package fm.liveswitch;

import _.C0620Bj;
import _.C0664Cf;
import _.C0740Dr;
import _.C0896Gr;
import _.C0948Hr;
import _.C1242Nf;
import _.C2148bf;
import _.C2590en0;
import _.C2724fh;
import _.C3303jp0;
import _.C3713mj;
import _.C4065pC0;
import _.C4981vj;
import _.D6;
import _.FM0;
import _.GA;
import _.HM0;
import _.I4;
import _.IM0;
import _.InterfaceC5353yM0;
import _.KN0;
import _.LF0;
import _.N;
import _.R0;
import _.S61;
import _.T0;
import _.VC;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.List;
import java.util.Locale;
import org.bouncycastle.tls.TlsFatalAlert;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: _ */
/* loaded from: classes7.dex */
public class DtlsBouncyCastleServer extends VC implements DtlsIServer {
    private DtlsCertificate certificate;
    private int[] clientSrtpProtectionProfiles;
    private boolean closed;
    private GA connection;
    private Object connectionLock;
    private List<DtlsMessage> handshakeFlight;
    private DtlsProtocolVersion maxVersion;
    private DtlsProtocolVersion minVersion;
    private IAction1<DataBuffer> onDataDecrypted;
    private IAction1<Exception> onError;
    private IAction1<DataBuffer> onKeyingMaterialAvailable;
    private IAction1<byte[]> onRemoteCertificate;
    private DtlsCipherSuite[] preferredCipherSuites;
    private byte[] receiveBuffer;
    public String remoteFingerprint;
    public String remoteFingerprintAlgorithm;
    private int selectedSrtpProtectionProfile;
    private int[] supportedSrtpProtectionProfiles;
    private DtlsBouncyCastleUdpTransport transport;

    public DtlsBouncyCastleServer(DtlsCertificate dtlsCertificate, DtlsCipherSuite[] dtlsCipherSuiteArr, DtlsProtocolVersion dtlsProtocolVersion, DtlsProtocolVersion dtlsProtocolVersion2, DtlsFingerprint dtlsFingerprint, int[] iArr, IAction1<byte[]> iAction1, final IAction1<DataBuffer> iAction12) {
        super(new C0620Bj(new SecureRandom()));
        this.handshakeFlight = new ArrayList();
        this.certificate = dtlsCertificate;
        this.preferredCipherSuites = dtlsCipherSuiteArr;
        this.minVersion = dtlsProtocolVersion;
        this.maxVersion = dtlsProtocolVersion2;
        this.remoteFingerprintAlgorithm = dtlsFingerprint.getAlgorithm();
        this.remoteFingerprint = dtlsFingerprint.getValue();
        this.supportedSrtpProtectionProfiles = iArr;
        this.selectedSrtpProtectionProfile = -1;
        this.connectionLock = new Object();
        this.onRemoteCertificate = iAction1;
        this.transport = new DtlsBouncyCastleUdpTransport(new IAction1<byte[]>() { // from class: fm.liveswitch.DtlsBouncyCastleServer.1
            @Override // fm.liveswitch.IAction1
            public void invoke(byte[] bArr) {
                if (DtlsBouncyCastleServer.this.getClosed()) {
                    return;
                }
                if (DtlsBouncyCastleServer.this.connection != null) {
                    iAction12.invoke(DataBuffer.wrap(bArr));
                    return;
                }
                Log.debug(String.format(Locale.getDefault(), "Sending DTLS packet (%d bytes).", Integer.valueOf(bArr.length)));
                DtlsMessage[] parseMultiple = DtlsMessage.parseMultiple(DataBuffer.wrap(bArr));
                if (parseMultiple != null) {
                    for (DtlsMessage dtlsMessage : parseMultiple) {
                        DtlsBouncyCastleServer.this.handshakeFlight.add(dtlsMessage);
                    }
                }
                if (DtlsBouncyCastleServer.this.handshakeFlight.size() >= 1) {
                    DtlsMessage dtlsMessage2 = (DtlsMessage) DtlsBouncyCastleServer.this.handshakeFlight.get(DtlsBouncyCastleServer.this.handshakeFlight.size() - 1);
                    if (dtlsMessage2.getContentType() == DtlsContentType.getHandshake() && (dtlsMessage2.getHandshakeType() == DtlsHandshakeType.getServerHelloDone() || dtlsMessage2.getHandshakeType() == DtlsHandshakeType.getHelloRequest() || dtlsMessage2.getHandshakeType() == DtlsHandshakeType.getHelloVerifyRequest())) {
                        DtlsBouncyCastleServer.this.sendHandshakeFlight(iAction12);
                    } else if (DtlsBouncyCastleServer.this.handshakeFlight.size() >= 2 && ((DtlsMessage) DtlsBouncyCastleServer.this.handshakeFlight.get(DtlsBouncyCastleServer.this.handshakeFlight.size() - 2)).getContentType() == DtlsContentType.getChangeCipherSpec() && dtlsMessage2.getContentType() == DtlsContentType.getHandshake()) {
                        DtlsBouncyCastleServer.this.sendHandshakeFlight(iAction12);
                    }
                }
            }
        });
    }

