package com.biglybt.pifimpl.local.utils.security;

import com.biglybt.core.Core;
import com.biglybt.core.logging.LogEvent;
import com.biglybt.core.logging.LogIDs;
import com.biglybt.core.logging.Logger;
import com.biglybt.core.security.CryptoManagerException;
import com.biglybt.core.security.CryptoSTSEngine;
import com.biglybt.core.util.AESemaphore;
import com.biglybt.core.util.AEThread2;
import com.biglybt.core.util.AddressUtils;
import com.biglybt.core.util.CopyOnWriteList;
import com.biglybt.core.util.Debug;
import com.biglybt.core.util.DirectByteBuffer;
import com.biglybt.core.util.SimpleTimer;
import com.biglybt.core.util.SystemTime;
import com.biglybt.core.util.TimerEvent;
import com.biglybt.core.util.TimerEventPerformer;
import com.biglybt.core.util.bloom.BloomFilter;
import com.biglybt.core.util.bloom.BloomFilterFactory;
import com.biglybt.pif.messaging.MessageException;
import com.biglybt.pif.messaging.generic.GenericMessageConnection;
import com.biglybt.pif.messaging.generic.GenericMessageConnectionListener;
import com.biglybt.pif.messaging.generic.GenericMessageEndpoint;
import com.biglybt.pif.network.RateLimiter;
import com.biglybt.pif.utils.PooledByteBuffer;
import com.biglybt.pif.utils.security.SEPublicKey;
import com.biglybt.pif.utils.security.SEPublicKeyLocator;
import com.biglybt.pifimpl.local.messaging.GenericMessageConnectionImpl;
import com.biglybt.pifimpl.local.messaging.GenericMessageConnectionIndirect;
import com.biglybt.pifimpl.local.utils.PooledByteBufferImpl;
import com.biglybt.ui.webplugin.WebPlugin;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.List;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class SESTSConnectionImpl implements GenericMessageConnection {
    private static final int BLOOM_INCREASE = 500;
    private static final int BLOOM_RECREATE = 30000;
    private static final int CRYPTO_SETUP_TIMEOUT = 60000;
    private static BloomFilter generate_bloom;
    private static long generate_bloom_create_time;
    private static long last_incoming_sts_create;
    private int block_crypto;
    private GenericMessageConnectionImpl connection;
    private Core core;
    private volatile boolean failed;
    private Cipher incoming_cipher;
    private SEPublicKeyLocator key_locator;
    private SEPublicKey my_public_key;
    private Cipher outgoing_cipher;
    private PooledByteBuffer pending_message;
    private String reason;
    private boolean sent_auth;
    private boolean sent_keys;
    private CryptoSTSEngine sts_engine;
    private static final LogIDs LOGID = LogIDs.bpA;
    private static final byte[] AES_IV1 = {21, -32, 107, 126, -104, 89, -28, -89, 52, 102, -83, 72, 53, -30, -48, 36};
    private static final byte[] AES_IV2 = {-60, -17, 6, 60, -104, 35, -24, -76, 38, 88, -82, -71, 44, 36, -74, 17};
    private static List connections = new ArrayList();
    private final int AES_KEY_SIZE_BYTES = AES_IV1.length;
    private CopyOnWriteList listeners = new CopyOnWriteList();
    private AESemaphore crypto_complete = new AESemaphore("SESTSConnection:send");
    private long create_time = SystemTime.akj();

