package org.webpieces.nio.impl.ssl;

import java.io.InputStream;
import java.net.SocketAddress;
import java.nio.ByteBuffer;
import java.security.KeyStore;
import java.util.List;
import java.util.concurrent.CompletableFuture;
import java.util.function.Function;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import org.webpieces.data.api.BufferPool;
import org.webpieces.nio.api.SSLEngineFactory;
import org.webpieces.nio.api.SSLEngineFactoryWithHost;
import org.webpieces.nio.api.channels.Channel;
import org.webpieces.nio.api.channels.TCPChannel;
import org.webpieces.nio.api.exceptions.NioClosedChannelException;
import org.webpieces.nio.api.handlers.ConnectionListener;
import org.webpieces.nio.api.handlers.DataListener;
import org.webpieces.ssl.api.AsyncSSLEngine;
import org.webpieces.ssl.api.AsyncSSLFactory;
import org.webpieces.ssl.api.SslListener;
import org.webpieces.util.logging.Logger;
import org.webpieces.util.logging.LoggerFactory;

/* loaded from: input_file:org/webpieces/nio/impl/ssl/SslTCPChannel.class */
public class SslTCPChannel extends SslChannel implements TCPChannel {
    private static final Logger log = LoggerFactory.getLogger(SslTCPChannel.class);
    private AsyncSSLEngine sslEngine;
    private SslTryCatchListener clientDataListener;
    private final TCPChannel realChannel;
    private SocketDataListener socketDataListener;
    private ConnectionListener conectionListener;
    private CompletableFuture<Channel> sslConnectfuture;
    private CompletableFuture<Channel> closeFuture;
    private SslListener sslListener;
    private SSLEngineFactory sslFactory;
    private BufferPool pool;
    private ClientHelloParser parser;

    /* loaded from: input_file:org/webpieces/nio/impl/ssl/SslTCPChannel$OurSslListener.class */
    private class OurSslListener implements SslListener {
        private OurSslListener() {
        }

        public void encryptedLinkEstablished() {
            if (SslTCPChannel.this.sslConnectfuture != null) {
                SslTCPChannel.this.sslConnectfuture.complete(SslTCPChannel.this);
                return;
            }
            CompletableFuture<DataListener> connected = SslTCPChannel.this.conectionListener.connected(SslTCPChannel.this, true);
            if (!connected.isDone()) {
                SslTCPChannel.this.conectionListener.failed(SslTCPChannel.this, new IllegalArgumentException("Client did not return a datalistener"));
            }
            try {
                SslTCPChannel.this.clientDataListener = new SslTryCatchListener(connected.get());
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }

        public CompletableFuture<Void> packetEncrypted(ByteBuffer byteBuffer) {
            return SslTCPChannel.this.realChannel.write(byteBuffer).thenApply(channel -> {
                return empty();
            });
        }

        public Void empty() {
            return null;
        }

        public void sendEncryptedHandshakeData(ByteBuffer byteBuffer) {
            try {
                SslTCPChannel.this.realChannel.write(byteBuffer);
            } catch (NioClosedChannelException e) {
                SslTCPChannel.log.info("Remote end closed before handshake was finished.  (nothing we can do about that)");
            }
        }

        public void packetUnencrypted(ByteBuffer byteBuffer) {
            SslTCPChannel.this.clientDataListener.incomingData(SslTCPChannel.this, byteBuffer);
        }

        public void runTask(Runnable runnable) {
            runnable.run();
        }

        public void closed(boolean z) {
            if (!z) {
                SslTCPChannel.this.clientDataListener.farEndClosed(SslTCPChannel.this);
            } else {
                if (SslTCPChannel.this.closeFuture == null) {
                    throw new RuntimeException("bug, this should not be possible");
                }
                SslTCPChannel.this.closeFuture.complete(SslTCPChannel.this);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/webpieces/nio/impl/ssl/SslTCPChannel$SocketDataListener.class */
    public class SocketDataListener implements DataListener {
        private SocketDataListener() {
        }

        @Override // org.webpieces.nio.api.handlers.DataListener
        public void incomingData(Channel channel, ByteBuffer byteBuffer) {
            if (SslTCPChannel.this.sslEngine == null) {
                byteBuffer = setupSSLEngine(channel, byteBuffer);
                if (byteBuffer == null) {
                    return;
                }
            }
            SslTCPChannel.this.sslEngine.feedEncryptedPacket(byteBuffer);
        }

        private ByteBuffer setupSSLEngine(Channel channel, ByteBuffer byteBuffer) {
            try {
                return setupSSLEngineImpl(channel, byteBuffer);
            } catch (SSLException e) {
                throw new RuntimeException(e);
            }
        }

