package io.undertow.protocols.ssl;

import io.undertow.UndertowMessages;
import java.nio.ByteBuffer;
import java.nio.channels.ClosedChannelException;
import java.security.Principal;
import java.security.cert.Certificate;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.Function;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSessionContext;
import javax.security.cert.X509Certificate;

/* loaded from: input_file:io/undertow/protocols/ssl/SNISSLEngine.class */
class SNISSLEngine extends SSLEngine {
    private final AtomicReference<SSLEngine> currentRef;
    private Function<SSLEngine, SSLEngine> selectionCallback;
    static final int FL_WANT_C_AUTH = 1;
    static final int FL_NEED_C_AUTH = 2;
    static final int FL_SESSION_CRE = 4;
    private static final SSLEngineResult UNDERFLOW_UNWRAP = new SSLEngineResult(SSLEngineResult.Status.BUFFER_UNDERFLOW, SSLEngineResult.HandshakeStatus.NEED_UNWRAP, 0, 0);
    private static final SSLEngineResult OK_UNWRAP = new SSLEngineResult(SSLEngineResult.Status.OK, SSLEngineResult.HandshakeStatus.NEED_UNWRAP, 0, 0);
    static final SSLEngine CLOSED_STATE = new SSLEngine() { // from class: io.undertow.protocols.ssl.SNISSLEngine.1
        @Override // javax.net.ssl.SSLEngine
        public SSLEngineResult wrap(ByteBuffer[] byteBufferArr, int i, int i2, ByteBuffer byteBuffer) throws SSLException {
            throw new SSLException(new ClosedChannelException());
        }

        @Override // javax.net.ssl.SSLEngine
        public SSLEngineResult unwrap(ByteBuffer byteBuffer, ByteBuffer[] byteBufferArr, int i, int i2) throws SSLException {
            throw new SSLException(new ClosedChannelException());
        }

        @Override // javax.net.ssl.SSLEngine
        public Runnable getDelegatedTask() {
            return null;
        }

        @Override // javax.net.ssl.SSLEngine
        public void closeInbound() throws SSLException {
        }

        @Override // javax.net.ssl.SSLEngine
        public boolean isInboundDone() {
            return true;
        }

        @Override // javax.net.ssl.SSLEngine
        public void closeOutbound() {
        }

        @Override // javax.net.ssl.SSLEngine
        public boolean isOutboundDone() {
            return true;
        }

        @Override // javax.net.ssl.SSLEngine
        public String[] getSupportedCipherSuites() {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.SSLEngine
        public String[] getEnabledCipherSuites() {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.SSLEngine
        public void setEnabledCipherSuites(String[] strArr) {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.SSLEngine
        public String[] getSupportedProtocols() {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.SSLEngine
        public String[] getEnabledProtocols() {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.SSLEngine
        public void setEnabledProtocols(String[] strArr) {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.SSLEngine
        public SSLSession getSession() {
            return null;
        }

        @Override // javax.net.ssl.SSLEngine
        public void beginHandshake() throws SSLException {
            throw new SSLException(new ClosedChannelException());
        }

        @Override // javax.net.ssl.SSLEngine
        public SSLEngineResult.HandshakeStatus getHandshakeStatus() {
            return SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING;
        }

        @Override // javax.net.ssl.SSLEngine
        public void setUseClientMode(boolean z) {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.SSLEngine
        public boolean getUseClientMode() {
            return false;
        }

        @Override // javax.net.ssl.SSLEngine
        public void setNeedClientAuth(boolean z) {
        }

        @Override // javax.net.ssl.SSLEngine
        public boolean getNeedClientAuth() {
            return false;
        }

        @Override // javax.net.ssl.SSLEngine
        public void setWantClientAuth(boolean z) {
        }

        @Override // javax.net.ssl.SSLEngine
        public boolean getWantClientAuth() {
            return false;
        }

        @Override // javax.net.ssl.SSLEngine
        public void setEnableSessionCreation(boolean z) {
        }

