package org.saltyrtc.client.signaling;

import java.util.Arrays;
import java.util.HashMap;
import javax.net.ssl.SSLContext;
import org.saltyrtc.client.SaltyRTC;
import org.saltyrtc.client.annotations.NonNull;
import org.saltyrtc.client.annotations.Nullable;
import org.saltyrtc.client.cookie.Cookie;
import org.saltyrtc.client.events.SignalingConnectionLostEvent;
import org.saltyrtc.client.exceptions.ConnectionException;
import org.saltyrtc.client.exceptions.CryptoFailedException;
import org.saltyrtc.client.exceptions.InternalException;
import org.saltyrtc.client.exceptions.InvalidKeyException;
import org.saltyrtc.client.exceptions.ProtocolException;
import org.saltyrtc.client.exceptions.SerializationError;
import org.saltyrtc.client.exceptions.SignalingException;
import org.saltyrtc.client.exceptions.ValidationError;
import org.saltyrtc.client.helpers.MessageReader;
import org.saltyrtc.client.helpers.TaskHelper;
import org.saltyrtc.client.keystore.AuthToken;
import org.saltyrtc.client.keystore.Box;
import org.saltyrtc.client.keystore.KeyStore;
import org.saltyrtc.client.messages.Message;
import org.saltyrtc.client.messages.c2c.InitiatorAuth;
import org.saltyrtc.client.messages.c2c.Key;
import org.saltyrtc.client.messages.c2c.ResponderAuth;
import org.saltyrtc.client.messages.c2c.Token;
import org.saltyrtc.client.messages.s2c.ClientHello;
import org.saltyrtc.client.messages.s2c.Disconnected;
import org.saltyrtc.client.messages.s2c.NewInitiator;
import org.saltyrtc.client.messages.s2c.ResponderServerAuth;
import org.saltyrtc.client.messages.s2c.SendError;
import org.saltyrtc.client.nonce.SignalingChannelNonce;
import org.saltyrtc.client.signaling.peers.Initiator;
import org.saltyrtc.client.signaling.peers.Peer;
import org.saltyrtc.client.signaling.state.InitiatorHandshakeState;
import org.saltyrtc.client.signaling.state.ServerHandshakeState;
import org.saltyrtc.client.signaling.state.SignalingState;
import org.saltyrtc.client.tasks.Task;
import org.saltyrtc.vendor.com.neilalexander.jnacl.NaCl;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/saltyrtc/client/signaling/ResponderSignaling.class */
public class ResponderSignaling extends Signaling {

    @NonNull
    private Initiator initiator;

    @Nullable
    private AuthToken authToken;
    static final /* synthetic */ boolean $assertionsDisabled;

    @Override // org.saltyrtc.client.signaling.Signaling
    protected Logger getLogger() {
        return LoggerFactory.getLogger("SaltyRTC.RSignaling");
    }

