package net.i2p.router.transport.ntcp;

import com.southernstorm.noise.protocol.CipherState;
import com.southernstorm.noise.protocol.CipherStatePair;
import com.southernstorm.noise.protocol.HandshakeState;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Arrays;
import net.i2p.crypto.HKDF;
import net.i2p.data.Base64;
import net.i2p.data.DataHelper;
import net.i2p.data.SessionKey;
import net.i2p.data.router.RouterInfo;
import net.i2p.router.RouterContext;
import net.i2p.router.transport.ntcp.NTCP2Payload;
import net.i2p.util.HexDump;
import net.i2p.util.Log;
import org.cybergarage.soap.SOAP;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:net/i2p/router/transport/ntcp/OutboundNTCP2State.class */
public class OutboundNTCP2State implements EstablishState {
    private final RouterContext _context;
    private final Log _log;
    private final NTCPTransport _transport;
    private final NTCPConnection _con;
    private int _received;
    private long _peerSkew;
    public static final int KEY_SIZE = 32;
    public static final int MAC_SIZE = 16;
    public static final int IV_SIZE = 16;
    public static final int OPTIONS1_SIZE = 16;
    public static final int MSG1_SIZE = 64;
    public static final int TOTAL1_MAX = 287;
    private static final int PADDING1_MAX = 64;
    private static final int PADDING3_MAX = 64;
    public static final int OPTIONS2_SIZE = 16;
    public static final int MSG2_SIZE = 64;
    public static final int MSG3P1_SIZE = 48;
    private static final int OPTIONS3_SIZE = 12;
    public static final long MAX_SKEW = 60;
    private static final byte[] ZEROLEN = new byte[0];
    private static final byte[] ONE = {1};
    public static final byte[] ZEROKEY = new byte[32];
    private static final byte[] ASK = {97, 115, 107, 1};
    private static final byte[] SIPHASH = DataHelper.getASCII("siphash");
    private final HandshakeState _handshakeState;
    private final RouterInfo _aliceRI;
    private final int _aliceRISize;
    private int _padlen1;
    private int _padlen2;
    private final int _padlen3;
    private final SessionKey _bobHash;
    private final byte[] _bobIV;
    private final Object _stateLock = new Object();
    private State _state = State.OB_INIT;
    private final byte[] _tmp = new byte[TOTAL1_MAX];

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/i2p/router/transport/ntcp/OutboundNTCP2State$State.class */
    public enum State {
        OB_INIT,
        OB_SENT_X,
        OB_GOT_HXY,
        OB_GOT_PADDING,
        VERIFIED,
        CORRUPT
    }

    public OutboundNTCP2State(RouterContext routerContext, NTCPTransport nTCPTransport, NTCPConnection nTCPConnection) {
        this._context = routerContext;
        this._log = routerContext.logManager().getLog(getClass());
        this._transport = nTCPTransport;
        this._con = nTCPConnection;
        try {
            this._handshakeState = new HandshakeState(HandshakeState.PATTERN_ID_XK, 1, this._transport.getXDHFactory());
            this._aliceRI = routerContext.router().getRouterInfo();
            if (this._aliceRI == null) {
                throw new IllegalStateException("no RI yet");
            }
            this._aliceRISize = this._aliceRI.toByteArray().length;
            this._padlen3 = this._context.random().nextInt(64);
            this._bobHash = new SessionKey(this._con.getRemotePeer().calculateHash().getData());
            String option = this._con.getRemoteAddress().getOption("i");
            if (option == null) {
                throw new IllegalArgumentException("no NTCP2 IV");
            }
            this._bobIV = Base64.decode(option);
            if (this._bobIV == null || this._bobIV.length != 16 || DataHelper.eq(this._bobIV, 0, ZEROKEY, 0, 16)) {
                throw new IllegalArgumentException("bad NTCP2 IV");
            }
        } catch (GeneralSecurityException e) {
            throw new IllegalStateException("bad proto", e);
        }
    }

    private void changeState(State state) {
        synchronized (this._stateLock) {
            this._state = state;
        }
    }

