package org.opendof.core.oal;

import java.io.IOException;
import java.io.InvalidObjectException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.ObjectStreamException;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.opendof.core.internal.core.ImmutableCollection;
import org.opendof.core.internal.core.ImmutableList;
import org.opendof.core.internal.core.ImmutableMap;
import org.opendof.core.internal.core.OALAuthenticator;
import org.opendof.core.internal.core.OALCore;
import org.opendof.core.internal.protocol.security.EncryptionUtil;
import org.opendof.core.internal.protocol.security.mode.ccm.DefaultCCM;
import org.opendof.core.oal.DOFObjectID;
import org.opendof.core.oal.security.DOFCipher;
import org.opendof.core.oal.security.DOFPermissionSet;
import org.opendof.core.oal.security.DOFSecurityException;

/* loaded from: input_file:org/opendof/core/oal/DOFAuthenticator.class */
public final class DOFAuthenticator {
    private final OALAuthenticator oalAuthenticator;

    /* loaded from: input_file:org/opendof/core/oal/DOFAuthenticator$AuthenticationNode.class */
    public static final class AuthenticationNode implements DOFImmutable, Serializable {
        private static final long serialVersionUID = -4417050872016197126L;
        private final DOFObjectID.Authentication nodeID;
        private final byte[] credentialStorage;
        private final ImmutableList<Integer> credentialTypes;
        private final boolean isEnabled;
        private final int sourceIdentifier;
        private final ImmutableMap<Integer, DOFPermissionSet> permissionSetMap;
        private final ImmutableCollection<DOFObjectID.Authentication> groups;

        private AuthenticationNode(DOFObjectID.Authentication authentication, int i, byte[] bArr, Map<Integer, DOFPermissionSet> map, Collection<DOFObjectID.Authentication> collection, boolean z) {
            this.nodeID = authentication;
            this.credentialStorage = bArr != null ? (byte[]) bArr.clone() : null;
            this.isEnabled = z;
            this.sourceIdentifier = i;
            this.permissionSetMap = new ImmutableMap<>(map);
            this.groups = new ImmutableCollection<>(collection);
            this.credentialTypes = null;
        }

        private AuthenticationNode(DOFObjectID.Authentication authentication, int i, List<Integer> list, Map<Integer, DOFPermissionSet> map, Collection<DOFObjectID.Authentication> collection, boolean z) {
            this.nodeID = authentication;
            this.credentialTypes = new ImmutableList<>(list);
            this.isEnabled = z;
            this.sourceIdentifier = i;
            this.permissionSetMap = new ImmutableMap<>(map);
            this.groups = new ImmutableCollection<>(collection);
            this.credentialStorage = null;
        }

        public int getSourceIdentifier() {
            return this.sourceIdentifier;
        }

        public Map<Integer, DOFPermissionSet> getPermissions() {
            return this.permissionSetMap != null ? new HashMap(this.permissionSetMap) : new HashMap();
        }

        public List<Integer> getSecurityScopeIDs() {
            return this.permissionSetMap != null ? new ArrayList(this.permissionSetMap.keySet()) : new ArrayList();
        }

        public Collection<DOFObjectID.Authentication> getGroups() {
            return this.groups != null ? new ArrayList(this.groups) : new ArrayList();
        }

        public boolean isMember(DOFObjectID.Authentication authentication) {
            if (this.groups != null) {
                return this.groups.contains(authentication);
            }
            return false;
        }

        public DOFObjectID.Authentication getNodeID() {
            return this.nodeID;
        }

        public byte[] getCredentialsStorage() {
            if (this.credentialStorage == null) {
                return null;
            }
            byte[] bArr = new byte[this.credentialStorage.length];
            System.arraycopy(this.credentialStorage, 0, bArr, 0, this.credentialStorage.length);
            return bArr;
        }

        public List<Integer> getCredentialTypes() {
            ArrayList arrayList;
            if (this.credentialTypes == null) {
                return null;
            }
            synchronized (this.credentialTypes) {
                arrayList = new ArrayList(this.credentialTypes);
            }
            return arrayList;
        }

