package com.citrixonline.platform.MCAPI;

import com.citrixonline.foundation.basicLogger.Log;
import com.citrixonline.foundation.crypto.SecureRandom;
import com.citrixonline.foundation.utils.DataBuffer;
import com.citrixonline.foundation.utils.ECContainer;
import com.citrixonline.foundation.utils.IntegerSet;
import com.citrixonline.foundation.utils.TextUtil;
import com.citrixonline.platform.MCAPI.E2ESec.KeyGenerator;
import com.citrixonline.platform.MCAPI.E2ESec.SecurityPolicy;
import com.citrixonline.platform.transportLayer.ChannelUUId;

/* loaded from: classes.dex */
public class SaltedSecureSession extends SecureSession implements ISecureSessionListener, IChannelListener {
    public static final int saltLength = 16;
    private boolean _ready = false;
    private int _epochSpi = 0;
    private int _packetSpi = 0;
    private boolean _dynamic = false;
    private int _saltChannelNum = 0;
    private IMChannel _saltChannel = null;
    private ISaltHandler _handler = new SaltHandler();
    private DataBuffer _salt = new DataBuffer();
    private DataBuffer _signature = new DataBuffer();
    private KeyGenerator _keyGenerator = null;

    /* loaded from: classes.dex */
    public interface ISaltHandler {
        boolean extract(DataBuffer dataBuffer, DataBuffer dataBuffer2, DataBuffer dataBuffer3);

        DataBuffer format(DataBuffer dataBuffer, DataBuffer dataBuffer2);
    }

    /* loaded from: classes.dex */
    public static class SaltHandler implements ISaltHandler {
        public static final int version = 2;

        private boolean _getBase64Val(ECContainer eCContainer, String str, DataBuffer dataBuffer) {
            dataBuffer.setLength(0);
            String base64 = eCContainer.getBase64(str);
            if (base64 == null || base64.length() == 0) {
                return false;
            }
            dataBuffer.append(TextUtil.fromBase64(base64));
            dataBuffer.rewind();
            return true;
        }

        @Override // com.citrixonline.platform.MCAPI.SaltedSecureSession.ISaltHandler
        public boolean extract(DataBuffer dataBuffer, DataBuffer dataBuffer2, DataBuffer dataBuffer3) {
            try {
                dataBuffer.readShort();
                ECContainer eCContainer = new ECContainer(dataBuffer.readUTF());
                if (eCContainer.getInt("Version") == 2 && _getBase64Val(eCContainer, "Salt", dataBuffer2)) {
                    return _getBase64Val(eCContainer, "Signature", dataBuffer3);
                }
                return false;
            } catch (Exception e) {
                Log.error("Error parsing salt packet: " + e);
                return false;
            }
        }

        @Override // com.citrixonline.platform.MCAPI.SaltedSecureSession.ISaltHandler
        public DataBuffer format(DataBuffer dataBuffer, DataBuffer dataBuffer2) {
            DataBuffer dataBuffer3 = new DataBuffer();
            try {
                dataBuffer3.writeShort(0);
                ECContainer eCContainer = new ECContainer();
                eCContainer.setBase64("Salt", TextUtil.toBase64(dataBuffer));
                eCContainer.setBase64("Signature", TextUtil.toBase64(dataBuffer2));
                eCContainer.setInt("Version", 2);
                dataBuffer3.writeUTF(eCContainer.toString());
            } catch (Exception e) {
                Log.error("Error formatting salt packet: " + e);
            }
            dataBuffer3.rewind();
            return dataBuffer3;
        }
    }

    public SaltedSecureSession() {
        setSecurityListener(this);
    }

    private void _injectKeySet(int i) {
        createSA(i, SecurityPolicy.eCryptoAES128_CTR, this._keyGenerator.getEncryptionKey(i), SecurityPolicy.eIntegrityHMAC_SHA1, this._keyGenerator.getIntegrityKey(i));
    }

    private void _setDefaultSpi() {
        if (!this._ready || this._epochSpi < 1 || this._packetSpi < 1) {
            return;
        }
        Log.debug("Setting default SPI " + this._epochSpi + ", " + this._packetSpi);
        _injectKeySet(this._epochSpi);
        _injectKeySet(this._packetSpi);
        setDefaultSAs(this._epochSpi, this._packetSpi);
    }

