package org.snmp4j.transport;

import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.net.DatagramPacket;
import java.net.DatagramSocket;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.net.SocketTimeoutException;
import java.nio.ByteBuffer;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;
import org.snmp4j.SNMP4JSettings;
import org.snmp4j.TransportStateReference;
import org.snmp4j.event.CounterEvent;
import org.snmp4j.log.LogAdapter;
import org.snmp4j.log.LogFactory;
import org.snmp4j.mp.CounterSupport;
import org.snmp4j.mp.SnmpConstants;
import org.snmp4j.security.SecurityLevel;
import org.snmp4j.smi.Address;
import org.snmp4j.smi.DtlsAddress;
import org.snmp4j.smi.IpAddress;
import org.snmp4j.smi.OctetString;
import org.snmp4j.smi.UdpAddress;
import org.snmp4j.transport.tls.TLSTMTrustManagerFactory;
import org.snmp4j.transport.tls.TLSTMUtil;
import org.snmp4j.transport.tls.TlsTmSecurityCallback;
import org.snmp4j.transport.tls.X509TlsTransportMappingConfig;
import org.snmp4j.util.CommonTimer;
import org.snmp4j.util.SnmpConfigurator;
import org.snmp4j.util.ThreadPool;
import org.snmp4j.util.WorkerTask;

/*  JADX ERROR: NullPointerException in pass: ClassModifier
    java.lang.NullPointerException: Cannot invoke "java.util.List.forEach(java.util.function.Consumer)" because "blocks" is null
    	at jadx.core.utils.BlockUtils.collectAllInsns(BlockUtils.java:1017)
    	at jadx.core.dex.visitors.ClassModifier.removeBridgeMethod(ClassModifier.java:239)
    	at jadx.core.dex.visitors.ClassModifier.removeSyntheticMethods(ClassModifier.java:154)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.ClassModifier.visit(ClassModifier.java:64)
    */
/* loaded from: input_file:org/snmp4j/transport/DTLSTM.class */
public class DTLSTM extends DefaultUdpTransportMapping implements X509TlsTransportMappingConfig, ConnectionOrientedTransportMapping<UdpAddress> {
    private static final LogAdapter logger = LogFactory.getLogger(DTLSTM.class);
    public static final int MAX_HANDSHAKE_LOOPS = 100;
    public static final int DEFAULT_SOCKET_TIMEOUT = 5000;
    public static final int DEFAULT_HANDSHAKE_TIMEOUT = 5000;
    public static final int DEFAULT_CONNECTION_TIMEOUT = 300000;
    private static final int DEFAULT_DTLS_HANDSHAKE_THREADPOOL_SIZE = 2;
    private long nextSessionID;
    private Map<UdpAddress, SocketEntry> sockets;
    private CommonTimer socketCleaner;
    private SSLEngineConfigurator sslEngineConfigurator;
    private TlsTmSecurityCallback<X509Certificate> securityCallback;
    private CounterSupport counterSupport;
    private long connectionTimeout;
    private int handshakeTimeout;
    public static final String DEFAULT_DTLSTM_PROTOCOLS = "DTLSv1.2";
    public static final int MAX_TLS_PAYLOAD_SIZE = 65536;
    private String localCertificateAlias;
    private String keyStore;
    private String keyStorePassword;
    private String trustStore;
    private String trustStorePassword;
    private String[] dtlsProtocols;
    private TLSTMTrustManagerFactory trustManagerFactory;
    private ThreadPool dtlsHandshakeThreadPool;
    private int dtlsHandshakeThreadPoolSize;
    private boolean serverEnabled;
    private transient List<TransportStateListener> transportStateListeners;

    /* renamed from: org.snmp4j.transport.DTLSTM$1, reason: invalid class name */
    /* loaded from: input_file:org/snmp4j/transport/DTLSTM$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$Status = new int[SSLEngineResult.Status.values().length];

        static {
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.BUFFER_OVERFLOW.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
        }
    }

    /* loaded from: input_file:org/snmp4j/transport/DTLSTM$DefaultDTLSTMTrustManagerFactory.class */
    private class DefaultDTLSTMTrustManagerFactory implements TLSTMTrustManagerFactory {
        private DefaultDTLSTMTrustManagerFactory() {
        }

        @Override // org.snmp4j.transport.tls.TLSTMTrustManagerFactory
        public X509TrustManager create(X509TrustManager x509TrustManager, boolean z, TransportStateReference transportStateReference) {
            return new TlsTrustManager(x509TrustManager, z, transportStateReference);
        }

        /* synthetic */ DefaultDTLSTMTrustManagerFactory(DTLSTM dtlstm, AnonymousClass1 anonymousClass1) {
            this();
        }
    }

    /* loaded from: input_file:org/snmp4j/transport/DTLSTM$DefaultSSLEngineConfiguration.class */
    protected class DefaultSSLEngineConfiguration implements SSLEngineConfigurator {
        protected DefaultSSLEngineConfiguration() {
        }

        @Override // org.snmp4j.transport.DTLSTM.SSLEngineConfigurator
        public void configure(SSLEngine sSLEngine) {
            DTLSTM.logger.debug("Configuring SSL engine, supported protocols are " + Arrays.asList(sSLEngine.getSupportedProtocols()) + ", supported ciphers are " + Arrays.asList(sSLEngine.getSupportedCipherSuites()) + ", https defaults are " + System.getProperty("https.cipherSuites"));
            String[] enabledCipherSuites = sSLEngine.getEnabledCipherSuites();
            ArrayList arrayList = new ArrayList(enabledCipherSuites.length);
            for (String str : enabledCipherSuites) {
                if (!str.contains("_anon_") && !str.contains("_NULL_")) {
                    arrayList.add(str);
                }
            }
            sSLEngine.setEnabledCipherSuites((String[]) arrayList.toArray(new String[0]));
            sSLEngine.setEnabledProtocols(DTLSTM.this.getProtocolVersions());
            if (!sSLEngine.getUseClientMode()) {
                sSLEngine.setNeedClientAuth(true);
                sSLEngine.setWantClientAuth(true);
                DTLSTM.logger.info("Need client authentication set to true");
            }
            DTLSTM.logger.info("Configured SSL engine, enabled protocols are " + Arrays.asList(sSLEngine.getEnabledProtocols()) + ", enabled ciphers are " + Arrays.asList(sSLEngine.getEnabledCipherSuites()));
        }

