package net.i2p.router.transport.udp;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.util.Queue;
import java.util.concurrent.LinkedBlockingQueue;
import net.i2p.crypto.SigType;
import net.i2p.data.Base64;
import net.i2p.data.ByteArray;
import net.i2p.data.DataFormatException;
import net.i2p.data.DataHelper;
import net.i2p.data.Hash;
import net.i2p.data.SessionKey;
import net.i2p.data.Signature;
import net.i2p.data.router.RouterIdentity;
import net.i2p.router.OutNetMessage;
import net.i2p.router.RouterContext;
import net.i2p.router.transport.crypto.DHSessionKeyBuilder;
import net.i2p.router.transport.udp.UDPPacketReader;
import net.i2p.util.Addresses;
import net.i2p.util.Log;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class InboundEstablishState {
    protected static final long MAX_DELAY = 12000;
    protected static final long RETRANSMIT_DELAY = 1000;
    protected final byte[] _aliceIP;
    protected final int _alicePort;
    protected byte[] _bobIP;
    protected final int _bobPort;
    protected final RouterContext _context;
    protected int _createdSentCount;
    protected InboundState _currentState;
    protected final long _establishBegin;
    protected boolean _introductionRequested;
    private final DHSessionKeyBuilder _keyBuilder;
    protected long _lastSend;
    protected final Log _log;
    private SessionKey _macKey;
    protected long _nextSend;
    private final Queue<OutNetMessage> _queuedMessages;
    protected RouterIdentity _receivedConfirmedIdentity;
    private byte[][] _receivedIdentity;
    private byte[] _receivedSignature;
    private long _receivedSignedOnTime;
    protected RouterIdentity _receivedUnconfirmedIdentity;
    private byte[] _receivedX;
    protected final RemoteHostId _remoteHostId;
    protected int _rtt;
    protected long _sentRelayTag;
    private Signature _sentSignature;
    private long _sentSignedOnTime;
    private byte[] _sentY;
    private SessionKey _sessionKey;
    private boolean _verificationAttempted;

    /* loaded from: classes.dex */
    public enum InboundState {
        IB_STATE_UNKNOWN,
        IB_STATE_REQUEST_RECEIVED,
        IB_STATE_CREATED_SENT,
        IB_STATE_CONFIRMED_PARTIALLY,
        IB_STATE_CONFIRMED_COMPLETELY,
        IB_STATE_FAILED,
        IB_STATE_COMPLETE,
        IB_STATE_TOKEN_REQUEST_RECEIVED,
        IB_STATE_REQUEST_BAD_TOKEN_RECEIVED,
        IB_STATE_RETRY_SENT
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public InboundEstablishState(RouterContext routerContext, InetSocketAddress inetSocketAddress) {
        this._context = routerContext;
        this._log = routerContext.logManager().getLog(getClass());
        byte[] address = inetSocketAddress.getAddress().getAddress();
        this._aliceIP = address;
        int port = inetSocketAddress.getPort();
        this._alicePort = port;
        this._remoteHostId = new RemoteHostId(address, port);
        this._bobPort = 0;
        this._currentState = InboundState.IB_STATE_UNKNOWN;
        this._establishBegin = routerContext.clock().now();
        this._keyBuilder = null;
        this._queuedMessages = new LinkedBlockingQueue();
    }

    public InboundEstablishState(RouterContext routerContext, byte[] bArr, int i, int i2, DHSessionKeyBuilder dHSessionKeyBuilder, UDPPacketReader.SessionRequestReader sessionRequestReader) {
        this._context = routerContext;
        this._log = routerContext.logManager().getLog(InboundEstablishState.class);
        this._aliceIP = bArr;
        this._alicePort = i;
        this._remoteHostId = new RemoteHostId(bArr, i);
        this._bobPort = i2;
        this._currentState = InboundState.IB_STATE_UNKNOWN;
        this._establishBegin = routerContext.clock().now();
        this._keyBuilder = dHSessionKeyBuilder;
        this._queuedMessages = new LinkedBlockingQueue();
        this._introductionRequested = true;
        receiveSessionRequest(sessionRequestReader);
    }