    private byte[] exportKeyingMaterialUnsafe(String str, byte[] bArr, int i) {
        C4065pC0 c = ((T0) this.context).c();
        if (KN0.e0(c.O)) {
            throw new IllegalStateException();
        }
        if (!c.z) {
            Log.warn("ExtendedMasterSecret was not included in server");
        }
        if (bArr == null || KN0.i0(bArr.length)) {
            return c.p.c(c.g, i, str, C2148bf.f(c.s, c.t, bArr == null ? null : new byte[]{(byte) (bArr.length >>> 8), (byte) bArr.length}, bArr)).e();
        }
        throw new IllegalArgumentException("'context_value' must have length less than 2^16 (or be null)");
    }

    private void processReceived() {
        if (this.connection == null || this.receiveBuffer == null) {
            return;
        }
        while (this.transport.getSize() > 0) {
            try {
                GA ga = this.connection;
                byte[] bArr = this.receiveBuffer;
                int receive = ga.receive(bArr, 0, bArr.length, 1);
                if (receive > 0) {
                    this.onDataDecrypted.invoke(DataBuffer.wrap(this.receiveBuffer, 0, receive));
                }
            } catch (Exception e) {
                IAction1<Exception> iAction1 = this.onError;
                if (iAction1 != null) {
                    e.getMessage();
                    iAction1.invoke(new Exception("DTLS server could not process incoming message."));
                    return;
                }
                return;
            }
        }
    }

    private boolean selectSrtpProtectionProfile() {
        for (int i : this.supportedSrtpProtectionProfiles) {
            for (int i2 : this.clientSrtpProtectionProfiles) {
                if (i2 == i) {
                    this.selectedSrtpProtectionProfile = i2;
                    return true;
                }
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sendHandshakeFlight(IAction1<DataBuffer> iAction1) {
        DataBuffer raw = this.handshakeFlight.get(0).getRaw();
        for (int i = 1; i < this.handshakeFlight.size(); i++) {
            raw.append(this.handshakeFlight.get(i).getRaw());
        }
        this.handshakeFlight.clear();
        iAction1.invoke(raw);
    }

    @Override // fm.liveswitch.DtlsIServer
    public void close() {
        GA ga = this.connection;
        if (ga != null) {
            try {
                ga.close();
            } catch (Exception unused) {
            }
            this.connection = null;
        }
        DtlsBouncyCastleUdpTransport dtlsBouncyCastleUdpTransport = this.transport;
        if (dtlsBouncyCastleUdpTransport != null) {
            try {
                dtlsBouncyCastleUdpTransport.close();
            } catch (Exception unused2) {
            }
            this.transport = null;
        }
        this.closed = true;
    }

    public DtlsCertificate getCertificate() {
        return this.certificate;
    }

    @Override // _.X0, _.InterfaceC5355yN0
    public C0948Hr getCertificateRequest() {
        return new C0948Hr(new short[]{1, 64}, KN0.c0(((T0) this.context).b().O) ? KN0.I(this.context) : null, null);
    }

