package com.sun.grizzly.filter;

import com.sun.grizzly.Context;
import com.sun.grizzly.Controller;
import com.sun.grizzly.ProtocolFilter;
import com.sun.grizzly.SSLConfig;
import com.sun.grizzly.util.InputReader;
import com.sun.grizzly.util.SSLUtils;
import com.sun.grizzly.util.ThreadAttachment;
import com.sun.grizzly.util.WorkerThread;
import java.io.EOFException;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.channels.SelectionKey;
import java.nio.channels.SocketChannel;
import java.util.ArrayList;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;

/* loaded from: input_file:com/sun/grizzly/filter/SSLReadFilter.class */
public class SSLReadFilter implements ProtocolFilter {
    public static final String SSL_PREREAD_DATA = "SSLReadFilter.preread";
    protected SSLContext sslContext;
    private String[] enabledCipherSuites = null;
    private String[] enabledProtocols = null;
    private boolean clientMode = false;
    private boolean needClientAuth = false;
    private boolean wantClientAuth = false;
    private boolean isProtocolConfigured = false;
    private boolean isCipherConfigured = false;
    private int sslActivityTimeout = SSLUtils.DEFAULT_SSL_INACTIVITY_TIMEOUT;
    protected int inputBBSize = 20480;

    @Override // com.sun.grizzly.ProtocolFilter
    public boolean execute(Context context) throws IOException {
        Logger logger = Controller.logger();
        boolean z = true;
        int i = 0;
        SelectionKey selectionKey = context.getSelectionKey();
        try {
            WorkerThread workerThread = (WorkerThread) Thread.currentThread();
            SSLEngine sSLEngine = workerThread.getSSLEngine();
            if (logger.isLoggable(Level.FINE)) {
                logger.log(Level.FINE, "Thread associated sslEngine: " + sSLEngine);
            }
            if (sSLEngine == null) {
                sSLEngine = obtainSSLEngine(selectionKey);
                if (logger.isLoggable(Level.FINE)) {
                    logger.log(Level.FINE, "Obtained sslEngine: " + sSLEngine);
                }
                workerThread.setSSLEngine(sSLEngine);
                selectionKey.attach(workerThread.updateAttachment(ThreadAttachment.Mode.SSL_ENGINE));
            }
            boolean isValid = sSLEngine.getSession().isValid();
            try {
                try {
                    try {
                        SSLUtils.allocateThreadBuffers(this.inputBBSize);
                        if (isValid) {
                            i = doRead(selectionKey);
                            if (i == 0 && context.removeAttribute(SSL_PREREAD_DATA) == null) {
                                z = false;
                            }
                        } else if (doHandshake(selectionKey, this.sslActivityTimeout)) {
                            ByteBuffer outputBB = workerThread.getOutputBB();
                            outputBB.limit(outputBB.position());
                        } else {
                            i = -1;
                        }
                        if (0 != 0 || i == -1) {
                            context.setAttribute(Context.THROWABLE, null);
                            context.setKeyRegistrationState(Context.KeyRegistrationState.CANCEL);
                            z = false;
                        }
                    } catch (IOException e) {
                        log("SSLReadFilter.execute", e);
                        if (e != null || 0 == -1) {
                            context.setAttribute(Context.THROWABLE, e);
                            context.setKeyRegistrationState(Context.KeyRegistrationState.CANCEL);
                            z = false;
                        }
                    }
                } catch (Throwable th) {
                    log("SSLReadFilter.execute", th);
                    if (th != null || 0 == -1) {
                        context.setAttribute(Context.THROWABLE, th);
                        context.setKeyRegistrationState(Context.KeyRegistrationState.CANCEL);
                        z = false;
                    }
                }
                return z;
            } catch (Throwable th2) {
                if (0 != 0 || 0 == -1) {
                    context.setAttribute(Context.THROWABLE, null);
                    context.setKeyRegistrationState(Context.KeyRegistrationState.CANCEL);
                }
                throw th2;
            }
        } catch (ClassCastException e2) {
            throw new IllegalStateException(e2.getMessage());
        }
    }

    @Override // com.sun.grizzly.ProtocolFilter
    public boolean postExecute(Context context) throws IOException {
        if (context.getKeyRegistrationState() == Context.KeyRegistrationState.CANCEL) {
            context.getSelectorHandler().getSelectionKeyHandler().cancel(context.getSelectionKey());
            return true;
        }
        if (context.getKeyRegistrationState() != Context.KeyRegistrationState.REGISTER) {
            return true;
        }
        saveSecuredBufferRemainders(context.getSelectionKey());
        context.getSelectorHandler().register(context.getSelectionKey(), 1);
        context.setKeyRegistrationState(Context.KeyRegistrationState.NONE);
        return true;
    }

    private static boolean doHandshake(SelectionKey selectionKey, int i) throws IOException {
        WorkerThread workerThread = (WorkerThread) Thread.currentThread();
        boolean z = true;
        try {
            SSLUtils.doHandshake((SocketChannel) selectionKey.channel(), workerThread.getByteBuffer(), workerThread.getInputBB(), workerThread.getOutputBB(), workerThread.getSSLEngine(), SSLEngineResult.HandshakeStatus.NEED_UNWRAP, i);
        } catch (IOException e) {
            log("doHandshake", e);
            z = false;
        }
        if (doRead(selectionKey) == -1) {
            throw new EOFException();
        }
        return z;
    }

