package org.snmp4j.transport;

import a0.e;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.net.DatagramPacket;
import java.net.DatagramSocket;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.net.SocketTimeoutException;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.security.cert.PKIXRevocationChecker;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.X509TrustManager;
import org.snmp4j.SNMP4JSettings;
import org.snmp4j.TransportStateReference;
import org.snmp4j.event.CounterEvent;
import org.snmp4j.log.LogAdapter;
import org.snmp4j.log.LogFactory;
import org.snmp4j.mp.CounterSupport;
import org.snmp4j.mp.SnmpConstants;
import org.snmp4j.security.SecurityLevel;
import org.snmp4j.smi.Address;
import org.snmp4j.smi.DtlsAddress;
import org.snmp4j.smi.OctetString;
import org.snmp4j.smi.UdpAddress;
import org.snmp4j.transport.tls.DefaultSSLEngineConfiguration;
import org.snmp4j.transport.tls.SSLEngineConfigurator;
import org.snmp4j.transport.tls.TLSTMExtendedTrustManager;
import org.snmp4j.transport.tls.TLSTMTrustManagerFactory;
import org.snmp4j.transport.tls.TlsTmSecurityCallback;
import org.snmp4j.transport.tls.X509TlsTransportMappingConfig;
import org.snmp4j.util.CommonTimer;
import org.snmp4j.util.SnmpConfigurator;
import org.snmp4j.util.ThreadPool;
import org.snmp4j.util.WorkerTask;

/* loaded from: classes2.dex */
public class DTLSTM extends DefaultUdpTransportMapping implements X509TlsTransportMappingConfig, ConnectionOrientedTransportMapping<UdpAddress> {
    public static final int DEFAULT_CONNECTION_TIMEOUT = 300000;
    public static final String DEFAULT_DTLSTM_PROTOCOLS = "DTLSv1.2";
    private static final int DEFAULT_DTLS_HANDSHAKE_THREADPOOL_SIZE = 2;
    public static final int DEFAULT_HANDSHAKE_TIMEOUT = 5000;
    public static final int DEFAULT_SOCKET_TIMEOUT = 5000;
    public static final int MAX_HANDSHAKE_LOOPS = 100;
    public static final int MAX_TLS_PAYLOAD_SIZE = 65536;
    private static final LogAdapter logger = LogFactory.getLogger((Class<?>) DTLSTM.class);
    private long connectionTimeout;
    private CounterSupport counterSupport;
    private ThreadPool dtlsHandshakeThreadPool;
    private int dtlsHandshakeThreadPoolSize;
    private String[] dtlsProtocols;
    private int handshakeTimeout;
    private String keyStore;
    private String keyStorePassword;
    private String localCertificateAlias;
    private long nextSessionID;
    private PKIXRevocationChecker pkixRevocationChecker;
    private TlsTmSecurityCallback<X509Certificate> securityCallback;
    private boolean serverEnabled;
    private CommonTimer socketCleaner;
    private final Map<InetSocketAddress, SocketEntry> sockets;
    private SSLEngineConfigurator sslEngineConfigurator;
    private transient List<TransportStateListener> transportStateListeners;
    private TLSTMTrustManagerFactory trustManagerFactory;
    private String trustStore;
    private String trustStorePassword;
    private String x509CertificateRevocationListURI;

    /* renamed from: org.snmp4j.transport.DTLSTM$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$Status;

        static {
            int[] iArr = new int[SSLEngineResult.Status.values().length];
            $SwitchMap$javax$net$ssl$SSLEngineResult$Status = iArr;
            try {
                iArr[SSLEngineResult.Status.BUFFER_OVERFLOW.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
        }
    }

    /* loaded from: classes2.dex */
    public class DefaultDTLSTMTrustManagerFactory implements TLSTMTrustManagerFactory {
        private DefaultDTLSTMTrustManagerFactory() {
        }

        public /* synthetic */ DefaultDTLSTMTrustManagerFactory(DTLSTM dtlstm, AnonymousClass1 anonymousClass1) {
            this();
        }

        @Override // org.snmp4j.transport.tls.TLSTMTrustManagerFactory
        public X509TrustManager create(X509TrustManager x509TrustManager, boolean z5, TransportStateReference transportStateReference) {
            return new TLSTMExtendedTrustManager(DTLSTM.this.counterSupport, DTLSTM.this.securityCallback, x509TrustManager, z5, transportStateReference);
        }
    }

    /* loaded from: classes2.dex */
    public class HandshakeTask implements WorkerTask {
        private final long handshakeTimeout;
        private final int maxRetries;
        private final SocketAddress peerAddr;
        private final DatagramPacket receivedPacket;
        private final DatagramSocket socket;
        private final SocketEntry socketEntry;
        private boolean endLoops = false;
        private final Object joinLock = new Object();
        private int retries = 0;

        public HandshakeTask(SocketEntry socketEntry, DatagramSocket datagramSocket, SocketAddress socketAddress, DatagramPacket datagramPacket, long j5, int i4) {
            this.socketEntry = socketEntry;
            this.socket = datagramSocket;
            this.peerAddr = socketAddress;
            this.receivedPacket = datagramPacket;
            this.handshakeTimeout = j5;
            this.maxRetries = i4;
        }

        private void stopLoops() {
            this.endLoops = true;
            synchronized (this.joinLock) {
                this.joinLock.notifyAll();
            }
        }

        @Override // org.snmp4j.util.WorkerTask
        public void interrupt() {
            synchronized (this.socketEntry) {
                this.socketEntry.notify();
            }
        }

        @Override // org.snmp4j.util.WorkerTask
        public void join() {
            synchronized (this.joinLock) {
                while (!this.endLoops) {
                    this.joinLock.wait(10L);
                }
            }
        }

