package org.bdware.doip.endpoint.doipServer;

import io.netty.channel.ChannelHandler;
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.SimpleChannelInboundHandler;
import io.netty.handler.ssl.SslHandler;
import javax.net.ssl.SSLSession;
import javax.security.cert.X509Certificate;
import org.apache.log4j.Logger;
import org.bdware.doip.core.crypto.CertUtils;
import org.bdware.doip.core.crypto.GlobalCertifications;
import org.bdware.doip.core.doipMessage.DoipMessage;
import org.bdware.doip.core.doipMessage.DoipMessageFactory;
import org.bdware.doip.core.doipMessage.DoipResponseCode;

@ChannelHandler.Sharable
/* loaded from: input_file:org/bdware/doip/endpoint/doipServer/NettyServerHandler.class */
public class NettyServerHandler extends SimpleChannelInboundHandler<DoipMessage> {
    static Logger logger = Logger.getLogger(NettyServerHandler.class);
    protected DoipRequestHandler requestHandler;

    public NettyServerHandler(DoipRequestHandler doipRequestHandler) {
        this.requestHandler = doipRequestHandler;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // io.netty.channel.SimpleChannelInboundHandler
    public void channelRead0(ChannelHandlerContext channelHandlerContext, DoipMessage doipMessage) {
        if (doipMessage.header.parameters == null || doipMessage.header.parameters.operation == null) {
            replyStringWithStatus(channelHandlerContext, doipMessage, "invalid request", DoipResponseCode.Invalid);
            return;
        }
        if (doipMessage.header.isCertified()) {
            try {
                if (!GlobalCertifications.verifyDoipMessage(doipMessage)) {
                    logger.warn("verification failed");
                    return;
                }
            } catch (Exception e) {
                e.printStackTrace();
                return;
            }
        }
        if (doipMessage.credential != null) {
            logger.debug("[Caller] client ID: " + doipMessage.credential.getSigner());
        } else {
            logger.debug("[Caller] client ID: " + GlobalCertifications.getUserIDByContext(channelHandlerContext));
        }
        DoipMessage onRequest = this.requestHandler.onRequest(doipMessage);
        if (onRequest != null) {
            sendResponse(channelHandlerContext, onRequest);
        } else {
            defaultHandler(channelHandlerContext, doipMessage);
        }
    }

    @Override // io.netty.channel.ChannelInboundHandlerAdapter, io.netty.channel.ChannelInboundHandler
    public void channelActive(ChannelHandlerContext channelHandlerContext) {
        if (channelHandlerContext.pipeline().get(SslHandler.class) != null) {
            ((SslHandler) channelHandlerContext.pipeline().get(SslHandler.class)).handshakeFuture().addListener2(future -> {
                if (!future.isSuccess()) {
                    logger.info("TLS connection established failed");
                    return;
                }
                logger.info("TLS connection established");
                SSLSession session = ((SslHandler) channelHandlerContext.pipeline().get(SslHandler.class)).engine().getSession();
                if (GlobalCertifications.needAuthentication) {
                    X509Certificate x509Certificate = session.getPeerCertificateChain()[0];
                    logger.debug("PublicKey:" + CertUtils.encodeKey(x509Certificate.getPublicKey()));
                    logger.debug("Certification Owner:" + x509Certificate.getSubjectDN().getName());
                    logger.debug("Certification Issuer:" + x509Certificate.getIssuerDN().getName());
                    logger.debug("Sign Algorithm:" + x509Certificate.getSigAlgName());
                }
            });
        }
    }

    public void defaultHandler(ChannelHandlerContext channelHandlerContext, DoipMessage doipMessage) {
        replyStringWithStatus(channelHandlerContext, doipMessage, "Unsupported Operation!", DoipResponseCode.Declined);
    }

    protected void replyStringWithStatus(ChannelHandlerContext channelHandlerContext, DoipMessage doipMessage, String str, DoipResponseCode doipResponseCode) {
        sendResponse(channelHandlerContext, new DoipMessageFactory.DoipMessageBuilder().createResponse(doipResponseCode, doipMessage).setBody(str.getBytes()).create());
    }

    public void sendResponse(ChannelHandlerContext channelHandlerContext, DoipMessage doipMessage) {
        if (doipMessage.header.isCertified()) {
            try {
                GlobalCertifications.signDoipMessage(doipMessage);
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        channelHandlerContext.writeAndFlush(doipMessage);
    }
}
