package org.xtreemfs.foundation.oncrpc.channels;

import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.channels.SelectionKey;
import java.nio.channels.SocketChannel;
import java.util.ArrayList;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLPeerUnverifiedException;
import org.xtreemfs.foundation.SSLOptions;
import org.xtreemfs.foundation.buffer.BufferPool;
import org.xtreemfs.foundation.buffer.ReusableBuffer;
import org.xtreemfs.foundation.logging.Logging;
import org.xtreemfs.foundation.util.OutputUtils;

/* loaded from: input_file:WEB-INF/lib/BabuDB-0.4.5.jar:org/xtreemfs/foundation/oncrpc/channels/SSLChannelIO.class */
public class SSLChannelIO extends ChannelIO {
    protected final SSLEngine sslEngine;
    protected ReusableBuffer inNetBuffer;
    protected ReusableBuffer inReadBuffer;
    protected ReusableBuffer outNetBuffer;
    protected ReusableBuffer dummyBuffer;
    protected SSLEngineResult.HandshakeStatus handshakeStatus;
    protected boolean handshakeComplete;
    protected int keyOpsBeforeHandshake;
    protected boolean shutdownInProgress;
    protected static String[] supportedCipherSuitesWithoutEncryption;
    protected boolean clientMode;
    private boolean closed;
    private boolean shutdownComplete;
    private static /* synthetic */ int[] $SWITCH_TABLE$javax$net$ssl$SSLEngineResult$Status;
    private static /* synthetic */ int[] $SWITCH_TABLE$javax$net$ssl$SSLEngineResult$HandshakeStatus;
    static final /* synthetic */ boolean $assertionsDisabled;

    static {
        $assertionsDisabled = !SSLChannelIO.class.desiredAssertionStatus();
        supportedCipherSuitesWithoutEncryption = null;
    }

    public SSLChannelIO(SocketChannel socketChannel, SSLOptions sSLOptions, boolean z) throws SSLException {
        super(socketChannel);
        this.keyOpsBeforeHandshake = -1;
        this.closed = false;
        this.shutdownComplete = false;
        this.sslEngine = sSLOptions.getSSLContext().createSSLEngine();
        this.sslEngine.setUseClientMode(z);
        this.sslEngine.setNeedClientAuth(true);
        if (z) {
            this.sslEngine.beginHandshake();
            this.handshakeStatus = SSLEngineResult.HandshakeStatus.NEED_WRAP;
        } else {
            this.sslEngine.beginHandshake();
            this.handshakeStatus = SSLEngineResult.HandshakeStatus.NEED_UNWRAP;
        }
        this.handshakeComplete = false;
        this.shutdownInProgress = false;
        int packetBufferSize = this.sslEngine.getSession().getPacketBufferSize();
        this.inNetBuffer = BufferPool.allocate(packetBufferSize);
        this.inReadBuffer = BufferPool.allocate(this.sslEngine.getSession().getApplicationBufferSize() * 2);
        this.outNetBuffer = BufferPool.allocate(packetBufferSize);
        this.dummyBuffer = BufferPool.allocate(packetBufferSize);
        this.sslEngine.setEnabledProtocols(this.sslEngine.getSupportedProtocols());
        if (!sSLOptions.isAuthenticationWithoutEncryption()) {
            this.sslEngine.setEnabledCipherSuites(this.sslEngine.getSupportedCipherSuites());
            return;
        }
        if (supportedCipherSuitesWithoutEncryption == null) {
            ArrayList arrayList = new ArrayList();
            for (String str : this.sslEngine.getSupportedCipherSuites()) {
                if (str.contains("WITH_NULL")) {
                    arrayList.add(str);
                }
            }
            supportedCipherSuitesWithoutEncryption = new String[arrayList.size()];
            supportedCipherSuitesWithoutEncryption = (String[]) arrayList.toArray(supportedCipherSuitesWithoutEncryption);
        }
        this.sslEngine.setEnabledCipherSuites(supportedCipherSuitesWithoutEncryption);
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:15:0x0060. Please report as an issue. */
    @Override // org.xtreemfs.foundation.oncrpc.channels.ChannelIO
    public int read(ByteBuffer byteBuffer) throws IOException {
        int i = 0;
        if (!this.shutdownInProgress && this.handshakeComplete) {
            if (this.inReadBuffer.remaining() == this.inReadBuffer.capacity()) {
                if (this.channel.read(this.inNetBuffer.getBuffer()) == -1) {
                    return -1;
                }
                this.inNetBuffer.flip();
                while (this.inNetBuffer.hasRemaining()) {
                    switch ($SWITCH_TABLE$javax$net$ssl$SSLEngineResult$Status()[this.sslEngine.unwrap(this.inNetBuffer.getBuffer(), this.inReadBuffer.getBuffer()).getStatus().ordinal()]) {
                        case 1:
                            this.inNetBuffer.compact();
                            break;
                        case 2:
                            throw new IOException("BufferOverflow in the SSLEngine: Destination-Buffer is too small.");
                        case 3:
                            if (this.sslEngine.isInboundDone()) {
                                close();
                            }
                        case 4:
                            throw new IOException("The SSLEngine is already closed.");
                        default:
                            throw new IOException("The SSLEngine is in an undefined state.");
                    }
                }
                this.inNetBuffer.compact();
            }
            this.inReadBuffer.flip();
            if (byteBuffer.remaining() >= this.inReadBuffer.remaining()) {
                i = 0 + this.inReadBuffer.remaining();
                byteBuffer.put(this.inReadBuffer.getBuffer());
            } else {
                while (this.inReadBuffer.hasRemaining() && byteBuffer.hasRemaining()) {
                    byteBuffer.put(this.inReadBuffer.get());
                    i++;
                }
            }
            this.inReadBuffer.compact();
        }
        return i;
    }