        @Override // java.lang.Runnable
        public void run() {
            long j5;
            DatagramPacket datagramPacket;
            DatagramPacket datagramPacket2;
            Iterator<DatagramPacket> it;
            int maxInboundMessageSize;
            SSLEngineResult.Status status;
            DatagramPacket datagramPacket3;
            Iterator<DatagramPacket> it2;
            DatagramPacket datagramPacket4;
            long j6;
            DatagramPacket datagramPacket5;
            this.socketEntry.setHandshakeFinished(false);
            DatagramPacket datagramPacket6 = this.receivedPacket;
            SSLEngine sSLEngine = this.socketEntry.sslEngine;
            sSLEngine.setEnableSessionCreation(true);
            UdpAddress peerAddress = this.socketEntry.getPeerAddress();
            InetSocketAddress inetSocketAddress = new InetSocketAddress(peerAddress.getInetAddress(), peerAddress.getPort());
            try {
                sSLEngine.beginHandshake();
                long nanoTime = System.nanoTime();
                long j7 = this.handshakeTimeout;
                if (j7 <= 0) {
                    j7 = DTLSTM.this.getHandshakeTimeout();
                }
                int i4 = 100;
                ByteBuffer byteBuffer = null;
                while (!this.endLoops && !sSLEngine.isInboundDone() && DTLSTM.this.sockets.containsKey(inetSocketAddress) && (System.nanoTime() - nanoTime) / 1000000 < j7) {
                    i4--;
                    if (i4 < 0) {
                        stopLoops();
                        throw new IOException("DTLSTM: Too much loops to produce handshake packets");
                    }
                    SSLEngineResult.HandshakeStatus handshakeStatus = sSLEngine.getHandshakeStatus();
                    if (DTLSTM.logger.isDebugEnabled()) {
                        DTLSTM.logger.debug("Processing handshake status " + handshakeStatus + " in loop #" + (100 - i4));
                    }
                    while (!this.endLoops && (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_UNWRAP || handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_UNWRAP_AGAIN)) {
                        if (handshakeStatus != SSLEngineResult.HandshakeStatus.NEED_UNWRAP_AGAIN) {
                            if (datagramPacket6 == null && (byteBuffer == null || !byteBuffer.hasRemaining())) {
                                if (DTLSTM.this.isListening()) {
                                    long nanoTime2 = j7 - ((System.nanoTime() - nanoTime) / 1000000);
                                    if (nanoTime2 > 0) {
                                        synchronized (this.socketEntry) {
                                            try {
                                                if (this.socketEntry.inboundPacketQueue.isEmpty()) {
                                                    DTLSTM.logger.debug("Waiting for next handshake packet timeout=" + nanoTime2);
                                                    this.socketEntry.wait(j7);
                                                }
                                            } catch (InterruptedException unused) {
                                            }
                                            if (sSLEngine.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                                                if (DTLSTM.logger.isDebugEnabled()) {
                                                    DTLSTM.logger.debug("Handshake finished already by other thread");
                                                }
                                                return;
                                            }
                                            synchronized (this.socketEntry.inboundLock) {
                                                DatagramPacket datagramPacket7 = (DatagramPacket) this.socketEntry.inboundPacketQueue.pollFirst();
                                                if (!DTLSTM.logger.isDebugEnabled() || datagramPacket7 == null) {
                                                    datagramPacket5 = datagramPacket7;
                                                } else {
                                                    LogAdapter logAdapter = DTLSTM.logger;
                                                    int length = datagramPacket7.getLength();
                                                    StringBuilder sb = new StringBuilder();
                                                    datagramPacket5 = datagramPacket7;
                                                    sb.append("Polled DTLS packet with length ");
                                                    sb.append(length);
                                                    logAdapter.debug(sb.toString());
                                                }
                                            }
                                            datagramPacket6 = datagramPacket5;
                                        }
                                    } else {
                                        stopLoops();
                                    }
                                    if (datagramPacket6 == null) {
                                    }
                                } else {
                                    int maxInboundMessageSize2 = DTLSTM.this.getMaxInboundMessageSize();
                                    DatagramPacket datagramPacket8 = new DatagramPacket(new byte[maxInboundMessageSize2], maxInboundMessageSize2);
                                    try {
                                        this.socket.receive(datagramPacket8);
                                        datagramPacket6 = datagramPacket8;
                                    } catch (SocketTimeoutException unused2) {
                                        if (DTLSTM.logger.isInfoEnabled()) {
                                            DTLSTM.logger.info("Socket timeout while receiving DTLS handshake packet");
                                        }
                                        int i5 = this.maxRetries;
                                        int i6 = this.retries;
                                        this.retries = i6 + 1;
                                        if (i5 > i6) {
                                            synchronized (this.socketEntry.outboundLock) {
                                                Iterator<DatagramPacket> it3 = DTLSTM.this.onReceiveTimeout(sSLEngine, this.peerAddr).iterator();
                                                while (it3.hasNext()) {
                                                    DatagramPacket next = it3.next();
                                                    this.socket.send(next);
                                                    if (DTLSTM.logger.isDebugEnabled()) {
                                                        LogAdapter logAdapter2 = DTLSTM.logger;
                                                        it2 = it3;
                                                        String hexString = new OctetString(next.getData()).toHexString();
                                                        InetAddress address = next.getAddress();
                                                        int port = next.getPort();
                                                        datagramPacket4 = datagramPacket8;
                                                        StringBuilder sb2 = new StringBuilder();
                                                        j6 = nanoTime;
                                                        sb2.append("Sent ");
                                                        sb2.append(hexString);
                                                        sb2.append(" to ");
                                                        sb2.append(address);
                                                        sb2.append(":");
                                                        sb2.append(port);
                                                        logAdapter2.debug(sb2.toString());
                                                    } else {
