package com.acgist.snail.net.torrent.crypt;

import com.acgist.snail.config.CryptConfig;
import com.acgist.snail.config.PeerConfig;
import com.acgist.snail.config.SystemConfig;
import com.acgist.snail.context.TorrentContext;
import com.acgist.snail.context.exception.NetException;
import com.acgist.snail.context.exception.PacketSizeException;
import com.acgist.snail.net.torrent.crypt.MSEKeyPairBuilder;
import com.acgist.snail.net.torrent.peer.PeerSubMessageHandler;
import com.acgist.snail.net.torrent.peer.PeerUnpackMessageCodec;
import com.acgist.snail.pojo.bean.InfoHash;
import com.acgist.snail.pojo.session.TorrentSession;
import com.acgist.snail.utils.ArrayUtils;
import com.acgist.snail.utils.DigestUtils;
import com.acgist.snail.utils.NumberUtils;
import com.acgist.snail.utils.StringUtils;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.util.Iterator;
import java.util.Random;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/acgist/snail/net/torrent/crypt/MSECryptHandshakeHandler.class */
public final class MSECryptHandshakeHandler {
    private static final Logger LOGGER = LoggerFactory.getLogger(MSECryptHandshakeHandler.class);
    private static final int BUFFER_LENGTH = 4096;
    private static final int HANDSHAKE_TIMEOUT = 5000;
    private Step step = Step.RECEIVE_PUBLIC_KEY;
    private volatile boolean crypt = false;
    private volatile boolean completed = false;
    private final Object handshakeLock = new Object();
    private MSECipher cipher;
    private MSECipher cipherVC;
    private KeyPair keyPair;
    private CryptConfig.Strategy strategy;
    private ByteBuffer buffer;
    private BigInteger dhSecret;
    private MSEPaddingSync msePaddingSync;
    private final PeerSubMessageHandler peerSubMessageHandler;
    private final PeerUnpackMessageCodec peerUnpackMessageCodec;
    private static final int PUBLIC_KEY_MIN_LENGTH = 96;
    private static final int PUBLIC_KEY_MAX_LENGTH = 608;
    private static final int PROVIDE_MIN_LENGTH = 56;
    private static final int PROVIDE_MAX_LENGTH = 568;
    private static final int CONFIRM_MIN_LENGTH = 14;
    private static final int CONFIRM_MAX_LENGTH = 526;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.acgist.snail.net.torrent.crypt.MSECryptHandshakeHandler$1, reason: invalid class name */
    /* loaded from: input_file:com/acgist/snail/net/torrent/crypt/MSECryptHandshakeHandler$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$acgist$snail$net$torrent$crypt$MSECryptHandshakeHandler$Step;

        static {
            try {
                $SwitchMap$com$acgist$snail$config$CryptConfig$Strategy[CryptConfig.Strategy.PLAINTEXT.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$acgist$snail$config$CryptConfig$Strategy[CryptConfig.Strategy.PREFER_PLAINTEXT.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$acgist$snail$config$CryptConfig$Strategy[CryptConfig.Strategy.PREFER_ENCRYPT.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$acgist$snail$config$CryptConfig$Strategy[CryptConfig.Strategy.ENCRYPT.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            $SwitchMap$com$acgist$snail$net$torrent$crypt$MSECryptHandshakeHandler$Step = new int[Step.values().length];
            try {
                $SwitchMap$com$acgist$snail$net$torrent$crypt$MSECryptHandshakeHandler$Step[Step.SEND_PUBLIC_KEY.ordinal()] = 1;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$com$acgist$snail$net$torrent$crypt$MSECryptHandshakeHandler$Step[Step.RECEIVE_PUBLIC_KEY.ordinal()] = 2;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$com$acgist$snail$net$torrent$crypt$MSECryptHandshakeHandler$Step[Step.RECEIVE_PROVIDE.ordinal()] = 3;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$com$acgist$snail$net$torrent$crypt$MSECryptHandshakeHandler$Step[Step.RECEIVE_PROVIDE_PADDING.ordinal()] = 4;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$com$acgist$snail$net$torrent$crypt$MSECryptHandshakeHandler$Step[Step.RECEIVE_CONFIRM.ordinal()] = 5;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$com$acgist$snail$net$torrent$crypt$MSECryptHandshakeHandler$Step[Step.RECEIVE_CONFIRM_PADDING.ordinal()] = 6;
            } catch (NoSuchFieldError e10) {
            }
        }
    }

