package org.eclipse.californium.scandium.dtls;

import java.net.InetSocketAddress;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import org.eclipse.californium.scandium.DTLSConnectorConfig;
import org.eclipse.californium.scandium.dtls.AlertMessage;
import org.eclipse.californium.scandium.dtls.CertificateRequest;
import org.eclipse.californium.scandium.dtls.CertificateTypeExtension;
import org.eclipse.californium.scandium.dtls.SupportedPointFormatsExtension;
import org.eclipse.californium.scandium.dtls.cipher.CipherSuite;
import org.eclipse.californium.scandium.dtls.cipher.ECDHECryptography;
import org.eclipse.californium.scandium.dtls.pskstore.PskStore;
import org.eclipse.californium.scandium.util.ByteArrayUtils;

/* loaded from: input_file:org/eclipse/californium/scandium/dtls/ServerHandshaker.class */
public class ServerHandshaker extends Handshaker {
    private boolean clientAuthenticationRequired;
    private PublicKey clientPublicKey;
    private List<CipherSuite> supportedCipherSuites;
    private List<CertificateTypeExtension.CertificateType> supportedClientCertificateTypes;
    private List<CertificateTypeExtension.CertificateType> supportedServerCertificateTypes;
    protected CertificateMessage clientCertificate;
    protected ClientKeyExchange clientKeyExchange;
    protected CertificateVerify certificateVerify;
    protected final PskStore pskStore;

    public ServerHandshaker(InetSocketAddress inetSocketAddress, DTLSSession dTLSSession, Certificate[] certificateArr, DTLSConnectorConfig dTLSConnectorConfig) {
        super(inetSocketAddress, false, dTLSSession, certificateArr);
        this.clientAuthenticationRequired = false;
        this.clientCertificate = null;
        this.certificateVerify = null;
        this.supportedCipherSuites = new ArrayList();
        this.supportedCipherSuites.add(CipherSuite.SSL_NULL_WITH_NULL_NULL);
        this.supportedCipherSuites.add(CipherSuite.TLS_PSK_WITH_AES_128_CCM_8);
        this.supportedCipherSuites.add(CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8);
        this.pskStore = dTLSConnectorConfig.pskStore;
        this.privateKey = dTLSConnectorConfig.privateKey;
        this.certificates = dTLSConnectorConfig.certChain;
        this.publicKey = (this.certificates == null || this.certificates.length <= 0) ? dTLSConnectorConfig.publicKey : this.certificates[0].getPublicKey();
        this.clientAuthenticationRequired = dTLSConnectorConfig.requireClientAuth;
        this.supportedClientCertificateTypes = new ArrayList();
        this.supportedClientCertificateTypes.add(CertificateTypeExtension.CertificateType.X_509);
        this.supportedClientCertificateTypes.add(CertificateTypeExtension.CertificateType.RAW_PUBLIC_KEY);
        this.supportedServerCertificateTypes = new ArrayList();
        this.supportedServerCertificateTypes.add(CertificateTypeExtension.CertificateType.X_509);
        this.supportedServerCertificateTypes.add(CertificateTypeExtension.CertificateType.RAW_PUBLIC_KEY);
    }

