package fm.icelink;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.List;
import java.util.Locale;
import org.bouncycastle.crypto.tls.CipherSuite;
import org.bouncycastle.crypto.tls.DTLSTransport;
import org.bouncycastle.crypto.tls.DefaultTlsClient;
import org.bouncycastle.crypto.tls.ExporterLabel;
import org.bouncycastle.crypto.tls.ProtocolVersion;
import org.bouncycastle.crypto.tls.TlsAuthentication;
import org.bouncycastle.crypto.tls.TlsExtensionsUtils;
import org.bouncycastle.crypto.tls.TlsFatalAlert;
import org.bouncycastle.crypto.tls.TlsSRTPUtils;
import org.bouncycastle.crypto.tls.TlsSession;
import org.bouncycastle.crypto.tls.UseSRTPData;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class DtlsClient extends DefaultTlsClient {
    private DtlsCertificate certificate;
    private boolean closed;
    private DTLSTransport connection;
    private IAction1<DataBuffer> onDataDecrypted;
    private IAction1<Exception> onError;
    private IAction1<DtlsCertificate> onRemoteCertificate;
    private DtlsCipherSuite[] preferredCipherSuites;
    private DtlsClientProtocol protocol;
    private byte[] receiveBuffer;
    public String remoteFingerprint;
    public String remoteFingerprintAlgorithm;
    private int selectedSrtpProtectionProfile;
    private int[] supportedSrtpProtectionProfiles;
    private DtlsUdpTransport transport;
    private DtlsProtocolVersion version;
    private List<DtlsMessage> handshakeFlight = new ArrayList();
    private TlsSession session = null;
    private Object connectionLock = new Object();

    public DtlsClient(DtlsCertificate dtlsCertificate, DtlsCipherSuite[] dtlsCipherSuiteArr, DtlsProtocolVersion dtlsProtocolVersion, DtlsFingerprint dtlsFingerprint, int[] iArr, IAction1<DtlsCertificate> iAction1) {
        this.certificate = dtlsCertificate;
        this.preferredCipherSuites = dtlsCipherSuiteArr;
        this.version = dtlsProtocolVersion;
        this.remoteFingerprintAlgorithm = dtlsFingerprint.getAlgorithm();
        this.remoteFingerprint = dtlsFingerprint.getValue();
        this.supportedSrtpProtectionProfiles = iArr;
        this.onRemoteCertificate = iAction1;
    }

    private static int convertCipherSuite(DtlsCipherSuite dtlsCipherSuite) {
        if (dtlsCipherSuite == DtlsCipherSuite.Aes128Sha) {
            return 47;
        }
        if (dtlsCipherSuite == DtlsCipherSuite.DhRsaAes128Sha) {
            return 49;
        }
        if (dtlsCipherSuite == DtlsCipherSuite.EcdhRsaAes128Sha) {
            return CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA;
        }
        if (dtlsCipherSuite == DtlsCipherSuite.DheRsaAes128Sha) {
            return 51;
        }
        if (dtlsCipherSuite == DtlsCipherSuite.EcdheRsaAes128Sha) {
            return CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA;
        }
        if (dtlsCipherSuite == DtlsCipherSuite.EcdheEcdsaAes128Sha) {
            return CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA;
        }
        if (dtlsCipherSuite == DtlsCipherSuite.Aes128GcmSha256) {
            return 156;
        }
        if (dtlsCipherSuite == DtlsCipherSuite.DhRsaAes128GcmSha256) {
            return 160;
        }
        if (dtlsCipherSuite == DtlsCipherSuite.EcdhRsaAes128GcmSha256) {
            return CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256;
        }
        if (dtlsCipherSuite == DtlsCipherSuite.DheRsaAes128GcmSha256) {
            return 158;
        }
        if (dtlsCipherSuite == DtlsCipherSuite.EcdheRsaAes128GcmSha256) {
            return CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256;
        }
        if (dtlsCipherSuite == DtlsCipherSuite.EcdheEcdsaAes128GcmSha256) {
            return CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256;
        }
        return -1;
    }