    private void buildIdentity() {
        byte[] bArr;
        if (this._receivedUnconfirmedIdentity != null) {
            return;
        }
        byte[][] bArr2 = this._receivedIdentity;
        if (bArr2.length > 1) {
            int i = 0;
            int i2 = 0;
            while (true) {
                byte[][] bArr3 = this._receivedIdentity;
                if (i >= bArr3.length) {
                    break;
                }
                i2 += bArr3[i].length;
                i++;
            }
            bArr = new byte[i2];
            int i3 = 0;
            int i4 = 0;
            while (true) {
                byte[][] bArr4 = this._receivedIdentity;
                if (i3 >= bArr4.length) {
                    break;
                }
                byte[] bArr5 = bArr4[i3];
                int length = bArr5.length;
                System.arraycopy(bArr5, 0, bArr, i4, length);
                i4 += length;
                i3++;
            }
        } else {
            bArr = bArr2[0];
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        RouterIdentity routerIdentity = new RouterIdentity();
        try {
            routerIdentity.readBytes(byteArrayInputStream);
            this._receivedUnconfirmedIdentity = routerIdentity;
        } catch (IOException e) {
            if (this._log.shouldLog(30)) {
                this._log.warn("Improperly formatted yet fully received ident", e);
            }
        } catch (DataFormatException e2) {
            if (this._log.shouldLog(30)) {
                this._log.warn("Improperly formatted yet fully received ident", e2);
            }
        }
    }

    private void signSessionCreated() {
        byte[] bArr = new byte[this._aliceIP.length + 512 + 2 + this._bobIP.length + 2 + 4 + 4];
        this._sentSignedOnTime = this._context.clock().now() / RETRANSMIT_DELAY;
        byte[] bArr2 = this._receivedX;
        System.arraycopy(bArr2, 0, bArr, 0, bArr2.length);
        int length = this._receivedX.length + 0;
        getSentY();
        byte[] bArr3 = this._sentY;
        System.arraycopy(bArr3, 0, bArr, length, bArr3.length);
        int length2 = length + this._sentY.length;
        byte[] bArr4 = this._aliceIP;
        System.arraycopy(bArr4, 0, bArr, length2, bArr4.length);
        int length3 = length2 + this._aliceIP.length;
        DataHelper.toLong(bArr, length3, 2, this._alicePort);
        int i = length3 + 2;
        byte[] bArr5 = this._bobIP;
        System.arraycopy(bArr5, 0, bArr, i, bArr5.length);
        int length4 = i + this._bobIP.length;
        DataHelper.toLong(bArr, length4, 2, this._bobPort);
        int i2 = length4 + 2;
        DataHelper.toLong(bArr, i2, 4, this._sentRelayTag);
        DataHelper.toLong(bArr, i2 + 4, 4, this._sentSignedOnTime);
        this._sentSignature = this._context.dsa().sign(bArr, this._context.keyManager().getSigningPrivateKey());
        if (this._log.shouldLog(10)) {
            StringBuilder sb = new StringBuilder(128);
            sb.append("Signing sessionCreated:");
            sb.append(" Alice: ");
            sb.append(Addresses.toString(this._aliceIP, this._alicePort));
            sb.append(" Bob: ");
            sb.append(Addresses.toString(this._bobIP, this._bobPort));
            sb.append(" RelayTag: ");
            sb.append(this._sentRelayTag);
            sb.append(" SignedOn: ");
            sb.append(this._sentSignedOnTime);
            sb.append(" signature: ");
            sb.append(Base64.encode(this._sentSignature.getData()));
            this._log.debug(sb.toString());
        }
    }

