package io.activej.net.socket.tcp;

import io.activej.bytebuf.ByteBuf;
import io.activej.bytebuf.ByteBufPool;
import io.activej.common.ApplicationSettings;
import io.activej.common.exception.CloseException;
import io.activej.common.recycle.Recyclers;
import io.activej.eventloop.net.CloseWithoutNotifyException;
import io.activej.promise.Promise;
import io.activej.promise.SettablePromise;
import java.nio.ByteBuffer;
import java.util.Objects;
import java.util.concurrent.Executor;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* loaded from: input_file:io/activej/net/socket/tcp/AsyncTcpSocketSsl.class */
public final class AsyncTcpSocketSsl implements AsyncTcpSocket {
    public static final boolean ERROR_ON_CLOSE_WITHOUT_NOTIFY;
    private final SSLEngine engine;
    private final Executor executor;
    private final AsyncTcpSocket upstream;
    private ByteBuf net2engine = ByteBuf.empty();
    private ByteBuf engine2app = ByteBuf.empty();
    private ByteBuf app2engine = ByteBuf.empty();
    private boolean shouldReturnEndOfStream;

    @Nullable
    private SettablePromise<ByteBuf> read;

    @Nullable
    private SettablePromise<Void> write;

    @Nullable
    private Promise<Void> pendingUpstreamWrite;
    static final /* synthetic */ boolean $assertionsDisabled;

    public static AsyncTcpSocketSsl wrapClientSocket(AsyncTcpSocket asyncTcpSocket, String str, int i, SSLContext sSLContext, Executor executor) {
        SSLEngine createSSLEngine = sSLContext.createSSLEngine(str, i);
        createSSLEngine.setUseClientMode(true);
        return create(asyncTcpSocket, createSSLEngine, executor);
    }

    public static AsyncTcpSocketSsl wrapClientSocket(AsyncTcpSocket asyncTcpSocket, SSLContext sSLContext, Executor executor) {
        SSLEngine createSSLEngine = sSLContext.createSSLEngine();
        createSSLEngine.setUseClientMode(true);
        return create(asyncTcpSocket, createSSLEngine, executor);
    }

    public static AsyncTcpSocketSsl wrapServerSocket(AsyncTcpSocket asyncTcpSocket, SSLContext sSLContext, Executor executor) {
        SSLEngine createSSLEngine = sSLContext.createSSLEngine();
        createSSLEngine.setUseClientMode(false);
        return create(asyncTcpSocket, createSSLEngine, executor);
    }

    private AsyncTcpSocketSsl(AsyncTcpSocket asyncTcpSocket, SSLEngine sSLEngine, Executor executor) {
        this.engine = sSLEngine;
        this.executor = executor;
        this.upstream = asyncTcpSocket;
        startHandShake();
    }

    public static AsyncTcpSocketSsl create(AsyncTcpSocket asyncTcpSocket, SSLEngine sSLEngine, Executor executor) {
        return new AsyncTcpSocketSsl(asyncTcpSocket, sSLEngine, executor);
    }

    @NotNull
    private <T> Promise<T> sanitize(T t, @Nullable Throwable th) {
        if (th == null) {
            return Promise.of(t);
        }
        closeEx(th);
        return Promise.ofException(th);
    }

    @Override // io.activej.net.socket.tcp.AsyncTcpSocket
    @NotNull
    public Promise<ByteBuf> read() {
        this.read = null;
        if (this.shouldReturnEndOfStream) {
            this.shouldReturnEndOfStream = false;
            return Promise.of((Object) null);
        }
        if (isClosed()) {
            return Promise.ofException(new CloseException());
        }
        if (this.engine2app.canRead()) {
            ByteBuf byteBuf = this.engine2app;
            this.engine2app = ByteBuf.empty();
            return Promise.of(byteBuf);
        }
        SettablePromise<ByteBuf> settablePromise = new SettablePromise<>();
        this.read = settablePromise;
        sync();
        return settablePromise;
    }

    @Override // io.activej.net.socket.tcp.AsyncTcpSocket
    @NotNull
    public Promise<Void> write(@Nullable ByteBuf byteBuf) {
        if (isClosed()) {
            if (byteBuf != null) {
                byteBuf.recycle();
            }
            return Promise.ofException(new CloseException());
        }
        if (byteBuf == null) {
            throw new UnsupportedOperationException("SSL cannot work in half-duplex mode");
        }
        if (!byteBuf.canRead()) {
            byteBuf.recycle();
            return this.write == null ? Promise.complete() : this.write;
        }
        this.app2engine = ByteBufPool.append(this.app2engine, byteBuf);
        if (this.write != null) {
            return this.write;
        }
        SettablePromise<Void> settablePromise = new SettablePromise<>();
        this.write = settablePromise;
        sync();
        return settablePromise;
    }