    @Override // net.i2p.router.transport.ntcp.EstablishState
    public synchronized void receive(ByteBuffer byteBuffer) {
        if (this._state == State.VERIFIED || this._state == State.CORRUPT) {
            throw new IllegalStateException(this + "received unexpected data on " + this._con);
        }
        if (this._log.shouldLog(10)) {
            this._log.debug(this + "Receiving: " + byteBuffer.remaining() + " Received: " + this._received);
        }
        if (byteBuffer.hasRemaining()) {
            receiveOutbound(byteBuffer);
        }
    }

    @Override // net.i2p.router.transport.ntcp.EstablishState
    public boolean isCorrupt() {
        boolean z;
        synchronized (this._stateLock) {
            z = this._state == State.CORRUPT;
        }
        return z;
    }

    @Override // net.i2p.router.transport.ntcp.EstablishState
    public boolean isComplete() {
        boolean z;
        synchronized (this._stateLock) {
            z = this._state == State.VERIFIED;
        }
        return z;
    }

    @Override // net.i2p.router.transport.ntcp.EstablishState
    public int getVersion() {
        return 2;
    }

    @Override // net.i2p.router.transport.ntcp.EstablishState
    public synchronized void prepareOutbound() {
        if (this._state != State.OB_INIT) {
            throw new IllegalStateException(this + "unexpected prepareOutbound()");
        }
        if (this._log.shouldLog(10)) {
            this._log.debug(this + "send X");
        }
        byte[] bArr = new byte[16];
        bArr[0] = (byte) this._context.router().getNetworkID();
        bArr[1] = 2;
        int nextInt = this._context.random().nextInt(64);
        DataHelper.toLong(bArr, 2, 2, nextInt);
        DataHelper.toLong(bArr, 4, 2, 4 + this._aliceRISize + 3 + 12 + 3 + this._padlen3 + 16);
        DataHelper.toLong(bArr, 8, 4, (this._context.clock().now() + 500) / 1000);
        String option = this._con.getRemoteAddress().getOption(SOAP.XMLNS);
        if (option == null) {
            fail("no NTCP2 S");
            return;
        }
        byte[] decode = Base64.decode(option);
        if (decode == null || decode.length != 32 || DataHelper.eq(decode, 0, ZEROKEY, 0, 32)) {
            fail("bad NTCP2 S: " + option);
            return;
        }
        this._handshakeState.getRemotePublicKey().setPublicKey(decode, 0);
        this._handshakeState.getLocalKeyPair().setKeys(this._transport.getNTCP2StaticPrivkey(), 0, this._transport.getNTCP2StaticPubkey(), 0);
        try {
            this._handshakeState.start();
            if (this._log.shouldDebug()) {
                this._log.debug("After start: " + this._handshakeState.toString());
            }
            this._handshakeState.writeMessage(this._tmp, 0, bArr, 0, 16);
            if (this._log.shouldDebug()) {
                this._log.debug("After msg 1: " + this._handshakeState.toString());
            }
            this._context.aes().encrypt(this._tmp, 0, this._tmp, 0, this._bobHash, this._bobIV, 32);
            System.arraycopy(this._tmp, 16, this._bobIV, 0, 16);
            if (nextInt > 0) {
                this._context.random().nextBytes(this._tmp, 64, nextInt);
                this._handshakeState.mixHash(this._tmp, 64, nextInt);
                if (this._log.shouldDebug()) {
                    this._log.debug("After mixhash padding " + nextInt + " msg 1: " + this._handshakeState.toString());
                }
            }
            changeState(State.OB_SENT_X);
            this._con.wantsWrite(this._tmp, 0, 64 + nextInt);
        } catch (RuntimeException e) {
            if (!this._log.shouldWarn()) {
                this._log.error("Bad msg 1 out", e);
            }
            fail("Bad msg 1 out", e);
        } catch (GeneralSecurityException e2) {
            if (!this._log.shouldWarn()) {
                this._log.error("Bad msg 1 out", e2);
            }
            fail("Bad msg 1 out", e2);
        }
    }