        public boolean isEnabled() {
            return this.isEnabled;
        }

        public static AuthenticationNode create(DOFObjectID.Authentication authentication, int i, byte[] bArr, Map<Integer, DOFPermissionSet> map, Collection<DOFObjectID.Authentication> collection, boolean z) {
            return new AuthenticationNode(authentication, i, bArr, map, collection, z);
        }

        public static AuthenticationNode create(DOFObjectID.Authentication authentication, int i, List<Integer> list, Map<Integer, DOFPermissionSet> map, Collection<DOFObjectID.Authentication> collection, boolean z) {
            return new AuthenticationNode(authentication, i, list, map, collection, z);
        }

        private void writeObject(ObjectOutputStream objectOutputStream) throws IOException {
            objectOutputStream.defaultWriteObject();
        }

        private void readObject(ObjectInputStream objectInputStream) throws IOException, ClassNotFoundException {
            objectInputStream.defaultReadObject();
        }
    }

    /* loaded from: input_file:org/opendof/core/oal/DOFAuthenticator$Config.class */
    public static final class Config implements DOFImmutable, Serializable {
        private static final long serialVersionUID = -3094351850400953507L;
        public static final short DEFAULT_MAX_GRANT_LIFETIME = 1440;
        final OALAuthenticator.ImmutableData authData;
        private final Storage storage;
        private final byte[] debugKey;

        /* loaded from: input_file:org/opendof/core/oal/DOFAuthenticator$Config$Builder.class */
        public static final class Builder {
            private final OALAuthenticator.Data authData;
            private Storage storage;
            private byte[] debugKey;

            public Builder(DOFObjectID.Domain domain, byte b, Storage storage) {
                this.debugKey = null;
                if (domain == null || !domain.isUnicast()) {
                    throw new IllegalArgumentException("Builder: domain_id == null || !domainID.isUnicast()");
                }
                this.authData = new OALAuthenticator.Data(domain, b);
                this.storage = storage;
            }

            public Builder(Config config) {
                this.debugKey = null;
                if (config == null) {
                    throw new IllegalArgumentException("Builder: config == null");
                }
                this.authData = new OALAuthenticator.Data(config.authData);
                this.authData.name = null;
                this.storage = config.storage;
                this.debugKey = config.debugKey;
            }

            public Builder(State state, Storage storage) {
                this.debugKey = null;
                if (state == null) {
                    throw new IllegalArgumentException("Builder: state == null");
                }
                this.authData = new OALAuthenticator.Data(((OALAuthenticator.State) state).getAuthData());
                this.authData.name = null;
                this.storage = storage;
            }

            public Builder setName(String str) {
                this.authData.name = str;
                return this;
            }

            public Builder setAuthenticatorIdentifier(byte b) {
                if (b < 0 || b > 63) {
                    throw new IllegalArgumentException("Builder: authenticatorID < 0 || authenticatorID > 63");
                }
                this.authData.authenticatorID = b;
                return this;
            }

            public Builder setStorage(Storage storage) {
                this.storage = storage;
                return this;
            }

            public Builder setDomainID(DOFObjectID.Domain domain) {
                this.authData.domainID = domain;
                return this;
            }

            public Builder setMaxGrantLifetime(short s) {
                this.authData.maxGrantLifetime = s;
                return this;
            }

            public Builder setDebug(boolean z) {
                this.authData.isDebug = z;
                return this;
            }

            public Builder setDebugKey(byte[] bArr) {
                this.debugKey = bArr;
                return this;
            }

            public Config build() {
                if (this.authData.isDebug && this.debugKey == null) {
                    throw new IllegalArgumentException("isDebug() == true && DebugKey == null (debug key must be specified.");
                }
                return new Config(new OALAuthenticator.ImmutableData(this.authData), this.storage, this.debugKey);
            }
        }