    @Override // io.activej.net.socket.tcp.AsyncTcpSocket
    public boolean isReadAvailable() {
        return this.engine2app != null && this.engine2app.canRead();
    }

    private void doRead() {
        this.upstream.read().thenEx((v1, v2) -> {
            return sanitize(v1, v2);
        }).whenResult(byteBuf -> {
            if (isClosed()) {
                if (!$assertionsDisabled && this.pendingUpstreamWrite == null) {
                    throw new AssertionError();
                }
                Recyclers.recycle(byteBuf);
                return;
            }
            if (byteBuf != null) {
                this.net2engine = ByteBufPool.append(this.net2engine, byteBuf);
                sync();
                return;
            }
            if (this.engine.isInboundDone()) {
                return;
            }
            try {
                this.engine.closeInbound();
            } catch (SSLException e) {
                if (!ERROR_ON_CLOSE_WITHOUT_NOTIFY && this.read != null) {
                    SettablePromise<ByteBuf> settablePromise = this.read;
                    this.read = null;
                    settablePromise.set((Object) null);
                }
                closeEx(new CloseWithoutNotifyException("Peer closed without sending close_notify", e));
            }
        });
    }

    private void doWrite(ByteBuf byteBuf) {
        Promise<Void> write = this.upstream.write(byteBuf);
        if (this.pendingUpstreamWrite != null) {
            return;
        }
        if (!write.isComplete()) {
            this.pendingUpstreamWrite = write;
        }
        write.thenEx((v1, v2) -> {
            return sanitize(v1, v2);
        }).whenComplete(() -> {
            this.pendingUpstreamWrite = null;
        }).whenResult(() -> {
            if (isClosed()) {
                return;
            }
            if (this.engine.isOutboundDone()) {
                close();
                return;
            }
            if (this.app2engine.canRead() || this.engine.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING || this.write == null) {
                return;
            }
            SettablePromise<Void> settablePromise = this.write;
            this.write = null;
            settablePromise.set((Object) null);
        });
    }

    private SSLEngineResult tryToUnwrap() throws SSLException {
        ByteBuf allocate = ByteBufPool.allocate(this.engine.getSession().getPacketBufferSize());
        ByteBuffer readByteBuffer = this.net2engine.toReadByteBuffer();
        ByteBuffer writeByteBuffer = allocate.toWriteByteBuffer();
        try {
            SSLEngineResult unwrap = this.engine.unwrap(readByteBuffer, writeByteBuffer);
            this.net2engine.ofReadByteBuffer(readByteBuffer);
            this.net2engine = recycleIfEmpty(this.net2engine);
            allocate.ofWriteByteBuffer(writeByteBuffer);
            if (isClosed() || !allocate.canRead()) {
                allocate.recycle();
            } else {
                this.engine2app = ByteBufPool.append(this.engine2app, allocate);
            }
            return unwrap;
        } catch (RuntimeException e) {
            allocate.recycle();
            throw new SSLException(e);
        } catch (SSLException e2) {
            allocate.recycle();
            throw e2;
        }
    }

    private SSLEngineResult tryToWrap() throws SSLException {
        ByteBuf allocate = ByteBufPool.allocate(this.engine.getSession().getPacketBufferSize());
        ByteBuffer readByteBuffer = this.app2engine.toReadByteBuffer();
        ByteBuffer writeByteBuffer = allocate.toWriteByteBuffer();
        try {
            SSLEngineResult wrap = this.engine.wrap(readByteBuffer, writeByteBuffer);
            this.app2engine.ofReadByteBuffer(readByteBuffer);
            this.app2engine = recycleIfEmpty(this.app2engine);
            allocate.ofWriteByteBuffer(writeByteBuffer);
            if (allocate.canRead()) {
                doWrite(allocate);
            } else {
                allocate.recycle();
            }
            return wrap;
        } catch (RuntimeException e) {
            allocate.recycle();
            throw new SSLException(e);
        } catch (SSLException e2) {
            allocate.recycle();
            throw e2;
        }
    }

    private void doHandshake() throws SSLException {
        SSLEngineResult sSLEngineResult = null;
        while (!isClosed()) {
            if (sSLEngineResult != null && sSLEngineResult.getStatus() == SSLEngineResult.Status.CLOSED) {
                close();
                return;
            }
            SSLEngineResult.HandshakeStatus handshakeStatus = this.engine.getHandshakeStatus();
            if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_WRAP) {
                sSLEngineResult = tryToWrap();
            } else {
                if (handshakeStatus != SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
                    if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_TASK) {
                        executeTasks();
                        return;
                    } else {
                        doSync();
                        return;
                    }
                }
                sSLEngineResult = tryToUnwrap();
                if (sSLEngineResult.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW) {
                    doRead();
                    return;
                }
            }
        }
    }