                                                        it2 = it3;
                                                        datagramPacket4 = datagramPacket8;
                                                        j6 = nanoTime;
                                                    }
                                                    it3 = it2;
                                                    datagramPacket8 = datagramPacket4;
                                                    nanoTime = j6;
                                                }
                                                datagramPacket3 = datagramPacket8;
                                                j5 = nanoTime;
                                            }
                                        } else {
                                            datagramPacket3 = datagramPacket8;
                                            j5 = nanoTime;
                                            stopLoops();
                                        }
                                        datagramPacket6 = datagramPacket3;
                                    }
                                }
                            }
                            j5 = nanoTime;
                            if (datagramPacket6 != null) {
                                if (byteBuffer != null && byteBuffer.hasRemaining()) {
                                    byteBuffer.compact();
                                    byteBuffer.put(datagramPacket6.getData(), 0, datagramPacket6.getLength());
                                }
                                byteBuffer = ByteBuffer.wrap(datagramPacket6.getData(), 0, datagramPacket6.getLength());
                                maxInboundMessageSize = DTLSTM.this.getMaxInboundMessageSize();
                            }
                            maxInboundMessageSize = DTLSTM.this.getMaxInboundMessageSize();
                        } else {
                            j5 = nanoTime;
                            maxInboundMessageSize = DTLSTM.this.getMaxInboundMessageSize();
                        }
                        ByteBuffer allocate = ByteBuffer.allocate(maxInboundMessageSize);
                        synchronized (this.socketEntry.inboundLock) {
                            if (DTLSTM.logger.isDebugEnabled()) {
                                DTLSTM.logger.debug("unrwap start: iNet=" + byteBuffer + ",iApp=" + allocate);
                            }
                            SSLEngineResult unwrap = sSLEngine.unwrap(byteBuffer, allocate);
                            status = unwrap.getStatus();
                            handshakeStatus = unwrap.getHandshakeStatus();
                            if (DTLSTM.logger.isDebugEnabled()) {
                                DTLSTM.logger.debug("unrwap done: iNet=" + byteBuffer + ",iApp=" + allocate + ",rs=" + status + ",hs=" + handshakeStatus);
                            }
                        }
                        if (status == SSLEngineResult.Status.BUFFER_OVERFLOW) {
                            throw new IOException("DTLSTM: Buffer overflow: incorrect client maximum fragment size");
                        }
                        if (status == SSLEngineResult.Status.BUFFER_UNDERFLOW) {
                            DTLSTM.logger.warn("DTLS buffer underflow iNet=" + byteBuffer + ",iApp=" + allocate);
                            if (handshakeStatus == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                                stopLoops();
                                datagramPacket6 = null;
                                break;
                            }
                            nanoTime = j5;
                            datagramPacket6 = null;
                        } else {
                            if (status == SSLEngineResult.Status.CLOSED) {
                                stopLoops();
                            }
                            if (status != SSLEngineResult.Status.OK) {
                                datagramPacket6 = null;
                                break;
                            }
                            nanoTime = j5;
                            datagramPacket6 = null;
                        }
                    }
                    j5 = nanoTime;
                    if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_WRAP) {
                        synchronized (this.socketEntry.outboundLock) {
                            Iterator<DatagramPacket> it4 = DTLSTM.this.produceHandshakePackets(sSLEngine, this.peerAddr).iterator();
                            while (it4.hasNext()) {
                                DatagramPacket next2 = it4.next();
                                if (DTLSTM.logger.isDebugEnabled()) {
                                    LogAdapter logAdapter3 = DTLSTM.logger;
                                    int length2 = next2.getLength();
                                    String hexString2 = new OctetString(next2.getData()).toHexString();
                                    InetAddress address2 = next2.getAddress();
                                    int port2 = next2.getPort();
                                    datagramPacket2 = datagramPacket6;
                                    StringBuilder sb3 = new StringBuilder();
                                    it = it4;
                                    sb3.append("Sending handshake packet with length ");
                                    sb3.append(length2);
                                    sb3.append(" [");
                                    sb3.append(hexString2);
                                    sb3.append("] to ");
                                    sb3.append(address2);
                                    sb3.append(":");
                                    sb3.append(port2);
                                    logAdapter3.debug(sb3.toString());
                                } else {
                                    datagramPacket2 = datagramPacket6;
                                    it = it4;
                                }
                                this.socket.send(next2);
                                datagramPacket6 = datagramPacket2;
                                it4 = it;
                            }
                            datagramPacket = datagramPacket6;
                        }
                    } else {
                        datagramPacket = datagramPacket6;
                        if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_TASK) {
                            DTLSTM.this.runDelegatedTasks(sSLEngine);
                        } else {
                            if (handshakeStatus != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING && handshakeStatus != SSLEngineResult.HandshakeStatus.FINISHED) {
                            }
                            stopLoops();
                        }
                    }
                    datagramPacket6 = datagramPacket;
                    nanoTime = j5;
                }
            } catch (IOException e5) {
                DTLSTM.logger.error("DTLS handshake failed for " + this.peerAddr + " failed with IO exception:" + e5.getMessage(), e5);
            }
            SSLEngineResult.HandshakeStatus handshakeStatus2 = sSLEngine.getHandshakeStatus();
            if (handshakeStatus2 != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                DTLSTM.this.sockets.remove(inetSocketAddress);
                DTLSTM.logger.error("DTLS handshake failed for " + this.peerAddr + ", status is " + handshakeStatus2 + ": Not ready for application data yet, giving up");
                this.socketEntry.closeSession();
            } else {
                this.socketEntry.setHandshakeFinished(true);
                if (DTLSTM.logger.isInfoEnabled()) {
                    DTLSTM.logger.info("SSL handshake completed for " + this.peerAddr);
                }
                DTLSTM.this.timeoutSocket(this.socketEntry);
                DTLSTM.this.fireConnectionStateChanged(new TransportStateEvent(DTLSTM.this, this.socketEntry.getPeerAddress(), 1, null));
            }
            stopLoops();
        }

