package oracle.net.nt;

import java.io.IOException;
import java.io.InterruptedIOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.nio.channels.SocketChannel;
import java.security.cert.X509Certificate;
import java.util.Properties;
import java.util.concurrent.CompletionStage;
import java.util.concurrent.Executor;
import java.util.function.Consumer;
import java.util.logging.Level;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import oracle.jdbc.OracleConnectionStringBuilder;
import oracle.jdbc.SecurityInformation;
import oracle.jdbc.diagnostics.Diagnosable;
import oracle.jdbc.diagnostics.SecurityLabel;
import oracle.jdbc.driver.DMSFactory;
import oracle.jdbc.internal.CompletionStageUtil;
import oracle.jdbc.internal.OpaqueString;
import oracle.jdbc.logging.annotations.Blind;
import oracle.jdbc.logging.annotations.PropertiesBlinder;
import oracle.net.jdbc.nl.NLException;
import oracle.net.ns.NetException;
import oracle.net.nt.NTAdapter;

/* loaded from: input_file:oracle/net/nt/TcpsNTAdapter.class */
public class TcpsNTAdapter extends TcpNTAdapter {
    private static final String CLASS_NAME;
    private static final int SSL_CERT_SAN_TYPE_DNS_NAME = 2;
    private static final int SSL_CERT_SAN_TYPE_IP_ADDR = 7;
    private String dnToMatch;
    private SecurityInformation.DNMatchStatus dnMatchStatus;
    private String hostNameForDNMatch;
    private String serviceNameForDNMatch;
    SSLSocketFactory l_sslSockFac;
    Socket underlyingSocket;
    SocketChannel underlyingSocketChannel;
    SSLSocket socketWithListener;
    SSLEngine l_sslEngine;
    private String webSocketURI;
    private SSLContext sslContext;
    private final DNVerifier dnVerifier;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:oracle/net/nt/TcpsNTAdapter$AsyncHandshakeException.class */
    public static class AsyncHandshakeException extends IOException {
        AsyncHandshakeException(IOException iOException) {
            super(iOException);
        }
    }

    public TcpsNTAdapter(String str, @Blind(PropertiesBlinder.class) Properties properties, Diagnosable diagnosable, ConnOption connOption) throws NLException, IOException {
        super(str, properties, diagnosable, connOption);
        this.dnMatchStatus = SecurityInformation.DNMatchStatus.NOT_VERIFIED;
        this.hostNameForDNMatch = null;
        this.serviceNameForDNMatch = null;
        this.underlyingSocket = null;
        this.underlyingSocketChannel = null;
        this.webSocketURI = "/sqlnet";
        this.hostNameForDNMatch = this.host;
        this.dnVerifier = new DNVerifier(connOption, Boolean.valueOf((String) getOption(106)).booleanValue(), diagnosable);
        if (this.useNio.booleanValue() && OracleConnectionStringBuilder.PROTOCOL_WSS.equalsIgnoreCase(this.protocol) && connOption.webSocketUri != null) {
            this.webSocketURI = connOption.webSocketUri;
        }
    }

    @Override // oracle.net.nt.TcpNTAdapter, oracle.net.nt.NTAdapter
    public void connect(DMSFactory.DMSNoun dMSNoun) throws IOException, InterruptedIOException {
        if (this.useNio.booleanValue()) {
            this.l_sslEngine = newSSLEngine();
        } else {
            this.l_sslSockFac = newSSLSocketFactory(dMSNoun);
            this.underlyingSocket = new Socket();
        }
        super.connect(dMSNoun);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // oracle.net.nt.TcpNTAdapter
    public void establishSocket(InetSocketAddress inetSocketAddress, DMSFactory.DMSNoun dMSNoun) throws IOException, InterruptedIOException {
        long currentTimeMillis = System.currentTimeMillis();
        super.establishSocket(inetSocketAddress, dMSNoun);
        try {
            this.underlyingSocket = this.socket;
            this.underlyingSocketChannel = this.socketChannel;
            if (this.useNio.booleanValue()) {
                this.socketChannel = new SSLSocketChannel(this.socketChannel, this.l_sslEngine, getDiagnosable(), this.dnVerifier, false);
                this.socket = this.socketChannel.socket();
            } else {
                this.socket = this.l_sslSockFac.createSocket(this.socket, this.host, this.port, true);
            }
            setSSLSocketOptions();
            if (this.useNio.booleanValue() && OracleConnectionStringBuilder.PROTOCOL_WSS.equalsIgnoreCase(this.protocol)) {
                debug(Level.INFO, SecurityLabel.UNKNOWN, CLASS_NAME, "establishSocket", "websocketURI={0}. ", (String) null, (String) null, this.webSocketURI);
                this.socketChannel = new WSSSocketChannel(this.socketChannel, this.webSocketURI, this.host, this.port, (String) this.socketOptions.get(26), (OpaqueString) this.socketOptions.get(27), getDiagnosable());
            }
        } catch (IOException e) {
            throw socketConnectFailure(e, System.currentTimeMillis() - currentTimeMillis, inetSocketAddress.getHostString());
        }
    }