        @Override // org.snmp4j.transport.DTLSTM.SSLEngineConfigurator
        public SSLContext getSSLContext(boolean z, TransportStateReference transportStateReference) {
            try {
                String str = DTLSTM.DEFAULT_DTLSTM_PROTOCOLS;
                if (DTLSTM.this.getProtocolVersions() != null && DTLSTM.this.getProtocolVersions().length > 0) {
                    str = DTLSTM.this.getProtocolVersions()[0];
                }
                return TLSTMUtil.createSSLContext(str, DTLSTM.this.getKeyStore(), DTLSTM.this.getKeyStorePassword(), DTLSTM.this.getTrustStore(), DTLSTM.this.getTrustStorePassword(), transportStateReference, DTLSTM.this.trustManagerFactory, z, DTLSTM.this.securityCallback, DTLSTM.this.localCertificateAlias);
            } catch (NoSuchAlgorithmException e) {
                DTLSTM.logger.error("Failed to initialize SSLContext because of an NoSuchAlgorithmException: " + e.getMessage(), e);
                return null;
            }
        }
    }

    /* loaded from: input_file:org/snmp4j/transport/DTLSTM$HandshakeTask.class */
    class HandshakeTask implements WorkerTask {
        private SocketEntry socketEntry;
        private DatagramSocket socket;
        private SocketAddress peerAddr;
        private DatagramPacket receivedPacket;
        private long handshakeTimeout;
        private int maxRetries;
        private boolean endLoops = false;
        private int retries = 0;

        public HandshakeTask(SocketEntry socketEntry, DatagramSocket datagramSocket, SocketAddress socketAddress, DatagramPacket datagramPacket, long j, int i) {
            this.socketEntry = socketEntry;
            this.socket = datagramSocket;
            this.peerAddr = socketAddress;
            this.receivedPacket = datagramPacket;
            this.handshakeTimeout = j;
            this.maxRetries = i;
        }

        @Override // java.lang.Runnable
        public void run() {
            ByteBuffer allocate;
            SSLEngineResult.Status status;
            this.socketEntry.setHandshakeFinished(false);
            DatagramPacket datagramPacket = this.receivedPacket;
            SSLEngine sSLEngine = this.socketEntry.sslEngine;
            sSLEngine.setEnableSessionCreation(true);
            boolean z = false;
            int i = 100;
            ByteBuffer byteBuffer = null;
            try {
                sSLEngine.beginHandshake();
                long nanoTime = System.nanoTime();
                long handshakeTimeout = this.handshakeTimeout <= 0 ? DTLSTM.this.getHandshakeTimeout() : this.handshakeTimeout;
                while (!z && !sSLEngine.isInboundDone() && DTLSTM.this.sockets.containsKey(this.socketEntry.getPeerAddress()) && (System.nanoTime() - nanoTime) / 1000000 < handshakeTimeout) {
                    i--;
                    if (i < 0) {
                        throw new IOException("DTLSTM: Too much loops to produce handshake packets");
                    }
                    SSLEngineResult.HandshakeStatus handshakeStatus = sSLEngine.getHandshakeStatus();
                    if (DTLSTM.logger.isDebugEnabled()) {
                        DTLSTM.logger.debug("Processing handshake status " + handshakeStatus + " in loop #" + (100 - i));
                    }
                    while (true) {
                        if (z || (handshakeStatus != SSLEngineResult.HandshakeStatus.NEED_UNWRAP && handshakeStatus != SSLEngineResult.HandshakeStatus.NEED_UNWRAP_AGAIN)) {
                            break;
                        }
                        if (handshakeStatus != SSLEngineResult.HandshakeStatus.NEED_UNWRAP_AGAIN) {
                            if (datagramPacket == null && (byteBuffer == null || !byteBuffer.hasRemaining())) {
                                if (DTLSTM.this.isListening()) {
                                    long nanoTime2 = handshakeTimeout - ((System.nanoTime() - nanoTime) / 1000000);
                                    if (nanoTime2 > 0) {
                                        synchronized (this.socketEntry) {
                                            try {
                                                if (this.socketEntry.inboundPacketQueue.isEmpty()) {
                                                    DTLSTM.logger.debug("Waiting for next handshake packet timeout=" + nanoTime2);
                                                    this.socketEntry.wait(handshakeTimeout);
                                                }
                                            } catch (InterruptedException e) {
                                            }
                                            synchronized (this.socketEntry.inboundLock) {
                                                datagramPacket = (DatagramPacket) this.socketEntry.inboundPacketQueue.pollFirst();
                                                if (DTLSTM.logger.isDebugEnabled() && datagramPacket != null) {
                                                    DTLSTM.logger.debug("Polled DTLS packet with length " + datagramPacket.getLength());
                                                }
                                            }
                                        }
                                    } else {
                                        z = true;
                                    }
                                    if (datagramPacket == null) {
                                    }
                                } else {
                                    byte[] bArr = new byte[DTLSTM.this.getMaxInboundMessageSize()];
                                    datagramPacket = new DatagramPacket(bArr, bArr.length);
                                    try {
                                        this.socket.receive(datagramPacket);
                                    } catch (SocketTimeoutException e2) {
                                        if (DTLSTM.logger.isInfoEnabled()) {
                                            DTLSTM.logger.info("Socket timeout while receiving DTLS handshake packet");
                                        }
                                        int i2 = this.maxRetries;
                                        int i3 = this.retries;
                                        this.retries = i3 + 1;
                                        if (i2 > i3) {
                                            synchronized (this.socketEntry.outboundLock) {
                                                for (DatagramPacket datagramPacket2 : DTLSTM.this.onReceiveTimeout(sSLEngine, this.peerAddr)) {
                                                    this.socket.send(datagramPacket2);
                                                    if (DTLSTM.logger.isDebugEnabled()) {
                                                        DTLSTM.logger.debug("Sent " + new OctetString(datagramPacket2.getData()).toHexString() + " to " + datagramPacket2.getAddress() + ":" + datagramPacket2.getPort());
                                                    }
                                                }
                                            }
                                        } else {
                                            z = true;
                                        }
                                    }
                                }
                            }
                            if (datagramPacket != null) {
                                if (byteBuffer == null || !byteBuffer.hasRemaining()) {
                                    byteBuffer = ByteBuffer.wrap(datagramPacket.getData(), 0, datagramPacket.getLength());
                                } else {
                                    byteBuffer.compact();
                                    byteBuffer.put(datagramPacket.getData(), 0, datagramPacket.getLength());
                                    byteBuffer.flip();
                                }
                            }
                            allocate = ByteBuffer.allocate(DTLSTM.this.getMaxInboundMessageSize());
                        } else {
                            allocate = ByteBuffer.allocate(DTLSTM.this.getMaxInboundMessageSize());
                        }
                        datagramPacket = null;
                        synchronized (this.socketEntry.inboundLock) {
                            if (DTLSTM.logger.isDebugEnabled()) {
                                DTLSTM.logger.debug("unrwap start: iNet=" + byteBuffer + ",iApp=" + allocate);
                            }
                            SSLEngineResult unwrap = sSLEngine.unwrap(byteBuffer, allocate);
                            status = unwrap.getStatus();
                            handshakeStatus = unwrap.getHandshakeStatus();
                            if (DTLSTM.logger.isDebugEnabled()) {
                                DTLSTM.logger.debug("unrwap done: iNet=" + byteBuffer + ",iApp=" + allocate + ",rs=" + status + ",hs=" + handshakeStatus);
                            }
                        }
                        if (status == SSLEngineResult.Status.BUFFER_OVERFLOW) {
                            throw new IOException("DTLSTM: Buffer overflow: incorrect client maximum fragment size");
                        }
                        if (status != SSLEngineResult.Status.BUFFER_UNDERFLOW) {
                            if (status == SSLEngineResult.Status.CLOSED) {
                                z = true;
                            }
                            if (status != SSLEngineResult.Status.OK) {
                                break;
                            }
                        } else {
                            DTLSTM.logger.warn("DTLS buffer underflow iNet=" + byteBuffer + ",iApp=" + allocate);
                            if (handshakeStatus == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                                z = true;
                                break;
                            }
                        }
                    }
                    if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_WRAP) {
                        synchronized (this.socketEntry.outboundLock) {
                            for (DatagramPacket datagramPacket3 : DTLSTM.this.produceHandshakePackets(sSLEngine, this.peerAddr)) {
                                if (DTLSTM.logger.isDebugEnabled()) {
                                    DTLSTM.logger.debug("Sending handshake packet with length " + datagramPacket3.getLength() + " [" + new OctetString(datagramPacket3.getData()).toHexString() + "] to " + datagramPacket3.getAddress() + ":" + datagramPacket3.getPort());
                                }
                                this.socket.send(datagramPacket3);
                            }
                        }
                    } else if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_TASK) {
                        DTLSTM.this.runDelegatedTasks(sSLEngine);
                    } else if (handshakeStatus == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                        z = true;
                    } else if (handshakeStatus == SSLEngineResult.HandshakeStatus.FINISHED) {
                        z = true;
                    }
                }
            } catch (IOException e3) {
                DTLSTM.logger.error("DTLS handshake failed for " + this.peerAddr + " failed with IO exception:" + e3.getMessage(), e3);
            }
            if (sSLEngine.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                DTLSTM.this.sockets.remove(this.socketEntry);
                DTLSTM.logger.error("DTLS handshake failed for " + this.peerAddr + ": Not ready for application data yet, giving up");
                this.socketEntry.closeSession();
            } else {
                this.socketEntry.setHandshakeFinished(true);
                if (DTLSTM.logger.isInfoEnabled()) {
                    DTLSTM.logger.info("SSL handshake completed for " + this.peerAddr);
                }
                DTLSTM.this.timeoutSocket(this.socketEntry);
                DTLSTM.this.fireConnectionStateChanged(new TransportStateEvent(DTLSTM.this, this.socketEntry.getPeerAddress(), 1, null));
            }
        }