    private void verifyIdentity() {
        if (this._receivedUnconfirmedIdentity == null || this._receivedSignature == null) {
            return;
        }
        byte[] bArr = new byte[this._aliceIP.length + 512 + 2 + this._bobIP.length + 2 + 4 + 4];
        byte[] bArr2 = this._receivedX;
        System.arraycopy(bArr2, 0, bArr, 0, bArr2.length);
        int length = this._receivedX.length + 0;
        getSentY();
        byte[] bArr3 = this._sentY;
        System.arraycopy(bArr3, 0, bArr, length, bArr3.length);
        int length2 = length + this._sentY.length;
        byte[] bArr4 = this._aliceIP;
        System.arraycopy(bArr4, 0, bArr, length2, bArr4.length);
        int length3 = length2 + this._aliceIP.length;
        DataHelper.toLong(bArr, length3, 2, this._alicePort);
        int i = length3 + 2;
        byte[] bArr5 = this._bobIP;
        System.arraycopy(bArr5, 0, bArr, i, bArr5.length);
        int length4 = i + this._bobIP.length;
        DataHelper.toLong(bArr, length4, 2, this._bobPort);
        int i2 = length4 + 2;
        DataHelper.toLong(bArr, i2, 4, this._sentRelayTag);
        DataHelper.toLong(bArr, i2 + 4, 4, this._receivedSignedOnTime);
        if (this._context.dsa().verifySignature(new Signature(this._receivedUnconfirmedIdentity.getSigType(), this._receivedSignature), bArr, this._receivedUnconfirmedIdentity.getSigningPublicKey())) {
            this._receivedConfirmedIdentity = this._receivedUnconfirmedIdentity;
            return;
        }
        if (this._log.shouldLog(30)) {
            this._log.warn("Signature failed from " + this._receivedUnconfirmedIdentity + "\non: " + this);
        }
        this._context.blocklist().add(this._aliceIP);
    }

    public void addMessage(OutNetMessage outNetMessage) {
        if (!this._queuedMessages.contains(outNetMessage)) {
            this._queuedMessages.offer(outNetMessage);
            return;
        }
        if (this._log.shouldLog(30)) {
            this._log.warn("attempt to add duplicate msg to queue: " + outNetMessage);
        }
    }

    public synchronized void complete() {
        this._currentState = InboundState.IB_STATE_COMPLETE;
    }

    protected boolean confirmedFullyReceived() {
        if (this._receivedIdentity == null) {
            return false;
        }
        int i = 0;
        while (true) {
            byte[][] bArr = this._receivedIdentity;
            if (i >= bArr.length) {
                return true;
            }
            if (bArr[i] == null) {
                return false;
            }
            i++;
        }
    }

    public synchronized void createdPacketSent() {
        this._lastSend = this._context.clock().now();
        int i = this._createdSentCount;
        long j = RETRANSMIT_DELAY;
        if (i != 0) {
            j = Math.min(RETRANSMIT_DELAY << i, MAX_DELAY);
        }
        this._createdSentCount++;
        this._nextSend = this._lastSend + j;
        InboundState inboundState = this._currentState;
        if (inboundState == InboundState.IB_STATE_UNKNOWN || inboundState == InboundState.IB_STATE_REQUEST_RECEIVED) {
            this._currentState = InboundState.IB_STATE_CREATED_SENT;
        }
    }

    public synchronized void fail() {
        this._currentState = InboundState.IB_STATE_FAILED;
    }