    @Override // org.eclipse.californium.scandium.dtls.Handshaker
    public synchronized DTLSFlight processMessage(Record record) throws HandshakeException {
        if (this.lastFlight != null) {
            if (LOGGER.isLoggable(Level.FINER)) {
                LOGGER.finer("Received client's (" + this.endpointAddress.toString() + ") finished message again, retransmit the last flight.");
            }
            return this.lastFlight;
        }
        DTLSFlight dTLSFlight = null;
        if (!processMessageNext(record)) {
            return null;
        }
        switch (record.getType()) {
            case CHANGE_CIPHER_SPEC:
                record.getFragment();
                setCurrentReadState();
                this.session.incrementReadEpoch();
                break;
            case HANDSHAKE:
                HandshakeMessage handshakeMessage = (HandshakeMessage) record.getFragment();
                if (handshakeMessage instanceof FragmentedHandshakeMessage) {
                    handshakeMessage = handleFragmentation((FragmentedHandshakeMessage) handshakeMessage);
                    if (handshakeMessage != null) {
                        record.setFragment(handshakeMessage);
                    }
                }
                switch (handshakeMessage.getMessageType()) {
                    case CLIENT_HELLO:
                        dTLSFlight = receivedClientHello((ClientHello) handshakeMessage);
                        break;
                    case CERTIFICATE:
                        receivedClientCertificate((CertificateMessage) handshakeMessage);
                        break;
                    case CLIENT_KEY_EXCHANGE:
                        switch (this.keyExchange) {
                            case PSK:
                                generateKeys(receivedClientKeyExchange((PSKClientKeyExchange) handshakeMessage));
                                break;
                            case EC_DIFFIE_HELLMAN:
                                generateKeys(receivedClientKeyExchange((ECDHClientKeyExchange) handshakeMessage));
                                break;
                            case NULL:
                                generateKeys(receivedClientKeyExchange((NULLClientKeyExchange) handshakeMessage));
                                break;
                            default:
                                throw new HandshakeException("Unknown key exchange algorithm: " + this.keyExchange, new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE));
                        }
                        this.handshakeMessages = ByteArrayUtils.concatenate(this.handshakeMessages, this.clientKeyExchange.getRawMessage());
                        break;
                    case CERTIFICATE_VERIFY:
                        receivedCertificateVerify((CertificateVerify) handshakeMessage);
                        break;
                    case FINISHED:
                        dTLSFlight = receivedClientFinished((Finished) handshakeMessage);
                        break;
                    default:
                        throw new HandshakeException("Server received unexpected handshake message:\n" + handshakeMessage.toString(), new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.UNEXPECTED_MESSAGE));
                }
            default:
                throw new HandshakeException("Server received not supported record:\n" + record.toString(), new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE));
        }
        if (dTLSFlight == null) {
            Record record2 = null;
            Iterator<Record> it = this.queuedMessages.iterator();
            while (true) {
                if (it.hasNext()) {
                    Record next = it.next();
                    if (processMessageNext(next)) {
                        record2 = next;
                    }
                }
            }
            if (record2 != null) {
                dTLSFlight = processMessage(record2);
            }
        }
        if (LOGGER.isLoggable(Level.FINE)) {
            LOGGER.fine("DTLS Message processed (" + this.endpointAddress.toString() + "):\n" + record.toString());
        }
        return dTLSFlight;
    }

    private void receivedClientCertificate(CertificateMessage certificateMessage) throws HandshakeException {
        if (this.clientCertificate == null || this.clientCertificate.getMessageSeq() != certificateMessage.getMessageSeq()) {
            this.clientCertificate = certificateMessage;
            this.clientCertificate.verifyCertificate(this.rootCertificates);
            this.clientPublicKey = this.clientCertificate.getPublicKey();
            this.session.setPeerRawPublicKey(this.clientPublicKey);
            this.handshakeMessages = ByteArrayUtils.concatenate(this.handshakeMessages, this.clientCertificate.getRawMessage());
        }
    }

    private void receivedCertificateVerify(CertificateVerify certificateVerify) throws HandshakeException {
        this.certificateVerify = certificateVerify;
        certificateVerify.verifySignature(this.clientPublicKey, this.handshakeMessages);
    }

    private DTLSFlight receivedClientFinished(Finished finished) throws HandshakeException {
        if (this.lastFlight != null) {
            return null;
        }
        if (this.keyExchange == CipherSuite.KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN && this.clientAuthenticationRequired && (this.clientCertificate == null || this.certificateVerify == null)) {
            throw new HandshakeException("Client did not send required authentication messages.", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE));
        }
        DTLSFlight dTLSFlight = new DTLSFlight();
        if (this.clientCertificate != null) {
            this.md.update(this.clientCertificate.getRawMessage());
        }
        this.md.update(this.clientKeyExchange.getRawMessage());
        if (this.certificateVerify != null) {
            this.md.update(this.certificateVerify.getRawMessage());
        }
        MessageDigest messageDigest = null;
        try {
            messageDigest = (MessageDigest) this.md.clone();
            messageDigest.update(finished.toByteArray());
        } catch (CloneNotSupportedException e) {
            LOGGER.log(Level.SEVERE, "Cannot compute digest for server's Finish handshake message", (Throwable) e);
        }
        finished.verifyData(getMasterSecret(), true, this.md.digest());
        dTLSFlight.addMessage(wrapMessage(new ChangeCipherSpecMessage()));
        setCurrentWriteState();
        this.session.incrementWriteEpoch();
        dTLSFlight.addMessage(wrapMessage(new Finished(getMasterSecret(), this.isClient, messageDigest.digest())));
        this.state = HandshakeType.FINISHED.getCode();
        this.session.setActive(true);
        dTLSFlight.setRetransmissionNeeded(false);
        this.lastFlight = dTLSFlight;
        return dTLSFlight;
    }

