package org.jitsi.nlj.dtls;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import gov.nist.javax.sip.header.ParameterNames;
import io.sentry.SentryEvent;
import java.nio.ByteBuffer;
import java.util.Arrays;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.collections.ArraysKt;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.ArrayIteratorKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.SourceDebugExtension;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.util.PrivateKeyFactory;
import org.bouncycastle.tls.AlertDescription;
import org.bouncycastle.tls.Certificate;
import org.bouncycastle.tls.CertificateRequest;
import org.bouncycastle.tls.DefaultTlsClient;
import org.bouncycastle.tls.ExporterLabel;
import org.bouncycastle.tls.ProtocolVersion;
import org.bouncycastle.tls.SignatureAndHashAlgorithm;
import org.bouncycastle.tls.TlsAuthentication;
import org.bouncycastle.tls.TlsClientContext;
import org.bouncycastle.tls.TlsCredentials;
import org.bouncycastle.tls.TlsSRTPUtils;
import org.bouncycastle.tls.TlsServerCertificate;
import org.bouncycastle.tls.TlsSession;
import org.bouncycastle.tls.TlsUtils;
import org.bouncycastle.tls.UseSRTPData;
import org.bouncycastle.tls.crypto.TlsCrypto;
import org.bouncycastle.tls.crypto.TlsCryptoParameters;
import org.bouncycastle.tls.crypto.impl.bc.BcDefaultTlsCredentialedSigner;
import org.bouncycastle.tls.crypto.impl.bc.BcTlsCrypto;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.jitsi.nlj.dtls.DtlsUtils;
import org.jitsi.nlj.srtp.SrtpConfig;
import org.jitsi.nlj.srtp.SrtpProfileInformation;
import org.jitsi.nlj.srtp.SrtpUtil;
import org.jitsi.rtp.extensions.ByteBufferKt;
import org.jitsi.utils.logging2.Logger;
import org.jitsi.utils.logging2.LoggerExtensionsKt;