        @Override // org.snmp4j.util.WorkerTask
        public void terminate() {
            this.endLoops = true;
        }

        @Override // org.snmp4j.util.WorkerTask
        public void join() throws InterruptedException {
            while (!this.endLoops) {
                Thread.sleep(10L);
            }
        }

        @Override // org.snmp4j.util.WorkerTask
        public void interrupt() {
            synchronized (this.socketEntry) {
                this.socketEntry.notify();
            }
        }
    }

    /* loaded from: input_file:org/snmp4j/transport/DTLSTM$SSLEngineConfigurator.class */
    interface SSLEngineConfigurator {
        void configure(SSLEngine sSLEngine);

        SSLContext getSSLContext(boolean z, TransportStateReference transportStateReference);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/snmp4j/transport/DTLSTM$SocketEntry.class */
    public class SocketEntry extends AbstractServerSocket<UdpAddress> {
        private SSLEngine sslEngine;
        private long sessionID;
        private TransportStateReference tmStateReference;
        private boolean handshakeFinished;
        private final Object outboundLock;
        private final Object inboundLock;
        private LinkedList<DatagramPacket> inboundPacketQueue;

        /*  JADX ERROR: JadxRuntimeException in pass: InlineMethods
            jadx.core.utils.exceptions.JadxRuntimeException: Failed to process method for inline: org.snmp4j.transport.DTLSTM.access$1008(org.snmp4j.transport.DTLSTM):long
            	at jadx.core.dex.visitors.InlineMethods.processInvokeInsn(InlineMethods.java:74)
            	at jadx.core.dex.visitors.InlineMethods.visit(InlineMethods.java:49)
            Caused by: jadx.core.utils.exceptions.JadxRuntimeException: Class not yet loaded at codegen stage: org.snmp4j.transport.DTLSTM
            	at jadx.core.dex.nodes.ClassNode.reloadAtCodegenStage(ClassNode.java:883)
            	at jadx.core.dex.visitors.InlineMethods.processInvokeInsn(InlineMethods.java:66)
            	... 1 more
            */
        public SocketEntry(org.snmp4j.smi.UdpAddress r8, boolean r9, org.snmp4j.TransportStateReference r10) throws java.security.NoSuchAlgorithmException {
            /*
                r6 = this;
                r0 = r6
                r1 = r7
                org.snmp4j.transport.DTLSTM.this = r1
                r0 = r6
                r1 = r8
                r0.<init>(r1)
                r0 = r6
                java.lang.Object r1 = new java.lang.Object
                r2 = r1
                r2.<init>()
                r0.outboundLock = r1
                r0 = r6
                java.lang.Object r1 = new java.lang.Object
                r2 = r1
                r2.<init>()
                r0.inboundLock = r1
                r0 = r6
                java.util.LinkedList r1 = new java.util.LinkedList
                r2 = r1
                r2.<init>()
                r0.inboundPacketQueue = r1
                r0 = r6
                r1 = r10
                r0.tmStateReference = r1
                r0 = r10
                if (r0 != 0) goto L48
                r0 = r7
                org.snmp4j.mp.CounterSupport r0 = org.snmp4j.transport.DTLSTM.access$800(r0)
                org.snmp4j.event.CounterEvent r1 = new org.snmp4j.event.CounterEvent
                r2 = r1
                r3 = r6
                org.snmp4j.smi.OID r4 = org.snmp4j.mp.SnmpConstants.snmpTlstmSessionAccepts
                r2.<init>(r3, r4)
                r0.fireIncrementCounter(r1)
            L48:
                r0 = r7
                org.snmp4j.transport.DTLSTM$SSLEngineConfigurator r0 = org.snmp4j.transport.DTLSTM.access$900(r0)
                r1 = r9
                r2 = r10
                javax.net.ssl.SSLContext r0 = r0.getSSLContext(r1, r2)
                r11 = r0
                r0 = r11
                if (r0 != 0) goto L65
                java.lang.RuntimeException r0 = new java.lang.RuntimeException
                r1 = r0
                java.lang.String r2 = "Failed to initialize SSLContext"
                r1.<init>(r2)
                throw r0
            L65:
                r0 = r6
                r1 = r11
                r2 = r8
                java.net.InetAddress r2 = r2.getInetAddress()
                java.lang.String r2 = r2.getHostName()
                r3 = r8
                int r3 = r3.getPort()
                javax.net.ssl.SSLEngine r1 = r1.createSSLEngine(r2, r3)
                r0.sslEngine = r1
                r0 = r6
                javax.net.ssl.SSLEngine r0 = r0.sslEngine
                r1 = r9
                r0.setUseClientMode(r1)
                r0 = r6
                javax.net.ssl.SSLEngine r0 = r0.sslEngine
                r1 = 0
                r0.setNeedClientAuth(r1)
                r0 = r6
                javax.net.ssl.SSLEngine r0 = r0.sslEngine
                javax.net.ssl.SSLParameters r0 = r0.getSSLParameters()
                r12 = r0
                r0 = r12
                r1 = r7
                int r1 = r1.getMaxInboundMessageSize()
                r0.setMaximumPacketSize(r1)
                r0 = r6
                javax.net.ssl.SSLEngine r0 = r0.sslEngine
                r1 = r12
                r0.setSSLParameters(r1)
                r0 = r7
                org.snmp4j.transport.DTLSTM$SSLEngineConfigurator r0 = org.snmp4j.transport.DTLSTM.access$900(r0)
                r1 = r6
                javax.net.ssl.SSLEngine r1 = r1.sslEngine
                r0.configure(r1)
                r0 = r7
                r1 = r0
                r13 = r1
                monitor-enter(r0)
                r0 = r6
                r1 = r7
                long r1 = org.snmp4j.transport.DTLSTM.access$1008(r1)     // Catch: java.lang.Throwable -> Lc4
                r0.sessionID = r1     // Catch: java.lang.Throwable -> Lc4
                r0 = r13
                monitor-exit(r0)     // Catch: java.lang.Throwable -> Lc4
                goto Lcc
            Lc4:
                r14 = move-exception
                r0 = r13
                monitor-exit(r0)     // Catch: java.lang.Throwable -> Lc4
                r0 = r14
                throw r0
            Lcc:
                return
            */
            throw new UnsupportedOperationException("Method not decompiled: org.snmp4j.transport.DTLSTM.SocketEntry.<init>(org.snmp4j.transport.DTLSTM, org.snmp4j.smi.UdpAddress, boolean, org.snmp4j.TransportStateReference):void");
        }