        @Override // javax.net.ssl.SSLEngine
        public boolean getEnableSessionCreation() {
            return false;
        }
    };

    /* loaded from: input_file:io/undertow/protocols/ssl/SNISSLEngine$InitialState.class */
    class InitialState extends SSLEngine {
        private final SNIContextMatcher selector;
        private final Function<SSLContext, SSLEngine> engineFunction;
        private String[] enabledSuites;
        private String[] enabledProtocols;
        private final AtomicInteger flags = new AtomicInteger(4);
        private int packetBufferSize = 5;
        private final SSLSession handshakeSession = new SSLSession() { // from class: io.undertow.protocols.ssl.SNISSLEngine.InitialState.1
            @Override // javax.net.ssl.SSLSession
            public byte[] getId() {
                throw new UnsupportedOperationException();
            }

            @Override // javax.net.ssl.SSLSession
            public SSLSessionContext getSessionContext() {
                throw new UnsupportedOperationException();
            }

            @Override // javax.net.ssl.SSLSession
            public long getCreationTime() {
                throw new UnsupportedOperationException();
            }

            @Override // javax.net.ssl.SSLSession
            public long getLastAccessedTime() {
                throw new UnsupportedOperationException();
            }

            @Override // javax.net.ssl.SSLSession
            public void invalidate() {
                throw new UnsupportedOperationException();
            }

            @Override // javax.net.ssl.SSLSession
            public boolean isValid() {
                return false;
            }

            @Override // javax.net.ssl.SSLSession
            public void putValue(String str, Object obj) {
                throw new UnsupportedOperationException();
            }

            @Override // javax.net.ssl.SSLSession
            public Object getValue(String str) {
                return null;
            }

            @Override // javax.net.ssl.SSLSession
            public void removeValue(String str) {
            }

            @Override // javax.net.ssl.SSLSession
            public String[] getValueNames() {
                throw new UnsupportedOperationException();
            }

            @Override // javax.net.ssl.SSLSession
            public Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException {
                throw new UnsupportedOperationException();
            }

            @Override // javax.net.ssl.SSLSession
            public Certificate[] getLocalCertificates() {
                return null;
            }

            @Override // javax.net.ssl.SSLSession
            public X509Certificate[] getPeerCertificateChain() throws SSLPeerUnverifiedException {
                throw new UnsupportedOperationException();
            }

            @Override // javax.net.ssl.SSLSession
            public Principal getPeerPrincipal() throws SSLPeerUnverifiedException {
                throw new UnsupportedOperationException();
            }

            @Override // javax.net.ssl.SSLSession
            public Principal getLocalPrincipal() {
                throw new UnsupportedOperationException();
            }

            @Override // javax.net.ssl.SSLSession
            public String getCipherSuite() {
                throw new UnsupportedOperationException();
            }

            @Override // javax.net.ssl.SSLSession
            public String getProtocol() {
                throw new UnsupportedOperationException();
            }

            @Override // javax.net.ssl.SSLSession
            public String getPeerHost() {
                return SNISSLEngine.this.getPeerHost();
            }

            @Override // javax.net.ssl.SSLSession
            public int getPeerPort() {
                return SNISSLEngine.this.getPeerPort();
            }

            @Override // javax.net.ssl.SSLSession
            public int getPacketBufferSize() {
                return InitialState.this.packetBufferSize;
            }

            @Override // javax.net.ssl.SSLSession
            public int getApplicationBufferSize() {
                throw new UnsupportedOperationException();
            }
        };

        InitialState(SNIContextMatcher sNIContextMatcher, Function<SSLContext, SSLEngine> function) {
            this.selector = sNIContextMatcher;
            this.engineFunction = function;
        }

        @Override // javax.net.ssl.SSLEngine
        public SSLSession getHandshakeSession() {
            return this.handshakeSession;
        }

        @Override // javax.net.ssl.SSLEngine
        public SSLEngineResult wrap(ByteBuffer[] byteBufferArr, int i, int i2, ByteBuffer byteBuffer) throws SSLException {
            return SNISSLEngine.OK_UNWRAP;
        }