    static {
        SimpleTimer.b("SESTSConnectionTimer", 15000L, new TimerEventPerformer() { // from class: com.biglybt.pifimpl.local.utils.security.SESTSConnectionImpl.1
            @Override // com.biglybt.core.util.TimerEventPerformer
            public void perform(TimerEvent timerEvent) {
                ArrayList arrayList = new ArrayList();
                synchronized (SESTSConnectionImpl.connections) {
                    for (int i2 = 0; i2 < SESTSConnectionImpl.connections.size(); i2++) {
                        SESTSConnectionImpl sESTSConnectionImpl = (SESTSConnectionImpl) SESTSConnectionImpl.connections.get(i2);
                        if (!sESTSConnectionImpl.crypto_complete.aij()) {
                            long akj = SystemTime.akj();
                            if (sESTSConnectionImpl.create_time > akj) {
                                sESTSConnectionImpl.create_time = akj;
                            } else {
                                if (akj - sESTSConnectionImpl.create_time > sESTSConnectionImpl.getConnectMethodCount() * 60000) {
                                    arrayList.add(sESTSConnectionImpl);
                                }
                            }
                        }
                    }
                }
                for (int i3 = 0; i3 < arrayList.size(); i3++) {
                    ((SESTSConnectionImpl) arrayList.get(i3)).reportFailed(new Exception("Timeout during crypto setup"));
                }
            }
        });
        generate_bloom = BloomFilterFactory.createAddRemove4Bit(BLOOM_INCREASE);
        generate_bloom_create_time = SystemTime.akj();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SESTSConnectionImpl(Core core, GenericMessageConnectionImpl genericMessageConnectionImpl, SEPublicKey sEPublicKey, SEPublicKeyLocator sEPublicKeyLocator, String str, int i2) {
        this.core = core;
        this.connection = genericMessageConnectionImpl;
        this.my_public_key = sEPublicKey;
        this.key_locator = sEPublicKeyLocator;
        this.reason = str;
        this.block_crypto = i2;
        synchronized (connections) {
            connections.add(this);
        }
        if (this.connection.isIncoming()) {
            rateLimit(this.connection.getEndpoint().getNotionalAddress());
        }
        this.sts_engine = this.core.yJ().Yh().eo(this.reason);
        this.connection.addListener(new GenericMessageConnectionListener() { // from class: com.biglybt.pifimpl.local.utils.security.SESTSConnectionImpl.2
            @Override // com.biglybt.pif.messaging.generic.GenericMessageConnectionListener
            public void connected(GenericMessageConnection genericMessageConnection) {
                SESTSConnectionImpl.this.reportConnected();
            }

            @Override // com.biglybt.pif.messaging.generic.GenericMessageConnectionListener
            public void failed(GenericMessageConnection genericMessageConnection, Throwable th) {
                SESTSConnectionImpl.this.reportFailed(th);
            }

            @Override // com.biglybt.pif.messaging.generic.GenericMessageConnectionListener
            public void receive(GenericMessageConnection genericMessageConnection, PooledByteBuffer pooledByteBuffer) {
                SESTSConnectionImpl.this.receive(pooledByteBuffer);
            }
        });
    }

    protected static void rateLimit(InetSocketAddress inetSocketAddress) {
        synchronized (SESTSConnectionImpl.class) {
            int add = generate_bloom.add(AddressUtils.q(inetSocketAddress));
            long akj = SystemTime.akj();
            if (generate_bloom.getSize() / generate_bloom.getEntryCount() < 10) {
                generate_bloom = BloomFilterFactory.createAddRemove4Bit(generate_bloom.getSize() + BLOOM_INCREASE);
                generate_bloom_create_time = akj;
                Logger.log(new LogEvent(LOGID, "STS bloom: size increased to " + generate_bloom.getSize()));
            } else if (akj < generate_bloom_create_time || akj - generate_bloom_create_time > 30000) {
                generate_bloom = BloomFilterFactory.createAddRemove4Bit(generate_bloom.getSize());
                generate_bloom_create_time = akj;
            }
            if (add >= 15) {
                Logger.log(new LogEvent(LOGID, "STS bloom: too many recent connection attempts from " + inetSocketAddress));
                Debug.fo("STS: too many recent connection attempts from " + inetSocketAddress);
                throw new IOException("Too many recent connection attempts (sts)");
            }
            long j2 = 100 - (akj - last_incoming_sts_create);
            if (j2 > 0 && j2 < 100) {
                try {
                    Logger.log(new LogEvent(LOGID, "STS: too many recent connection attempts, delaying " + j2));
                    Thread.sleep(j2);
                } catch (Throwable th) {
                }
            }
            last_incoming_sts_create = akj;
        }
    }

    @Override // com.biglybt.pif.messaging.generic.GenericMessageConnection
    public void addInboundRateLimiter(RateLimiter rateLimiter) {
        this.connection.addInboundRateLimiter(rateLimiter);
    }