        private Config(OALAuthenticator.ImmutableData immutableData, Storage storage, byte[] bArr) {
            this.authData = immutableData;
            this.storage = storage;
            this.debugKey = bArr;
        }

        public String getName() {
            return this.authData.name;
        }

        public byte getAuthenticatorIdentifier() {
            return this.authData.authenticatorID;
        }

        public DOFObjectID.Domain getDomainID() {
            return this.authData.domainID;
        }

        public Storage getStorage() {
            return this.storage;
        }

        public short getMaxGrantLifetime() {
            return this.authData.maxGrantLifetime;
        }

        public boolean isDebug() {
            return this.authData.isDebug;
        }

        public byte[] getDebugKey() {
            return this.debugKey;
        }

        private void writeObject(ObjectOutputStream objectOutputStream) throws IOException {
            objectOutputStream.defaultWriteObject();
        }

        private void readObject(ObjectInputStream objectInputStream) throws IOException, ClassNotFoundException {
            objectInputStream.defaultReadObject();
        }

        private Object readResolve() throws ObjectStreamException {
            try {
                return new Builder(this).build();
            } catch (Exception e) {
                throw new InvalidObjectException(e.getMessage());
            }
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            Config config = (Config) obj;
            if (this.authData != null) {
                if (!this.authData.equals(config.authData)) {
                    return false;
                }
            } else if (config.authData != null) {
                return false;
            }
            if (Arrays.equals(this.debugKey, config.debugKey)) {
                return this.storage != null ? this.storage.equals(config.storage) : config.storage == null;
            }
            return false;
        }

        public int hashCode() {
            return (31 * ((31 * (this.authData != null ? this.authData.hashCode() : 0)) + (this.storage != null ? this.storage.hashCode() : 0))) + (this.debugKey != null ? Arrays.hashCode(this.debugKey) : 0);
        }
    }

    /* loaded from: input_file:org/opendof/core/oal/DOFAuthenticator$CredentialStorage.class */
    public interface CredentialStorage {
        short getType();

        DOFObjectID.Authentication getIdentity();

        byte[] getStorageKey();

        void setPrivateStorage(DOFObjectID.Domain domain, DOFObjectID.Authentication authentication, byte[] bArr) throws DOFSecurityException;
    }

    /* loaded from: input_file:org/opendof/core/oal/DOFAuthenticator$RemoteDomainNode.class */
    public static final class RemoteDomainNode implements DOFImmutable, Serializable {
        private static final long serialVersionUID = 8835852718877603734L;
        private final DOFObjectID.Authentication nodeID;
        private final byte[] credentialStorage;
        private final ImmutableList<Integer> credentialTypes;
        private final boolean isEnabled;
        private final int remoteDomainIdentifier;
        private final DOFObjectID.Authentication currentLocalNodeID;
        private final DOFObjectID.Authentication defaultLocalNode;
        private final ImmutableMap<DOFObjectID.Authentication, DOFObjectID.Authentication> initiatorLocalNodeMap;

        private RemoteDomainNode(DOFObjectID.Authentication authentication, byte[] bArr, int i, DOFObjectID.Authentication authentication2, boolean z) {
            this.nodeID = authentication;
            this.credentialStorage = bArr != null ? (byte[]) bArr.clone() : null;
            this.isEnabled = z;
            this.remoteDomainIdentifier = i;
            this.currentLocalNodeID = authentication2;
            this.defaultLocalNode = null;
            this.initiatorLocalNodeMap = null;
            this.credentialTypes = null;
        }

        private RemoteDomainNode(DOFObjectID.Authentication authentication, List<Integer> list, int i, DOFObjectID.Authentication authentication2, Map<DOFObjectID.Authentication, DOFObjectID.Authentication> map, boolean z) {
            this.nodeID = authentication;
            this.credentialTypes = new ImmutableList<>(list);
            this.isEnabled = z;
            this.remoteDomainIdentifier = i;
            this.initiatorLocalNodeMap = new ImmutableMap<>(map != null ? map : new HashMap<>());
            this.defaultLocalNode = authentication2;
            this.currentLocalNodeID = null;
            this.credentialStorage = null;
        }

