package org.eclipse.californium.scandium.dtls;

import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.SecureRandom;
import org.eclipse.californium.elements.util.StringUtil;
import org.eclipse.californium.scandium.config.DtlsConnectorConfig;
import org.eclipse.californium.scandium.dtls.AlertMessage;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/californium/scandium/dtls/ResumingClientHandshaker.class */
public class ResumingClientHandshaker extends ClientHandshaker {
    private static final Logger LOGGER = LoggerFactory.getLogger(ResumingClientHandshaker.class.getName());
    private boolean fullHandshake;
    private DTLSFlight lastFlight;

    public ResumingClientHandshaker(DTLSSession dTLSSession, RecordLayer recordLayer, Connection connection, DtlsConnectorConfig dtlsConnectorConfig, int i) {
        super(dTLSSession, recordLayer, connection, dtlsConnectorConfig, i);
        this.fullHandshake = false;
        if (dTLSSession.getSessionIdentifier() == null) {
            throw new IllegalArgumentException("Session must contain the ID of the session to resume");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.eclipse.californium.scandium.dtls.ClientHandshaker, org.eclipse.californium.scandium.dtls.Handshaker
    public void doProcessMessage(DTLSMessage dTLSMessage) throws HandshakeException, GeneralSecurityException {
        ConnectionIdExtension connectionIdExtension;
        if (this.fullHandshake) {
            super.doProcessMessage(dTLSMessage);
            return;
        }
        if (this.lastFlight != null) {
            LOGGER.debug("Received server's [{}] FINISHED message again, retransmitting last flight...", dTLSMessage.getPeer());
            this.lastFlight.incrementTries();
            this.lastFlight.setNewSequenceNumbers();
            sendFlight(this.lastFlight);
            return;
        }
        if (LOGGER.isDebugEnabled()) {
            StringBuilder sb = new StringBuilder();
            sb.append("Processing {} message from peer [{}]");
            if (LOGGER.isTraceEnabled()) {
                sb.append(":").append(StringUtil.lineSeparator()).append(dTLSMessage);
            }
            LOGGER.debug(sb.toString(), dTLSMessage.getContentType(), dTLSMessage.getPeer());
        }
        switch (dTLSMessage.getContentType()) {
            case CHANGE_CIPHER_SPEC:
                calculateKeys(this.session.getMasterSecret());
                setCurrentReadState();
                LOGGER.debug("Processed {} message from peer [{}]", dTLSMessage.getContentType(), dTLSMessage.getPeer());
                return;
            case HANDSHAKE:
                HandshakeMessage handshakeMessage = (HandshakeMessage) dTLSMessage;
                switch (handshakeMessage.getMessageType()) {
                    case HELLO_VERIFY_REQUEST:
                        receivedHelloVerifyRequest((HelloVerifyRequest) dTLSMessage);
                        break;
                    case SERVER_HELLO:
                        ServerHello serverHello = (ServerHello) dTLSMessage;
                        if (!this.session.getSessionIdentifier().equals(serverHello.getSessionId())) {
                            LOGGER.debug("Server [{}] refuses to resume session [{}], performing full handshake instead...", serverHello.getPeer(), this.session.getSessionIdentifier());
                            this.fullHandshake = true;
                            super.receivedServerHello(serverHello);
                            return;
                        } else {
                            if (!serverHello.getCompressionMethod().equals(this.session.getCompressionMethod())) {
                                throw new HandshakeException("Server wants to change compression method in resumed session", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.ILLEGAL_PARAMETER, serverHello.getPeer()));
                            }
                            if (!serverHello.getCipherSuite().equals(this.session.getCipherSuite())) {
                                throw new HandshakeException("Server wants to change cipher suite in resumed session", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.ILLEGAL_PARAMETER, serverHello.getPeer()));
                            }
                            this.serverHello = serverHello;
                            this.serverRandom = serverHello.getRandom();
                            if (this.connectionIdLength != null && (connectionIdExtension = serverHello.getConnectionIdExtension()) != null) {
                                this.session.setWriteConnectionId(connectionIdExtension.getConnectionId());
                            }
                            expectChangeCipherSpecMessage();
                            break;
                        }
                    case FINISHED:
                        receivedServerFinished((Finished) handshakeMessage);
                        break;
                    default:
                        throw new HandshakeException(String.format("Received unexpected handshake message [%s] from peer %s", handshakeMessage.getMessageType(), handshakeMessage.getPeer()), new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.UNEXPECTED_MESSAGE, handshakeMessage.getPeer()));
                }
                if (this.lastFlight == null) {
                    incrementNextReceiveSeq();
                }
                LOGGER.debug("Processed {} message with sequence no [{}] from peer [{}]", new Object[]{handshakeMessage.getMessageType(), Integer.valueOf(handshakeMessage.getMessageSeq()), handshakeMessage.getPeer()});
                return;
            default:
                throw new HandshakeException(String.format("Received unexpected message [%s] from peer %s", dTLSMessage.getContentType(), dTLSMessage.getPeer()), new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.HANDSHAKE_FAILURE, dTLSMessage.getPeer()));
        }
    }

    private void receivedServerFinished(Finished finished) throws HandshakeException {
        if (this.lastFlight != null) {
            return;
        }
        this.flightNumber += 2;
        DTLSFlight dTLSFlight = new DTLSFlight(getSession(), this.flightNumber);
        this.md.update(this.clientHello.toByteArray());
        this.md.update(this.serverHello.getRawMessage());
        try {
            MessageDigest messageDigest = (MessageDigest) this.md.clone();
            messageDigest.update(finished.getRawMessage());
            this.handshakeHash = this.md.digest();
            finished.verifyData(this.session.getMasterSecret(), false, this.handshakeHash);
            wrapMessage(dTLSFlight, new ChangeCipherSpecMessage(finished.getPeer()));
            setCurrentWriteState();
            this.handshakeHash = messageDigest.digest();
            wrapMessage(dTLSFlight, new Finished(this.session.getMasterSecret(), this.isClient, this.handshakeHash, finished.getPeer()));
            this.state = HandshakeType.FINISHED.getCode();
            dTLSFlight.setRetransmissionNeeded(false);
            this.lastFlight = dTLSFlight;
            sendFlight(dTLSFlight);
            sessionEstablished();
        } catch (CloneNotSupportedException e) {
            throw new HandshakeException("Cannot create FINISHED message hash", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.INTERNAL_ERROR, finished.getPeer()));
        }
    }

    @Override // org.eclipse.californium.scandium.dtls.ClientHandshaker, org.eclipse.californium.scandium.dtls.Handshaker
    public void startHandshake() throws HandshakeException {
        handshakeStarted();
        ClientHello clientHello = new ClientHello(new ProtocolVersion(), new SecureRandom(), this.session, this.supportedClientCertificateTypes, this.supportedServerCertificateTypes);
        this.clientRandom = clientHello.getRandom();
        clientHello.addCompressionMethod(this.session.getCompressionMethod());
        addConnectionId(clientHello);
        addMaxFragmentLength(clientHello);
        addServerNameIndication(clientHello);
        this.state = clientHello.getMessageType().getCode();
        this.clientHello = clientHello;
        this.flightNumber = 1;
        DTLSFlight dTLSFlight = new DTLSFlight(getSession(), this.flightNumber);
        wrapMessage(dTLSFlight, clientHello);
        sendFlight(dTLSFlight);
    }
}
