package net.luminis.quic.crypto;

import at.favre.lib.hkdf.HKDF;
import com.applovin.exoplayer2.common.base.Ascii;
import j$.nio.file.Files;
import j$.nio.file.Path;
import j$.nio.file.StandardOpenOption;
import j$.nio.file.attribute.FileAttribute;
import java.io.IOException;
import java.util.ArrayList;
import net.luminis.quic.common.EncryptionLevel;
import net.luminis.quic.impl.Role;
import net.luminis.quic.impl.Version;
import net.luminis.quic.impl.VersionHolder;
import net.luminis.quic.log.Logger;
import net.luminis.quic.util.Bytes;
import net.luminis.tls.TlsConstants;
import net.luminis.tls.engine.TrafficSecrets;

/* loaded from: classes4.dex */
public class ConnectionSecrets {
    public static final byte[] m = {-81, -65, -20, 40, -103, -109, -46, 76, -98, -105, -122, -15, -100, 97, 17, -32, 67, -112, -88, -103};
    public static final byte[] n = {56, 118, 44, -9, -11, 89, 52, -77, 77, Ascii.ETB, -102, -26, -92, -56, Ascii.FF, -83, -52, -69, Ascii.DEL, 10};
    public static final byte[] o = {Ascii.CR, -19, -29, -34, -9, 0, -90, -37, -127, -109, -127, -66, 110, 38, -99, -53, -7, -67, 46, -39};

    /* renamed from: a, reason: collision with root package name */
    public TlsConstants.CipherSuite f24067a;
    public final VersionHolder b;
    public final Role c;
    public Logger d;
    public byte[] e;
    public Aead h;
    public boolean i;
    public Path j;
    public byte[] k;
    public Aead[] f = new Aead[EncryptionLevel.values().length];
    public Aead[] g = new Aead[EncryptionLevel.values().length];
    public boolean[] l = new boolean[EncryptionLevel.values().length];

    public ConnectionSecrets(VersionHolder versionHolder, Role role, Path path, Logger logger) {
        this.b = versionHolder;
        this.c = role;
        this.d = logger;
        if (path != null) {
            this.j = path;
            try {
                Files.deleteIfExists(path);
                Files.createFile(this.j, new FileAttribute[0]);
                this.i = true;
            } catch (IOException e) {
                logger.error("Initializing (creating/truncating) secrets file '" + this.j + "' failed", e);
            }
        }
    }

    public final void a(String str, EncryptionLevel encryptionLevel) {
        ArrayList arrayList = new ArrayList();
        arrayList.add("CLIENT_" + str + " " + Bytes.b(this.e) + " " + Bytes.b(this.f[encryptionLevel.ordinal()].i()));
        arrayList.add("SERVER_" + str + " " + Bytes.b(this.e) + " " + Bytes.b(this.g[encryptionLevel.ordinal()].i()));
        try {
            Files.write(this.j, arrayList, StandardOpenOption.APPEND);
        } catch (IOException e) {
            this.d.error("Writing secrets to file '" + this.j + "' failed", e);
            this.i = false;
        }
    }

    public final Aead b(Aead aead, EncryptionLevel encryptionLevel) throws MissingKeysException {
        if (aead != null) {
            return aead;
        }
        throw new MissingKeysException(encryptionLevel, this.l[encryptionLevel.ordinal()]);
    }

    public synchronized void c(TrafficSecrets trafficSecrets) {
        EncryptionLevel encryptionLevel = EncryptionLevel.App;
        h(encryptionLevel, this.f24067a, this.b.a());
        byte[] r = trafficSecrets.r();
        this.d.secret("ClientApplicationTrafficSecret: ", r);
        this.f[encryptionLevel.ordinal()].e(r);
        byte[] l = trafficSecrets.l();
        this.d.secret("ServerApplicationTrafficSecret: ", l);
        this.g[encryptionLevel.ordinal()].e(l);
        if (this.i) {
            a("TRAFFIC_SECRET_0", encryptionLevel);
        }
    }

    public synchronized void d(TrafficSecrets trafficSecrets, TlsConstants.CipherSuite cipherSuite, Version version) {
        EncryptionLevel encryptionLevel = EncryptionLevel.ZeroRTT;
        h(encryptionLevel, cipherSuite, version);
        this.f[encryptionLevel.ordinal()].e(trafficSecrets.v());
    }

