package threads.magnet.net.crypto;

import androidx.core.view.InputDeviceCompat;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.nio.channels.ByteChannel;
import java.nio.channels.ReadableByteChannel;
import java.nio.charset.StandardCharsets;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.time.Duration;
import java.util.Arrays;
import java.util.Iterator;
import java.util.Random;
import kotlin.UShort;
import threads.magnet.LogUtils;
import threads.magnet.Settings;
import threads.magnet.metainfo.TorrentId;
import threads.magnet.net.BigIntegers;
import threads.magnet.net.ByteChannelReader;
import threads.magnet.net.Peer;
import threads.magnet.net.buffer.DelegatingByteBufferView;
import threads.magnet.protocol.DecodingContext;
import threads.magnet.protocol.Handshake;
import threads.magnet.protocol.Message;
import threads.magnet.protocol.Protocols;
import threads.magnet.protocol.crypto.EncryptionPolicy;
import threads.magnet.protocol.crypto.MSECipher;
import threads.magnet.protocol.handler.MessageHandler;
import threads.magnet.torrent.TorrentDescriptor;
import threads.magnet.torrent.TorrentRegistry;

/* loaded from: classes3.dex */
public class MSEHandshakeProcessor {
    private static final String TAG = "MSEHandshakeProcessor";
    private static final int paddingMaxLength = 512;
    private final MSEKeyPairGenerator keyGenerator;
    private final EncryptionPolicy localEncryptionPolicy;
    private final boolean mseDisabled;
    private final MessageHandler<Message> protocol;
    private final TorrentRegistry torrentRegistry;
    private static final Duration receiveTimeout = Duration.ofSeconds(10);
    private static final Duration waitBetweenReads = Duration.ofSeconds(1);
    private static final byte[] VC_RAW_BYTES = new byte[8];

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: threads.magnet.net.crypto.MSEHandshakeProcessor$1, reason: invalid class name */
    /* loaded from: classes3.dex */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$threads$magnet$protocol$crypto$EncryptionPolicy;

        static {
            int[] iArr = new int[EncryptionPolicy.values().length];
            $SwitchMap$threads$magnet$protocol$crypto$EncryptionPolicy = iArr;
            try {
                iArr[EncryptionPolicy.REQUIRE_PLAINTEXT.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$threads$magnet$protocol$crypto$EncryptionPolicy[EncryptionPolicy.PREFER_PLAINTEXT.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$threads$magnet$protocol$crypto$EncryptionPolicy[EncryptionPolicy.PREFER_ENCRYPTED.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                $SwitchMap$threads$magnet$protocol$crypto$EncryptionPolicy[EncryptionPolicy.REQUIRE_ENCRYPTED.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
        }
    }

    public MSEHandshakeProcessor(TorrentRegistry torrentRegistry, MessageHandler<Message> messageHandler) {
        EncryptionPolicy encryptionPolicy = Settings.encryptionPolicy;
        this.localEncryptionPolicy = encryptionPolicy;
        boolean z = !MSECipher.isKeySizeSupported(20);
        if (z) {
            String format = String.format("Current Bt runtime is configured to use private key size of %d bytes for Message Stream Encryption (MSE), and the preferred encryption policy is %s. The aforementioned key size is not allowed in the current JDK configuration. Hence, MSE encryption negotiation procedure will NOT be used", 20, encryptionPolicy.name());
            int i = AnonymousClass1.$SwitchMap$threads$magnet$protocol$crypto$EncryptionPolicy[encryptionPolicy.ordinal()];
            if (i != 1 && i != 2 && i != 3) {
                if (i == 4) {
                    throw new IllegalStateException(format + ", and considering the requirement for mandatory encryption, this effectively means, that no peer connections will ever be established. To fix this problem, please do one of the following: (a) update your JDK or Java runtime environment settings for unlimited cryptography support; (b) specify a different private key size (not recommended); (c) choose a more permissive encryption policy");
                }
                throw new IllegalStateException("Unknown encryption policy: " + encryptionPolicy.name());
            }
            LogUtils.info(TAG, format + ", and all peer connections will be established in plaintext by using the standard BitTorrent handshake. This may negatively affect the number of peers, which can be connected to. To fix this problem, please do one of the following: (a) update your JDK or Java runtime environment settings for unlimited cryptography support; (b) specify a different private key size (not recommended)");
        }
        this.mseDisabled = z;
        this.keyGenerator = new MSEKeyPairGenerator(20);
        this.torrentRegistry = torrentRegistry;
        this.protocol = messageHandler;
    }