    @Override // org.xtreemfs.foundation.oncrpc.channels.ChannelIO
    public int write(ByteBuffer byteBuffer) throws IOException {
        int i = 0;
        if (!this.shutdownInProgress && this.handshakeComplete) {
            SSLEngineResult wrap = this.sslEngine.wrap(byteBuffer, this.outNetBuffer.getBuffer());
            this.outNetBuffer.flip();
            switch ($SWITCH_TABLE$javax$net$ssl$SSLEngineResult$Status()[wrap.getStatus().ordinal()]) {
                case 2:
                    tryFlush();
                    break;
                case 3:
                    tryFlush();
                    break;
                case 4:
                    throw new IOException("The SSLEngine is already closed.");
                default:
                    throw new IOException("The SSLEngine is in a curiuos state.");
            }
            i = wrap.bytesConsumed();
        }
        return i;
    }

    @Override // org.xtreemfs.foundation.oncrpc.channels.ChannelIO
    public long write(ByteBuffer[] byteBufferArr) throws IOException {
        int i = 0;
        if (!this.shutdownInProgress && this.handshakeComplete) {
            SSLEngineResult wrap = this.sslEngine.wrap(byteBufferArr, this.outNetBuffer.getBuffer());
            this.outNetBuffer.flip();
            switch ($SWITCH_TABLE$javax$net$ssl$SSLEngineResult$Status()[wrap.getStatus().ordinal()]) {
                case 2:
                    tryFlush();
                    break;
                case 3:
                    tryFlush();
                    break;
                case 4:
                    throw new IOException("The SSLEngine is already closed.");
                default:
                    throw new IOException("The SSLEngine is in a curiuos state.");
            }
            i = wrap.bytesConsumed();
        }
        return i;
    }

    @Override // org.xtreemfs.foundation.oncrpc.channels.ChannelIO
    public boolean isShutdownInProgress() {
        return this.shutdownInProgress;
    }

