package org.eclipse.californium.oscore;

import org.eclipse.californium.core.coap.EmptyMessage;
import org.eclipse.californium.core.coap.Message;
import org.eclipse.californium.core.coap.MessageObserverAdapter;
import org.eclipse.californium.core.coap.Request;
import org.eclipse.californium.core.coap.Response;
import org.eclipse.californium.core.network.Exchange;
import org.eclipse.californium.core.network.stack.AbstractLayer;
import org.eclipse.californium.elements.util.Bytes;
import org.eclipse.californium.oscore.ContextRederivation;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/californium/oscore/ObjectSecurityContextLayer.class */
public class ObjectSecurityContextLayer extends AbstractLayer {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) ObjectSecurityContextLayer.class);
    private final OSCoreCtxDB ctxDb;

    public ObjectSecurityContextLayer(OSCoreCtxDB oSCoreCtxDB) {
        if (oSCoreCtxDB == null) {
            throw new NullPointerException("OSCoreCtxDB must be provided!");
        }
        this.ctxDb = oSCoreCtxDB;
    }

    @Override // org.eclipse.californium.core.network.stack.AbstractLayer, org.eclipse.californium.core.network.stack.Layer
    public void receiveRequest(Exchange exchange, Request request) {
        boolean z = request.getOptions().hasOscore() && request.getOptions().getOscore().length != 0 && exchange.getCurrentRequest() != null && exchange.getCurrentRequest().getOptions().hasBlock1();
        if (isProtected(request) && z) {
            LOGGER.debug("Incoming OSCORE request uses outer block-wise");
            try {
                OscoreOptionDecoder oscoreOptionDecoder = new OscoreOptionDecoder(request.getOptions().getOscore());
                try {
                    request = RequestDecryptor.decrypt(this.ctxDb, request, this.ctxDb.getContext(oscoreOptionDecoder.getKid(), oscoreOptionDecoder.getIdContext()));
                    byte[] oscore = request.getOptions().getOscore();
                    request.getOptions().setOscore(Bytes.EMPTY);
                    exchange.setRequest(request);
                    exchange.setCryptographicContextID(oscore);
                } catch (CoapOSException e) {
                    LOGGER.error("Error while receiving OSCore request: {}", e.getMessage());
                    Response manageError = CoapOSExceptionHandler.manageError(e, request);
                    if (manageError != null) {
                        super.sendResponse(exchange, manageError);
                        return;
                    }
                    return;
                }
            } catch (CoapOSException e2) {
                LOGGER.error("Error while receiving OSCore request: {}", e2.getMessage());
                Response manageError2 = CoapOSExceptionHandler.manageError(e2, request);
                if (manageError2 != null) {
                    super.sendResponse(exchange, manageError2);
                    return;
                }
                return;
            }
        }
        super.receiveRequest(exchange, request);
    }

    @Override // org.eclipse.californium.core.network.stack.AbstractLayer, org.eclipse.californium.core.network.stack.Layer
    public void sendRequest(final Exchange exchange, final Request request) {
        if (shouldProtectRequest(request)) {
            try {
                String proxyUri = request.getOptions().hasProxyUri() ? request.getOptions().getProxyUri() : request.getURI();
                if (proxyUri == null) {
                    LOGGER.error(ErrorDescriptions.URI_NULL);
                    throw new OSException(ErrorDescriptions.URI_NULL);
                }
                OSCoreCtx context = this.ctxDb.getContext(proxyUri);
                if (context == null) {
                    LOGGER.error("Context is null");
                    throw new OSException("Context is null");
                }
                if (context.getContextRederivationPhase() == ContextRederivation.PHASE.CLIENT_INITIATE) {
                    ContextRederivation.setLostContext(this.ctxDb, proxyUri);
                    final Request newGet = Request.newGet();
                    newGet.setScheme(request.getScheme());
                    newGet.setURI(request.getURI());
                    newGet.getOptions().setOscore(Bytes.EMPTY);
                    newGet.getOptions().setUriPath("/rederivation/blackhole");
                    final String str = proxyUri;
                    newGet.addMessageObserver(new MessageObserverAdapter() { // from class: org.eclipse.californium.oscore.ObjectSecurityContextLayer.1
                        @Override // org.eclipse.californium.core.coap.MessageObserverAdapter, org.eclipse.californium.core.coap.MessageObserver
                        public void onResponse(Response response) {
                            try {
                                OSCoreCtx context2 = ObjectSecurityContextLayer.this.ctxDb.getContext(str);
                                if (context2 == null) {
                                    ObjectSecurityContextLayer.LOGGER.error("Context is null");
                                } else if (context2.getContextRederivationPhase() != ContextRederivation.PHASE.CLIENT_PHASE_2) {
                                    ObjectSecurityContextLayer.LOGGER.error("Expected phase 2, but is {}", context2.getContextRederivationPhase());
                                }
                            } catch (OSException e) {
                            }
                            exchange.execute(new Runnable() { // from class: org.eclipse.californium.oscore.ObjectSecurityContextLayer.1.1
                                @Override // java.lang.Runnable
                                public void run() {
                                    ObjectSecurityContextLayer.LOGGER.debug("Original Request: {}", exchange.getRequest());
                                    ObjectSecurityContextLayer.super.sendRequest(exchange, request);
                                }
                            });
                        }

