package org.eclipse.californium.scandium.dtls;

import java.net.InetSocketAddress;
import java.security.Principal;
import java.security.PublicKey;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.eclipse.californium.scandium.dtls.cipher.CipherSuite;

/* loaded from: input_file:org/eclipse/californium/scandium/dtls/DTLSSession.class */
public final class DTLSSession {
    public static final int HEADER_LENGTH = 53;
    private static final Logger LOGGER = Logger.getLogger(DTLSSession.class.getName());
    private static final long RECEIVE_WINDOW_SIZE = 64;
    private static final long MAX_SEQUENCE_NO = 281474976710655L;
    private static final int MAX_FRAGMENT_LENGTH_DEFAULT = 16384;
    private static final int MAX_TRANSMISSION_UNIT_DEFAULT = 1400;
    private static final int MASTER_SECRET_LENGTH = 48;
    private InetSocketAddress peer;
    private SessionId sessionIdentifier;
    private Principal peerIdentity;
    private int maxFragmentLength;
    private int maxTransmissionUnit;
    private CipherSuite cipherSuite;
    private CompressionMethod compressionMethod;
    private byte[] masterSecret;
    private String pskIdentity;
    private PublicKey peerRawPublicKey;
    private final boolean isClient;
    private DTLSConnectionState readState;
    private DTLSConnectionState writeState;
    private int readEpoch;
    private int writeEpoch;
    private Map<Integer, Long> sequenceNumbers;
    private boolean sendRawPublicKey;
    private boolean receiveRawPublicKey;
    private volatile long receiveWindowUpperBoundary;
    private volatile long receiveWindowLowerBoundary;
    private volatile long receivedRecordsVector;

    public DTLSSession(InetSocketAddress inetSocketAddress, boolean z) {
        this(inetSocketAddress, z, 0L);
    }

    public DTLSSession(InetSocketAddress inetSocketAddress, DTLSSession dTLSSession, long j) {
        this(inetSocketAddress, dTLSSession.isClient, j);
        this.sessionIdentifier = dTLSSession.sessionIdentifier;
        this.cipherSuite = dTLSSession.getWriteState().getCipherSuite();
        this.compressionMethod = dTLSSession.getWriteState().getCompressionMethod();
        this.sendRawPublicKey = dTLSSession.sendRawPublicKey;
        this.receiveRawPublicKey = dTLSSession.receiveRawPublicKey;
        this.masterSecret = dTLSSession.masterSecret;
        this.peerIdentity = dTLSSession.peerIdentity;
    }

    public DTLSSession(InetSocketAddress inetSocketAddress, boolean z, long j) {
        this.peer = null;
        this.sessionIdentifier = null;
        this.maxFragmentLength = MAX_FRAGMENT_LENGTH_DEFAULT;
        this.maxTransmissionUnit = MAX_TRANSMISSION_UNIT_DEFAULT;
        this.cipherSuite = CipherSuite.TLS_NULL_WITH_NULL_NULL;
        this.compressionMethod = CompressionMethod.NULL;
        this.masterSecret = null;
        this.readState = new DTLSConnectionState();
        this.writeState = new DTLSConnectionState();
        this.readEpoch = 0;
        this.writeEpoch = 0;
        this.sequenceNumbers = new HashMap();
        this.sendRawPublicKey = false;
        this.receiveRawPublicKey = false;
        this.receiveWindowUpperBoundary = 63L;
        this.receiveWindowLowerBoundary = 0L;
        this.receivedRecordsVector = 0L;
        if (inetSocketAddress == null) {
            throw new NullPointerException("Peer address must not be null");
        }
        if (j < 0 || j > MAX_SEQUENCE_NO) {
            throw new IllegalArgumentException("Initial sequence number must be greater than 0 and less than 2^48");
        }
        this.peer = inetSocketAddress;
        this.isClient = z;
        this.sequenceNumbers.put(0, Long.valueOf(j));
    }

    public SessionId getSessionIdentifier() {
        return this.sessionIdentifier;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSessionIdentifier(SessionId sessionId) {
        this.sessionIdentifier = sessionId;
    }