    @Override // com.biglybt.pif.messaging.generic.GenericMessageConnection
    public void addListener(GenericMessageConnectionListener genericMessageConnectionListener) {
        this.listeners.add(genericMessageConnectionListener);
    }

    @Override // com.biglybt.pif.messaging.generic.GenericMessageConnection
    public void addOutboundRateLimiter(RateLimiter rateLimiter) {
        this.connection.addOutboundRateLimiter(rateLimiter);
    }

    @Override // com.biglybt.pif.messaging.generic.GenericMessageConnection
    public void close() {
        synchronized (connections) {
            connections.remove(this);
        }
        this.connection.close();
    }

    @Override // com.biglybt.pif.messaging.generic.GenericMessageConnection
    public void connect() {
        if (this.connection.isIncoming()) {
            this.connection.connect();
            return;
        }
        try {
            ByteBuffer allocate = ByteBuffer.allocate(GenericMessageConnectionIndirect.MAX_MESSAGE_SIZE);
            this.sts_engine.t(allocate);
            allocate.flip();
            this.sent_keys = true;
            this.connection.connect(allocate);
        } catch (CryptoManagerException e2) {
            throw new MessageException("Failed to get initial keys", e2);
        }
    }

    protected void cryptoComplete() {
        this.crypto_complete.aii();
    }

    protected int getConnectMethodCount() {
        return this.connection.getConnectMethodCount();
    }

    @Override // com.biglybt.pif.messaging.generic.GenericMessageConnection
    public GenericMessageEndpoint getEndpoint() {
        return this.connection.getEndpoint();
    }

    @Override // com.biglybt.pif.messaging.generic.GenericMessageConnection
    public int getMaximumMessageSize() {
        int maximumMessageSize = this.connection.getMaximumMessageSize();
        return this.outgoing_cipher != null ? maximumMessageSize - this.outgoing_cipher.getBlockSize() : maximumMessageSize;
    }

    public int getTransportType() {
        return this.connection.getTransportType();
    }

    @Override // com.biglybt.pif.messaging.generic.GenericMessageConnection
    public String getType() {
        String type = this.connection.getType();
        return type.length() == 0 ? WebPlugin.CONFIG_USER_DEFAULT : "AES " + type;
    }

