package org.opendof.core.internal.protocol.tep;

import java.util.Arrays;
import org.opendof.core.internal.core.OALChannel;
import org.opendof.core.internal.core.OALCore;
import org.opendof.core.internal.core.OALOperation;
import org.opendof.core.internal.core.OALSecurityScope;
import org.opendof.core.internal.core.OALSecurityScopeList;
import org.opendof.core.internal.core.security.DomainStore;
import org.opendof.core.internal.core.security.OALSecurityTicket;
import org.opendof.core.internal.core.security.ScopedPermissionList;
import org.opendof.core.internal.protocol.ConnectionStack;
import org.opendof.core.internal.protocol.OperationID;
import org.opendof.core.internal.protocol.PacketData;
import org.opendof.core.internal.protocol.SecurityModeLayer;
import org.opendof.core.internal.protocol.security.AuthenticationException;
import org.opendof.core.internal.protocol.security.Authenticator;
import org.opendof.core.internal.protocol.security.EncryptionUtil;
import org.opendof.core.internal.protocol.security.KeyRequest;
import org.opendof.core.internal.protocol.security.credentials.Credentials;
import org.opendof.core.internal.protocol.trp.SessionOperation;
import org.opendof.core.internal.util.AsyncRunnable;
import org.opendof.core.internal.util.BufferedPacket;
import org.opendof.core.oal.DOF;
import org.opendof.core.oal.DOFMarshalContext;
import org.opendof.core.oal.DOFMarshalException;
import org.opendof.core.oal.DOFObjectID;
import org.opendof.core.oal.DOFOperation;
import org.opendof.core.oal.DOFPacket;
import org.opendof.core.oal.security.DOFAuthenticationFailedException;
import org.opendof.core.oal.security.DOFPermission;
import org.opendof.core.oal.security.DOFPermissionSet;
import org.opendof.core.oal.security.DOFSecurityException;

/* loaded from: input_file:org/opendof/core/internal/protocol/tep/KeyRequestOperation.class */
public class KeyRequestOperation extends TEPOperation {
    public static final short OPCODE_BEGIN = 17;
    public static final short OPCODE_AUGMENT = 1;
    public static final short OPCODE_CONFIRM = 33;
    private final OALCore core;
    private final ConnectionStack stack;
    private final short duration;
    private final SecurityModeLayer mode;
    private KeyRequest initiator;
    private final boolean isRekey;
    public final boolean isConfirmAck;
    private final boolean notSecure;
    private final DOFObjectID.Domain domain_id;
    private volatile KeyRequest responder;
    private byte[] I;
    private int i_offset;
    private int i_length;
    private volatile byte[] R;
    private volatile int r_offset;
    private volatile int r_length;
    private volatile byte[] A;
    private volatile int a_offset;
    private volatile int a_length;
    private volatile byte[] S;
    private volatile int s_offset;
    private volatile int s_length;
    private volatile OALSecurityScope c_scope;
    private volatile OALSecurityScopeList i_scopes;
    private volatile OALSecurityScopeList r_scopes;
    private volatile short grantedDuration;
    private volatile OALSecurityTicket i_ticket;
    private volatile byte[] sessionKey;
    private volatile byte[] keyState;
    private volatile byte[] confirmation;
    private volatile SecurityModeLayer sm;
    private volatile int stateID;
    private volatile byte sessionStage;
    private static final int DATAGRAM_RETRY_PERIOD = 3000;
    private Credentials credentials;

    /* loaded from: input_file:org/opendof/core/internal/protocol/tep/KeyRequestOperation$AsyncPromoteKey.class */
    private static class AsyncPromoteKey implements Runnable {
        private final SecurityModeLayer sm;
        private final byte[] keyState;
        private final short maxSecsDisableDelay;

        public AsyncPromoteKey(SecurityModeLayer securityModeLayer, byte[] bArr, short s) {
            this.sm = securityModeLayer;
            this.keyState = bArr;
            this.maxSecsDisableDelay = s;
        }

        @Override // java.lang.Runnable
        public void run() {
            this.sm.promoteKey(this.keyState, this.maxSecsDisableDelay);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/opendof/core/internal/protocol/tep/KeyRequestOperation$AsyncResolveCompleteObtainSID.class */
    public class AsyncResolveCompleteObtainSID implements OALOperation.CompleteListener {
        private final Credentials credential;

        public AsyncResolveCompleteObtainSID(Credentials credentials) {
            this.credential = credentials;
        }

        @Override // org.opendof.core.internal.core.OALOperation.CompleteListener
        public void complete(OALOperation oALOperation, Exception exc) {
            try {
                if (exc != null) {
                    throw exc;
                }
                KeyRequestOperation.this.core.getDomainStore().registerCredentials(this.credential, KeyRequestOperation.this.stack.sharedConnection);
                if (KeyRequestOperation.this.stack.sharedConnection != null) {
                    KeyRequestOperation.this.stack.sharedConnection.setCredential(this.credential);
                }
                KeyRequestOperation.this.tep.setCredentials(this.credential);
                KeyRequestOperation.this.tep.beginObtainSecureSID(this.credential, new AsyncSIDObtainedSendSession(this.credential));
            } catch (Exception e) {
                if (DOF.Log.isLogError()) {
                    DOF.Log.message("KeyRequestOperation", DOF.Log.Level.ERROR, "Resolve failed with exception " + e, e);
                }
                KeyRequestOperation.this.respond(new RejectOperation(KeyRequestOperation.this.getState().asResponse(), KeyRequestOperation.this.tep, 133));
                KeyRequestOperation.this.asyncSetComplete();
            }
        }
    }