    private void executeTasks() {
        Runnable delegatedTask;
        while (!isClosed() && (delegatedTask = this.engine.getDelegatedTask()) != null) {
            Executor executor = this.executor;
            Objects.requireNonNull(delegatedTask);
            Promise.ofBlockingRunnable(executor, delegatedTask::run).whenResult(() -> {
                if (isClosed()) {
                    return;
                }
                try {
                    doHandshake();
                } catch (SSLException e) {
                    closeEx(e);
                }
            });
        }
    }

    private void sync() {
        try {
            doSync();
        } catch (SSLException e) {
            closeEx(e);
        }
    }

    private void doSync() throws SSLException {
        if (isClosed()) {
            return;
        }
        SSLEngineResult sSLEngineResult = null;
        if (this.engine.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
            doHandshake();
            return;
        }
        if (this.app2engine.canRead()) {
            while (true) {
                sSLEngineResult = tryToWrap();
                if (isClosed() || !this.app2engine.canRead() || (sSLEngineResult.bytesConsumed() == 0 && sSLEngineResult.bytesProduced() == 0)) {
                    break;
                }
            }
        }
        if (isClosed()) {
            return;
        }
        if (this.net2engine.canRead()) {
            while (true) {
                sSLEngineResult = tryToUnwrap();
                if (!this.net2engine.canRead() || (sSLEngineResult.bytesConsumed() == 0 && sSLEngineResult.bytesProduced() == 0)) {
                    break;
                }
            }
            if (sSLEngineResult.getStatus() == SSLEngineResult.Status.CLOSED) {
                this.shouldReturnEndOfStream = true;
            }
            if (this.read != null && this.engine2app.canRead()) {
                SettablePromise<ByteBuf> settablePromise = this.read;
                this.read = null;
                ByteBuf byteBuf = this.engine2app;
                this.engine2app = ByteBuf.empty();
                settablePromise.set(byteBuf);
            }
        }
        if (sSLEngineResult != null && sSLEngineResult.getStatus() == SSLEngineResult.Status.CLOSED) {
            close();
        } else {
            if (isClosed()) {
                return;
            }
            if (this.read == null && this.engine2app.canRead()) {
                return;
            }
            doRead();
        }
    }

    private static ByteBuf recycleIfEmpty(ByteBuf byteBuf) {
        if (byteBuf.canRead()) {
            return byteBuf;
        }
        byteBuf.recycle();
        return ByteBuf.empty();
    }

    private void startHandShake() {
        try {
            this.engine.beginHandshake();
            sync();
        } catch (SSLException e) {
            closeEx(e);
        }
    }

    private void tryCloseOutbound() {
        if (this.engine.isOutboundDone()) {
            return;
        }
        this.engine.closeOutbound();
        do {
            try {
                if (this.engine.isOutboundDone()) {
                    break;
                }
            } catch (SSLException e) {
                return;
            }
        } while (tryToWrap().getStatus() != SSLEngineResult.Status.CLOSED);
    }

    public void closeEx(@NotNull Throwable th) {
        if (isClosed()) {
            return;
        }
        Recyclers.recycle(this.net2engine);
        Recyclers.recycle(this.engine2app);
        this.engine2app = null;
        this.net2engine = null;
        tryCloseOutbound();
        Recyclers.recycle(this.app2engine);
        this.app2engine = null;
        if (this.pendingUpstreamWrite != null) {
            this.pendingUpstreamWrite.whenResult(() -> {
                this.upstream.closeEx(th);
            });
        } else {
            this.upstream.closeEx(th);
        }
        if (this.write != null) {
            this.write.setException(th);
            this.write = null;
        }
        if (this.read != null) {
            if (this.shouldReturnEndOfStream) {
                this.shouldReturnEndOfStream = false;
                this.read.set((Object) null);
            } else {
                this.read.setException(th);
            }
            this.read = null;
        }
    }

    @Override // io.activej.net.socket.tcp.AsyncTcpSocket
    public boolean isClosed() {
        return this.net2engine == null;
    }

    static {
        $assertionsDisabled = !AsyncTcpSocketSsl.class.desiredAssertionStatus();
        ERROR_ON_CLOSE_WITHOUT_NOTIFY = ApplicationSettings.getBoolean(AsyncTcpSocketSsl.class, "errorOnCloseWithoutNotify", false);
    }
}