        @Override // org.snmp4j.util.WorkerTask
        public void terminate() {
            this.endLoops = true;
        }
    }

    /* loaded from: classes2.dex */
    public class SocketEntry extends AbstractServerSocket<UdpAddress> {
        private boolean handshakeFinished;
        private final Object inboundLock;
        private final LinkedList<DatagramPacket> inboundPacketQueue;
        private final Object outboundLock;
        private final long sessionID;
        private final SSLEngine sslEngine;
        private final TransportStateReference tmStateReference;

        public SocketEntry(UdpAddress udpAddress, boolean z5, TransportStateReference transportStateReference) {
            super(udpAddress);
            this.outboundLock = new Object();
            this.inboundLock = new Object();
            this.inboundPacketQueue = new LinkedList<>();
            this.tmStateReference = transportStateReference;
            if (transportStateReference == null) {
                DTLSTM.this.counterSupport.fireIncrementCounter(new CounterEvent(this, SnmpConstants.snmpTlstmSessionAccepts));
            }
            SSLEngineConfigurator ensureSslEngineConfigurator = DTLSTM.this.ensureSslEngineConfigurator();
            SSLContext sSLContext = ensureSslEngineConfigurator.getSSLContext(z5, transportStateReference);
            if (sSLContext == null) {
                throw new RuntimeException("Failed to initialize SSLContext");
            }
            SSLEngine createSSLEngine = sSLContext.createSSLEngine(udpAddress.getInetAddress().getHostName(), udpAddress.getPort());
            this.sslEngine = createSSLEngine;
            createSSLEngine.setUseClientMode(z5);
            createSSLEngine.setNeedClientAuth(true);
            SSLParameters sSLParameters = createSSLEngine.getSSLParameters();
            sSLParameters.setMaximumPacketSize(DTLSTM.this.getMaxInboundMessageSize());
            createSSLEngine.setSSLParameters(sSLParameters);
            ensureSslEngineConfigurator.configure(createSSLEngine);
            synchronized (DTLSTM.this) {
                this.sessionID = DTLSTM.access$1008(DTLSTM.this);
            }
        }

        public void checkTransportStateReference(TransportStateReference transportStateReference) {
            transportStateReference.setTransport(DTLSTM.this);
            if (transportStateReference.getTransportSecurityLevel().equals(SecurityLevel.undefined)) {
                transportStateReference.setTransportSecurityLevel(SecurityLevel.authPriv);
            }
            OctetString securityName = transportStateReference.getSecurityName();
            if (DTLSTM.this.securityCallback != null) {
                try {
                    securityName = DTLSTM.this.securityCallback.getSecurityName((X509Certificate[]) this.sslEngine.getSession().getPeerCertificates());
                } catch (SSLPeerUnverifiedException e5) {
                    DTLSTM.logger.error("SSL peer '" + getPeerAddress() + "' is not verified by security callback " + DTLSTM.this.securityCallback + " : " + e5.getMessage(), e5);
                    this.sslEngine.setEnableSessionCreation(false);
                }
            } else if (securityName == null) {
                DTLSTM.logger.warn("No security callback configured to match DTLS peer certificate to local security name");
            }
            transportStateReference.setSecurityName(securityName);
        }

        public void closeSession() {
            SSLEngineResult wrap;
            if (this.sslEngine.getSession().isValid()) {
                ByteBuffer allocate = ByteBuffer.allocate(DTLSTM.this.getMaxInboundMessageSize());
                do {
                    try {
                        wrap = this.sslEngine.wrap(ByteBuffer.allocate(0), allocate);
                        DTLSTM.this.socket.send(new DatagramPacket(allocate.array(), allocate.limit(), getPeerAddress().getInetAddress(), getPeerAddress().getPort()));
                        if (wrap.getStatus() == SSLEngineResult.Status.CLOSED) {
                            break;
                        }
                    } catch (Exception e5) {
                        DTLSTM.logger.error("DTLSM: Exception while closing TLS session " + this + ": " + e5.getMessage(), e5);
                    }
                } while (wrap.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_WRAP);
            }
            this.sslEngine.closeOutbound();
            DTLSTM.this.counterSupport.fireIncrementCounter(new CounterEvent(this, SnmpConstants.snmpTlstmSessionServerCloses));
            DTLSTM.this.fireConnectionStateChanged(new TransportStateEvent(DTLSTM.this, getPeerAddress(), 4, null));
        }

        public long getSessionID() {
            return this.sessionID;
        }

        @Override // org.snmp4j.transport.AbstractServerSocket
        public boolean isHandshakeFinished() {
            return this.handshakeFinished;
        }

