package org.apache.mina.io.filter;

import java.nio.ByteBuffer;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import org.apache.mina.io.IoFilter;
import org.apache.mina.io.IoSession;
import org.apache.mina.util.Queue;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/apache/mina/io/filter/SSLHandler.class */
public class SSLHandler {
    private static final Logger log;
    private final SSLFilter parent;
    private final IoSession session;
    private final SSLEngine sslEngine;
    private ByteBuffer inNetBuffer;
    private ByteBuffer outNetBuffer;
    private ByteBuffer appBuffer;
    private SSLEngineResult.HandshakeStatus initialHandshakeStatus;
    private boolean initialHandshakeComplete;
    static Class class$org$apache$mina$io$filter$SSLFilter;
    private final Queue nextFilterQueue = new Queue();
    private final Queue writeBufferQueue = new Queue();
    private final Queue writeMarkerQueue = new Queue();
    private ByteBuffer hsBB = ByteBuffer.allocate(0);
    private boolean shutdown = false;
    private boolean closed = false;
    private boolean isWritingEncryptedData = false;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLHandler(SSLFilter sSLFilter, SSLContext sSLContext, IoSession ioSession) throws SSLException {
        this.parent = sSLFilter;
        this.session = ioSession;
        this.sslEngine = sSLContext.createSSLEngine();
        this.sslEngine.setUseClientMode(sSLFilter.isUseClientMode());
        if (sSLFilter.isWantClientAuth()) {
            this.sslEngine.setWantClientAuth(true);
        }
        if (sSLFilter.isNeedClientAuth()) {
            this.sslEngine.setNeedClientAuth(true);
        }
        if (sSLFilter.getEnabledCipherSuites() != null) {
            this.sslEngine.setEnabledCipherSuites(sSLFilter.getEnabledCipherSuites());
        }
        if (sSLFilter.getEnabledProtocols() != null) {
            this.sslEngine.setEnabledProtocols(sSLFilter.getEnabledProtocols());
        }
        this.sslEngine.beginHandshake();
        this.initialHandshakeStatus = this.sslEngine.getHandshakeStatus();
        this.initialHandshakeComplete = false;
        SSLByteBufferPool.initiate(this.sslEngine);
        this.appBuffer = SSLByteBufferPool.getApplicationBuffer();
        this.inNetBuffer = SSLByteBufferPool.getPacketBuffer();
        this.outNetBuffer = SSLByteBufferPool.getPacketBuffer();
        this.outNetBuffer.position(0);
        this.outNetBuffer.limit(0);
    }

    public void setWritingEncryptedData(boolean z) {
        this.isWritingEncryptedData = z;
    }

    public boolean isWritingEncryptedData() {
        return this.isWritingEncryptedData;
    }

    public boolean isInitialHandshakeComplete() {
        return this.initialHandshakeComplete;
    }

    public boolean isClosed() {
        return this.closed;
    }

    public boolean needToCompleteInitialHandshake() {
        return this.initialHandshakeStatus == SSLEngineResult.HandshakeStatus.NEED_WRAP && !this.closed;
    }

    public synchronized void scheduleWrite(IoFilter.NextFilter nextFilter, org.apache.mina.common.ByteBuffer byteBuffer, Object obj) {
        this.nextFilterQueue.push(nextFilter);
        this.writeBufferQueue.push(byteBuffer);
        this.writeMarkerQueue.push(obj);
    }

    public synchronized void flushScheduledWrites() throws SSLException {
        while (true) {
            org.apache.mina.common.ByteBuffer byteBuffer = (org.apache.mina.common.ByteBuffer) this.writeBufferQueue.pop();
            if (byteBuffer == null) {
                return;
            }
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append(this.session).append(" Flushing buffered write request: ").append(byteBuffer).toString());
            }
            this.parent.filterWrite((IoFilter.NextFilter) this.nextFilterQueue.pop(), this.session, byteBuffer, this.writeMarkerQueue.pop());
        }
    }

    public void dataRead(IoFilter.NextFilter nextFilter, ByteBuffer byteBuffer) throws SSLException {
        if (byteBuffer.limit() > this.inNetBuffer.remaining()) {
            this.inNetBuffer = SSLByteBufferPool.expandBuffer(this.inNetBuffer, this.inNetBuffer.capacity() + (byteBuffer.limit() * 2));
            this.appBuffer = SSLByteBufferPool.expandBuffer(this.appBuffer, this.inNetBuffer.capacity() * 2);
            this.appBuffer.position(0);
            this.appBuffer.limit(0);
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append(this.session).append(" expanded inNetBuffer:").append(this.inNetBuffer).toString());
                log.debug(new StringBuffer().append(this.session).append(" expanded appBuffer:").append(this.appBuffer).toString());
            }
        }
        this.inNetBuffer.put(byteBuffer);
        if (this.initialHandshakeComplete) {
            doDecrypt();
        } else {
            doHandshake(nextFilter);
        }
    }

    public void continueHandshake(IoFilter.NextFilter nextFilter) throws SSLException {
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append(this.session).append(" continueHandshake()").toString());
        }
        doHandshake(nextFilter);
    }

