package org.irods.jargon.core.connection;

import java.io.IOException;
import org.irods.jargon.core.exception.ClientServerNegotiationException;
import org.irods.jargon.core.exception.EncryptionException;
import org.irods.jargon.core.exception.JargonException;
import org.irods.jargon.core.packinstr.ClientServerNegotiationStructInitNegotiation;
import org.irods.jargon.core.packinstr.ClientServerNegotiationStructNotifyServerOfResult;
import org.irods.jargon.core.protovalues.EncryptionAlgorithmEnum;
import org.irods.jargon.core.transfer.encrypt.AESKeyGenerator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/irods/jargon/core/connection/ClientServerNegotiationService.class */
class ClientServerNegotiationService {
    private final IRODSMidLevelProtocol irodsMidLevelProtocol;
    public static final String NEGOTIATION_SHARED_SECRET = "SHARED_SECRET";
    private Logger log = LoggerFactory.getLogger((Class<?>) ClientServerNegotiationService.class);
    private ClientServerNegotiationStructNotifyServerOfResult.Outcome[][] negotiationTable = new ClientServerNegotiationStructNotifyServerOfResult.Outcome[3][3];

    /* JADX INFO: Access modifiers changed from: package-private */
    public ClientServerNegotiationService(IRODSMidLevelProtocol iRODSMidLevelProtocol) {
        this.irodsMidLevelProtocol = iRODSMidLevelProtocol;
        initializeNegotiationTable();
    }

    private void initializeNegotiationTable() {
        this.negotiationTable[0][0] = ClientServerNegotiationStructNotifyServerOfResult.Outcome.CS_NEG_USE_SSL;
        this.negotiationTable[0][1] = ClientServerNegotiationStructNotifyServerOfResult.Outcome.CS_NEG_USE_SSL;
        this.negotiationTable[0][2] = ClientServerNegotiationStructNotifyServerOfResult.Outcome.CS_NEG_USE_TCP;
        this.negotiationTable[1][0] = ClientServerNegotiationStructNotifyServerOfResult.Outcome.CS_NEG_USE_SSL;
        this.negotiationTable[1][1] = ClientServerNegotiationStructNotifyServerOfResult.Outcome.CS_NEG_USE_SSL;
        this.negotiationTable[1][2] = ClientServerNegotiationStructNotifyServerOfResult.Outcome.CS_NEG_USE_TCP;
        this.negotiationTable[2][0] = ClientServerNegotiationStructNotifyServerOfResult.Outcome.CS_NEG_FAILURE;
        this.negotiationTable[2][1] = ClientServerNegotiationStructNotifyServerOfResult.Outcome.CS_NEG_USE_TCP;
        this.negotiationTable[2][2] = ClientServerNegotiationStructNotifyServerOfResult.Outcome.CS_NEG_USE_TCP;
    }

    IRODSMidLevelProtocol getIrodsMidLevelProtocol() {
        return this.irodsMidLevelProtocol;
    }

    private ClientServerNegotiationPolicy referToNegotiationPolicy() {
        return getIrodsMidLevelProtocol().getIrodsConnection().getOperativeClientServerNegotiationPolicy();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public StartupResponseData negotiate(ClientServerNegotiationStructInitNegotiation clientServerNegotiationStructInitNegotiation) throws ClientServerNegotiationException, JargonException {
        this.log.debug("negotiate()");
        if (clientServerNegotiationStructInitNegotiation == null) {
            throw new IllegalArgumentException("null struct");
        }
        return negotiateUsingServerProtocol(clientServerNegotiationStructInitNegotiation);
    }

    private StartupResponseData negotiateUsingServerProtocol(ClientServerNegotiationStructInitNegotiation clientServerNegotiationStructInitNegotiation) throws ClientServerNegotiationException, JargonException {
        this.log.debug("negotiateUsingServerProtocol()");
        this.log.debug("negotiation over response from server:{}", clientServerNegotiationStructInitNegotiation);
        this.log.debug("client policy:{}", referToNegotiationPolicy());
        ClientServerNegotiationStructNotifyServerOfResult.Outcome outcome = this.negotiationTable[referToNegotiationPolicy().getSslNegotiationPolicy().ordinal()][clientServerNegotiationStructInitNegotiation.getSslNegotiationPolicy().ordinal()];
        this.log.debug("negotiatedOutcome:{}", outcome);
        if (outcome == ClientServerNegotiationStructNotifyServerOfResult.Outcome.CS_NEG_FAILURE) {
            this.log.error("failure in client server negotiation!...sending error message to the server before throwing the failure exception");
            notifyServerOfNegotiationFailure();
            throw new ClientServerNegotiationException("failure in client server negotiation");
        }
        this.log.debug("was a success, return choice to server");
        StartupResponseData notifyServerOfNegotiationSuccess = notifyServerOfNegotiationSuccess(outcome);
        this.irodsMidLevelProtocol.setStartupResponseData(notifyServerOfNegotiationSuccess);
        return notifyServerOfNegotiationSuccess;
    }