    /* loaded from: input_file:org/opendof/core/internal/protocol/tep/KeyRequestOperation$AsyncSIDObtainedSendSession.class */
    private class AsyncSIDObtainedSendSession implements OALOperation.CompleteListener {
        private final Credentials credential;

        AsyncSIDObtainedSendSession(Credentials credentials) {
            this.credential = credentials;
        }

        /* JADX WARN: Multi-variable type inference failed */
        /* JADX WARN: Type inference failed for: r0v49, types: [org.opendof.core.internal.core.OperationProcessor] */
        @Override // org.opendof.core.internal.core.OALOperation.CompleteListener
        public void complete(OALOperation oALOperation, Exception exc) {
            if (DOF.Log.isLogDebug()) {
                DOF.Log.message("KeyRequestOperation", DOF.Log.Level.DEBUG, "SID Obtained. e=" + exc);
            }
            KeyRequestOperation.this.responder = new KeyRequest(EncryptionUtil.createRandomNonce(8), this.credential.getIdentification(), KeyRequestOperation.this.tep.removeDisallowed(new DOFPermissionSet.Builder(KeyRequestOperation.this.initiator.getPermissions().getComplement()).addPermission(new DOFPermission.IAm(KeyRequestOperation.this.stack.getSecureSID())).build()));
            if (KeyRequestOperation.this.responder == null) {
                KeyRequestOperation.this.respond(new RejectOperation(KeyRequestOperation.this.getState().asResponse(), KeyRequestOperation.this.tep, 133));
                KeyRequestOperation.this.asyncSetComplete();
                return;
            }
            Authenticator.SessionRequest sessionRequest = new Authenticator.SessionRequest();
            BufferedPacket bufferedPacket = new BufferedPacket();
            try {
                KeyRequestOperation.this.mode.marshal(DOFMarshalContext.COMMAND, Short.valueOf(KeyRequestOperation.this.mode.getAppId()), bufferedPacket);
                sessionRequest.duration = KeyRequestOperation.this.duration;
                sessionRequest.mode = bufferedPacket.getByteArray(bufferedPacket.length());
                sessionRequest.initiator = KeyRequestOperation.this.initiator;
                sessionRequest.I = KeyRequestOperation.this.I;
                sessionRequest.i_length = KeyRequestOperation.this.i_length;
                sessionRequest.i_offset = KeyRequestOperation.this.i_offset;
                sessionRequest.responder = KeyRequestOperation.this.responder;
                int timeRemaining = KeyRequestOperation.this.getState().getTimeRemaining(false);
                OALChannel oALChannel = KeyRequestOperation.this.target;
                if (oALChannel == null) {
                    oALChannel = KeyRequestOperation.this.getState().getSource().getOperationProcessor();
                }
                SessionOperation sessionOperation = new SessionOperation(new OALOperation.State(KeyRequestOperation.this.core, new OALCore.EmptyOperationSource(), KeyRequestOperation.this.core.createOperationID(), timeRemaining), sessionRequest, this.credential, oALChannel, DefaultTEP.getAssociatedTRP(KeyRequestOperation.this.tep.getAppId()));
                sessionOperation.setCompleteListener(new AsyncSessionCompleteSendResponse(this.credential));
                KeyRequestOperation.this.core.process(sessionOperation);
            } catch (DOFMarshalException e) {
                KeyRequestOperation.this.respond(new RejectOperation(KeyRequestOperation.this.getState().asResponse(), KeyRequestOperation.this.tep, 130));
                KeyRequestOperation.this.asyncSetComplete();
            }
        }
    }

    /* loaded from: input_file:org/opendof/core/internal/protocol/tep/KeyRequestOperation$AsyncSendStateFinalized.class */
    private static class AsyncSendStateFinalized implements Runnable {
        private final TEP tep;
        private final SecurityModeLayer sm;
        private final boolean isRekey;
        private final int grantedDuration;
        private final int stateID;

        public AsyncSendStateFinalized(TEP tep, SecurityModeLayer securityModeLayer, boolean z, int i, int i2) {
            this.tep = tep;
            this.sm = securityModeLayer;
            this.isRekey = z;
            this.grantedDuration = i;
            this.stateID = i2;
        }

        @Override // java.lang.Runnable
        public void run() {
            this.tep.setSecurityMode(this.sm);
            this.tep.sendStateFinalized(this.isRekey);
            this.tep.open(this.grantedDuration, this.stateID);
        }
    }

    /* loaded from: input_file:org/opendof/core/internal/protocol/tep/KeyRequestOperation$AsyncSessionCompleteSendResponse.class */
    private class AsyncSessionCompleteSendResponse implements OALOperation.CompleteListener {
        private final Credentials credential;