    public int[] getClientSrtpProtectionProfiles() {
        return this.clientSrtpProtectionProfiles;
    }

    public boolean getClosed() {
        return this.closed;
    }

    @Override // _.VC
    public IM0 getECDSASignerCredentials() {
        C3713mj c3713mj = new C3713mj(this.context);
        C0664Cf ecdsaPrivateKey = DtlsBouncyCastleUtility.getEcdsaPrivateKey(getCertificate());
        if (ecdsaPrivateKey == null) {
            return null;
        }
        if (((T0) this.context).b().F == null) {
            FM0 fm0 = this.context;
            return new C4981vj(c3713mj, (C0620Bj) ((T0) fm0).a, ecdsaPrivateKey, DtlsBouncyCastleUtility.getCertificate(fm0, getCertificate()), null);
        }
        LF0 signatureAndHashAlgorithm = DtlsBouncyCastleUtility.getSignatureAndHashAlgorithm(((T0) this.context).b().F, (short) 3);
        if (signatureAndHashAlgorithm == null) {
            return null;
        }
        FM0 fm02 = this.context;
        return new C4981vj(c3713mj, (C0620Bj) ((T0) fm02).a, ecdsaPrivateKey, DtlsBouncyCastleUtility.getCertificate(fm02, getCertificate()), signatureAndHashAlgorithm);
    }

    @Override // _.V0, _.InterfaceC4228qN0
    public int getHandshakeTimeoutMillis() {
        return 60000;
    }

    @Override // fm.liveswitch.DtlsIServer
    public byte[] getKeyingMaterial() {
        return exportKeyingMaterialUnsafe("EXTRACTOR-dtls_srtp", null, 60);
    }

    public DtlsProtocolVersion getMaxVersion() {
        return this.maxVersion;
    }

    public DtlsProtocolVersion getMinVersion() {
        return this.minVersion;
    }

    public IAction1<DataBuffer> getOnDataDecrypted() {
        return this.onDataDecrypted;
    }

    public IAction1<Exception> getOnError() {
        return this.onError;
    }

    public IAction1<byte[]> getOnRemoteCertificate() {
        return this.onRemoteCertificate;
    }

    public DtlsCipherSuite[] getPreferredCipherSuites() {
        return this.preferredCipherSuites;
    }

    /* JADX WARN: Type inference failed for: r1v0, types: [java.lang.Object, _.HM0, _.uj] */
    @Override // _.VC
    public HM0 getRSAEncryptionCredentials() {
        C0664Cf rsaPrivateKey = DtlsBouncyCastleUtility.getRsaPrivateKey(getCertificate());
        if (rsaPrivateKey == null) {
            return null;
        }
        FM0 fm0 = this.context;
        C0620Bj c0620Bj = (C0620Bj) ((T0) fm0).a;
        C0740Dr certificate = DtlsBouncyCastleUtility.getCertificate(fm0, getCertificate());
        ?? obj = new Object();
        if (c0620Bj == null) {
            throw new IllegalArgumentException("'crypto' cannot be null");
        }
        if (certificate == null) {
            throw new IllegalArgumentException("'certificate' cannot be null");
        }
        if (certificate.d()) {
            throw new IllegalArgumentException("'certificate' cannot be empty");
        }
        if (!rsaPrivateKey.a) {
            throw new IllegalArgumentException("'privateKey' must be private");
        }
        if (!(rsaPrivateKey instanceof C3303jp0)) {
            throw new IllegalArgumentException("'privateKey' type not supported: ".concat(rsaPrivateKey.getClass().getName()));
        }
        obj.a = c0620Bj;
        obj.b = certificate;
        obj.c = (C3303jp0) rsaPrivateKey;
        return obj;
    }

