package org.snmp4j.security;

import java.io.IOException;
import java.nio.ByteBuffer;
import java.util.Random;
import java.util.Vector;
import org.snmp4j.SNMP4JSettings;
import org.snmp4j.TransportStateReference;
import org.snmp4j.asn1.BER;
import org.snmp4j.asn1.BERInputStream;
import org.snmp4j.asn1.BEROutputStream;
import org.snmp4j.event.CounterEvent;
import org.snmp4j.event.UsmUserEvent;
import org.snmp4j.event.UsmUserListener;
import org.snmp4j.log.LogAdapter;
import org.snmp4j.log.LogFactory;
import org.snmp4j.mp.CounterSupport;
import org.snmp4j.mp.MPv3;
import org.snmp4j.mp.SnmpConstants;
import org.snmp4j.mp.StatusInformation;
import org.snmp4j.smi.Integer32;
import org.snmp4j.smi.OID;
import org.snmp4j.smi.OctetString;
import org.snmp4j.smi.VariableBinding;

/* loaded from: classes4.dex */
public class USM extends SNMPv3SecurityModel {
    private static final LogAdapter h = LogFactory.d(USM.class);
    private UsmUserTable b;
    private UsmTimeTable c;
    private boolean d;
    private SecurityProtocols e;
    private transient Vector<UsmUserListener> f;
    private CounterSupport g;

    public USM() {
        this(SecurityProtocols.g().b(), new OctetString(MPv3.k(t())), 0);
    }

    public USM(SecurityProtocols securityProtocols, OctetString octetString, int i) {
        this.d = true;
        this.f9693a = octetString;
        this.c = new UsmTimeTable(octetString, i);
        this.b = new UsmUserTable();
        this.e = securityProtocols;
        this.g = CounterSupport.b();
    }

    private OctetString p(OctetString octetString, OctetString octetString2) {
        UsmUserEntry b;
        if (octetString2.Q() == 0) {
            return octetString2;
        }
        UsmUserEntry d = this.b.d(octetString, octetString2);
        if (d != null) {
            return d.g().q();
        }
        if (!s() || (b = this.b.b(octetString2)) == null) {
            return null;
        }
        return b.g().q();
    }

    private static OctetString t() {
        byte[] bArr = new byte[8];
        new Random().nextBytes(bArr);
        return new OctetString(bArr);
    }

    @Override // org.snmp4j.security.SecurityModel
    public SecurityParameters a() {
        return new UsmSecurityParameters();
    }

    @Override // org.snmp4j.security.SecurityModel
    public int b(int i, byte[] bArr, int i2, int i3, byte[] bArr2, byte[] bArr3, int i4, BERInputStream bERInputStream, SecurityParameters securityParameters, BEROutputStream bEROutputStream, TransportStateReference transportStateReference) throws IOException {
        return f(i, bArr, i2, i3, bArr2, bArr3, i4, bERInputStream, null, securityParameters, bEROutputStream);
    }

    @Override // org.snmp4j.security.SecurityModel
    public SecurityStateReference c() {
        return new UsmSecurityStateReference();
    }

