package com.sun.enterprise.web.connector.grizzly.ssl;

import com.sun.enterprise.web.connector.grizzly.DefaultReadTask;
import com.sun.enterprise.web.connector.grizzly.StreamAlgorithm;
import com.sun.enterprise.web.connector.grizzly.WorkerThread;
import java.io.ByteArrayInputStream;
import java.io.EOFException;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.channels.SocketChannel;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import org.apache.tomcat.util.net.SSLImplementation;

/* loaded from: input_file:com/sun/enterprise/web/connector/grizzly/ssl/SSLReadTask.class */
public class SSLReadTask extends DefaultReadTask {
    protected ByteBuffer inputBB;
    protected ByteBuffer outputBB;
    protected SSLImplementation sslImplementation;
    protected SSLEngine sslEngine = null;
    protected int appBBSize = 20480;
    protected int inputBBSize = 20480;
    protected boolean handshake = true;

    @Override // com.sun.enterprise.web.connector.grizzly.DefaultReadTask, com.sun.enterprise.web.connector.grizzly.ReadTask
    public void initialize(StreamAlgorithm streamAlgorithm, boolean z, boolean z2) {
        this.type = 1;
        this.algorithm = streamAlgorithm;
        this.inputStream = new SSLByteBufferInputStream();
        this.useDirectByteBuffer = z;
        this.useByteBufferView = z2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void allocateBuffers() {
        SSLWorkerThread sSLWorkerThread = (SSLWorkerThread) Thread.currentThread();
        int packetBufferSize = this.sslEngine.getSession().getPacketBufferSize();
        if (this.inputBBSize < packetBufferSize) {
            this.inputBBSize = packetBufferSize;
        }
        if (this.inputBB != null && this.inputBB.capacity() < this.inputBBSize) {
            ByteBuffer allocate = ByteBuffer.allocate(this.inputBBSize);
            this.inputBB.flip();
            allocate.put(this.inputBB);
            this.inputBB = allocate;
        } else if (this.inputBB == null && sSLWorkerThread.getInputBB() != null) {
            this.inputBB = sSLWorkerThread.getInputBB();
        } else if (this.inputBB == null) {
            this.inputBB = ByteBuffer.allocate(this.inputBBSize);
        }
        if (sSLWorkerThread.getOutputBB() == null) {
            this.outputBB = ByteBuffer.allocate(this.inputBBSize);
        } else {
            this.outputBB = sSLWorkerThread.getOutputBB();
        }
        if (this.byteBuffer == null && sSLWorkerThread.getByteBuffer() == null) {
            this.byteBuffer = ByteBuffer.allocate(this.inputBBSize * 2);
        } else if (this.byteBuffer == null) {
            this.byteBuffer = sSLWorkerThread.getByteBuffer();
        }
        int applicationBufferSize = this.sslEngine.getSession().getApplicationBufferSize();
        if (applicationBufferSize > this.byteBuffer.capacity()) {
            ByteBuffer allocate2 = ByteBuffer.allocate(applicationBufferSize);
            this.byteBuffer.flip();
            allocate2.put(this.byteBuffer);
            this.byteBuffer = allocate2;
        }
        sSLWorkerThread.setInputBB(this.inputBB);
        sSLWorkerThread.setOutputBB(this.outputBB);
        sSLWorkerThread.setByteBuffer(this.byteBuffer);
        this.outputBB.position(0);
        this.outputBB.limit(0);
        sSLWorkerThread.setSSLEngine(this.sslEngine);
    }

    @Override // com.sun.enterprise.web.connector.grizzly.DefaultReadTask
    public void registerKey() {
        this.key.attach(this.sslEngine);
        super.registerKey();
    }

