package io.datakernel.eventloop;

import io.datakernel.bytebuf.ByteBuf;
import io.datakernel.bytebuf.ByteBufPool;
import io.datakernel.eventloop.AsyncTcpSocket;
import io.datakernel.net.CloseWithoutNotifyException;
import java.net.InetSocketAddress;
import java.nio.ByteBuffer;
import java.util.concurrent.Executor;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;

/* loaded from: input_file:io/datakernel/eventloop/AsyncSslSocket.class */
public final class AsyncSslSocket implements AsyncTcpSocket, AsyncTcpSocket.EventHandler {
    private final Eventloop eventloop;
    private final SSLEngine engine;
    private final Executor executor;
    private final AsyncTcpSocket upstream;
    private AsyncTcpSocket.EventHandler downstreamEventHandler;
    private ByteBuf net2engine = ByteBuf.empty();
    private ByteBuf engine2app = ByteBuf.empty();
    private ByteBuf app2engine = ByteBuf.empty();
    private boolean syncPosted = false;
    private boolean read = false;
    private boolean write = false;

    public static AsyncSslSocket wrapClientSocket(Eventloop eventloop, AsyncTcpSocket asyncTcpSocket, String str, int i, SSLContext sSLContext, Executor executor) {
        SSLEngine createSSLEngine = sSLContext.createSSLEngine(str, i);
        createSSLEngine.setUseClientMode(true);
        return wrapSocket(eventloop, asyncTcpSocket, createSSLEngine, executor);
    }

    public static AsyncSslSocket wrapClientSocket(Eventloop eventloop, AsyncTcpSocket asyncTcpSocket, SSLContext sSLContext, Executor executor) {
        SSLEngine createSSLEngine = sSLContext.createSSLEngine();
        createSSLEngine.setUseClientMode(true);
        return wrapSocket(eventloop, asyncTcpSocket, createSSLEngine, executor);
    }

    public static AsyncSslSocket wrapServerSocket(Eventloop eventloop, AsyncTcpSocket asyncTcpSocket, SSLContext sSLContext, Executor executor) {
        SSLEngine createSSLEngine = sSLContext.createSSLEngine();
        createSSLEngine.setUseClientMode(false);
        return wrapSocket(eventloop, asyncTcpSocket, createSSLEngine, executor);
    }

    public static AsyncSslSocket wrapSocket(Eventloop eventloop, AsyncTcpSocket asyncTcpSocket, SSLEngine sSLEngine, Executor executor) {
        AsyncSslSocket create = create(eventloop, asyncTcpSocket, sSLEngine, executor);
        asyncTcpSocket.setEventHandler(create);
        return create;
    }

    private AsyncSslSocket(Eventloop eventloop, AsyncTcpSocket asyncTcpSocket, SSLEngine sSLEngine, Executor executor) {
        this.eventloop = eventloop;
        this.engine = sSLEngine;
        this.executor = executor;
        this.upstream = asyncTcpSocket;
    }

    public static AsyncSslSocket create(Eventloop eventloop, AsyncTcpSocket asyncTcpSocket, SSLEngine sSLEngine, Executor executor) {
        return new AsyncSslSocket(eventloop, asyncTcpSocket, sSLEngine, executor);
    }

    @Override // io.datakernel.eventloop.AsyncTcpSocket.EventHandler
    public void onRegistered() {
        this.downstreamEventHandler.onRegistered();
        try {
            this.engine.beginHandshake();
            doSync();
        } catch (SSLException e) {
            this.upstream.close();
            this.eventloop.post(() -> {
                if (this.engine2app != null) {
                    this.downstreamEventHandler.onClosedWithError(e);
                }
                recycleByteBufs();
            });
        }
    }

    @Override // io.datakernel.eventloop.AsyncTcpSocket.EventHandler
    public void onRead(ByteBuf byteBuf) {
        this.net2engine = ByteBufPool.append(this.net2engine, byteBuf);
        sync();
    }