    @Override // _.VC
    public IM0 getRSASignerCredentials() {
        C3713mj c3713mj = new C3713mj(this.context);
        C0664Cf rsaPrivateKey = DtlsBouncyCastleUtility.getRsaPrivateKey(getCertificate());
        if (rsaPrivateKey == null) {
            return null;
        }
        if (((T0) this.context).b().F == null) {
            FM0 fm0 = this.context;
            return new C4981vj(c3713mj, (C0620Bj) ((T0) fm0).a, rsaPrivateKey, DtlsBouncyCastleUtility.getCertificate(fm0, getCertificate()), null);
        }
        LF0 signatureAndHashAlgorithm = DtlsBouncyCastleUtility.getSignatureAndHashAlgorithm(((T0) this.context).b().F, (short) 1);
        if (signatureAndHashAlgorithm == null) {
            return null;
        }
        FM0 fm02 = this.context;
        return new C4981vj(c3713mj, (C0620Bj) ((T0) fm02).a, rsaPrivateKey, DtlsBouncyCastleUtility.getCertificate(fm02, getCertificate()), signatureAndHashAlgorithm);
    }

    public String getRemoteFingerprint() {
        return this.remoteFingerprint;
    }

    public String getRemoteFingerprintAlgorithm() {
        return this.remoteFingerprintAlgorithm;
    }

    @Override // fm.liveswitch.DtlsIServer
    public int getSelectedSrtpProtectionProfile() {
        return this.selectedSrtpProtectionProfile;
    }

    @Override // _.X0, _.InterfaceC5355yN0
    public Hashtable getServerExtensions() throws IOException {
        Hashtable q = S61.q(super.getServerExtensions());
        int i = this.selectedSrtpProtectionProfile;
        if (i < 0 || this.supportedSrtpProtectionProfiles == null) {
            return q;
        }
        int[] iArr = {i};
        byte[] bArr = new byte[0];
        if (KN0.Y(iArr)) {
            throw new IllegalArgumentException("'protectionProfiles' must have length from 1 to (2^15 - 1)");
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        KN0.Y0(iArr, byteArrayOutputStream);
        KN0.V0(byteArrayOutputStream, bArr);
        q.put(14, byteArrayOutputStream.toByteArray());
        return q;
    }

    @Override // _.VC, _.V0
    public int[] getSupportedCipherSuites() {
        int length = getPreferredCipherSuites().length;
        int[] iArr = new int[length];
        for (int i = 0; i < length; i++) {
            iArr[i] = DtlsBouncyCastleUtility.convertCipherSuite(getPreferredCipherSuites()[i]);
        }
        return KN0.Q(((T0) this.context).a, iArr, length);
    }

    public int[] getSupportedSrtpProtectionProfiles() {
        return this.supportedSrtpProtectionProfiles;
    }

    @Override // _.V0
    public C2590en0[] getSupportedVersions() {
        if (getMinVersion() == getMaxVersion()) {
            if (getMinVersion() == DtlsProtocolVersion.Dtls10) {
                return new C2590en0[]{C2590en0.h};
            }
            if (getMinVersion() == DtlsProtocolVersion.Dtls12) {
                return new C2590en0[]{C2590en0.i};
            }
            if (getMinVersion() == DtlsProtocolVersion.Dtls13) {
                return new C2590en0[]{C2590en0.j};
            }
            Log.error("Unsupported DTLS version " + getMinVersion().name());
            return C2590en0.i.b(C2590en0.h);
        }
        DtlsProtocolVersion minVersion = getMinVersion();
        DtlsProtocolVersion dtlsProtocolVersion = DtlsProtocolVersion.Dtls10;
        if (minVersion == dtlsProtocolVersion && getMaxVersion() == DtlsProtocolVersion.Dtls12) {
            return C2590en0.i.b(C2590en0.h);
        }
        if (getMinVersion() == dtlsProtocolVersion && getMaxVersion() == DtlsProtocolVersion.Dtls13) {
            return C2590en0.j.b(C2590en0.h);
        }
        if (getMinVersion() == DtlsProtocolVersion.Dtls12 && getMaxVersion() == DtlsProtocolVersion.Dtls13) {
            return C2590en0.j.b(C2590en0.i);
        }
        Log.error("Unsupported DTLS versions " + getMinVersion().name() + ", " + getMinVersion().name());
        return C2590en0.i.b(C2590en0.h);
    }