    @Deprecated
    public PublicKey getPeerRawPublicKey() {
        return this.peerRawPublicKey;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Deprecated
    public void setPeerRawPublicKey(PublicKey publicKey) {
        this.peerRawPublicKey = publicKey;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CipherSuite getCipherSuite() {
        return this.cipherSuite;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setCipherSuite(CipherSuite cipherSuite) {
        if (cipherSuite == null || CipherSuite.TLS_NULL_WITH_NULL_NULL == cipherSuite) {
            throw new IllegalArgumentException("Negotiated cipher suite must not be null");
        }
        this.cipherSuite = cipherSuite;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CompressionMethod getCompressionMethod() {
        return this.compressionMethod;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setCompressionMethod(CompressionMethod compressionMethod) {
        this.compressionMethod = compressionMethod;
    }

    boolean isClient() {
        return this.isClient;
    }

    public int getWriteEpoch() {
        return this.writeEpoch;
    }

    void setWriteEpoch(int i) {
        if (i < 0) {
            throw new IllegalArgumentException("Write epoch must not be negative");
        }
        this.writeEpoch = i;
    }

    public int getReadEpoch() {
        return this.readEpoch;
    }

    void setReadEpoch(int i) {
        if (i < 0) {
            throw new IllegalArgumentException("Read epoch must not be negative");
        }
        resetReceiveWindow();
        this.readEpoch = i;
    }

    private synchronized void incrementReadEpoch() {
        resetReceiveWindow();
        this.readEpoch++;
    }

    private synchronized void incrementWriteEpoch() {
        this.writeEpoch++;
        this.sequenceNumbers.put(Integer.valueOf(this.writeEpoch), 0L);
    }

    public synchronized long getSequenceNumber() {
        return getSequenceNumber(this.writeEpoch);
    }

    public synchronized long getSequenceNumber(int i) {
        long longValue = this.sequenceNumbers.get(Integer.valueOf(i)).longValue();
        if (longValue >= MAX_SEQUENCE_NO) {
            throw new IllegalStateException("Maximum sequence number for epoch has been reached");
        }
        this.sequenceNumbers.put(Integer.valueOf(i), Long.valueOf(longValue + 1));
        return longValue;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DTLSConnectionState getReadState() {
        return this.readState;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void setReadState(DTLSConnectionState dTLSConnectionState) {
        if (dTLSConnectionState == null) {
            throw new NullPointerException("Read state must not be null");
        }
        this.readState = dTLSConnectionState;
        incrementReadEpoch();
        LOGGER.log(Level.FINEST, "Setting current read state to\n{0}", dTLSConnectionState);
    }

    public String getReadStateCipher() {
        return this.readState.getCipherSuite().name();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DTLSConnectionState getWriteState() {
        return this.writeState;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void setWriteState(DTLSConnectionState dTLSConnectionState) {
        if (dTLSConnectionState == null) {
            throw new NullPointerException("Write state must not be null");
        }
        this.writeState = dTLSConnectionState;
        incrementWriteEpoch();
        determineMaxFragmentLength(this.maxFragmentLength);
        LOGGER.log(Level.FINEST, "Setting current write state to\n{0}", dTLSConnectionState);
    }

    public String getWriteStateCipher() {
        return this.writeState.getCipherSuite().name();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final CipherSuite.KeyExchangeAlgorithm getKeyExchange() {
        if (this.cipherSuite == null) {
            throw new IllegalStateException("Cipher suite has not been set (yet)");
        }
        return this.cipherSuite.getKeyExchange();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] getMasterSecret() {
        return this.masterSecret;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setMasterSecret(byte[] bArr) {
        if (this.masterSecret == null) {
            if (bArr == null) {
                throw new NullPointerException("Master secret must not be null");
            }
            if (bArr.length != 48) {
                throw new IllegalArgumentException(String.format("Master secret must consist of of exactly %d bytes but has %d bytes", 48, Integer.valueOf(bArr.length)));
            }
            this.masterSecret = Arrays.copyOf(bArr, bArr.length);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setMaxFragmentLength(int i) {
        if (i < 0 || i > MAX_FRAGMENT_LENGTH_DEFAULT) {
            throw new IllegalArgumentException("Max. fragment length must be > 0 and < 16384");
        }
        determineMaxFragmentLength(i);
    }

