package org.eclipse.californium.oscore;

import java.io.IOException;
import java.security.SecureRandom;
import java.util.Arrays;
import org.eclipse.californium.core.coap.CoAP;
import org.eclipse.californium.cose.CoseException;
import org.eclipse.californium.elements.exception.ConnectorException;
import org.eclipse.californium.elements.util.Bytes;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/californium/oscore/ContextRederivation.class */
public class ContextRederivation {
    private static final String SCHEME = "coap://";
    private static SecureRandom random = new SecureRandom();
    protected static int SEGMENT_LENGTH = 8;
    private static final Logger LOGGER = LoggerFactory.getLogger(ContextRederivation.class);

    /* loaded from: input_file:org/eclipse/californium/oscore/ContextRederivation$PHASE.class */
    public enum PHASE {
        INACTIVE,
        CLIENT_INITIATE,
        SERVER_INITIATE,
        SERVER_PHASE_1,
        SERVER_PHASE_2,
        SERVER_PHASE_3,
        CLIENT_PHASE_1,
        CLIENT_PHASE_2,
        CLIENT_PHASE_3
    }

    public static void setLostContext(OSCoreCtxDB oSCoreCtxDB, String str) throws CoapOSException {
        try {
            initiateRequest(oSCoreCtxDB, str);
        } catch (ConnectorException | IOException | OSException e) {
            LOGGER.error(ErrorDescriptions.CONTEXT_REGENERATION_FAILED);
            throw new CoapOSException(ErrorDescriptions.CONTEXT_REGENERATION_FAILED, CoAP.ResponseCode.BAD_REQUEST);
        }
    }