    public void notifyAlertRaised(byte b, byte b2, String str, Exception exc) {
        IAction1<Exception> iAction1;
        if (this.closed) {
            return;
        }
        String e = exc == null ? "" : D6.e(", Inner exception: ", exc.getMessage());
        Locale.getDefault();
        String d = I4.d(C2724fh.c("DTLS server raised alert. (Level: ", String.valueOf((int) b), ", Description: ", String.valueOf((int) b2), ", Message: '"), str, "'", e, ")");
        boolean z = true;
        if (b != 1) {
            if (b != 2) {
                if (exc == null) {
                    Log.debug(d);
                } else {
                    Log.debug(d, exc);
                }
            }
            if (z || (iAction1 = this.onError) == null) {
            }
            iAction1.invoke(new Exception(d));
            return;
        }
        if (b2 == 0) {
            d = "Local DTLS server closed connection.";
            if (exc == null) {
                Log.debug("Local DTLS server closed connection.");
            } else {
                Log.debug("Local DTLS server closed connection.", exc);
            }
        } else if (exc == null) {
            Log.warn(d);
        } else {
            Log.warn(d, exc);
        }
        z = false;
        if (z) {
        }
    }

    public void notifyAlertReceived(byte b, byte b2) {
        IAction1<Exception> iAction1;
        if (this.closed) {
            return;
        }
        Locale.getDefault();
        String e = R0.e("DTLS server received alert. (Level: ", String.valueOf((int) b), ", Description: ", String.valueOf((int) b2), ")");
        boolean z = true;
        if (b != 1) {
            if (b != 2) {
                Log.debug(e);
            }
            if (z || (iAction1 = this.onError) == null) {
            }
            iAction1.invoke(new Exception(e));
            return;
        }
        if (b2 == 0) {
            e = "Remote DTLS client closed connection.";
            Log.debug("Remote DTLS client closed connection.");
        } else {
            Log.warn(e);
        }
        z = false;
        if (z) {
        }
    }

    @Override // _.X0, _.InterfaceC5355yN0
    public void notifyClientCertificate(C0740Dr c0740Dr) throws IOException {
        InterfaceC5353yM0[] interfaceC5353yM0Arr;
        String hexString;
        IAction1<byte[]> iAction1;
        byte[] bArr = null;
        if (c0740Dr == null) {
            throw new TlsFatalAlert((short) 42, null, null);
        }
        C0896Gr[] c0896GrArr = c0740Dr.b;
        int length = c0896GrArr.length;
        if (length == 0) {
            interfaceC5353yM0Arr = C0740Dr.d;
        } else {
            InterfaceC5353yM0[] interfaceC5353yM0Arr2 = new InterfaceC5353yM0[length];
            for (int i = 0; i < length; i++) {
                interfaceC5353yM0Arr2[i] = c0896GrArr[i].a;
            }
            interfaceC5353yM0Arr = interfaceC5353yM0Arr2;
        }
        if (interfaceC5353yM0Arr.length == 0) {
            throw new TlsFatalAlert((short) 42, null, null);
        }
        InterfaceC5353yM0 interfaceC5353yM0 = interfaceC5353yM0Arr[0];
        if (this.remoteFingerprintAlgorithm.equalsIgnoreCase("sha2") || this.remoteFingerprintAlgorithm.equalsIgnoreCase("sha256") || this.remoteFingerprintAlgorithm.equalsIgnoreCase("sha-256")) {
            hexString = HashContextBase.compute(HashType.Sha256, DataBuffer.wrap(interfaceC5353yM0.getEncoded())).toHexString();
        } else {
            if (!this.remoteFingerprintAlgorithm.equalsIgnoreCase("sha") && !this.remoteFingerprintAlgorithm.equalsIgnoreCase("sha1") && !this.remoteFingerprintAlgorithm.equalsIgnoreCase("sha-1")) {
                throw new TlsFatalAlert((short) 49, null, null);
            }
            hexString = HashContextBase.compute(HashType.Sha1, DataBuffer.wrap(interfaceC5353yM0.getEncoded())).toHexString();
        }
        if (!hexString.equalsIgnoreCase(this.remoteFingerprint.replace(":", ""))) {
            throw new TlsFatalAlert((short) 49, null, null);
        }
        try {
            bArr = interfaceC5353yM0.getEncoded();
        } catch (Exception e) {
            Log.error("Could not parse remote DTLS certificate.", e);
        }
        if (bArr == null || (iAction1 = this.onRemoteCertificate) == null) {
            return;
        }
        iAction1.invoke(bArr);
    }