        AsyncSessionCompleteSendResponse(Credentials credentials) {
            this.credential = credentials;
        }

        @Override // org.opendof.core.internal.core.OALOperation.CompleteListener
        public void complete(OALOperation oALOperation, Exception exc) {
            try {
                if (exc != null) {
                    throw exc;
                }
                if (oALOperation.getClass() != SessionOperation.class) {
                    throw new Exception("operation.getClass() != SessionOperation.class");
                }
                SessionOperation sessionOperation = (SessionOperation) oALOperation;
                KeyRequestOperation.this.processSessionResponse(sessionOperation.getSessionRequest(), sessionOperation.getSessionResponse(), this.credential);
            } catch (Exception e) {
                if (DOF.Log.isLogError()) {
                    DOF.Log.message("KeyRequestOperation", DOF.Log.Level.ERROR, "Session failed with exception " + e, e);
                }
                KeyRequestOperation.this.respond(new RejectOperation(KeyRequestOperation.this.getState().asResponse(), KeyRequestOperation.this.tep, 133));
                KeyRequestOperation.this.asyncSetComplete();
            }
        }
    }

    public String getName() {
        return this.core.getName() + "'TEP.KeyRequestOp";
    }

    public KeyRequestOperation(OALCore oALCore, OALOperation.State state, OALChannel oALChannel, DOFObjectID.Domain domain, TEP tep, SecurityModeLayer securityModeLayer, KeyRequest keyRequest, Credentials credentials, DOFOperation.Control control) {
        super(state, tep, oALChannel);
        this.stateID = 0;
        this.sessionStage = (byte) 0;
        this.core = oALCore;
        this.stack = null;
        this.duration = (short) 0;
        this.mode = securityModeLayer;
        this.initiator = keyRequest;
        this.credentials = credentials;
        this.isRekey = false;
        this.isConfirmAck = false;
        this.notSecure = false;
        this.domain_id = domain;
        this.sm = null;
        if (DOF.Log.isLogTrace()) {
            DOF.Log.message("KeyRequestOperation", DOF.Log.Level.TRACE, "Initiator: Created new Augment session operation. notSecure: " + this.notSecure + " domain_id: " + domain + " initiator: " + keyRequest);
        }
        if (domain.isBroadcast() || domain.hasAttributes()) {
            throw new IllegalArgumentException("KeyRequestOperation: domainID.isBroadcast() || domainID.hasAttributes()");
        }
        try {
            BufferedPacket bufferedPacket = new BufferedPacket();
            bufferedPacket.setMark(1, 0);
            this.initiator.marshal(DOFMarshalContext.COMMAND, null, bufferedPacket);
            this.mode.marshal(DOFMarshalContext.COMMAND, Short.valueOf(securityModeLayer.getAppId()), bufferedPacket);
            bufferedPacket.putByte(0);
            bufferedPacket.setMark(0, 0);
            this.I = bufferedPacket.readPacket();
            this.i_offset = bufferedPacket.getMark(0);
            this.i_length = bufferedPacket.getMark(1) - this.i_offset;
        } catch (Exception e) {
            this.I = new byte[0];
            this.i_length = 0;
            this.i_offset = 0;
        }
        if (control != null) {
            this.control = new DOFOperation.Control(control);
        }
    }

    public KeyRequestOperation(OALCore oALCore, OALOperation.State state, OALChannel oALChannel, DOFObjectID.Domain domain, short s, TEP tep, SecurityModeLayer securityModeLayer, KeyRequest keyRequest, Credentials credentials, boolean z, DOFOperation.Control control) {
        super(state, tep, oALChannel);
        this.stateID = 0;
        this.sessionStage = (byte) 0;
        this.core = oALCore;
        this.stack = null;
        this.duration = s;
        this.mode = securityModeLayer;
        this.initiator = keyRequest;
        this.credentials = credentials;
        this.isRekey = true;
        this.isConfirmAck = false;
        this.notSecure = z;
        this.domain_id = domain;
        this.sm = null;
        if (DOF.Log.isLogTrace()) {
            if (this.notSecure) {
                DOF.Log.message("KeyRequestOperation", DOF.Log.Level.TRACE, "Initiator: Created new Begin session operation. notSecure: " + this.notSecure + " duration: " + ((int) s) + " domain_id: " + domain + " mode: " + securityModeLayer);
            } else {
                DOF.Log.message("KeyRequestOperation", DOF.Log.Level.TRACE, "Initiator: Created new Extend session operation. notSecure: " + this.notSecure + " duration: " + ((int) s) + " domain_id: " + domain + " mode: " + securityModeLayer);
            }
        }
        if (domain.isBroadcast() || domain.hasAttributes()) {
            throw new IllegalArgumentException("KeyRequestOperation: domainID.isBroadcast() || domainID.hasAttributes()");
        }
        try {
            BufferedPacket bufferedPacket = new BufferedPacket();
            bufferedPacket.setMark(1, 0);
            this.initiator.marshal(DOFMarshalContext.COMMAND, null, bufferedPacket);
            this.mode.marshal(DOFMarshalContext.COMMAND, Short.valueOf(securityModeLayer.getAppId()), bufferedPacket);
            bufferedPacket.putByte(this.duration / 8);
            bufferedPacket.setMark(0, 0);
            this.I = bufferedPacket.readPacket();
            this.i_offset = bufferedPacket.getMark(0);
            this.i_length = bufferedPacket.getMark(1) - this.i_offset;
        } catch (Exception e) {
            this.I = new byte[0];
            this.i_length = 0;
            this.i_offset = 0;
        }
        if (control != null) {
            this.control = new DOFOperation.Control(control);
        }
    }