    private StartupResponseData notifyServerOfNegotiationSuccess(ClientServerNegotiationStructNotifyServerOfResult.Outcome outcome) throws JargonException {
        StartupResponseData buldStartupResponseFromVersionPI = AuthMechanism.buldStartupResponseFromVersionPI(this.irodsMidLevelProtocol.irodsFunctionForNegotiation(ClientServerNegotiationStructNotifyServerOfResult.instance(1, outcome.name())));
        buldStartupResponseFromVersionPI.setNegotiatedClientServerConfiguration(new NegotiatedClientServerConfiguration(outcome == ClientServerNegotiationStructNotifyServerOfResult.Outcome.CS_NEG_USE_SSL));
        this.log.debug("startupResponse captured:{}", buldStartupResponseFromVersionPI);
        wrapConnectionInSslIfConfigured(buldStartupResponseFromVersionPI);
        return buldStartupResponseFromVersionPI;
    }

    private void wrapConnectionInSslIfConfigured(StartupResponseData startupResponseData) throws JargonException, AssertionError {
        this.log.debug("wrapConnectionInSsl()");
        if (startupResponseData.getNegotiatedClientServerConfiguration() == null) {
            throw new IllegalArgumentException("null negotiatedClientServerConfiguration in startup response");
        }
        if (!startupResponseData.getNegotiatedClientServerConfiguration().isSslConnection()) {
            this.log.debug("no ssl");
            return;
        }
        this.log.debug("wrapping in ssl connection");
        SslConnectionUtilities sslConnectionUtilities = new SslConnectionUtilities(getIrodsMidLevelProtocol().getIrodsSession());
        getIrodsMidLevelProtocol().setIrodsConnectionNonEncryptedRef(getIrodsMidLevelProtocol().getIrodsConnection());
        sslConnectionUtilities.createSslSocketForProtocolAndIntegrateIntoProtocol(getIrodsMidLevelProtocol().getIrodsAccount(), getIrodsMidLevelProtocol(), false);
        configureParametersForParallelTransfer(startupResponseData);
        getIrodsMidLevelProtocol().setStartupResponseData(startupResponseData);
        this.log.debug("connection now wrapped in ssl socket!");
    }

    private void configureParametersForParallelTransfer(StartupResponseData startupResponseData) throws JargonException {
        this.log.debug("configureParametersForParallelTransfer()");
        PipelineConfiguration instance = PipelineConfiguration.instance(getIrodsMidLevelProtocol().getIrodsSession().getJargonProperties());
        this.log.debug("setting up secret key");
        this.log.debug("creating secret key for parallel transfer encryption using:{}", instance.getEncryptionAlgorithmEnum());
        if (instance.getEncryptionAlgorithmEnum() != EncryptionAlgorithmEnum.AES_256_CBC) {
            this.log.error("unable to generate a key for algo:{}", instance.getEncryptionAlgorithmEnum());
            throw new EncryptionException("unable to generate a key");
        }
        this.log.debug("AES key selected");
        startupResponseData.getNegotiatedClientServerConfiguration().setSecretKey(new AESKeyGenerator(instance, startupResponseData.getNegotiatedClientServerConfiguration()).generateKey());
        try {
            this.log.debug("sending header with encryption cues");
            getIrodsMidLevelProtocol().sendHeader(instance.getEncryptionAlgorithmEnum().getTextValue(), instance.getEncryptionKeySize(), instance.getEncryptionSaltSize(), instance.getEncryptionNumberHashRounds(), 0);
            getIrodsMidLevelProtocol().getIrodsConnection().flush();
            this.log.debug("now write the shared secret to iRODS");
            getIrodsMidLevelProtocol().irodsFunctionUnidirectional(NEGOTIATION_SHARED_SECRET, startupResponseData.getNegotiatedClientServerConfiguration().getSecretKey().getEncoded(), null, 0, 0, null, 0, 0, 0);
        } catch (IOException e) {
            this.log.error("i/o exception sending encryption info", (Throwable) e);
            throw new JargonException("error sending encryption info");
        }
    }

    private void notifyServerOfNegotiationFailure() throws JargonException {
        this.irodsMidLevelProtocol.irodsFunction(ClientServerNegotiationStructNotifyServerOfResult.instanceForFailure());
    }
}