    @Override // org.snmp4j.security.SecurityModel
    public int d(int i, int i2, SecurityParameters securityParameters, SecurityModel securityModel, int i3, BERInputStream bERInputStream, TransportStateReference transportStateReference, OctetString octetString, OctetString octetString2, BEROutputStream bEROutputStream, Integer32 integer32, SecurityStateReference securityStateReference, StatusInformation statusInformation) throws IOException {
        int i4;
        PrivacyProtocol privacyProtocol;
        int i5;
        UsmSecurityParameters usmSecurityParameters = (UsmSecurityParameters) securityParameters;
        UsmSecurityStateReference usmSecurityStateReference = (UsmSecurityStateReference) securityStateReference;
        octetString.R(usmSecurityParameters.h());
        byte[] i6 = SNMPv3SecurityModel.i(bERInputStream);
        if (octetString.Q() == 0 || this.c.b(octetString, s(), usmSecurityParameters.g(), usmSecurityParameters.i()) != 0) {
            LogAdapter logAdapter = h;
            if (logAdapter.c()) {
                logAdapter.i("RFC3414 §3.2.3 Unknown engine ID: " + octetString.T());
            }
            octetString.R(usmSecurityParameters.h());
            octetString2.R(usmSecurityParameters.u().O());
            if (statusInformation == null) {
                return 1410;
            }
            CounterEvent counterEvent = new CounterEvent(this, SnmpConstants.o);
            l(counterEvent);
            statusInformation.k(new Integer32(i3));
            statusInformation.g(new VariableBinding(counterEvent.d(), counterEvent.a()));
            return 1410;
        }
        octetString2.R(usmSecurityParameters.u().O());
        int s = usmSecurityParameters.s();
        if (usmSecurityParameters.u().Q() <= 0 && i3 <= 1) {
            LogAdapter logAdapter2 = h;
            if (logAdapter2.c()) {
                logAdapter2.i("Accepting zero length security name");
            }
            octetString2.R(new byte[0]);
        } else if (p(octetString, usmSecurityParameters.u()) == null) {
            LogAdapter logAdapter3 = h;
            if (logAdapter3.c()) {
                logAdapter3.i("RFC3414 §3.2.4 Unknown security name: " + octetString2.T());
            }
            if (statusInformation != null) {
                CounterEvent counterEvent2 = new CounterEvent(this, SnmpConstants.n);
                l(counterEvent2);
                statusInformation.k(new Integer32(1));
                statusInformation.g(new VariableBinding(counterEvent2.d(), counterEvent2.a()));
            }
            return 1404;
        }
        if (usmSecurityParameters.u().Q() > 0 || i3 > 1) {
            UsmUserEntry q = q(octetString, octetString2);
            if (q == null) {
                LogAdapter logAdapter4 = h;
                if (logAdapter4.c()) {
                    logAdapter4.i("RFC3414 §3.2.4 Unknown security name: " + octetString2.T() + " for engine ID " + octetString.T());
                }
                CounterEvent counterEvent3 = new CounterEvent(this, SnmpConstants.n);
                l(counterEvent3);
                if (statusInformation != null) {
                    if (SNMP4JSettings.d() == SNMP4JSettings.ReportSecurityLevelStrategy.noAuthNoPrivIfNeeded) {
                        statusInformation.k(new Integer32(1));
                    }
                    statusInformation.g(new VariableBinding(counterEvent3.d(), counterEvent3.a()));
                }
                return 1404;
            }
            usmSecurityStateReference.m(q.e().O());
            AuthenticationProtocol e = this.e.e(q.g().d());
            PrivacyProtocol n = this.e.n(q.g().o());
            usmSecurityStateReference.g(q.a());
            usmSecurityStateReference.i(q.d());
            usmSecurityStateReference.h(e);
            usmSecurityStateReference.j(n);
            if ((i3 >= 2 && e == null) || (i3 >= 3 && n == null)) {
                LogAdapter logAdapter5 = h;
                if (logAdapter5.c()) {
                    logAdapter5.i("RFC3414 §3.2.5 - Unsupported security level: " + i3 + " by user " + q);
                }
                CounterEvent counterEvent4 = new CounterEvent(this, SnmpConstants.l);
                l(counterEvent4);
                if (SNMP4JSettings.d() == SNMP4JSettings.ReportSecurityLevelStrategy.noAuthNoPrivIfNeeded) {
                    statusInformation.k(new Integer32(1));