    private void processReceived() {
        if (this.connection == null || this.receiveBuffer == null) {
            return;
        }
        int i = 0;
        while (i != -1) {
            try {
                i = this.connection.receive(this.receiveBuffer, 0, this.receiveBuffer.length, 0);
                if (i > 0) {
                    this.onDataDecrypted.invoke(DataBuffer.wrap(this.receiveBuffer, 0, i));
                }
            } catch (Exception e) {
                IAction1<Exception> iAction1 = this.onError;
                if (iAction1 != null) {
                    iAction1.invoke(new Exception(String.format("DTLS client could not process incoming message.", e.getMessage())));
                    return;
                }
                return;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sendHandshakeFlight(IAction1<DataBuffer> iAction1) {
        DataBuffer raw = this.handshakeFlight.get(0).getRaw();
        for (int i = 1; i < this.handshakeFlight.size(); i++) {
            raw.append(this.handshakeFlight.get(i).getRaw());
        }
        this.handshakeFlight.clear();
        iAction1.invoke(raw);
    }

    private boolean validateSelectedSrtpProtectionProfile() {
        for (int i : this.supportedSrtpProtectionProfiles) {
            if (this.selectedSrtpProtectionProfile == i) {
                return true;
            }
        }
        return false;
    }

    public void close() {
        if (this.connection != null) {
            try {
                this.connection.close();
            } catch (Exception e) {
            }
            this.connection = null;
        }
        if (this.protocol != null) {
            try {
                this.protocol.cancel();
            } catch (Exception e2) {
            }
            this.protocol = null;
        }
        if (this.transport != null) {
            try {
                this.transport.close();
            } catch (Exception e3) {
            }
            this.transport = null;
        }
        this.closed = true;
    }

    @Override // org.bouncycastle.crypto.tls.TlsClient
    public TlsAuthentication getAuthentication() {
        return new DtlsClientAuthentication(this.context, this.certificate, this.remoteFingerprintAlgorithm, this.remoteFingerprint, this.onRemoteCertificate);
    }

    public DtlsCertificate getCertificate() {
        return this.certificate;
    }

    @Override // org.bouncycastle.crypto.tls.DefaultTlsClient, org.bouncycastle.crypto.tls.TlsClient
    public int[] getCipherSuites() {
        int length = getPreferredCipherSuites().length;
        int[] iArr = new int[length];
        for (int i = 0; i < length; i++) {
            iArr[i] = convertCipherSuite(getPreferredCipherSuites()[i]);
        }
        return iArr;
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsClient, org.bouncycastle.crypto.tls.TlsClient
    public Hashtable getClientExtensions() throws IOException {
        Hashtable ensureExtensionsInitialised = TlsExtensionsUtils.ensureExtensionsInitialised(super.getClientExtensions());
        if (this.supportedSrtpProtectionProfiles != null) {
            TlsSRTPUtils.addUseSRTPExtension(ensureExtensionsInitialised, new UseSRTPData(this.supportedSrtpProtectionProfiles, null));
        }
        return ensureExtensionsInitialised;
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsClient, org.bouncycastle.crypto.tls.TlsClient
    public ProtocolVersion getClientVersion() {
        return this.version == DtlsProtocolVersion.Dtls12 ? ProtocolVersion.DTLSv12 : ProtocolVersion.DTLSv10;
    }

    public boolean getClosed() {
        return this.closed;
    }

    public byte[] getKeyingMaterial() {
        return this.context.exportKeyingMaterial(ExporterLabel.dtls_srtp, null, 60);
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsClient
    public ProtocolVersion getMinimumVersion() {
        return ProtocolVersion.DTLSv10;
    }

    public IAction1<DtlsCertificate> getOnRemoteCertificate() {
        return this.onRemoteCertificate;
    }

    public DtlsCipherSuite[] getPreferredCipherSuites() {
        return this.preferredCipherSuites;
    }