    @Override // io.datakernel.eventloop.AsyncTcpSocket.EventHandler
    public void onReadEndOfStream() {
        if (this.engine.isInboundDone()) {
            return;
        }
        try {
            this.engine.closeInbound();
        } catch (SSLException e) {
            if (this.app2engine != null) {
                this.downstreamEventHandler.onClosedWithError(new CloseWithoutNotifyException(e));
            }
            this.upstream.close();
            recycleByteBufs();
        }
    }

    @Override // io.datakernel.eventloop.AsyncTcpSocket.EventHandler
    public void onWrite() {
        if (this.engine.isOutboundDone()) {
            this.upstream.close();
            recycleByteBufs();
        } else {
            if (this.engine2app == null || this.app2engine.canRead() || this.engine.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING || !this.write) {
                return;
            }
            this.write = false;
            this.downstreamEventHandler.onWrite();
        }
    }

    @Override // io.datakernel.eventloop.AsyncTcpSocket.EventHandler
    public void onClosedWithError(Exception exc) {
        if (this.engine2app != null) {
            this.downstreamEventHandler.onClosedWithError(exc);
        }
        recycleByteBufs();
    }

    @Override // io.datakernel.eventloop.AsyncTcpSocket
    public void setEventHandler(AsyncTcpSocket.EventHandler eventHandler) {
        this.downstreamEventHandler = eventHandler;
    }

    @Override // io.datakernel.eventloop.AsyncTcpSocket
    public void read() {
        this.read = true;
        if (!this.net2engine.canRead() && !this.engine2app.canRead()) {
            this.upstream.read();
        }
        postSync();
    }

    @Override // io.datakernel.eventloop.AsyncTcpSocket
    public void write(ByteBuf byteBuf) {
        this.write = true;
        this.app2engine = ByteBufPool.append(this.app2engine, byteBuf);
        postSync();
    }

    @Override // io.datakernel.eventloop.AsyncTcpSocket
    public void writeEndOfStream() {
        throw new UnsupportedOperationException("SSL cannot work in half-duplex mode");
    }

    @Override // io.datakernel.eventloop.AsyncTcpSocket
    public void close() {
        if (this.engine2app == null) {
            return;
        }
        this.engine2app.recycle();
        this.engine2app = null;
        this.app2engine.recycle();
        this.app2engine = ByteBuf.empty();
        this.engine.closeOutbound();
        postSync();
    }

    private void recycleByteBufs() {
        if (this.net2engine != null) {
            this.net2engine.recycle();
        }
        if (this.engine2app != null) {
            this.engine2app.recycle();
        }
        if (this.app2engine != null) {
            this.app2engine.recycle();
        }
        this.app2engine = null;
        this.engine2app = null;
        this.net2engine = null;
    }

    @Override // io.datakernel.eventloop.AsyncTcpSocket
    public InetSocketAddress getRemoteSocketAddress() {
        return this.upstream.getRemoteSocketAddress();
    }

    private SSLEngineResult tryToUnwrap() throws SSLException {
        ByteBuf allocate = ByteBufPool.allocate(this.engine.getSession().getPacketBufferSize());
        ByteBuffer readByteBuffer = this.net2engine.toReadByteBuffer();
        ByteBuffer writeByteBuffer = allocate.toWriteByteBuffer();
        try {
            SSLEngineResult unwrap = this.engine.unwrap(readByteBuffer, writeByteBuffer);
            this.net2engine.ofReadByteBuffer(readByteBuffer);
            this.net2engine = ByteBufPool.recycleIfEmpty(this.net2engine);
            allocate.ofWriteByteBuffer(writeByteBuffer);
            if (this.engine2app == null || !allocate.canRead()) {
                allocate.recycle();
            } else {
                this.engine2app = ByteBufPool.append(this.engine2app, allocate);
            }
            return unwrap;
        } catch (RuntimeException e) {
            allocate.recycle();
            throw new SSLException(e);
        } catch (SSLException e2) {
            allocate.recycle();
            throw e2;
        }
    }