    private IOException socketConnectFailure(IOException iOException, long j, String str) {
        Object[] objArr = new Object[8];
        objArr[0] = iOException.getMessage();
        objArr[1] = Long.valueOf(j);
        objArr[2] = str;
        objArr[3] = Integer.valueOf(this.port);
        objArr[4] = this.proxy == null ? "" : "Proxy = " + this.proxy.toString();
        objArr[5] = Integer.valueOf(this.connectTimeout);
        objArr[6] = getInetAddress();
        objArr[7] = this.useNio;
        return new IOException(String.format("%s, socket connect lapse %d ms. %s %d %s %s %s %s", objArr), iOException);
    }

    @Override // oracle.net.nt.TcpNTAdapter, oracle.net.nt.NTAdapter
    public final CompletionStage<Void> connectAsync(DMSFactory.DMSNoun dMSNoun, AsyncOutboundTimeoutHandler asyncOutboundTimeoutHandler, Executor executor) {
        if (!this.useNio.booleanValue()) {
            return CompletionStageUtil.failedStage(new IOException("Asynchronous connection is not supported when oracle.jdbc.javaNetNio=false"));
        }
        if (OracleConnectionStringBuilder.PROTOCOL_WSS.equalsIgnoreCase(this.protocol)) {
            return CompletionStageUtil.failedStage(new IOException("Asynchronous connection is not supported with the WebSocket Secureprotocol"));
        }
        try {
            this.l_sslEngine = newSSLEngine();
            return super.connectAsync(dMSNoun, asyncOutboundTimeoutHandler, executor);
        } catch (IOException e) {
            return CompletionStageUtil.failedStage(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // oracle.net.nt.TcpNTAdapter
    public CompletionStage<Void> establishSocketAsync(InetSocketAddress inetSocketAddress, DMSFactory.DMSNoun dMSNoun, AsyncOutboundTimeoutHandler asyncOutboundTimeoutHandler, Executor executor) {
        long currentTimeMillis = System.currentTimeMillis();
        return super.establishSocketAsync(inetSocketAddress, dMSNoun, asyncOutboundTimeoutHandler, executor).thenCompose(r13 -> {
            try {
                this.underlyingSocket = this.socket;
                this.underlyingSocketChannel = this.socketChannel;
                SSLSocketChannel sSLSocketChannel = new SSLSocketChannel(this.socketChannel, this.l_sslEngine, getDiagnosable(), this.dnVerifier, false);
                this.socketChannel = sSLSocketChannel;
                this.socket = this.socketChannel.socket();
                setSSLSocketOptions();
                return sSLSocketChannel.doSSLHandshakeAsync(executor).exceptionally(CompletionStageUtil.exceptionalCompletionHandler(IOException.class, iOException -> {
                    throw new AsyncHandshakeException(iOException);
                }));
            } catch (IOException e) {
                return CompletionStageUtil.failedStage(socketConnectFailure(e, System.currentTimeMillis() - currentTimeMillis, inetSocketAddress.getHostString()));
            }
        });
    }

    public void renegotiateSession() throws IOException {
        if (this.useNio.booleanValue()) {
            this.l_sslEngine = newSSLEngine();
            SSLSocketChannel sSLSocketChannel = new SSLSocketChannel(this.underlyingSocketChannel, this.l_sslEngine, getDiagnosable(), this.dnVerifier, true);
            if (this.protocol.equalsIgnoreCase("wss")) {
                this.socketChannel.setUnderlyingChannel(sSLSocketChannel);
            } else {
                this.socketChannel = sSLSocketChannel;
            }
            this.socket = this.socketChannel.socket();
        } else {
            this.socketWithListener = (SSLSocket) this.socket;
            this.socket = this.l_sslSockFac.createSocket(this.underlyingSocket, this.inetSocketAddress.getHostString(), this.port, true);
        }
        String str = (String) this.socketOptions.get(3);
        if (str != null) {
            setOption(3, str);
        }
        setSSLSocketOptions();
    }

    public void setSSLSocketOptions() throws IOException {
        super.setSocketOptions();
        SSLSocket sSLSocket = null;
        if (!this.useNio.booleanValue()) {
            sSLSocket = (SSLSocket) this.socket;
            sSLSocket.setUseClientMode(true);
        }
        TcpsConfigure.configureVersion(sSLSocket, this.l_sslEngine, (String) this.socketOptions.get(6), this.useNio.booleanValue());
        TcpsConfigure.configureCipherSuites(sSLSocket, this.l_sslEngine, (String) this.socketOptions.get(7), this.useNio.booleanValue());
    }

    public String getNegotiatedTLSVersion() throws IOException {
        SSLSession sSLSession = getSSLSession();
        if (sSLSession != null) {
            return sSLSession.getProtocol();
        }
        return null;
    }

