package org.jivesoftware.openfire.net;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.Socket;
import java.nio.ByteBuffer;
import java.nio.channels.Channels;
import java.nio.channels.ReadableByteChannel;
import java.nio.channels.WritableByteChannel;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLSession;
import org.jivesoftware.openfire.Connection;
import org.jivesoftware.openfire.session.ConnectionSettings;
import org.jivesoftware.openfire.spi.ConnectionConfiguration;
import org.jivesoftware.util.JiveGlobals;

/* loaded from: input_file:org/jivesoftware/openfire/net/TLSStreamHandler.class */
public class TLSStreamHandler {
    private TLSStreamWriter writer;
    private TLSStreamReader reader;
    private TLSWrapper wrapper;
    private ReadableByteChannel rbc;
    private WritableByteChannel wbc;
    private SSLEngine tlsEngine;
    private SSLEngineResult.HandshakeStatus initialHSStatus;
    private boolean initialHSComplete;
    private int appBBSize;
    private int netBBSize;
    private ByteBuffer incomingNetBB;
    private ByteBuffer outgoingNetBB;
    private ByteBuffer appBB;
    private static ByteBuffer hsBB = ByteBuffer.allocate(0);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.jivesoftware.openfire.net.TLSStreamHandler$1, reason: invalid class name */
    /* loaded from: input_file:org/jivesoftware/openfire/net/TLSStreamHandler$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus;
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$Status = new int[SSLEngineResult.Status.values().length];

        static {
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.OK.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.BUFFER_UNDERFLOW.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus = new int[SSLEngineResult.HandshakeStatus.values().length];
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.FINISHED.ordinal()] = 1;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_UNWRAP.ordinal()] = 2;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING.ordinal()] = 3;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_TASK.ordinal()] = 4;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_WRAP.ordinal()] = 5;
            } catch (NoSuchFieldError e7) {
            }
        }
    }

    @Deprecated
    public TLSStreamHandler(Connection connection, Socket socket, boolean z, String str, boolean z2) throws IOException {
        this(socket, connection.getConfiguration(), z);
    }

    public TLSStreamHandler(Socket socket, ConnectionConfiguration connectionConfiguration, boolean z) throws IOException {
        this.wrapper = new TLSWrapper(connectionConfiguration, z);
        this.tlsEngine = this.wrapper.getTlsEngine();
        this.reader = new TLSStreamReader(this.wrapper, socket);
        this.writer = new TLSStreamWriter(this.wrapper, socket);
        if (socket.getChannel() != null) {
            this.rbc = socket.getChannel();
            this.wbc = socket.getChannel();
        } else {
            this.rbc = Channels.newChannel(socket.getInputStream());
            this.wbc = Channels.newChannel(socket.getOutputStream());
        }
        this.initialHSStatus = SSLEngineResult.HandshakeStatus.NEED_UNWRAP;
        this.initialHSComplete = false;
        this.netBBSize = this.tlsEngine.getSession().getPacketBufferSize();
        this.appBBSize = this.tlsEngine.getSession().getApplicationBufferSize();
        this.incomingNetBB = ByteBuffer.allocate(this.netBBSize);
        this.outgoingNetBB = ByteBuffer.allocate(this.netBBSize);
        this.outgoingNetBB.position(0);
        this.outgoingNetBB.limit(0);
        this.appBB = ByteBuffer.allocate(this.appBBSize);
        if (z) {
            socket.setSoTimeout(0);
            socket.setKeepAlive(true);
            this.initialHSStatus = SSLEngineResult.HandshakeStatus.NEED_WRAP;
            this.tlsEngine.beginHandshake();
            return;
        }
        if (connectionConfiguration.getClientAuth() == Connection.ClientAuth.needed) {
            if (JiveGlobals.getBooleanProperty(ConnectionSettings.Server.TLS_CERTIFICATE_VERIFY, true) && JiveGlobals.getBooleanProperty(ConnectionSettings.Server.TLS_CERTIFICATE_CHAIN_VERIFY, true) && !JiveGlobals.getBooleanProperty(ConnectionSettings.Server.TLS_ACCEPT_SELFSIGNED_CERTS, false)) {
                this.tlsEngine.setNeedClientAuth(true);
            } else {
                this.tlsEngine.setWantClientAuth(true);
            }
        }
    }

    public InputStream getInputStream() {
        return this.reader.getInputStream();
    }

    public OutputStream getOutputStream() {
        return this.writer.getOutputStream();
    }

    public void start() throws IOException {
        while (!this.initialHSComplete) {
            this.initialHSComplete = doHandshake(null);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:39:0x018f, code lost:
    
        if (r5.initialHSStatus != javax.net.ssl.SSLEngineResult.HandshakeStatus.NEED_WRAP) goto L65;
     */
    /* JADX WARN: Failed to find 'out' block for switch in B:20:0x0067. Please report as an issue. */
    /* JADX WARN: Failed to find 'out' block for switch in B:26:0x00f6. Please report as an issue. */
    /* JADX WARN: Failed to find 'out' block for switch in B:28:0x011b. Please report as an issue. */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private boolean doHandshake(java.nio.channels.SelectionKey r6) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 573
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jivesoftware.openfire.net.TLSStreamHandler.doHandshake(java.nio.channels.SelectionKey):boolean");
    }

    private boolean flush(ByteBuffer byteBuffer) throws IOException {
        this.wbc.write(byteBuffer);
        return !byteBuffer.hasRemaining();
    }

    private SSLEngineResult.HandshakeStatus doTasks() {
        while (true) {
            Runnable delegatedTask = this.tlsEngine.getDelegatedTask();
            if (delegatedTask == null) {
                return this.tlsEngine.getHandshakeStatus();
            }
            delegatedTask.run();
        }
    }

    public void close() throws IOException {
        this.wbc.close();
        this.rbc.close();
    }

    public SSLSession getSSLSession() {
        return this.tlsEngine.getSession();
    }
}
