package pt.unl.fct.di.novasys.channel.secure.auth;

import io.netty.buffer.ByteBuf;
import io.netty.buffer.Unpooled;
import io.netty.util.concurrent.Promise;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.HexFormat;
import java.util.LinkedList;
import java.util.Optional;
import java.util.Queue;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import pt.unl.fct.di.novasys.channel.secure.exceptions.AuthenticationException;
import pt.unl.fct.di.novasys.channel.secure.exceptions.MessageAuthenticationException;
import pt.unl.fct.di.novasys.network.Connection;
import pt.unl.fct.di.novasys.network.ISerializer;
import pt.unl.fct.di.novasys.network.data.Bytes;
import pt.unl.fct.di.novasys.network.data.Host;

/* loaded from: input_file:pt/unl/fct/di/novasys/channel/secure/auth/AuthSession.class */
public class AuthSession<T> {
    private static final Logger logger = LogManager.getLogger(AuthSession.class);
    static final String ID_ATTR = "identity";
    private static final String DEFAULT_MAC_ALG = "HmacSHA256";
    private Connection<AuthenticatedMessage> connection;
    private final ISerializer<T> serializer;
    private final KeyPair dhKeyPair;
    private final String myIdAlias;
    private final Host peerSocket;
    private byte[] peerId;
    private SecretKey sessionKey;
    private byte[] myLastMac;
    private byte[] peerLastMac;
    private Promise<Void> lastMsgPromise;
    private String macAlgorithm = DEFAULT_MAC_ALG;
    private State state = State.CONNECTING;
    private final Queue<T> msgQueue = new LinkedList();

    /* loaded from: input_file:pt/unl/fct/di/novasys/channel/secure/auth/AuthSession$State.class */
    public enum State {
        CONNECTING,
        CONNECTED,
        DISCONNECTING
    }

    private AuthSession(Host host, ISerializer<T> iSerializer, String str, KeyPair keyPair, byte[] bArr) {
        this.peerSocket = host;
        this.serializer = iSerializer;
        this.myIdAlias = str;
        this.dhKeyPair = keyPair;
        this.myLastMac = bArr;
    }

    public static <T> AuthSession<T> startOutSession(Host host, Connection<AuthenticatedMessage> connection, ISerializer<T> iSerializer, String str, KeyPair keyPair, byte[] bArr, Optional<byte[]> optional) {
        AuthSession<T> authSession = new AuthSession<>(host, iSerializer, str, keyPair, bArr);
        optional.ifPresent(bArr2 -> {
            authSession.peerId = bArr2;
        });
        ((AuthSession) authSession).connection = connection;
        return authSession;
    }

    public static <T> AuthSession<T> startInSession(Host host, ISerializer<T> iSerializer, String str, KeyPair keyPair, SecretKey secretKey, byte[] bArr, byte[] bArr2, byte[] bArr3) {
        AuthSession<T> authSession = new AuthSession<>(host, iSerializer, str, keyPair, bArr);
        ((AuthSession) authSession).peerId = bArr2;
        ((AuthSession) authSession).peerLastMac = bArr3;
        ((AuthSession) authSession).sessionKey = secretKey;
        logger.debug("Starting in session with my iv: {}\nand peer iv: {}", Bytes.of(bArr), Bytes.of(bArr3));
        return authSession;
    }

    public void setMacAlgorithm(String str) {
        this.macAlgorithm = str;
    }

    public void completeOutSessionSetup(byte[] bArr, SecretKey secretKey, byte[] bArr2) throws IOException, InvalidKeyException, NoSuchAlgorithmException, AuthenticationException {
        if (this.state != State.CONNECTING) {
            throw new IllegalStateException("Tried to complete a connection that was already completed.");
        }
        if (this.peerId != null && !Arrays.equals(this.peerId, bArr)) {
            throw new AuthenticationException("Expected peer id %s, but got %s".formatted(this.peerId, bArr));
        }
        this.peerId = bArr;
        this.sessionKey = secretKey;
        this.peerLastMac = bArr2;
        logger.debug("Completing out session with my iv: {}\nand peer iv: {}", Bytes.of(this.myLastMac), Bytes.of(bArr2));
    }

    public void completeInSessionSetup(Connection<AuthenticatedMessage> connection) {
        if (this.state != State.CONNECTING) {
            throw new IllegalStateException("Tried to complete a connection that was already completed.");
        }
        this.connection = connection;
    }

    public void setState(State state) {
        this.state = state;
    }

    public void disconect() {
        this.state = State.DISCONNECTING;
        this.connection.disconnect();
    }

    public synchronized void macAndSend(T t, Promise<Void> promise) throws NoSuchAlgorithmException, InvalidKeyException, IOException {
        ByteBuf buffer = Unpooled.buffer();
        this.serializer.serialize(t, buffer);
        while (this.lastMsgPromise != null && !this.lastMsgPromise.isDone()) {
            try {
                this.lastMsgPromise.await();
            } catch (InterruptedException e) {
                e.printStackTrace();
            }
        }
        Mac mac = Mac.getInstance(this.macAlgorithm, AuthChannel.PROVIDER);
        mac.init(this.sessionKey);
        mac.update(buffer.array());
        mac.update(this.myLastMac);
        byte[] doFinal = mac.doFinal();
        this.myLastMac = doFinal;
        this.connection.sendMessage(new AuthenticatedMessage(buffer.array(), doFinal), promise);
    }

    public T receiveMessage(AuthenticatedMessage authenticatedMessage) throws NoSuchAlgorithmException, InvalidKeyException, MessageAuthenticationException, IOException {
        Mac mac = Mac.getInstance(this.macAlgorithm, AuthChannel.PROVIDER);
        mac.init(this.sessionKey);
        mac.update(authenticatedMessage.getData());
        mac.update(this.peerLastMac);
        byte[] doFinal = mac.doFinal();
        if (Arrays.equals(authenticatedMessage.getMac(), doFinal)) {
            this.peerLastMac = doFinal;
            return this.serializer.deserialize(Unpooled.wrappedBuffer(authenticatedMessage.getData()));
        }
        HexFormat of = HexFormat.of();
        throw new MessageAuthenticationException("Expected MAC %s but got %s.".formatted(of.formatHex(doFinal), of.formatHex(authenticatedMessage.getMac())));
    }

    public Connection<AuthenticatedMessage> getConnection() {
        return this.connection;
    }

    public long getConnectionId() {
        return this.connection.getConnectionId();
    }

    public boolean enqueue(T t) {
        return this.msgQueue.add(t);
    }

    public Queue<T> getMsgQueue() {
        return this.msgQueue;
    }

    public State getState() {
        return this.state;
    }

    public KeyPair getDhKeyPair() {
        return this.dhKeyPair;
    }

    public SecretKey getSessionKey() {
        return this.sessionKey;
    }

    public String getMyIdAlias() {
        return this.myIdAlias;
    }

    public byte[] getPeerId() {
        return this.peerId;
    }

    public byte[] getMyLastMac() {
        return this.myLastMac;
    }

    public byte[] getPeerLastMac() {
        return this.peerLastMac;
    }

    public Host getPeerSocket() {
        return this.peerSocket;
    }
}