    public String getRemoteFingerprint() {
        return this.remoteFingerprint;
    }

    public String getRemoteFingerprintAlgorithm() {
        return this.remoteFingerprintAlgorithm;
    }

    public int getSelectedSrtpProtectionProfile() {
        return this.selectedSrtpProtectionProfile;
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsClient, org.bouncycastle.crypto.tls.TlsClient
    public TlsSession getSessionToResume() {
        return this.session;
    }

    public int[] getSupportedSrtpProtectionProfiles() {
        return this.supportedSrtpProtectionProfiles;
    }

    public DtlsProtocolVersion getVersion() {
        return this.version;
    }

    public void notifyAlertRaised(byte b, byte b2, String str, Exception exc) {
        IAction1<Exception> iAction1;
        if (this.closed) {
            return;
        }
        boolean z = false;
        if (exc != null) {
            String.format(", Inner exception: %s", exc.getMessage());
        }
        String format = String.format(Locale.getDefault(), "DTLS client raised alert. (Level: %s, Description: %s, Message: '%s')", String.valueOf((int) b), String.valueOf((int) b2), str);
        if (b == 1) {
            if (b2 == 0) {
                format = "Local DTLS client closed connection.";
                if (exc == null) {
                    Log.debug("Local DTLS client closed connection.");
                } else {
                    Log.debug("Local DTLS client closed connection.", exc);
                }
                z = false;
            } else if (exc == null) {
                Log.warn(format);
            } else {
                Log.warn(format, exc);
            }
        } else if (b == 2) {
            z = true;
        } else if (exc == null) {
            Log.debug(format);
        } else {
            Log.debug(format, exc);
        }
        if (!z || (iAction1 = this.onError) == null) {
            return;
        }
        iAction1.invoke(new Exception(format));
    }

    public void notifyAlertReceived(byte b, byte b2) {
        IAction1<Exception> iAction1;
        if (this.closed) {
            return;
        }
        boolean z = false;
        String format = String.format(Locale.getDefault(), "DTLS client received alert. (Level: %s, Description: %s)", String.valueOf((int) b), String.valueOf((int) b2));
        if (b == 1) {
            if (b2 == 0) {
                format = "Remote DTLS server closed connection.";
                z = true;
            } else {
                Log.warn(format);
            }
        } else if (b == 2) {
            Log.error(format);
            z = false;
        } else {
            Log.debug(format);
        }
        if (!z || (iAction1 = this.onError) == null) {
            return;
        }
        iAction1.invoke(new Exception(format));
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsPeer, org.bouncycastle.crypto.tls.TlsPeer
    public void notifyHandshakeComplete() throws IOException {
        super.notifyHandshakeComplete();
        TlsSession resumableSession = this.context.getResumableSession();
        if (resumableSession != null) {
            byte[] sessionID = resumableSession.getSessionID();
            String hexString = BitAssistant.getHexString(sessionID);
            if (this.session == null || !BitAssistant.sequencesAreEqual(this.session.getSessionID(), sessionID)) {
                Log.debug(String.format(Locale.getDefault(), "Established DTLS session: %s.", hexString));
            } else {
                Log.debug(String.format(Locale.getDefault(), "Resumed DTLS session: %s.", hexString));
            }
            this.session = resumableSession;
        }
    }

