package org.eclipse.californium.scandium;

import java.io.IOException;
import java.net.DatagramPacket;
import java.net.DatagramSocket;
import java.net.InetSocketAddress;
import java.util.Arrays;
import java.util.concurrent.TimeUnit;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import org.eclipse.californium.elements.Connector;
import org.eclipse.californium.elements.RawData;
import org.eclipse.californium.elements.RawDataChannel;
import org.eclipse.californium.elements.UDPConnector;
import org.eclipse.californium.elements.config.Configuration;
import org.eclipse.californium.elements.config.UdpConfig;
import org.eclipse.californium.elements.util.StringUtil;
import org.eclipse.californium.scandium.config.DtlsClusterConnectorConfig;
import org.eclipse.californium.scandium.config.DtlsConfig;
import org.eclipse.californium.scandium.config.DtlsConnectorConfig;
import org.eclipse.californium.scandium.dtls.Connection;
import org.eclipse.californium.scandium.dtls.DTLSContext;
import org.eclipse.californium.scandium.dtls.Handshaker;
import org.eclipse.californium.scandium.dtls.ResumptionSupportingConnectionStore;
import org.eclipse.californium.scandium.dtls.pskstore.AdvancedSinglePskStore;
import org.eclipse.californium.scandium.util.SecretUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/californium/scandium/DtlsManagedClusterConnector.class */
public class DtlsManagedClusterConnector extends DtlsClusterConnector {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) DtlsManagedClusterConnector.class);
    public static final String PROTOCOL_MANAGEMENT_UDP = "mgmt-udp";
    public static final String PROTOCOL_MANAGEMENT_DTLS = "mgmt-dtls";
    public static final String PROTOCOL_MANAGEMENT_DTLS_MAC = "mgmt-dtls-mac";
    private final String protocol;
    private final boolean useClusterMac;
    private final Connector clusterManagementConnector;

    /* loaded from: input_file:org/eclipse/californium/scandium/DtlsManagedClusterConnector$ClusterManagementDtlsConnector.class */
    private class ClusterManagementDtlsConnector extends DTLSConnector {
        public ClusterManagementDtlsConnector(DtlsConnectorConfig dtlsConnectorConfig) {
            super(dtlsConnectorConfig);
        }

        @Override // org.eclipse.californium.scandium.DTLSConnector
        protected void onInitializeHandshaker(Handshaker handshaker) {
            if (DtlsManagedClusterConnector.this.useClusterMac) {
                handshaker.setGenerateClusterMacKeys(DtlsManagedClusterConnector.this.useClusterMac);
            }
        }

        @Override // org.eclipse.californium.scandium.DTLSConnector
        protected void start(InetSocketAddress inetSocketAddress) throws IOException {
            if (isRunning()) {
                return;
            }
            super.init(inetSocketAddress, DtlsManagedClusterConnector.this.clusterInternalSocket, null);
        }

        @Override // org.eclipse.californium.scandium.DTLSConnector, org.eclipse.californium.elements.Connector
        public void setRawDataReceiver(final RawDataChannel rawDataChannel) {
            super.setRawDataReceiver(new RawDataChannel() { // from class: org.eclipse.californium.scandium.DtlsManagedClusterConnector.ClusterManagementDtlsConnector.1
                @Override // org.eclipse.californium.elements.RawDataChannel
                public void receiveData(RawData rawData) {
                    rawDataChannel.receiveData(rawData);
                    if (DtlsManagedClusterConnector.this.clusterHealth != null) {
                        DtlsManagedClusterConnector.this.clusterHealth.receivingClusterManagementMessage();
                    }
                }
            });
        }

        @Override // org.eclipse.californium.scandium.DTLSConnector, org.eclipse.californium.elements.Connector
        public void send(RawData rawData) {
            super.send(rawData);
            if (DtlsManagedClusterConnector.this.clusterHealth != null) {
                DtlsManagedClusterConnector.this.clusterHealth.sendingClusterManagementMessage();
            }
        }
    }

    /* loaded from: input_file:org/eclipse/californium/scandium/DtlsManagedClusterConnector$ClusterManagementUdpConnector.class */
    private class ClusterManagementUdpConnector extends UDPConnector {
        public ClusterManagementUdpConnector(InetSocketAddress inetSocketAddress, Configuration configuration) {
            super(inetSocketAddress, configuration);
        }

