package de.flyingsnail.ipv6droid.transport.dtls;

import android.util.Log;
import de.flyingsnail.ipv6droid.android.AndroidLoggingHandler;
import de.flyingsnail.ipv6droid.android.dtlsrequest.AndroidBackedKeyPair;
import de.flyingsnail.ipv6droid.transport.TunnelSpec;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.ObjectStreamException;
import java.io.Serializable;
import java.net.Inet4Address;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.SecureRandom;
import java.util.Date;
import java.util.List;
import java.util.concurrent.Callable;
import java.util.concurrent.CancellationException;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.bouncycastle.tls.Certificate;
import org.bouncycastle.tls.crypto.TlsCertificate;
import org.bouncycastle.tls.crypto.TlsCrypto;
import org.bouncycastle.tls.crypto.impl.bc.BcTlsCrypto;

/* loaded from: classes.dex */
public class TransporterParams implements TunnelSpec, Serializable {
    static final String TUNNEL_TYPE = "DTLSTunnel";
    private static final Logger logger = AndroidLoggingHandler.getLogger(TransporterParams.class);
    private static final ExecutorService resolverPool = Executors.newCachedThreadPool();
    private static final long serialVersionUID = 4;
    private Certificate certChain;
    private List<String> certChainEncoded;
    private TlsCrypto crypto;
    private String dnsPop;
    private Date expiryDate;
    private int heartbeat;
    private Inet4Address ipv4Pop;
    private Inet6Address ipv6Endpoint;
    private AndroidBackedKeyPair keyPair;
    private int mtu;
    private String popName;
    private int portPop;
    private String privateKeyAlias;
    private Future<Inet4Address> resolvedIp;
    private String tunnelId;
    private String tunnelName;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class HostResolver implements Callable<Inet4Address>, Serializable {
        private final String popHost;

        public HostResolver(String str) {
            this.popHost = str;
        }

        @Override // java.util.concurrent.Callable
        public Inet4Address call() throws UnknownHostException {
            Log.i(getClass().getName(), "Resolving hostname from URL " + this.popHost);
            for (InetAddress inetAddress : InetAddress.getAllByName(this.popHost)) {
                if (inetAddress instanceof Inet4Address) {
                    Log.d(getClass().getName(), "Resolved to " + inetAddress);
                    return (Inet4Address) inetAddress;
                }
            }
            throw new UnknownHostException("No IPv4 address for " + this.popHost);
        }
    }

    public TransporterParams() {
        logger.info("Constructing");
        this.crypto = new BcTlsCrypto(new SecureRandom());
    }

    private void readObject(ObjectInputStream objectInputStream) throws IOException, ClassNotFoundException {
        logger.info("Deserializing");
        this.crypto = new BcTlsCrypto(new SecureRandom());
        this.ipv4Pop = (Inet4Address) objectInputStream.readObject();
        this.mtu = objectInputStream.readInt();
        this.heartbeat = objectInputStream.readInt();
        setPrivateKeyAlias((String) objectInputStream.readObject());
        try {
            setCertChainEncoded((List) objectInputStream.readObject());
        } catch (ClassCastException | IllegalArgumentException e) {
            throw new IOException(e);
        }
    }

    private void readObjectNoData() throws ObjectStreamException {
        throw new ObjectStreamException(getClass().getName()) { // from class: de.flyingsnail.ipv6droid.transport.dtls.TransporterParams.1
        };
    }

    private void setExpiryDate(Date date) {
        this.expiryDate = date;
    }

    private void writeObject(ObjectOutputStream objectOutputStream) throws IOException {
        logger.info("Serializing");
        objectOutputStream.writeObject(this.ipv4Pop);
        objectOutputStream.writeInt(this.mtu);
        objectOutputStream.writeInt(this.heartbeat);
        objectOutputStream.writeObject(this.privateKeyAlias);
        objectOutputStream.writeObject(this.certChainEncoded);
    }

    public Certificate getCertChain() {
        return this.certChain;
    }

    public List<String> getCertChainEncoded() {
        return this.certChainEncoded;
    }

    public String getDnsPop() {
        return this.dnsPop;
    }

    @Override // de.flyingsnail.ipv6droid.transport.TunnelSpec
    public Date getExpiryDate() {
        return this.expiryDate;
    }

    @Override // de.flyingsnail.ipv6droid.transport.TunnelSpec
    public int getHeartbeatInterval() {
        return this.heartbeat;
    }

    @Override // de.flyingsnail.ipv6droid.transport.TunnelSpec
    public Inet4Address getIPv4Pop() {
        if (this.ipv4Pop == null && this.resolvedIp == null && this.dnsPop != null) {
            this.resolvedIp = resolverPool.submit(new HostResolver(this.dnsPop));
        }
        Future<Inet4Address> future = this.resolvedIp;
        if (future != null && (this.ipv4Pop == null || future.isDone())) {
            logger.info("Reading IPv4 address from async resolver");
            synchronized (this) {
                try {
                    try {
                        this.ipv4Pop = this.resolvedIp.get();
                    } catch (InterruptedException unused) {
                        logger.warning("Interrupted while reading resolved address");
                    } catch (CancellationException e) {
                        e = e;
                        logger.log(Level.INFO, "Async resolver didn't resolve", e);
                    } catch (ExecutionException e2) {
                        e = e2;
                        logger.log(Level.INFO, "Async resolver didn't resolve", e);
                    }
                } finally {
                    this.resolvedIp = null;
                }
            }
        }
        return this.ipv4Pop;
    }

