package net.luminis.quic.crypto;

import com.appsflyer.internal.OooOOO;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.StandardOpenOption;
import java.nio.file.attribute.FileAttribute;
import java.util.ArrayList;
import kotlin.jvm.internal.ByteCompanionObject;
import net.luminis.quic.EncryptionLevel;
import net.luminis.quic.Role;
import net.luminis.quic.Version;
import net.luminis.quic.log.Logger;
import net.luminis.tls.TlsConstants;
import net.luminis.tls.TrafficSecrets;
import net.luminis.tls.util.ByteUtils;

/* loaded from: classes2.dex */
public class ConnectionSecrets {
    public static final byte[] STATIC_SALT_DRAFT_29 = {-81, -65, -20, 40, -103, -109, -46, 76, -98, -105, -122, -15, -100, 97, 17, -32, 67, -112, -88, -103};
    public static final byte[] STATIC_SALT_V1 = {56, 118, 44, -9, -11, 89, 52, -77, 77, 23, -102, -26, -92, -56, 12, -83, -52, -69, ByteCompanionObject.MAX_VALUE, 10};
    private byte[] clientRandom;
    private Logger log;
    private final Role ownRole;
    private final Version quicVersion;
    private TlsConstants.CipherSuite selectedCipherSuite;
    private Path wiresharkSecretsFile;
    private boolean writeSecretsToFile;
    private Keys[] clientSecrets = new Keys[EncryptionLevel.values().length];
    private Keys[] serverSecrets = new Keys[EncryptionLevel.values().length];

    public ConnectionSecrets(Version version, Role role, Path path, Logger logger) {
        this.quicVersion = version;
        this.ownRole = role;
        this.log = logger;
        if (path != null) {
            this.wiresharkSecretsFile = path;
            try {
                Files.deleteIfExists(path);
                Files.createFile(this.wiresharkSecretsFile, new FileAttribute[0]);
                this.writeSecretsToFile = true;
            } catch (IOException e) {
                logger.error("Initializing (creating/truncating) secrets file '" + this.wiresharkSecretsFile + "' failed", e);
            }
        }
    }

    private void appendToFile(String str, EncryptionLevel encryptionLevel) {
        StandardOpenOption standardOpenOption;
        ArrayList arrayList = new ArrayList();
        String bytesToHex = ByteUtils.bytesToHex(this.clientRandom);
        String bytesToHex2 = ByteUtils.bytesToHex(this.clientSecrets[encryptionLevel.ordinal()].getTrafficSecret());
        StringBuilder OooO00o2 = OooOOO.OooO00o("CLIENT_", str, " ", bytesToHex, " ");
        OooO00o2.append(bytesToHex2);
        arrayList.add(OooO00o2.toString());
        String bytesToHex3 = ByteUtils.bytesToHex(this.clientRandom);
        String bytesToHex4 = ByteUtils.bytesToHex(this.serverSecrets[encryptionLevel.ordinal()].getTrafficSecret());
        StringBuilder OooO00o3 = OooOOO.OooO00o("SERVER_", str, " ", bytesToHex3, " ");
        OooO00o3.append(bytesToHex4);
        arrayList.add(OooO00o3.toString());
        try {
            Path path = this.wiresharkSecretsFile;
            standardOpenOption = StandardOpenOption.APPEND;
            Files.write(path, arrayList, standardOpenOption);
        } catch (IOException e) {
            this.log.error("Writing secrets to file '" + this.wiresharkSecretsFile + "' failed", e);
            this.writeSecretsToFile = false;
        }
    }

    private void createKeys(EncryptionLevel encryptionLevel, TlsConstants.CipherSuite cipherSuite) {
        Keys chacha20Keys;
        Keys chacha20Keys2;
        if (cipherSuite == TlsConstants.CipherSuite.TLS_AES_128_GCM_SHA256) {
            chacha20Keys = new Keys(this.quicVersion, Role.Client, this.log);
            chacha20Keys2 = new Keys(this.quicVersion, Role.Server, this.log);
        } else {
            if (cipherSuite != TlsConstants.CipherSuite.TLS_CHACHA20_POLY1305_SHA256) {
                throw new IllegalStateException("unsupported cipher suite " + cipherSuite);
            }
            chacha20Keys = new Chacha20Keys(this.quicVersion, Role.Client, this.log);
            chacha20Keys2 = new Chacha20Keys(this.quicVersion, Role.Server, this.log);
        }
        this.clientSecrets[encryptionLevel.ordinal()] = chacha20Keys;
        this.serverSecrets[encryptionLevel.ordinal()] = chacha20Keys2;
        chacha20Keys.setPeerKeys(chacha20Keys2);
        chacha20Keys2.setPeerKeys(chacha20Keys);
    }

