package de.bsvrz.puk.config.main.authentication;

import de.bsvrz.dav.daf.communication.lowLevel.telegrams.SrpAnswer;
import de.bsvrz.dav.daf.communication.lowLevel.telegrams.SrpValidateAnswer;
import de.bsvrz.dav.daf.communication.lowLevel.telegrams.SrpValidateRequest;
import de.bsvrz.dav.daf.communication.srpAuthentication.SrpCryptoParameter;
import de.bsvrz.dav.daf.communication.srpAuthentication.SrpServerAuthentication;
import de.bsvrz.dav.daf.communication.srpAuthentication.SrpTelegramEncryption;
import de.bsvrz.dav.daf.communication.srpAuthentication.SrpUtilities;
import de.bsvrz.dav.daf.communication.srpAuthentication.SrpVerifierAndUser;
import de.bsvrz.dav.daf.main.config.ConfigurationTaskException;
import de.bsvrz.dav.daf.main.impl.config.request.RequestException;
import de.bsvrz.dav.daf.main.impl.config.request.UserAdministrationQuery;
import de.bsvrz.dav.daf.util.Throttler;
import de.bsvrz.sys.funclib.dataSerializer.NoSuchVersionException;
import de.bsvrz.sys.funclib.dataSerializer.Serializer;
import de.bsvrz.sys.funclib.dataSerializer.SerializingFactory;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.time.Duration;
import java.util.ArrayList;

/* loaded from: input_file:de/bsvrz/puk/config/main/authentication/SrpUserAdministrationReceiver.class */
public final class SrpUserAdministrationReceiver {
    private static final Throttler _throttle = new Throttler(Duration.ofSeconds(1), Duration.ofSeconds(5));
    private final Authentication _authentication;
    private SrpServerAuthentication _srpServerAuthentication;
    private SrpTelegramEncryption _encryption;
    private String _authenticatedUser;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: de.bsvrz.puk.config.main.authentication.SrpUserAdministrationReceiver$1, reason: invalid class name */
    /* loaded from: input_file:de/bsvrz/puk/config/main/authentication/SrpUserAdministrationReceiver$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$de$bsvrz$dav$daf$main$impl$config$request$UserAdministrationQuery = new int[UserAdministrationQuery.values().length];

        static {
            try {
                $SwitchMap$de$bsvrz$dav$daf$main$impl$config$request$UserAdministrationQuery[UserAdministrationQuery.IsUserValid.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$de$bsvrz$dav$daf$main$impl$config$request$UserAdministrationQuery[UserAdministrationQuery.IsUserAdmin.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$de$bsvrz$dav$daf$main$impl$config$request$UserAdministrationQuery[UserAdministrationQuery.ClearSingleServingPasswords.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$de$bsvrz$dav$daf$main$impl$config$request$UserAdministrationQuery[UserAdministrationQuery.DeleteUser.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$de$bsvrz$dav$daf$main$impl$config$request$UserAdministrationQuery[UserAdministrationQuery.GetOneTimePasswordCount.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$de$bsvrz$dav$daf$main$impl$config$request$UserAdministrationQuery[UserAdministrationQuery.GetOneTimePasswordIDs.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$de$bsvrz$dav$daf$main$impl$config$request$UserAdministrationQuery[UserAdministrationQuery.ChangeUserPassword.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$de$bsvrz$dav$daf$main$impl$config$request$UserAdministrationQuery[UserAdministrationQuery.ChangeUserName.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$de$bsvrz$dav$daf$main$impl$config$request$UserAdministrationQuery[UserAdministrationQuery.DisableOneTimePassword.ordinal()] = 9;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$de$bsvrz$dav$daf$main$impl$config$request$UserAdministrationQuery[UserAdministrationQuery.SetOneTimePasswords.ordinal()] = 10;
            } catch (NoSuchFieldError e10) {
            }
            try {
                $SwitchMap$de$bsvrz$dav$daf$main$impl$config$request$UserAdministrationQuery[UserAdministrationQuery.GetSrpVerifier.ordinal()] = 11;
            } catch (NoSuchFieldError e11) {
            }
            try {
                $SwitchMap$de$bsvrz$dav$daf$main$impl$config$request$UserAdministrationQuery[UserAdministrationQuery.CreateNewUser.ordinal()] = 12;
            } catch (NoSuchFieldError e12) {
            }
            try {
                $SwitchMap$de$bsvrz$dav$daf$main$impl$config$request$UserAdministrationQuery[UserAdministrationQuery.ChangeUserRights.ordinal()] = 13;
            } catch (NoSuchFieldError e13) {
            }
        }
    }