    private void receiveOutbound(ByteBuffer byteBuffer) {
        if (this._state == State.OB_SENT_X && byteBuffer.hasRemaining()) {
            int min = Math.min(byteBuffer.remaining(), 64 - this._received);
            byteBuffer.get(this._tmp, this._received, min);
            this._received += min;
            if (this._received < 64) {
                return;
            }
            this._context.aes().decrypt(this._tmp, 0, this._tmp, 0, this._bobHash, this._bobIV, 32);
            if (DataHelper.eqCT(this._tmp, 0, ZEROKEY, 0, 32)) {
                fail("Bad msg 2, Y = 0");
                return;
            }
            byte[] bArr = new byte[16];
            try {
                this._handshakeState.readMessage(this._tmp, 0, 64, bArr, 0);
                if (this._log.shouldDebug()) {
                    this._log.debug("After msg 2: " + this._handshakeState.toString());
                }
                this._padlen2 = (int) DataHelper.fromLong(bArr, 2, 2);
                long fromLong = DataHelper.fromLong(bArr, 8, 4);
                long now = this._context.clock().now();
                this._peerSkew = (((now - (fromLong * 1000)) - ((now - this._con.getCreated()) / 2)) + 500) / 1000;
                if (this._peerSkew > 60 || this._peerSkew < -60) {
                    long abs = 1000 * Math.abs(this._peerSkew);
                    if (this._context.clock().getUpdatedSuccessfully()) {
                        this._context.statManager().addRateData("ntcp.invalidOutboundSkew", abs);
                        fail("Clock Skew: " + this._peerSkew, null, true);
                        this._context.banlist().banlistRouter(DataHelper.formatDuration(abs), this._con.getRemotePeer().calculateHash(), "Excessive clock skew: {0}");
                        this._transport.setLastBadSkew(this._peerSkew);
                        return;
                    }
                    this._context.clock().setOffset(1000 * (0 - this._peerSkew), true);
                    this._peerSkew = 0L;
                    this._log.logAlways(30, "NTP failure, NTCP adjusting clock by " + DataHelper.formatDuration(abs));
                }
                changeState(State.OB_GOT_HXY);
                this._received = 0;
            } catch (RuntimeException e) {
                fail("Bad msg 2, Y = " + Base64.encode(this._tmp, 0, 32), e);
                return;
            } catch (GeneralSecurityException e2) {
                fail("Bad msg 2, Y = " + Base64.encode(this._tmp, 0, 32), e2);
                return;
            }
        }
        if (this._state != State.OB_GOT_HXY || !byteBuffer.hasRemaining()) {
            if ((this._state == State.VERIFIED || this._state == State.CORRUPT) && byteBuffer.hasRemaining() && this._log.shouldWarn()) {
                this._log.warn("Received unexpected " + byteBuffer.remaining() + " on " + this, new Exception());
                return;
            }
            return;
        }
        int min2 = Math.min(byteBuffer.remaining(), this._padlen2 - this._received);
        byteBuffer.get(this._tmp, this._received, min2);
        this._received += min2;
        if (this._received < this._padlen2) {
            return;
        }
        if (this._padlen2 > 0) {
            this._handshakeState.mixHash(this._tmp, 0, this._padlen2);
            if (this._log.shouldDebug()) {
                this._log.debug("After mixhash padding " + this._padlen2 + " msg 2: " + this._handshakeState.toString());
            }
        }
        changeState(State.OB_GOT_PADDING);
        if (byteBuffer.hasRemaining()) {
            fail("Extra data after msg 2: " + byteBuffer.remaining());
        } else {
            prepareOutbound3();
        }
    }

    private void prepareOutbound3() {
        int i = 4 + this._aliceRISize + 3 + 12 + 3 + this._padlen3;
        byte[] bArr = new byte[48 + i + 16];
        ArrayList arrayList = new ArrayList(3);
        arrayList.add(new NTCP2Payload.RIBlock(this._aliceRI, false));
        byte[] bArr2 = new byte[12];
        bArr2[0] = 0;
        bArr2[1] = 1;
        bArr2[2] = 0;
        bArr2[3] = 1;
        DataHelper.toLong(bArr2, 4, 2, 0L);
        DataHelper.toLong(bArr2, 6, 2, 0L);
        DataHelper.toLong(bArr2, 8, 2, 0L);
        DataHelper.toLong(bArr2, 10, 2, 0L);
        arrayList.add(new NTCP2Payload.OptionsBlock(bArr2));
        arrayList.add(new NTCP2Payload.PaddingBlock(this._padlen3));
        int writePayload = NTCP2Payload.writePayload(bArr, 48, arrayList);
        int i2 = 48 + i;
        if (writePayload != i2) {
            throw new IllegalStateException("msg3 size mismatch expected " + i2 + " got " + writePayload);
        }
        try {
            this._handshakeState.writeMessage(bArr, 0, bArr, 48, i);
            if (this._log.shouldDebug()) {
                this._log.debug("Sending msg3, part 1 is:\n" + HexDump.dump(bArr, 0, 48));
            }
            this._con.wantsWrite(bArr);
            if (this._log.shouldDebug()) {
                this._log.debug("After msg 3: " + this._handshakeState.toString());
            }
            setDataPhase();
        } catch (RuntimeException e) {
            if (!this._log.shouldWarn()) {
                this._log.error("Bad msg 3 out", e);
            }
            fail("Bad msg 3 out", e);
        } catch (GeneralSecurityException e2) {
            if (!this._log.shouldWarn()) {
                this._log.error("Bad msg 3 out", e2);
            }
            fail("Bad msg 3 out", e2);
        }
    }