    private static void initiateRequest(OSCoreCtxDB oSCoreCtxDB, String str) throws ConnectorException, IOException, OSException {
        OSCoreCtx context = oSCoreCtxDB.getContext(str);
        if (!context.getContextRederivationEnabled()) {
            LOGGER.error("Context re-derivation is not enabled for this context.");
            throw new IllegalStateException("Context re-derivation is not enabled for this context.");
        }
        printStateLogging(context);
        OSCoreCtx rederiveWithContextID = rederiveWithContextID(context, Bytes.createBytes(random, SEGMENT_LENGTH));
        rederiveWithContextID.setIncludeContextId(true);
        rederiveWithContextID.setContextRederivationPhase(PHASE.CLIENT_PHASE_1);
        oSCoreCtxDB.addContext(str, rederiveWithContextID);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static OSCoreCtx incomingResponse(OSCoreCtxDB oSCoreCtxDB, OSCoreCtx oSCoreCtx, byte[] bArr) throws OSException {
        if (!oSCoreCtx.getContextRederivationEnabled()) {
            LOGGER.debug("Context re-derivation not considered due to it being disabled for this context");
            return oSCoreCtx;
        }
        if (oSCoreCtx.getContextRederivationPhase() == PHASE.CLIENT_PHASE_3) {
            printStateLogging(oSCoreCtx);
            oSCoreCtx.setIncludeContextId(false);
            oSCoreCtx.setContextRederivationPhase(PHASE.INACTIVE);
            return oSCoreCtx;
        }
        if (oSCoreCtx.getContextRederivationPhase() == PHASE.CLIENT_PHASE_1) {
            printStateLogging(oSCoreCtx);
            OSCoreCtx rederiveWithContextID = rederiveWithContextID(oSCoreCtx, Bytes.concatenate(bArr, oSCoreCtx.getIdContext()));
            rederiveWithContextID.setContextRederivationPhase(PHASE.CLIENT_PHASE_2);
            oSCoreCtxDB.addContext(SCHEME + oSCoreCtx.getUri(), rederiveWithContextID);
            return rederiveWithContextID;
        }
        if (oSCoreCtx.getContextRederivationPhase() != PHASE.INACTIVE) {
            return oSCoreCtx;
        }
        printStateLogging(oSCoreCtx);
        if (bArr == null || Arrays.equals(oSCoreCtx.getIdContext(), bArr)) {
            return oSCoreCtx;
        }
        OSCoreCtx rederiveWithContextID2 = rederiveWithContextID(oSCoreCtx, Bytes.concatenate(bArr, oSCoreCtx.getIdContext()));
        rederiveWithContextID2.setContextRederivationPhase(PHASE.CLIENT_PHASE_2);
        oSCoreCtxDB.addContext(SCHEME + oSCoreCtx.getUri(), rederiveWithContextID2);
        return rederiveWithContextID2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static OSCoreCtx outgoingRequest(OSCoreCtxDB oSCoreCtxDB, OSCoreCtx oSCoreCtx) throws OSException {
        if (oSCoreCtx.getContextRederivationPhase() != PHASE.CLIENT_PHASE_2) {
            return oSCoreCtx;
        }
        printStateLogging(oSCoreCtx);
        byte[] idContext = oSCoreCtx.getIdContext();
        OSCoreCtx rederiveWithContextID = rederiveWithContextID(oSCoreCtx, Bytes.concatenate(Arrays.copyOfRange(idContext, 0, idContext.length - SEGMENT_LENGTH), Bytes.createBytes(random, SEGMENT_LENGTH)));
        rederiveWithContextID.setReceiverSeq(0);
        rederiveWithContextID.setIncludeContextId(true);
        rederiveWithContextID.setContextRederivationPhase(PHASE.CLIENT_PHASE_3);
        oSCoreCtxDB.addContext(SCHEME + oSCoreCtx.getUri(), rederiveWithContextID);
        return rederiveWithContextID;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static OSCoreCtx incomingRequest(OSCoreCtxDB oSCoreCtxDB, OSCoreCtx oSCoreCtx, byte[] bArr) throws OSException {
        if (!oSCoreCtx.getContextRederivationEnabled()) {
            LOGGER.debug("Context re-derivation not initiated due to it being disabled for this context");
            return oSCoreCtx;
        }
        if (oSCoreCtx.getContextRederivationPhase() == PHASE.SERVER_PHASE_2) {
            printStateLogging(oSCoreCtx);
            if (!Arrays.equals(performHMAC(oSCoreCtx.getContextRederivationKey(), Arrays.copyOfRange(oSCoreCtx.getIdContext(), 0, SEGMENT_LENGTH)), Arrays.copyOfRange(oSCoreCtx.getIdContext(), SEGMENT_LENGTH, SEGMENT_LENGTH * 2))) {
                throw new OSException(ErrorDescriptions.CONTEXT_REGENERATION_FAILED);
            }
            OSCoreCtx rederiveWithContextID = rederiveWithContextID(oSCoreCtx, bArr);
            rederiveWithContextID.setContextRederivationPhase(PHASE.SERVER_PHASE_3);
            oSCoreCtxDB.addContext(rederiveWithContextID);
            return rederiveWithContextID;
        }
        if (oSCoreCtx.getContextRederivationPhase() != PHASE.INACTIVE) {
            if (oSCoreCtx.getContextRederivationPhase() != PHASE.SERVER_INITIATE) {
                return oSCoreCtx;
            }
            printStateLogging(oSCoreCtx);
            OSCoreCtx rederiveWithContextID2 = rederiveWithContextID(oSCoreCtx, oSCoreCtx.getIdContext());
            rederiveWithContextID2.setContextRederivationPhase(PHASE.SERVER_PHASE_1);
            oSCoreCtxDB.addContext(rederiveWithContextID2);
            return rederiveWithContextID2;
        }
        printStateLogging(oSCoreCtx);
        if (bArr == null || Arrays.equals(bArr, oSCoreCtx.getIdContext())) {
            return oSCoreCtx;
        }
        OSCoreCtx rederiveWithContextID3 = rederiveWithContextID(oSCoreCtx, bArr);
        rederiveWithContextID3.setContextRederivationPhase(PHASE.SERVER_PHASE_1);
        oSCoreCtxDB.addContext(rederiveWithContextID3);
        return rederiveWithContextID3;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static OSCoreCtx outgoingResponse(OSCoreCtxDB oSCoreCtxDB, OSCoreCtx oSCoreCtx) throws OSException {
        if (oSCoreCtx.getContextRederivationPhase() == PHASE.SERVER_PHASE_3) {
            printStateLogging(oSCoreCtx);
            oSCoreCtx.setIncludeContextId(false);
            oSCoreCtx.setContextRederivationPhase(PHASE.INACTIVE);
            return oSCoreCtx;
        }
        if (oSCoreCtx.getContextRederivationPhase() != PHASE.SERVER_PHASE_1) {
            return oSCoreCtx;
        }
        printStateLogging(oSCoreCtx);
        oSCoreCtx.setContextRederivationKey(Bytes.createBytes(random, oSCoreCtx.getSenderKey().length));
        byte[] idContext = oSCoreCtx.getIdContext();
        byte[] createBytes = Bytes.createBytes(random, SEGMENT_LENGTH);
        byte[] concatenate = Bytes.concatenate(createBytes, performHMAC(oSCoreCtx.getContextRederivationKey(), createBytes));
        OSCoreCtx rederiveWithContextID = rederiveWithContextID(oSCoreCtx, Bytes.concatenate(concatenate, idContext));
        rederiveWithContextID.setReceiverSeq(0);
        rederiveWithContextID.setIncludeContextId(concatenate);
        rederiveWithContextID.setResponsesIncludePartialIV(true);
        rederiveWithContextID.setContextRederivationPhase(PHASE.SERVER_PHASE_2);
        oSCoreCtxDB.addContext(rederiveWithContextID);
        return rederiveWithContextID;
    }