    public ResponderSignaling(SaltyRTC saltyRTC, String str, int i, @Nullable SSLContext sSLContext, @Nullable Integer num, @Nullable Integer num2, @Nullable Boolean bool, @NonNull KeyStore keyStore, @Nullable byte[] bArr, @Nullable byte[] bArr2, @Nullable byte[] bArr3, @Nullable byte[] bArr4, @NonNull Task[] taskArr, int i2) throws InvalidKeyException {
        super(saltyRTC, str, i, sSLContext, num, num2, bool, keyStore, bArr3, bArr4, SignalingRole.Responder, taskArr, i2);
        this.authToken = null;
        if (bArr3 == null) {
            if (bArr == null || bArr2 == null) {
                throw new IllegalArgumentException("You must specify either a trusted key or a public key / auth token pair");
            }
            this.initiator = new Initiator(bArr);
            this.authToken = new AuthToken(bArr2);
            return;
        }
        if (bArr != null || bArr2 != null) {
            throw new IllegalArgumentException("Cannot specify both a trusted key and a public key / auth token pair");
        }
        this.initiator = new Initiator(bArr3);
        this.initiator.handshakeState = InitiatorHandshakeState.TOKEN_SENT;
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    void handlePeerHandshakeSignalingError(@NonNull SignalingException signalingException, short s) {
        resetConnection(Integer.valueOf(signalingException.getCloseCode()));
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    protected String getWebsocketPath() {
        return NaCl.asHex(this.initiator.getPermanentKey());
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    protected Box encryptHandshakeDataForPeer(short s, String str, byte[] bArr, byte[] bArr2) throws CryptoFailedException, InvalidKeyException, ProtocolException {
        if (isResponderId(s)) {
            throw new ProtocolException("Responder may not encrypt messages for other responders: " + ((int) s));
        }
        if (s != 1) {
            throw new ProtocolException("Bad receiver byte: " + ((int) s));
        }
        boolean z = -1;
        switch (str.hashCode()) {
            case 106079:
                if (str.equals(Key.TYPE)) {
                    z = true;
                    break;
                }
                break;
            case 110541305:
                if (str.equals(Token.TYPE)) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (this.authToken == null) {
                    throw new ProtocolException("Cannot encrypt token message for peer: Auth token is null");
                }
                return this.authToken.encrypt(bArr, bArr2);
            case true:
                return this.permanentKey.encrypt(bArr, bArr2, this.initiator.getPermanentKey());
            default:
                byte[] peerSessionKey = getPeerSessionKey();
                if (peerSessionKey == null) {
                    throw new ProtocolException("Trying to encrypt for peer using session key, but session key is null");
                }
                return this.sessionKey.encrypt(bArr, bArr2, peerSessionKey);
        }
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    protected void sendClientHello() throws SignalingException, ConnectionException {
        ClientHello clientHello = new ClientHello(this.permanentKey.getPublicKey());
        byte[] buildPacket = buildPacket(clientHello, this.server, false);
        getLogger().debug("Sending client-hello");
        send(buildPacket, clientHello);
        this.server.handshakeState = ServerHandshakeState.HELLO_SENT;
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    protected void handleServerAuth(Message message, SignalingChannelNonce signalingChannelNonce) throws ProtocolException {
        try {
            ResponderServerAuth responderServerAuth = (ResponderServerAuth) message;
            if (signalingChannelNonce.getDestination() > 255 || signalingChannelNonce.getDestination() < 2) {
                throw new ProtocolException("Invalid nonce destination: " + ((int) signalingChannelNonce.getDestination()));
            }
            this.address = signalingChannelNonce.getDestination();
            getLogger().debug("Server assigned address 0x" + NaCl.asHex(new int[]{this.address}));
            Cookie cookie = new Cookie(responderServerAuth.getYourCookie());
            Cookie ours = this.server.getCookiePair().getOurs();
            if (!cookie.equals(ours)) {
                getLogger().error("Bad repeated cookie in server-auth message");
                getLogger().debug("Their response: " + Arrays.toString(cookie.getBytes()) + ", our cookie: " + Arrays.toString(ours.getBytes()));
                throw new ProtocolException("Bad repeated cookie in server-auth message");
            }
            if (this.expectedServerKey != null) {
                try {
                    validateSignedKeys(responderServerAuth.getSignedKeys(), signalingChannelNonce, this.expectedServerKey);
                } catch (ValidationError e) {
                    getLogger().error(e.getMessage());
                    throw new ProtocolException("Verification of signed_keys failed", e);
                }
            } else if (responderServerAuth.getSignedKeys() != null) {
                getLogger().warn("Server sent signed keys, but we're not verifying them.");
            }
            this.initiator.setConnected(responderServerAuth.isInitiatorConnected());
            getLogger().debug("Initiator is " + (responderServerAuth.isInitiatorConnected() ? "" : "not ") + "connected.");
            this.server.handshakeState = ServerHandshakeState.DONE;
        } catch (ClassCastException e2) {
            throw new ProtocolException("Could not cast message to ResponderServerAuth");
        }
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    protected void initPeerHandshake() throws SignalingException, ConnectionException {
        if (this.initiator.isConnected()) {
            if (!hasTrustedKey()) {
                sendToken();
            }
            sendKey();
        }
    }