    public synchronized void e(TrafficSecrets trafficSecrets, TlsConstants.CipherSuite cipherSuite) {
        this.f24067a = cipherSuite;
        EncryptionLevel encryptionLevel = EncryptionLevel.Handshake;
        h(encryptionLevel, cipherSuite, this.b.a());
        byte[] w = trafficSecrets.w();
        this.d.secret("ClientHandshakeTrafficSecret: ", w);
        this.f[encryptionLevel.ordinal()].e(w);
        byte[] x = trafficSecrets.x();
        this.d.secret("ServerHandshakeTrafficSecret: ", x);
        this.g[encryptionLevel.ordinal()].e(x);
        if (this.i) {
            a("HANDSHAKE_TRAFFIC_SECRET", encryptionLevel);
        }
    }

    public synchronized void f(byte[] bArr) {
        this.k = bArr;
        Version a2 = this.b.a();
        byte[] g = g(a2);
        this.d.secret("Initial secret", g);
        Aead[] aeadArr = this.f;
        EncryptionLevel encryptionLevel = EncryptionLevel.Initial;
        aeadArr[encryptionLevel.ordinal()] = new Aes128Gcm(a2, g, Role.Client, this.d);
        this.g[encryptionLevel.ordinal()] = new Aes128Gcm(a2, g, Role.Server, this.d);
    }

    public final byte[] g(Version version) {
        return HKDF.f().d(version.c() ? n : version.e() ? o : m, this.k);
    }

    public final void h(EncryptionLevel encryptionLevel, TlsConstants.CipherSuite cipherSuite, Version version) {
        Aead chaCha20;
        Aead chaCha202;
        if (cipherSuite == TlsConstants.CipherSuite.TLS_AES_128_GCM_SHA256) {
            chaCha20 = new Aes128Gcm(version, Role.Client, this.d);
            chaCha202 = new Aes128Gcm(version, Role.Server, this.d);
        } else if (cipherSuite == TlsConstants.CipherSuite.TLS_AES_256_GCM_SHA384) {
            chaCha20 = new Aes256Gcm(version, Role.Client, this.d);
            chaCha202 = new Aes256Gcm(version, Role.Server, this.d);
        } else {
            if (cipherSuite != TlsConstants.CipherSuite.TLS_CHACHA20_POLY1305_SHA256) {
                throw new IllegalStateException("unsupported cipher suite " + cipherSuite);
            }
            chaCha20 = new ChaCha20(version, Role.Client, this.d);
            chaCha202 = new ChaCha20(version, Role.Server, this.d);
        }
        this.f[encryptionLevel.ordinal()] = chaCha20;
        if (encryptionLevel != EncryptionLevel.ZeroRTT) {
            this.g[encryptionLevel.ordinal()] = chaCha202;
        }
        chaCha20.a(chaCha202);
        chaCha202.a(chaCha20);
    }

    public void i(EncryptionLevel encryptionLevel) {
        this.l[encryptionLevel.ordinal()] = true;
        this.f[encryptionLevel.ordinal()] = null;
        this.g[encryptionLevel.ordinal()] = null;
    }

    public Aead j(Version version) {
        return new Aes128Gcm(version, g(version), this.c.p(), this.d);
    }

    public synchronized Aead k() {
        Aead aead = this.h;
        if (aead != null) {
            return aead;
        }
        return this.f[EncryptionLevel.Initial.ordinal()];
    }

    public synchronized Aead l(EncryptionLevel encryptionLevel) throws MissingKeysException {
        try {
        } catch (Throwable th) {
            throw th;
        }
        return b(this.c == Role.Client ? this.f[encryptionLevel.ordinal()] : this.g[encryptionLevel.ordinal()], encryptionLevel);
    }

    public synchronized Aead m(EncryptionLevel encryptionLevel) throws MissingKeysException {
        try {
        } catch (Throwable th) {
            throw th;
        }
        return b(this.c == Role.Client ? this.g[encryptionLevel.ordinal()] : this.f[encryptionLevel.ordinal()], encryptionLevel);
    }

    public void n() {
        f(this.k);
    }

    public synchronized void o(byte[] bArr) {
        this.h = this.f[EncryptionLevel.Initial.ordinal()];
        this.k = bArr;
        f(bArr);
    }

    public void p(byte[] bArr) {
        this.e = bArr;
    }
}