    private void setDataPhase() {
        CipherStatePair split = this._handshakeState.split();
        CipherState receiver = split.getReceiver();
        CipherState sender = split.getSender();
        byte[][] generateSipHashKeys = generateSipHashKeys(this._context, this._handshakeState);
        byte[] bArr = generateSipHashKeys[0];
        byte[] bArr2 = generateSipHashKeys[1];
        if (this._log.shouldDebug()) {
            this._log.debug("Finished establishment for " + this + "\nGenerated SipHash key for A->B: " + Base64.encode(bArr) + "\nGenerated SipHash key for B->A: " + Base64.encode(bArr2));
        }
        this._con.finishOutboundEstablishment(sender, receiver, bArr, bArr2, this._peerSkew);
        changeState(State.VERIFIED);
        releaseBufs(true);
        this._handshakeState.destroy();
        Arrays.fill(bArr, (byte) 0);
        Arrays.fill(bArr2, (byte) 0);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Type inference failed for: r0v23, types: [byte[], byte[][]] */
    public static byte[][] generateSipHashKeys(RouterContext routerContext, HandshakeState handshakeState) {
        HKDF hkdf = new HKDF(routerContext);
        byte[] bArr = new byte[32];
        hkdf.calculate(handshakeState.getChainingKey(), ZEROLEN, "ask", bArr);
        byte[] bArr2 = new byte[32 + SIPHASH.length];
        System.arraycopy(handshakeState.getHandshakeHash(), 0, bArr2, 0, 32);
        System.arraycopy(SIPHASH, 0, bArr2, 32, SIPHASH.length);
        byte[] bArr3 = new byte[32];
        hkdf.calculate(bArr, bArr2, bArr3);
        Arrays.fill(bArr, (byte) 0);
        Arrays.fill(bArr2, (byte) 0);
        byte[] bArr4 = new byte[32];
        byte[] bArr5 = new byte[32];
        hkdf.calculate(bArr3, ZEROLEN, bArr4, bArr5, 0);
        Arrays.fill(bArr3, (byte) 0);
        return new byte[]{bArr4, bArr5};
    }

    @Override // net.i2p.router.transport.ntcp.EstablishState
    public synchronized void close(String str, Exception exc) {
        fail(str, exc);
    }

    protected void fail(String str) {
        fail(str, null);
    }

    protected void fail(String str, Exception exc) {
        fail(str, exc, false);
    }

    protected synchronized void fail(String str, Exception exc, boolean z) {
        if (this._state == State.CORRUPT || this._state == State.VERIFIED) {
            return;
        }
        changeState(State.CORRUPT);
        if (this._log.shouldWarn()) {
            this._log.warn(this + "Failed to establish: " + str, exc);
            this._log.warn("State at failure: " + this._handshakeState.toString());
        }
        this._handshakeState.destroy();
        if (!z) {
            this._context.statManager().addRateData("ntcp.receiveCorruptEstablishment", 1L);
        }
        releaseBufs(false);
    }

    private void releaseBufs(boolean z) {
        Arrays.fill(this._tmp, (byte) 0);
    }

    public String toString() {
        StringBuilder sb = new StringBuilder(64);
        sb.append("OBES2 ");
        sb.append(this._con.toString());
        sb.append(' ').append(this._state);
        if (this._con.isEstablished()) {
            sb.append(" established");
        }
        sb.append(": ");
        return sb.toString();
    }
}