    private boolean _updateSalt() {
        this._ready = this._keyGenerator.updateSalt(this._salt, this._signature) != null;
        if (!this._ready) {
            Log.error("E2Esec validation failed.");
            _dispatch(new MSessionEvent(this, MSessionEvent.E2ESEC_FAILED));
            return false;
        }
        Log.info("E2Esec validation succeeded.");
        _setDefaultSpi();
        super._reportJoined();
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.citrixonline.platform.MCAPI.MSession
    public void _reportJoined() {
    }

    public boolean configure(DataBuffer dataBuffer, String str, DataBuffer dataBuffer2) {
        if (this._ready) {
            Log.error("Already initialized.");
            return true;
        }
        this._keyGenerator = new KeyGenerator(dataBuffer, str, dataBuffer2);
        this._dynamic = dataBuffer2 == null;
        this._ready = !this._dynamic;
        if (!this._ready) {
            return this._salt.getLength() > 0 && _updateSalt();
        }
        _setDefaultSpi();
        return true;
    }

    @Override // com.citrixonline.platform.MCAPI.IChannelListener
    public void handleChannelEnable(IMChannel iMChannel) {
        if (iMChannel.getAnchor() != getParticipantId()) {
            return;
        }
        Log.debug("Generating salt");
        byte[] generateSeed = new SecureRandom().generateSeed(16);
        DataBuffer dataBuffer = new DataBuffer();
        dataBuffer.importBuffer(generateSeed, 0, 16);
        DataBuffer updateSalt = this._keyGenerator.updateSalt(dataBuffer, null);
        this._ready = true;
        _setDefaultSpi();
        Log.debug("Publishing salt");
        iMChannel.sendData(this._handler.format(dataBuffer, updateSalt));
        super._reportJoined();
    }

    @Override // com.citrixonline.platform.MCAPI.IChannelListener
    public void handleEpoch(IMChannel iMChannel, MEpoch mEpoch) {
        DataBuffer dataBuffer = iMChannel.getPacket(mEpoch, mEpoch.working.any()).data;
        if (this._handler.extract(dataBuffer, this._salt, this._signature)) {
            _updateSalt();
        } else {
            Log.error("E2Esec failed to parse salt packet " + TextUtil.toHex(dataBuffer));
        }
    }

    @Override // com.citrixonline.platform.MCAPI.MSession, com.citrixonline.platform.sessionLayer.ISessionListener
    public void handleGroupState(int i, IntegerSet integerSet) {
        int participantId = getParticipantId() & 63;
        if (this._epochSpi < 1) {
            this._epochSpi = participantId | 128;
        }
        if (this._packetSpi < 1) {
            this._packetSpi = participantId | 192;
        }
        super.handleGroupState(i, integerSet);
        int firstOrganizer = getFirstOrganizer();
        if (this._dynamic && firstOrganizer != 0 && this._saltChannel == null) {
            boolean z = firstOrganizer == getParticipantId();
            Log.info("E2Esec: init=" + z);
            this._saltChannel = _subscribe(new ChannelUUId(firstOrganizer, this._saltChannelNum), 1, z ? participantACL : null, null);
            this._saltChannel.subscribe(this);
        }
    }

    @Override // com.citrixonline.platform.MCAPI.ISecureSessionListener
    public void handleMissingKeySet(ISecureSession iSecureSession, int i) {
        if (this._keyGenerator == null) {
            Log.error("Unable to generate E2ESec keys: uninitialized.");
        } else {
            Log.debug("Injecting E2Esec key " + i);
            _injectKeySet(i);
        }
    }

    public void setDefaultSpi(int i, int i2) {
        this._epochSpi = i;
        this._packetSpi = i2;
        _setDefaultSpi();
    }

    public void setSaltChannel(int i) {
        if (this._saltChannelNum != 0) {
            Log.error("Salt channel already set as " + this._saltChannelNum);
        } else {
            this._saltChannelNum = i;
            setSpecialSAs(i, 0, 0);
        }
    }

    public void setSaltHandler(ISaltHandler iSaltHandler) {
        this._handler = iSaltHandler;
    }
}