    private DTLSFlight receivedClientHello(ClientHello clientHello) throws HandshakeException {
        DTLSFlight dTLSFlight = new DTLSFlight();
        if (clientHello.getCookie().length() <= 0 || !isValidCookie(clientHello)) {
            dTLSFlight.addMessage(wrapMessage(new HelloVerifyRequest(new ProtocolVersion(), generateCookie(clientHello))));
            dTLSFlight.setRetransmissionNeeded(false);
        } else {
            this.md.update(clientHello.getRawMessage());
            this.handshakeMessages = ByteArrayUtils.concatenate(this.handshakeMessages, clientHello.getRawMessage());
            ProtocolVersion negotiateProtocolVersion = negotiateProtocolVersion(clientHello.getClientVersion());
            this.clientRandom = clientHello.getRandom();
            this.serverRandom = new Random(new SecureRandom());
            SessionId sessionId = new SessionId();
            this.session.setSessionIdentifier(sessionId);
            CipherSuite negotiateCipherSuite = negotiateCipherSuite(clientHello.getCipherSuites());
            setCipherSuite(negotiateCipherSuite);
            CompressionMethod compressionMethod = CompressionMethod.NULL;
            setCompressionMethod(compressionMethod);
            HelloExtensions helloExtensions = null;
            CertificateTypeExtension clientCertificateTypeExtension = clientHello.getClientCertificateTypeExtension();
            if (clientCertificateTypeExtension != null) {
                CertificateTypeExtension.CertificateType negotiateCertificateType = negotiateCertificateType(clientCertificateTypeExtension, this.supportedClientCertificateTypes);
                helloExtensions = new HelloExtensions();
                ClientCertificateTypeExtension clientCertificateTypeExtension2 = new ClientCertificateTypeExtension(false);
                clientCertificateTypeExtension2.addCertificateType(negotiateCertificateType);
                helloExtensions.addExtension(clientCertificateTypeExtension2);
                if (negotiateCertificateType == CertificateTypeExtension.CertificateType.RAW_PUBLIC_KEY) {
                    this.session.setReceiveRawPublicKey(true);
                }
            }
            CertificateTypeExtension serverCertificateTypeExtension = clientHello.getServerCertificateTypeExtension();
            if (serverCertificateTypeExtension != null) {
                CertificateTypeExtension.CertificateType negotiateCertificateType2 = negotiateCertificateType(serverCertificateTypeExtension, this.supportedServerCertificateTypes);
                if (helloExtensions == null) {
                    helloExtensions = new HelloExtensions();
                }
                ServerCertificateTypeExtension serverCertificateTypeExtension2 = new ServerCertificateTypeExtension(false);
                serverCertificateTypeExtension2.addCertificateType(negotiateCertificateType2);
                helloExtensions.addExtension(serverCertificateTypeExtension2);
                if (negotiateCertificateType2 == CertificateTypeExtension.CertificateType.RAW_PUBLIC_KEY) {
                    this.session.setSendRawPublicKey(true);
                }
            }
            if (this.keyExchange == CipherSuite.KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN) {
                List asList = Arrays.asList(SupportedPointFormatsExtension.ECPointFormat.UNCOMPRESSED);
                if (helloExtensions == null) {
                    helloExtensions = new HelloExtensions();
                }