        @Override // org.eclipse.californium.elements.UDPConnector, org.eclipse.californium.elements.Connector
        public synchronized void start() throws IOException {
            if (isRunning()) {
                return;
            }
            init(DtlsManagedClusterConnector.this.clusterInternalSocket);
        }

        @Override // org.eclipse.californium.elements.UDPConnector, org.eclipse.californium.elements.Connector
        public void processDatagram(DatagramPacket datagramPacket) {
            super.processDatagram(datagramPacket);
            if (DtlsManagedClusterConnector.this.clusterHealth != null) {
                DtlsManagedClusterConnector.this.clusterHealth.receivingClusterManagementMessage();
            }
        }

        @Override // org.eclipse.californium.elements.UDPConnector, org.eclipse.californium.elements.Connector
        public void send(RawData rawData) {
            super.send(rawData);
            if (DtlsManagedClusterConnector.this.clusterHealth != null) {
                DtlsManagedClusterConnector.this.clusterHealth.sendingClusterManagementMessage();
            }
        }
    }

    public DtlsManagedClusterConnector(DtlsConnectorConfig dtlsConnectorConfig, DtlsClusterConnectorConfig dtlsClusterConnectorConfig) {
        this(dtlsConnectorConfig, dtlsClusterConnectorConfig, createConnectionStore(dtlsConnectorConfig));
    }

    protected DtlsManagedClusterConnector(DtlsConnectorConfig dtlsConnectorConfig, DtlsClusterConnectorConfig dtlsClusterConnectorConfig, ResumptionSupportingConnectionStore resumptionSupportingConnectionStore) {
        super(dtlsConnectorConfig, dtlsClusterConnectorConfig, resumptionSupportingConnectionStore, false);
        String secureIdentity = dtlsClusterConnectorConfig.getSecureIdentity();
        Integer addConditionally = addConditionally((Integer) this.config.get(DtlsConfig.DTLS_RECEIVE_BUFFER_SIZE), 28);
        Integer addConditionally2 = addConditionally((Integer) this.config.get(DtlsConfig.DTLS_SEND_BUFFER_SIZE), 28);
        if (secureIdentity != null) {
            SecretKey secretKey = dtlsClusterConnectorConfig.getSecretKey();
            String loggingTag = dtlsConnectorConfig.getLoggingTag();
            DtlsConnectorConfig.Builder connectionListener = DtlsConnectorConfig.builder(dtlsConnectorConfig.getConfiguration()).setLoggingTag((loggingTag == null || loggingTag.isEmpty()) ? "dtls-cluster-mgmt" : StringUtil.normalizeLoggingTag(loggingTag) + "dtls-cluster-mgmt").set(DtlsConfig.DTLS_RETRANSMISSION_TIMEOUT, 500, TimeUnit.MILLISECONDS).set(DtlsConfig.DTLS_MAX_RETRANSMISSIONS, 3).set(DtlsConfig.DTLS_RETRANSMISSION_BACKOFF, 0).set(DtlsConfig.DTLS_MAX_CONNECTIONS, 1024).set(DtlsConfig.DTLS_RECEIVER_THREAD_COUNT, 0).set(DtlsConfig.DTLS_RECEIVE_BUFFER_SIZE, addConditionally).set(DtlsConfig.DTLS_SEND_BUFFER_SIZE, addConditionally2).set(DtlsConfig.DTLS_ROLE, DtlsConfig.DtlsRole.BOTH).setAddress(dtlsClusterConnectorConfig.getAddress()).setAdvancedPskStore(new AdvancedSinglePskStore(secureIdentity, secretKey)).setConnectionListener(new ConnectionListener() { // from class: org.eclipse.californium.scandium.DtlsManagedClusterConnector.1
                @Override // org.eclipse.californium.scandium.ConnectionListener
                public void updateExecution(Connection connection) {
                }

                @Override // org.eclipse.californium.scandium.ConnectionListener
                public boolean onConnectionUpdatesSequenceNumbers(Connection connection, boolean z) {
                    return false;
                }

                @Override // org.eclipse.californium.scandium.ConnectionListener
                public void onConnectionRemoved(Connection connection) {
                    DtlsManagedClusterConnector.LOGGER.info("cluster-node {}: lost connection {}!", Integer.valueOf(DtlsManagedClusterConnector.this.getNodeID()), connection.getPeerAddress());
                }