    private static int doRead(SelectionKey selectionKey) {
        WorkerThread workerThread = (WorkerThread) Thread.currentThread();
        ByteBuffer byteBuffer = workerThread.getByteBuffer();
        ByteBuffer outputBB = workerThread.getOutputBB();
        ByteBuffer inputBB = workerThread.getInputBB();
        SSLEngine sSLEngine = workerThread.getSSLEngine();
        int i = -1;
        try {
            try {
                int position = byteBuffer.position();
                try {
                    i = ((SocketChannel) selectionKey.channel()).read(inputBB);
                } catch (IOException e) {
                    log("Exception during SSL read.", e);
                    i = -1;
                }
                if (i > -1 || inputBB.position() > 0) {
                    Logger logger = Controller.logger();
                    if (logger.isLoggable(Level.FINE)) {
                        logger.log(Level.FINE, "SSLReadFilter. Read: " + i + " Calling unwrapAll. InputBB: " + inputBB + " byteBuffer: " + byteBuffer);
                    }
                    int position2 = inputBB.position();
                    ByteBuffer unwrapAll = SSLUtils.unwrapAll(byteBuffer, inputBB, sSLEngine);
                    workerThread.setInputBB(inputBB);
                    workerThread.setOutputBB(outputBB);
                    workerThread.setByteBuffer(unwrapAll);
                    int position3 = unwrapAll.position();
                    if (i <= 0 && position3 != position) {
                        if (i == -1) {
                            try {
                                sSLEngine.closeInbound();
                            } catch (SSLException e2) {
                            }
                        }
                        return position2;
                    }
                    if (i > 0 && position3 == 0) {
                        if (i == -1) {
                            try {
                                sSLEngine.closeInbound();
                            } catch (SSLException e3) {
                            }
                        }
                        return 0;
                    }
                    if (position3 == 0) {
                        if (sSLEngine.isInboundDone()) {
                            if (i == -1) {
                                try {
                                    sSLEngine.closeInbound();
                                } catch (SSLException e4) {
                                }
                            }
                            return -1;
                        }
                    }
                }
                int i2 = i;
                if (i == -1) {
                    try {
                        sSLEngine.closeInbound();
                    } catch (SSLException e5) {
                    }
                }
                return i2;
            } catch (Throwable th) {
                if (i == -1) {
                    try {
                        sSLEngine.closeInbound();
                    } catch (SSLException e6) {
                    }
                }
                throw th;
            }
        } catch (IOException e7) {
            log("Exception during SSL read.", e7);
            if (i == -1) {
                try {
                    sSLEngine.closeInbound();
                } catch (SSLException e8) {
                }
            }
            return -1;
        }
    }

    public static Object[] doPeerCertificateChain(SelectionKey selectionKey, boolean z) throws IOException {
        WorkerThread workerThread = (WorkerThread) Thread.currentThread();
        return SSLUtils.doPeerCertificateChain((SocketChannel) selectionKey.channel(), workerThread.getByteBuffer(), workerThread.getInputBB(), workerThread.getOutputBB(), workerThread.getSSLEngine(), z, InputReader.getDefaultReadTimeout());
    }

    protected SSLEngine newSSLEngine() {
        Logger logger = Controller.logger();
        SSLEngine createSSLEngine = this.sslContext.createSSLEngine();
        if (logger.isLoggable(Level.FINE)) {
            logger.log(Level.FINE, "newSSLEngine: " + createSSLEngine);
        }
        if (this.enabledCipherSuites != null) {
            if (!this.isCipherConfigured) {
                this.enabledCipherSuites = configureEnabledCiphers(createSSLEngine, this.enabledCipherSuites);
                this.isCipherConfigured = true;
            }
            createSSLEngine.setEnabledCipherSuites(this.enabledCipherSuites);
        }
        if (this.enabledProtocols != null) {
            if (!this.isProtocolConfigured) {
                this.enabledProtocols = configureEnabledProtocols(createSSLEngine, this.enabledProtocols);
                this.isProtocolConfigured = true;
            }
            createSSLEngine.setEnabledProtocols(this.enabledProtocols);
        }
        createSSLEngine.setUseClientMode(this.clientMode);
        return createSSLEngine;
    }

    protected SSLEngine obtainSSLEngine(SelectionKey selectionKey) {
        Logger logger = Controller.logger();
        SSLEngine sSLEngine = null;
        if (logger.isLoggable(Level.FINE)) {
            logger.log(Level.FINE, "Obtaining sslEngine. Key attachment: " + selectionKey.attachment());
        }
        if (selectionKey.attachment() instanceof ThreadAttachment) {
            sSLEngine = ((WorkerThread) Thread.currentThread()).getSSLEngine();
        }
        if (sSLEngine == null) {
            sSLEngine = newSSLEngine();
        }
        if (this.wantClientAuth) {
            sSLEngine.setWantClientAuth(this.wantClientAuth);
        }
        if (this.needClientAuth) {
            sSLEngine.setNeedClientAuth(this.needClientAuth);
        }
        return sSLEngine;
    }