                }
                statusInformation.g(new VariableBinding(counterEvent4.d(), counterEvent4.a()));
                return 1403;
            }
            if (i3 >= 2) {
                if (statusInformation != null) {
                    privacyProtocol = n;
                    i5 = s;
                    if (!e.c(q.a(), i6, 0, i6.length, new ByteArrayWindow(i6, usmSecurityParameters.a() + usmSecurityParameters.t(), e.I()))) {
                        LogAdapter logAdapter6 = h;
                        if (logAdapter6.c()) {
                            logAdapter6.i("RFC3414 §3.2.6 Wrong digest -> authentication failure: " + usmSecurityParameters.e().T());
                        }
                        CounterEvent counterEvent5 = new CounterEvent(this, SnmpConstants.p);
                        l(counterEvent5);
                        if (SNMP4JSettings.d() == SNMP4JSettings.ReportSecurityLevelStrategy.noAuthNoPrivIfNeeded) {
                            statusInformation.k(new Integer32(1));
                        }
                        statusInformation.g(new VariableBinding(counterEvent5.d(), counterEvent5.a()));
                        return 1408;
                    }
                    int d = this.c.d(new UsmTimeEntry(octetString, usmSecurityParameters.g(), usmSecurityParameters.i()));
                    if (d == 1410) {
                        LogAdapter logAdapter7 = h;
                        if (logAdapter7.c()) {
                            logAdapter7.i("RFC3414 §3.2.7.b - Unknown engine ID: " + octetString);
                        }
                        CounterEvent counterEvent6 = new CounterEvent(this, SnmpConstants.o);
                        l(counterEvent6);
                        if (SNMP4JSettings.d() == SNMP4JSettings.ReportSecurityLevelStrategy.noAuthNoPrivIfNeeded) {
                            statusInformation.k(new Integer32(1));
                        }
                        statusInformation.g(new VariableBinding(counterEvent6.d(), counterEvent6.a()));
                        return d;
                    }
                    if (d == 1411) {
                        h.i("RFC3414 §3.2.7.a Not in time window; engineID='" + octetString + "', engineBoots=" + usmSecurityParameters.g() + ", engineTime=" + usmSecurityParameters.i());
                        CounterEvent counterEvent7 = new CounterEvent(this, SnmpConstants.m);
                        l(counterEvent7);
                        statusInformation.k(new Integer32(2));
                        statusInformation.g(new VariableBinding(counterEvent7.d(), counterEvent7.a()));
                        return d;
                    }
                } else {
                    privacyProtocol = n;
                    i5 = s;
                }
                if (i3 >= 3) {
                    OctetString q2 = usmSecurityParameters.q();
                    DecryptParams decryptParams = new DecryptParams(q2.O(), 0, q2.Q());
                    try {
                        int i7 = i5;
                        BERInputStream bERInputStream2 = new BERInputStream(ByteBuffer.wrap(i6, i7, i6.length - i7));
                        long h2 = bERInputStream2.h();
                        int d2 = BER.d(bERInputStream2, new BER.MutableByte());
                        int h3 = i7 + ((int) (bERInputStream2.h() - h2));
                        bERInputStream2.close();
                        i4 = 0;
                        bEROutputStream.j(ByteBuffer.wrap(privacyProtocol.z0(i6, h3, d2, q.d(), usmSecurityParameters.g(), usmSecurityParameters.i(), decryptParams)));
                    } catch (Exception e2) {
                        h.i("RFC 3414 §3.2.8 Decryption error: " + e2.getMessage());
                        return 1406;
                    }
                } else {
                    int i8 = i5;
                    i4 = 0;
                    bEROutputStream.j(ByteBuffer.wrap(i6, i8, i6.length - i8));
                }
            } else {
                i4 = 0;
                bEROutputStream.j(ByteBuffer.wrap(i6, s, i6.length - s));
            }
        } else {
            bEROutputStream.j(ByteBuffer.wrap(i6, s, i6.length - s));
            i4 = 0;
        }
        integer32.z(i2 - usmSecurityParameters.l(i3));
        usmSecurityStateReference.l(octetString2.O());
        return i4;
    }