                        @Override // org.eclipse.californium.core.coap.MessageObserverAdapter, org.eclipse.californium.core.coap.MessageObserver
                        public void onReject() {
                            request.setRejected(true);
                        }

                        @Override // org.eclipse.californium.core.coap.MessageObserverAdapter, org.eclipse.californium.core.coap.MessageObserver
                        public void onCancel() {
                            request.setCanceled(true);
                        }

                        @Override // org.eclipse.californium.core.coap.MessageObserverAdapter, org.eclipse.californium.core.coap.MessageObserver
                        public void onTimeout() {
                            request.setTimedOut(true);
                        }

                        @Override // org.eclipse.californium.core.coap.MessageObserverAdapter, org.eclipse.californium.core.coap.MessageObserver
                        public void onConnecting() {
                            request.onConnecting();
                        }

                        @Override // org.eclipse.californium.core.coap.MessageObserverAdapter, org.eclipse.californium.core.coap.MessageObserver
                        public void onDtlsRetransmission(int i) {
                            request.onDtlsRetransmission(i);
                        }

                        @Override // org.eclipse.californium.core.coap.MessageObserverAdapter, org.eclipse.californium.core.coap.MessageObserver
                        public void onSendError(Throwable th) {
                            request.setSendError(th);
                        }
                    });
                    LOGGER.debug("Auxiliary Request: {}", exchange.getRequest());
                    final Exchange exchange2 = new Exchange(newGet, exchange.getPeersIdentity(), Exchange.Origin.LOCAL, this.executor);
                    exchange2.execute(new Runnable() { // from class: org.eclipse.californium.oscore.ObjectSecurityContextLayer.2
                        @Override // java.lang.Runnable
                        public void run() {
                            ObjectSecurityContextLayer.super.sendRequest(exchange2, newGet);
                        }
                    });
                    return;
                }
            } catch (IllegalArgumentException e) {
                LOGGER.error("Unable to send request because of illegal argument: {}", e.getMessage());
                return;
            } catch (OSException e2) {
                LOGGER.error("Error sending request: {}", e2.getMessage());
                return;
            }
        }
        LOGGER.trace("Request: {}", exchange.getRequest());
        super.sendRequest(exchange, request);
    }

    @Override // org.eclipse.californium.core.network.stack.AbstractLayer, org.eclipse.californium.core.network.stack.Layer
    public void receiveResponse(Exchange exchange, Response response) {
        Response currentResponse = exchange.getCurrentResponse();
        if ((currentResponse == null || !currentResponse.getOptions().hasBlock2() || this.ctxDb.getContextByToken(currentResponse.getToken()) == null) ? false : true) {
            LOGGER.debug("Incoming OSCORE response uses outer block-wise");
            if (exchange.getCurrentRequest() == null) {
                LOGGER.error("No request tied to this response");
                return;
            }
            try {
                if (isProtected(response)) {
                    response = ObjectSecurityLayer.prepareReceive(this.ctxDb, response, new OscoreOptionDecoder(exchange.getCryptographicContextID()).getSequenceNumber());
                }
                if (exchange.getRequest().isObserveCancel()) {
                    this.ctxDb.removeToken(response.getToken());
                }
            } catch (OSException e) {
                LOGGER.error("Error while receiving OSCore response: {}", e.getMessage());
                EmptyMessage manageError = CoapOSExceptionHandler.manageError(e, response);
                if (manageError != null) {
                    sendEmptyMessage(exchange, manageError);
                    return;
                }
                return;
            }
        }
        super.receiveResponse(exchange, response);
    }

    private static boolean shouldProtectRequest(Request request) {
        return request.getOptions().hasOscore();
    }

    private static boolean isProtected(Message message) {
        return message.getOptions().hasOscore();
    }
}
