package org.rapidoid.net.tls;

import java.nio.ByteBuffer;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import org.rapidoid.RapidoidThing;
import org.rapidoid.buffer.BufUtil;
import org.rapidoid.commons.Err;
import org.rapidoid.log.Log;
import org.rapidoid.net.impl.RapidoidConnection;
import org.rapidoid.u.U;
import org.rapidoid.util.Msc;

/* loaded from: input_file:org/rapidoid/net/tls/RapidoidTLS.class */
public class RapidoidTLS extends RapidoidThing {
    private static boolean debugging = false;
    private final SSLContext sslContext;
    private final RapidoidConnection conn;
    private volatile SSLEngine engine = createServerEngine();
    private final ByteBuffer appIn;
    public final ByteBuffer netIn;
    final ByteBuffer netOut;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.rapidoid.net.tls.RapidoidTLS$1, reason: invalid class name */
    /* loaded from: input_file:org/rapidoid/net/tls/RapidoidTLS$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus;
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$Status = new int[SSLEngineResult.Status.values().length];

        static {
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.BUFFER_OVERFLOW.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.BUFFER_UNDERFLOW.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.CLOSED.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.OK.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus = new int[SSLEngineResult.HandshakeStatus.values().length];
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.FINISHED.ordinal()] = 1;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_TASK.ordinal()] = 2;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_UNWRAP.ordinal()] = 3;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_WRAP.ordinal()] = 4;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING.ordinal()] = 5;
            } catch (NoSuchFieldError e9) {
            }
        }
    }

    public RapidoidTLS(SSLContext sSLContext, RapidoidConnection rapidoidConnection) {
        this.sslContext = sSLContext;
        this.conn = rapidoidConnection;
        SSLSession session = this.engine.getSession();
        int applicationBufferSize = session.getApplicationBufferSize();
        int packetBufferSize = session.getPacketBufferSize();
        this.appIn = ByteBuffer.allocateDirect(applicationBufferSize + 64);
        this.netIn = ByteBuffer.allocateDirect(packetBufferSize);
        this.netOut = ByteBuffer.allocateDirect(packetBufferSize);
    }

    private SSLEngine createServerEngine() {
        SSLEngine createSSLEngine = this.sslContext.createSSLEngine();
        createSSLEngine.setUseClientMode(false);
        return createSSLEngine;
    }

    private void reactToHandshakeStatus(SSLEngineResult.HandshakeStatus handshakeStatus) {
        debug("HANDSHAKE STATUS = " + handshakeStatus);
        switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[handshakeStatus.ordinal()]) {
            case 1:
            case 5:
                return;
            case 2:
                reactToHandshakeStatus(executeTasks());
                return;
            case 3:
                unwrapInput();
                return;
            case 4:
                wrapOutput();
                return;
            default:
                throw Err.notExpected();
        }
    }

    private SSLEngineResult.HandshakeStatus executeTasks() {
        while (true) {
            Runnable delegatedTask = this.engine.getDelegatedTask();
            if (delegatedTask == null) {
                break;
            }
            delegatedTask.run();
        }
        SSLEngineResult.HandshakeStatus handshakeStatus = this.engine.getHandshakeStatus();
        U.must(handshakeStatus != SSLEngineResult.HandshakeStatus.NEED_TASK, "handshake shouldn't need additional tasks!");
        debug("after tasks: " + handshakeStatus);
        return handshakeStatus;
    }

    public boolean isClosed() {
        return this.engine.isOutboundDone() && this.engine.isInboundDone();
    }

    public SSLSession getSession() {
        return this.engine.getSession();
    }

    private void debug(String str, SSLEngineResult sSLEngineResult) {
        if (debugging) {
            SSLEngineResult.HandshakeStatus handshakeStatus = sSLEngineResult.getHandshakeStatus();
            debug(U.frmt("%s (status = %s:%s, consumed=%s, produced=%s)", new Object[]{str, sSLEngineResult.getStatus(), handshakeStatus, Integer.valueOf(sSLEngineResult.bytesConsumed()), Integer.valueOf(sSLEngineResult.bytesProduced())}));
            if (handshakeStatus.equals(SSLEngineResult.HandshakeStatus.FINISHED)) {
                debug("\n<<< HANDSHAKE FINISHED >>>\n");
            }
        }
    }