                @Override // org.eclipse.californium.scandium.ConnectionListener
                public boolean onConnectionMacError(Connection connection) {
                    return false;
                }

                @Override // org.eclipse.californium.scandium.ConnectionListener
                public void onConnectionEstablished(Connection connection) {
                }

                @Override // org.eclipse.californium.scandium.ConnectionListener
                public void beforeExecution(Connection connection) {
                }

                @Override // org.eclipse.californium.scandium.ConnectionListener
                public void afterExecution(Connection connection) {
                }
            });
            SecretUtil.destroy(secretKey);
            this.clusterManagementConnector = new ClusterManagementDtlsConnector(connectionListener.build());
            this.useClusterMac = dtlsClusterConnectorConfig.useClusterMac();
            this.protocol = this.useClusterMac ? PROTOCOL_MANAGEMENT_DTLS_MAC : PROTOCOL_MANAGEMENT_DTLS;
        } else {
            Configuration configuration = new Configuration();
            configuration.set(UdpConfig.UDP_RECEIVER_THREAD_COUNT, 0);
            configuration.set(UdpConfig.UDP_SENDER_THREAD_COUNT, 2);
            configuration.set(UdpConfig.UDP_RECEIVE_BUFFER_SIZE, addConditionally);
            configuration.set(UdpConfig.UDP_SEND_BUFFER_SIZE, addConditionally2);
            this.clusterManagementConnector = new ClusterManagementUdpConnector(dtlsClusterConnectorConfig.getAddress(), configuration);
            this.useClusterMac = false;
            this.protocol = PROTOCOL_MANAGEMENT_UDP;
        }
        LOGGER.info("cluster-node {} ({}): recv. buffer {}, send buffer {}", Integer.valueOf(getNodeID()), this.protocol, addConditionally, addConditionally2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.eclipse.californium.scandium.DtlsClusterConnector, org.eclipse.californium.scandium.DTLSConnector
    public void init(InetSocketAddress inetSocketAddress, DatagramSocket datagramSocket, Integer num) throws IOException {
        super.init(inetSocketAddress, datagramSocket, num);
        this.clusterManagementConnector.start();
        startReceiver();
    }

    @Override // org.eclipse.californium.scandium.DtlsClusterConnector, org.eclipse.californium.scandium.DTLSConnector, org.eclipse.californium.elements.Connector
    public void stop() {
        super.stop();
        this.clusterManagementConnector.stop();
    }

    @Override // org.eclipse.californium.scandium.DTLSConnector, org.eclipse.californium.elements.Connector
    public void destroy() {
        super.destroy();
        this.clusterManagementConnector.destroy();
    }

    @Override // org.eclipse.californium.scandium.DtlsClusterConnector
    protected int getClusterMacLength() {
        return this.useClusterMac ? 8 : 0;
    }

