package freenet.node;

import com.db4o.ObjectContainer;
import com.db4o.ObjectSet;
import com.db4o.query.Predicate;
import freenet.crypt.BlockCipher;
import freenet.crypt.DSA;
import freenet.crypt.DSAGroup;
import freenet.crypt.DSAPrivateKey;
import freenet.crypt.DSAPublicKey;
import freenet.crypt.DSASignature;
import freenet.crypt.Global;
import freenet.crypt.RandomSource;
import freenet.crypt.SHA256;
import freenet.crypt.UnsupportedCipherException;
import freenet.crypt.ciphers.Rijndael;
import freenet.io.AddressTracker;
import freenet.io.comm.DMT;
import freenet.io.comm.FreenetInetAddress;
import freenet.io.comm.IncomingPacketFilterImpl;
import freenet.io.comm.Peer;
import freenet.io.comm.UdpSocketHandler;
import freenet.keys.FreenetURI;
import freenet.keys.InsertableClientSSK;
import freenet.support.Base64;
import freenet.support.Fields;
import freenet.support.IllegalBase64Exception;
import freenet.support.LogThresholdCallback;
import freenet.support.Logger;
import freenet.support.SimpleFieldSet;
import freenet.support.io.Closer;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.net.MalformedURLException;
import java.security.MessageDigest;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.zip.DeflaterOutputStream;
import net.i2p.util.NativeBigInteger;

/* loaded from: input_file:freenet/node/NodeCrypto.class */
public class NodeCrypto {
    public static final int IDENTITY_LENGTH = 32;
    final Node node;
    final boolean isOpennet;
    final RandomSource random;
    final UdpSocketHandler socket;
    public FNPPacketMangler packetMangler;
    final int portNumber;
    byte[] myIdentity;
    byte[] identityHash;
    byte[] identityHashHash;
    byte[] clientNonce;
    private DSAGroup cryptoGroup;
    private DSAPrivateKey privKey;
    private DSAPublicKey pubKey;
    byte[] pubKeyHash;
    byte[] pubKeyHashHash;
    InsertableClientSSK myARK;
    long myARKNumber;
    final NodeCryptoConfig config;
    final NodeIPPortDetector detector;
    final BlockCipher anonSetupCipher;
    private String mySignedReference = null;
    private DSASignature myReferenceSignature = null;
    private volatile Object referenceSync = new Object();
    private static volatile boolean logMINOR;

    public NodeCrypto(Node node, boolean z, NodeCryptoConfig nodeCryptoConfig, long j, boolean z2) throws NodeInitException {
        this.node = node;
        this.config = nodeCryptoConfig;
        this.random = node.random;
        this.isOpennet = z;
        nodeCryptoConfig.starting(this);
        try {
            try {
                try {
                    int port = nodeCryptoConfig.getPort();
                    FreenetInetAddress bindTo = nodeCryptoConfig.getBindTo();
                    UdpSocketHandler udpSocketHandler = null;
                    if (port > 65535) {
                        throw new NodeInitException(10, "Impossible port number: " + port);
                    }
                    if (port == -1) {
                        for (int i = 0; i < 200000; i++) {
                            int nextInt = 1024 + this.random.nextInt(64511);
                            try {
                                udpSocketHandler = new UdpSocketHandler(nextInt, bindTo.getAddress(), node, j, getTitle(nextInt), node.collector);
                                port = udpSocketHandler.getPortNumber();
                                break;
                            } catch (Exception e) {
                                Logger.normal(this, "Could not use port: " + bindTo + ':' + nextInt + ": " + e, e);
                                System.err.println("Could not use port: " + bindTo + ':' + nextInt + ": " + e);
                                e.printStackTrace();
                            }
                        }
                        if (udpSocketHandler == null) {
                            throw new NodeInitException(11, "Could not find an available UDP port number for FNP (none specified)");
                        }
                    } else {
                        try {
                            udpSocketHandler = new UdpSocketHandler(port, bindTo.getAddress(), node, j, getTitle(port), node.collector);
                        } catch (Exception e2) {
                            Logger.error(this, "Caught " + e2, e2);
                            System.err.println(e2);
                            e2.printStackTrace();
                            throw new NodeInitException(10, "Could not bind to port: " + port + " (node already running?)");
                        }
                    }
                    this.socket = udpSocketHandler;
                    Logger.normal(this, "FNP port created on " + bindTo + ':' + port);
                    System.out.println("FNP port created on " + bindTo + ':' + port);
                    this.portNumber = port;
                    nodeCryptoConfig.setPort(port);
                    this.socket.setDropProbability(nodeCryptoConfig.getDropProbability());
                    this.packetMangler = new FNPPacketMangler(node, this, this.socket);
                    this.detector = new NodeIPPortDetector(node, node.ipDetector, this, z2);
                    this.anonSetupCipher = new Rijndael(256, 256);
                    nodeCryptoConfig.maybeStarted(this);
                } catch (UnsupportedCipherException e3) {
                    nodeCryptoConfig.stopping(this);
                    throw new Error(e3);
                } catch (NodeInitException e4) {
                    nodeCryptoConfig.stopping(this);
                    throw e4;
                }
            } catch (Error e5) {
                nodeCryptoConfig.stopping(this);
                throw e5;
            } catch (RuntimeException e6) {
                nodeCryptoConfig.stopping(this);
                throw e6;
            }
        } catch (Throwable th) {
            nodeCryptoConfig.maybeStarted(this);
            throw th;
        }
    }