    public ByteBuffer getAppBuffer() {
        return this.appBuffer;
    }

    public ByteBuffer getOutNetBuffer() {
        return this.outNetBuffer;
    }

    public void encrypt(ByteBuffer byteBuffer) throws SSLException {
        doEncrypt(byteBuffer);
    }

    public void shutdown() throws SSLException {
        if (this.shutdown) {
            return;
        }
        doShutdown();
    }

    public void release() {
        SSLByteBufferPool.release(this.appBuffer);
        SSLByteBufferPool.release(this.inNetBuffer);
        SSLByteBufferPool.release(this.outNetBuffer);
    }

    private void doDecrypt() throws SSLException {
        if (!this.initialHandshakeComplete) {
            throw new IllegalStateException();
        }
        if (!this.appBuffer.hasRemaining()) {
            unwrap();
        } else {
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append(this.session).append(" Error: appBuffer not empty!").toString());
            }
            throw new IllegalStateException();
        }
    }

    private SSLEngineResult.Status checkStatus(SSLEngineResult.Status status) throws SSLException {
        if (status == SSLEngineResult.Status.OK || status == SSLEngineResult.Status.CLOSED || status == SSLEngineResult.Status.BUFFER_UNDERFLOW) {
            return status;
        }
        throw new SSLException(new StringBuffer().append("SSLEngine error during decrypt: ").append(status).append(" inNetBuffer: ").append(this.inNetBuffer).append("appBuffer: ").append(this.appBuffer).toString());
    }

    private void doEncrypt(ByteBuffer byteBuffer) throws SSLException {
        if (!this.initialHandshakeComplete) {
            throw new IllegalStateException();
        }
        this.outNetBuffer.clear();
        while (byteBuffer.hasRemaining()) {
            if (byteBuffer.remaining() > (this.outNetBuffer.capacity() - this.outNetBuffer.position()) / 2) {
                this.outNetBuffer = SSLByteBufferPool.expandBuffer(this.outNetBuffer, byteBuffer.capacity() * 2);
                if (log.isDebugEnabled()) {
                    log.debug(new StringBuffer().append(this.session).append(" expanded outNetBuffer:").append(this.outNetBuffer).toString());
                }
            }
            SSLEngineResult wrap = this.sslEngine.wrap(byteBuffer, this.outNetBuffer);
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append(this.session).append(" Wrap res:").append(wrap).toString());
            }
            if (wrap.getStatus() != SSLEngineResult.Status.OK) {
                throw new SSLException(new StringBuffer().append("SSLEngine error during encrypt: ").append(wrap.getStatus()).append(" src: ").append(byteBuffer).append("outNetBuffer: ").append(this.outNetBuffer).toString());
            }
            if (wrap.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_TASK) {
                doTasks();
            }
        }
        this.outNetBuffer.flip();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void doHandshake(IoFilter.NextFilter nextFilter) throws SSLException {
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append(this.session).append(" doHandshake()").toString());
        }
        while (!this.initialHandshakeComplete) {
            if (this.initialHandshakeStatus == SSLEngineResult.HandshakeStatus.FINISHED) {
                this.session.setAttribute(SSLFilter.SSL_SESSION, this.sslEngine.getSession());
                if (log.isDebugEnabled()) {
                    SSLSession session = this.sslEngine.getSession();
                    log.debug(new StringBuffer().append(this.session).append("  initialHandshakeStatus=FINISHED").toString());
                    log.debug(new StringBuffer().append(this.session).append("  sslSession CipherSuite used ").append(session.getCipherSuite()).toString());
                }
                this.initialHandshakeComplete = true;
                return;
            }
            if (this.initialHandshakeStatus == SSLEngineResult.HandshakeStatus.NEED_TASK) {
                if (log.isDebugEnabled()) {
                    log.debug(new StringBuffer().append(this.session).append("  initialHandshakeStatus=NEED_TASK").toString());
                }
                this.initialHandshakeStatus = doTasks();
            } else if (this.initialHandshakeStatus == SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
                if (log.isDebugEnabled()) {
                    log.debug(new StringBuffer().append(this.session).append("  initialHandshakeStatus=NEED_UNWRAP").toString());
                }
                SSLEngineResult.Status unwrapHandshake = unwrapHandshake();
                if ((this.initialHandshakeStatus != SSLEngineResult.HandshakeStatus.FINISHED && unwrapHandshake == SSLEngineResult.Status.BUFFER_UNDERFLOW) || this.closed) {
                    return;
                }
            } else {
                if (this.initialHandshakeStatus != SSLEngineResult.HandshakeStatus.NEED_WRAP) {
                    throw new IllegalStateException(new StringBuffer().append("Invalid Handshaking State").append(this.initialHandshakeStatus).toString());
                }
                if (log.isDebugEnabled()) {
                    log.debug(new StringBuffer().append(this.session).append("  initialHandshakeStatus=NEED_WRAP").toString());
                }
                if (this.outNetBuffer.hasRemaining()) {
                    if (log.isDebugEnabled()) {
                        log.debug(new StringBuffer().append(this.session).append("  Still data in out buffer!").toString());
                        return;
                    }
                    return;
                } else {
                    this.outNetBuffer.clear();
                    SSLEngineResult wrap = this.sslEngine.wrap(this.hsBB, this.outNetBuffer);
                    if (log.isDebugEnabled()) {
                        log.debug(new StringBuffer().append(this.session).append(" Wrap res:").append(wrap).toString());
                    }
                    this.outNetBuffer.flip();
                    this.initialHandshakeStatus = wrap.getHandshakeStatus();
                    this.parent.writeNetBuffer(nextFilter, this.session, this);
                }
            }
        }
    }