        public String toString() {
            return "SocketEntry[peerAddress=" + getPeerAddress() + ",socket=" + DTLSTM.this.socket + ",lastUse=" + new Date(getLastUse() / 1000000) + "]";
        }

        public void checkTransportStateReference(TransportStateReference transportStateReference) {
            transportStateReference.setTransport(DTLSTM.this);
            transportStateReference.setRequestedSecurityLevel(SecurityLevel.authPriv);
            if (transportStateReference.getTransportSecurityLevel().equals(SecurityLevel.undefined)) {
                transportStateReference.setTransportSecurityLevel(SecurityLevel.authPriv);
            }
            OctetString securityName = transportStateReference.getSecurityName();
            if (DTLSTM.this.securityCallback != null) {
                try {
                    securityName = DTLSTM.this.securityCallback.getSecurityName((X509Certificate[]) this.sslEngine.getSession().getPeerCertificates());
                } catch (SSLPeerUnverifiedException e) {
                    DTLSTM.logger.error("SSL peer '" + getPeerAddress() + "' is not verified: " + e.getMessage(), e);
                    this.sslEngine.setEnableSessionCreation(false);
                }
            } else if (securityName == null) {
                DTLSTM.logger.warn("No security callback configured to match DTLS peer certificate to local security name");
            }
            transportStateReference.setSecurityName(securityName);
        }

        @Override // org.snmp4j.transport.AbstractServerSocket
        public boolean isHandshakeFinished() {
            return this.handshakeFinished;
        }

        @Override // org.snmp4j.transport.AbstractServerSocket
        public void setHandshakeFinished(boolean z) {
            this.handshakeFinished = z;
        }

        public long getSessionID() {
            return this.sessionID;
        }

        public void closeSession() {
            SSLEngineResult wrap;
            this.sslEngine.closeOutbound();
            DTLSTM.this.counterSupport.fireIncrementCounter(new CounterEvent(this, SnmpConstants.snmpTlstmSessionServerCloses));
            ByteBuffer allocate = ByteBuffer.allocate(DTLSTM.this.getMaxInboundMessageSize());
            do {
                try {
                    wrap = this.sslEngine.wrap(ByteBuffer.allocate(0), allocate);
                    allocate.flip();
                    DTLSTM.this.socket.send(new DatagramPacket(allocate.array(), allocate.limit(), getPeerAddress().getInetAddress(), getPeerAddress().getPort()));
                    if (wrap.getStatus() == SSLEngineResult.Status.CLOSED) {
                        break;
                    }
                } catch (Exception e) {
                    DTLSTM.logger.error("DTLSM: Exception while closing TLS session " + this + ": " + e.getMessage(), e);
                }
            } while (wrap.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_WRAP);
            DTLSTM.this.fireConnectionStateChanged(new TransportStateEvent(DTLSTM.this, getPeerAddress(), 4, null));
        }
    }

    /* loaded from: input_file:org/snmp4j/transport/DTLSTM$TlsTrustManager.class */
    protected class TlsTrustManager implements X509TrustManager {
        X509TrustManager trustManager;
        private boolean useClientMode;
        private TransportStateReference tmStateReference;