                helloExtensions.addExtension(new SupportedPointFormatsExtension(asList));
            }
            DTLSMessage serverHello = new ServerHello(negotiateProtocolVersion, this.serverRandom, sessionId, negotiateCipherSuite, compressionMethod, helloExtensions);
            dTLSFlight.addMessage(wrapMessage(serverHello));
            this.md.update(serverHello.toByteArray());
            this.handshakeMessages = ByteArrayUtils.concatenate(this.handshakeMessages, serverHello.toByteArray());
            DTLSMessage dTLSMessage = null;
            switch (this.keyExchange) {
                case EC_DIFFIE_HELLMAN:
                    if (!this.session.sendRawPublicKey()) {
                        dTLSMessage = new CertificateMessage(this.certificates);
                        break;
                    } else {
                        dTLSMessage = new CertificateMessage(this.publicKey.getEncoded());
                        break;
                    }
            }
            if (dTLSMessage != null) {
                dTLSFlight.addMessage(wrapMessage(dTLSMessage));
                this.md.update(dTLSMessage.toByteArray());
                this.handshakeMessages = ByteArrayUtils.concatenate(this.handshakeMessages, dTLSMessage.toByteArray());
            }
            DTLSMessage dTLSMessage2 = null;
            SignatureAndHashAlgorithm signatureAndHashAlgorithm = null;
            switch (this.keyExchange) {
                case EC_DIFFIE_HELLMAN:
                    signatureAndHashAlgorithm = new SignatureAndHashAlgorithm(CertificateRequest.HashAlgorithm.SHA256, CertificateRequest.SignatureAlgorithm.ECDSA);
                    int negotiateNamedCurve = negotiateNamedCurve(clientHello.getSupportedEllipticCurvesExtension());
                    this.ecdhe = new ECDHECryptography(negotiateNamedCurve);
                    dTLSMessage2 = new ECDHServerKeyExchange(signatureAndHashAlgorithm, this.ecdhe, this.privateKey, this.clientRandom, this.serverRandom, negotiateNamedCurve);
                    break;
            }
            if (dTLSMessage2 != null) {
                dTLSFlight.addMessage(wrapMessage(dTLSMessage2));
                this.md.update(dTLSMessage2.toByteArray());
                this.handshakeMessages = ByteArrayUtils.concatenate(this.handshakeMessages, dTLSMessage2.toByteArray());
            }
            if (this.clientAuthenticationRequired && signatureAndHashAlgorithm != null) {
                CertificateRequest certificateRequest = new CertificateRequest();
                certificateRequest.addCertificateType(CertificateRequest.ClientCertificateType.ECDSA_SIGN);
                certificateRequest.addSignatureAlgorithm(new SignatureAndHashAlgorithm(signatureAndHashAlgorithm.getHash(), signatureAndHashAlgorithm.getSignature()));
                certificateRequest.addCertificateAuthorities(this.rootCertificates);
                dTLSFlight.addMessage(wrapMessage(certificateRequest));
                this.md.update(certificateRequest.toByteArray());
                this.handshakeMessages = ByteArrayUtils.concatenate(this.handshakeMessages, certificateRequest.toByteArray());
            }
            DTLSMessage serverHelloDone = new ServerHelloDone();
            dTLSFlight.addMessage(wrapMessage(serverHelloDone));
            this.md.update(serverHelloDone.toByteArray());
            this.handshakeMessages = ByteArrayUtils.concatenate(this.handshakeMessages, serverHelloDone.toByteArray());
        }
        return dTLSFlight;
    }