        public int getRemoteDomainIdentifier() {
            return this.remoteDomainIdentifier;
        }

        public DOFObjectID.Authentication getLocalID() {
            return this.currentLocalNodeID;
        }

        public DOFObjectID.Authentication getNodeID() {
            return this.nodeID;
        }

        public byte[] getCredentialsStorage() {
            if (this.credentialStorage == null) {
                return null;
            }
            byte[] bArr = new byte[this.credentialStorage.length];
            System.arraycopy(this.credentialStorage, 0, bArr, 0, this.credentialStorage.length);
            return bArr;
        }

        public List<Integer> getCredentialTypes() {
            ArrayList arrayList;
            if (this.credentialTypes == null) {
                return null;
            }
            synchronized (this.credentialTypes) {
                arrayList = new ArrayList(this.credentialTypes);
            }
            return arrayList;
        }

        public boolean isEnabled() {
            return this.isEnabled;
        }

        public Map<DOFObjectID.Authentication, DOFObjectID.Authentication> getInitiatorLocalNodeMap() {
            HashMap hashMap;
            if (this.initiatorLocalNodeMap == null) {
                return null;
            }
            synchronized (this.initiatorLocalNodeMap) {
                hashMap = new HashMap(this.initiatorLocalNodeMap);
            }
            return hashMap;
        }

        public DOFObjectID.Authentication getDefaultLocalNode() {
            return this.defaultLocalNode;
        }

        public static RemoteDomainNode create(DOFObjectID.Authentication authentication, byte[] bArr, int i, DOFObjectID.Authentication authentication2, boolean z) {
            return new RemoteDomainNode(authentication, bArr, i, authentication2, z);
        }

        public static RemoteDomainNode create(DOFObjectID.Authentication authentication, List<Integer> list, int i, DOFObjectID.Authentication authentication2, Map<DOFObjectID.Authentication, DOFObjectID.Authentication> map, boolean z) {
            return new RemoteDomainNode(authentication, list, i, authentication2, map, z);
        }

        private void writeObject(ObjectOutputStream objectOutputStream) throws IOException {
            objectOutputStream.defaultWriteObject();
        }

        private void readObject(ObjectInputStream objectInputStream) throws IOException, ClassNotFoundException {
            objectInputStream.defaultReadObject();
        }
    }

    /* loaded from: input_file:org/opendof/core/oal/DOFAuthenticator$SecureGroupNode.class */
    public static final class SecureGroupNode implements DOFImmutable, Serializable {
        private static final long serialVersionUID = 5294001270288464083L;
        public static final GroupConfig DEFAULT_GROUP_CONFIG = GroupConfig.create(5, 64, 60, GroupConfig.createDefaultMode());
        private final DOFObjectID.Authentication nodeID;
        private final byte[] credentialStorage;
        private final ImmutableList<Integer> credentialTypes;
        private final boolean isEnabled;
        private final int sourceIdentifier;
        private final short epoch;
        private final int stateID;
        private final ImmutableMap<Integer, DOFPermissionSet> permissionSetMap;
        private final GroupConfig groupConfig;

        /* loaded from: input_file:org/opendof/core/oal/DOFAuthenticator$SecureGroupNode$GroupConfig.class */
        public static final class GroupConfig implements DOFImmutable, Serializable {
            private static final long serialVersionUID = 7028887776669780107L;
            public static final short DEFAULT_TMIN = 5;
            public static final short DEFAULT_TMAX = 64;
            public static final short DEFAULT_HEARTBEAT = 60;
            private final short tMin;
            private final short tMax;
            private final short heartBeat;
            private final byte[] mode;

            private GroupConfig(short s, short s2, short s3, byte[] bArr) {
                this.tMin = s;
                this.tMax = s2;
                this.heartBeat = s3;
                if (bArr == null) {
                    this.mode = createDefaultMode();
                } else {
                    this.mode = bArr;
                }
            }