        protected TlsTrustManager(X509TrustManager x509TrustManager, boolean z, TransportStateReference transportStateReference) {
            this.trustManager = x509TrustManager;
            this.useClientMode = z;
            this.tmStateReference = transportStateReference;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (this.tmStateReference == null || this.tmStateReference.getCertifiedIdentity() == null || !isMatchingFingerprint(x509CertificateArr, this.tmStateReference.getCertifiedIdentity().getClientFingerprint())) {
                TlsTmSecurityCallback tlsTmSecurityCallback = DTLSTM.this.securityCallback;
                if (!this.useClientMode && tlsTmSecurityCallback != null && tlsTmSecurityCallback.isClientCertificateAccepted(x509CertificateArr[0])) {
                    if (DTLSTM.logger.isInfoEnabled()) {
                        DTLSTM.logger.info("Client is trusted with certificate '" + x509CertificateArr[0] + "'");
                    }
                } else {
                    try {
                        this.trustManager.checkClientTrusted(x509CertificateArr, str);
                    } catch (CertificateException e) {
                        DTLSTM.this.counterSupport.fireIncrementCounter(new CounterEvent(this, SnmpConstants.snmpTlstmSessionOpenErrors));
                        DTLSTM.this.counterSupport.fireIncrementCounter(new CounterEvent(this, SnmpConstants.snmpTlstmSessionInvalidClientCertificates));
                        DTLSTM.logger.warn("Client certificate validation failed for '" + x509CertificateArr[0] + "'");
                        throw e;
                    }
                }
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            X500Principal subjectX500Principal;
            if (this.tmStateReference.getCertifiedIdentity() == null || !isMatchingFingerprint(x509CertificateArr, this.tmStateReference.getCertifiedIdentity().getServerFingerprint())) {
                Object obj = null;
                try {
                    obj = TLSTMUtil.getSubjAltName(x509CertificateArr[0].getSubjectAlternativeNames(), 2);
                } catch (CertificateParsingException e) {
                    DTLSTM.logger.error("CertificateParsingException while verifying server certificate " + Arrays.asList(x509CertificateArr));
                }
                if (obj == null && (subjectX500Principal = x509CertificateArr[0].getSubjectX500Principal()) != null) {
                    obj = subjectX500Principal.getName();
                }
                if (obj != null) {
                    String lowerCase = ((String) obj).toLowerCase();
                    String canonicalHostName = ((IpAddress) this.tmStateReference.getAddress()).getInetAddress().getCanonicalHostName();
                    if (lowerCase.length() > 0) {
                        if (lowerCase.charAt(0) == '*') {
                            canonicalHostName = canonicalHostName.substring(canonicalHostName.indexOf(46));
                            lowerCase = lowerCase.substring(1);
                        }
                        if (canonicalHostName.equalsIgnoreCase(lowerCase)) {
                            if (DTLSTM.logger.isInfoEnabled()) {
                                DTLSTM.logger.info("Peer hostname " + canonicalHostName + " matches dNSName " + lowerCase);
                                return;
                            }
                            return;
                        }
                    }
                    if (DTLSTM.logger.isDebugEnabled()) {
                        DTLSTM.logger.debug("Peer hostname " + canonicalHostName + " did not match dNSName " + lowerCase);
                    }
                }
                try {
                    this.trustManager.checkServerTrusted(x509CertificateArr, str);
                    TlsTmSecurityCallback tlsTmSecurityCallback = DTLSTM.this.securityCallback;
                    if (!this.useClientMode || tlsTmSecurityCallback == null || tlsTmSecurityCallback.isServerCertificateAccepted(x509CertificateArr)) {
                        return;
                    }
                    DTLSTM.logger.info("Server is NOT trusted with certificate '" + Arrays.asList(x509CertificateArr) + "'");
                    throw new CertificateException("Server's certificate is not trusted by this application (although it was trusted by the JRE): " + Arrays.asList(x509CertificateArr));
                } catch (CertificateException e2) {
                    DTLSTM.this.counterSupport.fireIncrementCounter(new CounterEvent(this, SnmpConstants.snmpTlstmSessionOpenErrors));
                    DTLSTM.this.counterSupport.fireIncrementCounter(new CounterEvent(this, SnmpConstants.snmpTlstmSessionUnknownServerCertificate));
                    DTLSTM.logger.warn("Server certificate validation failed for '" + x509CertificateArr[0] + "'");
                    throw e2;
                }
            }
        }

        private boolean isMatchingFingerprint(X509Certificate[] x509CertificateArr, OctetString octetString) {
            if (octetString == null || octetString.length() <= 0) {
                return false;
            }
            for (X509Certificate x509Certificate : x509CertificateArr) {
                OctetString fingerprint = TLSTMUtil.getFingerprint(x509Certificate);
                if (DTLSTM.logger.isDebugEnabled()) {
                    DTLSTM.logger.debug("Comparing certificate fingerprint " + fingerprint + " with " + octetString);
                }
                if (fingerprint == null) {
                    DTLSTM.logger.error("Failed to determine fingerprint for certificate " + x509Certificate + " and algorithm " + x509Certificate.getSigAlgName());
                } else if (fingerprint.equals(octetString)) {
                    if (!DTLSTM.logger.isInfoEnabled()) {
                        return true;
                    }
                    DTLSTM.logger.info("Peer is trusted by fingerprint '" + octetString + "' of certificate: '" + x509Certificate + "'");
                    return true;
                }
            }
            return false;
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            TlsTmSecurityCallback tlsTmSecurityCallback = DTLSTM.this.securityCallback;
            X509Certificate[] acceptedIssuers = this.trustManager.getAcceptedIssuers();
            if (acceptedIssuers == null || tlsTmSecurityCallback == null) {
                return acceptedIssuers;
            }
            ArrayList arrayList = new ArrayList(acceptedIssuers.length);
            for (X509Certificate x509Certificate : acceptedIssuers) {
                if (tlsTmSecurityCallback.isAcceptedIssuer(x509Certificate)) {
                    arrayList.add(x509Certificate);
                }
            }
            return (X509Certificate[]) arrayList.toArray(new X509Certificate[0]);
        }
    }

    public DTLSTM() throws IOException {
        super(new UdpAddress(InetAddress.getLocalHost(), 0));
        this.nextSessionID = 1L;
        this.sockets = new Hashtable();
        this.sslEngineConfigurator = new DefaultSSLEngineConfiguration();
        this.connectionTimeout = 300000L;
        this.handshakeTimeout = 5000;
        this.trustManagerFactory = new DefaultDTLSTMTrustManagerFactory(this, null);
        this.dtlsHandshakeThreadPoolSize = 2;
        this.serverEnabled = false;
        this.counterSupport = CounterSupport.getInstance();
        this.maxInboundMessageSize = MAX_TLS_PAYLOAD_SIZE;
        setSocketTimeout(5000);
    }

    public DTLSTM(UdpAddress udpAddress) throws IOException {
        super(udpAddress);
        this.nextSessionID = 1L;
        this.sockets = new Hashtable();
        this.sslEngineConfigurator = new DefaultSSLEngineConfiguration();
        this.connectionTimeout = 300000L;
        this.handshakeTimeout = 5000;
        this.trustManagerFactory = new DefaultDTLSTMTrustManagerFactory(this, null);
        this.dtlsHandshakeThreadPoolSize = 2;
        this.serverEnabled = false;
        this.maxInboundMessageSize = MAX_TLS_PAYLOAD_SIZE;
        this.counterSupport = CounterSupport.getInstance();
        setSocketTimeout(5000);
        try {
            if (Class.forName("javax.net.ssl.X509ExtendedTrustManager") != null) {
                setTrustManagerFactory((TLSTMTrustManagerFactory) Class.forName("org.snmp4j.transport.tls.DTLSTMExtendedTrustManagerFactory").getConstructors()[0].newInstance(this));
            }
        } catch (ClassNotFoundException e) {
        } catch (IllegalAccessException | InvocationTargetException e2) {
            throw new IOException("Failed to init DTLSTMTrustManagerFactory: " + e2.getMessage(), e2);
        } catch (IllegalArgumentException e3) {
            throw new IOException("Failed to setup DTLSTMTrustManagerFactory: " + e3.getMessage(), e3);
        } catch (InstantiationException e4) {
            throw new IOException("Failed to instantiate DTLSTMTrustManagerFactory: " + e4.getMessage(), e4);
        }
    }

