package org.objectweb.proactive.core.security.crypto;

import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;
import java.security.AlgorithmParameters;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import org.objectweb.proactive.core.security.CertTools;
import org.objectweb.proactive.core.security.ProActiveSecurity;
import org.objectweb.proactive.core.security.SecurityContext;
import org.objectweb.proactive.core.security.TypedCertificate;
import org.objectweb.proactive.core.util.log.Loggers;
import org.objectweb.proactive.core.util.log.ProActiveLogger;

/* loaded from: input_file:WEB-INF/lib/proactive-programming-bundle-5.2.0-update-12.jar:org/objectweb/proactive/core/security/crypto/Session.class */
public class Session implements Serializable {
    private long distantSessionID;
    private TypedCertificate distantOACertificate;
    public transient Cipher cl_cipher;
    public transient Cipher se_cipher;
    public transient Cipher rsa_eng;
    public transient Mac cl_mac;
    public transient Mac se_mac;
    private byte[] cl_sec_key;
    private byte[] se_sec_key;
    public byte[] cl_mac_enc;
    private byte[] se_mac_enc;
    public transient IvParameterSpec se_iv;
    public transient IvParameterSpec cl_iv;
    private boolean isSessionValidated;
    private AlgorithmParameters seCipherAlgParams;
    private AlgorithmParameters clCipherAlgParams;
    private AlgorithmParameters seMacAlgParams;
    private AlgorithmParameters clMacAlgParams;
    private byte[] encodedSeCipherAlgParams;
    private byte[] encodedClCipherAlgParams;
    private byte[] encodedSeMacAlgParams;
    private byte[] encodedClMacAlgParams;
    public byte[] se_rand;
    public byte[] cl_rand;
    public SecretKey se_hmac_key;
    public SecretKey se_aes_key;
    public SecretKey cl_hmac_key;
    public SecretKey cl_aes_key;
    public transient SecureRandom sec_rand;
    private SecurityContext securityContext;

    /* loaded from: input_file:WEB-INF/lib/proactive-programming-bundle-5.2.0-update-12.jar:org/objectweb/proactive/core/security/crypto/Session$ActAs.class */
    public enum ActAs {
        CLIENT,
        SERVER
    }

    public Session() {
        this.distantSessionID = 0L;
    }

    public Session(long j, SecurityContext securityContext, TypedCertificate typedCertificate) throws SessionException {
        this.distantSessionID = 0L;
        this.securityContext = securityContext;
        this.isSessionValidated = false;
        this.se_rand = new byte[32];
        this.cl_rand = new byte[32];
        this.sec_rand = new SecureRandom();
        try {
            this.cl_cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
            this.se_cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
            this.rsa_eng = Cipher.getInstance("RSA/None/OAEPPadding", "BC");
            this.cl_mac = Mac.getInstance("HMACSHA1", "BC");
            this.se_mac = Mac.getInstance("HMACSHA1", "BC");
            this.distantSessionID = j;
            this.distantOACertificate = typedCertificate;
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            throw new SessionException("Impossible to create the session.");
        } catch (NoSuchProviderException e2) {
            e2.printStackTrace();
            throw new SessionException("Impossible to create the session.");
        } catch (NoSuchPaddingException e3) {
            e3.printStackTrace();
            throw new SessionException("Impossible to create the session.");
        }
    }

    public long getDistantSessionID() {
        return this.distantSessionID;
    }

    public void setDistantSessionID(long j) {
        this.distantSessionID = j;
    }

    public TypedCertificate getDistantCertificate() {
        return this.distantOACertificate;
    }

    public PublicKey getDistantPublicKey() {
        return this.distantOACertificate.getCert().getPublicKey();
    }

    /* JADX WARN: Type inference failed for: r0v4, types: [byte[], byte[][]] */
    public synchronized byte[][] writePDU(byte[] bArr, ActAs actAs) throws Exception {
        byte[] bArr2 = null;
        switch (actAs) {
            case CLIENT:
                if (this.securityContext.getSendRequest().isIntegrityEnabled()) {
                    this.cl_mac.update(bArr);
                }
                if (this.securityContext.getSendRequest().isConfidentialityEnabled()) {
                    try {
                        this.cl_cipher.init(1, this.cl_aes_key, this.cl_iv, this.sec_rand);
                        bArr = this.cl_cipher.doFinal(bArr);
                    } catch (Exception e) {
                        e.printStackTrace();
                        throw new IOException("PDU failed to encrypt " + e.getMessage());
                    }
                }
                if (this.securityContext.getSendRequest().isIntegrityEnabled()) {
                    ProActiveLogger.getLogger(Loggers.SECURITY_SESSION).debug("writePDU as client cl_mac :" + displayByte(this.cl_hmac_key.getEncoded()));
                    bArr2 = this.cl_mac.doFinal();
                    break;
                }
                break;
            case SERVER:
                if (this.securityContext.getSendReply().isIntegrityEnabled()) {
                    this.se_mac.update(bArr);
                }
                if (this.securityContext.getSendReply().isConfidentialityEnabled()) {
                    try {
                        bArr = this.se_cipher.doFinal(bArr);
                    } catch (Exception e2) {
                        e2.printStackTrace();
                        throw new IOException("PDU failed to encrypt " + e2.getMessage());
                    }
                }
                if (this.securityContext.getSendReply().isIntegrityEnabled()) {
                    bArr2 = this.se_mac.doFinal();
                    break;
                }
                break;
        }
        return new byte[]{bArr, bArr2};
    }