    /* loaded from: input_file:com/acgist/snail/net/torrent/crypt/MSECryptHandshakeHandler$Step.class */
    public enum Step {
        SEND_PUBLIC_KEY,
        RECEIVE_PUBLIC_KEY,
        SEND_PROVIDE,
        RECEIVE_PROVIDE,
        RECEIVE_PROVIDE_PADDING,
        SEND_CONFIRM,
        RECEIVE_CONFIRM,
        RECEIVE_CONFIRM_PADDING
    }

    private MSECryptHandshakeHandler(PeerUnpackMessageCodec peerUnpackMessageCodec, PeerSubMessageHandler peerSubMessageHandler) {
        MSEKeyPairBuilder newInstance = MSEKeyPairBuilder.newInstance();
        this.buffer = ByteBuffer.allocate(BUFFER_LENGTH);
        this.keyPair = newInstance.buildKeyPair();
        this.peerSubMessageHandler = peerSubMessageHandler;
        this.peerUnpackMessageCodec = peerUnpackMessageCodec;
    }

    public static final MSECryptHandshakeHandler newInstance(PeerUnpackMessageCodec peerUnpackMessageCodec, PeerSubMessageHandler peerSubMessageHandler) {
        return new MSECryptHandshakeHandler(peerUnpackMessageCodec, peerSubMessageHandler);
    }

    public void plaintext() {
        completed(false);
    }

    public boolean completed() {
        return this.completed;
    }

    public void handshake() {
        this.step = Step.SEND_PUBLIC_KEY;
        sendPublicKey();
    }

    public void handshake(ByteBuffer byteBuffer) throws NetException {
        try {
            if (checkPlaintextPeerHandshake(byteBuffer)) {
                LOGGER.debug("跳过加密握手：收到Peer明文握手消息");
                return;
            }
            synchronized (this.buffer) {
                switch (AnonymousClass1.$SwitchMap$com$acgist$snail$net$torrent$crypt$MSECryptHandshakeHandler$Step[this.step.ordinal()]) {
                    case 1:
                    case 2:
                        this.buffer.put(byteBuffer);
                        receivePublicKey();
                        break;
                    case 3:
                        this.buffer.put(byteBuffer);
                        receiveProvide();
                        break;
                    case 4:
                        this.cipher.decrypt(byteBuffer);
                        this.buffer.put(byteBuffer);
                        receiveProvidePadding();
                        break;
                    case 5:
                        this.buffer.put(byteBuffer);
                        receiveConfirm();
                        break;
                    case SystemConfig.IP_PORT_LENGTH /* 6 */:
                        this.cipher.decrypt(byteBuffer);
                        this.buffer.put(byteBuffer);
                        receiveConfirmPadding();
                        break;
                    default:
                        LOGGER.warn("加密握手失败（未适配步骤）：{}", this.step);
                        break;
                }
            }
        } catch (NetException e) {
            LOGGER.debug("加密握手异常：使用明文");
            plaintext();
            throw e;
        } catch (Exception e2) {
            LOGGER.debug("加密握手异常：使用明文");
            plaintext();
            throw new NetException("加密握手失败", e2);
        }
    }

    public boolean available() {
        return this.peerSubMessageHandler.available();
    }

    public boolean needEncrypt() {
        return this.peerSubMessageHandler.needEncrypt();
    }

    public void encrypt(ByteBuffer byteBuffer) {
        if (this.crypt) {
            this.cipher.encrypt(byteBuffer);
        }
    }

    public void decrypt(ByteBuffer byteBuffer) {
        if (this.crypt) {
            this.cipher.decrypt(byteBuffer);
        }
    }