    public DTLSTM(TlsTmSecurityCallback<X509Certificate> tlsTmSecurityCallback, UdpAddress udpAddress) throws IOException {
        this(tlsTmSecurityCallback, udpAddress, CounterSupport.getInstance());
    }

    public DTLSTM(TlsTmSecurityCallback<X509Certificate> tlsTmSecurityCallback, UdpAddress udpAddress, CounterSupport counterSupport) throws IOException {
        super(udpAddress);
        this.nextSessionID = 1L;
        this.sockets = new Hashtable();
        this.sslEngineConfigurator = new DefaultSSLEngineConfiguration();
        this.connectionTimeout = 300000L;
        this.handshakeTimeout = 5000;
        this.trustManagerFactory = new DefaultDTLSTMTrustManagerFactory(this, null);
        this.dtlsHandshakeThreadPoolSize = 2;
        this.serverEnabled = false;
        this.maxInboundMessageSize = MAX_TLS_PAYLOAD_SIZE;
        setSocketTimeout(5000);
        this.securityCallback = tlsTmSecurityCallback;
        this.counterSupport = counterSupport;
    }

    @Override // org.snmp4j.transport.DefaultUdpTransportMapping, org.snmp4j.transport.UdpTransportMapping, org.snmp4j.transport.AbstractTransportMapping, org.snmp4j.TransportMapping
    public synchronized void listen() throws IOException {
        this.dtlsHandshakeThreadPool = ThreadPool.create("DTLSTM_" + getListenAddress(), getDtlsHandshakeThreadPoolSize());
        if (this.connectionTimeout > 0) {
            this.socketCleaner = SNMP4JSettings.getTimerFactory().createTimer();
        }
        super.listen();
    }

    @Override // org.snmp4j.transport.DefaultUdpTransportMapping, org.snmp4j.transport.UdpTransportMapping, org.snmp4j.transport.AbstractTransportMapping, org.snmp4j.TransportMapping, java.io.Closeable, java.lang.AutoCloseable
    public void close() throws IOException {
        Iterator<SocketEntry> it = this.sockets.values().iterator();
        while (it.hasNext()) {
            it.next().closeSession();
        }
        super.close();
        if (this.dtlsHandshakeThreadPool != null) {
            this.dtlsHandshakeThreadPool.stop();
        }
        this.sockets.clear();
        if (this.socketCleaner != null) {
            this.socketCleaner.cancel();
        }
        this.socketCleaner = null;
        this.dtlsHandshakeThreadPool = null;
    }

    public int getDtlsHandshakeThreadPoolSize() {
        return this.dtlsHandshakeThreadPoolSize;
    }

    public void setDtlsHandshakeThreadPoolSize(int i) {
        this.dtlsHandshakeThreadPoolSize = i;
    }

    public String getLocalCertificateAlias() {
        return this.localCertificateAlias == null ? System.getProperty(SnmpConfigurator.P_TLS_LOCAL_ID, null) : this.localCertificateAlias;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public String[] getProtocolVersions() {
        return this.dtlsProtocols == null ? System.getProperty(getProtocolVersionPropertyName(), DEFAULT_DTLSTM_PROTOCOLS).split(",") : this.dtlsProtocols;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public String getProtocolVersionPropertyName() {
        return SnmpConfigurator.P_DTLS_VERSION;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public void setProtocolVersions(String[] strArr) {
        this.dtlsProtocols = strArr;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public String getKeyStore() {
        return this.keyStore == null ? System.getProperty("javax.net.ssl.keyStore") : this.keyStore;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public void setKeyStore(String str) {
        this.keyStore = str;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public String getKeyStorePassword() {
        return this.keyStorePassword == null ? System.getProperty("javax.net.ssl.keyStorePassword") : this.keyStorePassword;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public void setKeyStorePassword(String str) {
        this.keyStorePassword = str;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public String getTrustStore() {
        return this.trustStore == null ? System.getProperty("javax.net.ssl.trustStore") : this.trustStore;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public void setTrustStore(String str) {
        this.trustStore = str;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public String getTrustStorePassword() {
        return this.trustStorePassword == null ? System.getProperty("javax.net.ssl.trustStorePassword") : this.trustStorePassword;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public void setTrustStorePassword(String str) {
        this.trustStorePassword = str;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public void setLocalCertificateAlias(String str) {
        this.localCertificateAlias = str;
    }

    public CounterSupport getCounterSupport() {
        return this.counterSupport;
    }

    @Override // org.snmp4j.transport.UdpTransportMapping, org.snmp4j.transport.AbstractTransportMapping, org.snmp4j.TransportMapping
    public Class<? extends Address> getSupportedAddressClass() {
        return DtlsAddress.class;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public TlsTmSecurityCallback<X509Certificate> getSecurityCallback() {
        return this.securityCallback;
    }

    @Override // org.snmp4j.transport.tls.TlsTransportMappingConfig
    public void setSecurityCallback(TlsTmSecurityCallback<X509Certificate> tlsTmSecurityCallback) {
        this.securityCallback = tlsTmSecurityCallback;
    }

    public TLSTMTrustManagerFactory getTrustManagerFactory() {
        return this.trustManagerFactory;
    }

    public void setTrustManagerFactory(TLSTMTrustManagerFactory tLSTMTrustManagerFactory) {
        if (tLSTMTrustManagerFactory == null) {
            throw new NullPointerException();
        }
        this.trustManagerFactory = tLSTMTrustManagerFactory;
    }

    @Override // org.snmp4j.transport.DefaultUdpTransportMapping, org.snmp4j.transport.UdpTransportMapping, org.snmp4j.TransportMapping
    public UdpAddress getListenAddress() {
        DtlsAddress dtlsAddress = null;
        DatagramSocket datagramSocket = this.socket;
        if (datagramSocket != null) {
            dtlsAddress = new DtlsAddress(datagramSocket.getLocalAddress(), datagramSocket.getLocalPort());
        }
        return dtlsAddress;
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public synchronized boolean close(UdpAddress udpAddress) throws IOException {
        if (logger.isDebugEnabled()) {
            logger.debug("Closing socket for peer address " + udpAddress);
        }
        SocketEntry remove = this.sockets.remove(udpAddress);
        if (remove == null) {
            return false;
        }
        remove.closeSession();
        return true;
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public long getConnectionTimeout() {
        return this.connectionTimeout;
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public MessageLengthDecoder getMessageLengthDecoder() {
        throw new UnsupportedOperationException();
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public void setMessageLengthDecoder(MessageLengthDecoder messageLengthDecoder) {
        throw new UnsupportedOperationException();
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public void setConnectionTimeout(long j) {
        this.connectionTimeout = j;
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public synchronized void addTransportStateListener(TransportStateListener transportStateListener) {
        if (this.transportStateListeners == null) {
            this.transportStateListeners = new ArrayList(2);
        }
        this.transportStateListeners.add(transportStateListener);
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public synchronized void removeTransportStateListener(TransportStateListener transportStateListener) {
        if (this.transportStateListeners != null) {
            this.transportStateListeners.remove(transportStateListener);
        }
    }