    private void assertPolicyIsCompatible() {
        if (this.localEncryptionPolicy.isCompatible(EncryptionPolicy.REQUIRE_PLAINTEXT)) {
            return;
        }
        throw new RuntimeException("Encryption policies are incompatible: peer's (" + EncryptionPolicy.REQUIRE_PLAINTEXT.name() + "), local (" + this.localEncryptionPolicy.name() + ")");
    }

    private static byte[] getCryptoProvideBitfield(EncryptionPolicy encryptionPolicy) {
        byte[] bArr = new byte[4];
        int i = AnonymousClass1.$SwitchMap$threads$magnet$protocol$crypto$EncryptionPolicy[encryptionPolicy.ordinal()];
        if (i == 1) {
            bArr[3] = 1;
        } else if (i == 2 || i == 3) {
            bArr[3] = 3;
        } else if (i == 4) {
            bArr[3] = 2;
        }
        return bArr;
    }

    private static MessageDigest getDigest() {
        try {
            return MessageDigest.getInstance("SHA-1");
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    private static byte[] getPadding() {
        Random random = new Random();
        int nextInt = random.nextInt(InputDeviceCompat.SOURCE_DPAD);
        byte[] bArr = new byte[nextInt];
        for (int i = 0; i < nextInt; i++) {
            bArr[i] = (byte) random.nextInt(256);
        }
        return bArr;
    }

    private static byte[] getZeroPadding() {
        return new byte[new Random().nextInt(InputDeviceCompat.SOURCE_DPAD)];
    }

    private static ByteChannelReader reader(ReadableByteChannel readableByteChannel) {
        return ByteChannelReader.forChannel(readableByteChannel).withTimeout(receiveTimeout).waitBetweenReads(waitBetweenReads);
    }

    /* JADX WARN: Removed duplicated region for block: B:11:0x005c A[RETURN] */
    /* JADX WARN: Removed duplicated region for block: B:13:0x005d  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static threads.magnet.protocol.crypto.EncryptionPolicy selectPolicy(byte[] r7, threads.magnet.protocol.crypto.EncryptionPolicy r8) {
        /*
            r0 = 3
            r1 = r7[r0]
            r2 = r1 & 1
            r3 = 0
            r4 = 1
            if (r2 != r4) goto Lb
            r2 = r4
            goto Lc
        Lb:
            r2 = r3
        Lc:
            r5 = 2
            r1 = r1 & r5
            if (r1 != r5) goto L11
            r3 = r4
        L11:
            if (r2 != 0) goto L15
            if (r3 == 0) goto L59
        L15:
            int[] r1 = threads.magnet.net.crypto.MSEHandshakeProcessor.AnonymousClass1.$SwitchMap$threads$magnet$protocol$crypto$EncryptionPolicy
            int r6 = r8.ordinal()
            r1 = r1[r6]
            if (r1 == r4) goto L54
            if (r1 == r5) goto L4c
            if (r1 == r0) goto L44
            r0 = 4
            if (r1 != r0) goto L2b
            if (r3 == 0) goto L59
            threads.magnet.protocol.crypto.EncryptionPolicy r0 = threads.magnet.protocol.crypto.EncryptionPolicy.REQUIRE_ENCRYPTED
            goto L5a
        L2b:
            java.lang.IllegalStateException r7 = new java.lang.IllegalStateException
            java.lang.String r8 = r8.name()
            java.lang.StringBuilder r0 = new java.lang.StringBuilder
            java.lang.String r1 = "Unknown encryption policy: "
            r0.<init>(r1)
            java.lang.StringBuilder r8 = r0.append(r8)
            java.lang.String r8 = r8.toString()
            r7.<init>(r8)
            throw r7
        L44:
            if (r3 == 0) goto L49
            threads.magnet.protocol.crypto.EncryptionPolicy r0 = threads.magnet.protocol.crypto.EncryptionPolicy.REQUIRE_ENCRYPTED
            goto L5a
        L49:
            threads.magnet.protocol.crypto.EncryptionPolicy r0 = threads.magnet.protocol.crypto.EncryptionPolicy.REQUIRE_PLAINTEXT
            goto L5a
        L4c:
            if (r2 == 0) goto L51
            threads.magnet.protocol.crypto.EncryptionPolicy r0 = threads.magnet.protocol.crypto.EncryptionPolicy.REQUIRE_PLAINTEXT
            goto L5a
        L51:
            threads.magnet.protocol.crypto.EncryptionPolicy r0 = threads.magnet.protocol.crypto.EncryptionPolicy.REQUIRE_ENCRYPTED
            goto L5a
        L54:
            if (r2 == 0) goto L59
            threads.magnet.protocol.crypto.EncryptionPolicy r0 = threads.magnet.protocol.crypto.EncryptionPolicy.REQUIRE_PLAINTEXT
            goto L5a
        L59:
            r0 = 0
        L5a:
            if (r0 == 0) goto L5d
            return r0
        L5d:
            java.lang.IllegalStateException r0 = new java.lang.IllegalStateException
            java.lang.String r8 = r8.name()
            java.lang.String r7 = java.util.Arrays.toString(r7)
            java.lang.StringBuilder r1 = new java.lang.StringBuilder
            java.lang.String r2 = "Failed to negotiate the encryption policy: local policy ("
            r1.<init>(r2)
            java.lang.StringBuilder r8 = r1.append(r8)
            java.lang.String r1 = "), peer's policy ("
            java.lang.StringBuilder r8 = r8.append(r1)
            java.lang.StringBuilder r7 = r8.append(r7)
            java.lang.String r8 = ")"
            java.lang.StringBuilder r7 = r7.append(r8)
            java.lang.String r7 = r7.toString()
            r0.<init>(r7)
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: threads.magnet.net.crypto.MSEHandshakeProcessor.selectPolicy(byte[], threads.magnet.protocol.crypto.EncryptionPolicy):threads.magnet.protocol.crypto.EncryptionPolicy");
    }