    public KeyRequestOperation(OALCore oALCore, OALOperation.State state, KeyRequestOperation keyRequestOperation, byte[] bArr, int i, boolean z) {
        super(state, keyRequestOperation.tep, null);
        this.stateID = 0;
        this.sessionStage = (byte) 0;
        this.core = oALCore;
        this.stack = null;
        this.duration = keyRequestOperation.duration;
        this.mode = keyRequestOperation.mode;
        this.initiator = keyRequestOperation.initiator;
        this.isRekey = keyRequestOperation.isRekey;
        this.isConfirmAck = false;
        this.notSecure = z;
        this.domain_id = keyRequestOperation.domain_id;
        this.sm = null;
        if (DOF.Log.isLogTrace()) {
            if (this.notSecure) {
                DOF.Log.message("KeyRequestOperation", DOF.Log.Level.TRACE, "Responder: Created Begin session operation response. notSecure: " + this.notSecure + " duration: " + ((int) this.duration) + " domain_id: " + this.domain_id + " mode: " + this.mode);
            } else {
                DOF.Log.message("KeyRequestOperation", DOF.Log.Level.TRACE, "Responder: Created Extend or Augment session operation response. Rekey: " + this.isRekey + " notSecure: " + this.notSecure + " duration: " + ((int) this.duration) + " domain_id: " + this.domain_id + " mode: " + this.mode);
            }
        }
        this.keyState = bArr;
        this.stateID = i;
        this.i_ticket = keyRequestOperation.i_ticket;
        this.grantedDuration = keyRequestOperation.grantedDuration;
        this.c_scope = keyRequestOperation.c_scope;
        this.responder = keyRequestOperation.responder;
        this.R = keyRequestOperation.R;
        this.r_offset = keyRequestOperation.r_offset;
        this.r_length = keyRequestOperation.r_length;
        this.A = keyRequestOperation.A;
        this.a_offset = keyRequestOperation.a_offset;
        this.a_length = keyRequestOperation.a_length;
        this.i_scopes = keyRequestOperation.i_scopes;
        this.r_scopes = keyRequestOperation.r_scopes;
        this.sessionKey = keyRequestOperation.sessionKey;
        setComplete();
    }