    @Override // _.V0, _.InterfaceC4228qN0
    public void notifyHandshakeComplete() throws IOException {
        super.notifyHandshakeComplete();
        IAction1<DataBuffer> iAction1 = this.onKeyingMaterialAvailable;
        if (iAction1 != null) {
            iAction1.invoke(DataBuffer.wrap(getKeyingMaterial()));
        }
    }

    @Override // fm.liveswitch.DtlsIServer
    public Error open() {
        try {
            this.connection = new DtlsBouncyCastleServerProtocol().accept(this, this.transport);
            synchronized (this.connectionLock) {
                this.receiveBuffer = new byte[this.connection.a.getReceiveLimit()];
                processReceived();
            }
            if (this.closed) {
                return new Error(ErrorCode.DtlsKeyExchangeFailed, new Exception("Could not accept DTLS client connection."));
            }
            return null;
        } catch (Exception e) {
            return new Error(ErrorCode.DtlsKeyExchangeFailed, e);
        }
    }

    @Override // _.X0, _.InterfaceC5355yN0
    public void processClientExtensions(Hashtable hashtable) throws IOException {
        N f;
        int[] iArr;
        IAction1<Exception> iAction1;
        super.processClientExtensions(hashtable);
        if (hashtable == null || this.supportedSrtpProtectionProfiles == null || (f = C1242Nf.f(hashtable)) == null || (iArr = (int[]) f.d) == null || iArr.length <= 0) {
            return;
        }
        this.clientSrtpProtectionProfiles = iArr;
        if (selectSrtpProtectionProfile() || (iAction1 = this.onError) == null) {
            return;
        }
        iAction1.invoke(new Exception("DTLS server could not select an SRTP protection profile."));
    }

    @Override // fm.liveswitch.DtlsIServer
    public void receive(DataBuffer dataBuffer) {
        if (this.connection == null) {
            Log.debug(String.format(Locale.getDefault(), "Received DTLS packet (%d bytes).", Integer.valueOf(dataBuffer.getLength())));
        }
        synchronized (this.connectionLock) {
            try {
                DtlsBouncyCastleUdpTransport dtlsBouncyCastleUdpTransport = this.transport;
                if (dtlsBouncyCastleUdpTransport != null) {
                    dtlsBouncyCastleUdpTransport.push(dataBuffer);
                }
                processReceived();
            } catch (Throwable th) {
                throw th;
            }
        }
    }

    @Override // fm.liveswitch.DtlsIServer
    public void send(DataBuffer dataBuffer) {
        GA ga = this.connection;
        if (ga != null) {
            try {
                ga.send(dataBuffer.getData(), dataBuffer.getIndex(), dataBuffer.getLength());
            } catch (Exception e) {
                IAction1<Exception> iAction1 = this.onError;
                if (iAction1 != null) {
                    e.getMessage();
                    iAction1.invoke(new Exception("DTLS server could not process outgoing message."));
                }
            }
        }
    }

    public void setClientSrtpProtectionProfiles(int[] iArr) {
        this.clientSrtpProtectionProfiles = iArr;
    }

    @Override // fm.liveswitch.DtlsIServer
    public void setOnDataDecrypted(IAction1<DataBuffer> iAction1) {
        this.onDataDecrypted = iAction1;
    }

    @Override // fm.liveswitch.DtlsIServer
    public void setOnError(IAction1<Exception> iAction1) {
        this.onError = iAction1;
    }

    @Override // fm.liveswitch.DtlsIServer
    public void setOnKeyingMaterialAvailable(IAction1<DataBuffer> iAction1) {
        this.onKeyingMaterialAvailable = iAction1;
    }
}