    private static byte[] xor(byte[] bArr, byte[] bArr2) {
        if (bArr.length != bArr2.length) {
            throw new IllegalStateException("Lengths do not match: " + bArr.length + ", " + bArr2.length);
        }
        byte[] bArr3 = new byte[bArr.length];
        for (int i = 0; i < bArr.length; i++) {
            bArr3[i] = (byte) (bArr[i] ^ bArr2[i]);
        }
        return bArr3;
    }

    public MSECipher negotiateIncoming(Peer peer, ByteChannel byteChannel, ByteBuffer byteBuffer, ByteBuffer byteBuffer2) throws IOException {
        int i;
        TorrentId torrentId;
        if (this.mseDisabled) {
            return null;
        }
        ByteChannelReader reader = reader(byteChannel);
        int read = reader.readAtLeast(20).read(byteBuffer);
        byteBuffer.flip();
        DecodingContext decodingContext = new DecodingContext(peer);
        try {
            i = this.protocol.decode(decodingContext, new DelegatingByteBufferView(byteBuffer));
        } catch (Exception unused) {
            i = 0;
        }
        if (i > 0 && (decodingContext.getMessage() instanceof Handshake)) {
            assertPolicyIsCompatible();
            return null;
        }
        byteBuffer.limit(byteBuffer.capacity());
        byteBuffer.position(read);
        int read2 = read < 96 ? reader.readAtLeast(96 - read).readNoMoreThan(608 - read).read(byteBuffer) : 0;
        byteBuffer.flip();
        BigInteger decodeUnsigned = BigIntegers.decodeUnsigned(byteBuffer, 96);
        byteBuffer.clear();
        KeyPair generateKeyPair = this.keyGenerator.generateKeyPair();
        byteBuffer2.put(generateKeyPair.getPublic().getEncoded());
        byteBuffer2.put(getPadding());
        byteBuffer2.flip();
        byteChannel.write(byteBuffer2);
        byteBuffer2.clear();
        BigInteger calculateSharedSecret = MSEKeyPairGenerator.calculateSharedSecret(decodeUnsigned, generateKeyPair.getPrivate());
        MessageDigest digest = getDigest();
        byte[] bArr = new byte[20];
        digest.update("req1".getBytes(StandardCharsets.US_ASCII));
        digest.update(BigIntegers.encodeUnsigned(calculateSharedSecret, 96));
        int sync = read2 + reader.readAtLeast(56).readNoMoreThan(1176 - (read + read2)).sync(byteBuffer, digest.digest());
        byteBuffer.limit(sync);
        byteBuffer.get(bArr);
        digest.update("req3".getBytes(StandardCharsets.US_ASCII));
        digest.update(BigIntegers.encodeUnsigned(calculateSharedSecret, 96));
        byte[] digest2 = digest.digest();
        Iterator<TorrentId> it = this.torrentRegistry.getTorrentIds().iterator();
        while (true) {
            if (!it.hasNext()) {
                torrentId = null;
                break;
            }
            torrentId = it.next();
            digest.update("req2".getBytes(StandardCharsets.US_ASCII));
            digest.update(torrentId.getBytes());
            if (Arrays.equals(xor(digest.digest(), digest2), bArr)) {
                break;
            }
        }
        if (torrentId == null) {
