package net.bruestel.homeconnect.haproxy.service.websocket;

import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Base64;
import java.util.HashMap;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import lombok.Generated;
import net.bruestel.homeconnect.haproxy.service.websocket.client.AesWebSocketClient;
import org.apache.tomcat.util.buf.HexUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.socket.BinaryMessage;
import org.springframework.web.socket.WebSocketSession;

/* loaded from: input_file:BOOT-INF/classes/net/bruestel/homeconnect/haproxy/service/websocket/AesProxyService.class */
public class AesProxyService {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) AesProxyService.class);
    private static final String HMAC_SHA_256 = "HmacSHA256";
    private static final String AES_CBC_NO_PADDING = "AES/CBC/NoPadding";
    private static final String AES = "AES";
    private static final String ENC = "ENC";
    private static final String MAC = "MAC";
    private final String homeApplianceWebsocketUri;
    private final Cipher aesAppDecrypt;
    private final Cipher aesApplianceDecrypt;
    private final byte[] iv;
    private final byte[] macKey;
    private final HashMap<String, AesWebSocketClient> homeApplianceClientMap = new HashMap<>();
    private byte[] lastRxHmac;
    private byte[] lastTxHmac;
    private final WebSocketProxyServiceListener listener;
    private WebSocketSession appWebSocketSession;

    public AesProxyService(String str, String str2, String str3, WebSocketProxyServiceListener webSocketProxyServiceListener) {
        this.homeApplianceWebsocketUri = str;
        this.listener = webSocketProxyServiceListener;
        try {
            byte[] decode = Base64.getUrlDecoder().decode(str2);
            this.iv = Base64.getUrlDecoder().decode(str3);
            SecretKeySpec secretKeySpec = new SecretKeySpec(hmac(decode, ENC.getBytes(StandardCharsets.UTF_8)), AES);
            IvParameterSpec ivParameterSpec = new IvParameterSpec(this.iv);
            this.aesAppDecrypt = Cipher.getInstance(AES_CBC_NO_PADDING);
            this.aesAppDecrypt.init(2, secretKeySpec, ivParameterSpec);
            this.aesApplianceDecrypt = Cipher.getInstance(AES_CBC_NO_PADDING);
            this.aesApplianceDecrypt.init(2, secretKeySpec, ivParameterSpec);
            this.macKey = hmac(decode, MAC.getBytes(StandardCharsets.UTF_8));
            this.lastRxHmac = new byte[16];
            this.lastTxHmac = new byte[16];
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            log.atError().log("Error initializing AES", e);
            throw new IllegalStateException(e);
        }
    }

    public void appConnectionEstablished(String str) {
        log.atInfo().log("[App] Connection established (appSessionId={}).", str);
        log.atInfo().log("[HA ] Connect to home appliance ({})...", this.homeApplianceWebsocketUri);
        AesWebSocketClient aesWebSocketClient = new AesWebSocketClient(this);
        this.homeApplianceClientMap.put(str, aesWebSocketClient);
        aesWebSocketClient.connect(this.homeApplianceWebsocketUri);
    }

    public void applianceConnectionEstablished(String str) {
        log.atInfo().log("[HA ] Connection established (applianceSessionId={}).", str);
    }

    public void receivedMessageFromAppliance(String str, byte[] bArr) {
        try {
            String str2 = new String(decryptApplianceMessage(bArr), StandardCharsets.UTF_8);
            log.atInfo().addArgument(str2).addArgument(str).log("[HA ] Received message from home appliance (message={}, applianceSessionId={}). ");
            this.listener.onApplianceMessage(str2);
        } catch (InvalidKeyException | NoSuchAlgorithmException e) {
            log.atError().log("Error decrypting message from appliance", e);
        }
        try {
            log.atDebug().log("[App] Forward message to app.");
            this.appWebSocketSession.sendMessage(new BinaryMessage(ByteBuffer.wrap(bArr)));
        } catch (IOException e2) {
            log.atError().log("Error forwarding message to app", e2);
        }
    }

    public void receivedMessageFromApp(String str, byte[] bArr) {
        try {
            String str2 = new String(decryptAppMessage(bArr), StandardCharsets.UTF_8);
            log.atInfo().addArgument(str2).addArgument(str).log("[App] Received message from app (message={}, appSessionId={}). ");
            this.listener.onAppMessage(str2);
        } catch (InvalidKeyException | NoSuchAlgorithmException e) {
            log.atError().log("Error decrypting message from app", e);
        }
        log.atDebug().log("[HA ] Forward message to home appliance.");
        this.homeApplianceClientMap.get(str).sendBinaryMessage(bArr);
    }