    private byte[] receivedClientKeyExchange(ECDHClientKeyExchange eCDHClientKeyExchange) {
        this.clientKeyExchange = eCDHClientKeyExchange;
        return this.ecdhe.getSecret(eCDHClientKeyExchange.getEncodedPoint()).getEncoded();
    }

    private byte[] receivedClientKeyExchange(PSKClientKeyExchange pSKClientKeyExchange) throws HandshakeException {
        this.clientKeyExchange = pSKClientKeyExchange;
        String identity = pSKClientKeyExchange.getIdentity();
        this.session.setPskIdentity(identity);
        byte[] key = this.pskStore.getKey(identity);
        if (LOGGER.isLoggable(Level.INFO)) {
            LOGGER.info("Client " + this.endpointAddress.toString() + " used PSK identity: " + identity);
        }
        if (key != null) {
            return generatePremasterSecretFromPSK(key);
        }
        throw new HandshakeException("No preshared secret found for identity: " + identity, new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE));
    }

    private byte[] receivedClientKeyExchange(NULLClientKeyExchange nULLClientKeyExchange) {
        this.clientKeyExchange = nULLClientKeyExchange;
        return new byte[0];
    }

    private Cookie generateCookie(ClientHello clientHello) {
        byte[] bArr = null;
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            byte[] bytes = "generate cookie".getBytes();
            messageDigest.update(this.endpointAddress.toString().getBytes());
            messageDigest.update((byte) clientHello.getClientVersion().getMajor());
            messageDigest.update((byte) clientHello.getClientVersion().getMinor());
            messageDigest.update(clientHello.getRandom().getRandomBytes());
            messageDigest.update(clientHello.getSessionId().getSessionId());
            messageDigest.update(CipherSuite.listToByteArray(clientHello.getCipherSuites()));
            messageDigest.update(CompressionMethod.listToByteArray(clientHello.getCompressionMethods()));
            bArr = Handshaker.doHMAC(messageDigest, bytes, messageDigest.digest());
        } catch (NoSuchAlgorithmException e) {
            LOGGER.log(Level.SEVERE, "Could not instantiate message digest algorithm.", (Throwable) e);
        }
        return bArr == null ? new Cookie(new Random(new SecureRandom()).getRandomBytes()) : new Cookie(bArr);
    }

    private boolean isValidCookie(ClientHello clientHello) {
        Cookie generateCookie = generateCookie(clientHello);
        Cookie cookie = clientHello.getCookie();
        boolean equals = Arrays.equals(generateCookie.getCookie(), cookie.getCookie());
        if (!equals && LOGGER.isLoggable(Level.INFO)) {
            LOGGER.info("Client's (" + this.endpointAddress.toString() + ") cookie did not match expected cookie:\nExpected: " + ByteArrayUtils.toHexString(generateCookie.getCookie()) + "\nActual: " + ByteArrayUtils.toHexString(cookie.getCookie()));
        }
        return equals;
    }

    @Override // org.eclipse.californium.scandium.dtls.Handshaker
    public DTLSFlight getStartHandshakeMessage() {
        HelloRequest helloRequest = new HelloRequest();
        DTLSFlight dTLSFlight = new DTLSFlight();
        dTLSFlight.addMessage(wrapMessage(helloRequest));
        return dTLSFlight;
    }

    private ProtocolVersion negotiateProtocolVersion(ProtocolVersion protocolVersion) throws HandshakeException {
        if (protocolVersion.compareTo(new ProtocolVersion()) >= 0) {
            return new ProtocolVersion();
        }
        throw new HandshakeException("The server only supports DTLS v1.2", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.PROTOCOL_VERSION));
    }

    private CipherSuite negotiateCipherSuite(List<CipherSuite> list) throws HandshakeException {
        for (CipherSuite cipherSuite : list) {
            if (this.supportedCipherSuites.contains(cipherSuite) && cipherSuite != CipherSuite.SSL_NULL_WITH_NULL_NULL) {
                return cipherSuite;
            }
        }
        throw new HandshakeException("No supported cipher suite proposed by the client", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE));
    }

    private int negotiateNamedCurve(SupportedEllipticCurvesExtension supportedEllipticCurvesExtension) throws HandshakeException {
        if (supportedEllipticCurvesExtension == null) {
            throw new HandshakeException("The client did not provide the supported elliptic curves extension although ECC cipher suite chosen.", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE));
        }
        for (Integer num : supportedEllipticCurvesExtension.getEllipticCurveList()) {
            if (ECDHServerKeyExchange.NAMED_CURVE_PARAMETERS.get(num) != null) {
                return num.intValue();
            }
        }
        throw new HandshakeException("No proposed elliptic curve supported.", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE));
    }

    private CertificateTypeExtension.CertificateType negotiateCertificateType(CertificateTypeExtension certificateTypeExtension, List<CertificateTypeExtension.CertificateType> list) throws HandshakeException {
        for (CertificateTypeExtension.CertificateType certificateType : certificateTypeExtension.getCertificateTypes()) {
            if (list.contains(certificateType)) {
                return certificateType;
            }
        }
        throw new HandshakeException("No supported certificate type found", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.UNSUPPORTED_CERTIFICATE));
    }
}