    private static OSCoreCtx rederiveWithContextID(OSCoreCtx oSCoreCtx, byte[] bArr) throws OSException {
        OSCoreCtx oSCoreCtx2 = new OSCoreCtx(oSCoreCtx.getMasterSecret(), true, oSCoreCtx.getAlg(), oSCoreCtx.getSenderId(), oSCoreCtx.getRecipientId(), oSCoreCtx.getKdf(), Integer.valueOf(oSCoreCtx.getRecipientReplaySize()), oSCoreCtx.getSalt(), bArr);
        oSCoreCtx2.setContextRederivationKey(oSCoreCtx.getContextRederivationKey());
        oSCoreCtx2.setContextRederivationEnabled(oSCoreCtx.getContextRederivationEnabled());
        return oSCoreCtx2;
    }

    private static byte[] performHMAC(byte[] bArr, byte[] bArr2) throws OSException {
        try {
            return OSCoreCtx.deriveKey(bArr, bArr, SEGMENT_LENGTH, "SHA256", bArr2);
        } catch (CoseException e) {
            throw new OSException(ErrorDescriptions.CONTEXT_REGENERATION_FAILED);
        }
    }

    private static void printStateLogging(OSCoreCtx oSCoreCtx) {
        String str;
        PHASE contextRederivationPhase = oSCoreCtx.getContextRederivationPhase();
        switch (contextRederivationPhase) {
            case INACTIVE:
                str = "client/server context re-derivation inactive";
                break;
            case CLIENT_INITIATE:
                str = "client will initiate context re-derivation";
                break;
            case SERVER_INITIATE:
                str = "server will initiate context re-derivation";
                break;
            case CLIENT_PHASE_1:
                str = "client has sent the first request in the procedure and is receving the response";
                break;
            case CLIENT_PHASE_2:
                str = "client is sending the second request in the procedure";
                break;
            case CLIENT_PHASE_3:
                str = "client has received the second response in the procedure and is concluding";
                break;
            case SERVER_PHASE_1:
                str = "server has received the first request in the procedure and is sending the response";
                break;
            case SERVER_PHASE_2:
                str = "server is receiving the second request in the procedure";
                break;
            case SERVER_PHASE_3:
                str = "server has sent the second response in the procedure and is concluding";
                break;
            default:
                str = "context re-derivation is in unknown state indicating a problem";
                break;
        }
        String str2 = "Context re-derivation phase: " + contextRederivationPhase + " (" + str + ")";
        if (contextRederivationPhase == PHASE.INACTIVE) {
            LOGGER.debug(str2);
        } else {
            LOGGER.info(str2);
        }
    }
}