        @Override // javax.net.ssl.SSLEngine
        public SSLEngineResult unwrap(ByteBuffer byteBuffer, ByteBuffer[] byteBufferArr, int i, int i2) throws SSLException {
            int position = byteBuffer.position();
            try {
                if (byteBuffer.remaining() < 5) {
                    this.packetBufferSize = 5;
                    SSLEngineResult sSLEngineResult = SNISSLEngine.UNDERFLOW_UNWRAP;
                    byteBuffer.position(position);
                    return sSLEngineResult;
                }
                int requiredSize = SNISSLExplorer.getRequiredSize(byteBuffer);
                if (byteBuffer.remaining() < requiredSize) {
                    this.packetBufferSize = requiredSize;
                    SSLEngineResult sSLEngineResult2 = SNISSLEngine.UNDERFLOW_UNWRAP;
                    byteBuffer.position(position);
                    return sSLEngineResult2;
                }
                SSLContext context = this.selector.getContext(SNISSLExplorer.explore(byteBuffer));
                if (context == null) {
                    throw UndertowMessages.MESSAGES.noContextForSslConnection();
                }
                SSLEngine apply = this.engineFunction.apply(context);
                if (this.enabledSuites != null) {
                    apply.setEnabledCipherSuites(this.enabledSuites);
                }
                if (this.enabledProtocols != null) {
                    apply.setEnabledProtocols(this.enabledProtocols);
                }
                apply.setUseClientMode(false);
                int i3 = this.flags.get();
                if ((i3 & 1) != 0) {
                    apply.setWantClientAuth(true);
                } else if ((i3 & 2) != 0) {
                    apply.setNeedClientAuth(true);
                }
                if ((i3 & 4) != 0) {
                    apply.setEnableSessionCreation(true);
                }
                SSLEngine apply2 = SNISSLEngine.this.selectionCallback.apply(apply);
                SNISSLEngine.this.currentRef.set(apply2);
                byteBuffer.position(position);
                return apply2.unwrap(byteBuffer, byteBufferArr, i, i2);
            } catch (Throwable th) {
                byteBuffer.position(position);
                throw th;
            }
        }

        @Override // javax.net.ssl.SSLEngine
        public Runnable getDelegatedTask() {
            return null;
        }

        @Override // javax.net.ssl.SSLEngine
        public void closeInbound() throws SSLException {
            SNISSLEngine.this.currentRef.set(SNISSLEngine.CLOSED_STATE);
        }

        @Override // javax.net.ssl.SSLEngine
        public boolean isInboundDone() {
            return false;
        }

        @Override // javax.net.ssl.SSLEngine
        public void closeOutbound() {
            SNISSLEngine.this.currentRef.set(SNISSLEngine.CLOSED_STATE);
        }

        @Override // javax.net.ssl.SSLEngine
        public boolean isOutboundDone() {
            return false;
        }

        @Override // javax.net.ssl.SSLEngine
        public String[] getSupportedCipherSuites() {
            return this.enabledSuites == null ? new String[0] : this.enabledSuites;
        }

        @Override // javax.net.ssl.SSLEngine
        public String[] getEnabledCipherSuites() {
            return this.enabledSuites;
        }

        @Override // javax.net.ssl.SSLEngine
        public void setEnabledCipherSuites(String[] strArr) {
            this.enabledSuites = strArr;
        }

        @Override // javax.net.ssl.SSLEngine
        public String[] getSupportedProtocols() {
            return this.enabledProtocols == null ? new String[0] : this.enabledProtocols;
        }

        @Override // javax.net.ssl.SSLEngine
        public String[] getEnabledProtocols() {
            return this.enabledProtocols;
        }

        @Override // javax.net.ssl.SSLEngine
        public void setEnabledProtocols(String[] strArr) {
            this.enabledProtocols = strArr;
        }

        @Override // javax.net.ssl.SSLEngine
        public SSLSession getSession() {
            return null;
        }