    @Override // com.sun.enterprise.web.connector.grizzly.DefaultReadTask, com.sun.enterprise.web.connector.grizzly.Task
    public void doTask() throws IOException {
        int i = 0;
        boolean z = false;
        SSLWorkerThread sSLWorkerThread = (SSLWorkerThread) Thread.currentThread();
        try {
            try {
                allocateBuffers();
                if (doHandshake(SSLUtils.getReadTimeout())) {
                    i = this.inputBB.position() > 0 ? this.inputBB.position() : this.byteBuffer.position();
                    this.handshake = false;
                    try {
                        sSLWorkerThread.setByteBuffer(this.byteBuffer);
                        this.inputStream.setByteBuffer(this.byteBuffer);
                        z = process();
                    } catch (IOException e) {
                        z = false;
                    }
                } else {
                    z = false;
                }
            } finally {
                manageKeepAlive(z, i, null);
            }
        } catch (IOException e2) {
            Logger logger = SSLSelectorThread.logger();
            if (logger.isLoggable(Level.FINE)) {
                logger.log(Level.FINE, "doRead", (Throwable) e2);
            }
            manageKeepAlive(z, i, e2);
        } catch (RuntimeException e3) {
            manageKeepAlive(z, i, e3);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean doHandshake(int i) throws IOException {
        SSLEngineResult.HandshakeStatus handshakeStatus = SSLEngineResult.HandshakeStatus.NEED_UNWRAP;
        boolean z = true;
        SSLWorkerThread sSLWorkerThread = (SSLWorkerThread) Thread.currentThread();
        try {
            try {
                if (this.handshake) {
                    this.byteBuffer = SSLUtils.doHandshake(this.key, this.byteBuffer, this.inputBB, this.outputBB, this.sslEngine, handshakeStatus, i);
                    if (((SocketChannel) this.key.channel()).read(this.inputBB) == -1) {
                        this.sslEngine.closeOutbound();
                    }
                    this.byteBuffer = SSLUtils.unwrapAll(this.byteBuffer, this.inputBB, this.sslEngine);
                }
                sSLWorkerThread.setOutputBB(this.outputBB);
            } catch (EOFException e) {
                Logger logger = SSLSelectorThread.logger();
                if (logger.isLoggable(Level.FINE)) {
                    logger.log(Level.FINE, "doHandshake", (Throwable) e);
                }
                z = false;
                sSLWorkerThread.setOutputBB(this.outputBB);
            }
            return z;
        } catch (Throwable th) {
            sSLWorkerThread.setOutputBB(this.outputBB);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v102, types: [java.security.cert.Certificate[]] */
    /* JADX WARN: Type inference failed for: r0v97, types: [java.security.cert.Certificate[]] */
    public Object[] doPeerCertificateChain(boolean z) throws IOException {
        Logger logger = SSLSelectorThread.logger();
        SSLWorkerThread sSLWorkerThread = (SSLWorkerThread) Thread.currentThread();
        X509Certificate[] x509CertificateArr = null;
        try {
            x509CertificateArr = this.sslEngine.getSession().getPeerCertificates();
        } catch (Throwable th) {
            if (logger.isLoggable(Level.FINE)) {
                logger.log(Level.FINE, "Error getting client certs", th);
            }
        }
        if (x509CertificateArr == null && z) {
            this.sslEngine.getSession().invalidate();
            this.sslEngine.setNeedClientAuth(true);
            this.sslEngine.beginHandshake();
            ByteBuffer byteBuffer = sSLWorkerThread.getByteBuffer();
            this.outputBB = sSLWorkerThread.getOutputBB();
            if (byteBuffer.position() != byteBuffer.limit()) {
                this.byteBuffer = ByteBuffer.allocate(byteBuffer.capacity());
            } else {
                this.byteBuffer = byteBuffer;
            }
            this.byteBuffer.clear();
            this.outputBB.position(0);
            this.outputBB.limit(0);
            this.handshake = true;
            try {
                try {
                    doHandshake(0);
                    this.byteBuffer = byteBuffer;
                    this.handshake = false;
                    sSLWorkerThread.setByteBuffer(this.byteBuffer);
                    this.inputStream.setByteBuffer(this.byteBuffer);
                    this.byteBuffer.clear();
                    try {
                        x509CertificateArr = this.sslEngine.getSession().getPeerCertificates();
                    } catch (Throwable th2) {
                        if (logger.isLoggable(Level.FINE)) {
                            logger.log(Level.FINE, "Error getting client certs", th2);
                        }
                    }
                } catch (Throwable th3) {
                    this.byteBuffer = byteBuffer;
                    this.handshake = false;
                    sSLWorkerThread.setByteBuffer(this.byteBuffer);
                    this.inputStream.setByteBuffer(this.byteBuffer);
                    this.byteBuffer.clear();
                    throw th3;
                }
            } catch (Throwable th4) {
                if (logger.isLoggable(Level.FINE)) {
                    logger.log(Level.FINE, "Error during handshake", th4);
                }
                this.byteBuffer = byteBuffer;
                this.handshake = false;
                sSLWorkerThread.setByteBuffer(this.byteBuffer);
                this.inputStream.setByteBuffer(this.byteBuffer);
                this.byteBuffer.clear();
                return null;
            }
        }
        if (x509CertificateArr == null) {
            return null;
        }
        X509Certificate[] x509CertificateArr2 = new X509Certificate[x509CertificateArr.length];
        for (int i = 0; i < x509CertificateArr.length; i++) {
            if (x509CertificateArr[i] instanceof X509Certificate) {
                x509CertificateArr2[i] = x509CertificateArr[i];
            } else {
                try {
                    x509CertificateArr2[i] = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(x509CertificateArr[i].getEncoded()));
                } catch (Exception e) {
                    logger.log(Level.INFO, "Error translating cert " + x509CertificateArr[i], (Throwable) e);
                    return null;
                }
            }
            if (logger.isLoggable(Level.FINE)) {
                logger.log(Level.FINE, "Cert #" + i + " = " + x509CertificateArr2[i]);
            }
        }
        if (x509CertificateArr2.length < 1) {
            return null;
        }
        return x509CertificateArr2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sun.enterprise.web.connector.grizzly.DefaultReadTask
    public void configureProcessorTask() {
        super.configureProcessorTask();
        ((SSLProcessorTask) this.processorTask).setSSLSupport(this.sslImplementation.getSSLSupport(this.sslEngine));
        ((SSLProcessorTask) this.processorTask).setSslReadTask(this);
    }