    public KeyRequestOperation(OALCore oALCore, OALOperation.State state, ConnectionStack connectionStack, TEP tep, DOFObjectID.Domain domain, DOFMarshalContext dOFMarshalContext, Object obj, BufferedPacket bufferedPacket) throws DOFMarshalException {
        super(state, tep, null);
        this.stateID = 0;
        this.sessionStage = (byte) 0;
        this.core = oALCore;
        this.stack = connectionStack;
        this.sm = null;
        this.isConfirmAck = false;
        this.notSecure = this.stack.getSecurityMode() == null;
        int i = bufferedPacket.getByte();
        if (getState().isCommand()) {
            if (i == 17) {
                if (this.notSecure) {
                    this.domain_id = DOFObjectID.Domain.create(bufferedPacket.getOID());
                } else {
                    this.domain_id = domain;
                }
                this.isRekey = true;
                if (DOF.Log.isLogTrace()) {
                    if (this.notSecure) {
                        DOF.Log.message("KeyRequestOperation", DOF.Log.Level.TRACE, "Responder: received Begin session operation. notSecure: " + this.notSecure + " domain_id: " + this.domain_id);
                    }
                    if (!this.notSecure) {
                        DOF.Log.message("KeyRequestOperation", DOF.Log.Level.TRACE, "Responder: received Begin session (Rekey) operation. notSecure: " + this.notSecure + " domain_id: " + this.domain_id);
                    }
                }
            } else {
                this.domain_id = domain;
                this.isRekey = false;
                if (DOF.Log.isLogTrace() && this.notSecure) {
                    DOF.Log.message("KeyRequestOperation", DOF.Log.Level.TRACE, "Responder: received Augment session operation. notSecure: " + this.notSecure + " domain_id: " + this.domain_id);
                }
            }
            this.I = bufferedPacket.readBuffer();
            this.i_offset = bufferedPacket.getFrontBufferSize();
            this.duration = (short) (bufferedPacket.getByte() * 8);
            if (!this.isRekey && this.duration != 0) {
                throw new DOFMarshalException("KeyRequestOperation unmarshal failed: !isRekey && duration != 0", null);
            }
            if (bufferedPacket.readByte(0) != 2) {
                throw new DOFMarshalException("KeyRequestOperation unmarshal failed: code != DefaultDSP.CODE_MODE", null);
            }
            try {
                Object securityMode = this.stack.factory.getSecurityMode((short) bufferedPacket.readShort(1), dOFMarshalContext, null, bufferedPacket);
                if (this.stack.getSecurityMode() == null) {
                    this.mode = (SecurityModeLayer) securityMode;
                    this.mode.init(this.stack);
                } else {
                    this.mode = this.stack.getSecurityMode();
                }
                this.initiator = new KeyRequest(dOFMarshalContext, this.domain_id, bufferedPacket);
                if (connectionStack.sharedConnection != null) {
                    connectionStack.sharedConnection.setPeerCredential(this.initiator.getCredentials());
                }
                this.i_length = bufferedPacket.getFrontBufferSize() - this.i_offset;
                return;
            } catch (Exception e) {
                throw new DOFMarshalException("KeyRequestOperation unmarshal failed: mode unmarshal failed", e);
            }
        }
        OALOperation operation = this.core.getOperation(state.getOperationID());
        if (operation == null) {
            this.isRekey = false;
            this.mode = null;
            this.duration = (short) 0;
            this.domain_id = null;
            this.grantedDuration = (short) -1;
            return;
        }
        this.isRekey = ((KeyRequestOperation) operation).isRekey();
        if (DOF.Log.isLogTrace()) {
            if (this.notSecure) {
                DOF.Log.message("KeyRequestOperation", DOF.Log.Level.TRACE, "Initiator: received Begin session operation response. notSecure: " + this.notSecure);
            }
            if (!this.notSecure) {
                DOF.Log.message("KeyRequestOperation", DOF.Log.Level.TRACE, "Initiator: received Begin session (Rekey) operation response. notSecure: " + this.notSecure);
            }
        }
        this.i_ticket = new OALSecurityTicket(dOFMarshalContext, DefaultTEP.getCipherAlgorithm(tep.getAppId()), bufferedPacket);
        this.duration = (short) 0;
        this.domain_id = domain;
        this.mode = null;
        this.initiator = null;
        this.confirmation = bufferedPacket.getByteArray(32);
        this.S = bufferedPacket.readBuffer();
        this.s_offset = bufferedPacket.getFrontBufferSize();
        if (this.notSecure) {
            this.stateID = bufferedPacket.getCompressedLong();
        }
        if (this.isRekey) {
            this.keyState = bufferedPacket.getByteArray(bufferedPacket.getCompressedShort());
        }
        this.s_length = bufferedPacket.getFrontBufferSize() - this.s_offset;
        this.R = bufferedPacket.readBuffer();
        this.r_offset = bufferedPacket.getFrontBufferSize();
        this.responder = new KeyRequest(DOFMarshalContext.COMMAND, this.domain_id, bufferedPacket);
        if (connectionStack.sharedConnection != null) {
            connectionStack.sharedConnection.setPeerCredential(this.responder.getCredentials());
        }
        this.r_length = bufferedPacket.getFrontBufferSize() - this.r_offset;
        this.A = bufferedPacket.readBuffer();
        this.a_offset = bufferedPacket.getFrontBufferSize();
        this.grantedDuration = (short) (bufferedPacket.getByte() * 8);
        this.c_scope = oALCore.globalFactory.createSecurityScope(oALCore, (DomainStore.DomainAlias) null, dOFMarshalContext, (Object) null, bufferedPacket);
        this.i_scopes = new OALSecurityScopeList(oALCore, null, dOFMarshalContext, this.c_scope, bufferedPacket);
        this.r_scopes = new OALSecurityScopeList(oALCore, null, dOFMarshalContext, this.c_scope, bufferedPacket);
        this.a_length = bufferedPacket.getFrontBufferSize() - this.a_offset;
    }

    public KeyRequestOperation(OALCore oALCore, OALOperation.State state, OALChannel oALChannel, TEP tep, SecurityModeLayer securityModeLayer, byte[] bArr, byte[] bArr2, boolean z, DOFOperation.Control control) {
        super(state, tep, oALChannel);
        this.stateID = 0;
        this.sessionStage = (byte) 0;
        this.core = oALCore;
        this.stack = null;
        this.duration = (short) 0;
        this.mode = null;
        this.initiator = null;
        this.isRekey = false;
        this.isConfirmAck = false;
        this.notSecure = false;
        this.domain_id = null;
        this.keyState = bArr;
        this.confirmation = bArr2;
        this.sm = securityModeLayer;
        this.sessionStage = (byte) 1;
        if (DOF.Log.isLogTrace()) {
            DOF.Log.message("KeyRequestOperation", DOF.Log.Level.TRACE, "Initiator: Created new confirm operation. Rekey: " + this.isRekey);
        }
        if (control != null) {
            this.control = new DOFOperation.Control(control);
        }
    }

