certificate x509Certificate) {
        this.remoteCertificate = x509Certificate;
    }

    public RequestHeader createRequestHeader(long j) {
        return createRequestHeader(j, this.tm.getRequestHandle());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RequestHeader createRequestHeader(long j, int i) {
        return new RequestHeader(new NodeId(this.authenticationToken.get()), getCurrentDateTime(), i, 0L, SecureChannel.NULL_STRING, j, NULL_EXTENSION_OBJECT);
    }

    public RequestHeader createRequestHeader() {
        return createRequestHeader(this.configuration.getRequestTimeout());
    }

    public static long getCurrentDateTime() {
        return (System.currentTimeMillis() * 10000) + EPOCH_OFFSET;
    }

    public void setAuthenticationToken(NodeIdTypeDefinition nodeIdTypeDefinition) {
        this.authenticationToken.set(nodeIdTypeDefinition);
    }
}