/* compiled from: TlsClientImpl.kt */
@SuppressFBWarnings(value = {"NP_ALWAYS_NULL"}, justification = "False positives with 'lateinit'.")
@Metadata(mv = {2, 0, 0}, k = 1, xi = 48, d1 = {"��z\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0010\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0012\n\u0002\b\u0005\n\u0002\u0010\b\n\u0002\b\u0006\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u0015\n\u0002\b\u0003\n\u0002\u0010\u0011\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\n\n\u0002\b\u0002\n\u0002\u0010\u000e\n��\n\u0002\u0010\u0003\n\u0002\b\u0002\b\u0007\u0018��2\u00020\u0001B-\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0014\u0010\u0004\u001a\u0010\u0012\u0006\u0012\u0004\u0018\u00010\u0006\u0012\u0004\u0012\u00020\u00070\u0005\u0012\u0006\u0010\b\u001a\u00020\t¢\u0006\u0004\b\n\u0010\u000bJ\n\u0010\u001d\u001a\u0004\u0018\u00010\u000eH\u0016J\b\u0010\u001e\u001a\u00020\u001fH\u0016J\u0010\u0010 \u001a\n\u0012\u0002\b\u0003\u0012\u0002\b\u00030!H\u0016J\u001a\u0010\"\u001a\u00020\u00072\u0010\u0010#\u001a\f\u0012\u0002\b\u0003\u0012\u0002\b\u0003\u0018\u00010!H\u0016J\b\u0010$\u001a\u00020%H\u0016J\b\u0010&\u001a\u00020\u0018H\u0016J\b\u0010'\u001a\u00020\u0007H\u0016J\u0013\u0010(\u001a\b\u0012\u0004\u0012\u00020*0)H\u0014¢\u0006\u0002\u0010+J,\u0010,\u001a\u00020\u00072\u0006\u0010-\u001a\u00020.2\u0006\u0010/\u001a\u00020.2\b\u00100\u001a\u0004\u0018\u0001012\b\u00102\u001a\u0004\u0018\u000103H\u0016J\u0018\u00104\u001a\u00020\u00072\u0006\u0010-\u001a\u00020.2\u0006\u0010/\u001a\u00020.H\u0016R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n��R\u001c\u0010\u0004\u001a\u0010\u0012\u0006\u0012\u0004\u0018\u00010\u0006\u0012\u0004\u0012\u00020\u00070\u0005X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\f\u001a\u00020\tX\u0082\u0004¢\u0006\u0002\n��R\u0010\u0010\r\u001a\u0004\u0018\u00010\u000eX\u0082\u000e¢\u0006\u0002\n��R\u0010\u0010\u000f\u001a\u0004\u0018\u00010\u0010X\u0082\u000e¢\u0006\u0002\n��R\u001a\u0010\u0011\u001a\u00020\u0012X\u0086.¢\u0006\u000e\n��\u001a\u0004\b\u0013\u0010\u0014\"\u0004\b\u0015\u0010\u0016R\u001a\u0010\u0017\u001a\u00020\u0018X\u0086\u000e¢\u0006\u000e\n��\u001a\u0004\b\u0019\u0010\u001a\"\u0004\b\u001b\u0010\u001c¨\u00065"}, d2 = {"Lorg/jitsi/nlj/dtls/TlsClientImpl;", "Lorg/bouncycastle/tls/DefaultTlsClient;", "certificateInfo", "Lorg/jitsi/nlj/dtls/CertificateInfo;", "notifyServerCertificate", "Lkotlin/Function1;", "Lorg/bouncycastle/tls/Certificate;", "", "parentLogger", "Lorg/jitsi/utils/logging2/Logger;", "<init>", "(Lorg/jitsi/nlj/dtls/CertificateInfo;Lkotlin/jvm/functions/Function1;Lorg/jitsi/utils/logging2/Logger;)V", SentryEvent.JsonKeys.LOGGER, "session", "Lorg/bouncycastle/tls/TlsSession;", "clientCredentials", "Lorg/bouncycastle/tls/TlsCredentials;", "srtpKeyingMaterial", "", "getSrtpKeyingMaterial", "()[B", "setSrtpKeyingMaterial", "([B)V", "chosenSrtpProtectionProfile", "", "getChosenSrtpProtectionProfile", "()I", "setChosenSrtpProtectionProfile", "(I)V", "getSessionToResume", "getAuthentication", "Lorg/bouncycastle/tls/TlsAuthentication;", "getClientExtensions", "Ljava/util/Hashtable;", "processServerExtensions", "serverExtensions", "getCipherSuites", "", "getHandshakeTimeoutMillis", "notifyHandshakeComplete", "getSupportedVersions", "", "Lorg/bouncycastle/tls/ProtocolVersion;", "()[Lorg/bouncycastle/tls/ProtocolVersion;", "notifyAlertRaised", "alertLevel", "", "alertDescription", "message", "", ParameterNames.CAUSE, "", "notifyAlertReceived", "jitsi-media-transform"})
@SourceDebugExtension({"SMAP\nTlsClientImpl.kt\nKotlin\n*S Kotlin\n*F\n+ 1 TlsClientImpl.kt\norg/jitsi/nlj/dtls/TlsClientImpl\n+ 2 LoggerExtensions.kt\norg/jitsi/utils/logging2/LoggerExtensionsKt\n+ 3 DtlsUtils.kt\norg/jitsi/nlj/dtls/DtlsUtilsKt\n*L\n1#1,175:1\n57#2,4:176\n63#2,4:180\n63#2,4:184\n63#2,4:190\n57#2,2:202\n60#2:206\n57#2,4:210\n75#2:215\n76#2:218\n298#3,2:188\n301#3,8:194\n309#3,2:204\n314#3:207\n318#3,2:208\n320#3:214\n321#3,2:216\n325#3:219\n*S KotlinDebug\n*F\n+ 1 TlsClientImpl.kt\norg/jitsi/nlj/dtls/TlsClientImpl\n*L\n140#1:176,4\n145#1:180,4\n151#1:184,4\n170#1:190,4\n170#1:202,2\n170#1:206\n173#1:210,4\n173#1:215\n173#1:218\n170#1:188,2\n170#1:194,8\n170#1:204,2\n170#1:207\n173#1:208,2\n173#1:214\n173#1:216,2\n173#1:219\n*E\n"})
/* loaded from: input_file:classes/jvb/jitsi-videobridge-2.3-SNAPSHOT-jar-with-dependencies.jar:org/jitsi/nlj/dtls/TlsClientImpl.class */
public final class TlsClientImpl extends DefaultTlsClient {