            static byte[] createDefaultMode() {
                return new DefaultCCM(DOFCipher.Algorithm.AES, DOFCipher.Strength._256, 4, true).getBytes();
            }

            public byte[] getSecurityMode() {
                byte[] bArr = new byte[this.mode.length];
                System.arraycopy(this.mode, 0, bArr, 0, this.mode.length);
                return bArr;
            }

            public short getHeartbeatPeriod() {
                return this.heartBeat;
            }

            public short getMinKEKPeriod() {
                return this.tMin;
            }

            public short getMaxKEKPeriod() {
                return this.tMax;
            }

            public static GroupConfig create(short s, short s2, short s3, byte[] bArr) {
                return new GroupConfig(s, s2, s3, bArr);
            }

            private void writeObject(ObjectOutputStream objectOutputStream) throws IOException {
                objectOutputStream.defaultWriteObject();
            }

            private void readObject(ObjectInputStream objectInputStream) throws IOException, ClassNotFoundException {
                objectInputStream.defaultReadObject();
            }

            private Object readResolve() throws ObjectStreamException {
                try {
                    return new GroupConfig(this.tMin, this.tMax, this.heartBeat, this.mode);
                } catch (Exception e) {
                    throw new InvalidObjectException(e.getMessage());
                }
            }

            public int hashCode() {
                return (31 * ((31 * ((31 * ((31 * 1) + this.heartBeat)) + Arrays.hashCode(this.mode))) + this.tMax)) + this.tMin;
            }

            public boolean equals(Object obj) {
                if (this == obj) {
                    return true;
                }
                if (obj == null || getClass() != obj.getClass()) {
                    return false;
                }
                GroupConfig groupConfig = (GroupConfig) obj;
                return this.heartBeat == groupConfig.heartBeat && Arrays.equals(this.mode, groupConfig.mode) && this.tMax == groupConfig.tMax && this.tMin == groupConfig.tMin;
            }

            public String toString() {
                return "GroupConfig [tMin=" + ((int) this.tMin) + ", tMax=" + ((int) this.tMax) + ", heartBeat=" + ((int) this.heartBeat) + ", mode=" + Arrays.toString(this.mode) + "]";
            }
        }

        private SecureGroupNode(DOFObjectID.Authentication authentication, int i, int i2, short s, byte[] bArr, Map<Integer, DOFPermissionSet> map, boolean z, GroupConfig groupConfig) {
            this.nodeID = authentication;
            this.credentialStorage = bArr != null ? (byte[]) bArr.clone() : null;
            this.isEnabled = z;
            this.sourceIdentifier = i;
            this.stateID = i2;
            this.epoch = s;
            this.permissionSetMap = new ImmutableMap<>(map);
            this.groupConfig = groupConfig;
            this.credentialTypes = null;
        }

        private SecureGroupNode(DOFObjectID.Authentication authentication, int i, int i2, short s, List<Integer> list, Map<Integer, DOFPermissionSet> map, boolean z, GroupConfig groupConfig) {
            this.nodeID = authentication;
            this.credentialTypes = new ImmutableList<>(list);
            this.isEnabled = z;
            this.sourceIdentifier = i;
            this.stateID = i2;
            this.epoch = s;
            this.permissionSetMap = new ImmutableMap<>(map);
            this.groupConfig = groupConfig;
            this.credentialStorage = null;
        }

        public int getSourceIdentifier() {
            return this.sourceIdentifier;
        }

        public Map<Integer, DOFPermissionSet> getPermissions() {
            HashMap hashMap;
            if (this.permissionSetMap == null) {
                return new HashMap();
            }
            synchronized (this.permissionSetMap) {
                hashMap = new HashMap(this.permissionSetMap);
            }
            return hashMap;
        }

        public List<Integer> getSecurityScopeIDs() {
            ArrayList arrayList;
            if (this.permissionSetMap == null) {
                return new ArrayList();
            }
            synchronized (this.permissionSetMap) {
                arrayList = new ArrayList(this.permissionSetMap.keySet());
            }
            return arrayList;
        }