    private void sendToken() throws SignalingException, ConnectionException {
        Token token = new Token(this.permanentKey.getPublicKey());
        byte[] buildPacket = buildPacket(token, this.initiator);
        getLogger().debug("Sending token");
        send(buildPacket, token);
        this.initiator.handshakeState = InitiatorHandshakeState.TOKEN_SENT;
    }

    private void sendKey() throws SignalingException, ConnectionException {
        this.sessionKey = new KeyStore();
        Key key = new Key(this.sessionKey.getPublicKey());
        byte[] buildPacket = buildPacket(key, this.initiator);
        getLogger().debug("Sending key");
        send(buildPacket, key);
        this.initiator.handshakeState = InitiatorHandshakeState.KEY_SENT;
    }

    private void handleKey(Key key) {
        this.initiator.setSessionKey(key.getKey());
        this.initiator.handshakeState = InitiatorHandshakeState.KEY_RECEIVED;
    }

    private void sendAuth(SignalingChannelNonce signalingChannelNonce) throws SignalingException, ConnectionException {
        if (signalingChannelNonce.getCookie().equals(this.initiator.getCookiePair().getOurs())) {
            throw new ProtocolException("Their cookie and our cookie are the same");
        }
        try {
            HashMap hashMap = new HashMap();
            for (Task task : this.tasks) {
                hashMap.put(task.getName(), task.getData());
            }
            ResponderAuth responderAuth = new ResponderAuth(signalingChannelNonce.getCookieBytes(), TaskHelper.getTaskNames(this.tasks), hashMap);
            byte[] buildPacket = buildPacket(responderAuth, this.initiator);
            getLogger().debug("Sending auth");
            send(buildPacket, responderAuth);
            this.initiator.handshakeState = InitiatorHandshakeState.AUTH_SENT;
        } catch (ValidationError e) {
            throw new ProtocolException("Invalid task data", e);
        }
    }

    private void handleAuth(InitiatorAuth initiatorAuth, SignalingChannelNonce signalingChannelNonce) throws SignalingException {
        validateRepeatedCookie(this.initiator, initiatorAuth.getYourCookie());
        String task = initiatorAuth.getTask();
        Task task2 = null;
        Task[] taskArr = this.tasks;
        int length = taskArr.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            Task task3 = taskArr[i];
            if (task3.getName().equals(task)) {
                getLogger().info("Task " + task3.getName() + " has been selected");
                task2 = task3;
                break;
            }
            i++;
        }
        if (task2 == null) {
            throw new SignalingException(CloseCode.PROTOCOL_ERROR, "Initiator selected unknown task");
        }
        initTask(task2, initiatorAuth.getData().get(task2.getName()));
        getLogger().debug("Initiator authenticated");
        this.initiator.getCookiePair().setTheirs(signalingChannelNonce.getCookie());
        this.initiator.handshakeState = InitiatorHandshakeState.AUTH_RECEIVED;
    }