    public String getManagementProtocol() {
        return this.protocol;
    }

    public Connector getClusterManagementConnector() {
        return this.clusterManagementConnector;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.eclipse.californium.scandium.DtlsClusterConnector
    public void processDatagramFromClusterNetwork(Byte b, DatagramPacket datagramPacket) throws IOException {
        if (this.useClusterMac) {
            try {
                DTLSContext dtlsContextByAddress = ((DTLSConnector) this.clusterManagementConnector).getDtlsContextByAddress((InetSocketAddress) datagramPacket.getSocketAddress());
                if (dtlsContextByAddress == null) {
                    throw new IOException("Cluster MAC could not be validated! Missing DTLS context.");
                }
                Mac threadLocalClusterReadMac = dtlsContextByAddress.getThreadLocalClusterReadMac();
                if (threadLocalClusterReadMac == null) {
                    throw new IOException("Cluster MAC could not be validated! Missing keys.");
                }
                if (!validateClusterMac(threadLocalClusterReadMac, datagramPacket)) {
                    if (LOGGER.isInfoEnabled()) {
                        byte[] copyOf = Arrays.copyOf(calculateClusterMac(threadLocalClusterReadMac, datagramPacket), 8);
                        byte[] data = datagramPacket.getData();
                        int offset = datagramPacket.getOffset();
                        int i = 4 + (data[offset + 3] & 255);
                        LOGGER.info("cluster-node {} ({}): drop internal record, cluster MAC failure! {} != {}", Integer.valueOf(getNodeID()), this.protocol, StringUtil.byteArray2Hex(copyOf), StringUtil.byteArray2Hex(Arrays.copyOfRange(data, offset + i, offset + i + 8)));
                    }
                    if (this.clusterHealth != null) {
                        if (RECORD_TYPE_INCOMING.equals(b)) {
                            this.clusterHealth.badForwardMessage();
                            return;
                        } else {
                            if (RECORD_TYPE_OUTGOING.equals(b)) {
                                this.clusterHealth.badBackwardMessage();
                                return;
                            }
                            return;
                        }
                    }
                    return;
                }
            } catch (RuntimeException e) {
                LOGGER.debug("cluster-node {} ({}): receiving failed!", Integer.valueOf(getNodeID()), this.protocol, e);
                throw new IOException("Cluster MAC could not be validated!", e);
            }
        }
        super.processDatagramFromClusterNetwork(b, datagramPacket);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.eclipse.californium.scandium.DtlsClusterConnector
    public void sendDatagramToClusterNetwork(DatagramPacket datagramPacket) throws IOException {
        if (this.useClusterMac) {
            try {
                DTLSContext dtlsContextByAddress = ((DTLSConnector) this.clusterManagementConnector).getDtlsContextByAddress((InetSocketAddress) datagramPacket.getSocketAddress());
                if (dtlsContextByAddress == null) {
                    throw new IOException("Cluster MAC could not be generated! Missing dtls context.");
                }
                Mac threadLocalClusterWriteMac = dtlsContextByAddress.getThreadLocalClusterWriteMac();
                if (threadLocalClusterWriteMac == null) {
                    throw new IOException("Cluster MAC could not be generated! Missing keys.");
                }
                setClusterMac(threadLocalClusterWriteMac, datagramPacket);
            } catch (RuntimeException e) {
                LOGGER.debug("cluster-node {} ({}): sending failed!", Integer.valueOf(getNodeID()), this.protocol, e);
                throw new IOException("Cluster MAC could not be generated!", e);
            }
        }
        super.sendDatagramToClusterNetwork(datagramPacket);
    }

    public static boolean validateClusterMac(Mac mac, DatagramPacket datagramPacket) {
        byte[] calculateClusterMac = calculateClusterMac(mac, datagramPacket);
        byte[] data = datagramPacket.getData();
        int offset = datagramPacket.getOffset();
        int i = offset + 4 + (data[offset + 3] & 255);
        int i2 = 0;
        for (int i3 = 0; i3 < 8; i3++) {
            if (calculateClusterMac[i3] != data[i + i3]) {
                i2++;
            }
        }
        return i2 == 0;
    }

    public static void setClusterMac(Mac mac, DatagramPacket datagramPacket) {
        byte[] calculateClusterMac = calculateClusterMac(mac, datagramPacket);
        byte[] data = datagramPacket.getData();
        int offset = datagramPacket.getOffset();
        System.arraycopy(calculateClusterMac, 0, data, offset + 4 + (data[offset + 3] & 255), 8);
    }

    public static byte[] calculateClusterMac(Mac mac, DatagramPacket datagramPacket) {
        byte[] data = datagramPacket.getData();
        int offset = datagramPacket.getOffset();
        int length = datagramPacket.getLength();
        int i = 4 + (data[offset + 3] & 255);
        int i2 = i + 8;
        if (i2 >= length) {
            throw new IllegalArgumentException(length + " bytes is too small for cluster MAC message!");
        }
        mac.update(data, offset, i);
        int i3 = length - i2;
        if (i3 > 0) {
            int i4 = offset + i2;
            if (i3 > 64 - i) {
                mac.update(data, i4, 32);
                i4 += i3 - 32;
                i3 = 32;
            }
            mac.update(data, i4, i3);
        }
        return mac.doFinal();
    }

    @Override // org.eclipse.californium.scandium.DtlsClusterConnector
    protected void processManagementDatagramFromClusterNetwork(DatagramPacket datagramPacket) throws IOException {
        LOGGER.trace("cluster-node {} ({}): process datagram from {}, {} bytes", Integer.valueOf(getNodeID()), this.protocol, datagramPacket.getAddress(), Integer.valueOf(datagramPacket.getLength()));
        this.clusterManagementConnector.processDatagram(datagramPacket);
    }

    private static Integer addConditionally(Integer num, int i) {
        return (num == null || num.intValue() == 0) ? num : Integer.valueOf(num.intValue() + i);
    }
}