    @Override // org.snmp4j.security.SecurityModel
    public boolean e() {
        return true;
    }

    @Override // org.snmp4j.security.SecurityModel
    public int f(int i, byte[] bArr, int i2, int i3, byte[] bArr2, byte[] bArr3, int i4, BERInputStream bERInputStream, SecurityStateReference securityStateReference, SecurityParameters securityParameters, BEROutputStream bEROutputStream) throws IOException {
        byte[] j;
        UsmSecurityParameters usmSecurityParameters = (UsmSecurityParameters) securityParameters;
        if (securityStateReference != null) {
            UsmSecurityStateReference usmSecurityStateReference = (UsmSecurityStateReference) securityStateReference;
            if (usmSecurityStateReference.e() == null) {
                usmSecurityParameters.A(bArr2);
                usmSecurityStateReference.k(bArr2);
            }
            if (usmSecurityStateReference.f() == null) {
                OctetString octetString = new OctetString(bArr3);
                usmSecurityStateReference.l(octetString.O());
                usmSecurityParameters.G(octetString);
                OctetString p = p(new OctetString(bArr2), octetString);
                if (p != null && p.Q() <= 32) {
                    usmSecurityParameters.G(p);
                }
            } else {
                usmSecurityParameters.G(new OctetString(usmSecurityStateReference.f()));
            }
            usmSecurityParameters.y(usmSecurityStateReference.b());
            usmSecurityParameters.F(usmSecurityStateReference.d());
            usmSecurityParameters.v(usmSecurityStateReference.a());
            usmSecurityParameters.C(usmSecurityStateReference.c());
        } else {
            OctetString octetString2 = new OctetString();
            if (bArr2 != null) {
                octetString2.R(bArr2);
            }
            OctetString octetString3 = new OctetString(bArr3);
            UsmUserEntry usmUserEntry = null;
            if (octetString2.Q() != 0) {
                usmUserEntry = q(octetString2, octetString3);
            } else {
                if (!s()) {
                    LogAdapter logAdapter = h;
                    if (!logAdapter.c()) {
                        return 1410;
                    }
                    logAdapter.i("Engine ID unknown and discovery disabled");
                    return 1410;
                }
                if (r(null, octetString3)) {
                    usmUserEntry = new UsmUserEntry();
                }
            }
            if (usmUserEntry == null) {
                LogAdapter logAdapter2 = h;
                if (!logAdapter2.c()) {
                    return 1404;
                }
                logAdapter2.i("Security name not found for engineID=" + octetString2.T() + ", securityName=" + octetString3.T());
                return 1404;
            }
            AuthenticationProtocol e = this.e.e(usmUserEntry.g().d());
            PrivacyProtocol n = this.e.n(usmUserEntry.g().o());
            usmSecurityParameters.y(e);
            usmSecurityParameters.F(n);
            usmSecurityParameters.v(usmUserEntry.a());
            usmSecurityParameters.C(usmUserEntry.d());
            usmSecurityParameters.G(usmUserEntry.g().q());
            usmSecurityParameters.A(octetString2.O());
        }
        if (usmSecurityParameters.h().length > 32) {
            h.f("Engine ID too long: " + usmSecurityParameters.h().length + ">32 for " + new OctetString(usmSecurityParameters.h()).T());
            return 1415;
        }
        if (bArr3.length > 32) {
            h.f("Security name too long: " + usmSecurityParameters.h().length + ">32 for " + new OctetString(bArr3).T());
            return 1416;
        }
        if (i4 >= 2) {
            if (securityStateReference != null) {
                usmSecurityParameters.z(n());
                usmSecurityParameters.B(o());
            } else {
                OctetString octetString4 = new OctetString(bArr2);
                UsmTimeEntry l = this.c.l(octetString4);
                if (l == null) {
                    this.c.a(new UsmTimeEntry(octetString4, usmSecurityParameters.g(), usmSecurityParameters.i()));
                } else {
                    usmSecurityParameters.z(l.a());
                    usmSecurityParameters.B(l.d());
                }
            }
        }
        if (i4 >= 2 && usmSecurityParameters.f() == null) {
            return 1403;
        }
        byte[] i5 = SNMPv3SecurityModel.i(bERInputStream);
        if (i4 != 3) {
            h.i("RFC3414 §3.1.4.b Outgoing message is not encrypted");
            usmSecurityParameters.E(new OctetString());
        } else {
            if (usmSecurityParameters.r() == null) {
                LogAdapter logAdapter3 = h;
                if (logAdapter3.c()) {
                    logAdapter3.i("Unsupported security level (missing or unsupported privacy protocol): Security params are " + usmSecurityParameters);
                }
                return 1403;
            }
            LogAdapter logAdapter4 = h;
            logAdapter4.i("RFC3414 §3.1.4.a Outgoing message needs to be encrypted");
            DecryptParams decryptParams = new DecryptParams();
            byte[] G0 = usmSecurityParameters.r().G0(i5, 0, i5.length, usmSecurityParameters.p(), usmSecurityParameters.g(), usmSecurityParameters.i(), decryptParams);
            if (G0 == null) {
                if (!logAdapter4.c()) {
                    return 1405;
                }
                logAdapter4.i("Encryption error");
                return 1405;
            }
            usmSecurityParameters.E(new OctetString(decryptParams.f9691a));
            OctetString octetString5 = new OctetString(G0);
            BEROutputStream bEROutputStream2 = new BEROutputStream(ByteBuffer.allocate(octetString5.o()));
            octetString5.d(bEROutputStream2);
            i5 = bEROutputStream2.g().array();
        }
        if (i4 >= 2) {
            AuthenticationProtocol f = usmSecurityParameters.f();
            usmSecurityParameters.x(new OctetString(new byte[f.I()]));
            j = SNMPv3SecurityModel.j(new Integer32(i), i5, bArr, usmSecurityParameters);
            if (!usmSecurityParameters.f().p(usmSecurityParameters.c(), j, 0, j.length, new ByteArrayWindow(j, usmSecurityParameters.a() + usmSecurityParameters.t(), f.I()))) {
                LogAdapter logAdapter5 = h;
                if (!logAdapter5.c()) {
                    return 1407;
                }
                logAdapter5.i("Outgoing message could not be authenticated");
                return 1407;
            }
        } else {
            usmSecurityParameters.z(0);
            usmSecurityParameters.x(new OctetString());
            usmSecurityParameters.B(0);
            j = SNMPv3SecurityModel.j(new Integer32(i), i5, bArr, usmSecurityParameters);
        }
        bEROutputStream.i((ByteBuffer) ByteBuffer.wrap(j).position(j.length));
        return 0;
    }