    private String getTitle(int i) {
        return "UDP " + (this.isOpennet ? "Opennet " : "Darknet ") + "port " + i;
    }

    public void readCrypto(SimpleFieldSet simpleFieldSet) throws IOException {
        String str = simpleFieldSet.get("identity");
        if (str == null) {
            throw new IOException();
        }
        try {
            this.myIdentity = Base64.decode(str);
            this.identityHash = SHA256.digest(this.myIdentity);
            this.anonSetupCipher.initialize(this.identityHash);
            this.identityHashHash = SHA256.digest(this.identityHash);
            try {
                this.cryptoGroup = DSAGroup.create(simpleFieldSet.subset("dsaGroup"));
                this.privKey = DSAPrivateKey.create(simpleFieldSet.subset("dsaPrivKey"), this.cryptoGroup);
                this.pubKey = DSAPublicKey.create(simpleFieldSet.subset("dsaPubKey"), this.cryptoGroup);
                this.pubKeyHash = SHA256.digest(this.pubKey.asBytes());
                this.pubKeyHashHash = SHA256.digest(this.pubKeyHash);
                InsertableClientSSK insertableClientSSK = null;
                String str2 = simpleFieldSet.get("ark.number");
                String str3 = simpleFieldSet.get("ark.privURI");
                if (str3 != null) {
                    try {
                        insertableClientSSK = InsertableClientSSK.create(new FreenetURI(str3));
                        if (str2 == null) {
                            insertableClientSSK = null;
                            this.myARKNumber = 0L;
                        } else {
                            try {
                                this.myARKNumber = Long.parseLong(str2);
                            } catch (NumberFormatException e) {
                                this.myARKNumber = 0L;
                                insertableClientSSK = null;
                            }
                        }
                    } catch (MalformedURLException e2) {
                        Logger.minor(this, "Caught " + e2, e2);
                        insertableClientSSK = null;
                    }
                }
                if (insertableClientSSK == null) {
                    insertableClientSSK = InsertableClientSSK.createRandom(this.random, "ark");
                    this.myARKNumber = 0L;
                }
                this.myARK = insertableClientSSK;
                String str4 = simpleFieldSet.get("clientNonce");
                if (str4 == null) {
                    this.clientNonce = new byte[32];
                    this.node.random.nextBytes(this.clientNonce);
                } else {
                    try {
                        this.clientNonce = Base64.decode(str4);
                    } catch (IllegalBase64Exception e3) {
                        throw new IOException("Invalid clientNonce field: " + e3);
                    }
                }
            } catch (FSParseException e4) {
                Logger.error(this, "Caught " + e4, e4);
                throw new IOException(e4.toString());
            } catch (IllegalBase64Exception e5) {
                Logger.error(this, "Caught " + e5, e5);
                throw new IOException(e5.toString());
            }
        } catch (IllegalBase64Exception e6) {
            throw new IOException();
        }
    }

    public void initCrypto() {
        this.myIdentity = new byte[32];
        this.random.nextBytes(this.myIdentity);
        MessageDigest messageDigest = SHA256.getMessageDigest();
        this.identityHash = messageDigest.digest(this.myIdentity);
        this.identityHashHash = messageDigest.digest(this.identityHash);
        this.cryptoGroup = Global.DSAgroupBigA;
        this.privKey = new DSAPrivateKey(this.cryptoGroup, this.random);
        this.pubKey = new DSAPublicKey(this.cryptoGroup, this.privKey);
        this.myARK = InsertableClientSSK.createRandom(this.random, "ark");
        this.myARKNumber = 0L;
        SHA256.returnMessageDigest(messageDigest);
        this.anonSetupCipher.initialize(this.identityHash);
        this.clientNonce = new byte[32];
        this.node.random.nextBytes(this.clientNonce);
        this.pubKeyHash = SHA256.digest(this.pubKey.asBytes());
        this.pubKeyHashHash = SHA256.digest(this.pubKeyHash);
    }