            throw new IllegalStateException("Unsupported threads.torrent requested");
        }
        TorrentDescriptor descriptor = this.torrentRegistry.getDescriptor(torrentId);
        if (descriptor != null && !descriptor.isActive()) {
            throw new IllegalStateException("Inactive threads.torrent requested: " + torrentId);
        }
        MSECipher forReceiver = MSECipher.forReceiver(BigIntegers.encodeUnsigned(calculateSharedSecret, 96), torrentId);
        EncryptedChannel encryptedChannel = new EncryptedChannel(byteChannel, forReceiver.getDecryptionCipher(), forReceiver.getEncryptionCipher());
        ByteChannelReader reader2 = reader(encryptedChannel);
        int position = byteBuffer.position();
        int remaining = byteBuffer.remaining();
        byte[] bArr2 = new byte[remaining];
        byteBuffer.get(bArr2);
        byteBuffer.position(position);
        try {
            byteBuffer.put(forReceiver.getDecryptionCipher().update(bArr2));
            byteBuffer.position(position);
            byte[] bArr3 = new byte[8];
            byteBuffer.get(bArr3);
            byte[] bArr4 = VC_RAW_BYTES;
            if (!Arrays.equals(bArr4, bArr3)) {
                throw new IllegalStateException("Invalid VC: " + Arrays.toString(bArr3));
            }
            byte[] bArr5 = new byte[4];
            byteBuffer.get(bArr5);
            EncryptionPolicy selectPolicy = selectPolicy(bArr5, this.localEncryptionPolicy);
            int i2 = byteBuffer.getShort() & UShort.MAX_VALUE;
            if (i2 > 512) {
                throw new IllegalStateException("Padding is too long: " + i2);
            }
            int position2 = byteBuffer.position();
            if (byteBuffer.remaining() < i2) {
                byteBuffer.limit(byteBuffer.capacity());
                byteBuffer.position(sync);
                reader2.readAtLeast((i2 - byteBuffer.remaining()) + 2).read(byteBuffer);
                byteBuffer.flip();
                byteBuffer.position(position2);
            }
            byteBuffer.position(position2 + i2);
            byteBuffer.getShort();
            byteBuffer.compact();
            byteBuffer2.put(bArr4);
            byteBuffer2.put(getCryptoProvideBitfield(selectPolicy));
            byte[] zeroPadding = getZeroPadding();
            byteBuffer2.putShort((short) zeroPadding.length);
            byteBuffer2.put(zeroPadding);
            byteBuffer2.flip();
            encryptedChannel.write(byteBuffer2);
            byteBuffer2.clear();
            int i3 = AnonymousClass1.$SwitchMap$threads$magnet$protocol$crypto$EncryptionPolicy[selectPolicy.ordinal()];
            if (i3 == 1 || i3 == 2) {
                return null;
            }
            if (i3 == 3 || i3 == 4) {
                return forReceiver;
            }
            throw new IllegalStateException("Unknown encryption policy: " + selectPolicy.name());
        } catch (Exception unused2) {
            throw new RuntimeException("Failed to decrypt leftover bytes: " + remaining);
        }
    }