    private byte[] decryptInitiatorMessage(Box box) throws ProtocolException {
        switch (this.initiator.handshakeState) {
            case NEW:
            case TOKEN_SENT:
            case KEY_RECEIVED:
                throw new ProtocolException("Received message in " + this.initiator.handshakeState.name() + " state.");
            case KEY_SENT:
                try {
                    return this.permanentKey.decrypt(box, this.initiator.getPermanentKey());
                } catch (CryptoFailedException | InvalidKeyException e) {
                    e.printStackTrace();
                    throw new ProtocolException("Could not decrypt key message");
                }
            case AUTH_SENT:
            case AUTH_RECEIVED:
                try {
                    return this.sessionKey.decrypt(box, this.initiator.getSessionKey());
                } catch (CryptoFailedException | InvalidKeyException e2) {
                    e2.printStackTrace();
                    throw new ProtocolException("Could not decrypt message using session key");
                }
            default:
                throw new ProtocolException("Invalid handshake state: " + this.initiator.handshakeState.name());
        }
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    protected void onPeerHandshakeMessage(Box box, SignalingChannelNonce signalingChannelNonce) throws ValidationError, SerializationError, InternalException, ConnectionException, SignalingException {
        if (signalingChannelNonce.getDestination() != this.address) {
            throw new ProtocolException("Message destination does not match our address");
        }
        if (signalingChannelNonce.getSource() == 0) {
            try {
                if (!$assertionsDisabled && !this.server.hasSessionKey()) {
                    throw new AssertionError();
                }
                Message read = MessageReader.read(this.permanentKey.decrypt(box, this.server.getSessionKey()));
                if (read instanceof NewInitiator) {
                    getLogger().debug("Received new-initiator");
                    handleNewInitiator((NewInitiator) read);
                    return;
                } else if (read instanceof SendError) {
                    getLogger().debug("Received send-error");
                    handleSendError((SendError) read);
                    return;
                } else {
                    if (!(read instanceof Disconnected)) {
                        throw new ProtocolException("Got unexpected server message: " + read.getType());
                    }
                    handleDisconnected((Disconnected) read);
                    return;
                }
            } catch (CryptoFailedException | InvalidKeyException e) {
                e.printStackTrace();
                throw new ProtocolException("Could not decrypt server message");
            }
        }
        if (signalingChannelNonce.getSource() != 1) {
            throw new ProtocolException("Message source is neither the server nor the initiator");
        }
        Message read2 = MessageReader.read(decryptInitiatorMessage(box));
        switch (this.initiator.handshakeState) {
            case KEY_SENT:
                if (!(read2 instanceof Key)) {
                    throw new ProtocolException("Expected key message, but got " + read2.getType());
                }
                getLogger().debug("Received key");
                handleKey((Key) read2);
                sendAuth(signalingChannelNonce);
                return;
            case AUTH_SENT:
                if (!(read2 instanceof InitiatorAuth)) {
                    throw new ProtocolException("Expected auth message, but got " + read2.getType());
                }
                getLogger().debug("Received auth");
                handleAuth((InitiatorAuth) read2, signalingChannelNonce);
                setState(SignalingState.TASK);
                getLogger().info("Peer handshake done");
                this.task.onPeerHandshakeDone();
                return;
            default:
                throw new InternalException("Unknown or invalid initiator handshake state");
        }
    }

    private void handleNewInitiator(NewInitiator newInitiator) throws SignalingException, ConnectionException {
        this.initiator = new Initiator(this.initiator.getPermanentKey());
        this.initiator.setConnected(true);
        initPeerHandshake();
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    void handleSendError(short s) throws SignalingException {
        if (s != 1) {
            throw new ProtocolException("Outgoing c2c messages must have been sent to the initiator");
        }
        this.salty.events.signalingConnectionLost.notifyHandlers(new SignalingConnectionLostEvent(s));
        resetConnection(Integer.valueOf(CloseCode.PROTOCOL_ERROR));
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    @Nullable
    protected Peer getPeer() {
        return this.initiator;
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    @Nullable
    protected byte[] getPeerSessionKey() {
        return this.initiator.getSessionKey();
    }

    @Override // org.saltyrtc.client.signaling.Signaling
    @Nullable
    Peer getPeerWithId(short s) throws SignalingException {
        if (s == 0) {
            return this.server;
        }
        if (s == 1) {
            return this.initiator;
        }
        throw new ProtocolException("Invalid peer id: " + ((int) s));
    }

    static {
        $assertionsDisabled = !ResponderSignaling.class.desiredAssertionStatus();
    }
}
