package org.apache.mina.filter;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLSession;
import org.apache.mina.common.ByteBuffer;
import org.apache.mina.common.ByteBufferProxy;
import org.apache.mina.common.IoFilter;
import org.apache.mina.common.IoFilterAdapter;
import org.apache.mina.common.IoFilterChain;
import org.apache.mina.common.IoFuture;
import org.apache.mina.common.IoFutureListener;
import org.apache.mina.common.IoSession;
import org.apache.mina.common.WriteFuture;
import org.apache.mina.common.support.DefaultWriteFuture;
import org.apache.mina.filter.support.SSLHandler;
import org.apache.mina.util.SessionLog;

/* loaded from: input_file:org/apache/mina/filter/SSLFilter.class */
public class SSLFilter extends IoFilterAdapter {
    public static final String SSL_SESSION = SSLFilter.class.getName() + ".SSLSession";
    public static final String DISABLE_ENCRYPTION_ONCE = SSLFilter.class.getName() + ".DisableEncryptionOnce";
    public static final String USE_NOTIFICATION = SSLFilter.class.getName() + ".UseNotification";
    public static final SSLFilterMessage SESSION_SECURED = new SSLFilterMessage("SESSION_SECURED");
    public static final SSLFilterMessage SESSION_UNSECURED = new SSLFilterMessage("SESSION_UNSECURED");
    private static final String NEXT_FILTER = SSLFilter.class.getName() + ".NextFilter";
    private static final String SSL_HANDLER = SSLFilter.class.getName() + ".SSLHandler";
    private SSLContext sslContext;
    private boolean client;
    private boolean needClientAuth;
    private boolean wantClientAuth;
    private String[] enabledCipherSuites;
    private String[] enabledProtocols;

    /* loaded from: input_file:org/apache/mina/filter/SSLFilter$EncryptedBuffer.class */
    private static class EncryptedBuffer extends ByteBufferProxy {
        private final ByteBuffer originalBuffer;

        private EncryptedBuffer(ByteBuffer byteBuffer, ByteBuffer byteBuffer2) {
            super(byteBuffer);
            this.originalBuffer = byteBuffer2;
        }
    }

    /* loaded from: input_file:org/apache/mina/filter/SSLFilter$SSLFilterMessage.class */
    public static class SSLFilterMessage {
        private final String name;

        private SSLFilterMessage(String str) {
            this.name = str;
        }

        public String toString() {
            return this.name;
        }
    }

    public SSLFilter(SSLContext sSLContext) {
        if (sSLContext == null) {
            throw new NullPointerException("sslContext");
        }
        this.sslContext = sSLContext;
    }

    public SSLSession getSSLSession(IoSession ioSession) {
        return (SSLSession) ioSession.getAttribute(SSL_SESSION);
    }

    public boolean startSSL(IoSession ioSession) throws SSLException {
        boolean z;
        SSLHandler sSLSessionHandler = getSSLSessionHandler(ioSession);
        synchronized (sSLSessionHandler) {
            if (sSLSessionHandler.isOutboundDone()) {
                IoFilter.NextFilter nextFilter = (IoFilter.NextFilter) ioSession.getAttribute(NEXT_FILTER);
                sSLSessionHandler.destroy();
                sSLSessionHandler.init();
                sSLSessionHandler.handshake(nextFilter);
                z = true;
            } else {
                z = false;
            }
        }
        sSLSessionHandler.flushScheduledEvents();
        return z;
    }

    public boolean isSSLStarted(IoSession ioSession) {
        boolean z;
        SSLHandler sSLSessionHandler0 = getSSLSessionHandler0(ioSession);
        if (sSLSessionHandler0 == null) {
            return false;
        }
        synchronized (sSLSessionHandler0) {
            z = !sSLSessionHandler0.isOutboundDone();
        }
        return z;
    }