    @Override // de.flyingsnail.ipv6droid.transport.TunnelSpec
    public Inet6Address getIpv6Endpoint() {
        return this.ipv6Endpoint;
    }

    public AndroidBackedKeyPair getKeyPair() {
        return this.keyPair;
    }

    @Override // de.flyingsnail.ipv6droid.transport.TunnelSpec
    public int getMtu() {
        return this.mtu;
    }

    @Override // de.flyingsnail.ipv6droid.transport.TunnelSpec
    public String getPopName() {
        return this.popName;
    }

    public int getPortPop() {
        return this.portPop;
    }

    public String getPrivateKeyAlias() {
        return this.privateKeyAlias;
    }

    @Override // de.flyingsnail.ipv6droid.transport.TunnelSpec
    public String getTunnelId() {
        return this.tunnelId;
    }

    @Override // de.flyingsnail.ipv6droid.transport.TunnelSpec
    public String getTunnelName() {
        return this.tunnelName;
    }

    @Override // de.flyingsnail.ipv6droid.transport.TunnelSpec
    public String getType() {
        return TUNNEL_TYPE;
    }

    @Override // de.flyingsnail.ipv6droid.transport.TunnelSpec
    public boolean isEnabled() {
        return getExpiryDate().after(new Date());
    }

    public void setCertChainEncoded(List<String> list) throws IllegalArgumentException {
        logger.info("Setting encoded certificate and reading data from it");
        this.certChainEncoded = list;
        try {
            Certificate parseCertificateChain = DTLSUtils.parseCertificateChain(this.crypto, list);
            this.certChain = parseCertificateChain;
            if (parseCertificateChain.getLength() < 2) {
                throw new IllegalArgumentException("Supplied certificate chain is missing the CA certificate");
            }
            TlsCertificate certificateAt = this.certChain.getCertificateAt(0);
            Inet6Address ipv6AlternativeName = DTLSUtils.getIpv6AlternativeName(certificateAt);
            if (ipv6AlternativeName == null) {
                throw new IllegalArgumentException("Supplied certificate is missing the IPv6 IP as alternative name");
            }
            setIpv6Endpoint(ipv6AlternativeName);
            setPopName(DTLSUtils.getIssuerName(certificateAt));
            setTunnelName(DTLSUtils.getSubjectCommonName(certificateAt));
            URL issuerUrl = DTLSUtils.getIssuerUrl(certificateAt);
            if (issuerUrl == null) {
                throw new IllegalArgumentException("No POP URL included in certificate");
            }
            int port = issuerUrl.getPort();
            if (port <= 0) {
                throw new IllegalArgumentException("No port is included in URL read from certificate");
            }
            setPortPop(port);
            setExpiryDate(DTLSUtils.getExpiryDate(certificateAt));
            setTunnelId(certificateAt.getSerialNumber().toString(16));
            this.dnsPop = issuerUrl.getHost();
            Future<Inet4Address> future = this.resolvedIp;
            if (future != null && !future.isDone()) {
                this.resolvedIp.cancel(true);
            }
            this.resolvedIp = resolverPool.submit(new HostResolver(this.dnsPop));
        } catch (IOException e) {
            throw new IllegalArgumentException("Incorrectly configured, failure to parse certificates", e);
        }
    }

    @Override // de.flyingsnail.ipv6droid.transport.TunnelSpec
    public void setHeartbeatInterval(int i) {
        this.heartbeat = i;
    }

    @Override // de.flyingsnail.ipv6droid.transport.TunnelSpec
    public void setIPv4Pop(Inet4Address inet4Address) {
        this.ipv4Pop = inet4Address;
        Future<Inet4Address> future = this.resolvedIp;
        if (future != null && !future.isDone()) {
            this.resolvedIp.cancel(true);
        }
        this.resolvedIp = null;
    }

    @Override // de.flyingsnail.ipv6droid.transport.TunnelSpec
    public void setIpv6Endpoint(Inet6Address inet6Address) {
        this.ipv6Endpoint = inet6Address;
    }

    @Override // de.flyingsnail.ipv6droid.transport.TunnelSpec
    public void setMtu(int i) {
        this.mtu = i;
    }

    @Override // de.flyingsnail.ipv6droid.transport.TunnelSpec
    public void setPopName(String str) {
        this.popName = str;
    }

    public void setPortPop(int i) {
        this.portPop = i;
    }

    public void setPrivateKeyAlias(String str) throws IOException, IllegalStateException, IllegalArgumentException {
        this.privateKeyAlias = str;
        this.keyPair = new AndroidBackedKeyPair(str);
    }

    @Override // de.flyingsnail.ipv6droid.transport.TunnelSpec
    public void setTunnelId(String str) {
        this.tunnelId = str;
    }

    @Override // de.flyingsnail.ipv6droid.transport.TunnelSpec
    public void setTunnelName(String str) {
        this.tunnelName = str;
    }

    public String toString() {
        StringBuilder append = new StringBuilder().append(this.tunnelName).append(" (").append(this.tunnelId).append("), DTLS\n Your endpoint ");
        Inet6Address inet6Address = this.ipv6Endpoint;
        return append.append(inet6Address == null ? "-" : inet6Address.getHostAddress()).toString();
    }
}