    public void start() {
        this.socket.calculateMaxPacketSize();
        this.socket.setLowLevelFilter(new IncomingPacketFilterImpl(this.packetMangler, this.node, this));
        this.packetMangler.start();
        this.socket.start();
    }

    public SimpleFieldSet exportPrivateFieldSet() {
        SimpleFieldSet exportPublicFieldSet = exportPublicFieldSet(false, false, false);
        addPrivateFields(exportPublicFieldSet);
        return exportPublicFieldSet;
    }

    public SimpleFieldSet exportPublicFieldSet() {
        return exportPublicFieldSet(false, false, false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SimpleFieldSet exportPublicFieldSet(boolean z, boolean z2, boolean z3) {
        Peer[] detectPrimaryPeers;
        SimpleFieldSet exportPublicCryptoFieldSet = exportPublicCryptoFieldSet(z || z3, z2);
        if (!z2 && !z && (detectPrimaryPeers = this.detector.detectPrimaryPeers()) != null) {
            for (Peer peer : detectPrimaryPeers) {
                exportPublicCryptoFieldSet.putAppend("physical.udp", peer.toString());
            }
        }
        exportPublicCryptoFieldSet.putSingle("version", Version.getVersionString());
        if (!z2) {
            exportPublicCryptoFieldSet.putSingle("lastGoodVersion", Version.getLastGoodVersionString());
        }
        Node node = this.node;
        if (Node.isTestnetEnabled()) {
            exportPublicCryptoFieldSet.put("testnet", true);
        }
        if (!this.isOpennet && !z && !z3) {
            exportPublicCryptoFieldSet.putSingle("myName", this.node.getMyName());
        }
        if (!z2) {
            exportPublicCryptoFieldSet.put("opennet", this.isOpennet);
            synchronized (this.referenceSync) {
                if (this.myReferenceSignature == null || this.mySignedReference == null || !this.mySignedReference.equals(exportPublicCryptoFieldSet.toOrderedString())) {
                    this.mySignedReference = exportPublicCryptoFieldSet.toOrderedString();
                    try {
                        this.myReferenceSignature = signRef(this.mySignedReference);
                    } catch (NodeInitException e) {
                        this.node.exit(e.exitCode);
                    }
                }
                exportPublicCryptoFieldSet.putSingle("sig", this.myReferenceSignature.toLongString());
            }
        }
        if (logMINOR) {
            Logger.minor(this, "My reference: " + exportPublicCryptoFieldSet.toOrderedString());
        }
        return exportPublicCryptoFieldSet;
    }

    SimpleFieldSet exportPublicCryptoFieldSet(boolean z, boolean z2) {
        SimpleFieldSet simpleFieldSet = new SimpleFieldSet(true);
        int[] supportedNegTypes = this.packetMangler.supportedNegTypes(true);
        if (!z && !z2) {
            simpleFieldSet.putSingle("identity", Base64.encode(this.myIdentity));
        }
        if (!z) {
            simpleFieldSet.put("dsaGroup", this.cryptoGroup.asFieldSet());
            simpleFieldSet.put("dsaPubKey", this.pubKey.asFieldSet());
        }
        if (!z2) {
            simpleFieldSet.put("auth.negTypes", supportedNegTypes);
            if (!z) {
                simpleFieldSet.put("ark.number", this.myARKNumber);
                simpleFieldSet.putSingle("ark.pubURI", this.myARK.getURI().toString(false, false));
            }
        }
        return simpleFieldSet;
    }