    private SSLEngineResult tryToWrap() throws SSLException {
        ByteBuf allocate = ByteBufPool.allocate(this.engine.getSession().getPacketBufferSize());
        ByteBuffer readByteBuffer = this.app2engine.toReadByteBuffer();
        ByteBuffer writeByteBuffer = allocate.toWriteByteBuffer();
        try {
            SSLEngineResult wrap = this.engine.wrap(readByteBuffer, writeByteBuffer);
            this.app2engine.ofReadByteBuffer(readByteBuffer);
            this.app2engine = ByteBufPool.recycleIfEmpty(this.app2engine);
            allocate.ofWriteByteBuffer(writeByteBuffer);
            if (allocate.canRead()) {
                this.upstream.write(allocate);
            } else {
                allocate.recycle();
            }
            return wrap;
        } catch (RuntimeException e) {
            allocate.recycle();
            throw new SSLException(e);
        } catch (SSLException e2) {
            allocate.recycle();
            throw e2;
        }
    }

    private void executeTasks() {
        while (true) {
            Runnable delegatedTask = this.engine.getDelegatedTask();
            if (delegatedTask == null) {
                return;
            } else {
                this.executor.execute(() -> {
                    delegatedTask.run();
                    this.eventloop.execute(() -> {
                        if (this.net2engine == null) {
                            return;
                        }
                        sync();
                    });
                });
            }
        }
    }

    private void postSync() {
        if (this.syncPosted) {
            return;
        }
        this.syncPosted = true;
        this.eventloop.post(this::sync);
    }

    private void sync() {
        this.syncPosted = false;
        try {
            doSync();
        } catch (SSLException e) {
            this.upstream.close();
            if (this.engine2app != null) {
                this.downstreamEventHandler.onClosedWithError(e);
            }
            recycleByteBufs();
        }
    }

    private void doSync() throws SSLException {
        SSLEngineResult sSLEngineResult = null;
        while (true) {
            if (sSLEngineResult != null && sSLEngineResult.getStatus() == SSLEngineResult.Status.CLOSED) {
                this.upstream.close();
                this.net2engine.recycle();
                this.app2engine.recycle();
                this.app2engine = null;
                this.net2engine = null;
                break;
            }
            SSLEngineResult.HandshakeStatus handshakeStatus = this.engine.getHandshakeStatus();
            if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_WRAP) {
                sSLEngineResult = tryToWrap();
            } else if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
                sSLEngineResult = tryToUnwrap();
                if (sSLEngineResult.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW) {
                    this.upstream.read();
                    break;
                }
            } else {
                if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_TASK) {
                    executeTasks();
                    return;
                }
                if (handshakeStatus == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                    if (sSLEngineResult != null && sSLEngineResult.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.FINISHED) {
                        this.upstream.read();
                    }
                    if (this.net2engine.canRead()) {
                        while (true) {
                            sSLEngineResult = tryToUnwrap();
                            if (!this.net2engine.canRead() || (sSLEngineResult.bytesConsumed() == 0 && sSLEngineResult.bytesProduced() == 0)) {
                                break;
                            }
                        }
                        if (sSLEngineResult.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW) {
                            this.upstream.read();
                        }
                    }
                    if (this.app2engine.canRead()) {
                        while (true) {
                            sSLEngineResult = tryToWrap();
                            if (!this.app2engine.canRead() || (sSLEngineResult.bytesConsumed() == 0 && sSLEngineResult.bytesProduced() == 0)) {
                                break;
                            }
                        }
                    }
                }
            }
        }
        if (this.engine2app != null && this.read && this.engine2app.canRead()) {
            this.read = false;
            ByteBuf byteBuf = this.engine2app;
            this.engine2app = ByteBuf.empty();
            this.downstreamEventHandler.onRead(byteBuf);
        }
        if (this.engine2app == null || sSLEngineResult == null || sSLEngineResult.getStatus() != SSLEngineResult.Status.CLOSED) {
            return;
        }
        this.downstreamEventHandler.onReadEndOfStream();
    }
}