    @Override // oracle.net.nt.TcpNTAdapter, oracle.net.nt.NTAdapter
    public void setOption(int i, Object obj) throws IOException, NetException {
        switch (i) {
            case 108:
                setServerDNMatchValue((String[]) obj);
                return;
            default:
                super.setOption(i, obj);
                return;
        }
    }

    @Override // oracle.net.nt.TcpNTAdapter, oracle.net.nt.NTAdapter
    public Object getOption(int i) throws IOException, NetException {
        switch (i) {
            case 102:
                String cipherSuite = getSSLSession().getCipherSuite();
                return (cipherSuite == null || cipherSuite.indexOf("NULL") != -1) ? "FALSE" : "TRUE";
            case 103:
                return ((X509Certificate) getSSLSession().getPeerCertificates()[0]).getSubjectDN().getName();
            case 104:
                return getSSLSession().getPeerCertificateChain();
            case 105:
                return getSSLSession().getCipherSuite();
            case 106:
                String str = (String) this.socketOptions.getOrDefault(4, this.socketOptions.get(40));
                return Boolean.toString(str.equalsIgnoreCase("YES") || str.equalsIgnoreCase("ON") || str.equalsIgnoreCase("TRUE"));
            default:
                return super.getOption(i);
        }
    }

    private SSLSession getSSLSession() {
        return this.useNio.booleanValue() ? this.l_sslEngine.getSession() : ((SSLSocket) this.socket).getSession();
    }

    public SecurityInformation.DNMatchStatus getDNMatchStatus() {
        return ((SSLSocketChannel) this.socketChannel).getDnMatchStatus();
    }

    public void verifyDN() throws IOException {
        if (this.dnVerifier.isWeakDNMatchAllowed()) {
            ((SSLSocketChannel) this.socketChannel).verifyDN();
        }
    }

    private void setServerDNMatchValue(String[] strArr) {
        String str = strArr[0];
        String str2 = strArr[1];
        if (strArr[2] != null) {
            this.hostNameForDNMatch = strArr[2];
        }
        if (str != null) {
            this.dnToMatch = str;
        }
        if (str2 != null) {
            this.serviceNameForDNMatch = str2.trim();
        }
    }

    @Override // oracle.net.nt.TcpNTAdapter, oracle.net.nt.NTAdapter
    public NTAdapter.NetworkAdapterType getNetworkAdapterType() {
        return NTAdapter.NetworkAdapterType.TCPS;
    }

    private SSLEngine newSSLEngine() throws IOException {
        if (this.sslContext == null) {
            this.sslContext = CustomSSLSocketFactory.getSSLContext(this.socketOptions);
        }
        SSLEngine createSSLEngine = this.sslContext.createSSLEngine(this.inetSocketAddress.getHostString(), this.port);
        createSSLEngine.setUseClientMode(true);
        return createSSLEngine;
    }

    private SSLSocketFactory newSSLSocketFactory(DMSFactory.DMSNoun dMSNoun) throws IOException {
        return this.sslContext == null ? CustomSSLSocketFactory.getSSLSocketFactory(this.socketOptions, dMSNoun) : new MetricsEnabledSSLSocketFactoryWrapper(this.sslContext.getSocketFactory(), dMSNoun);
    }

    @Override // oracle.net.nt.TcpNTAdapter, oracle.net.nt.NTAdapter
    public final void registerForNonBlockingRead(Consumer<Throwable> consumer) throws IOException {
        if (!$assertionsDisabled && !(this.socketChannel instanceof SSLSocketChannel)) {
            throw new AssertionError("Not an SSLSocketChannel: " + this.socketChannel);
        }
        if (((SSLSocketChannel) this.socketChannel).hasRemaining()) {
            consumer.accept(null);
        } else {
            super.registerForNonBlockingRead(consumer);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSSLContext(SSLContext sSLContext) {
        this.sslContext = sSLContext;
    }

    static {
        $assertionsDisabled = !TcpsNTAdapter.class.desiredAssertionStatus();
        CLASS_NAME = TcpsNTAdapter.class.getName();
    }
}