        public GroupConfig getGroupConfig() {
            return this.groupConfig;
        }

        public DOFObjectID.Authentication getNodeID() {
            return this.nodeID;
        }

        public byte[] getCredentialsStorage() {
            if (this.credentialStorage == null) {
                return null;
            }
            byte[] bArr = new byte[this.credentialStorage.length];
            System.arraycopy(this.credentialStorage, 0, bArr, 0, this.credentialStorage.length);
            return bArr;
        }

        public List<Integer> getCredentialTypes() {
            ArrayList arrayList;
            if (this.credentialTypes == null) {
                return null;
            }
            synchronized (this.credentialTypes) {
                arrayList = new ArrayList(this.credentialTypes);
            }
            return arrayList;
        }

        public short getEpoch() {
            return this.epoch;
        }

        public int getStateID() {
            return this.stateID;
        }

        public boolean isEnabled() {
            return this.isEnabled;
        }

        public static SecureGroupNode create(DOFObjectID.Authentication authentication, int i, int i2, short s, byte[] bArr, Map<Integer, DOFPermissionSet> map, boolean z, GroupConfig groupConfig) {
            return new SecureGroupNode(authentication, i, i2, s, bArr, map, z, groupConfig);
        }

        public static SecureGroupNode create(DOFObjectID.Authentication authentication, int i, int i2, short s, List<Integer> list, Map<Integer, DOFPermissionSet> map, boolean z, GroupConfig groupConfig) {
            return new SecureGroupNode(authentication, i, i2, s, list, map, z, groupConfig);
        }

        private void writeObject(ObjectOutputStream objectOutputStream) throws IOException {
            objectOutputStream.defaultWriteObject();
        }

        private void readObject(ObjectInputStream objectInputStream) throws IOException, ClassNotFoundException {
            objectInputStream.defaultReadObject();
        }
    }

    /* loaded from: input_file:org/opendof/core/oal/DOFAuthenticator$SecurityType.class */
    public enum SecurityType {
        UNDEFINED,
        TWO_POINT,
        MULTI_POINT,
        ANY
    }

    /* loaded from: input_file:org/opendof/core/oal/DOFAuthenticator$State.class */
    public interface State extends DOFImmutable {
        DOFObjectID.Domain getDomainID();

        short getMaxGrantLifetime();

        short getAuthenticatorIdentifier();

        boolean isDebug();

        boolean isAvailable();

        String getName();
    }

    /* loaded from: input_file:org/opendof/core/oal/DOFAuthenticator$Storage.class */
    public interface Storage {
        void resolve(CredentialStorage credentialStorage) throws Exception;

        AuthenticationNode getNode(DOFObjectID.Authentication authentication, short s, SecurityType securityType, byte[] bArr, DOFPermissionSet dOFPermissionSet) throws Exception;

        SecureGroupNode getGroupNode(DOFObjectID.Authentication authentication) throws Exception;

        RemoteDomainNode getDomainNode(DOFObjectID.Authentication authentication, DOFObjectID.Authentication authentication2) throws Exception;

        DOFObjectID.Domain getStorageDomainID() throws Exception;

        boolean isStorageAvailable() throws Exception;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DOFAuthenticator(OALCore oALCore, Config config) {
        this.oalAuthenticator = new OALAuthenticator(this, oALCore, config, config.authData);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OALAuthenticator getOalAuthenticator() {
        return this.oalAuthenticator;
    }

    public void destroy() {
        this.oalAuthenticator.destroy();
    }

    public DOFObjectID.Domain getDomainID() {
        return this.oalAuthenticator.getDomainID();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void update(Config config) {
        this.oalAuthenticator.update(config, config.authData);
    }

    public State getState() {
        return this.oalAuthenticator.getState();
    }

    public static byte[] createSessionKey() {
        return EncryptionUtil.createSessionKey();
    }
}