    public void lockHandshake() {
        if (!this.completed) {
            synchronized (this.handshakeLock) {
                if (!this.completed) {
                    try {
                        this.handshakeLock.wait(5000L);
                    } catch (InterruptedException e) {
                        LOGGER.debug("线程等待异常", e);
                        Thread.currentThread().interrupt();
                    }
                }
            }
        }
        if (this.completed) {
            return;
        }
        LOGGER.debug("加密握手失败：使用明文");
        plaintext();
    }

    private void unlockHandshake() {
        synchronized (this.handshakeLock) {
            this.handshakeLock.notifyAll();
        }
    }

    private void sendPublicKey() {
        LOGGER.debug("加密握手（发送公钥）步骤：{}", this.step);
        byte[] encoded = this.keyPair.getPublic().getEncoded();
        byte[] buildPadding = buildPadding(CryptConfig.PADDING_MAX_LENGTH);
        ByteBuffer allocate = ByteBuffer.allocate(encoded.length + buildPadding.length);
        allocate.put(encoded);
        allocate.put(buildPadding);
        this.peerSubMessageHandler.send(allocate);
    }

    private void receivePublicKey() throws NetException {
        LOGGER.debug("加密握手（接收公钥）步骤：{}", this.step);
        if (this.buffer.position() < 96) {
            return;
        }
        if (this.buffer.position() > PUBLIC_KEY_MAX_LENGTH) {
            throw new NetException("加密握手失败（公钥长度错误）");
        }
        this.buffer.flip();
        BigInteger decodeBigInteger = NumberUtils.decodeBigInteger(this.buffer, 96);
        this.buffer.compact();
        this.dhSecret = ((MSEKeyPairBuilder.MSEPrivateKey) this.keyPair.getPrivate()).buildDHSecret(decodeBigInteger);
        if (this.step == Step.RECEIVE_PUBLIC_KEY) {
            sendPublicKey();
            this.step = Step.RECEIVE_PROVIDE;
        } else if (this.step != Step.SEND_PUBLIC_KEY) {
            LOGGER.warn("加密握手失败（接收公钥未知步骤）：{}", this.step);
        } else {
            sendProvide();
            this.step = Step.RECEIVE_CONFIRM;
        }
    }

    private void sendProvide() throws NetException {
        LOGGER.debug("加密握手（发送加密协议协商）步骤：{}", this.step);
        TorrentSession torrentSession = this.peerSubMessageHandler.torrentSession();
        if (torrentSession == null) {
            throw new NetException("加密握手失败（种子信息不存在）");
        }
        byte[] encodeBigInteger = NumberUtils.encodeBigInteger(this.dhSecret, 96);
        InfoHash infoHash = torrentSession.infoHash();
        this.cipher = MSECipher.newSender(encodeBigInteger, infoHash);
        this.cipherVC = MSECipher.newSender(encodeBigInteger, infoHash);
        ByteBuffer allocate = ByteBuffer.allocate(40);
        MessageDigest sha1 = DigestUtils.sha1();
        sha1.update("req1".getBytes());
        sha1.update(encodeBigInteger);
        allocate.put(sha1.digest());
        sha1.reset();
        sha1.update("req2".getBytes());
        sha1.update(infoHash.infoHash());
        byte[] digest = sha1.digest();
        sha1.reset();
        sha1.update("req3".getBytes());
        sha1.update(encodeBigInteger);
        allocate.put(ArrayUtils.xor(digest, sha1.digest()));
        this.peerSubMessageHandler.send(allocate);
        byte[] buildZeroPadding = buildZeroPadding(CryptConfig.PADDING_MAX_LENGTH);
        int length = buildZeroPadding.length;
        ByteBuffer allocate2 = ByteBuffer.allocate(16 + length);
        allocate2.put(CryptConfig.VC);
        allocate2.putInt(CryptConfig.STRATEGY.provide());
        allocate2.putShort((short) length);
        allocate2.put(buildZeroPadding);
        allocate2.putShort((short) 0);
        this.cipher.encrypt(allocate2);
        this.peerSubMessageHandler.send(allocate2);
    }