    DSASignature signRef(String str) throws NodeInitException {
        if (logMINOR) {
            Logger.minor(this, "Signing reference:\n" + str);
        }
        try {
            BigInteger bigInteger = new BigInteger(1, SHA256.digest(str.getBytes("UTF-8")));
            if (logMINOR) {
                Logger.minor(this, "m = " + bigInteger.toString(16));
            }
            DSASignature sign = DSA.sign(this.cryptoGroup, this.privKey, bigInteger, this.random);
            if (!logMINOR || DSA.verify(this.pubKey, sign, bigInteger, false)) {
                return sign;
            }
            throw new NodeInitException(NodeInitException.EXIT_EXCEPTION_TO_DEBUG, str);
        } catch (UnsupportedEncodingException e) {
            Logger.error(this, "Error while signing the node identity!" + e, e);
            System.err.println("Error while signing the node identity!" + e);
            e.printStackTrace();
            throw new NodeInitException(NodeInitException.EXIT_CRAPPY_JVM, "Impossible: JVM doesn't support UTF-8");
        }
    }

    private byte[] myCompressedRef(boolean z, boolean z2, boolean z3) {
        int i;
        SimpleFieldSet exportPublicFieldSet = exportPublicFieldSet(z, z2, z3);
        boolean z4 = z2 && Global.DSAgroupBigA.equals(this.cryptoGroup);
        if (z4) {
            exportPublicFieldSet.removeSubset("dsaGroup");
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DeflaterOutputStream deflaterOutputStream = new DeflaterOutputStream(byteArrayOutputStream);
        try {
            try {
                exportPublicFieldSet.writeTo(deflaterOutputStream);
                Closer.close(deflaterOutputStream);
                Closer.close(byteArrayOutputStream);
            } catch (IOException e) {
                Logger.error(this, "IOE :" + e.getMessage(), e);
                Closer.close(deflaterOutputStream);
                Closer.close(byteArrayOutputStream);
            }
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            if (byteArray.length >= 4096) {
                throw new IllegalStateException("We are attempting to send a " + byteArray.length + " bytes big reference!");
            }
            byte[] bArr = new byte[byteArray.length + 1 + (z4 ? 1 : 0)];
            if (z4) {
                int i2 = 0 + 1;
                bArr[0] = 3;
                if (logMINOR) {
                    Logger.minor(this, "We are stripping the group from the reference as it's a known group (groupIndex=1)");
                }
                i = i2 + 1;
                bArr[i2] = (byte) (1 & NodeInitException.EXIT_CRAPPY_JVM);
            } else {
                i = 0 + 1;
                bArr[0] = 1;
            }
            System.arraycopy(byteArray, 0, bArr, i, byteArray.length);
            if (logMINOR) {
                Logger.minor(this, "myCompressedRef(" + z + "," + z2 + ") returning " + bArr.length + " bytes");
            }
            return bArr;
        } catch (Throwable th) {
            Closer.close(deflaterOutputStream);
            Closer.close(byteArrayOutputStream);
            throw th;
        }
    }

    public byte[] myCompressedSetupRef() {
        return myCompressedRef(true, false, false);
    }

    public byte[] myCompressedHeavySetupRef() {
        return myCompressedRef(false, true, false);
    }

    public byte[] myCompressedFullRef() {
        return myCompressedRef(false, false, false);
    }

    void addPrivateFields(SimpleFieldSet simpleFieldSet) {
        simpleFieldSet.put("dsaPrivKey", this.privKey.asFieldSet());
        simpleFieldSet.putSingle("ark.privURI", this.myARK.getInsertURI().toString(false, false));
        if (simpleFieldSet.get(DMT.LOCATION) == null) {
            simpleFieldSet.put(DMT.LOCATION, this.node.lm.getLocation());
        }
        simpleFieldSet.putSingle("clientNonce", Base64.encode(this.clientNonce));
    }

    public int getIdentityHash() {
        return Fields.hashCode(this.identityHash);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DSASignature sign(byte[] bArr) {
        return DSA.sign(this.cryptoGroup, this.privKey, new NativeBigInteger(1, bArr), this.random);
    }

    public void onSetDropProbability(int i) {
        synchronized (this) {
            if (this.socket == null) {
                return;
            }
            this.socket.setDropProbability(i);
        }
    }

    public void stop() {
        this.config.stopping(this);
        this.socket.close();
    }

    public PeerNode[] getPeerNodes() {
        if (this.node.peers == null) {
            return null;
        }
        return this.isOpennet ? this.node.peers.getOpennetAndSeedServerPeers() : this.node.peers.getDarknetPeers();
    }

    public boolean allowConnection(PeerNode peerNode, FreenetInetAddress freenetInetAddress) {
        if (!this.config.oneConnectionPerAddress() || !this.node.peers.anyConnectedPeerHasAddress(freenetInetAddress, peerNode) || this.detector.includes(freenetInetAddress) || !freenetInetAddress.isRealInternetAddress(false, false, false)) {
            return true;
        }
        Logger.normal(this, "Not sending handshake packets to " + freenetInetAddress + " for " + peerNode + " : Same IP address as another node");
        return false;
    }