    public Error open(final IAction1<DataBuffer> iAction1) {
        try {
            this.protocol = new DtlsClientProtocol();
            this.transport = new DtlsUdpTransport(new IAction1<byte[]>() { // from class: fm.icelink.DtlsClient.1
                @Override // fm.icelink.IAction1
                public void invoke(byte[] bArr) {
                    if (DtlsClient.this.getClosed()) {
                        return;
                    }
                    if (DtlsClient.this.connection != null) {
                        iAction1.invoke(DataBuffer.wrap(bArr));
                        return;
                    }
                    Log.debug(String.format(Locale.getDefault(), "Sending DTLS packet (%d bytes).", Integer.valueOf(bArr.length)));
                    DtlsMessage[] parseMultiple = DtlsMessage.parseMultiple(DataBuffer.wrap(bArr));
                    if (parseMultiple != null) {
                        for (DtlsMessage dtlsMessage : parseMultiple) {
                            DtlsClient.this.handshakeFlight.add(dtlsMessage);
                        }
                    }
                    if (DtlsClient.this.handshakeFlight.size() >= 1) {
                        DtlsMessage dtlsMessage2 = (DtlsMessage) DtlsClient.this.handshakeFlight.get(DtlsClient.this.handshakeFlight.size() - 1);
                        if (dtlsMessage2.getContentType() == DtlsContentType.getHandshake() && dtlsMessage2.getHandshakeType() == DtlsHandshakeType.getClientHello()) {
                            DtlsClient.this.sendHandshakeFlight(iAction1);
                        } else if (DtlsClient.this.handshakeFlight.size() >= 2 && ((DtlsMessage) DtlsClient.this.handshakeFlight.get(DtlsClient.this.handshakeFlight.size() - 2)).getContentType() == DtlsContentType.getChangeCipherSpec() && dtlsMessage2.getContentType() == DtlsContentType.getHandshake()) {
                            DtlsClient.this.sendHandshakeFlight(iAction1);
                        }
                    }
                }
            });
            this.connection = this.protocol.connect(this, this.transport);
            synchronized (this.connectionLock) {
                this.receiveBuffer = new byte[this.connection.getReceiveLimit()];
                processReceived();
            }
            if (!this.closed) {
                return null;
            }
            Error error = new Error(ErrorCode.DtlsKeyExchangeFailed);
            error.setException(new Exception("Could not connect to DTLS server."));
            return error;
        } catch (Exception e) {
            Error error2 = new Error(ErrorCode.DtlsKeyExchangeFailed);
            error2.setException(e);
            return error2;
        }
    }

    @Override // org.bouncycastle.crypto.tls.AbstractTlsClient, org.bouncycastle.crypto.tls.TlsClient
    public void processServerExtensions(Hashtable hashtable) throws IOException {
        UseSRTPData useSRTPExtension;
        super.processServerExtensions(hashtable);
        if (hashtable == null || this.supportedSrtpProtectionProfiles == null || (useSRTPExtension = TlsSRTPUtils.getUseSRTPExtension(hashtable)) == null) {
            return;
        }
        if (useSRTPExtension.getProtectionProfiles() == null || useSRTPExtension.getProtectionProfiles().length == 0) {
            throw new TlsFatalAlert((short) 50);
        }
        this.selectedSrtpProtectionProfile = useSRTPExtension.getProtectionProfiles()[0];
        if (!validateSelectedSrtpProtectionProfile()) {
            throw new TlsFatalAlert((short) 47);
        }
    }

    public void receive(DataBuffer dataBuffer) {
        if (this.connection == null) {
            Log.debug(String.format(Locale.getDefault(), "Received DTLS packet (%d bytes).", Integer.valueOf(dataBuffer.getLength())));
        }
        synchronized (this.connectionLock) {
            if (this.transport != null) {
                this.transport.push(dataBuffer);
            }
            processReceived();
        }
    }

    public void send(DataBuffer dataBuffer) {
        if (this.connection != null) {
            try {
                this.connection.send(dataBuffer.getData(), dataBuffer.getIndex(), dataBuffer.getLength());
            } catch (Exception e) {
                IAction1<Exception> iAction1 = this.onError;
                if (iAction1 != null) {
                    iAction1.invoke(new Exception(String.format("DTLS client could not process outgoing message.", e.getMessage())));
                }
            }
        }
    }

    public void setOnDataDecrypted(IAction1<DataBuffer> iAction1) {
        this.onDataDecrypted = iAction1;
    }

    public void setOnError(IAction1<Exception> iAction1) {
        this.onError = iAction1;
    }
}