    @Override // org.snmp4j.transport.ConnectionOrientedTransportMapping
    public CommonTimer getSocketCleaner() {
        return this.socketCleaner;
    }

    public boolean isServerEnabled() {
        return this.serverEnabled;
    }

    public void setServerEnabled(boolean z) {
        this.serverEnabled = z;
    }

    @Override // org.snmp4j.transport.AbstractTransportMapping, org.snmp4j.TransportMapping
    public int getMaxInboundMessageSize() {
        return super.getMaxInboundMessageSize();
    }

    @Override // org.snmp4j.transport.DefaultUdpTransportMapping
    public void setMaxInboundMessageSize(int i) {
        this.maxInboundMessageSize = i;
    }

    public int getHandshakeTimeout() {
        return this.handshakeTimeout;
    }

    public void setHandshakeTimeout(int i) {
        this.handshakeTimeout = i;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized void timeoutSocket(SocketEntry socketEntry) {
        if (this.connectionTimeout <= 0 || this.socketCleaner == null) {
            return;
        }
        this.socketCleaner.schedule(new SocketTimeout(this, socketEntry), this.connectionTimeout);
    }

    protected void fireConnectionStateChanged(TransportStateEvent transportStateEvent) {
        ArrayList arrayList;
        if (logger.isDebugEnabled()) {
            logger.debug("Firing transport state event: " + transportStateEvent);
        }
        List<TransportStateListener> list = this.transportStateListeners;
        if (list != null) {
            try {
                synchronized (list) {
                    arrayList = new ArrayList(list);
                }
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    ((TransportStateListener) it.next()).connectionStateChanged(transportStateEvent);
                }
            } catch (RuntimeException e) {
                logger.error("Exception in fireConnectionStateChanged: " + e.getMessage(), e);
                if (SNMP4JSettings.isForwardRuntimeExceptions()) {
                    throw e;
                }
            }
        }
    }

    @Override // org.snmp4j.transport.DefaultUdpTransportMapping
    protected List<DatagramPacket> prepareOutPackets(UdpAddress udpAddress, byte[] bArr, TransportStateReference transportStateReference, DatagramSocket datagramSocket, long j, int i) throws IOException {
        InetSocketAddress inetSocketAddress = new InetSocketAddress(udpAddress.getInetAddress(), udpAddress.getPort());
        ByteBuffer allocate = ByteBuffer.allocate(MAX_TLS_PAYLOAD_SIZE);
        SocketEntry socketEntry = this.sockets.get(udpAddress);
        ArrayList arrayList = new ArrayList(1);
        if (socketEntry == null) {
            try {
                socketEntry = new SocketEntry(this, udpAddress, true, transportStateReference);
                this.sockets.put(udpAddress, socketEntry);
                synchronized (socketEntry.outboundLock) {
                    new HandshakeTask(socketEntry, datagramSocket, inetSocketAddress, null, j, i).run();
                }
            } catch (NoSuchAlgorithmException e) {
                throw new IOException(e);
            }
        }
        ByteBuffer wrap = ByteBuffer.wrap(bArr);
        synchronized (socketEntry.outboundLock) {
            SSLEngineResult wrap2 = socketEntry.sslEngine.wrap(wrap, allocate);
            allocate.flip();
            SSLEngineResult.Status status = wrap2.getStatus();
            if (status == SSLEngineResult.Status.BUFFER_OVERFLOW) {
                throw new IOException("DTLSTM: Buffer overflow: incorrect server maximum fragment size");
            }
            if (status == SSLEngineResult.Status.BUFFER_UNDERFLOW) {
                throw new IOException("DTLSTM: Buffer underflow during wrapping");
            }
            if (status == SSLEngineResult.Status.CLOSED) {
                throw new IOException("DTLSTM: SSLEngine has closed");
            }
            if (allocate.hasRemaining()) {
                byte[] bArr2 = new byte[allocate.remaining()];
                allocate.get(bArr2);
                arrayList.add(new DatagramPacket(bArr2, bArr2.length, inetSocketAddress));
            }
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Prepared " + arrayList + " for " + udpAddress);
        }
        return arrayList;
    }

    protected List<DatagramPacket> onReceiveTimeout(SSLEngine sSLEngine, SocketAddress socketAddress) throws IOException {
        return sSLEngine.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING ? new ArrayList() : produceHandshakePackets(sSLEngine, socketAddress);
    }

    @Override // org.snmp4j.transport.AbstractTransportMapping
    public boolean isAsyncMsgProcessingSupported() {
        return true;
    }

    @Override // org.snmp4j.transport.AbstractTransportMapping
    public void setAsyncMsgProcessingSupported(boolean z) {
        if (!z) {
            throw new IllegalArgumentException("Async message processing cannot be disabled for DTLS");
        }
    }