    private void debug(String str) {
        if (debugging) {
            U.print(new Object[]{this.conn + " :: " + str});
        }
    }

    public synchronized boolean unwrapInput() {
        boolean z = false;
        boolean z2 = true;
        while (!isClosed() && z2 && this.netIn.position() > 0) {
            debug("- UNWRAP");
            this.netIn.flip();
            this.netIn.mark();
            SSLEngineResult unwrap = unwrap(this.netIn, this.appIn);
            if (unwrap.getStatus().equals(SSLEngineResult.Status.BUFFER_UNDERFLOW)) {
                this.netIn.reset();
                this.netIn.compact();
            } else {
                this.netIn.compact();
            }
            this.appIn.flip();
            this.conn.input.append(this.appIn);
            this.appIn.clear();
            reactToResult(unwrap);
            z2 = (unwrap.getStatus().equals(SSLEngineResult.Status.BUFFER_UNDERFLOW) || unwrap.getHandshakeStatus().equals(SSLEngineResult.HandshakeStatus.NEED_TASK) || unwrap.getHandshakeStatus().equals(SSLEngineResult.HandshakeStatus.NEED_WRAP)) ? false : true;
            z = true;
        }
        return z;
    }

    public synchronized boolean wrapToOutgoing() {
        boolean z = false;
        if (this.conn.output.hasRemaining()) {
            debug("- WRAP TO OUTGOING " + this.conn);
            BufUtil.startWriting(this.conn.output);
            BufUtil.startWriting(this.conn.outgoing);
            z = this.conn.output.sslWrap(this.engine, this.conn.outgoing) > 0;
            BufUtil.doneWriting(this.conn.outgoing);
            BufUtil.doneWriting(this.conn.output);
        }
        return z;
    }

    private synchronized void wrapOutput() {
        if (isClosed()) {
            return;
        }
        debug("- WRAP");
        try {
            SSLEngineResult wrap = this.engine.wrap(new ByteBuffer[0], 0, 0, this.netOut);
            debug("wrap: ", wrap);
            debug("OUT " + this.netOut);
            this.netOut.flip();
            synchronized (this.conn.outgoing) {
                this.conn.outgoing.append(this.netOut);
            }
            this.netOut.compact();
            reactToResult(wrap);
        } catch (SSLException e) {
            throw U.rte(e);
        }
    }

    private void reactToResult(SSLEngineResult sSLEngineResult) {
        switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[sSLEngineResult.getStatus().ordinal()]) {
            case 1:
                debug("@@@ BUFFER_OVERFLOW " + this.conn);
                return;
            case 2:
                debug("@@@ BUFFER_UNDERFLOW " + this.conn);
                return;
            case 3:
                debug("@@@ CLOSED " + this.conn);
                this.conn.closeAfterWrite();
                return;
            case 4:
                debug("@@@ OK " + this.conn);
                reactToHandshakeStatus(sSLEngineResult.getHandshakeStatus());
                return;
            default:
                throw Err.notExpected();
        }
    }

    public synchronized SSLEngineResult wrap(ByteBuffer byteBuffer, ByteBuffer byteBuffer2) {
        try {
            SSLEngineResult wrap = this.engine.wrap(byteBuffer, byteBuffer2);
            debug("wrap: ", wrap);
            return wrap;
        } catch (SSLException e) {
            throw U.rte(e);
        }
    }

    public synchronized SSLEngineResult unwrap(ByteBuffer byteBuffer, ByteBuffer byteBuffer2) {
        try {
            SSLEngineResult unwrap = this.engine.unwrap(byteBuffer, byteBuffer2);
            debug("unwrap: ", unwrap);
            return unwrap;
        } catch (SSLException e) {
            throw U.rte(e);
        }
    }

    public SSLEngine engine() {
        return this.engine;
    }

    public synchronized void closeInbound() {
        try {
            this.engine.closeInbound();
        } catch (SSLException e) {
            Log.warn("SSL error while closing connection", "message", Msc.errorMsg(e));
        }
    }

    public void reset() {
        this.appIn.clear();
        this.netIn.clear();
        this.netOut.clear();
        this.engine = createServerEngine();
    }
}