    public KeyRequestOperation(KeyRequestOperation keyRequestOperation, OALOperation.State state, OALChannel oALChannel, SecurityModeLayer securityModeLayer, DOFOperation.Control control) {
        super(state, keyRequestOperation.tep, oALChannel);
        this.stateID = 0;
        this.sessionStage = (byte) 0;
        this.core = keyRequestOperation.core;
        this.stack = keyRequestOperation.stack;
        this.duration = (short) 0;
        this.mode = keyRequestOperation.mode;
        this.initiator = keyRequestOperation.initiator;
        this.isRekey = false;
        this.isConfirmAck = true;
        this.notSecure = keyRequestOperation.notSecure;
        this.domain_id = keyRequestOperation.domain_id;
        this.sm = securityModeLayer;
        this.sessionStage = (byte) 1;
        this.grantedDuration = keyRequestOperation.grantedDuration;
        this.stateID = keyRequestOperation.stateID;
        if (DOF.Log.isLogTrace()) {
            DOF.Log.message("KeyRequestOperation", DOF.Log.Level.TRACE, "Responder: Created new confirm ACK response operation. Rekey: " + this.isRekey);
        }
        if (control != null) {
            this.control = new DOFOperation.Control(control);
        }
    }

    public KeyRequestOperation(OALCore oALCore, OALOperation.State state, ConnectionStack connectionStack, TEP tep, DOFMarshalContext dOFMarshalContext, Object obj, BufferedPacket bufferedPacket, boolean z) throws DOFMarshalException {
        super(state, tep, null);
        this.stateID = 0;
        this.sessionStage = (byte) 0;
        this.core = oALCore;
        this.stack = connectionStack;
        this.duration = (short) 0;
        this.mode = connectionStack.getSecurityMode();
        this.initiator = null;
        this.notSecure = this.mode == null;
        this.isRekey = z;
        this.domain_id = null;
        this.keyState = null;
        bufferedPacket.getByte();
        if (dOFMarshalContext == DOFMarshalContext.COMMAND) {
            this.confirmation = bufferedPacket.getByteArray(32);
            this.isConfirmAck = false;
        } else {
            this.isConfirmAck = true;
        }
        this.sm = null;
        this.sessionStage = (byte) 1;
        if (DOF.Log.isLogTrace()) {
            DOF.Log.message("KeyRequestOperation", DOF.Log.Level.TRACE, "Responder: received confirm operation. Rekey: " + this.isRekey + " notSecure: " + this.notSecure);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void processSessionResponse(Authenticator.SessionRequest sessionRequest, Authenticator.SessionResponse sessionResponse, Credentials credentials) throws DOFSecurityException {
        this.i_ticket = sessionResponse.initiator;
        this.grantedDuration = sessionResponse.granted;
        this.c_scope = sessionResponse.c_securityScope;
        this.R = sessionRequest.R;
        this.r_offset = sessionRequest.r_offset;
        this.r_length = sessionRequest.r_length;
        this.A = sessionResponse.A;
        this.a_offset = sessionResponse.a_offset;
        this.a_length = sessionResponse.a_length;
        this.i_scopes = sessionResponse.i_securityScopes;
        this.r_scopes = sessionResponse.r_securityScopes;
        this.sessionKey = sessionResponse.responder.getSessionKey(credentials.getSharedSecret());
        if (this.isRekey) {
            this.keyState = this.mode.setKey(this.sessionKey);
        } else {
            this.keyState = new byte[0];
        }
        if (!this.c_scope.hasIDs()) {
            respond(new RejectOperation(getState().asResponse(), this.tep, 133));
            asyncSetComplete();
            return;
        }
        this.stateID = this.tep.getStateID();
        this.tep.setOutboundScope(this.c_scope);
        this.stack.setKeyState(this.keyState);
        this.i_scopes = this.i_scopes.intersectWith(this.tep.getOutboundScope());
        this.r_scopes = this.r_scopes.intersectWith(this.tep.getOutboundScope());
        if (this.isRekey) {
            if (this.stack.isInbound) {
                sessionRequest.initiator.getPermissions();
            }
            byte b = 0;
            if (this.tep.getSecurityMode() != null) {
                b = this.tep.getSecurityMode().getCurrentKeyPeriod();
                if (this.tep.getSecurityMode().isReady()) {
                    b = (byte) (b + 1);
                    if (b >= 8) {
                        b = 0;
                    }
                }
            }
            this.stack.resetConnectTime();
            ScopedPermissionList create = ScopedPermissionList.create(sessionRequest.initiator.getPermissions(), this.i_scopes);
            ScopedPermissionList create2 = ScopedPermissionList.create(sessionRequest.responder.getPermissions(), this.r_scopes);
            this.tep.addInboundPermissions(b, create);
            this.tep.addOutboundPermissions(b, create2);
        } else {
            ScopedPermissionList create3 = ScopedPermissionList.create(sessionRequest.initiator.getPermissions(), this.i_scopes);
            ScopedPermissionList create4 = ScopedPermissionList.create(sessionRequest.responder.getPermissions(), this.r_scopes);
            this.tep.addInboundPermissions(create3);
            this.tep.addOutboundPermissions(create4);
        }
        respond(new KeyRequestOperation(this.core, getState().asResponse(getState().getActualSecurity()), this, this.keyState, this.stateID, !this.tep.isComplete()));
    }