    public SrpUserAdministrationReceiver(Authentication authentication) {
        this._authentication = authentication;
    }

    public void processTask(Serializer serializer, byte[] bArr) throws ConfigurationTaskException, RequestException {
        try {
            if (this._encryption == null) {
                throw new IllegalStateException("Ungültige Telegrammabfolge, Authentifizierung fehlt");
            }
            DataInputStream dataInputStream = new DataInputStream(new ByteArrayInputStream(this._encryption.decrypt(bArr)));
            try {
                String readUTF = dataInputStream.readUTF();
                try {
                    UserAdministrationQuery valueOf = UserAdministrationQuery.valueOf(readUTF);
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    processQuery(valueOf, dataInputStream, new DataOutputStream(byteArrayOutputStream));
                    serializer.writeBytes(this._encryption.encrypt(byteArrayOutputStream.toByteArray()));
                    dataInputStream.close();
                } catch (IllegalArgumentException e) {
                    throw new ConfigurationTaskException("Unbekannte Benutzerverwaltungs-Anfrage: " + readUTF + ". Vielleicht sollte die Konfiguration aktualisiert werden?", e);
                }
            } finally {
            }
        } catch (IOException e2) {
            throw new ConfigurationTaskException(e2);
        }
    }

    private void processQuery(UserAdministrationQuery userAdministrationQuery, DataInputStream dataInputStream, DataOutputStream dataOutputStream) throws IOException, ConfigurationTaskException, RequestException {
        switch (AnonymousClass1.$SwitchMap$de$bsvrz$dav$daf$main$impl$config$request$UserAdministrationQuery[userAdministrationQuery.ordinal()]) {
            case 1:
                dataOutputStream.writeByte(this._authentication.isUser(dataInputStream.readUTF()) ? 1 : 0);
                return;
            case 2:
                dataOutputStream.writeByte(this._authentication.isUserAdmin(this._authenticatedUser, dataInputStream.readUTF()) ? 1 : 0);
                return;
            case 3:
                this._authentication.clearSingleServingPasswords(this._authenticatedUser, dataInputStream.readUTF());
                return;
            case 4:
                this._authentication.deleteUser(this._authenticatedUser, dataInputStream.readUTF());
                return;
            case 5:
                dataOutputStream.writeInt(this._authentication.countRemainingSingleServingPasswords(this._authenticatedUser, dataInputStream.readUTF()));
                return;
            case 6:
                int[] remainingSingleServingPasswordIDs = this._authentication.getRemainingSingleServingPasswordIDs(this._authenticatedUser, dataInputStream.readUTF());
                dataOutputStream.writeInt(remainingSingleServingPasswordIDs.length);
                for (int i : remainingSingleServingPasswordIDs) {
                    dataOutputStream.writeInt(i);
                }
                return;
            case 7:
                this._authentication.changeUserPassword(this._authenticatedUser, dataInputStream.readUTF(), dataInputStream.readUTF());
                return;
            case 8:
                this._authentication.changeUserName(this._authenticatedUser, dataInputStream.readUTF(), dataInputStream.readUTF(), dataInputStream.readUTF());
                return;
            case 9:
                this._authentication.disableSingleServingPassword(this._authenticatedUser, dataInputStream.readUTF(), dataInputStream.readInt());
                return;
            case 10:
                String readUTF = dataInputStream.readUTF();
                boolean readBoolean = dataInputStream.readBoolean();
                int readInt = dataInputStream.readInt();
                ArrayList arrayList = new ArrayList(readInt);
                for (int i2 = 0; i2 < readInt; i2++) {
                    arrayList.add(dataInputStream.readUTF());
                }
                dataOutputStream.writeInt(this._authentication.setOneTimePasswords(this._authenticatedUser, readUTF, arrayList, readBoolean));
                return;
            case 11:
                SrpVerifierAndUser srpVerifierData = this._authentication.getSrpVerifierData(this._authenticatedUser, dataInputStream.readUTF(), dataInputStream.readInt());
                dataOutputStream.writeLong(srpVerifierData.getUserLogin().toLong());
                dataOutputStream.writeUTF(srpVerifierData.getVerifier().toString());
                dataOutputStream.writeBoolean(srpVerifierData.isPlainTextPassword());
                return;
            case 12:
                try {
                    this._authentication.createNewUser(this._authenticatedUser, SerializingFactory.createDeserializer(2, dataInputStream));
                    return;
                } catch (NoSuchVersionException e) {
                    throw new IOException((Throwable) e);
                }
            case 13:
                this._authentication.changeUserRights(this._authenticatedUser, dataInputStream.readUTF(), dataInputStream.readBoolean());
                return;
            default:
                throw new AssertionError("Unbekannte Anfrage: " + userAdministrationQuery);
        }
    }