    public synchronized void computeApplicationSecrets(TrafficSecrets trafficSecrets) {
        EncryptionLevel encryptionLevel = EncryptionLevel.App;
        createKeys(encryptionLevel, this.selectedCipherSuite);
        this.clientSecrets[encryptionLevel.ordinal()].computeApplicationKeys(trafficSecrets);
        this.serverSecrets[encryptionLevel.ordinal()].computeApplicationKeys(trafficSecrets);
        if (this.writeSecretsToFile) {
            appendToFile("TRAFFIC_SECRET_0", encryptionLevel);
        }
    }

    public synchronized void computeEarlySecrets(TrafficSecrets trafficSecrets) {
        Keys keys = new Keys(this.quicVersion, Role.Client, this.log);
        keys.computeZeroRttKeys(trafficSecrets);
        this.clientSecrets[EncryptionLevel.ZeroRTT.ordinal()] = keys;
    }

    public synchronized void computeHandshakeSecrets(TrafficSecrets trafficSecrets, TlsConstants.CipherSuite cipherSuite) {
        this.selectedCipherSuite = cipherSuite;
        EncryptionLevel encryptionLevel = EncryptionLevel.Handshake;
        createKeys(encryptionLevel, cipherSuite);
        this.clientSecrets[encryptionLevel.ordinal()].computeHandshakeKeys(trafficSecrets);
        this.serverSecrets[encryptionLevel.ordinal()].computeHandshakeKeys(trafficSecrets);
        if (this.writeSecretsToFile) {
            appendToFile("HANDSHAKE_TRAFFIC_SECRET", encryptionLevel);
        }
    }

    /* JADX WARN: Type inference failed for: r0v5, types: [java.lang.Object, oOO00O.OooO0O0$OooO00o] */
    public synchronized void computeInitialKeys(byte[] bArr) {
        try {
            if (oOO00O.OooO00o.f74076OooO0O0 == null) {
                oOO00O.OooO00o.f74076OooO0O0 = new oOO00O.OooO00o(new Object());
            }
            byte[] OooO0O02 = oOO00O.OooO00o.f74076OooO0O0.OooO0O0(this.quicVersion == Version.QUIC_version_1 ? STATIC_SALT_V1 : STATIC_SALT_DRAFT_29, bArr);
            this.log.secret("Initial secret", OooO0O02);
            Keys[] keysArr = this.clientSecrets;
            EncryptionLevel encryptionLevel = EncryptionLevel.Initial;
            keysArr[encryptionLevel.ordinal()] = new Keys(this.quicVersion, OooO0O02, Role.Client, this.log);
            this.serverSecrets[encryptionLevel.ordinal()] = new Keys(this.quicVersion, OooO0O02, Role.Server, this.log);
        } catch (Throwable th) {
            throw th;
        }
    }

    public synchronized Keys getClientSecrets(EncryptionLevel encryptionLevel) {
        return this.clientSecrets[encryptionLevel.ordinal()];
    }

    public synchronized Keys getOwnSecrets(EncryptionLevel encryptionLevel) {
        try {
        } catch (Throwable th) {
            throw th;
        }
        return this.ownRole == Role.Client ? this.clientSecrets[encryptionLevel.ordinal()] : this.serverSecrets[encryptionLevel.ordinal()];
    }

    public synchronized Keys getPeerSecrets(EncryptionLevel encryptionLevel) {
        try {
        } catch (Throwable th) {
            throw th;
        }
        return this.ownRole == Role.Client ? this.serverSecrets[encryptionLevel.ordinal()] : this.clientSecrets[encryptionLevel.ordinal()];
    }

    public synchronized Keys getServerSecrets(EncryptionLevel encryptionLevel) {
        return this.serverSecrets[encryptionLevel.ordinal()];
    }

    public void setClientRandom(byte[] bArr) {
        this.clientRandom = bArr;
    }
}