    SSLEngineResult.Status unwrap() throws SSLException {
        SSLEngineResult unwrap;
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append(this.session).append(" unwrap()").toString());
        }
        this.appBuffer.clear();
        this.inNetBuffer.flip();
        do {
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append(this.session).append("   inNetBuffer: ").append(this.inNetBuffer).toString());
                log.debug(new StringBuffer().append(this.session).append("   appBuffer: ").append(this.appBuffer).toString());
            }
            unwrap = this.sslEngine.unwrap(this.inNetBuffer, this.appBuffer);
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append(this.session).append(" Unwrap res:").append(unwrap).toString());
            }
        } while (unwrap.getStatus() == SSLEngineResult.Status.OK);
        if (unwrap.getStatus() == SSLEngineResult.Status.CLOSED) {
            this.closed = true;
        }
        this.inNetBuffer.compact();
        this.appBuffer.flip();
        return checkStatus(unwrap.getStatus());
    }

    /* JADX WARN: Code restructure failed: missing block: B:23:0x010c, code lost:
    
        if (r4.inNetBuffer.hasRemaining() != false) goto L24;
     */
    /* JADX WARN: Code restructure failed: missing block: B:25:0x0117, code lost:
    
        if (org.apache.mina.io.filter.SSLHandler.log.isDebugEnabled() == false) goto L27;
     */
    /* JADX WARN: Code restructure failed: missing block: B:26:0x011a, code lost:
    
        org.apache.mina.io.filter.SSLHandler.log.debug(new java.lang.StringBuffer().append(r4.session).append("  extra handshake unwrap").toString());
        org.apache.mina.io.filter.SSLHandler.log.debug(new java.lang.StringBuffer().append(r4.session).append("   inNetBuffer: ").append(r4.inNetBuffer).toString());
        org.apache.mina.io.filter.SSLHandler.log.debug(new java.lang.StringBuffer().append(r4.session).append("   appBuffer: ").append(r4.appBuffer).toString());
     */
    /* JADX WARN: Code restructure failed: missing block: B:27:0x0182, code lost:
    
        r5 = r4.sslEngine.unwrap(r4.inNetBuffer, r4.appBuffer);
     */
    /* JADX WARN: Code restructure failed: missing block: B:28:0x019a, code lost:
    
        if (org.apache.mina.io.filter.SSLHandler.log.isDebugEnabled() == false) goto L30;
     */
    /* JADX WARN: Code restructure failed: missing block: B:29:0x019d, code lost:
    
        org.apache.mina.io.filter.SSLHandler.log.debug(new java.lang.StringBuffer().append(r4.session).append(" Unwrap res:").append(r5).toString());
     */
    /* JADX WARN: Code restructure failed: missing block: B:31:0x01c6, code lost:
    
        if (r5.getStatus() == javax.net.ssl.SSLEngineResult.Status.OK) goto L41;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private javax.net.ssl.SSLEngineResult.Status unwrapHandshake() throws javax.net.ssl.SSLException {
        /*
            Method dump skipped, instructions count: 497
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.mina.io.filter.SSLHandler.unwrapHandshake():javax.net.ssl.SSLEngineResult$Status");
    }

    private SSLEngineResult.HandshakeStatus doTasks() {
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append(this.session).append("   doTasks()").toString());
        }
        while (true) {
            Runnable delegatedTask = this.sslEngine.getDelegatedTask();
            if (delegatedTask == null) {
                break;
            }
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append(this.session).append("    doTask: ").append(delegatedTask).toString());
            }
            delegatedTask.run();
        }
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append(this.session).append("   doTasks(): ").append(this.sslEngine.getHandshakeStatus()).toString());
        }
        return this.sslEngine.getHandshakeStatus();
    }

    void doShutdown() throws SSLException {
        if (!this.shutdown) {
            this.sslEngine.closeOutbound();
            this.shutdown = true;
        }
        this.outNetBuffer.clear();
        SSLEngineResult wrap = this.sslEngine.wrap(this.hsBB, this.outNetBuffer);
        if (wrap.getStatus() != SSLEngineResult.Status.CLOSED) {
            throw new SSLException(new StringBuffer().append("Improper close state: ").append(wrap).toString());
        }
        this.outNetBuffer.flip();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$apache$mina$io$filter$SSLFilter == null) {
            cls = class$("org.apache.mina.io.filter.SSLFilter");
            class$org$apache$mina$io$filter$SSLFilter = cls;
        } else {
            cls = class$org$apache$mina$io$filter$SSLFilter;
        }
        log = LoggerFactory.getLogger(cls);
    }
}