    @Override // com.sun.enterprise.web.connector.grizzly.DefaultReadTask, com.sun.enterprise.web.connector.grizzly.ReadTask
    public void detachProcessor() {
        if (this.processorTask != null) {
            ((SSLProcessorTask) this.processorTask).setSSLSupport(null);
            ((SSLProcessorTask) this.processorTask).setSslReadTask(null);
        }
        super.detachProcessor();
    }

    protected boolean process() throws IOException {
        SocketChannel socketChannel = (SocketChannel) this.key.channel();
        socketChannel.socket();
        this.algorithm.setSocketChannel(socketChannel);
        this.inputStream.setSelectionKey(this.key);
        if (this.processorTask == null) {
            attachProcessor(this.selectorThread.getProcessorTask());
        }
        if (this.algorithm.parse(this.byteBuffer)) {
            return executeProcessorTask();
        }
        return true;
    }

    @Override // com.sun.enterprise.web.connector.grizzly.DefaultReadTask, com.sun.enterprise.web.connector.grizzly.TaskBase, com.sun.enterprise.web.connector.grizzly.Task
    public void recycle() {
        if (this.byteBuffer != null) {
            try {
                try {
                    ((WorkerThread) Thread.currentThread()).setByteBuffer(this.byteBuffer);
                    this.byteBuffer = this.algorithm.postParse(this.byteBuffer);
                    this.byteBuffer.clear();
                } catch (ClassCastException e) {
                    Logger logger = SSLSelectorThread.logger();
                    if (logger.isLoggable(Level.FINEST)) {
                        logger.log(Level.FINEST, "recycle", (Throwable) e);
                    }
                    this.byteBuffer = this.algorithm.postParse(this.byteBuffer);
                    this.byteBuffer.clear();
                }
            } catch (Throwable th) {
                this.byteBuffer = this.algorithm.postParse(this.byteBuffer);
                this.byteBuffer.clear();
                throw th;
            }
        }
        this.handshake = true;
        this.inputStream.recycle();
        this.algorithm.recycle();
        this.key = null;
        this.inputStream.setSelectionKey(null);
        if (this.inputBB != null) {
            this.inputBB.clear();
        }
        if (this.outputBB != null) {
            this.outputBB.clear();
            this.outputBB.position(0);
            this.outputBB.limit(0);
        }
        this.inputBB = null;
        this.outputBB = null;
        this.byteBuffer = null;
        this.sslEngine = null;
    }

    public void setSSLImplementation(SSLImplementation sSLImplementation) {
        this.sslImplementation = sSLImplementation;
    }

    public void setHandshake(boolean z) {
        this.handshake = z;
    }

    public boolean getHandshake() {
        return this.handshake;
    }

    public void setSSLEngine(SSLEngine sSLEngine) {
        this.sslEngine = sSLEngine;
    }

    public SSLEngine getSSLEngine() {
        return this.sslEngine;
    }

    public ByteBuffer getInputBB() {
        return this.inputBB;
    }

    public void setInputBB(ByteBuffer byteBuffer) {
        this.inputBB = byteBuffer;
    }
}