        private ByteBuffer setupSSLEngineImpl(Channel channel, ByteBuffer byteBuffer) throws SSLException {
            if (!(SslTCPChannel.this.sslFactory instanceof SSLEngineFactoryWithHost)) {
                SslTCPChannel.this.sslEngine = AsyncSSLFactory.create(SslTCPChannel.this.realChannel + "", SslTCPChannel.this.sslFactory.createSslEngine(), SslTCPChannel.this.pool, SslTCPChannel.this.sslListener);
                return byteBuffer;
            }
            SSLEngineFactoryWithHost sSLEngineFactoryWithHost = (SSLEngineFactoryWithHost) SslTCPChannel.this.sslFactory;
            ParseResult fetchServerNamesIfEntirePacketAvailable = SslTCPChannel.this.parser.fetchServerNamesIfEntirePacketAvailable(byteBuffer);
            List<String> names = fetchServerNamesIfEntirePacketAvailable.getNames();
            if (names.size() == 0) {
                SslTCPChannel.log.error("SNI servernames missing from client.  channel=" + channel.getRemoteAddress());
            } else if (names.size() > 1) {
                SslTCPChannel.log.error("SNI servernames are too many. names=" + names + " channel=" + channel.getRemoteAddress());
            }
            SslTCPChannel.this.sslEngine = AsyncSSLFactory.create(SslTCPChannel.this.realChannel + "", sSLEngineFactoryWithHost.createSslEngine(names.get(0)), SslTCPChannel.this.pool, SslTCPChannel.this.sslListener);
            return fetchServerNamesIfEntirePacketAvailable.getBuffer();
        }

        @Override // org.webpieces.nio.api.handlers.DataListener
        public void farEndClosed(Channel channel) {
            if (SslTCPChannel.this.clientDataListener != null) {
                SslTCPChannel.this.clientDataListener.farEndClosed(SslTCPChannel.this);
            }
        }

        @Override // org.webpieces.nio.api.handlers.DataListener
        public void failure(Channel channel, ByteBuffer byteBuffer, Exception exc) {
            SslTCPChannel.this.clientDataListener.failure(SslTCPChannel.this, byteBuffer, exc);
        }

        @Override // org.webpieces.nio.api.handlers.DataListener
        public void applyBackPressure(Channel channel) {
            SslTCPChannel.this.clientDataListener.applyBackPressure(SslTCPChannel.this);
        }

        @Override // org.webpieces.nio.api.handlers.DataListener
        public void releaseBackPressure(Channel channel) {
            SslTCPChannel.this.clientDataListener.releaseBackPressure(SslTCPChannel.this);
        }
    }

    public SslTCPChannel(Function<SslListener, AsyncSSLEngine> function, TCPChannel tCPChannel) {
        super(tCPChannel);
        this.socketDataListener = new SocketDataListener();
        this.sslListener = new OurSslListener();
        this.sslEngine = function.apply(this.sslListener);
        this.realChannel = tCPChannel;
    }

    public SslTCPChannel(BufferPool bufferPool, TCPChannel tCPChannel, ConnectionListener connectionListener, SSLEngineFactory sSLEngineFactory) {
        super(tCPChannel);
        this.socketDataListener = new SocketDataListener();
        this.sslListener = new OurSslListener();
        this.pool = bufferPool;
        this.parser = new ClientHelloParser(bufferPool);
        this.realChannel = tCPChannel;
        this.conectionListener = connectionListener;
        this.sslFactory = sSLEngineFactory;
    }

    @Override // org.webpieces.nio.api.channels.Channel
    public CompletableFuture<Channel> connect(SocketAddress socketAddress, DataListener dataListener) {
        this.clientDataListener = new SslTryCatchListener(dataListener);
        return this.realChannel.connect(socketAddress, this.socketDataListener).thenCompose(channel -> {
            return beginHandshake();
        });
    }

    public SocketDataListener getSocketDataListener() {
        return this.socketDataListener;
    }

    private CompletableFuture<Channel> beginHandshake() {
        this.sslConnectfuture = new CompletableFuture<>();
        this.sslEngine.beginHandshake();
        return this.sslConnectfuture;
    }

    @Override // org.webpieces.nio.api.channels.Channel
    public CompletableFuture<Channel> write(ByteBuffer byteBuffer) {
        if (byteBuffer.remaining() == 0) {
            throw new IllegalArgumentException("You must pass in bytebuffers that contain data.  b.remaining==0 in this buffer");
        }
        return this.sslEngine.feedPlainPacket(byteBuffer).thenApply(r3 -> {
            return this;
        });
    }

    @Override // org.webpieces.nio.api.channels.Channel
    public CompletableFuture<Channel> close() {
        this.closeFuture = new CompletableFuture<>();
        if (this.sslEngine == null) {
            return this.realChannel.close();
        }
        this.sslEngine.close();
        return this.closeFuture.thenApply(channel -> {
            return actuallyCloseSocket(channel, this.realChannel);
        });
    }

    private Channel actuallyCloseSocket(Channel channel, Channel channel2) {
        channel2.close();
        return channel;
    }

    public SSLEngine createSslEngine() {
        try {
            InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("selfsigned.jks");
            char[] charArray = "password".toCharArray();
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(resourceAsStream, charArray);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
            keyManagerFactory.init(keyStore, charArray);
            sSLContext.init(keyManagerFactory.getKeyManagers(), null, null);
            SSLEngine createSSLEngine = sSLContext.createSSLEngine();
            createSSLEngine.setUseClientMode(false);
            return createSSLEngine;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    @Override // org.webpieces.nio.api.channels.TCPChannel
    public boolean getKeepAlive() {
        return this.realChannel.getKeepAlive();
    }

    @Override // org.webpieces.nio.api.channels.TCPChannel
    public void setKeepAlive(boolean z) {
        this.realChannel.setKeepAlive(z);
    }

    public DataListener getDataListener() {
        return this.socketDataListener;
    }

    @Override // org.webpieces.nio.api.channels.Channel
    public boolean isSslChannel() {
        return true;
    }
}
