package pl.skidam.automodpack_core.protocol;

import com.github.luben.zstd.Zstd;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.nio.file.Path;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Base64;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CompletionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.atomic.AtomicBoolean;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import pl.skidam.automodpack_core.GlobalVariables;
import pl.skidam.automodpack_core.auth.Secrets;
import pl.skidam.automodpack_core.callbacks.IntCallback;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: DownloadClient.java */
/* loaded from: input_file:pl/skidam/automodpack_core/protocol/Connection.class */
public class Connection {
    private static final byte PROTOCOL_VERSION = 1;
    private final boolean useCompression;
    private final byte[] secretBytes;
    private final SSLSocket socket;
    private final DataInputStream in;
    private final DataOutputStream out;
    private final ExecutorService executor = Executors.newSingleThreadExecutor();
    private final AtomicBoolean busy = new AtomicBoolean(false);

    public boolean isActive() {
        return !this.socket.isClosed();
    }

    public Connection(InetSocketAddress inetSocketAddress, Secrets.Secret secret) throws Exception {
        try {
            GlobalVariables.LOGGER.debug("Initializing connection to: {}", inetSocketAddress.getHostString());
            Socket socket = new Socket();
            socket.connect(inetSocketAddress, 15000);
            socket.setSoTimeout(15000);
            DataOutputStream dataOutputStream = new DataOutputStream(socket.getOutputStream());
            DataInputStream dataInputStream = new DataInputStream(socket.getInputStream());
            dataOutputStream.writeInt(NetUtils.MAGIC_AMMC);
            dataOutputStream.flush();
            int readInt = dataInputStream.readInt();
            if (readInt != 1095585611) {
                socket.close();
                throw new IOException("Invalid handshake response from server: " + readInt);
            }
            SSLSocket sSLSocket = (SSLSocket) createSSLContext().getSocketFactory().createSocket(socket, inetSocketAddress.getHostName(), inetSocketAddress.getPort(), true);
            sSLSocket.setEnabledProtocols(new String[]{"TLSv1.3"});
            sSLSocket.setEnabledCipherSuites(new String[]{"TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256"});
            sSLSocket.startHandshake();
            Certificate[] peerCertificates = sSLSocket.getSession().getPeerCertificates();
            if (peerCertificates == null || peerCertificates.length == 0 || peerCertificates.length > 3) {
                sSLSocket.close();
                throw new IOException("Invalid server certificate chain");
            }
            boolean z = false;
            int length = peerCertificates.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                Certificate certificate = peerCertificates[i];
                if ((certificate instanceof X509Certificate) && NetUtils.getFingerprint((X509Certificate) certificate, secret.secret()).equals(secret.fingerprint())) {
                    z = true;
                    break;
                }
                i++;
            }
            if (!z) {
                sSLSocket.close();
                throw new IOException("Server certificate validation failed");
            }
            this.useCompression = true;
            this.secretBytes = Base64.getUrlDecoder().decode(secret.secret());
            this.socket = sSLSocket;
            this.in = new DataInputStream(sSLSocket.getInputStream());
            this.out = new DataOutputStream(sSLSocket.getOutputStream());
            GlobalVariables.LOGGER.debug("Connection established with: {}", inetSocketAddress.getHostString());
        } catch (Exception e) {
            throw new IOException("Failed to establish connection", e);
        }
    }

    public boolean isBusy() {
        return this.busy.get();
    }

    public void setBusy(boolean z) {
        this.busy.set(z);
    }

    public CompletableFuture<Path> sendDownloadFile(byte[] bArr, Path path, IntCallback intCallback) {
        if (path == null) {
            throw new IllegalArgumentException("Destination cannot be null");
        }
        return CompletableFuture.supplyAsync(() -> {
            Exception exc = null;
            try {
                try {
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
                    dataOutputStream.writeByte(1);
                    dataOutputStream.writeByte(1);
                    dataOutputStream.write(this.secretBytes);
                    dataOutputStream.writeInt(bArr.length);
                    dataOutputStream.write(bArr);
                    dataOutputStream.flush();
                    writeProtocolMessage(byteArrayOutputStream.toByteArray());
                    Path readFileResponse = readFileResponse(path, intCallback);
                    finalBlock(null);
                    return readFileResponse;
                } catch (Exception e) {
                    exc = e;
                    throw new CompletionException(e);
                }
            } catch (Throwable th) {
                finalBlock(exc);
                throw th;
            }
        }, this.executor);
    }