        @Override // org.snmp4j.transport.AbstractServerSocket
        public synchronized void setHandshakeFinished(boolean z5) {
            this.handshakeFinished = z5;
            notifyAll();
        }

        public String toString() {
            return "SocketEntry[peerAddress=" + getPeerAddress() + ",socket=" + DTLSTM.this.socket + ",lastUse=" + new Date(getLastUse() / 1000000) + "]";
        }
    }

    public DTLSTM() {
        super(new DtlsAddress(InetAddress.getLocalHost(), 0));
        this.nextSessionID = 1L;
        this.sockets = new ConcurrentHashMap();
        this.connectionTimeout = 300000L;
        this.handshakeTimeout = 5000;
        this.trustManagerFactory = new DefaultDTLSTMTrustManagerFactory(this, null);
        this.dtlsHandshakeThreadPoolSize = 2;
        this.serverEnabled = false;
        this.counterSupport = CounterSupport.getInstance();
        this.maxInboundMessageSize = MAX_TLS_PAYLOAD_SIZE;
        setSocketTimeout(5000);
    }

    public DTLSTM(DtlsAddress dtlsAddress) {
        this(dtlsAddress, true);
    }

    public DTLSTM(DtlsAddress dtlsAddress, boolean z5) {
        super(dtlsAddress);
        this.nextSessionID = 1L;
        this.sockets = new ConcurrentHashMap();
        this.connectionTimeout = 300000L;
        this.handshakeTimeout = 5000;
        this.trustManagerFactory = new DefaultDTLSTMTrustManagerFactory(this, null);
        this.dtlsHandshakeThreadPoolSize = 2;
        this.serverEnabled = z5;
        this.maxInboundMessageSize = MAX_TLS_PAYLOAD_SIZE;
        this.counterSupport = CounterSupport.getInstance();
        setSocketTimeout(5000);
        try {
            Class.forName("javax.net.ssl.X509ExtendedTrustManager");
            setTrustManagerFactory((TLSTMTrustManagerFactory) Class.forName("org.snmp4j.transport.tls.DTLSTMExtendedTrustManagerFactory").getConstructors()[0].newInstance(this));
        } catch (ClassNotFoundException unused) {
        } catch (IllegalAccessException e5) {
            e = e5;
            throw new IOException(e.k("Failed to init DTLSTMTrustManagerFactory: ", e.getMessage()), e);
        } catch (IllegalArgumentException e6) {
            throw new IOException(e.k("Failed to setup DTLSTMTrustManagerFactory: ", e6.getMessage()), e6);
        } catch (InstantiationException e7) {
            throw new IOException(e.k("Failed to instantiate DTLSTMTrustManagerFactory: ", e7.getMessage()), e7);
        } catch (InvocationTargetException e8) {
            e = e8;
            throw new IOException(e.k("Failed to init DTLSTMTrustManagerFactory: ", e.getMessage()), e);
        }
    }

    public DTLSTM(TlsTmSecurityCallback<X509Certificate> tlsTmSecurityCallback, DtlsAddress dtlsAddress) {
        this(tlsTmSecurityCallback, dtlsAddress, CounterSupport.getInstance());
    }

    public DTLSTM(TlsTmSecurityCallback<X509Certificate> tlsTmSecurityCallback, DtlsAddress dtlsAddress, CounterSupport counterSupport) {
        this(tlsTmSecurityCallback, dtlsAddress, counterSupport, true);
    }

    public DTLSTM(TlsTmSecurityCallback<X509Certificate> tlsTmSecurityCallback, DtlsAddress dtlsAddress, CounterSupport counterSupport, boolean z5) {
        this(dtlsAddress, z5);
        this.maxInboundMessageSize = MAX_TLS_PAYLOAD_SIZE;
        setSocketTimeout(5000);
        this.securityCallback = tlsTmSecurityCallback;
        this.counterSupport = counterSupport;
    }

    public static /* synthetic */ long access$1008(DTLSTM dtlstm) {
        long j5 = dtlstm.nextSessionID;
        dtlstm.nextSessionID = 1 + j5;
        return j5;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized void timeoutSocket(SocketEntry socketEntry) {
        CommonTimer commonTimer;
        if (this.connectionTimeout > 0 && (commonTimer = this.socketCleaner) != null) {
            commonTimer.schedule(new SocketTimeout(this, socketEntry), this.connectionTimeout);
        }
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public synchronized void addTransportStateListener(TransportStateListener transportStateListener) {
        if (this.transportStateListeners == null) {
            this.transportStateListeners = new ArrayList(2);
        }
        this.transportStateListeners.add(transportStateListener);
    }

    @Override // org.snmp4j.transport.DefaultUdpTransportMapping, org.snmp4j.transport.UdpTransportMapping, org.snmp4j.transport.AbstractTransportMapping, org.snmp4j.TransportMapping, java.io.Closeable, java.lang.AutoCloseable
    public void close() {
        Iterator<SocketEntry> it = this.sockets.values().iterator();
        while (it.hasNext()) {
            it.next().closeSession();
        }
        super.close();
        ThreadPool threadPool = this.dtlsHandshakeThreadPool;
        if (threadPool != null) {
            threadPool.stop();
        }
        this.sockets.clear();
        CommonTimer commonTimer = this.socketCleaner;
        if (commonTimer != null) {
            commonTimer.cancel();
        }
        this.socketCleaner = null;
        this.dtlsHandshakeThreadPool = null;
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public synchronized boolean close(UdpAddress udpAddress) {
        LogAdapter logAdapter = logger;
        if (logAdapter.isDebugEnabled()) {
            logAdapter.debug("Closing socket for peer address " + udpAddress);
        }
        SocketEntry remove = this.sockets.remove(new InetSocketAddress(udpAddress.getInetAddress(), udpAddress.getPort()));
        if (remove == null) {
            return false;
        }
        remove.closeSession();
        return true;
    }

    public DatagramPacket createHandshakePacket(byte[] bArr, SocketAddress socketAddress) {
        return new DatagramPacket(bArr, bArr.length, socketAddress);
    }

    public SSLEngineConfigurator ensureSslEngineConfigurator() {
        if (this.sslEngineConfigurator == null) {
            this.sslEngineConfigurator = new DefaultSSLEngineConfiguration(this, this.trustManagerFactory, DEFAULT_DTLSTM_PROTOCOLS);
        }
        return this.sslEngineConfigurator;
    }

    public void fireConnectionStateChanged(TransportStateEvent transportStateEvent) {
        ArrayList arrayList;
        LogAdapter logAdapter = logger;
        if (logAdapter.isDebugEnabled()) {
            logAdapter.debug("Firing transport state event: " + transportStateEvent);
        }
        List<TransportStateListener> list = this.transportStateListeners;
        if (list != null) {
            try {
                synchronized (list) {
                    arrayList = new ArrayList(list);
                }
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    ((TransportStateListener) it.next()).connectionStateChanged(transportStateEvent);
                }
            } catch (RuntimeException e5) {
                logger.error("Exception in fireConnectionStateChanged: " + e5.getMessage(), e5);
                if (SNMP4JSettings.isForwardRuntimeExceptions()) {
                    throw e5;
                }
            }
        }
    }