    public void receive(PooledByteBuffer pooledByteBuffer) {
        ByteBuffer byteBuffer = null;
        boolean z2 = false;
        boolean z3 = true;
        try {
            synchronized (this) {
                if (!this.crypto_complete.aij()) {
                    ByteBuffer wrap = ByteBuffer.wrap(pooledByteBuffer.toByteArray());
                    pooledByteBuffer.returnToPool();
                    if (!this.sent_keys) {
                        byteBuffer = ByteBuffer.allocate(65536);
                        this.sts_engine.t(byteBuffer);
                        this.sent_keys = true;
                        this.sts_engine.u(wrap);
                        this.sts_engine.v(byteBuffer);
                        this.sent_auth = true;
                        z3 = false;
                    } else if (this.sent_auth) {
                        this.sts_engine.w(wrap);
                        if (!this.key_locator.a(this, new SEPublicKeyImpl(this.my_public_key.getType(), this.sts_engine.Yp()))) {
                            this.connection.closing();
                            throw new MessageException("remote public key not accepted");
                        }
                        setupBlockCrypto();
                        if (wrap.hasRemaining()) {
                            pooledByteBuffer = new PooledByteBufferImpl(new DirectByteBuffer(wrap.slice()));
                            z2 = true;
                        } else {
                            z3 = false;
                            z2 = true;
                        }
                    } else {
                        byteBuffer = ByteBuffer.allocate(65536);
                        this.sts_engine.u(wrap);
                        this.sts_engine.v(byteBuffer);
                        this.sent_auth = true;
                        this.sts_engine.w(wrap);
                        if (!this.key_locator.a(this, new SEPublicKeyImpl(this.my_public_key.getType(), this.sts_engine.Yp()))) {
                            throw new MessageException("remote public key not accepted");
                        }
                        setupBlockCrypto();
                        if (this.pending_message != null) {
                            byte[] byteArray = this.pending_message.toByteArray();
                            int length = byteArray.length;
                            if (this.outgoing_cipher != null && (length = (((length + this.AES_KEY_SIZE_BYTES) - 1) / this.AES_KEY_SIZE_BYTES) * this.AES_KEY_SIZE_BYTES) == 0) {
                                length = this.AES_KEY_SIZE_BYTES;
                            }
                            if (byteBuffer.remaining() >= length) {
                                if (this.outgoing_cipher != null) {
                                    byteBuffer.put(this.outgoing_cipher.doFinal(byteArray));
                                } else {
                                    byteBuffer.put(byteArray);
                                }
                                this.pending_message = null;
                            }
                        }
                        z3 = false;
                        z2 = true;
                    }
                }
            }
            if (byteBuffer != null) {
                byteBuffer.flip();
                this.connection.send(new PooledByteBufferImpl(new DirectByteBuffer(byteBuffer)));
            }
            if (z2) {
                cryptoComplete();
            }
            if (z3) {
                receiveContent(pooledByteBuffer);
            }
        } catch (Throwable th) {
            reportFailed(th);
            if (!(th instanceof MessageException)) {
                throw new MessageException("Receive failed", th);
            }
            throw ((MessageException) th);
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:49:0x004e  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected void receiveContent(com.biglybt.pif.utils.PooledByteBuffer r9) {
        /*
            r8 = this;
            r2 = 0
            r3 = 1
            javax.crypto.Cipher r0 = r8.incoming_cipher     // Catch: java.lang.Throwable -> L4b
            if (r0 == 0) goto L52
            byte[] r0 = r9.toByteArray()     // Catch: java.lang.Throwable -> L42 java.lang.Throwable -> L4b
            javax.crypto.Cipher r1 = r8.incoming_cipher     // Catch: java.lang.Throwable -> L42 java.lang.Throwable -> L4b
            byte[] r1 = r1.doFinal(r0)     // Catch: java.lang.Throwable -> L42 java.lang.Throwable -> L4b
