package org.saltyrtc.client.signaling;

import com.neilalexander.jnacl.NaCl;
import java.security.InvalidKeyException;
import java.util.Arrays;
import javax.net.ssl.SSLContext;
import org.saltyrtc.client.SaltyRTC;
import org.saltyrtc.client.annotations.Nullable;
import org.saltyrtc.client.cookie.Cookie;
import org.saltyrtc.client.exceptions.ConnectionException;
import org.saltyrtc.client.exceptions.CryptoFailedException;
import org.saltyrtc.client.exceptions.InternalException;
import org.saltyrtc.client.exceptions.OverflowException;
import org.saltyrtc.client.exceptions.ProtocolException;
import org.saltyrtc.client.exceptions.SerializationError;
import org.saltyrtc.client.exceptions.ValidationError;
import org.saltyrtc.client.helpers.MessageReader;
import org.saltyrtc.client.keystore.AuthToken;
import org.saltyrtc.client.keystore.Box;
import org.saltyrtc.client.keystore.KeyStore;
import org.saltyrtc.client.messages.Auth;
import org.saltyrtc.client.messages.ClientHello;
import org.saltyrtc.client.messages.Key;
import org.saltyrtc.client.messages.Message;
import org.saltyrtc.client.messages.NewInitiator;
import org.saltyrtc.client.messages.ResponderServerAuth;
import org.saltyrtc.client.messages.Token;
import org.saltyrtc.client.nonce.CombinedSequence;
import org.saltyrtc.client.nonce.SignalingChannelNonce;
import org.saltyrtc.client.signaling.state.InitiatorHandshakeState;
import org.saltyrtc.client.signaling.state.ServerHandshakeState;
import org.saltyrtc.client.signaling.state.SignalingState;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/saltyrtc/client/signaling/ResponderSignaling.class */
public class ResponderSignaling extends Signaling {
    private final Initiator initiator;
    private final AuthToken authToken;

    @Override // org.saltyrtc.client.signaling.Signaling
    protected Logger getLogger() {
        return LoggerFactory.getLogger("SaltyRTC.RSignaling");
    }

    public ResponderSignaling(SaltyRTC saltyRTC, String str, int i, KeyStore keyStore, SSLContext sSLContext, byte[] bArr, byte[] bArr2) throws InvalidKeyException {
        super(saltyRTC, str, i, keyStore, sSLContext);
        this.role = SignalingRole.Responder;
        this.initiator = new Initiator(bArr);
        this.authToken = new AuthToken(bArr2);
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    protected String getWebsocketPath() {
        return NaCl.asHex(this.initiator.getPermanentKey());
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    protected CombinedSequence getNextCsn(short s) throws ProtocolException {
        try {
            if (s == 0) {
                return this.serverCsn.getOurs().next();
            }
            if (s == 1) {
                return this.initiator.getCsnPair().getOurs().next();
            }
            if (isResponderId(s)) {
                throw new ProtocolException("Responder may not send messages to other responders: " + ((int) s));
            }
            throw new ProtocolException("Bad receiver byte: " + ((int) s));
        } catch (OverflowException e) {
            throw new ProtocolException("OverflowException: " + e.getMessage());
        }
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    protected Box encryptForPeer(short s, String str, byte[] bArr, byte[] bArr2) throws CryptoFailedException, org.saltyrtc.client.exceptions.InvalidKeyException, ProtocolException {
        if (isResponderId(s)) {
            throw new ProtocolException("Responder may not encrypt messages for other responders: " + ((int) s));
        }
        if (s != 1) {
            throw new ProtocolException("Bad receiver byte: " + ((int) s));
        }
        boolean z = -1;
        switch (str.hashCode()) {
            case 106079:
                if (str.equals("key")) {
                    z = true;
                    break;
                }
                break;
            case 110541305:
                if (str.equals("token")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return this.authToken.encrypt(bArr, bArr2);
            case true:
                return this.permanentKey.encrypt(bArr, bArr2, this.initiator.permanentKey);
            default:
                byte[] peerSessionKey = getPeerSessionKey();
                if (peerSessionKey == null) {
                    throw new ProtocolException("Trying to encrypt for peer using session key, but session key is null");
                }
                return this.sessionKey.encrypt(bArr, bArr2, peerSessionKey);
        }
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    protected void sendClientHello() throws ProtocolException, ConnectionException {
        ClientHello clientHello = new ClientHello(this.permanentKey.getPublicKey());
        byte[] buildPacket = buildPacket(clientHello, (short) 0, false);
        getLogger().debug("Sending client-hello");
        send(buildPacket, clientHello);
        this.serverHandshakeState = ServerHandshakeState.HELLO_SENT;
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    protected void handleServerAuth(Message message, SignalingChannelNonce signalingChannelNonce) throws ProtocolException {
        try {
            ResponderServerAuth responderServerAuth = (ResponderServerAuth) message;
            if (signalingChannelNonce.getDestination() > 255 || signalingChannelNonce.getDestination() < 2) {
                throw new ProtocolException("Invalid nonce destination: " + ((int) signalingChannelNonce.getDestination()));
            }
            this.address = signalingChannelNonce.getDestination();
            getLogger().debug("Server assigned address 0x" + NaCl.asHex(new int[]{this.address}));
            if (!new Cookie(responderServerAuth.getYourCookie()).equals(this.cookie)) {
                getLogger().error("Bad repeated cookie in server-auth message");
                getLogger().debug("Their response: " + Arrays.toString(responderServerAuth.getYourCookie()) + ", our cookie: " + Arrays.toString(this.cookie.getBytes()));
                throw new ProtocolException("Bad repeated cookie in server-auth message");
            }
            this.initiator.setConnected(responderServerAuth.isInitiatorConnected());
            getLogger().debug("Initiator is " + (responderServerAuth.isInitiatorConnected() ? "" : "not ") + "connected.");
            this.serverHandshakeState = ServerHandshakeState.DONE;
        } catch (ClassCastException e) {
            throw new ProtocolException("Could not cast message to ResponderServerAuth");
        }
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    protected void initPeerHandshake() throws ProtocolException, ConnectionException {
        if (this.initiator.isConnected()) {
            sendToken();
        }
    }

