package org.craft.atom.protocol.ssl;

import java.net.InetSocketAddress;
import java.nio.ByteBuffer;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import javax.xml.ws.ProtocolException;
import org.craft.atom.util.buffer.AdaptiveByteBuffer;

/* loaded from: input_file:org/craft/atom/protocol/ssl/SslCodec.class */
public class SslCodec {
    private boolean wantClientAuth;
    private boolean needClientAuth;
    private boolean clientMode;
    private String[] enabledCipherSuites;
    private String[] enabledProtocols;
    private AdaptiveByteBuffer inNetBuffer;
    private AdaptiveByteBuffer outNetBuffer;
    private AdaptiveByteBuffer appBuffer;
    private final AdaptiveByteBuffer emptyBuffer = AdaptiveByteBuffer.allocate(0);
    private boolean handshakeComplete;
    private SslHandshakeHandler handshakeHandler;
    private InetSocketAddress peer;
    private SSLContext sslContext;
    private SSLEngine sslEngine;
    private SSLEngineResult.HandshakeStatus handshakeStatus;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.craft.atom.protocol.ssl.SslCodec$1, reason: invalid class name */
    /* loaded from: input_file:org/craft/atom/protocol/ssl/SslCodec$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus = new int[SSLEngineResult.HandshakeStatus.values().length];

        static {
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.FINISHED.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_TASK.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_UNWRAP.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_WRAP.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
        }
    }

    public SslCodec(SSLContext sSLContext, SslHandshakeHandler sslHandshakeHandler) {
        this.sslContext = sSLContext;
        this.handshakeHandler = sslHandshakeHandler;
    }

    public void init() {
        if (this.peer == null) {
            this.sslEngine = this.sslContext.createSSLEngine();
        } else {
            this.sslEngine = this.sslContext.createSSLEngine(this.peer.getHostName(), this.peer.getPort());
        }
        this.sslEngine.setUseClientMode(this.clientMode);
        if (!this.clientMode) {
            this.sslEngine.setWantClientAuth(this.wantClientAuth);
            this.sslEngine.setNeedClientAuth(this.needClientAuth);
        }
        if (this.enabledCipherSuites != null) {
            this.sslEngine.setEnabledCipherSuites(this.enabledCipherSuites);
        }
        if (this.enabledProtocols != null) {
            this.sslEngine.setEnabledProtocols(this.enabledProtocols);
        }
        try {
            this.sslEngine.beginHandshake();
            this.handshakeStatus = this.sslEngine.getHandshakeStatus();
            this.handshakeComplete = false;
        } catch (SSLException e) {
            throw new ProtocolException(e);
        }
    }

    public synchronized byte[] decode(byte[] bArr) {
        if (bArr == null) {
            return null;
        }
        try {
            byte[] bArr2 = null;
            int length = bArr.length;
            if (this.inNetBuffer == null) {
                this.inNetBuffer = AdaptiveByteBuffer.allocate(length).setAutoExpand(true);
            }
            this.inNetBuffer.put(bArr);
            if (this.handshakeComplete) {
                this.inNetBuffer.flip();
                if (!this.inNetBuffer.hasRemaining()) {
                    return null;
                }
                SSLEngineResult unwrap = unwrap();
                if (this.inNetBuffer.hasRemaining()) {
                    this.inNetBuffer.compact();
                } else {
                    this.inNetBuffer = null;
                }
                checkStatus(unwrap);
                renegotiateIfNeeded(unwrap);
                bArr2 = getBytes(fetchAppBuffer());
            } else {
                handshake0();
            }
            if (isInboundDone()) {
                this.inNetBuffer = null;
            }
            return bArr2;
        } catch (Exception e) {
            throw new ProtocolException(e);
        }
    }

    private void handshake0() throws SSLException {
        while (true) {
            switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[this.handshakeStatus.ordinal()]) {
                case 1:
                case 2:
                    this.handshakeComplete = true;
                    return;
                case 3:
                    this.handshakeStatus = doTasks();
                    break;
                case 4:
                    if ((unwrapHandshake() != SSLEngineResult.Status.BUFFER_UNDERFLOW || this.handshakeStatus == SSLEngineResult.HandshakeStatus.FINISHED) && !isInboundDone()) {
                        break;
                    } else {
                        return;
                    }
                case 5:
                    if (this.outNetBuffer != null && this.outNetBuffer.hasRemaining()) {
                        return;
                    }
                    createOutNetBuffer(0);
                    while (true) {
                        SSLEngineResult wrap = this.sslEngine.wrap(this.emptyBuffer.buf(), this.outNetBuffer.buf());
                        if (wrap.getStatus() != SSLEngineResult.Status.BUFFER_OVERFLOW) {
                            this.outNetBuffer.flip();
                            this.handshakeStatus = wrap.getHandshakeStatus();
                            writeNetBuffer();
                            break;
                        } else {
                            this.outNetBuffer.capacity(this.outNetBuffer.capacity() << 1);
                            this.outNetBuffer.limit(this.outNetBuffer.capacity());
                        }
                    }
                    break;
                default:
                    throw new IllegalStateException("Invalid handshaking state" + this.handshakeStatus + " while processing the Handshake for session.");
            }
        }
    }

