package com.citrixonline.platform.MCAPI;

import com.citrixonline.foundation.basicLogger.Log;
import com.citrixonline.foundation.crypto.SecureRandom;
import com.citrixonline.foundation.utils.DataBuffer;
import com.citrixonline.foundation.utils.ECContainer;
import com.citrixonline.foundation.utils.IntegerSet;
import com.citrixonline.foundation.utils.TextUtil;
import com.citrixonline.platform.MCAPI.E2ESec.KeyGenerator;
import com.citrixonline.platform.MCAPI.E2ESec.SecurityPolicy;
import java.util.Vector;

/* loaded from: classes.dex */
public class SaltedSecureSession extends SecureSession implements ISecureSessionListener, IChannelListener {
    public static final int saltLength = 16;
    private boolean _ready = false;
    private int _epochSpi = 0;
    private int _packetSpi = 0;
    private boolean _dynamic = false;
    private int _saltChannelNum = 0;
    private IMChannel _saltChannel = null;
    private ISaltHandler _handler = new SaltHandler();
    private DataBuffer _salt = new DataBuffer();
    private DataBuffer _signature = new DataBuffer();
    private KeyGenerator _keyGenerator = null;

    /* loaded from: classes.dex */
    public interface ISaltHandler {
        boolean extract(DataBuffer dataBuffer, DataBuffer dataBuffer2, DataBuffer dataBuffer3);

        DataBuffer format(DataBuffer dataBuffer, DataBuffer dataBuffer2);
    }

    /* loaded from: classes.dex */
    public static class SaltHandler implements ISaltHandler {
        private String _format(String str, DataBuffer dataBuffer) {
            return "<member><name>" + str + "</name><value><base64>" + TextUtil.toBase64(dataBuffer) + "</base64></value></member>";
        }

        private boolean _getBase64Val(String[] strArr, String str, DataBuffer dataBuffer) {
            dataBuffer.setLength(0);
            int length = strArr.length - 7;
            int i = 1;
            while (i < length) {
                if (strArr[i].equals("name")) {
                    i++;
                    if (strArr[i].equals(str)) {
                        i += 3;
                        if (strArr[i].equals(ECContainer.BASE64)) {
                            dataBuffer.append(TextUtil.fromBase64(strArr[i + 1]));
                            dataBuffer.rewind();
                            return true;
                        }
                    } else {
                        continue;
                    }
                }
                i++;
            }
            return false;
        }

        @Override // com.citrixonline.platform.MCAPI.SaltedSecureSession.ISaltHandler
        public boolean extract(DataBuffer dataBuffer, DataBuffer dataBuffer2, DataBuffer dataBuffer3) {
            try {
                dataBuffer.readShort();
                String[] split = TextUtil.split(dataBuffer.readUTF(), "<>");
                if (_getBase64Val(split, "Salt", dataBuffer2)) {
                    return _getBase64Val(split, "Signature", dataBuffer3);
                }
                return false;
            } catch (Exception e) {
                Log.error("Error parsing salt packet: " + e);
                return false;
            }
        }

        @Override // com.citrixonline.platform.MCAPI.SaltedSecureSession.ISaltHandler
        public DataBuffer format(DataBuffer dataBuffer, DataBuffer dataBuffer2) {
            DataBuffer dataBuffer3 = new DataBuffer();
            try {
                dataBuffer3.writeShort(0);
                dataBuffer3.writeUTF("<struct>" + _format("Salt", dataBuffer) + _format("Signature", dataBuffer2) + "<member><name>Version</name><value><int>2</int></value></member></struct>");
            } catch (Exception e) {
                Log.error("Error formatting salt packet: " + e);
            }
            dataBuffer3.rewind();
            return dataBuffer3;
        }
    }

    public SaltedSecureSession() {
        setSecurityListener(this);
    }

    private void _injectKeySet(int i) {
        createSA(i, SecurityPolicy.eCryptoAES128_CTR, this._keyGenerator.getEncryptionKey(i), SecurityPolicy.eIntegrityHMAC_SHA1, this._keyGenerator.getIntegrityKey(i));
    }

    private void _setDefaultSpi() {
        if (!this._ready || this._epochSpi < 1 || this._packetSpi < 1) {
            return;
        }
        Log.debug("Setting default SPI " + this._epochSpi + ", " + this._packetSpi);
        _injectKeySet(this._epochSpi);
        _injectKeySet(this._packetSpi);
        setDefaultSAs(this._epochSpi, this._packetSpi);
    }