    public static boolean isEqual(byte[] bArr, byte[] bArr2) {
        if (bArr == null || bArr2 == null || bArr.length != bArr2.length) {
            return false;
        }
        for (int i = 0; i < bArr.length; i++) {
            if (bArr[i] != bArr2[i]) {
                return false;
            }
        }
        return true;
    }

    public synchronized byte[] readPDU(byte[] bArr, byte[] bArr2, ActAs actAs) throws IOException {
        switch (actAs) {
            case CLIENT:
                if (this.securityContext.getReceiveReply().isConfidentialityEnabled()) {
                    try {
                        bArr = this.se_cipher.doFinal(bArr);
                    } catch (Exception e) {
                        ProActiveLogger.getLogger(Loggers.SECURITY_SESSION).debug("PDU Cipher code decryption failed, session " + this.distantSessionID);
                        throw new IOException("PDU failed to decrypt " + e.getMessage());
                    }
                }
                if (this.securityContext.getReceiveReply().isIntegrityEnabled()) {
                    this.se_mac.update(bArr);
                    if (!isEqual(this.se_mac.doFinal(), bArr2)) {
                        ProActiveLogger.getLogger(Loggers.SECURITY_SESSION).debug("PDU Mac code failed , session " + this.distantSessionID);
                        throw new IOException("PDU Mac code failed ");
                    }
                }
                break;
            case SERVER:
                if (this.securityContext.getReceiveRequest().isConfidentialityEnabled()) {
                    try {
                        bArr = this.cl_cipher.doFinal(bArr);
                    } catch (Exception e2) {
                        ProActiveLogger.getLogger(Loggers.SECURITY_SESSION).debug("PDU Cipher code decryption failed, session " + this.distantSessionID);
                        throw new IOException("PDU failed to decrypt " + e2.getMessage());
                    }
                }
                if (this.securityContext.getReceiveRequest().isIntegrityEnabled()) {
                    this.cl_mac.update(bArr);
                    byte[] doFinal = this.cl_mac.doFinal();
                    ProActiveLogger.getLogger(Loggers.SECURITY_SESSION).debug("readPDU as server cl_mac :" + displayByte(this.cl_hmac_key.getEncoded()));
                    if (!isEqual(doFinal, bArr2)) {
                        throw new IOException("PDU Mac code failed, session " + this.distantSessionID);
                    }
                }
                break;
        }
        return bArr;
    }

    private void writeObject(ObjectOutputStream objectOutputStream) throws IOException {
        objectOutputStream.defaultWriteObject();
        if (this.se_iv != null) {
            objectOutputStream.write(this.se_iv.getIV());
        } else {
            objectOutputStream.write(new byte[16]);
        }
        if (this.cl_iv != null) {
            objectOutputStream.write(this.cl_iv.getIV());
        } else {
            objectOutputStream.write(new byte[16]);
        }
    }

    private void readObject(ObjectInputStream objectInputStream) throws IOException, ClassNotFoundException {
        objectInputStream.defaultReadObject();
        byte[] bArr = new byte[16];
        objectInputStream.read(bArr);
        this.se_iv = new IvParameterSpec(bArr);
        objectInputStream.read(bArr);
        this.cl_iv = new IvParameterSpec(bArr);
        this.sec_rand = new SecureRandom();
        ProActiveSecurity.loadProvider();
        try {
            this.cl_cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
            this.se_cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
            this.rsa_eng = Cipher.getInstance("RSA/None/OAEPPadding", "BC");
            this.sec_rand = new SecureRandom();
            this.cl_mac = Mac.getInstance("HMACSHA1", "BC");
            this.se_mac = Mac.getInstance("HMACSHA1", "BC");
            if (this.se_iv != null && this.se_aes_key != null) {
                this.se_cipher.init(2, this.se_aes_key, this.se_iv);
            }
            if (this.cl_iv != null && this.cl_aes_key != null) {
                this.cl_cipher.init(1, this.cl_aes_key, this.cl_iv, this.sec_rand);
            }
            if (this.se_mac != null && this.se_hmac_key != null) {
                this.se_mac.init(this.se_hmac_key);
            }
            if (this.cl_mac != null && this.cl_hmac_key != null) {
                System.out.println("readObject session cl_mac : " + displayByte(this.cl_hmac_key.getEncoded()));
                this.cl_mac.init(this.cl_hmac_key);
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public static String displayByte(byte[] bArr) {
        if (bArr == null || bArr.length <= 0) {
            return null;
        }
        String[] strArr = {"0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "A", "B", "C", "D", CertTools.EMAIL3, "F"};
        StringBuffer stringBuffer = new StringBuffer(bArr.length * 2);
        for (int i = 0; i < bArr.length; i++) {
            stringBuffer.append(strArr[(byte) (((byte) (((byte) (bArr[i] & 240)) >>> 4)) & 15)]);
            stringBuffer.append(strArr[(byte) (bArr[i] & 15)]);
        }
        return new String(stringBuffer);
    }

    public String toString() {
        return "ID : " + this.distantSessionID + "\ncl_rand : " + displayByte(this.cl_rand) + "\nse_rand : " + displayByte(this.se_rand);
    }

    public SecurityContext getSecurityContext() {
        return this.securityContext;
    }

    public boolean isSessionValidated() {
        return this.isSessionValidated;
    }

    public void validate() {
        this.isSessionValidated = true;
    }
}