    public MSECipher negotiateOutgoing(ByteChannel byteChannel, TorrentId torrentId, ByteBuffer byteBuffer, ByteBuffer byteBuffer2) throws IOException {
        if (this.mseDisabled) {
            return null;
        }
        ByteChannelReader reader = reader(byteChannel);
        KeyPair generateKeyPair = this.keyGenerator.generateKeyPair();
        byteBuffer2.put(generateKeyPair.getPublic().getEncoded());
        byteBuffer2.put(getPadding());
        byteBuffer2.flip();
        byteChannel.write(byteBuffer2);
        byteBuffer2.clear();
        int read = reader.readBetween(96, 608).read(byteBuffer);
        byteBuffer.flip();
        BigInteger decodeUnsigned = BigIntegers.decodeUnsigned(byteBuffer, 96);
        byteBuffer.clear();
        BigInteger calculateSharedSecret = MSEKeyPairGenerator.calculateSharedSecret(decodeUnsigned, generateKeyPair.getPrivate());
        MessageDigest digest = getDigest();
        digest.update("req1".getBytes(StandardCharsets.US_ASCII));
        digest.update(BigIntegers.encodeUnsigned(calculateSharedSecret, 96));
        byteBuffer2.put(digest.digest());
        digest.update("req2".getBytes(StandardCharsets.US_ASCII));
        digest.update(torrentId.getBytes());
        byte[] digest2 = digest.digest();
        digest.update("req3".getBytes(StandardCharsets.US_ASCII));
        digest.update(BigIntegers.encodeUnsigned(calculateSharedSecret, 96));
        byteBuffer2.put(xor(digest2, digest.digest()));
        byteBuffer2.flip();
        byteChannel.write(byteBuffer2);
        byteBuffer2.clear();
        byte[] encodeUnsigned = BigIntegers.encodeUnsigned(calculateSharedSecret, 96);
        MSECipher forInitiator = MSECipher.forInitiator(encodeUnsigned, torrentId);
        EncryptedChannel encryptedChannel = new EncryptedChannel(byteChannel, forInitiator.getDecryptionCipher(), forInitiator.getEncryptionCipher());
        byte[] bArr = VC_RAW_BYTES;
        byteBuffer2.put(bArr);
        byteBuffer2.put(getCryptoProvideBitfield(this.localEncryptionPolicy));
        byte[] zeroPadding = getZeroPadding();
        byteBuffer2.put(Protocols.getShortBytes(zeroPadding.length));
        byteBuffer2.put(zeroPadding);
        byteBuffer2.putShort((short) 0);
        byteBuffer2.flip();
        encryptedChannel.write(byteBuffer2);
        byteBuffer2.clear();
        try {
            byte[] doFinal = MSECipher.forInitiator(encodeUnsigned, torrentId).getDecryptionCipher().doFinal(bArr);
            int length = doFinal.length + 6;
            int i = (608 - read) + length + 512;
            int position = byteBuffer.position();
            int sync = reader.readBetween(length, i).sync(byteBuffer, doFinal);
            int position2 = byteBuffer.position();
            ByteChannelReader reader2 = reader(encryptedChannel);
            byteBuffer.limit(position + sync);
            forInitiator.getDecryptionCipher().update(new byte[bArr.length]);
            byte[] bArr2 = new byte[byteBuffer.remaining()];
            byteBuffer.get(bArr2);
            byteBuffer.position(position2);
            byteBuffer.put(forInitiator.getDecryptionCipher().update(bArr2));
            byteBuffer.position(position2);
            if (byteBuffer.remaining() < length - doFinal.length) {
                int limit = byteBuffer.limit();
                byteBuffer.limit(byteBuffer.capacity());
                int read2 = reader2.readAtLeast(length - doFinal.length).readNoMoreThan((length - doFinal.length) + 512).read(byteBuffer);
                byteBuffer.position(position2);
                byteBuffer.limit(limit + read2);
            }
            byte[] bArr3 = new byte[4];
            byteBuffer.get(bArr3);
            EncryptionPolicy selectPolicy = selectPolicy(bArr3, this.localEncryptionPolicy);
            int i2 = byteBuffer.getShort() & UShort.MAX_VALUE;
            int remaining = i2 - byteBuffer.remaining();
            if (remaining > 0) {
                int position3 = byteBuffer.position();
                byteBuffer.limit(byteBuffer.capacity());
                reader2.readAtLeast(remaining).read(byteBuffer);
                byteBuffer.flip();
                byteBuffer.position(position3);
            }
            byteBuffer.position(byteBuffer.position() + i2);
            byteBuffer.compact();
            byteBuffer2.clear();
            int i3 = AnonymousClass1.$SwitchMap$threads$magnet$protocol$crypto$EncryptionPolicy[selectPolicy.ordinal()];
            if (i3 == 1 || i3 == 2) {
                return null;
            }
            if (i3 == 3 || i3 == 4) {
                return forInitiator;
            }
            throw new IllegalStateException("Unknown encryption policy: " + selectPolicy.name());
        } catch (Exception e) {
            throw new RuntimeException("Failed to encrypt VC", e);
        }
    }
}