    public CompletableFuture<Path> sendRefreshRequest(byte[][] bArr, Path path) {
        return CompletableFuture.supplyAsync(() -> {
            try {
                try {
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
                    dataOutputStream.writeByte(1);
                    dataOutputStream.writeByte(3);
                    dataOutputStream.write(this.secretBytes);
                    dataOutputStream.writeInt(bArr.length);
                    if (bArr.length > 0) {
                        dataOutputStream.writeInt(bArr[0].length);
                        for (byte[] bArr2 : bArr) {
                            dataOutputStream.write(bArr2);
                        }
                    }
                    dataOutputStream.flush();
                    writeProtocolMessage(byteArrayOutputStream.toByteArray());
                    Path readFileResponse = readFileResponse(path, null);
                    finalBlock(null);
                    return readFileResponse;
                } catch (Exception e) {
                    throw new CompletionException(e);
                }
            } catch (Throwable th) {
                finalBlock(null);
                throw th;
            }
        }, this.executor);
    }

    private void finalBlock(Exception exc) {
        while (this.in.available() > 0) {
            try {
                try {
                    this.in.skipBytes(this.in.available());
                } catch (IOException e) {
                    if (exc == null) {
                        exc = e;
                        throw new CompletionException(e);
                    }
                    if (exc == null) {
                        setBusy(false);
                        return;
                    }
                    return;
                }
            } catch (Throwable th) {
                if (exc == null) {
                    setBusy(false);
                }
                throw th;
            }
        }
        if (exc == null) {
            setBusy(false);
        }
    }

    private void writeProtocolMessage(byte[] bArr) throws IOException {
        if (this.useCompression) {
            byte[] compress = Zstd.compress(bArr);
            this.out.writeInt(compress.length);
            this.out.writeInt(bArr.length);
            this.out.write(compress);
        } else {
            this.out.writeInt(bArr.length);
            this.out.write(bArr);
        }
        this.out.flush();
    }

    private byte[] readProtocolMessageFrame() throws IOException {
        if (!this.useCompression) {
            byte[] bArr = new byte[this.in.readInt()];
            this.in.readFully(bArr);
            return bArr;
        }
        int readInt = this.in.readInt();
        int readInt2 = this.in.readInt();
        byte[] bArr2 = new byte[readInt];
        this.in.readFully(bArr2);
        byte[] decompress = Zstd.decompress(bArr2, readInt2);
        if (decompress.length != readInt2) {
            throw new IOException("Decompressed length does not match original length");
        }
        return decompress;
    }

    private Path readFileResponse(Path path, IntCallback intCallback) throws IOException {
        DataInputStream dataInputStream = new DataInputStream(new ByteArrayInputStream(readProtocolMessageFrame()));
        try {
            byte readByte = dataInputStream.readByte();
            byte readByte2 = dataInputStream.readByte();
            if (readByte2 == 5) {
                byte[] bArr = new byte[dataInputStream.readInt()];
                dataInputStream.readFully(bArr);
                throw new IOException("Server error: " + new String(bArr));
            }
            long j = 0;
            FileOutputStream fileOutputStream = new FileOutputStream(path.toFile());
            if (readByte2 == 4) {
                fileOutputStream.close();
                dataInputStream.close();
                return path;
            }
            if (readByte2 != 2) {
                fileOutputStream.close();
                throw new IOException("Unexpected message type: " + readByte2);
            }
            long readLong = dataInputStream.readLong();
            while (j < readLong) {
                byte[] readProtocolMessageFrame = readProtocolMessageFrame();
                int min = Math.min(readProtocolMessageFrame.length, (int) (readLong - j));
                fileOutputStream.write(readProtocolMessageFrame, 0, min);
                j += min;
                if (intCallback != null) {
                    intCallback.run(min);
                }
            }
            fileOutputStream.close();
            DataInputStream dataInputStream2 = new DataInputStream(new ByteArrayInputStream(readProtocolMessageFrame()));
            try {
                byte readByte3 = dataInputStream2.readByte();
                byte readByte4 = dataInputStream2.readByte();
                if (readByte3 != readByte || readByte4 != 4) {
                    throw new IOException("Invalid end-of-transmission marker. Expected version " + readByte + " and type 4, got version " + readByte3 + " and type " + readByte4);
                }
                dataInputStream2.close();
                dataInputStream.close();
                return path;
            } finally {
            }
        } catch (Throwable th) {
            try {
                dataInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public void close() {
        try {
            this.socket.close();
        } catch (Exception e) {
        }
        this.executor.shutdownNow();
    }

    private SSLContext createSSLContext() throws Exception {
        SSLContext sSLContext = SSLContext.getInstance("TLSv1.3");
        sSLContext.init(null, new TrustManager[]{new X509TrustManager() { // from class: pl.skidam.automodpack_core.protocol.Connection.1
            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            }
        }}, new SecureRandom());
        return sSLContext;
    }
}