    @Override // org.opendof.core.internal.protocol.tep.TEPOperation
    public void process() {
        if (getSessionStage() == 0) {
            beginProcess();
            return;
        }
        if (Arrays.equals(this.tep.getExpectedConfirmation(getState().getOperationID()), this.confirmation)) {
            this.tep.removeExpectedConfirmation(getState().getOperationID());
            this.tep.receiveStateFinalized(this.isRekey);
        } else {
            this.tep.close(new AuthenticationException(AuthenticationException.INTERNAL_ERROR, "Confirmation invalid."));
            setComplete();
        }
        this.core.getAuthThreadPool().submit(new AsyncRunnable() { // from class: org.opendof.core.internal.protocol.tep.KeyRequestOperation.1
            @Override // java.lang.Runnable
            public void run() {
                DOFOperation.Control control = null;
                if (KeyRequestOperation.this.stack.isDatagram) {
                    control = new DOFOperation.Control();
                    control.setRetryPeriod(KeyRequestOperation.DATAGRAM_RETRY_PERIOD);
                }
                if (KeyRequestOperation.this.tep.hasSentNoOp()) {
                    KeyRequestOperation.this.respond(new KeyRequestOperation(KeyRequestOperation.this, KeyRequestOperation.this.getState().asResponse(KeyRequestOperation.this.getState().getActualSecurity()), KeyRequestOperation.this.stack.sharedConnection, KeyRequestOperation.this.sm, control));
                } else {
                    KeyRequestOperation.this.tep.setSentNoOp();
                    PacketData packetData = new PacketData(null);
                    packetData.raw = new BufferedPacket(96, 80);
                    packetData.appVersion = KeyRequestOperation.this.tep.getAppId();
                    try {
                        KeyRequestOperation.this.stack.sendApp(packetData);
                    } catch (Exception e) {
                    }
                }
                KeyRequestOperation.this.setComplete();
            }

            @Override // org.opendof.core.internal.util.NameableRunnable
            public String getName() {
                return KeyRequestOperation.this.core.getName() + "-KeyRequestOperation.process";
            }
        });
    }

    private void beginProcess() {
        try {
            Credentials responder = this.tep.getResponder(this.initiator);
            if (responder == null) {
                throw new AuthenticationException(DOFSecurityException.AUTHENTICATION_FAILED, "No responder credentials");
            }
            responder.beginResolve(this.core, this.stack.sharedConnection, 30000, new AsyncResolveCompleteObtainSID(responder));
        } catch (Exception e) {
            respond(new RejectOperation(getState().asResponse(), this.tep, 133));
            asyncSetComplete();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.opendof.core.internal.core.OALOperation
    public void setState(OALOperation oALOperation) {
        super.setState(oALOperation);
        if (oALOperation instanceof KeyRequestOperation) {
            KeyRequestOperation keyRequestOperation = (KeyRequestOperation) oALOperation;
            this.sessionStage = keyRequestOperation.sessionStage;
            this.confirmation = keyRequestOperation.confirmation;
        }
    }

    public byte[] getSessionKey() {
        return this.sessionKey;
    }

    public byte[] getSessionState() {
        return this.keyState;
    }

    public KeyRequest getInitiatorRequest() {
        return this.initiator;
    }

    public KeyRequest getResponderRequest() {
        return this.responder;
    }

    public OALSecurityScope getInboundScope(DOFPermission dOFPermission) {
        return null;
    }

    public OALSecurityScope getOutboundScope() {
        return this.c_scope;
    }

    public OALSecurityScopeList getInitiatorScopeList() {
        return this.i_scopes;
    }

    public OALSecurityScopeList getResponderScopeList() {
        return this.r_scopes;
    }

    public int getGrantMinutes() {
        return this.grantedDuration;
    }

    public int getStateID() {
        return this.stateID;
    }

    public boolean isRekey() {
        return this.isRekey;
    }

    public int getRemoteDomainIdentifier() {
        return -1;
    }

    public void setConfirmation(byte[] bArr) {
        this.confirmation = bArr;
    }

    public void setSecurityModeLayer(SecurityModeLayer securityModeLayer) {
        this.sm = securityModeLayer;
    }