    public void maybeBootConnection(PeerNode peerNode, FreenetInetAddress freenetInetAddress) {
        ArrayList<PeerNode> allConnectedByAddress;
        if (this.detector.includes(freenetInetAddress) || !freenetInetAddress.isRealInternetAddress(false, false, false) || (allConnectedByAddress = this.node.peers.getAllConnectedByAddress(freenetInetAddress, true)) == null) {
            return;
        }
        Iterator<PeerNode> it = allConnectedByAddress.iterator();
        while (it.hasNext()) {
            PeerNode next = it.next();
            if (next != peerNode && !next.equals(peerNode) && next.crypto.config.oneConnectionPerAddress()) {
                if (next instanceof DarknetPeerNode) {
                    if (peerNode instanceof DarknetPeerNode) {
                        Logger.error(this, "Dropping peer " + next + " because don't want connection due to others on the same IP address!");
                        System.out.println("Disconnecting permanently from your friend \"" + ((DarknetPeerNode) next).getName() + "\" because your friend \"" + ((DarknetPeerNode) peerNode).getName() + "\" is using the same IP address " + freenetInetAddress + "!");
                    }
                }
                this.node.peers.disconnectAndRemove(next, true, true, next.isOpennet());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DSAGroup getCryptoGroup() {
        return this.cryptoGroup;
    }

    public BlockCipher getAnonSetupCipher() {
        return this.anonSetupCipher;
    }

    public PeerNode[] getAnonSetupPeerNodes() {
        ArrayList arrayList = new ArrayList();
        for (PeerNode peerNode : this.node.peers.myPeers) {
            if (peerNode.handshakeUnknownInitiator() && peerNode.getOutgoingMangler() == this.packetMangler) {
                arrayList.add(peerNode);
            }
        }
        return (PeerNode[]) arrayList.toArray(new PeerNode[arrayList.size()]);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setPortForwardingBroken() {
        this.socket.getAddressTracker().setBroken();
    }

    public byte[] getIdentity(boolean z) {
        return z ? this.pubKey.asBytesHash() : this.myIdentity;
    }

    public boolean definitelyPortForwarded() {
        return this.socket.getDetectedConnectivityStatus() == AddressTracker.Status.DEFINITELY_PORT_FORWARDED;
    }

    public AddressTracker.Status getDetectedConnectivityStatus() {
        return this.socket.getDetectedConnectivityStatus();
    }

    public FreenetInetAddress getBindTo() {
        return this.config.getBindTo();
    }

    public long getNodeHandle(ObjectContainer objectContainer) {
        long nextLong;
        HandlePortTuple handlePortTuple;
        if (objectContainer == null) {
            return this.random.nextLong();
        }
        ObjectSet query = objectContainer.query(new Predicate<HandlePortTuple>() { // from class: freenet.node.NodeCrypto.2
            private static final long serialVersionUID = -5442250371745036389L;

            public boolean match(HandlePortTuple handlePortTuple2) {
                return handlePortTuple2.portNumber == NodeCrypto.this.portNumber;
            }
        });
        if (query.hasNext()) {
            long j = ((HandlePortTuple) query.next()).handle;
            System.err.println("Retrieved database handle for node on port " + this.portNumber + ": " + j);
            return j;
        }
        while (true) {
            nextLong = this.random.nextLong();
            handlePortTuple = new HandlePortTuple();
            handlePortTuple.handle = nextLong;
            if (!objectContainer.get(handlePortTuple).hasNext()) {
                break;
            }
            System.err.println("Generating database handle for node: already taken: " + nextLong);
        }
        handlePortTuple.portNumber = this.portNumber;
        objectContainer.store(handlePortTuple);
        objectContainer.commit();
        if (logMINOR) {
            Logger.minor(this, "COMMITTED");
        }
        System.err.println("Generated and stored database handle for node on port " + this.portNumber + ": " + nextLong);
        return nextLong;
    }

    public boolean wantAnonAuth() {
        return this.node.wantAnonAuth(this.isOpennet);
    }

    public boolean wantAnonAuthChangeIP() {
        return this.node.wantAnonAuthChangeIP(this.isOpennet);
    }

    static {
        Logger.registerLogThresholdCallback(new LogThresholdCallback() { // from class: freenet.node.NodeCrypto.1
            @Override // freenet.support.LogThresholdCallback
            public void shouldUpdate() {
                boolean unused = NodeCrypto.logMINOR = Logger.shouldLog(Logger.LogLevel.MINOR, this);
            }
        });
    }
}