    @Override // org.xtreemfs.foundation.oncrpc.channels.ChannelIO
    public boolean shutdown(SelectionKey selectionKey) throws IOException {
        if (!this.handshakeComplete) {
            this.shutdownInProgress = true;
            return true;
        }
        if (this.shutdownComplete) {
            return this.shutdownComplete;
        }
        if (!this.shutdownInProgress) {
            if (Logging.isDebug()) {
                Logging.logMessage(7, Logging.Category.net, this, "shutdown SSL connection of %s:%d", this.channel.socket().getInetAddress().toString(), Integer.valueOf(this.channel.socket().getPort()));
            }
            this.sslEngine.closeOutbound();
            this.shutdownInProgress = true;
            selectionKey.interestOps(selectionKey.interestOps() & (-2));
        }
        this.outNetBuffer.flip();
        if (tryFlush() && this.sslEngine.isOutboundDone()) {
            selectionKey.interestOps(selectionKey.interestOps() & (-5));
            this.shutdownComplete = true;
        }
        if (!this.sslEngine.isOutboundDone()) {
            SSLEngineResult wrap = this.sslEngine.wrap(this.dummyBuffer.getBuffer(), this.outNetBuffer.getBuffer());
            this.outNetBuffer.flip();
            switch ($SWITCH_TABLE$javax$net$ssl$SSLEngineResult$Status()[wrap.getStatus().ordinal()]) {
                case 2:
                    tryFlush();
                    selectionKey.interestOps(selectionKey.interestOps() | 4);
                    break;
                case 3:
                    throw new IOException("This should not happen.");
                case 4:
                    if (!tryFlush() || !this.sslEngine.isOutboundDone()) {
                        selectionKey.interestOps(selectionKey.interestOps() | 4);
                        break;
                    } else {
                        selectionKey.interestOps(selectionKey.interestOps() & (-5));
                        this.shutdownComplete = true;
                        break;
                    }
                    break;
                default:
                    throw new IOException("The SSLEngine is in a curiuos state.");
            }
        }
        return this.shutdownComplete;
    }

    @Override // org.xtreemfs.foundation.oncrpc.channels.ChannelIO
    public void close() throws IOException {
        try {
            super.close();
            try {
                this.sslEngine.closeInbound();
                this.sslEngine.closeOutbound();
            } catch (SSLException e) {
            }
            BufferPool.free(this.inNetBuffer);
            this.inNetBuffer = null;
            BufferPool.free(this.inReadBuffer);
            this.inReadBuffer = null;
            BufferPool.free(this.outNetBuffer);
            BufferPool.free(this.dummyBuffer);
            this.shutdownInProgress = true;
            this.closed = true;
        } catch (Throwable th) {
            System.out.println("CANNOT CLOSE DUE TO: " + th);
            throw new IOException(th);
        }
    }

    protected void finalize() {
        if (this.inNetBuffer != null) {
            Logging.logMessage(3, Logging.Category.misc, this, "buffers not freed!", new Object[0]);
            BufferPool.free(this.inNetBuffer);
            this.inNetBuffer = null;
            BufferPool.free(this.outNetBuffer);
            BufferPool.free(this.dummyBuffer);
        }
        if (this.closed) {
            return;
        }
        System.out.println("CONNECTION WAS NOT CLOSED PROPERLY: " + this);
    }

    protected boolean tryFlush() throws IOException {
        this.channel.write(this.outNetBuffer.getBuffer());
        if (this.outNetBuffer.hasRemaining()) {
            this.outNetBuffer.compact();
            return false;
        }
        this.outNetBuffer.compact();
        return true;
    }