    public int getMaxDatagramSize() {
        return this.maxFragmentLength + this.writeState.getMaxCiphertextExpansion() + 53;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setMaxTransmissionUnit(int i) {
        if (i < 60) {
            throw new IllegalArgumentException("MTU must be at least 60 bytes");
        }
        LOGGER.log(Level.FINER, "Setting MTU for peer [{0}] to {1} bytes", new Object[]{this.peer, Integer.valueOf(i)});
        this.maxTransmissionUnit = i;
        determineMaxFragmentLength(i);
    }

    private void determineMaxFragmentLength(int i) {
        if (i + this.writeState.getMaxCiphertextExpansion() + 53 <= this.maxTransmissionUnit) {
            this.maxFragmentLength = i;
        } else {
            this.maxFragmentLength = (this.maxTransmissionUnit - 53) - this.writeState.getMaxCiphertextExpansion();
        }
        LOGGER.log(Level.FINER, "Setting maximum fragment length for peer [{0}] to {1} bytes", new Object[]{this.peer, Integer.valueOf(this.maxFragmentLength)});
    }

    public int getMaxFragmentLength() {
        return this.maxFragmentLength;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean sendRawPublicKey() {
        return this.sendRawPublicKey;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSendRawPublicKey(boolean z) {
        this.sendRawPublicKey = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean receiveRawPublicKey() {
        return this.receiveRawPublicKey;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setReceiveRawPublicKey(boolean z) {
        this.receiveRawPublicKey = z;
    }

    public InetSocketAddress getPeer() {
        return this.peer;
    }

    public Principal getPeerIdentity() {
        return this.peerIdentity;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setPeerIdentity(Principal principal) {
        if (principal == null) {
            throw new NullPointerException("Peer identity must not be null");
        }
        this.peerIdentity = principal;
    }

    @Deprecated
    public String getPskIdentity() {
        return this.pskIdentity;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Deprecated
    public void setPskIdentity(String str) {
        this.pskIdentity = str;
    }

    public boolean isRecordProcessable(long j, long j2) {
        if (j < getReadEpoch() || j > getReadEpoch()) {
            return false;
        }
        synchronized (this) {
            if (j2 < this.receiveWindowLowerBoundary) {
                return false;
            }
            return !isDuplicate(j2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized boolean isDuplicate(long j) {
        if (j > this.receiveWindowUpperBoundary) {
            return false;
        }
        long j2 = 1 << ((int) (j - this.receiveWindowLowerBoundary));
        if (LOGGER.isLoggable(Level.FINER)) {
            LOGGER.log(Level.FINER, "Checking sequence no [{0}] using bit mask [{1}] against received records [{2}] with lower boundary [{3}]", new Object[]{Long.valueOf(j), Long.toBinaryString(j2), Long.toBinaryString(this.receivedRecordsVector), Long.valueOf(this.receiveWindowLowerBoundary)});
        }
        return (this.receivedRecordsVector & j2) == j2;
    }

    public synchronized void markRecordAsRead(long j, long j2) {
        if (j == getReadEpoch()) {
            if (j2 > this.receiveWindowUpperBoundary) {
                long j3 = j2 - this.receiveWindowUpperBoundary;
                this.receiveWindowUpperBoundary = j2;
                this.receivedRecordsVector >>>= (int) j3;
                this.receiveWindowLowerBoundary = Math.max(0L, (this.receiveWindowUpperBoundary - RECEIVE_WINDOW_SIZE) + 1);
            }
            this.receivedRecordsVector |= 1 << ((int) (j2 - this.receiveWindowLowerBoundary));
            LOGGER.log(Level.FINER, "Updated receive window with sequence number [{0}]: new upper boundary [{1}], new bit vector [{2}]", new Object[]{Long.valueOf(j2), Long.valueOf(this.receiveWindowUpperBoundary), Long.toBinaryString(this.receivedRecordsVector)});
        }
    }

    private synchronized void resetReceiveWindow() {
        this.receivedRecordsVector = 0L;
        this.receiveWindowUpperBoundary = 63L;
        this.receiveWindowLowerBoundary = 0L;
    }
}