    @NotNull
    private final CertificateInfo certificateInfo;

    @NotNull
    private final Function1<Certificate, Unit> notifyServerCertificate;

    @NotNull
    private final Logger logger;

    @Nullable
    private TlsSession session;

    @Nullable
    private TlsCredentials clientCredentials;
    public byte[] srtpKeyingMaterial;
    private int chosenSrtpProtectionProfile;

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    /* JADX WARN: Multi-variable type inference failed */
    public TlsClientImpl(@NotNull CertificateInfo certificateInfo, @NotNull Function1<? super Certificate, Unit> notifyServerCertificate, @NotNull Logger parentLogger) {
        super(DtlsUtilsKt.getBC_TLS_CRYPTO());
        Intrinsics.checkNotNullParameter(certificateInfo, "certificateInfo");
        Intrinsics.checkNotNullParameter(notifyServerCertificate, "notifyServerCertificate");
        Intrinsics.checkNotNullParameter(parentLogger, "parentLogger");
        this.certificateInfo = certificateInfo;
        this.notifyServerCertificate = notifyServerCertificate;
        this.logger = LoggerExtensionsKt.createChildLogger$default(this, parentLogger, null, 2, null);
    }

    @NotNull
    public final byte[] getSrtpKeyingMaterial() {
        byte[] bArr = this.srtpKeyingMaterial;
        if (bArr != null) {
            return bArr;
        }
        Intrinsics.throwUninitializedPropertyAccessException("srtpKeyingMaterial");
        return null;
    }

    public final void setSrtpKeyingMaterial(@NotNull byte[] bArr) {
        Intrinsics.checkNotNullParameter(bArr, "<set-?>");
        this.srtpKeyingMaterial = bArr;
    }

    public final int getChosenSrtpProtectionProfile() {
        return this.chosenSrtpProtectionProfile;
    }

    public final void setChosenSrtpProtectionProfile(int i) {
        this.chosenSrtpProtectionProfile = i;
    }

    @Override // org.bouncycastle.tls.AbstractTlsClient, org.bouncycastle.tls.TlsClient
    @Nullable
    public TlsSession getSessionToResume() {
        return this.session;
    }