    @Override // org.xtreemfs.foundation.oncrpc.channels.ChannelIO
    public boolean doHandshake(SelectionKey selectionKey) throws IOException {
        if (this.handshakeComplete || this.shutdownInProgress) {
            return this.handshakeComplete;
        }
        if (this.keyOpsBeforeHandshake == -1) {
            this.keyOpsBeforeHandshake = selectionKey.interestOps();
            selectionKey.interestOps(selectionKey.interestOps() & (-2) & (-5));
        }
        if (!this.handshakeComplete) {
            switch ($SWITCH_TABLE$javax$net$ssl$SSLEngineResult$HandshakeStatus()[this.handshakeStatus.ordinal()]) {
                case 1:
                    throw new IOException("The SSLEngine is not handshaking.");
                case 2:
                    this.outNetBuffer.flip();
                    if (!tryFlush()) {
                        selectionKey.interestOps(selectionKey.interestOps() | 4);
                        break;
                    } else {
                        handshakeFinished(selectionKey);
                        break;
                    }
                case 3:
                    selectionKey.interestOps(selectionKey.interestOps() & (-5));
                    doTasks(selectionKey);
                    break;
                case 4:
                    selectionKey.interestOps(selectionKey.interestOps() & (-2));
                    SSLEngineResult wrap = this.sslEngine.wrap(this.dummyBuffer.getBuffer(), this.outNetBuffer.getBuffer());
                    this.outNetBuffer.flip();
                    this.handshakeStatus = wrap.getHandshakeStatus();
                    switch ($SWITCH_TABLE$javax$net$ssl$SSLEngineResult$Status()[wrap.getStatus().ordinal()]) {
                        case 2:
                            tryFlush();
                            selectionKey.interestOps(selectionKey.interestOps() | 4);
                            break;
                        case 3:
                            tryFlush();
                            analyseHandshakeStatus(selectionKey, this.handshakeStatus);
                            break;
                        case 4:
                            throw new IOException("The SSLEngine is already closed.");
                        default:
                            throw new IOException("The SSLEngine is in a curiuos state.");
                    }
                case 5:
                    selectionKey.interestOps(selectionKey.interestOps() & (-5));
                    if (this.channel.read(this.inNetBuffer.getBuffer()) == -1) {
                        throw new IOException("End of stream has reached.");
                    }
                    boolean z = false;
                    do {
                        this.inNetBuffer.flip();
                        SSLEngineResult unwrap = this.sslEngine.unwrap(this.inNetBuffer.getBuffer(), this.dummyBuffer.getBuffer());
                        this.inNetBuffer.compact();
                        this.handshakeStatus = unwrap.getHandshakeStatus();
                        switch ($SWITCH_TABLE$javax$net$ssl$SSLEngineResult$Status()[unwrap.getStatus().ordinal()]) {
                            case 1:
                                z = true;
                                selectionKey.interestOps(selectionKey.interestOps() | 1);
                                break;
                            case 2:
                            default:
                                throw new IOException("The SSLEngine is in a curiuos state.");
                            case 3:
                                analyseHandshakeStatus(selectionKey, this.handshakeStatus);
                                break;
                            case 4:
                                throw new IOException("The SSLEngine is already closed.");
                        }
                        if (bufferRemaining(this.inNetBuffer) != 0 && this.handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
                        }
                    } while (!z);
                    break;
                default:
                    throw new IOException("The SSLEngine is in a curiuos handshake-state.");
            }
        }
        return this.handshakeComplete;
    }

    @Override // org.xtreemfs.foundation.oncrpc.channels.ChannelIO
    public boolean isFlushed() {
        return bufferRemaining(this.outNetBuffer) == 0;
    }

    private void handshakeFinished(SelectionKey selectionKey) {
        if (Logging.isDebug()) {
            Logging.logMessage(7, Logging.Category.net, this, "SSL-handshake for %s:%d finished", this.channel.socket().getInetAddress().toString(), Integer.valueOf(this.channel.socket().getPort()));
        }
        this.handshakeComplete = true;
        this.inNetBuffer.clear();
        this.outNetBuffer.clear();
        selectionKey.interestOps(this.keyOpsBeforeHandshake);
        try {
            this.certs = this.sslEngine.getSession().getPeerCertificates();
        } catch (SSLPeerUnverifiedException e) {
            Logging.logMessage(3, Logging.Category.auth, this, OutputUtils.stackTraceToString(e), new Object[0]);
            this.certs = null;
        }
    }

    private void analyseHandshakeStatus(SelectionKey selectionKey, SSLEngineResult.HandshakeStatus handshakeStatus) throws IOException {
        switch ($SWITCH_TABLE$javax$net$ssl$SSLEngineResult$HandshakeStatus()[handshakeStatus.ordinal()]) {
            case 1:
                throw new IOException("The SSLEngine is not handshaking.");
            case 2:
                this.outNetBuffer.flip();
                if (tryFlush()) {
                    handshakeFinished(selectionKey);
                    return;
                } else {
                    selectionKey.interestOps(selectionKey.interestOps() | 4);
                    return;
                }
            case 3:
                selectionKey.interestOps(selectionKey.interestOps() & (-5));
                doTasks(selectionKey);
                return;
            case 4:
                selectionKey.interestOps(selectionKey.interestOps() | 4);
                return;
            case 5:
                selectionKey.interestOps(selectionKey.interestOps() | 1);
                return;
            default:
                throw new IOException("The SSLEngine is in a curiuos handshake-state.");
        }
    }