    public void appConnectionClosed(String str, int i, String str2) {
        log.atInfo().log("[App] Connection closed (appSessionId={}, code={}, reason={}).", str, Integer.valueOf(i), str2);
        if (this.homeApplianceClientMap.containsKey(str)) {
            AesWebSocketClient aesWebSocketClient = this.homeApplianceClientMap.get(str);
            log.atInfo().log("[HA ] Close home appliance connection.");
            this.homeApplianceClientMap.remove(str);
            aesWebSocketClient.close();
        }
    }

    public void applianceConnectionClosed(String str, int i, String str2) {
        log.atInfo().log("[HA ] Connection closed (applianceSessionId={}, code={}, reason={}).", str, Integer.valueOf(i), str2);
        if (this.appWebSocketSession == null || !this.appWebSocketSession.isOpen()) {
            return;
        }
        log.atInfo().log("[App] Close app connection.");
        try {
            this.appWebSocketSession.close();
        } catch (IOException e) {
            log.atError().log("Error closing app connection", e);
        }
    }

    private byte[] hmac(byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException, InvalidKeyException {
        Mac mac = Mac.getInstance(HMAC_SHA_256);
        mac.init(new SecretKeySpec(bArr, HMAC_SHA_256));
        return mac.doFinal(bArr2);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v5, types: [byte[], byte[][]] */
    private byte[] decryptApplianceMessage(byte[] bArr) throws NoSuchAlgorithmException, InvalidKeyException {
        byte[] copyOfRange = Arrays.copyOfRange(bArr, 0, bArr.length - 16);
        byte[] copyOfRange2 = Arrays.copyOfRange(bArr, bArr.length - 16, bArr.length);
        byte[] createHmacMessage = createHmacMessage(concatenateByteArrays(new byte[]{new byte[]{67}, this.lastRxHmac}), copyOfRange);
        if (!Arrays.equals(copyOfRange2, createHmacMessage)) {
            log.error("HMAC failure! appliance={} ourHmac={}, msgLength={}", HexUtils.toHexString(copyOfRange2), HexUtils.toHexString(createHmacMessage), Integer.valueOf(bArr.length));
        }
        this.lastRxHmac = copyOfRange2;
        byte[] update = this.aesApplianceDecrypt.update(copyOfRange);
        int i = update[update.length - 1] & 255;
        if (update.length < i) {
            log.error("Padding error! {}", HexUtils.toHexString(update));
        }
        log.trace("padding length={}", Integer.valueOf(i));
        return Arrays.copyOfRange(update, 0, update.length - i);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v5, types: [byte[], byte[][]] */
    private byte[] decryptAppMessage(byte[] bArr) throws NoSuchAlgorithmException, InvalidKeyException {
        byte[] copyOfRange = Arrays.copyOfRange(bArr, 0, bArr.length - 16);
        byte[] copyOfRange2 = Arrays.copyOfRange(bArr, bArr.length - 16, bArr.length);
        byte[] createHmacMessage = createHmacMessage(concatenateByteArrays(new byte[]{new byte[]{69}, this.lastTxHmac}), copyOfRange);
        if (!Arrays.equals(copyOfRange2, createHmacMessage)) {
            log.error("HMAC failure! appliance={} ourHmac={}, msgLength={}", HexUtils.toHexString(copyOfRange2), HexUtils.toHexString(createHmacMessage), Integer.valueOf(bArr.length));
        }
        this.lastTxHmac = copyOfRange2;
        byte[] update = this.aesAppDecrypt.update(copyOfRange);
        int i = update[update.length - 1] & 255;
        if (update.length < i) {
            log.error("Padding error! {}", HexUtils.toHexString(update));
        }
        log.trace("padding length={}", Integer.valueOf(i));
        return Arrays.copyOfRange(update, 0, update.length - i);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v1, types: [byte[], byte[][]] */
    private byte[] createHmacMessage(byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException, InvalidKeyException {
        return Arrays.copyOfRange(hmac(this.macKey, concatenateByteArrays(new byte[]{this.iv, bArr, bArr2})), 0, 16);
    }

    private byte[] concatenateByteArrays(byte[]... bArr) {
        int i = 0;
        for (byte[] bArr2 : bArr) {
            i += bArr2.length;
        }
        byte[] bArr3 = new byte[i];
        int i2 = 0;
        for (byte[] bArr4 : bArr) {
            System.arraycopy(bArr4, 0, bArr3, i2, bArr4.length);
            i2 += bArr4.length;
        }
        return bArr3;
    }

    @Generated
    public void setAppWebSocketSession(WebSocketSession webSocketSession) {
        this.appWebSocketSession = webSocketSession;
    }
}