    private void writeNetBuffer() throws SSLException {
        if (this.outNetBuffer == null || !this.outNetBuffer.hasRemaining()) {
            return;
        }
        AdaptiveByteBuffer fetchOutNetBuffer = fetchOutNetBuffer();
        this.handshakeHandler.needWrite(getBytes(fetchOutNetBuffer));
        while (needToCompleteHandshake()) {
            try {
                handshake0();
                AdaptiveByteBuffer fetchOutNetBuffer2 = fetchOutNetBuffer();
                if (fetchOutNetBuffer2 != null && fetchOutNetBuffer2.hasRemaining()) {
                    this.handshakeHandler.needWrite(getBytes(fetchOutNetBuffer));
                }
            } catch (SSLException e) {
                SSLHandshakeException sSLHandshakeException = new SSLHandshakeException("SSL handshake failed.");
                sSLHandshakeException.initCause(e);
                throw sSLHandshakeException;
            }
        }
    }

    private void createOutNetBuffer(int i) {
        int max = Math.max(i, this.sslEngine.getSession().getPacketBufferSize());
        if (this.outNetBuffer != null) {
            this.outNetBuffer.capacity(max);
        } else {
            this.outNetBuffer = AdaptiveByteBuffer.allocate(max).minimumCapacity(0);
        }
    }

    private byte[] getBytes(AdaptiveByteBuffer adaptiveByteBuffer) {
        int remaining = adaptiveByteBuffer.remaining();
        if (remaining == 0) {
            return null;
        }
        byte[] bArr = new byte[remaining];
        adaptiveByteBuffer.get(bArr);
        return bArr;
    }

    private AdaptiveByteBuffer fetchOutNetBuffer() {
        AdaptiveByteBuffer adaptiveByteBuffer = this.outNetBuffer;
        if (adaptiveByteBuffer == null) {
            return this.emptyBuffer;
        }
        this.outNetBuffer = null;
        return adaptiveByteBuffer.shrink();
    }

    private AdaptiveByteBuffer fetchAppBuffer() {
        AdaptiveByteBuffer flip = this.appBuffer.flip();
        this.appBuffer = null;
        return flip;
    }

    private boolean isInboundDone() {
        return this.sslEngine == null || this.sslEngine.isInboundDone();
    }

    private boolean needToCompleteHandshake() {
        return this.handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_WRAP && !isInboundDone();
    }

    private SSLEngineResult.Status unwrapHandshake() throws SSLException {
        if (this.inNetBuffer != null) {
            this.inNetBuffer.flip();
        }
        if (this.inNetBuffer == null || !this.inNetBuffer.hasRemaining()) {
            return SSLEngineResult.Status.BUFFER_UNDERFLOW;
        }
        SSLEngineResult unwrap = unwrap();
        this.handshakeStatus = unwrap.getHandshakeStatus();
        checkStatus(unwrap);
        if (this.handshakeStatus == SSLEngineResult.HandshakeStatus.FINISHED && unwrap.getStatus() == SSLEngineResult.Status.OK && this.inNetBuffer.hasRemaining()) {
            unwrap = unwrap();
            if (this.inNetBuffer.hasRemaining()) {
                this.inNetBuffer.compact();
            } else {
                this.inNetBuffer = null;
            }
            renegotiateIfNeeded(unwrap);
        } else if (this.inNetBuffer.hasRemaining()) {
            this.inNetBuffer.compact();
        } else {
            this.inNetBuffer = null;
        }
        return unwrap.getStatus();
    }

    private void renegotiateIfNeeded(SSLEngineResult sSLEngineResult) throws SSLException {
        if (sSLEngineResult.getStatus() == SSLEngineResult.Status.CLOSED || sSLEngineResult.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW || sSLEngineResult.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
            return;
        }
        this.handshakeComplete = false;
        this.handshakeStatus = sSLEngineResult.getHandshakeStatus();
        handshake0();
    }