    private void receiveProvide() throws NetException {
        LOGGER.debug("加密握手（接收加密协议协商）步骤：{}", this.step);
        byte[] encodeBigInteger = NumberUtils.encodeBigInteger(this.dhSecret, 96);
        MessageDigest sha1 = DigestUtils.sha1();
        sha1.update("req1".getBytes());
        sha1.update(encodeBigInteger);
        if (match(sha1.digest()) && this.buffer.position() >= PROVIDE_MIN_LENGTH) {
            if (this.buffer.position() > PROVIDE_MAX_LENGTH) {
                throw new NetException("加密握手失败（加密协商长度错误）");
            }
            this.buffer.flip();
            this.buffer.get(new byte[20]);
            byte[] bArr = new byte[20];
            this.buffer.get(bArr);
            sha1.reset();
            sha1.update("req3".getBytes());
            sha1.update(encodeBigInteger);
            byte[] digest = sha1.digest();
            InfoHash infoHash = null;
            Iterator<InfoHash> it = TorrentContext.getInstance().allInfoHash().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                InfoHash next = it.next();
                sha1.reset();
                sha1.update("req2".getBytes());
                sha1.update(next.infoHash());
                if (ArrayUtils.equals(ArrayUtils.xor(sha1.digest(), digest), bArr)) {
                    infoHash = next;
                    break;
                }
            }
            if (infoHash == null) {
                throw new NetException("加密握手失败（种子信息不存在）");
            }
            this.cipher = MSECipher.newRecver(encodeBigInteger, infoHash);
            this.buffer.compact();
            this.buffer.flip();
            this.cipher.decrypt(this.buffer);
            this.buffer.get(new byte[8]);
            int i = this.buffer.getInt();
            this.strategy = selectStrategy(i);
            LOGGER.debug("加密握手（接收加密协议协商-确认加密协议）：{}-{}", Integer.valueOf(i), this.strategy);
            this.step = Step.RECEIVE_PROVIDE_PADDING;
            this.msePaddingSync = MSEPaddingSync.newInstance(2);
            receiveProvidePadding();
        }
    }

    private void receiveProvidePadding() throws PacketSizeException {
        LOGGER.debug("加密握手（接收加密协议协商Padding）步骤：{}", this.step);
        if (this.msePaddingSync.sync(this.buffer)) {
            if (LOGGER.isDebugEnabled()) {
                this.msePaddingSync.allPadding().forEach(bArr -> {
                    LOGGER.debug("加密握手（接收加密协议协商Padding）：{}", StringUtils.hex(bArr));
                });
            }
            sendConfirm();
        }
    }

    private void sendConfirm() {
        LOGGER.debug("加密握手（发送确认加密协议）步骤：{}", this.step);
        byte[] buildZeroPadding = buildZeroPadding(CryptConfig.PADDING_MAX_LENGTH);
        int length = buildZeroPadding.length;
        ByteBuffer allocate = ByteBuffer.allocate(CONFIRM_MIN_LENGTH + length);
        allocate.put(CryptConfig.VC);
        allocate.putInt(this.strategy.provide());
        allocate.putShort((short) length);
        allocate.put(buildZeroPadding);
        this.cipher.encrypt(allocate);
        this.peerSubMessageHandler.send(allocate);
        completed(this.strategy.crypt());
    }

    private void receiveConfirm() throws NetException {
        LOGGER.debug("加密握手（接收确认加密协议）步骤：{}", this.step);
        if (match(this.cipherVC.decrypt(CryptConfig.VC)) && this.buffer.position() >= CONFIRM_MIN_LENGTH) {
            if (this.buffer.position() > CONFIRM_MAX_LENGTH) {
                throw new NetException("加密握手失败（确认加密长度错误）");
            }
            this.buffer.flip();
            this.cipher.decrypt(this.buffer);
            this.buffer.get(new byte[8]);
            int i = this.buffer.getInt();
            this.strategy = selectStrategy(i);
            LOGGER.debug("加密握手（接收确认加密协议-确认加密协议）：{}-{}", Integer.valueOf(i), this.strategy);
            this.step = Step.RECEIVE_CONFIRM_PADDING;
            this.msePaddingSync = MSEPaddingSync.newInstance(1);
            receiveConfirmPadding();
        }
    }