    @Override // org.snmp4j.transport.DefaultUdpTransportMapping
    protected ByteBuffer prepareInPacket(DatagramPacket datagramPacket, byte[] bArr, TransportStateReference transportStateReference) throws IOException {
        ByteBuffer wrap;
        InetAddress address = datagramPacket.getAddress();
        DtlsAddress dtlsAddress = new DtlsAddress(address, datagramPacket.getPort());
        if (logger.isDebugEnabled()) {
            logger.debug("Preparing inbound DTLS packet from " + dtlsAddress);
        }
        InetSocketAddress inetSocketAddress = new InetSocketAddress(address, datagramPacket.getPort());
        SocketEntry socketEntry = this.sockets.get(dtlsAddress);
        if (socketEntry == null) {
            if (logger.isInfoEnabled()) {
                logger.info("New DTLS connection from " + dtlsAddress);
            }
            try {
                SocketEntry socketEntry2 = new SocketEntry(this, dtlsAddress, !isServerEnabled(), transportStateReference);
                synchronized (socketEntry2.inboundLock) {
                    SocketEntry socketEntry3 = this.sockets.get(dtlsAddress);
                    if (socketEntry3 == null) {
                        this.sockets.put(dtlsAddress, socketEntry2);
                        this.dtlsHandshakeThreadPool.execute(new HandshakeTask(socketEntry2, this.socket, inetSocketAddress, datagramPacket, 0L, 0));
                        return null;
                    }
                    socketEntry = socketEntry3;
                }
            } catch (NoSuchAlgorithmException e) {
                logger.error("DTLS handshake failed because of missing algorithm: " + e.getMessage(), e);
                return null;
            }
        }
        socketEntry.used();
        if (!socketEntry.isHandshakeFinished()) {
            logger.debug("Adding DTLS packet to handshake queue: " + datagramPacket);
            synchronized (socketEntry) {
                socketEntry.inboundPacketQueue.add(datagramPacket);
                socketEntry.notify();
            }
            return null;
        }
        ByteBuffer allocate = ByteBuffer.allocate(getMaxInboundMessageSize());
        synchronized (socketEntry.outboundLock) {
            wrap = ByteBuffer.wrap(bArr, 0, datagramPacket.getLength());
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Read " + datagramPacket.getLength() + " bytes from " + dtlsAddress);
            logger.debug("DTLS inNetBuffer: " + wrap);
        }
        if (!wrap.hasRemaining()) {
            return null;
        }
        synchronized (socketEntry.inboundLock) {
            SSLEngineResult unwrap = socketEntry.sslEngine.unwrap(wrap, allocate);
            switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[unwrap.getStatus().ordinal()]) {
                case 1:
                    logger.error("DTLS BUFFER_OVERFLOW");
                    throw new RuntimeException("DTLS BUFFER_OVERFLOW");
                default:
                    if (runDelegatedTasks(socketEntry.sslEngine)) {
                        if (logger.isInfoEnabled()) {
                            logger.info("SSL session established for peer " + dtlsAddress);
                        }
                        if (unwrap.bytesProduced() > 0) {
                            allocate.flip();
                            logger.debug("SSL established, dispatching inappBuffer=" + allocate);
                            socketEntry.checkTransportStateReference(transportStateReference);
                            return allocate;
                        }
                    }
                    return null;
            }
        }
    }

    boolean runDelegatedTasks(SSLEngine sSLEngine) {
        while (true) {
            Runnable delegatedTask = sSLEngine.getDelegatedTask();
            if (delegatedTask == null) {
                break;
            }
            delegatedTask.run();
        }
        return sSLEngine.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NEED_TASK;
    }

    protected List<DatagramPacket> produceHandshakePackets(SSLEngine sSLEngine, SocketAddress socketAddress) throws IOException {
        ArrayList arrayList = new ArrayList();
        boolean z = false;
        int i = 100;
        while (!z) {
            i--;
            if (i < 0) {
                throw new RuntimeException("Too much loops to produce handshake packets");
            }
            ByteBuffer allocate = ByteBuffer.allocate(getMaxInboundMessageSize());
            SSLEngineResult wrap = sSLEngine.wrap(ByteBuffer.allocate(0), allocate);
            allocate.flip();
            SSLEngineResult.Status status = wrap.getStatus();
            SSLEngineResult.HandshakeStatus handshakeStatus = wrap.getHandshakeStatus();
            if (status == SSLEngineResult.Status.BUFFER_OVERFLOW) {
                throw new IOException("Buffer overflow: incorrect server maximum fragment size");
            }
            if (status == SSLEngineResult.Status.BUFFER_UNDERFLOW) {
                if (handshakeStatus != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                    throw new IOException("Buffer underflow: incorrect server maximum fragment size");
                }
            } else if (status == SSLEngineResult.Status.CLOSED) {
                throw new IOException("SSLEngine has closed");
            }
            if (allocate.hasRemaining()) {
                byte[] bArr = new byte[allocate.remaining()];
                allocate.get(bArr);
                arrayList.add(createHandshakePacket(bArr, socketAddress));
            }
            boolean z2 = false;
            SSLEngineResult.HandshakeStatus handshakeStatus2 = handshakeStatus;
            while (!z2) {
                if (handshakeStatus2 == SSLEngineResult.HandshakeStatus.NEED_TASK) {
                    runDelegatedTasks(sSLEngine);
                    handshakeStatus2 = sSLEngine.getHandshakeStatus();
                } else if (handshakeStatus2 == SSLEngineResult.HandshakeStatus.FINISHED || handshakeStatus2 == SSLEngineResult.HandshakeStatus.NEED_UNWRAP || handshakeStatus2 == SSLEngineResult.HandshakeStatus.NEED_UNWRAP_AGAIN || handshakeStatus2 == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                    z2 = true;
                    z = true;
                } else if (handshakeStatus2 == SSLEngineResult.HandshakeStatus.NEED_WRAP) {
                    z2 = true;
                }
            }
        }
        return arrayList;
    }

    protected DatagramPacket createHandshakePacket(byte[] bArr, SocketAddress socketAddress) {
        return new DatagramPacket(bArr, bArr.length, socketAddress);
    }

    /*  JADX ERROR: Failed to decode insn: 0x0005: MOVE_MULTI, method: org.snmp4j.transport.DTLSTM.access$1008(org.snmp4j.transport.DTLSTM):long
        java.lang.ArrayIndexOutOfBoundsException: arraycopy: source index -1 out of bounds for object array[8]
        	at java.base/java.lang.System.arraycopy(Native Method)
        	at jadx.plugins.input.java.data.code.StackState.insert(StackState.java:49)
        	at jadx.plugins.input.java.data.code.CodeDecodeState.insert(CodeDecodeState.java:118)
        	at jadx.plugins.input.java.data.code.JavaInsnsRegister.dup2x1(JavaInsnsRegister.java:313)
        	at jadx.plugins.input.java.data.code.JavaInsnData.decode(JavaInsnData.java:46)
        	at jadx.core.dex.instructions.InsnDecoder.lambda$process$0(InsnDecoder.java:54)
        	at jadx.plugins.input.java.data.code.JavaCodeReader.visitInstructions(JavaCodeReader.java:81)
        	at jadx.core.dex.instructions.InsnDecoder.process(InsnDecoder.java:50)
        	at jadx.core.dex.nodes.MethodNode.load(MethodNode.java:156)
        	at jadx.core.dex.nodes.ClassNode.load(ClassNode.java:443)
        	at jadx.core.ProcessClass.process(ProcessClass.java:70)
        	at jadx.core.ProcessClass.generateCode(ProcessClass.java:118)
        	at jadx.core.dex.nodes.ClassNode.generateClassCode(ClassNode.java:400)
        	at jadx.core.dex.nodes.ClassNode.decompile(ClassNode.java:388)
        	at jadx.core.dex.nodes.ClassNode.getCode(ClassNode.java:338)
        */
    static /* synthetic */ long access$1008(org.snmp4j.transport.DTLSTM r8) {
        /*
            r0 = r8
            r1 = r0
            long r1 = r1.nextSessionID
            // decode failed: arraycopy: source index -1 out of bounds for object array[8]
            r2 = 1
            long r1 = r1 + r2
            r0.nextSessionID = r1
            return r-1
        */
        throw new UnsupportedOperationException("Method not decompiled: org.snmp4j.transport.DTLSTM.access$1008(org.snmp4j.transport.DTLSTM):long");
    }

    static {
    }
}
