package org.eclipse.milo.opcua.stack.core.util;

import java.security.SecureRandom;
import java.util.Random;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CompletionStage;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ThreadLocalRandom;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import java.util.concurrent.atomic.AtomicReference;
import org.bouncycastle.util.Arrays;
import org.eclipse.milo.opcua.stack.core.StatusCodes;
import org.eclipse.milo.opcua.stack.core.UaException;
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy;
import org.eclipse.milo.opcua.stack.core.types.builtin.ByteString;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/milo/opcua/stack/core/util/NonceUtil.class */
public class NonceUtil {
    public static final int MINIMUM_NONCE_LENGTH = 32;
    private static volatile boolean SECURE_RANDOM_ENABLED = true;
    private static final CompletableFuture<Void> SEED_FUTURE = new CompletableFuture<>();
    private static final AtomicReference<SecureRandom> SECURE_RANDOM = new AtomicReference<>();

    public static void blockUntilSecureRandomSeeded() throws ExecutionException, InterruptedException {
        SEED_FUTURE.get();
    }

    public static void blockUntilSecureRandomSeeded(long j, TimeUnit timeUnit) throws ExecutionException, InterruptedException, TimeoutException {
        SEED_FUTURE.get(j, timeUnit);
    }

    public static CompletionStage<Void> secureRandomSeeded() {
        return SEED_FUTURE;
    }

    public static void enableSecureRandom() {
        SECURE_RANDOM_ENABLED = true;
    }

    public static void disableSecureRandom() {
        SECURE_RANDOM_ENABLED = false;
    }

    public static boolean isSecureRandomEnabled() {
        return SECURE_RANDOM_ENABLED;
    }

    public static boolean isSecureRandomSeeded() {
        return SECURE_RANDOM.get() != null;
    }

    public static ByteString generateNonce(int i) {
        if (i == 0) {
            return ByteString.NULL_VALUE;
        }
        byte[] bArr = new byte[i];
        Random random = null;
        if (SECURE_RANDOM_ENABLED) {
            random = SECURE_RANDOM.get();
        }
        if (random == null) {
            random = ThreadLocalRandom.current();
        }
        random.nextBytes(bArr);
        return new ByteString(bArr);
    }

    public static ByteString generateNonce(SecurityPolicy securityPolicy) {
        return generateNonce(getNonceLength(securityPolicy));
    }

    private static int getNonceLength(SecurityPolicy securityPolicy) {
        switch (securityPolicy) {
            case Basic128Rsa15:
                return 16;
            case Basic256:
            case Basic256Sha256:
            case Aes128_Sha256_RsaOaep:
            case Aes256_Sha256_RsaPss:
                return 32;
            case None:
            default:
                return 0;
        }
    }

    public static void validateNonce(ByteString byteString, SecurityPolicy securityPolicy) throws UaException {
        validateNonce(byteString, getNonceLength(securityPolicy));
    }

    public static void validateNonce(ByteString byteString) throws UaException {
        validateNonce(byteString, 32);
    }

    public static void validateNonce(ByteString byteString, int i) throws UaException {
        byte[] bytesOrEmpty = byteString.bytesOrEmpty();
        if (bytesOrEmpty.length < i) {
            throw new UaException(StatusCodes.Bad_NonceInvalid, "nonce must be at least " + i + " bytes");
        }
        if (bytesOrEmpty.length > 0 && Arrays.areAllZeroes(bytesOrEmpty, 0, bytesOrEmpty.length)) {
            throw new UaException(StatusCodes.Bad_NonceInvalid, "nonce must be non-zero");
        }
    }

    static {
        new Thread(() -> {
            long nanoTime = System.nanoTime();
            SecureRandom secureRandom = new SecureRandom();
            secureRandom.nextBytes(new byte[32]);
            SECURE_RANDOM.set(secureRandom);
            LoggerFactory.getLogger((Class<?>) NonceUtil.class).info("SecureRandom seeded in {}ms.", Long.valueOf(TimeUnit.MILLISECONDS.convert(System.nanoTime() - nanoTime, TimeUnit.NANOSECONDS)));
            SEED_FUTURE.complete(null);
        }, "milo-nonce-util-secure-random").start();
    }
}