    @Override // org.bouncycastle.tls.TlsClient
    @NotNull
    public TlsAuthentication getAuthentication() {
        return new TlsAuthentication() { // from class: org.jitsi.nlj.dtls.TlsClientImpl$getAuthentication$1
            @Override // org.bouncycastle.tls.TlsAuthentication
            public TlsCredentials getClientCredentials(CertificateRequest certificateRequest) {
                TlsCredentials tlsCredentials;
                TlsCredentials tlsCredentials2;
                TlsClientContext tlsClientContext;
                TlsClientContext tlsClientContext2;
                CertificateInfo certificateInfo;
                CertificateInfo certificateInfo2;
                TlsClientContext tlsClientContext3;
                Intrinsics.checkNotNullParameter(certificateRequest, "certificateRequest");
                tlsCredentials = TlsClientImpl.this.clientCredentials;
                if (tlsCredentials == null) {
                    TlsClientImpl tlsClientImpl = TlsClientImpl.this;
                    tlsClientContext = ((DefaultTlsClient) TlsClientImpl.this).context;
                    TlsCryptoParameters tlsCryptoParameters = new TlsCryptoParameters(tlsClientContext);
                    tlsClientContext2 = ((DefaultTlsClient) TlsClientImpl.this).context;
                    TlsCrypto crypto = tlsClientContext2.getCrypto();
                    Intrinsics.checkNotNull(crypto, "null cannot be cast to non-null type org.bouncycastle.tls.crypto.impl.bc.BcTlsCrypto");
                    BcTlsCrypto bcTlsCrypto = (BcTlsCrypto) crypto;
                    certificateInfo = TlsClientImpl.this.certificateInfo;
                    AsymmetricKeyParameter createKey = PrivateKeyFactory.createKey(certificateInfo.getKeyPair().getPrivate().getEncoded());
                    certificateInfo2 = TlsClientImpl.this.certificateInfo;
                    Certificate certificate = certificateInfo2.getCertificate();
                    tlsClientContext3 = ((DefaultTlsClient) TlsClientImpl.this).context;
                    tlsClientImpl.clientCredentials = new BcDefaultTlsCredentialedSigner(tlsCryptoParameters, bcTlsCrypto, createKey, certificate, TlsUtils.isSignatureAlgorithmsExtensionAllowed(tlsClientContext3.getServerVersion()) ? new SignatureAndHashAlgorithm((short) 4, (short) 3) : null);
                }
                tlsCredentials2 = TlsClientImpl.this.clientCredentials;
                Intrinsics.checkNotNull(tlsCredentials2);
                return tlsCredentials2;
            }

            @Override // org.bouncycastle.tls.TlsAuthentication
            public void notifyServerCertificate(TlsServerCertificate serverCertificate) {
                Function1 function1;
                Intrinsics.checkNotNullParameter(serverCertificate, "serverCertificate");
                function1 = TlsClientImpl.this.notifyServerCertificate;
                function1.invoke(serverCertificate.getCertificate());
            }
        };
    }

    @Override // org.bouncycastle.tls.AbstractTlsClient, org.bouncycastle.tls.TlsClient
    @NotNull
    public Hashtable<?, ?> getClientExtensions() {
        Hashtable<?, ?> clientExtensions = super.getClientExtensions();
        if (TlsSRTPUtils.getUseSRTPExtension(clientExtensions) == null) {
            if (clientExtensions == null) {
                clientExtensions = new Hashtable<>();
            }
            TlsSRTPUtils.addUseSRTPExtension(clientExtensions, new UseSRTPData(CollectionsKt.toIntArray(SrtpConfig.Companion.getProtectionProfiles()), TlsUtils.EMPTY_BYTES));
        }
        clientExtensions.put(65281, new byte[]{0});
        Hashtable<?, ?> hashtable = clientExtensions;
        Intrinsics.checkNotNull(hashtable);
        return hashtable;
    }

    @Override // org.bouncycastle.tls.AbstractTlsClient, org.bouncycastle.tls.TlsClient
    public void processServerExtensions(@Nullable Hashtable<?, ?> hashtable) {
        int[] protectionProfiles = TlsSRTPUtils.getUseSRTPExtension(hashtable).getProtectionProfiles();
        DtlsUtils.Companion companion = DtlsUtils.Companion;
        List<Integer> protectionProfiles2 = SrtpConfig.Companion.getProtectionProfiles();
        Intrinsics.checkNotNull(protectionProfiles);
        this.chosenSrtpProtectionProfile = companion.chooseSrtpProtectionProfile(protectionProfiles2, ArraysKt.asIterable(protectionProfiles));
    }

    @Override // org.bouncycastle.tls.AbstractTlsClient, org.bouncycastle.tls.TlsPeer
    @NotNull
    public int[] getCipherSuites() {
        return CollectionsKt.toIntArray(DtlsConfig.Companion.getConfig().getCipherSuites());
    }

    @Override // org.bouncycastle.tls.AbstractTlsPeer, org.bouncycastle.tls.TlsPeer
    public int getHandshakeTimeoutMillis() {
        return (int) DtlsUtils.Companion.getConfig().getHandshakeTimeout().toMillis();
    }