    @Override // org.snmp4j.security.SecurityModel
    public boolean g() {
        return true;
    }

    @Override // org.snmp4j.security.SecurityModel
    public int h() {
        return 3;
    }

    public UsmUserEntry k(byte[] bArr, OctetString octetString, OID oid, byte[] bArr2, OID oid2, byte[] bArr3) {
        UsmUserEntry usmUserEntry = new UsmUserEntry(bArr, octetString, oid, bArr2, oid2, bArr3);
        this.b.a(usmUserEntry);
        m(new UsmUserEvent(this, usmUserEntry, 1));
        return usmUserEntry;
    }

    protected void l(CounterEvent counterEvent) {
        this.g.a(counterEvent);
    }

    protected void m(UsmUserEvent usmUserEvent) {
        Vector<UsmUserListener> vector = this.f;
        if (vector != null) {
            int size = vector.size();
            for (int i = 0; i < size; i++) {
                vector.get(i).a(usmUserEvent);
            }
        }
    }

    public int n() {
        return this.c.e();
    }

    public int o() {
        return this.c.g();
    }

    public UsmUserEntry q(OctetString octetString, OctetString octetString2) {
        LogAdapter logAdapter = h;
        if (logAdapter.c()) {
            logAdapter.i("getUser(engineID=" + octetString.T() + ", securityName=" + octetString2.toString() + ")");
        }
        UsmUserEntry d = this.b.d(octetString, octetString2);
        if (d != null) {
            return d;
        }
        UsmUserEntry b = this.b.b(octetString2);
        if (b == null && octetString2.Q() > 0) {
            if (logAdapter.c()) {
                logAdapter.i("USM.getUser - User '" + octetString2 + "' unknown");
            }
            return null;
        }
        if (b == null || octetString.Q() == 0) {
            UsmUserEntry usmUserEntry = new UsmUserEntry();
            usmUserEntry.k(octetString2);
            usmUserEntry.n(new UsmUser(octetString2, null, null, null, null));
            return usmUserEntry;
        }
        OID d2 = b.g().d();
        OID o = b.g().o();
        if (d2 != null) {
            return k(octetString.O(), octetString2, d2, b.g().s() ? b.g().b().O() : this.e.s(d2, b.g().b(), octetString.O()), o, o != null ? b.g().s() ? b.g().n().O() : this.e.o(o, d2, b.g().n(), octetString.O()) : null);
        }
        return b;
    }

    public boolean r(OctetString octetString, OctetString octetString2) {
        return (this.b.d(octetString, octetString2) == null && this.b.b(octetString2) == null && octetString2.Q() > 0) ? false : true;
    }

    public boolean s() {
        return this.d;
    }
}