    public synchronized void generateSessionKey() throws DHSessionKeyBuilder.InvalidPublicParameterException {
        if (this._sessionKey != null) {
            return;
        }
        try {
            this._keyBuilder.setPeerPublicValue(this._receivedX);
            this._sessionKey = this._keyBuilder.getSessionKey();
            ByteArray extraBytes = this._keyBuilder.getExtraBytes();
            this._macKey = new SessionKey(new byte[32]);
            System.arraycopy(extraBytes.getData(), 0, this._macKey.getData(), 0, 32);
            if (this._log.shouldLog(10)) {
                this._log.debug("Established inbound keys.  cipher: " + Base64.encode(this._sessionKey.getData()) + " mac: " + Base64.encode(this._macKey.getData()));
            }
        } catch (IllegalStateException e) {
            throw new DHSessionKeyBuilder.InvalidPublicParameterException("reused keys?", e);
        }
    }

    public synchronized SessionKey getCipherKey() {
        return this._sessionKey;
    }

    public synchronized RouterIdentity getConfirmedIdentity() {
        if (!this._verificationAttempted) {
            verifyIdentity();
            this._verificationAttempted = true;
        }
        return this._receivedConfirmedIdentity;
    }

    public long getEstablishBeginTime() {
        return this._establishBegin;
    }

    public long getLifetime() {
        return getLifetime(this._context.clock().now());
    }

    public long getLifetime(long j) {
        return j - this._establishBegin;
    }

    public synchronized SessionKey getMACKey() {
        return this._macKey;
    }

    public OutNetMessage getNextQueuedMessage() {
        return this._queuedMessages.poll();
    }

    public synchronized long getNextSendTime() {
        return this._nextSend;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized int getRTT() {
        return this._rtt;
    }

    public synchronized byte[] getReceivedOurIP() {
        return this._bobIP;
    }

    public synchronized byte[] getReceivedX() {
        return this._receivedX;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RemoteHostId getRemoteHostId() {
        return this._remoteHostId;
    }

    public byte[] getSentIP() {
        return this._aliceIP;
    }

    public int getSentPort() {
        return this._alicePort;
    }

    public synchronized long getSentRelayTag() {
        return this._sentRelayTag;
    }

    public synchronized Signature getSentSignature() {
        return this._sentSignature;
    }

    public synchronized long getSentSignedOnTime() {
        return this._sentSignedOnTime;
    }

    public synchronized byte[] getSentY() {
        if (this._sentY == null) {
            this._sentY = this._keyBuilder.getMyPublicValueBytes();
        }
        return this._sentY;
    }

    public synchronized InboundState getState() {
        return this._currentState;
    }

    public int getVersion() {
        return 1;
    }

    public synchronized boolean isComplete() {
        boolean z;
        InboundState inboundState = this._currentState;
        if (inboundState != InboundState.IB_STATE_COMPLETE) {
            z = inboundState == InboundState.IB_STATE_FAILED;
        }
        return z;
    }

    public synchronized boolean isIntroductionRequested() {
        return this._introductionRequested;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void packetReceived() {
        this._nextSend = this._context.clock().now();
    }

    public synchronized void prepareSessionCreated() {
        if (this._sentSignature == null) {
            signSessionCreated();
        }
    }