            com.biglybt.pifimpl.local.utils.PooledByteBufferImpl r0 = new com.biglybt.pifimpl.local.utils.PooledByteBufferImpl     // Catch: java.lang.Throwable -> L42 java.lang.Throwable -> L4b
            r0.<init>(r1)     // Catch: java.lang.Throwable -> L42 java.lang.Throwable -> L4b
            r9.returnToPool()     // Catch: java.lang.Throwable -> L42 java.lang.Throwable -> L4b
            r1 = r3
            r9 = r0
        L1a:
            com.biglybt.core.util.CopyOnWriteList r0 = r8.listeners     // Catch: java.lang.Throwable -> L8b
            java.util.List r6 = r0.xS()     // Catch: java.lang.Throwable -> L8b
            r0 = 0
            r5 = r2
            r2 = r1
            r1 = r0
        L24:
            int r0 = r6.size()     // Catch: java.lang.Throwable -> L4b
            if (r5 >= r0) goto L82
            if (r5 != 0) goto L5e
            r4 = r9
        L2d:
            java.lang.Object r0 = r6.get(r5)     // Catch: java.lang.Throwable -> L4b java.lang.Throwable -> L69
            com.biglybt.pif.messaging.generic.GenericMessageConnectionListener r0 = (com.biglybt.pif.messaging.generic.GenericMessageConnectionListener) r0     // Catch: java.lang.Throwable -> L4b java.lang.Throwable -> L69
            r0.receive(r8, r4)     // Catch: java.lang.Throwable -> L4b java.lang.Throwable -> L69
            if (r4 != r9) goto L8e
            r0 = r3
        L39:
            r7 = r1
            r1 = r0
            r0 = r7
        L3c:
            int r2 = r5 + 1
            r5 = r2
            r2 = r1
            r1 = r0
            goto L24
        L42:
            r0 = move-exception
            com.biglybt.pif.messaging.MessageException r1 = new com.biglybt.pif.messaging.MessageException     // Catch: java.lang.Throwable -> L4b
            java.lang.String r3 = "Failed to decrypt data"
            r1.<init>(r3, r0)     // Catch: java.lang.Throwable -> L4b
            throw r1     // Catch: java.lang.Throwable -> L4b
        L4b:
            r0 = move-exception
        L4c:
            if (r2 != 0) goto L51
            r9.returnToPool()
        L51:
            throw r0
        L52:
            int r0 = r8.block_crypto     // Catch: java.lang.Throwable -> L4b
            if (r0 == r3) goto L90
            com.biglybt.pif.messaging.MessageException r0 = new com.biglybt.pif.messaging.MessageException     // Catch: java.lang.Throwable -> L4b
            java.lang.String r1 = "Crypto isn't setup"
            r0.<init>(r1)     // Catch: java.lang.Throwable -> L4b
            throw r0     // Catch: java.lang.Throwable -> L4b
        L5e:
            com.biglybt.pifimpl.local.utils.PooledByteBufferImpl r0 = new com.biglybt.pifimpl.local.utils.PooledByteBufferImpl     // Catch: java.lang.Throwable -> L4b
            byte[] r4 = r9.toByteArray()     // Catch: java.lang.Throwable -> L4b
            r0.<init>(r4)     // Catch: java.lang.Throwable -> L4b
            r4 = r0
            goto L2d
        L69:
            r0 = move-exception
            r4.returnToPool()     // Catch: java.lang.Throwable -> L4b
            if (r4 != r9) goto L70
            r2 = r3
        L70:
            boolean r1 = r0 instanceof com.biglybt.pif.messaging.MessageException     // Catch: java.lang.Throwable -> L4b
            if (r1 == 0) goto L78
            com.biglybt.pif.messaging.MessageException r0 = (com.biglybt.pif.messaging.MessageException) r0     // Catch: java.lang.Throwable -> L4b
            r1 = r2
            goto L3c
        L78:
            com.biglybt.pif.messaging.MessageException r1 = new com.biglybt.pif.messaging.MessageException     // Catch: java.lang.Throwable -> L4b
            java.lang.String r4 = "Failed to process message"
            r1.<init>(r4, r0)     // Catch: java.lang.Throwable -> L4b
            r0 = r1
            r1 = r2
            goto L3c
        L82:
            if (r1 == 0) goto L85
            throw r1     // Catch: java.lang.Throwable -> L4b
        L85:
            if (r2 != 0) goto L8a
            r9.returnToPool()
        L8a:
            return
        L8b:
            r0 = move-exception
            r2 = r1
            goto L4c
        L8e:
            r0 = r2
            goto L39
        L90:
            r1 = r2
            goto L1a
        */
        throw new UnsupportedOperationException("Method not decompiled: com.biglybt.pifimpl.local.utils.security.SESTSConnectionImpl.receiveContent(com.biglybt.pif.utils.PooledByteBuffer):void");
    }