    public WriteFuture stopSSL(IoSession ioSession) throws SSLException {
        WriteFuture initiateClosure;
        SSLHandler sSLSessionHandler = getSSLSessionHandler(ioSession);
        IoFilter.NextFilter nextFilter = (IoFilter.NextFilter) ioSession.getAttribute(NEXT_FILTER);
        synchronized (sSLSessionHandler) {
            initiateClosure = initiateClosure(nextFilter, ioSession);
        }
        sSLSessionHandler.flushScheduledEvents();
        return initiateClosure;
    }

    public boolean isUseClientMode() {
        return this.client;
    }

    public void setUseClientMode(boolean z) {
        this.client = z;
    }

    public boolean isNeedClientAuth() {
        return this.needClientAuth;
    }

    public void setNeedClientAuth(boolean z) {
        this.needClientAuth = z;
    }

    public boolean isWantClientAuth() {
        return this.wantClientAuth;
    }

    public void setWantClientAuth(boolean z) {
        this.wantClientAuth = z;
    }

    public String[] getEnabledCipherSuites() {
        return this.enabledCipherSuites;
    }

    public void setEnabledCipherSuites(String[] strArr) {
        this.enabledCipherSuites = strArr;
    }

    public String[] getEnabledProtocols() {
        return this.enabledProtocols;
    }

    public void setEnabledProtocols(String[] strArr) {
        this.enabledProtocols = strArr;
    }

    public void onPreAdd(IoFilterChain ioFilterChain, String str, IoFilter.NextFilter nextFilter) throws SSLException {
        if (ioFilterChain.contains(SSLFilter.class)) {
            throw new IllegalStateException("A filter chain cannot contain more than one SSLFilter.");
        }
        IoSession session = ioFilterChain.getSession();
        session.setAttribute(NEXT_FILTER, nextFilter);
        session.setAttribute(SSL_HANDLER, new SSLHandler(this, this.sslContext, session));
    }

    public void onPostAdd(IoFilterChain ioFilterChain, String str, IoFilter.NextFilter nextFilter) throws SSLException {
        SSLHandler sSLSessionHandler = getSSLSessionHandler(ioFilterChain.getSession());
        synchronized (sSLSessionHandler) {
            sSLSessionHandler.handshake(nextFilter);
        }
        sSLSessionHandler.flushScheduledEvents();
    }

    public void onPreRemove(IoFilterChain ioFilterChain, String str, IoFilter.NextFilter nextFilter) throws SSLException {
        IoSession session = ioFilterChain.getSession();
        stopSSL(session);
        session.removeAttribute(NEXT_FILTER);
        session.removeAttribute(SSL_HANDLER);
    }

    public void sessionClosed(IoFilter.NextFilter nextFilter, IoSession ioSession) throws SSLException {
        SSLHandler sSLSessionHandler = getSSLSessionHandler(ioSession);
        try {
            synchronized (sSLSessionHandler) {
                if (isSSLStarted(ioSession) && SessionLog.isDebugEnabled(ioSession)) {
                    SessionLog.debug(ioSession, " Closed: " + getSSLSessionHandler(ioSession));
                }
                sSLSessionHandler.destroy();
            }
            sSLSessionHandler.flushScheduledEvents();
            nextFilter.sessionClosed(ioSession);
        } catch (Throwable th) {
            nextFilter.sessionClosed(ioSession);
            throw th;
        }
    }