    public synchronized void receiveSessionConfirmed(UDPPacketReader.SessionConfirmedReader sessionConfirmedReader) {
        if (this._receivedIdentity == null) {
            this._receivedIdentity = new byte[sessionConfirmedReader.readTotalFragmentNum()];
        }
        int readCurrentFragmentNum = sessionConfirmedReader.readCurrentFragmentNum();
        byte[][] bArr = this._receivedIdentity;
        if (readCurrentFragmentNum >= bArr.length) {
            fail();
            packetReceived();
            return;
        }
        if (bArr[readCurrentFragmentNum] == null) {
            byte[] bArr2 = new byte[sessionConfirmedReader.readCurrentFragmentSize()];
            sessionConfirmedReader.readFragmentData(bArr2, 0);
            this._receivedIdentity[readCurrentFragmentNum] = bArr2;
        }
        if (readCurrentFragmentNum == this._receivedIdentity.length - 1) {
            this._receivedSignedOnTime = sessionConfirmedReader.readFinalFragmentSignedOnTime();
            buildIdentity();
            RouterIdentity routerIdentity = this._receivedUnconfirmedIdentity;
            if (routerIdentity != null) {
                SigType type = routerIdentity.getSigningPublicKey().getType();
                if (type != null) {
                    int sigLen = type.getSigLen();
                    if (this._receivedSignature == null) {
                        this._receivedSignature = new byte[sigLen];
                    }
                    sessionConfirmedReader.readFinalSignature(this._receivedSignature, 0, sigLen);
                } else {
                    if (this._log.shouldLog(30)) {
                        this._log.warn("Unsupported sig type from: " + toString());
                    }
                    this._context.banlist().banlistRouterForever(this._receivedUnconfirmedIdentity.calculateHash(), "Unsupported signature type");
                    fail();
                }
                Hash calculateHash = this._receivedUnconfirmedIdentity.calculateHash();
                if (this._context.banlist().isBanlistedForever(calculateHash)) {
                    if (getConfirmedIdentity() != null) {
                        this._context.blocklist().add(this._aliceIP);
                    }
                    if (this._log.shouldLog(30)) {
                        this._log.warn("Router is banned: " + calculateHash.toBase64() + " on " + this);
                    }
                    fail();
                }
            } else {
                if (this._log.shouldLog(30)) {
                    this._log.warn("Bad ident from: " + toString());
                }
                fail();
            }
        }
        InboundState inboundState = this._currentState;
        if (inboundState == InboundState.IB_STATE_UNKNOWN || inboundState == InboundState.IB_STATE_REQUEST_RECEIVED || inboundState == InboundState.IB_STATE_CREATED_SENT) {
            if (confirmedFullyReceived()) {
                this._currentState = InboundState.IB_STATE_CONFIRMED_COMPLETELY;
            } else {
                this._currentState = InboundState.IB_STATE_CONFIRMED_PARTIALLY;
            }
        }
        if (this._createdSentCount == 1) {
            this._rtt = (int) (this._context.clock().now() - this._lastSend);
        }
        packetReceived();
    }

    public synchronized void receiveSessionRequest(UDPPacketReader.SessionRequestReader sessionRequestReader) {
        if (this._receivedX == null) {
            this._receivedX = new byte[256];
        }
        sessionRequestReader.readX(this._receivedX, 0);
        if (this._bobIP == null) {
            this._bobIP = new byte[sessionRequestReader.readIPSize()];
        }
        sessionRequestReader.readIP(this._bobIP, 0);
        byte[] readExtendedOptions = sessionRequestReader.readExtendedOptions();
        if (readExtendedOptions != null && readExtendedOptions.length >= 2) {
            this._introductionRequested = (readExtendedOptions[1] & 1) != 0;
            if (this._log.shouldInfo()) {
                this._log.info("got sess req. w/ ext. options, need intro? " + this._introductionRequested + ' ' + this);
            }
        }
        if (this._log.shouldLog(10)) {
            this._log.debug("Receive sessionRequest, BobIP = " + Addresses.toString(this._bobIP));
        }
        if (this._currentState == InboundState.IB_STATE_UNKNOWN) {
            this._currentState = InboundState.IB_STATE_REQUEST_RECEIVED;
        }
        packetReceived();
    }

    public synchronized boolean sessionRequestReceived() {
        return this._receivedX != null;
    }

    public synchronized void setSentRelayTag(long j) {
        this._sentRelayTag = j;
    }

    public String toString() {
        StringBuilder sb = new StringBuilder(128);
        sb.append("IES ");
        sb.append(Addresses.toString(this._aliceIP, this._alicePort));
        sb.append(" lifetime: ");
        sb.append(DataHelper.formatDuration(getLifetime()));
        if (this._sentRelayTag > 0) {
            sb.append(" RelayTag: ");
            sb.append(this._sentRelayTag);
        }
        sb.append(' ');
        sb.append(this._currentState);
        return sb.toString();
    }
}