    private SSLEngineResult unwrap() throws SSLException {
        SSLEngineResult unwrap;
        if (this.appBuffer == null) {
            this.appBuffer = AdaptiveByteBuffer.allocate(this.inNetBuffer.remaining());
        } else {
            this.appBuffer.expand(this.inNetBuffer.remaining());
        }
        while (true) {
            unwrap = this.sslEngine.unwrap(this.inNetBuffer.buf(), this.appBuffer.buf());
            SSLEngineResult.Status status = unwrap.getStatus();
            SSLEngineResult.HandshakeStatus handshakeStatus = unwrap.getHandshakeStatus();
            if (status == SSLEngineResult.Status.BUFFER_OVERFLOW) {
                this.appBuffer.capacity(this.appBuffer.capacity() << 1);
                this.appBuffer.limit(this.appBuffer.capacity());
            }
            if ((status == SSLEngineResult.Status.OK || status == SSLEngineResult.Status.BUFFER_OVERFLOW) && (handshakeStatus == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING || handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_UNWRAP)) {
            }
        }
        return unwrap;
    }

    private void checkStatus(SSLEngineResult sSLEngineResult) throws SSLException {
        SSLEngineResult.Status status = sSLEngineResult.getStatus();
        if (status == SSLEngineResult.Status.BUFFER_OVERFLOW) {
            throw new SSLException("SSLEngine error during decrypt: " + status + " inNetBuffer: " + this.inNetBuffer + "appBuffer: " + this.appBuffer);
        }
    }

    private SSLEngineResult.HandshakeStatus doTasks() {
        while (true) {
            Runnable delegatedTask = this.sslEngine.getDelegatedTask();
            if (delegatedTask == null) {
                return this.sslEngine.getHandshakeStatus();
            }
            delegatedTask.run();
        }
    }

    public void handshake() {
        try {
            handshake0();
        } catch (Exception e) {
            throw new ProtocolException(e);
        }
    }

    public synchronized byte[] encode(byte[] bArr) {
        if (bArr == null) {
            return null;
        }
        if (!this.handshakeComplete) {
            throw new IllegalStateException();
        }
        ByteBuffer wrap = ByteBuffer.wrap(bArr);
        createOutNetBuffer(wrap.remaining());
        while (wrap.hasRemaining()) {
            try {
                SSLEngineResult wrap2 = this.sslEngine.wrap(wrap, this.outNetBuffer.buf());
                if (wrap2.getStatus() == SSLEngineResult.Status.OK) {
                    if (wrap2.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_TASK) {
                        doTasks();
                    }
                } else {
                    if (wrap2.getStatus() != SSLEngineResult.Status.BUFFER_OVERFLOW) {
                        throw new SSLException("SSLEngine error during encrypt: " + wrap2.getStatus() + " src: " + wrap + "outNetBuffer: " + this.outNetBuffer);
                    }
                    this.outNetBuffer.capacity(this.outNetBuffer.capacity() << 1);
                    this.outNetBuffer.limit(this.outNetBuffer.capacity());
                }
            } catch (Exception e) {
                throw new ProtocolException(e);
            }
        }
        this.outNetBuffer.flip();
        return getBytes(fetchOutNetBuffer());
    }

    public boolean isWantClientAuth() {
        return this.wantClientAuth;
    }

    public void setWantClientAuth(boolean z) {
        this.wantClientAuth = z;
    }

    public boolean isNeedClientAuth() {
        return this.needClientAuth;
    }

    public void setNeedClientAuth(boolean z) {
        this.needClientAuth = z;
    }

    public boolean isClientMode() {
        return this.clientMode;
    }

    public void setClientMode(boolean z) {
        this.clientMode = z;
    }

    public String[] getEnabledCipherSuites() {
        return this.enabledCipherSuites;
    }

    public void setEnabledCipherSuites(String[] strArr) {
        this.enabledCipherSuites = strArr;
    }

    public String[] getEnabledProtocols() {
        return this.enabledProtocols;
    }

    public void setEnabledProtocols(String[] strArr) {
        this.enabledProtocols = strArr;
    }

    public InetSocketAddress getPeer() {
        return this.peer;
    }

    public void setPeer(InetSocketAddress inetSocketAddress) {
        this.peer = inetSocketAddress;
    }

    public SSLContext getSslContext() {
        return this.sslContext;
    }

    public void setSslContext(SSLContext sSLContext) {
        this.sslContext = sSLContext;
    }

    public SSLEngine getSslEngine() {
        return this.sslEngine;
    }

    public void setSslEngine(SSLEngine sSLEngine) {
        this.sslEngine = sSLEngine;
    }

    public SSLEngineResult.HandshakeStatus getHandshakeStatus() {
        return this.handshakeStatus;
    }
}