    public void messageReceived(IoFilter.NextFilter nextFilter, IoSession ioSession, Object obj) throws SSLException {
        SSLHandler sSLSessionHandler = getSSLSessionHandler(ioSession);
        synchronized (sSLSessionHandler) {
            if (isSSLStarted(ioSession) || !sSLSessionHandler.isInboundDone()) {
                ByteBuffer byteBuffer = (ByteBuffer) obj;
                if (SessionLog.isDebugEnabled(ioSession)) {
                    SessionLog.debug(ioSession, " Data Read: " + sSLSessionHandler + " (" + byteBuffer + ')');
                }
                try {
                    sSLSessionHandler.messageReceived(nextFilter, byteBuffer.buf());
                    handleSSLData(nextFilter, sSLSessionHandler);
                    if (sSLSessionHandler.isInboundDone()) {
                        if (sSLSessionHandler.isOutboundDone()) {
                            if (SessionLog.isDebugEnabled(ioSession)) {
                                SessionLog.debug(ioSession, " SSL Session closed.");
                            }
                            sSLSessionHandler.destroy();
                        } else {
                            initiateClosure(nextFilter, ioSession);
                        }
                        if (byteBuffer.hasRemaining()) {
                            sSLSessionHandler.scheduleMessageReceived(nextFilter, byteBuffer);
                        }
                    }
                } catch (SSLException e) {
                    SSLException sSLException = e;
                    if (!sSLSessionHandler.isHandshakeComplete()) {
                        SSLHandshakeException sSLHandshakeException = new SSLHandshakeException("SSL handshake failed.");
                        sSLHandshakeException.initCause(e);
                        sSLException = sSLHandshakeException;
                    }
                    throw sSLException;
                }
            } else {
                sSLSessionHandler.scheduleMessageReceived(nextFilter, obj);
            }
        }
        sSLSessionHandler.flushScheduledEvents();
    }

    public void messageSent(IoFilter.NextFilter nextFilter, IoSession ioSession, Object obj) {
        if (obj instanceof EncryptedBuffer) {
            EncryptedBuffer encryptedBuffer = (EncryptedBuffer) obj;
            encryptedBuffer.release();
            nextFilter.messageSent(ioSession, encryptedBuffer.originalBuffer);
        }
    }

    public void filterWrite(IoFilter.NextFilter nextFilter, IoSession ioSession, IoFilter.WriteRequest writeRequest) throws SSLException {
        boolean z = true;
        SSLHandler sSLSessionHandler = getSSLSessionHandler(ioSession);
        synchronized (sSLSessionHandler) {
            if (!isSSLStarted(ioSession)) {
                sSLSessionHandler.scheduleFilterWrite(nextFilter, writeRequest);
            } else if (ioSession.containsAttribute(DISABLE_ENCRYPTION_ONCE)) {
                ioSession.removeAttribute(DISABLE_ENCRYPTION_ONCE);
                sSLSessionHandler.scheduleFilterWrite(nextFilter, writeRequest);
            } else {
                ByteBuffer byteBuffer = (ByteBuffer) writeRequest.getMessage();
                if (SessionLog.isDebugEnabled(ioSession)) {
                    SessionLog.debug(ioSession, " Filtered Write: " + sSLSessionHandler);
                }
                if (sSLSessionHandler.isWritingEncryptedData()) {
                    if (SessionLog.isDebugEnabled(ioSession)) {
                        SessionLog.debug(ioSession, "   already encrypted: " + byteBuffer);
                    }
                    sSLSessionHandler.scheduleFilterWrite(nextFilter, writeRequest);
                } else if (sSLSessionHandler.isHandshakeComplete()) {
                    if (SessionLog.isDebugEnabled(ioSession)) {
                        SessionLog.debug(ioSession, " encrypt: " + byteBuffer);
                    }
                    int position = byteBuffer.position();
                    sSLSessionHandler.encrypt(byteBuffer.buf());
                    byteBuffer.position(position);
                    EncryptedBuffer encryptedBuffer = new EncryptedBuffer(SSLHandler.copy(sSLSessionHandler.getOutNetBuffer()), byteBuffer);
                    if (SessionLog.isDebugEnabled(ioSession)) {
                        SessionLog.debug(ioSession, " encrypted buf: " + encryptedBuffer);
                    }
                    sSLSessionHandler.scheduleFilterWrite(nextFilter, new IoFilter.WriteRequest(encryptedBuffer, writeRequest.getFuture()));
                } else {
                    if (ioSession.isConnected()) {
                        if (SessionLog.isDebugEnabled(ioSession)) {
                            SessionLog.debug(ioSession, " Handshaking is not complete yet. Buffering write request.");
                        }
                        sSLSessionHandler.schedulePreHandshakeWriteRequest(nextFilter, writeRequest);
                    } else if (SessionLog.isDebugEnabled(ioSession)) {
                        SessionLog.debug(ioSession, " Write request on closed session.");
                    }
                    z = false;
                }
            }
        }
        if (z) {
            sSLSessionHandler.flushScheduledEvents();
        }
    }