    private void _updateSalt() {
        this._ready = this._keyGenerator.updateSalt(this._salt, this._signature) != null;
        _setDefaultSpi();
        String str = this._ready ? MSessionEvent.E2ESEC_READY : MSessionEvent.E2ESEC_FAILED;
        Log.log(this._ready ? 20 : 40, "E2Esec validation: " + str);
        _dispatch(new MSessionEvent(this, str));
    }

    public void configure(DataBuffer dataBuffer, String str, DataBuffer dataBuffer2) {
        if (this._ready) {
            Log.error("Already initialized.");
            return;
        }
        this._keyGenerator = new KeyGenerator(dataBuffer, str, dataBuffer2);
        this._dynamic = dataBuffer2 == null;
        this._ready = this._dynamic ? false : true;
        if (this._salt.getLength() > 0) {
            _updateSalt();
        }
        _setDefaultSpi();
    }

    @Override // com.citrixonline.platform.MCAPI.SecureSession, com.citrixonline.platform.MCAPI.MSession, com.citrixonline.platform.MCAPI.IMSessionState
    public int getType() {
        return this._dynamic ? 2 : 1;
    }

    @Override // com.citrixonline.platform.MCAPI.IChannelListener
    public void handleChannelEnable(IMChannel iMChannel) {
        if (iMChannel.getAnchor() != getParticipantId()) {
            return;
        }
        Log.debug("Generating salt");
        byte[] generateSeed = new SecureRandom().generateSeed(16);
        DataBuffer dataBuffer = new DataBuffer();
        dataBuffer.importBuffer(generateSeed, 0, 16);
        DataBuffer updateSalt = this._keyGenerator.updateSalt(dataBuffer, null);
        this._ready = true;
        _setDefaultSpi();
        Log.debug("Publishing salt");
        Vector vector = new Vector();
        vector.addElement(this._handler.format(dataBuffer, updateSalt));
        iMChannel.sendEpochAtomic(vector);
        _dispatch(new MSessionEvent(this, MSessionEvent.E2ESEC_READY));
    }

    @Override // com.citrixonline.platform.MCAPI.IChannelListener
    public void handleEpoch(IMChannel iMChannel, MEpoch mEpoch) {
        this._handler.extract(iMChannel.getPacket(mEpoch.getStream(), mEpoch.working.any()).data, this._salt, this._signature);
        _updateSalt();
    }

    @Override // com.citrixonline.platform.MCAPI.MSession, com.citrixonline.platform.sessionLayer.ISessionListener
    public void handleGroupState(int i, IntegerSet integerSet) {
        int participantId = getParticipantId() & 63;
        if (this._epochSpi < 1) {
            this._epochSpi = participantId | 128;
        }
        if (this._packetSpi < 1) {
            this._packetSpi = participantId | 192;
        }
        super.handleGroupState(i, integerSet);
        if (this._dynamic && i == 6 && this._saltChannel == null) {
            if (integerSet.isEmpty()) {
                Log.info("Waiting for E2Esec initializer in group " + i);
                return;
            }
            if (integerSet.contains(getParticipantId())) {
                Log.info("Initializing E2Esec");
                this._saltChannel = activate(this._saltChannelNum, 1, null);
            } else {
                Log.info("Configuring E2Esec");
                this._saltChannel = subscribe(integerSet.any(), this._saltChannelNum, 1);
            }
            this._saltChannel.subscribe(this);
        }
    }

    @Override // com.citrixonline.platform.MCAPI.ISecureSessionListener
    public void handleMissingKeySet(ISecureSession iSecureSession, int i) {
        if (this._keyGenerator == null) {
            Log.error("Unable to generate E2ESec keys: uninitialized.");
        } else {
            Log.debug("Injecting E2Esec key " + i);
            _injectKeySet(i);
        }
    }

    public void setDefaultSpi(int i, int i2) {
        this._epochSpi = i;
        this._packetSpi = i2;
        _setDefaultSpi();
    }

    public void setSaltChannel(int i) {
        if (this._saltChannelNum != 0) {
            Log.error("Salt channel already set as " + this._saltChannelNum);
        } else {
            this._saltChannelNum = i;
            setSpecialSAs(i, 0, 0);
        }
    }

    public void setSaltHandler(ISaltHandler iSaltHandler) {
        this._handler = iSaltHandler;
    }
}