    private void receiveConfirmPadding() throws PacketSizeException {
        LOGGER.debug("加密握手（接收确认加密协议Padding）步骤：{}", this.step);
        if (this.msePaddingSync.sync(this.buffer)) {
            if (LOGGER.isDebugEnabled()) {
                this.msePaddingSync.allPadding().forEach(bArr -> {
                    LOGGER.debug("加密握手（接收确认加密协议Padding）：{}", StringUtils.hex(bArr));
                });
            }
            completed(this.strategy.crypt());
        }
    }

    private CryptConfig.Strategy selectStrategy(int i) throws NetException {
        boolean z = (i & CryptConfig.CryptAlgo.PLAINTEXT.provide()) == CryptConfig.CryptAlgo.PLAINTEXT.provide();
        boolean z2 = (i & CryptConfig.CryptAlgo.ARC4.provide()) == CryptConfig.CryptAlgo.ARC4.provide();
        CryptConfig.Strategy strategy = null;
        if (z || z2) {
            switch (CryptConfig.STRATEGY) {
                case PLAINTEXT:
                    strategy = z ? CryptConfig.Strategy.PLAINTEXT : null;
                    break;
                case PREFER_PLAINTEXT:
                    strategy = z ? CryptConfig.Strategy.PLAINTEXT : CryptConfig.Strategy.ENCRYPT;
                    break;
                case PREFER_ENCRYPT:
                    strategy = z2 ? CryptConfig.Strategy.ENCRYPT : CryptConfig.Strategy.PLAINTEXT;
                    break;
                case ENCRYPT:
                    strategy = z2 ? CryptConfig.Strategy.ENCRYPT : null;
                    break;
                default:
                    strategy = CryptConfig.STRATEGY.crypt() ? CryptConfig.Strategy.ENCRYPT : CryptConfig.Strategy.PLAINTEXT;
                    break;
            }
        }
        if (strategy == null) {
            throw new NetException("加密握手失败（未知加密协商）：" + i);
        }
        return strategy;
    }

    private byte[] buildPadding(int i) {
        Random random = NumberUtils.random();
        byte[] bArr = new byte[random.nextInt(i + 1)];
        for (int i2 = 0; i2 < bArr.length; i2++) {
            bArr[i2] = (byte) random.nextInt(256);
        }
        return bArr;
    }

    private byte[] buildZeroPadding(int i) {
        return new byte[NumberUtils.random().nextInt(i + 1)];
    }

    private boolean checkPlaintextPeerHandshake(ByteBuffer byteBuffer) throws NetException {
        if (byteBuffer.get() == PeerConfig.PROTOCOL_NAME_LENGTH && byteBuffer.remaining() >= PeerConfig.PROTOCOL_NAME_LENGTH) {
            byte[] bArr = new byte[PeerConfig.PROTOCOL_NAME_LENGTH];
            byteBuffer.get(bArr);
            if (ArrayUtils.equals(bArr, PeerConfig.PROTOCOL_NAME_BYTES)) {
                plaintext();
                byteBuffer.position(0);
                this.peerUnpackMessageCodec.decode(byteBuffer);
                return true;
            }
        }
        byteBuffer.position(0);
        return false;
    }

    private boolean match(byte[] bArr) {
        int length = bArr.length;
        this.buffer.flip();
        if (this.buffer.remaining() < length) {
            this.buffer.compact();
            return false;
        }
        int i = 0;
        while (length > i) {
            if (this.buffer.get() != bArr[i]) {
                this.buffer.position(this.buffer.position() - i);
                i = 0;
                if (this.buffer.remaining() < length) {
                    break;
                }
            } else {
                i++;
            }
        }
        if (i != length) {
            this.buffer.compact();
            return false;
        }
        this.buffer.position(this.buffer.position() - length);
        this.buffer.compact();
        return true;
    }

    private void completed(boolean z) {
        LOGGER.debug("加密握手完成：{}", Boolean.valueOf(z));
        this.crypt = z;
        this.completed = true;
        this.buffer = null;
        this.keyPair = null;
        this.strategy = null;
        this.dhSecret = null;
        this.cipherVC = null;
        this.msePaddingSync = null;
        unlockHandshake();
    }
}