    private int bufferRemaining(ReusableBuffer reusableBuffer) {
        reusableBuffer.flip();
        int remaining = reusableBuffer.remaining();
        reusableBuffer.compact();
        return remaining;
    }

    protected void doTasks(SelectionKey selectionKey) {
        int interestOps = selectionKey.interestOps();
        selectionKey.interestOps(0);
        while (true) {
            Runnable delegatedTask = this.sslEngine.getDelegatedTask();
            if (delegatedTask == null) {
                break;
            } else {
                delegatedTask.run();
            }
        }
        int[] $SWITCH_TABLE$javax$net$ssl$SSLEngineResult$HandshakeStatus2 = $SWITCH_TABLE$javax$net$ssl$SSLEngineResult$HandshakeStatus();
        SSLEngineResult.HandshakeStatus handshakeStatus = this.sslEngine.getHandshakeStatus();
        this.handshakeStatus = handshakeStatus;
        switch ($SWITCH_TABLE$javax$net$ssl$SSLEngineResult$HandshakeStatus2[handshakeStatus.ordinal()]) {
            case 1:
                Logging.logMessage(3, Logging.Category.auth, this, "Exception in worker-thread: The SSLEngine is not handshaking.", new Object[0]);
                return;
            case 2:
                handshakeFinished(selectionKey);
                return;
            case 3:
                doTasks(selectionKey);
                return;
            case 4:
                selectionKey.interestOps(interestOps | 4);
                return;
            case 5:
                selectionKey.interestOps(interestOps | 1);
                return;
            default:
                Logging.logMessage(3, Logging.Category.auth, this, "Exception in worker-thread: The SSLEngine is in a curiuos handshake-state.", new Object[0]);
                if (!$assertionsDisabled) {
                    throw new AssertionError();
                }
                return;
        }
    }

    static /* synthetic */ int[] $SWITCH_TABLE$javax$net$ssl$SSLEngineResult$Status() {
        int[] iArr = $SWITCH_TABLE$javax$net$ssl$SSLEngineResult$Status;
        if (iArr != null) {
            return iArr;
        }
        int[] iArr2 = new int[SSLEngineResult.Status.values().length];
        try {
            iArr2[SSLEngineResult.Status.BUFFER_OVERFLOW.ordinal()] = 2;
        } catch (NoSuchFieldError unused) {
        }
        try {
            iArr2[SSLEngineResult.Status.BUFFER_UNDERFLOW.ordinal()] = 1;
        } catch (NoSuchFieldError unused2) {
        }
        try {
            iArr2[SSLEngineResult.Status.CLOSED.ordinal()] = 4;
        } catch (NoSuchFieldError unused3) {
        }
        try {
            iArr2[SSLEngineResult.Status.OK.ordinal()] = 3;
        } catch (NoSuchFieldError unused4) {
        }
        $SWITCH_TABLE$javax$net$ssl$SSLEngineResult$Status = iArr2;
        return iArr2;
    }

    static /* synthetic */ int[] $SWITCH_TABLE$javax$net$ssl$SSLEngineResult$HandshakeStatus() {
        int[] iArr = $SWITCH_TABLE$javax$net$ssl$SSLEngineResult$HandshakeStatus;
        if (iArr != null) {
            return iArr;
        }
        int[] iArr2 = new int[SSLEngineResult.HandshakeStatus.values().length];
        try {
            iArr2[SSLEngineResult.HandshakeStatus.FINISHED.ordinal()] = 2;
        } catch (NoSuchFieldError unused) {
        }
        try {
            iArr2[SSLEngineResult.HandshakeStatus.NEED_TASK.ordinal()] = 3;
        } catch (NoSuchFieldError unused2) {
        }
        try {
            iArr2[SSLEngineResult.HandshakeStatus.NEED_UNWRAP.ordinal()] = 5;
        } catch (NoSuchFieldError unused3) {
        }
        try {
            iArr2[SSLEngineResult.HandshakeStatus.NEED_WRAP.ordinal()] = 4;
        } catch (NoSuchFieldError unused4) {
        }
        try {
            iArr2[SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING.ordinal()] = 1;
        } catch (NoSuchFieldError unused5) {
        }
        $SWITCH_TABLE$javax$net$ssl$SSLEngineResult$HandshakeStatus = iArr2;
        return iArr2;
    }
}