    public void processSrpRequest(Serializer serializer, String str) throws ConfigurationTaskException {
        SrpVerifierAndUser srpVerifierData = this._authentication.getSrpVerifierData(str, str, -1);
        SrpCryptoParameter srpCryptoParameter = srpVerifierData.getVerifier().getSrpCryptoParameter();
        this._srpServerAuthentication = new SrpServerAuthentication(srpCryptoParameter);
        try {
            SrpAnswer srpAnswer = new SrpAnswer(this._srpServerAuthentication.step1(str, srpVerifierData.getVerifier().getSalt(), srpVerifierData.getVerifier().getVerifier(), !srpVerifierData.getUserLogin().isAuthenticated()), srpVerifierData.getVerifier().getSalt(), srpCryptoParameter);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            srpAnswer.write(new DataOutputStream(byteArrayOutputStream));
            serializer.writeBytes(byteArrayOutputStream.toByteArray());
        } catch (IOException e) {
            throw new ConfigurationTaskException(e);
        }
    }

    public void processValidateRequest(Serializer serializer, byte[] bArr) throws ConfigurationTaskException {
        try {
            if (this._srpServerAuthentication == null) {
                throw new IllegalStateException("Ungültige Telegrammabfolge, SrpRequest fehlt");
            }
            SrpValidateRequest srpValidateRequest = new SrpValidateRequest();
            srpValidateRequest.read(new DataInputStream(new ByteArrayInputStream(bArr)));
            BigInteger step2 = this._srpServerAuthentication.step2(srpValidateRequest.getA(), srpValidateRequest.getM1());
            _throttle.trigger(false);
            this._authenticatedUser = this._srpServerAuthentication.getAuthenticatedUser();
            this._encryption = new SrpTelegramEncryption(SrpUtilities.bigIntegerToBytes(this._srpServerAuthentication.getSessionKey()), false, this._srpServerAuthentication.getSrpCryptoParams());
            SrpValidateAnswer srpValidateAnswer = new SrpValidateAnswer(step2);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            srpValidateAnswer.write(new DataOutputStream(byteArrayOutputStream));
            serializer.writeBytes(byteArrayOutputStream.toByteArray());
        } catch (Exception e) {
            _throttle.trigger(true);
            throw new ConfigurationTaskException(e.getMessage(), e);
        }
    }
}