        @Override // javax.net.ssl.SSLEngine
        public void beginHandshake() throws SSLException {
        }

        @Override // javax.net.ssl.SSLEngine
        public SSLEngineResult.HandshakeStatus getHandshakeStatus() {
            return SSLEngineResult.HandshakeStatus.NEED_UNWRAP;
        }

        @Override // javax.net.ssl.SSLEngine
        public void setUseClientMode(boolean z) {
            if (z) {
                throw new UnsupportedOperationException();
            }
        }

        @Override // javax.net.ssl.SSLEngine
        public boolean getUseClientMode() {
            return false;
        }

        @Override // javax.net.ssl.SSLEngine
        public void setNeedClientAuth(boolean z) {
            int i;
            AtomicInteger atomicInteger = this.flags;
            do {
                i = atomicInteger.get();
                if (((i & 2) != 0) == z) {
                    return;
                }
            } while (!atomicInteger.compareAndSet(i, (i & 4) | 2));
        }

        @Override // javax.net.ssl.SSLEngine
        public boolean getNeedClientAuth() {
            return (this.flags.get() & 2) != 0;
        }

        @Override // javax.net.ssl.SSLEngine
        public void setWantClientAuth(boolean z) {
            int i;
            AtomicInteger atomicInteger = this.flags;
            do {
                i = atomicInteger.get();
                if (((i & 1) != 0) == z) {
                    return;
                }
            } while (!atomicInteger.compareAndSet(i, (i & 4) | 1));
        }

        @Override // javax.net.ssl.SSLEngine
        public boolean getWantClientAuth() {
            return (this.flags.get() & 1) != 0;
        }

        @Override // javax.net.ssl.SSLEngine
        public void setEnableSessionCreation(boolean z) {
            int i;
            AtomicInteger atomicInteger = this.flags;
            do {
                i = atomicInteger.get();
                if (((i & 4) != 0) == z) {
                    return;
                }
            } while (!atomicInteger.compareAndSet(i, i ^ 4));
        }

        @Override // javax.net.ssl.SSLEngine
        public boolean getEnableSessionCreation() {
            return (this.flags.get() & 4) != 0;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SNISSLEngine(SNIContextMatcher sNIContextMatcher) {
        this.selectionCallback = Function.identity();
        this.currentRef = new AtomicReference<>(new InitialState(sNIContextMatcher, (v0) -> {
            return v0.createSSLEngine();
        }));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SNISSLEngine(SNIContextMatcher sNIContextMatcher, String str, int i) {
        super(str, i);
        this.selectionCallback = Function.identity();
        this.currentRef = new AtomicReference<>(new InitialState(sNIContextMatcher, sSLContext -> {
            return sSLContext.createSSLEngine(str, i);
        }));
    }

    public Function<SSLEngine, SSLEngine> getSelectionCallback() {
        return this.selectionCallback;
    }

    public void setSelectionCallback(Function<SSLEngine, SSLEngine> function) {
        this.selectionCallback = function;
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLEngineResult wrap(ByteBuffer[] byteBufferArr, int i, int i2, ByteBuffer byteBuffer) throws SSLException {
        return this.currentRef.get().wrap(byteBufferArr, i, i2, byteBuffer);
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLEngineResult wrap(ByteBuffer byteBuffer, ByteBuffer byteBuffer2) throws SSLException {
        return this.currentRef.get().wrap(byteBuffer, byteBuffer2);
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLEngineResult wrap(ByteBuffer[] byteBufferArr, ByteBuffer byteBuffer) throws SSLException {
        return this.currentRef.get().wrap(byteBufferArr, byteBuffer);
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLEngineResult unwrap(ByteBuffer byteBuffer, ByteBuffer[] byteBufferArr, int i, int i2) throws SSLException {
        return this.currentRef.get().unwrap(byteBuffer, byteBufferArr, i, i2);
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLEngineResult unwrap(ByteBuffer byteBuffer, ByteBuffer byteBuffer2) throws SSLException {
        return this.currentRef.get().unwrap(byteBuffer, byteBuffer2);
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLEngineResult unwrap(ByteBuffer byteBuffer, ByteBuffer[] byteBufferArr) throws SSLException {
        return this.currentRef.get().unwrap(byteBuffer, byteBufferArr);
    }