    @Override // org.snmp4j.transport.DefaultUdpTransportMapping
    public void fireProcessMessage(DatagramPacket datagramPacket, ByteBuffer byteBuffer, TransportStateReference transportStateReference) {
        fireProcessMessage((DTLSTM) new DtlsAddress(datagramPacket.getAddress(), datagramPacket.getPort()), byteBuffer, transportStateReference);
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public long getConnectionTimeout() {
        return this.connectionTimeout;
    }

    public CounterSupport getCounterSupport() {
        return this.counterSupport;
    }

    public int getDtlsHandshakeThreadPoolSize() {
        return this.dtlsHandshakeThreadPoolSize;
    }

    public int getHandshakeTimeout() {
        return this.handshakeTimeout;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public String getKeyStore() {
        String str = this.keyStore;
        return str == null ? System.getProperty("javax.net.ssl.keyStore") : str;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public String getKeyStorePassword() {
        String str = this.keyStorePassword;
        return str == null ? System.getProperty("javax.net.ssl.keyStorePassword") : str;
    }

    @Override // org.snmp4j.transport.DefaultUdpTransportMapping, org.snmp4j.transport.UdpTransportMapping, org.snmp4j.TransportMapping
    public UdpAddress getListenAddress() {
        DatagramSocket datagramSocket = this.socket;
        if (datagramSocket != null) {
            return new DtlsAddress(datagramSocket.getLocalAddress(), datagramSocket.getLocalPort());
        }
        return null;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public String getLocalCertificateAlias() {
        String str = this.localCertificateAlias;
        return str == null ? System.getProperty(SnmpConfigurator.P_TLS_LOCAL_ID, null) : str;
    }

    @Override // org.snmp4j.transport.AbstractTransportMapping, org.snmp4j.TransportMapping
    public int getMaxInboundMessageSize() {
        return super.getMaxInboundMessageSize();
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public MessageLengthDecoder getMessageLengthDecoder() {
        throw new UnsupportedOperationException();
    }

    @Override // org.snmp4j.transport.tls.X509TlsTransportMappingConfig
    public PKIXRevocationChecker getPKIXRevocationChecker() {
        return this.pkixRevocationChecker;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public String getProtocolVersionPropertyName() {
        return SnmpConfigurator.P_DTLS_VERSION;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public String[] getProtocolVersions() {
        String[] strArr = this.dtlsProtocols;
        return strArr == null ? System.getProperty(getProtocolVersionPropertyName(), DEFAULT_DTLSTM_PROTOCOLS).split(",") : strArr;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public TlsTmSecurityCallback<X509Certificate> getSecurityCallback() {
        return this.securityCallback;
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public CommonTimer getSocketCleaner() {
        return this.socketCleaner;
    }

    public SSLEngineConfigurator getSslEngineConfigurator() {
        return this.sslEngineConfigurator;
    }

    @Override // org.snmp4j.transport.UdpTransportMapping, org.snmp4j.transport.AbstractTransportMapping, org.snmp4j.TransportMapping
    public Class<? extends Address> getSupportedAddressClass() {
        return DtlsAddress.class;
    }

    @Override // org.snmp4j.transport.AbstractTransportMapping, org.snmp4j.TransportMapping
    public Set<Class<? extends Address>> getSupportedAddressClasses() {
        return new HashSet(Arrays.asList(DtlsAddress.class, UdpAddress.class));
    }

    @Override // org.snmp4j.transport.AbstractTransportMapping, org.snmp4j.TransportMapping
    public TransportType getSupportedTransportType() {
        return this.serverEnabled ? TransportType.any : TransportType.sender;
    }

    public TLSTMTrustManagerFactory getTrustManagerFactory() {
        return this.trustManagerFactory;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public String getTrustStore() {
        String str = this.trustStore;
        return str == null ? System.getProperty("javax.net.ssl.trustStore") : str;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public String getTrustStorePassword() {
        String str = this.trustStorePassword;
        return str == null ? System.getProperty("javax.net.ssl.trustStorePassword") : str;
    }

    @Override // org.snmp4j.transport.tls.X509TlsTransportMappingConfig
    public String getX509CertificateRevocationListURI() {
        return this.x509CertificateRevocationListURI;
    }

    @Override // org.snmp4j.transport.AbstractTransportMapping
    public boolean isAsyncMsgProcessingSupported() {
        return true;
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public boolean isServerEnabled() {
        return this.serverEnabled;
    }

    @Override // org.snmp4j.transport.DefaultUdpTransportMapping, org.snmp4j.transport.UdpTransportMapping, org.snmp4j.transport.AbstractTransportMapping, org.snmp4j.TransportMapping
    public synchronized void listen() {
        this.dtlsHandshakeThreadPool = ThreadPool.create("DTLSTM_" + getListenAddress(), getDtlsHandshakeThreadPoolSize());
        if (this.connectionTimeout > 0) {
            this.socketCleaner = SNMP4JSettings.getTimerFactory().createTimer();
        }
        super.listen();
    }

    public List<DatagramPacket> onReceiveTimeout(SSLEngine sSLEngine, SocketAddress socketAddress) {
        return sSLEngine.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING ? new ArrayList() : produceHandshakePackets(sSLEngine, socketAddress);
    }