    public void removeInboundRateLimiter(RateLimiter rateLimiter) {
        this.connection.removeInboundRateLimiter(rateLimiter);
    }

    public void removeListener(GenericMessageConnectionListener genericMessageConnectionListener) {
        this.listeners.remove(genericMessageConnectionListener);
    }

    public void removeOutboundRateLimiter(RateLimiter rateLimiter) {
        this.connection.removeOutboundRateLimiter(rateLimiter);
    }

    protected void reportConnected() {
        new AEThread2("SESTSConnection:connected", true) { // from class: com.biglybt.pifimpl.local.utils.security.SESTSConnectionImpl.3
            @Override // com.biglybt.core.util.AEThread2
            public void run() {
                List xS = SESTSConnectionImpl.this.listeners.xS();
                int i2 = 0;
                while (true) {
                    int i3 = i2;
                    if (i3 >= xS.size()) {
                        return;
                    }
                    try {
                        ((GenericMessageConnectionListener) xS.get(i3)).connected(SESTSConnectionImpl.this);
                    } catch (Throwable th) {
                        Debug.s(th);
                    }
                    i2 = i3 + 1;
                }
            }
        }.start();
    }

    protected void reportFailed(final Throwable th) {
        setFailed();
        new AEThread2("SESTSConnection:failed", true) { // from class: com.biglybt.pifimpl.local.utils.security.SESTSConnectionImpl.4
            @Override // com.biglybt.core.util.AEThread2
            public void run() {
                try {
                    List xS = SESTSConnectionImpl.this.listeners.xS();
                    int i2 = 0;
                    while (true) {
                        int i3 = i2;
                        if (i3 >= xS.size()) {
                            try {
                                return;
                            } catch (Throwable th2) {
                                return;
                            }
                        }
                        try {
                            ((GenericMessageConnectionListener) xS.get(i3)).failed(SESTSConnectionImpl.this, th);
                        } catch (Throwable th3) {
                            Debug.s(th3);
                        }
                        i2 = i3 + 1;
                    }
                } finally {
                    try {
                        SESTSConnectionImpl.this.close();
                    } catch (Throwable th22) {
                        Debug.s(th22);
                    }
                }
            }
        }.start();
    }

    @Override // com.biglybt.pif.messaging.generic.GenericMessageConnection
    public void send(PooledByteBuffer pooledByteBuffer) {
        if (this.failed) {
            throw new MessageException("Connection failed");
        }
        try {
            if (this.crypto_complete.aij()) {
                sendContent(pooledByteBuffer);
            } else {
                synchronized (this) {
                    if (this.pending_message == null) {
                        this.pending_message = pooledByteBuffer;
                    }
                }
            }
            this.crypto_complete.reserve();
            boolean z2 = false;
            synchronized (this) {
                if (this.pending_message == pooledByteBuffer) {
                    this.pending_message = null;
                    z2 = true;
                }
            }
            if (z2) {
                sendContent(pooledByteBuffer);
            }
        } catch (Throwable th) {
            setFailed();
            if (!(th instanceof MessageException)) {
                throw new MessageException("Send failed", th);
            }
            throw ((MessageException) th);
        }
    }

    protected void sendContent(PooledByteBuffer pooledByteBuffer) {
        if (this.outgoing_cipher == null) {
            if (this.block_crypto != 1) {
                this.connection.close();
                throw new MessageException("Crypto isn't setup");
            }
            this.connection.send(pooledByteBuffer);
            return;
        }
        try {
            PooledByteBufferImpl pooledByteBufferImpl = new PooledByteBufferImpl(this.outgoing_cipher.doFinal(pooledByteBuffer.toByteArray()));
            try {
                this.connection.send(pooledByteBufferImpl);
                pooledByteBuffer.returnToPool();
            } catch (Throwable th) {
                pooledByteBufferImpl.returnToPool();
                throw th;
            }
        } catch (Throwable th2) {
            throw new MessageException("Failed to encrypt data", th2);
        }
    }

    protected void setFailed() {
        this.failed = true;
        try {
            cryptoComplete();
        } catch (Throwable th) {
            Debug.s(th);
        }
    }

    protected void setupBlockCrypto() {
        if (this.failed || this.block_crypto == 1) {
            return;
        }
        try {
            byte[] Yo = this.sts_engine.Yo();
            SecretKeySpec secretKeySpec = new SecretKeySpec(Yo, 0, 16, "AES");
            SecretKeySpec secretKeySpec2 = new SecretKeySpec(Yo, 8, 16, "AES");
            IvParameterSpec ivParameterSpec = new IvParameterSpec(AES_IV1);
            IvParameterSpec ivParameterSpec2 = new IvParameterSpec(AES_IV2);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            Cipher cipher2 = Cipher.getInstance("AES/CBC/PKCS5Padding");
            if (this.connection.isIncoming()) {
                cipher.init(1, secretKeySpec, ivParameterSpec);
                cipher2.init(2, secretKeySpec2, ivParameterSpec2);
                this.incoming_cipher = cipher2;
                this.outgoing_cipher = cipher;
            } else {
                cipher.init(2, secretKeySpec, ivParameterSpec);
                cipher2.init(1, secretKeySpec2, ivParameterSpec2);
                this.incoming_cipher = cipher;
                this.outgoing_cipher = cipher2;
            }
        } catch (Throwable th) {
            throw new MessageException("Failed to setup block encryption", th);
        }
    }
}