    @Override // javax.net.ssl.SSLEngine
    public String getPeerHost() {
        return this.currentRef.get().getPeerHost();
    }

    @Override // javax.net.ssl.SSLEngine
    public int getPeerPort() {
        return this.currentRef.get().getPeerPort();
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLSession getHandshakeSession() {
        return this.currentRef.get().getHandshakeSession();
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLParameters getSSLParameters() {
        return this.currentRef.get().getSSLParameters();
    }

    @Override // javax.net.ssl.SSLEngine
    public void setSSLParameters(SSLParameters sSLParameters) {
        this.currentRef.get().setSSLParameters(sSLParameters);
    }

    @Override // javax.net.ssl.SSLEngine
    public Runnable getDelegatedTask() {
        return this.currentRef.get().getDelegatedTask();
    }

    @Override // javax.net.ssl.SSLEngine
    public void closeInbound() throws SSLException {
        this.currentRef.get().closeInbound();
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean isInboundDone() {
        return this.currentRef.get().isInboundDone();
    }

    @Override // javax.net.ssl.SSLEngine
    public void closeOutbound() {
        this.currentRef.get().closeOutbound();
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean isOutboundDone() {
        return this.currentRef.get().isOutboundDone();
    }

    @Override // javax.net.ssl.SSLEngine
    public String[] getSupportedCipherSuites() {
        return this.currentRef.get().getSupportedCipherSuites();
    }

    @Override // javax.net.ssl.SSLEngine
    public String[] getEnabledCipherSuites() {
        return this.currentRef.get().getEnabledCipherSuites();
    }

    @Override // javax.net.ssl.SSLEngine
    public void setEnabledCipherSuites(String[] strArr) {
        this.currentRef.get().setEnabledCipherSuites(strArr);
    }

    @Override // javax.net.ssl.SSLEngine
    public String[] getSupportedProtocols() {
        return this.currentRef.get().getSupportedProtocols();
    }

    @Override // javax.net.ssl.SSLEngine
    public String[] getEnabledProtocols() {
        return this.currentRef.get().getEnabledProtocols();
    }

    @Override // javax.net.ssl.SSLEngine
    public void setEnabledProtocols(String[] strArr) {
        this.currentRef.get().setEnabledProtocols(strArr);
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLSession getSession() {
        return this.currentRef.get().getSession();
    }

    @Override // javax.net.ssl.SSLEngine
    public void beginHandshake() throws SSLException {
        this.currentRef.get().beginHandshake();
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLEngineResult.HandshakeStatus getHandshakeStatus() {
        return this.currentRef.get().getHandshakeStatus();
    }

    @Override // javax.net.ssl.SSLEngine
    public void setUseClientMode(boolean z) {
        this.currentRef.get().setUseClientMode(z);
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean getUseClientMode() {
        return this.currentRef.get().getUseClientMode();
    }

    @Override // javax.net.ssl.SSLEngine
    public void setNeedClientAuth(boolean z) {
        this.currentRef.get().setNeedClientAuth(z);
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean getNeedClientAuth() {
        return this.currentRef.get().getNeedClientAuth();
    }

    @Override // javax.net.ssl.SSLEngine
    public void setWantClientAuth(boolean z) {
        this.currentRef.get().setWantClientAuth(z);
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean getWantClientAuth() {
        return this.currentRef.get().getWantClientAuth();
    }

    @Override // javax.net.ssl.SSLEngine
    public void setEnableSessionCreation(boolean z) {
        this.currentRef.get().setEnableSessionCreation(z);
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean getEnableSessionCreation() {
        return this.currentRef.get().getEnableSessionCreation();
    }
}