    @Override // org.snmp4j.transport.DefaultUdpTransportMapping
    public ByteBuffer prepareInPacket(DatagramPacket datagramPacket, byte[] bArr, TransportStateReference transportStateReference) {
        ByteBuffer wrap;
        InetAddress address = datagramPacket.getAddress();
        InetSocketAddress inetSocketAddress = new InetSocketAddress(address, datagramPacket.getPort());
        SocketEntry socketEntry = this.sockets.get(inetSocketAddress);
        LogAdapter logAdapter = logger;
        if (logAdapter.isDebugEnabled()) {
            logAdapter.debug("Preparing inbound DTLS packet from " + inetSocketAddress);
        }
        if (socketEntry == null) {
            if (logAdapter.isInfoEnabled()) {
                logAdapter.info("New DTLS connection from " + inetSocketAddress + " using " + (isServerEnabled() ? "server" : "client") + " role");
            }
            try {
                SocketEntry socketEntry2 = new SocketEntry(new DtlsAddress(address, datagramPacket.getPort()), !isServerEnabled(), transportStateReference);
                synchronized (socketEntry2.inboundLock) {
                    SocketEntry socketEntry3 = this.sockets.get(inetSocketAddress);
                    if (socketEntry3 == null) {
                        this.sockets.put(inetSocketAddress, socketEntry2);
                        this.dtlsHandshakeThreadPool.execute(new HandshakeTask(socketEntry2, this.socket, inetSocketAddress, datagramPacket, 0L, 0));
                        return null;
                    }
                    socketEntry = socketEntry3;
                }
            } catch (GeneralSecurityException e5) {
                throw new IOException("Failed to accept new DTLS connection from " + address + " due to: " + e5.getMessage(), e5);
            }
        }
        socketEntry.used();
        if (socketEntry.isHandshakeFinished()) {
            ByteBuffer allocate = ByteBuffer.allocate(getMaxInboundMessageSize());
            synchronized (socketEntry.outboundLock) {
                wrap = ByteBuffer.wrap(bArr, 0, datagramPacket.getLength());
            }
            if (logAdapter.isDebugEnabled()) {
                logAdapter.debug("Read " + datagramPacket.getLength() + " bytes from " + inetSocketAddress);
                StringBuilder sb = new StringBuilder("DTLS inNetBuffer: ");
                sb.append(wrap);
                logAdapter.debug(sb.toString());
            }
            if (wrap.hasRemaining()) {
                synchronized (socketEntry.inboundLock) {
                    SSLEngineResult unwrap = socketEntry.sslEngine.unwrap(wrap, allocate);
                    if (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[unwrap.getStatus().ordinal()] == 1) {
                        logAdapter.error("DTLS BUFFER_OVERFLOW");
                        throw new RuntimeException("DTLS BUFFER_OVERFLOW");
                    }
                    if (runDelegatedTasks(socketEntry.sslEngine)) {
                        if (logAdapter.isInfoEnabled()) {
                            logAdapter.info("SSL session established for peer " + inetSocketAddress);
                        }
                        if (unwrap.bytesProduced() > 0) {
                            logAdapter.debug("SSL established, dispatching inappBuffer=" + allocate);
                            socketEntry.checkTransportStateReference(transportStateReference);
                            return allocate;
                        }
                    }
                }
            }
        } else {
            logAdapter.debug("Adding DTLS packet to handshake queue: " + datagramPacket);
            synchronized (socketEntry) {
                socketEntry.inboundPacketQueue.add(datagramPacket);
                socketEntry.notify();
            }
        }
        return null;
    }

    @Override // org.snmp4j.transport.DefaultUdpTransportMapping
    public List<DatagramPacket> prepareOutPackets(UdpAddress udpAddress, byte[] bArr, TransportStateReference transportStateReference, DatagramSocket datagramSocket, long j5, int i4) {
        InetSocketAddress inetSocketAddress = new InetSocketAddress(udpAddress.getInetAddress(), udpAddress.getPort());
        ByteBuffer allocate = ByteBuffer.allocate(MAX_TLS_PAYLOAD_SIZE);
        SocketEntry socketEntry = this.sockets.get(inetSocketAddress);
        ArrayList arrayList = new ArrayList(1);
        if (socketEntry == null) {
            LogAdapter logAdapter = logger;
            if (logAdapter.isDebugEnabled()) {
                logAdapter.debug("Did not find any existing DTLS session for " + udpAddress);
            }
            try {
                SocketEntry socketEntry2 = new SocketEntry(udpAddress, true, transportStateReference);
                this.sockets.put(inetSocketAddress, socketEntry2);
                synchronized (socketEntry2.outboundLock) {
                    new HandshakeTask(socketEntry2, datagramSocket, inetSocketAddress, null, j5, i4).run();
                }
                socketEntry = socketEntry2;
            } catch (GeneralSecurityException e5) {
                throw new IOException(e5);
            }
        } else {
            LogAdapter logAdapter2 = logger;
            if (logAdapter2.isDebugEnabled()) {
                logAdapter2.debug("Using existing DTLS session " + socketEntry.sessionID + " for sending packet to " + udpAddress);
            }
        }
        ByteBuffer wrap = ByteBuffer.wrap(bArr);
        synchronized (socketEntry.outboundLock) {
            SSLEngineResult wrap2 = socketEntry.sslEngine.wrap(wrap, allocate);
            SSLEngineResult.Status status = wrap2.getStatus();
            if (status == SSLEngineResult.Status.BUFFER_OVERFLOW) {
                throw new IOException("DTLSTM: Buffer overflow: incorrect server maximum fragment size");
            }
            if (status == SSLEngineResult.Status.BUFFER_UNDERFLOW) {
                throw new IOException("DTLSTM: Buffer underflow during wrapping");
            }
            if (status == SSLEngineResult.Status.CLOSED) {
                throw new IOException("DTLSTM: SSLEngine has closed");
            }
            if (allocate.hasRemaining()) {
                int remaining = allocate.remaining();
                byte[] bArr2 = new byte[remaining];
                allocate.get(bArr2);
                arrayList.add(new DatagramPacket(bArr2, remaining, inetSocketAddress));
            }
        }
        LogAdapter logAdapter3 = logger;
        if (logAdapter3.isDebugEnabled()) {
            logAdapter3.debug("Prepared " + arrayList + " for " + udpAddress);
        }
        return arrayList;
    }