    protected void sendToken() throws ProtocolException, ConnectionException {
        Token token = new Token(this.permanentKey.getPublicKey());
        byte[] buildPacket = buildPacket(token, (short) 1);
        getLogger().debug("Sending token");
        send(buildPacket, token);
        this.initiator.handshakeState = InitiatorHandshakeState.TOKEN_SENT;
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    protected void onPeerHandshakeMessage(Box box, SignalingChannelNonce signalingChannelNonce) throws ProtocolException, ValidationError, SerializationError, InternalException, ConnectionException {
        byte[] decrypt;
        if (signalingChannelNonce.getDestination() != this.address) {
            throw new ProtocolException("Message destination does not match our address");
        }
        if (signalingChannelNonce.getSource() == 0) {
            try {
                Message read = MessageReader.read(this.permanentKey.decrypt(box, this.serverKey));
                if (!(read instanceof NewInitiator)) {
                    throw new ProtocolException("Got unexpected server message: " + read.getType());
                }
                getLogger().debug("Received new-initiator");
                handleNewInitiator((NewInitiator) read);
                return;
            } catch (CryptoFailedException | org.saltyrtc.client.exceptions.InvalidKeyException e) {
                e.printStackTrace();
                throw new ProtocolException("Could not decrypt server message");
            }
        }
        if (signalingChannelNonce.getSource() != 1) {
            throw new ProtocolException("Message source is neither the server nor the initiator");
        }
        if (this.initiator.handshakeState == InitiatorHandshakeState.TOKEN_SENT) {
            try {
                decrypt = this.permanentKey.decrypt(box, this.initiator.getPermanentKey());
            } catch (CryptoFailedException | org.saltyrtc.client.exceptions.InvalidKeyException e2) {
                e2.printStackTrace();
                throw new ProtocolException("Could not decrypt key message");
            }
        } else {
            try {
                decrypt = this.sessionKey.decrypt(box, this.initiator.getSessionKey());
            } catch (CryptoFailedException | org.saltyrtc.client.exceptions.InvalidKeyException e3) {
                e3.printStackTrace();
                throw new ProtocolException("Could not decrypt message using session key");
            }
        }
        Message read2 = MessageReader.read(decrypt);
        switch (this.initiator.handshakeState) {
            case NEW:
                throw new ProtocolException("Unexpected " + read2.getType() + " message");
            case TOKEN_SENT:
                if (!(read2 instanceof Key)) {
                    throw new ProtocolException("Expected key message, but got " + read2.getType());
                }
                getLogger().debug("Received key");
                handleKey((Key) read2);
                sendKey();
                return;
            case KEY_SENT:
                if (!(read2 instanceof Auth)) {
                    throw new ProtocolException("Expected auth message, but got " + read2.getType());
                }
                getLogger().debug("Received auth");
                handleAuth((Auth) read2, signalingChannelNonce);
                sendAuth(signalingChannelNonce);
                setState(SignalingState.OPEN);
                getLogger().info("Peer handshake done");
                return;
            default:
                throw new InternalException("Unknown initiator handshake state");
        }
    }

    protected void handleNewInitiator(NewInitiator newInitiator) throws ProtocolException, ConnectionException {
        sendToken();
    }

    protected void handleKey(Key key) {
        this.initiator.setSessionKey(key.getKey());
    }

    protected void sendKey() throws ProtocolException, ConnectionException {
        this.sessionKey = new KeyStore();
        Key key = new Key(this.sessionKey.getPublicKey());
        byte[] buildPacket = buildPacket(key, (short) 1);
        getLogger().debug("Sending key");
        send(buildPacket, key);
        this.initiator.handshakeState = InitiatorHandshakeState.KEY_SENT;
    }

    protected void handleAuth(Auth auth, SignalingChannelNonce signalingChannelNonce) throws ProtocolException {
        validateRepeatedCookie(auth);
        getLogger().debug("Initiator authenticated");
        this.initiator.setCookie(signalingChannelNonce.getCookie());
    }

    protected void sendAuth(SignalingChannelNonce signalingChannelNonce) throws ProtocolException, ConnectionException {
        if (signalingChannelNonce.getCookie().equals(this.cookie)) {
            throw new ProtocolException("Their cookie and our cookie are the same");
        }
        Auth auth = new Auth(signalingChannelNonce.getCookieBytes());
        byte[] buildPacket = buildPacket(auth, (short) 1);
        getLogger().debug("Sending auth");
        send(buildPacket, auth);
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    @Nullable
    protected Short getPeerAddress() {
        if (this.initiator != null) {
            return Short.valueOf(this.initiator.getId());
        }
        return null;
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    @Nullable
    public Cookie getPeerCookie() {
        if (this.initiator != null) {
            return this.initiator.getCookie();
        }
        return null;
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    @Nullable
    protected byte[] getPeerSessionKey() {
        if (this.initiator != null) {
            return this.initiator.sessionKey;
        }
        return null;
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    protected void validateSignalingNoncePeerCsn(SignalingChannelNonce signalingChannelNonce) throws ValidationError {
        if (signalingChannelNonce.getSource() != 1) {
            throw new ValidationError("Invalid source byte, cannot validate CSN");
        }
        validateSignalingNonceCsn(signalingChannelNonce, this.initiator.getCsnPair(), "initiator");
    }
}