    @Override // org.bouncycastle.tls.AbstractTlsPeer, org.bouncycastle.tls.TlsPeer
    public void notifyHandshakeComplete() {
        super.notifyHandshakeComplete();
        Logger logger = this.logger;
        if (logger.isInfoEnabled()) {
            logger.info("Negotiated DTLS version " + this.context.getSecurityParameters().getNegotiatedVersion());
        }
        TlsSession resumableSession = this.context.getResumableSession();
        if (resumableSession != null) {
            TlsSession tlsSession = this.session;
            if (tlsSession != null) {
                byte[] sessionID = tlsSession.getSessionID();
                if (sessionID != null ? Arrays.equals(sessionID, resumableSession.getSessionID()) : false) {
                    Logger logger2 = this.logger;
                    if (logger2.isDebugEnabled()) {
                        ByteBuffer wrap = ByteBuffer.wrap(resumableSession.getSessionID());
                        Intrinsics.checkNotNullExpressionValue(wrap, "wrap(...)");
                        logger2.debug("Resumed DTLS session " + ByteBufferKt.toHex(wrap));
                    }
                }
            } else {
                TlsClientImpl tlsClientImpl = this;
                Logger logger3 = tlsClientImpl.logger;
                if (logger3.isDebugEnabled()) {
                    ByteBuffer wrap2 = ByteBuffer.wrap(resumableSession.getSessionID());
                    Intrinsics.checkNotNullExpressionValue(wrap2, "wrap(...)");
                    logger3.debug("Established DTLS session " + ByteBufferKt.toHex(wrap2));
                }
                tlsClientImpl.session = resumableSession;
            }
        }
        SrtpProfileInformation srtpProfileInformationFromSrtpProtectionProfile = SrtpUtil.Companion.getSrtpProfileInformationFromSrtpProtectionProfile(this.chosenSrtpProtectionProfile);
        setSrtpKeyingMaterial(this.context.exportKeyingMaterial(ExporterLabel.dtls_srtp, null, 2 * (srtpProfileInformationFromSrtpProtectionProfile.getCipherKeyLength() + srtpProfileInformationFromSrtpProtectionProfile.getCipherSaltLength())));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.tls.AbstractTlsPeer
    @NotNull
    public ProtocolVersion[] getSupportedVersions() {
        return new ProtocolVersion[]{ProtocolVersion.DTLSv12};
    }

    @Override // org.bouncycastle.tls.AbstractTlsPeer, org.bouncycastle.tls.TlsPeer
    public void notifyAlertRaised(short s, short s2, @Nullable String str, @Nullable Throwable th) {
        Logger logger = this.logger;
        if (s2 == 0) {
            if (logger.isDebugEnabled()) {
                logger.debug("close_notify raised, connection closing");
                return;
            }
            return;
        }
        StringBuffer stringBuffer = new StringBuffer();
        Iterator it = ArrayIteratorKt.iterator(new Exception().getStackTrace());
        while (it.hasNext()) {
            Appendable append = stringBuffer.append((CharSequence) ((StackTraceElement) it.next()).toString());
            Intrinsics.checkNotNullExpressionValue(append, "append(...)");
            Intrinsics.checkNotNullExpressionValue(append.append('\n'), "append(...)");
        }
        String stringBuffer2 = stringBuffer.toString();
        Intrinsics.checkNotNullExpressionValue(stringBuffer2, "with(...)");
        if (logger.isInfoEnabled()) {
            logger.info("Alert raised: level=" + s + ", description=" + s2 + ", message=" + str + " cause=" + th + " " + stringBuffer2);
        }
    }

    @Override // org.bouncycastle.tls.AbstractTlsPeer, org.bouncycastle.tls.TlsPeer
    public void notifyAlertReceived(short s, short s2) {
        Logger logger = this.logger;
        if (s2 != 0) {
            logger.error("Alert received: level=" + s + ", description=" + s2 + " (" + AlertDescription.getName(s2) + ")");
        } else if (logger.isInfoEnabled()) {
            logger.info("close_notify received, connection closing");
        }
    }
}