    public void setKeyState(byte[] bArr) {
        this.keyState = bArr;
    }

    public void setSessionStage(byte b) {
        this.sessionStage = b;
    }

    public byte getSessionStage() {
        return this.sessionStage;
    }

    @Override // org.opendof.core.internal.protocol.tep.TEPOperation
    public void processResponse(TEPOperation tEPOperation) {
        try {
            if (tEPOperation.getClass() == KeyRequestOperation.class) {
                KeyRequestOperation keyRequestOperation = (KeyRequestOperation) tEPOperation;
                if (keyRequestOperation.isConfirmAck) {
                    asyncSetComplete();
                    return;
                }
                this.i_ticket = keyRequestOperation.i_ticket;
                this.grantedDuration = keyRequestOperation.grantedDuration;
                this.c_scope = keyRequestOperation.c_scope;
                if (this.notSecure) {
                    this.stateID = keyRequestOperation.stateID;
                }
                if (this.isRekey) {
                    this.keyState = keyRequestOperation.keyState;
                }
                this.sessionKey = this.i_ticket.getSessionKey(this.credentials.getSharedSecret());
                this.responder = keyRequestOperation.responder;
                this.S = keyRequestOperation.S;
                this.s_offset = keyRequestOperation.s_offset;
                this.s_length = keyRequestOperation.s_length;
                this.R = keyRequestOperation.R;
                this.r_offset = keyRequestOperation.r_offset;
                this.r_length = keyRequestOperation.r_length;
                this.A = keyRequestOperation.A;
                this.a_offset = keyRequestOperation.a_offset;
                this.a_length = keyRequestOperation.a_length;
                this.i_scopes = keyRequestOperation.i_scopes;
                this.r_scopes = keyRequestOperation.r_scopes;
                this.i_ticket = keyRequestOperation.i_ticket;
                byte[] bArr = new byte[16];
                System.arraycopy(this.initiator.getNonce(), 0, bArr, 16 - this.initiator.getNonce().length, this.initiator.getNonce().length);
                byte[] bArr2 = new byte[16];
                System.arraycopy(this.responder.getNonce(), 0, bArr2, 16 - this.responder.getNonce().length, this.responder.getNonce().length);
                this.confirmation = EncryptionUtil.hmac_SHA256(this.sessionKey, null, bArr, 0, 16, bArr2, 0, 16, this.S, this.s_offset, this.s_length, this.responder.getCredentials().getIdentity().getBytes());
                if (!Arrays.equals(this.confirmation, keyRequestOperation.confirmation)) {
                    throw new DOFAuthenticationFailedException();
                }
            } else if (tEPOperation.getClass() == RejectOperation.class && this.isRekey) {
                TEP tep = this.tep != null ? this.tep : tEPOperation.tep;
                if (tep != null) {
                    tep.rekeyFailed();
                    if (!tep.isComplete()) {
                        tep.close(new DOFAuthenticationFailedException());
                    }
                }
            }
            respond(tEPOperation);
        } catch (DOFSecurityException e) {
            respond(new RejectOperation(getState().asResponse(), this.tep, 133));
        }
        if (((DefaultTEP) tEPOperation.tep).getStack().isStreaming) {
            asyncSetComplete();
        }
    }

    @Override // org.opendof.core.internal.core.OALOperation, org.opendof.core.internal.protocol.Marshallable
    public void marshal(DOFMarshalContext dOFMarshalContext, Object obj, DOFPacket dOFPacket) throws DOFMarshalException {
        BufferedPacket bufferedPacket = (BufferedPacket) dOFPacket;
        PacketData packetData = (PacketData) obj;
        if (dOFMarshalContext == DOFMarshalContext.COMMAND) {
            if (getSessionStage() > 0) {
                bufferedPacket.putByteArray(this.confirmation);
                if (this.isRekey) {
                    packetData.setPostSendRunnable(new AsyncPromoteKey(this.sm, this.keyState, (short) 0));
                }
                bufferedPacket.putByte(33);
                return;
            }
            bufferedPacket.putByteArray(this.I, this.i_offset, this.i_length);
            if (!this.isRekey) {
                bufferedPacket.putByte(1);
                return;
            }
            if (this.notSecure) {
                bufferedPacket.putOID(this.domain_id);
            }
            bufferedPacket.putByte(17);
            return;
        }
        if (this.isConfirmAck) {
            bufferedPacket.putByte(33);
            return;
        }
        bufferedPacket.putByteArray(this.A, this.a_offset, this.a_length);
        bufferedPacket.putByteArray(this.R, this.r_offset, this.r_length);
        bufferedPacket.setMark(5, 0);
        if (this.isRekey) {
            bufferedPacket.putByteArray(this.keyState);
            bufferedPacket.putCompressedShort((short) this.keyState.length);
        }
        if (this.notSecure) {
            bufferedPacket.putCompressedLong(this.stateID);
        }
        bufferedPacket.setMark(4, 0);
        this.S = bufferedPacket.readPacket();
        this.s_offset = bufferedPacket.getMark(4);
        this.s_length = bufferedPacket.getMark(5) - this.s_offset;
        byte[] bArr = new byte[16];
        System.arraycopy(this.initiator.getNonce(), 0, bArr, 16 - this.initiator.getNonce().length, this.initiator.getNonce().length);
        byte[] bArr2 = new byte[16];
        System.arraycopy(this.responder.getNonce(), 0, bArr2, 16 - this.responder.getNonce().length, this.responder.getNonce().length);
        this.confirmation = EncryptionUtil.hmac_SHA256(this.sessionKey, null, bArr, 0, 16, bArr2, 0, 16, this.S, this.s_offset, this.s_length, this.responder.getCredentials().getIdentity().getBytes());
        bufferedPacket.putByteArray(this.confirmation);
        OperationID operationID = getState().getOperationID();
        if (operationID.getSourceID() == null && packetData.DPP.getPeerSourceID() != null) {
            operationID = new OperationID(packetData.DPP.getPeerSourceID(), operationID.getCount());
        }
        this.tep.setExpectedConfirmation(operationID, EncryptionUtil.hmac_SHA256(this.sessionKey, null, bArr, 0, 16, bArr2, 0, 16, null, 0, 0, null));
        this.i_ticket.marshal(dOFMarshalContext, null, bufferedPacket);
        if (this.isRekey) {
            packetData.setPostSendRunnable(new AsyncSendStateFinalized(this.tep, this.mode, true, this.grantedDuration, this.stateID));
        }
        bufferedPacket.putByte(1);
    }
}
