package org.opendaylight.controller.protocol_plugin.openflow.core.internal;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.channels.AsynchronousCloseException;
import java.nio.channels.Selector;
import java.nio.channels.SocketChannel;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.List;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManagerFactory;
import org.opendaylight.controller.protocol_plugin.openflow.core.IMessageReadWrite;
import org.openflow.protocol.OFMessage;
import org.openflow.protocol.factory.BasicFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/opendaylight/controller/protocol_plugin/openflow/core/internal/SecureMessageReadWriteService.class */
public class SecureMessageReadWriteService implements IMessageReadWrite {
    private Selector selector;
    private SocketChannel socket;
    private SSLEngine sslEngine;
    private SSLEngineResult sslEngineResult;
    private ByteBuffer myAppData;
    private ByteBuffer myNetData;
    private ByteBuffer peerAppData;
    private ByteBuffer peerNetData;
    private static final Logger logger = LoggerFactory.getLogger(SecureMessageReadWriteService.class);
    private static String keyStorePassword = null;
    private static String trustStorePassword = null;
    private FileInputStream kfd = null;
    private FileInputStream tfd = null;
    private final String keyStoreFileDefault = "./configuration/tlsKeyStore";
    private final String trustStoreFileDefault = "./configuration/tlsTrustStore";
    private final String keyStorePasswordPropName = "controllerKeyStorePassword";
    private final String trustStorePasswordPropName = "controllerTrustStorePassword";
    private BasicFactory factory = new BasicFactory();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.opendaylight.controller.protocol_plugin.openflow.core.internal.SecureMessageReadWriteService$1, reason: invalid class name */
    /* loaded from: input_file:org/opendaylight/controller/protocol_plugin/openflow/core/internal/SecureMessageReadWriteService$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$Status;
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus = new int[SSLEngineResult.HandshakeStatus.values().length];

        static {
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_UNWRAP.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_WRAP.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_TASK.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            $SwitchMap$javax$net$ssl$SSLEngineResult$Status = new int[SSLEngineResult.Status.values().length];
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.OK.ordinal()] = 1;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    public SecureMessageReadWriteService(SocketChannel socketChannel, Selector selector) throws Exception {
        this.socket = socketChannel;
        this.selector = selector;
        try {
            createSecureChannel(socketChannel);
            createBuffers(this.sslEngine);
        } catch (Exception e) {
            logger.warn("Failed to setup TLS connection {} {}", socketChannel, e);
            stop();
            throw e;
        }
    }

    private void createSecureChannel(SocketChannel socketChannel) throws Exception {
        String property = System.getProperty("controllerKeyStore");
        String property2 = System.getProperty("controllerTrustStore");
        String property3 = System.getProperty("controllerKeyStorePassword");
        String property4 = System.getProperty("controllerTrustStorePassword");
        String trim = property != null ? property.trim() : "./configuration/tlsKeyStore";
        if (trim == null || trim.isEmpty()) {
            throw new FileNotFoundException("TLS KeyStore file not found.");
        }
        if (keyStorePassword == null || (property3 != null && !property3.isEmpty())) {
            keyStorePassword = property3;
        }
        if (keyStorePassword != null) {
            keyStorePassword = keyStorePassword.trim();
            System.setProperty("controllerKeyStorePassword", "");
        }
        if (keyStorePassword == null || keyStorePassword.isEmpty()) {
            throw new FileNotFoundException("TLS KeyStore Password not provided.");
        }
        String trim2 = property2 != null ? property2.trim() : "./configuration/tlsTrustStore";
        if (trim2 == null || trim2.isEmpty()) {
            throw new FileNotFoundException("TLS TrustStore file not found");
        }
        if (trustStorePassword == null || (property4 != null && !property4.isEmpty())) {
            trustStorePassword = property4;
        }
        if (trustStorePassword != null) {
            trustStorePassword = trustStorePassword.trim();
            System.setProperty("controllerTrustStorePassword", "");
        }
        if (trustStorePassword == null || trustStorePassword.isEmpty()) {
            throw new FileNotFoundException("TLS TrustStore Password not provided.");
        }
        KeyStore keyStore = KeyStore.getInstance("JKS");
        KeyStore keyStore2 = KeyStore.getInstance("JKS");
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        this.kfd = new FileInputStream(trim);
        this.tfd = new FileInputStream(trim2);
        keyStore.load(this.kfd, keyStorePassword.toCharArray());
        keyStore2.load(this.tfd, trustStorePassword.toCharArray());
        keyManagerFactory.init(keyStore, keyStorePassword.toCharArray());
        trustManagerFactory.init(keyStore2);
        SecureRandom secureRandom = new SecureRandom();
        secureRandom.nextInt();
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), secureRandom);
        this.sslEngine = sSLContext.createSSLEngine();
        this.sslEngine.setUseClientMode(false);
        this.sslEngine.setNeedClientAuth(true);
        this.sslEngine.setEnabledCipherSuites(new String[]{"SSL_RSA_WITH_RC4_128_MD5", "SSL_RSA_WITH_RC4_128_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "SSL_RSA_WITH_DES_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"});
        doHandshake(socketChannel, this.sslEngine);
        this.socket.register(this.selector, 1);
    }

