package org.eclipse.californium.scandium.dtls;

import java.security.MessageDigest;
import java.util.concurrent.ScheduledExecutorService;
import org.eclipse.californium.elements.util.NoPublicAPI;
import org.eclipse.californium.scandium.config.DtlsConnectorConfig;
import org.eclipse.californium.scandium.dtls.AlertMessage;
import org.eclipse.californium.scandium.dtls.cipher.CipherSuite;
import org.eclipse.californium.scandium.util.SecretUtil;

@NoPublicAPI
/* loaded from: input_file:org/eclipse/californium/scandium/dtls/ResumingClientHandshaker.class */
public class ResumingClientHandshaker extends ClientHandshaker {
    private static final HandshakeState[] ABBREVIATED_HANDSHAKE = {new HandshakeState(ContentType.CHANGE_CIPHER_SPEC), new HandshakeState(HandshakeType.FINISHED)};
    private boolean fullHandshake;

    public ResumingClientHandshaker(DTLSSession dTLSSession, RecordLayer recordLayer, ScheduledExecutorService scheduledExecutorService, Connection connection, DtlsConnectorConfig dtlsConnectorConfig, boolean z) {
        super(null, recordLayer, scheduledExecutorService, connection, dtlsConnectorConfig, z);
        this.fullHandshake = false;
        SessionId sessionIdentifier = dTLSSession.getSessionIdentifier();
        if (sessionIdentifier == null || sessionIdentifier.isEmpty()) {
            throw new IllegalArgumentException("Session must contain the ID of the session to resume");
        }
        getSession().set(dTLSSession);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.eclipse.californium.scandium.dtls.ClientHandshaker, org.eclipse.californium.scandium.dtls.Handshaker
    public void doProcessMessage(HandshakeMessage handshakeMessage) throws HandshakeException {
        if (this.fullHandshake) {
            super.doProcessMessage(handshakeMessage);
            return;
        }
        switch (handshakeMessage.getMessageType()) {
            case HELLO_VERIFY_REQUEST:
                receivedHelloVerifyRequest((HelloVerifyRequest) handshakeMessage);
                return;
            case SERVER_HELLO:
                receivedServerHello((ServerHello) handshakeMessage);
                return;
            case FINISHED:
                receivedServerFinished((Finished) handshakeMessage);
                return;
            default:
                throw new HandshakeException(String.format("Received unexpected handshake message [%s] from peer %s", handshakeMessage.getMessageType(), this.peerToLog), new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.UNEXPECTED_MESSAGE));
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.eclipse.californium.scandium.dtls.ClientHandshaker
    public void receivedServerHello(ServerHello serverHello) throws HandshakeException {
        DTLSSession session = getSession();
        if (!session.getSessionIdentifier().equals(serverHello.getSessionId())) {
            this.LOGGER.debug("Server [{}] refuses to resume session [{}], performing full handshake instead...", this.peerToLog, session.getSessionIdentifier());
            this.fullHandshake = true;
            SecretUtil.destroy(session);
            super.receivedServerHello(serverHello);
            return;
        }
        if (!serverHello.getCompressionMethod().equals(session.getCompressionMethod())) {
            throw new HandshakeException("Server wants to change compression method in resumed session", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.ILLEGAL_PARAMETER));
        }
        if (!serverHello.getCipherSuite().equals(session.getCipherSuite())) {
            throw new HandshakeException("Server wants to change cipher suite in resumed session", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.ILLEGAL_PARAMETER));
        }
        if (session.useExtendedMasterSecret() && !serverHello.hasExtendedMasterSecretExtension()) {
            throw new HandshakeException("Server wants to change extended master secret in resumed session", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.ILLEGAL_PARAMETER));
        }
        if (!session.getProtocolVersion().equals(serverHello.getProtocolVersion())) {
            throw new HandshakeException("Server wants to change protocol version in resumed session", new AlertMessage(AlertMessage.AlertLevel.FATAL, AlertMessage.AlertDescription.ILLEGAL_PARAMETER));
        }
        verifyServerHelloExtensions(serverHello);
        this.serverRandom = serverHello.getRandom();
        if (supportsConnectionId()) {
            receivedConnectionIdExtension(serverHello.getConnectionIdExtension());
        }
        setExpectedStates(ABBREVIATED_HANDSHAKE);
        expectChangeCipherSpecMessage();
        resumeMasterSecret();
    }

    private void receivedServerFinished(Finished finished) throws HandshakeException {
        this.flightNumber += 2;
        DTLSFlight createFlight = createFlight();
        MessageDigest handshakeMessageDigest = getHandshakeMessageDigest();
        MessageDigest cloneMessageDigest = cloneMessageDigest(handshakeMessageDigest);
        verifyFinished(finished, handshakeMessageDigest.digest());
        wrapMessage(createFlight, new ChangeCipherSpecMessage());
        setCurrentWriteState();
        cloneMessageDigest.update(finished.toByteArray());
        wrapMessage(createFlight, createFinishedMessage(cloneMessageDigest.digest()));
        sendLastFlight(createFlight);
        contextEstablished();
    }

    @Override // org.eclipse.californium.scandium.dtls.ClientHandshaker
    public void startHandshake() throws HandshakeException {
        handshakeStarted();
        DTLSSession session = getSession();
        ClientHello clientHello = new ClientHello(ProtocolVersion.VERSION_DTLS_1_2, session, this.supportedSignatureAlgorithms, this.supportedClientCertificateTypes, this.supportedServerCertificateTypes, this.supportedGroups);
        if (CipherSuite.containsEccBasedCipherSuite(clientHello.getCipherSuites())) {
            expectEcc();
        }
        this.clientRandom = clientHello.getRandom();
        if (session.useExtendedMasterSecret()) {
            clientHello.addExtension(ExtendedMasterSecretExtension.INSTANCE);
        }
        addConnectionId(clientHello);
        addRecordSizeLimit(clientHello);
        addMaxFragmentLength(clientHello);
        addServerNameIndication(clientHello);
        this.clientHello = clientHello;
        this.flightNumber = 1;
        DTLSFlight createFlight = createFlight();
        wrapMessage(createFlight, clientHello);
        sendFlight(createFlight);
        setExpectedStates(INIT);
    }
}