    public void configure(SSLConfig sSLConfig) {
        this.sslContext = sSLConfig.createSSLContext();
        this.wantClientAuth = sSLConfig.isWantClientAuth();
        this.needClientAuth = sSLConfig.isNeedClientAuth();
        this.clientMode = sSLConfig.isClientMode();
        this.sslActivityTimeout = sSLConfig.getSslInactivityTimeout();
    }

    public void setSSLContext(SSLContext sSLContext) {
        this.sslContext = sSLContext;
    }

    public SSLContext getSSLContext() {
        return this.sslContext;
    }

    public String[] getEnabledCipherSuites() {
        return this.enabledCipherSuites;
    }

    public void setEnabledCipherSuites(String[] strArr) {
        this.enabledCipherSuites = strArr;
    }

    public String[] getEnabledProtocols() {
        return this.enabledProtocols;
    }

    public void setEnabledProtocols(String[] strArr) {
        this.enabledProtocols = strArr;
    }

    public boolean isClientMode() {
        return this.clientMode;
    }

    public void setClientMode(boolean z) {
        this.clientMode = z;
    }

    public boolean isNeedClientAuth() {
        return this.needClientAuth;
    }

    public void setNeedClientAuth(boolean z) {
        this.needClientAuth = z;
    }

    public boolean isWantClientAuth() {
        return this.wantClientAuth;
    }

    public void setWantClientAuth(boolean z) {
        this.wantClientAuth = z;
    }

    public int getSslActivityTimeout() {
        return this.sslActivityTimeout;
    }

    public void setSslActivityTimeout(int i) {
        this.sslActivityTimeout = i;
    }

    private static final String[] configureEnabledProtocols(SSLEngine sSLEngine, String[] strArr) {
        ArrayList arrayList = null;
        for (String str : sSLEngine.getSupportedProtocols()) {
            int length = strArr.length;
            int i = 0;
            while (true) {
                if (i < length) {
                    String trim = strArr[i].trim();
                    if (str.equals(trim)) {
                        if (arrayList == null) {
                            arrayList = new ArrayList();
                        }
                        arrayList.add(trim);
                    } else {
                        i++;
                    }
                }
            }
        }
        return arrayList != null ? (String[]) arrayList.toArray(new String[arrayList.size()]) : null;
    }

    private static final String[] configureEnabledCiphers(SSLEngine sSLEngine, String[] strArr) {
        ArrayList arrayList = null;
        for (String str : sSLEngine.getSupportedCipherSuites()) {
            int length = strArr.length;
            int i = 0;
            while (true) {
                if (i < length) {
                    String trim = strArr[i].trim();
                    if (str.equals(trim)) {
                        if (arrayList == null) {
                            arrayList = new ArrayList();
                        }
                        arrayList.add(trim);
                    } else {
                        i++;
                    }
                }
            }
        }
        return arrayList != null ? (String[]) arrayList.toArray(new String[arrayList.size()]) : null;
    }

    private void saveSecuredBufferRemainders(SelectionKey selectionKey) {
        Logger logger = Controller.logger();
        ThreadAttachment threadAttachment = (ThreadAttachment) selectionKey.attachment();
        WorkerThread workerThread = (WorkerThread) Thread.currentThread();
        if (threadAttachment == null || workerThread.getAttachment() != threadAttachment) {
            logger.log(Level.FINE, "SelectionKey ThreadAttachment is NULL or doesn't correspond to the current thread, when saving buffers");
            return;
        }
        if (logger.isLoggable(Level.FINE)) {
            logger.log(Level.FINE, "saveSecuredBufferRemainders inputBB: " + workerThread.getInputBB() + " outputBB: " + workerThread.getOutputBB() + " attach: " + threadAttachment);
        }
        ByteBuffer inputBB = workerThread.getInputBB();
        if (inputBB == null || inputBB.position() <= 0) {
            workerThread.updateAttachment(threadAttachment.getMode() & (Integer.MAX_VALUE ^ ThreadAttachment.Mode.INPUT_BB));
        } else {
            workerThread.updateAttachment(threadAttachment.getMode() | ThreadAttachment.Mode.INPUT_BB);
        }
        ByteBuffer outputBB = workerThread.getOutputBB();
        if (outputBB == null || !outputBB.hasRemaining()) {
            workerThread.updateAttachment(threadAttachment.getMode() & (Integer.MAX_VALUE ^ ThreadAttachment.Mode.OUTPUT_BB));
        } else {
            workerThread.updateAttachment(threadAttachment.getMode() | ThreadAttachment.Mode.OUTPUT_BB);
        }
    }

    protected static void log(String str, Throwable th) {
        if (Controller.logger().isLoggable(Level.FINE)) {
            Controller.logger().log(Level.FINE, str, th);
        }
    }
}