    public void filterClose(final IoFilter.NextFilter nextFilter, final IoSession ioSession) throws SSLException {
        SSLHandler sSLSessionHandler0 = getSSLSessionHandler0(ioSession);
        if (sSLSessionHandler0 == null) {
            nextFilter.filterClose(ioSession);
            return;
        }
        WriteFuture writeFuture = null;
        try {
            synchronized (sSLSessionHandler0) {
                if (isSSLStarted(ioSession)) {
                    writeFuture = initiateClosure(nextFilter, ioSession);
                    writeFuture.addListener(new IoFutureListener() { // from class: org.apache.mina.filter.SSLFilter.1
                        public void operationComplete(IoFuture ioFuture) {
                            nextFilter.filterClose(ioSession);
                        }
                    });
                }
            }
            sSLSessionHandler0.flushScheduledEvents();
            if (writeFuture == null) {
                nextFilter.filterClose(ioSession);
            }
        } catch (Throwable th) {
            if (writeFuture == null) {
                nextFilter.filterClose(ioSession);
            }
            throw th;
        }
    }

    private WriteFuture initiateClosure(IoFilter.NextFilter nextFilter, IoSession ioSession) throws SSLException {
        SSLHandler sSLSessionHandler = getSSLSessionHandler(ioSession);
        if (!sSLSessionHandler.closeOutbound()) {
            return DefaultWriteFuture.newNotWrittenFuture(ioSession);
        }
        WriteFuture writeNetBuffer = sSLSessionHandler.writeNetBuffer(nextFilter);
        if (sSLSessionHandler.isInboundDone()) {
            sSLSessionHandler.destroy();
        }
        if (ioSession.containsAttribute(USE_NOTIFICATION)) {
            sSLSessionHandler.scheduleMessageReceived(nextFilter, SESSION_UNSECURED);
        }
        return writeNetBuffer;
    }

    private void handleSSLData(IoFilter.NextFilter nextFilter, SSLHandler sSLHandler) throws SSLException {
        if (sSLHandler.isHandshakeComplete()) {
            sSLHandler.flushPreHandshakeEvents();
        }
        sSLHandler.writeNetBuffer(nextFilter);
        handleAppDataRead(nextFilter, sSLHandler);
    }

    private void handleAppDataRead(IoFilter.NextFilter nextFilter, SSLHandler sSLHandler) {
        IoSession session = sSLHandler.getSession();
        sSLHandler.getAppBuffer().flip();
        if (!sSLHandler.getAppBuffer().hasRemaining()) {
            sSLHandler.getAppBuffer().clear();
            return;
        }
        if (SessionLog.isDebugEnabled(session)) {
            SessionLog.debug(session, " appBuffer: " + sSLHandler.getAppBuffer());
        }
        ByteBuffer copy = SSLHandler.copy(sSLHandler.getAppBuffer());
        sSLHandler.getAppBuffer().clear();
        if (SessionLog.isDebugEnabled(session)) {
            SessionLog.debug(session, " app data read: " + copy + " (" + copy.getHexDump() + ')');
        }
        sSLHandler.scheduleMessageReceived(nextFilter, copy);
    }

    private SSLHandler getSSLSessionHandler(IoSession ioSession) {
        SSLHandler sSLSessionHandler0 = getSSLSessionHandler0(ioSession);
        if (sSLSessionHandler0 == null) {
            throw new IllegalStateException();
        }
        if (sSLSessionHandler0.getParent() != this) {
            throw new IllegalArgumentException("Not managed by this filter.");
        }
        return sSLSessionHandler0;
    }

    private SSLHandler getSSLSessionHandler0(IoSession ioSession) {
        return (SSLHandler) ioSession.getAttribute(SSL_HANDLER);
    }
}