    public List<DatagramPacket> produceHandshakePackets(SSLEngine sSLEngine, SocketAddress socketAddress) {
        ArrayList arrayList = new ArrayList();
        int i4 = 100;
        boolean z5 = false;
        while (!z5) {
            i4--;
            if (i4 < 0) {
                throw new RuntimeException("Too much loops to produce handshake packets");
            }
            ByteBuffer allocate = ByteBuffer.allocate(getMaxInboundMessageSize());
            SSLEngineResult wrap = sSLEngine.wrap(ByteBuffer.allocate(0), allocate);
            SSLEngineResult.Status status = wrap.getStatus();
            SSLEngineResult.HandshakeStatus handshakeStatus = wrap.getHandshakeStatus();
            if (status == SSLEngineResult.Status.BUFFER_OVERFLOW) {
                throw new IOException("Buffer overflow: incorrect server maximum fragment size");
            }
            if (status == SSLEngineResult.Status.BUFFER_UNDERFLOW) {
                if (handshakeStatus != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                    throw new IOException("Buffer underflow: incorrect server maximum fragment size");
                }
            } else if (status == SSLEngineResult.Status.CLOSED) {
                throw new IOException("SSLEngine has closed");
            }
            if (allocate.hasRemaining()) {
                byte[] bArr = new byte[allocate.remaining()];
                allocate.get(bArr);
                arrayList.add(createHandshakePacket(bArr, socketAddress));
            }
            boolean z6 = false;
            while (!z6) {
                if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_TASK) {
                    runDelegatedTasks(sSLEngine);
                    handshakeStatus = sSLEngine.getHandshakeStatus();
                } else if (handshakeStatus == SSLEngineResult.HandshakeStatus.FINISHED || handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_UNWRAP || handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_UNWRAP_AGAIN || handshakeStatus == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                    z5 = true;
                    z6 = true;
                } else if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_WRAP) {
                    z6 = true;
                }
            }
        }
        return arrayList;
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public synchronized void removeTransportStateListener(TransportStateListener transportStateListener) {
        List<TransportStateListener> list = this.transportStateListeners;
        if (list != null) {
            list.remove(transportStateListener);
        }
    }

    public boolean runDelegatedTasks(SSLEngine sSLEngine) {
        while (true) {
            Runnable delegatedTask = sSLEngine.getDelegatedTask();
            if (delegatedTask == null) {
                break;
            }
            delegatedTask.run();
        }
        return sSLEngine.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NEED_TASK;
    }

    @Override // org.snmp4j.transport.AbstractTransportMapping
    public void setAsyncMsgProcessingSupported(boolean z5) {
        if (!z5) {
            throw new IllegalArgumentException("Async message processing cannot be disabled for DTLS");
        }
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public void setConnectionTimeout(long j5) {
        this.connectionTimeout = j5;
    }

    public void setDtlsHandshakeThreadPoolSize(int i4) {
        this.dtlsHandshakeThreadPoolSize = i4;
    }

    public void setHandshakeTimeout(int i4) {
        this.handshakeTimeout = i4;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public void setKeyStore(String str) {
        this.keyStore = str;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public void setKeyStorePassword(String str) {
        this.keyStorePassword = str;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public void setLocalCertificateAlias(String str) {
        this.localCertificateAlias = str;
    }

    @Override // org.snmp4j.transport.DefaultUdpTransportMapping
    public void setMaxInboundMessageSize(int i4) {
        this.maxInboundMessageSize = i4;
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public void setMessageLengthDecoder(MessageLengthDecoder messageLengthDecoder) {
        throw new UnsupportedOperationException();
    }

    @Override // org.snmp4j.transport.tls.X509TlsTransportMappingConfig
    public void setPKIXRevocationChecker(PKIXRevocationChecker pKIXRevocationChecker) {
        this.pkixRevocationChecker = pKIXRevocationChecker;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public void setProtocolVersions(String[] strArr) {
        this.dtlsProtocols = strArr;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public void setSecurityCallback(TlsTmSecurityCallback<X509Certificate> tlsTmSecurityCallback) {
        this.securityCallback = tlsTmSecurityCallback;
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public void setServerEnabled(boolean z5) {
        this.serverEnabled = z5;
    }

    public void setSslEngineConfigurator(SSLEngineConfigurator sSLEngineConfigurator) {
        this.sslEngineConfigurator = sSLEngineConfigurator;
    }

    public void setTrustManagerFactory(TLSTMTrustManagerFactory tLSTMTrustManagerFactory) {
        tLSTMTrustManagerFactory.getClass();
        this.trustManagerFactory = tLSTMTrustManagerFactory;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public void setTrustStore(String str) {
        this.trustStore = str;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public void setTrustStorePassword(String str) {
        this.trustStorePassword = str;
    }

    @Override // org.snmp4j.transport.tls.X509TlsTransportMappingConfig
    public void setX09CertificateRevocationListURI(String str) {
        this.x509CertificateRevocationListURI = str;
    }
}