    @Override // org.opendaylight.controller.protocol_plugin.openflow.core.IMessageReadWrite
    public void asyncSend(OFMessage oFMessage) throws Exception {
        synchronized (this.myAppData) {
            int lengthU = oFMessage.getLengthU();
            if (this.myAppData.remaining() < lengthU) {
                ByteBuffer allocateDirect = ByteBuffer.allocateDirect(this.myAppData.capacity() + lengthU);
                this.myAppData.flip();
                allocateDirect.put(this.myAppData);
                this.myAppData = allocateDirect;
            }
        }
        synchronized (this.myAppData) {
            oFMessage.writeTo(this.myAppData);
            this.myAppData.flip();
            this.sslEngineResult = this.sslEngine.wrap(this.myAppData, this.myNetData);
            logger.trace("asyncSend sslEngine wrap: {}", this.sslEngineResult);
            runDelegatedTasks(this.sslEngineResult, this.sslEngine);
            if (this.socket.isOpen()) {
                this.myNetData.flip();
                this.socket.write(this.myNetData);
                if (this.myNetData.hasRemaining()) {
                    this.myNetData.compact();
                } else {
                    this.myNetData.clear();
                }
                if (this.myAppData.hasRemaining()) {
                    this.myAppData.compact();
                    this.socket.register(this.selector, 4, this);
                } else {
                    this.myAppData.clear();
                    this.socket.register(this.selector, 1, this);
                }
                logger.trace("Message sent: {}", oFMessage);
            }
        }
    }

    @Override // org.opendaylight.controller.protocol_plugin.openflow.core.IMessageReadWrite
    public void resumeSend() throws Exception {
        synchronized (this.myAppData) {
            this.myAppData.flip();
            this.sslEngineResult = this.sslEngine.wrap(this.myAppData, this.myNetData);
            logger.trace("resumeSend sslEngine wrap: {}", this.sslEngineResult);
            runDelegatedTasks(this.sslEngineResult, this.sslEngine);
            if (this.socket.isOpen()) {
                this.myNetData.flip();
                this.socket.write(this.myNetData);
                if (this.myNetData.hasRemaining()) {
                    this.myNetData.compact();
                } else {
                    this.myNetData.clear();
                }
                if (this.myAppData.hasRemaining()) {
                    this.myAppData.compact();
                    this.socket.register(this.selector, 4, this);
                } else {
                    this.myAppData.clear();
                    this.socket.register(this.selector, 1, this);
                }
            }
        }
    }

    @Override // org.opendaylight.controller.protocol_plugin.openflow.core.IMessageReadWrite
    public List<OFMessage> readMessages() throws Exception {
        if (!this.socket.isOpen()) {
            return null;
        }
        List<OFMessage> list = null;
        int i = 50;
        if (this.socket.read(this.peerNetData) < 0) {
            logger.debug("Message read operation failed");
            throw new AsynchronousCloseException();
        }
        do {
            this.peerNetData.flip();
            this.sslEngineResult = this.sslEngine.unwrap(this.peerNetData, this.peerAppData);
            if (this.peerNetData.hasRemaining()) {
                this.peerNetData.compact();
            } else {
                this.peerNetData.clear();
            }
            logger.trace("sslEngine unwrap result: {}", this.sslEngineResult);
            runDelegatedTasks(this.sslEngineResult, this.sslEngine);
            if (this.sslEngineResult.getStatus() != SSLEngineResult.Status.OK || !this.peerNetData.hasRemaining()) {
                break;
            }
            i--;
        } while (i > 0);
        if (i == 0) {
            logger.trace("countDown reaches 0. peerNetData pos {} lim {}", Integer.valueOf(this.peerNetData.position()), Integer.valueOf(this.peerNetData.limit()));
        }
        try {
            this.peerAppData.flip();
            list = this.factory.parseMessages(this.peerAppData);
            if (this.peerAppData.hasRemaining()) {
                this.peerAppData.compact();
            } else {
                this.peerAppData.clear();
            }
        } catch (Exception e) {
            this.peerAppData.clear();
            logger.debug("Caught exception: ", e);
        }
        this.socket.register(this.selector, 1, this);
        return list;
    }

    private void runDelegatedTasks(SSLEngineResult sSLEngineResult, SSLEngine sSLEngine) throws Exception {
        if (sSLEngineResult.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_TASK) {
            while (true) {
                Runnable delegatedTask = sSLEngine.getDelegatedTask();
                if (delegatedTask == null) {
                    break;
                }
                logger.debug("\trunning delegated task...");
                delegatedTask.run();
            }
            SSLEngineResult.HandshakeStatus handshakeStatus = sSLEngine.getHandshakeStatus();
            if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_TASK) {
                throw new Exception("handshake shouldn't need additional tasks");
            }
            logger.debug("\tnew HandshakeStatus: {}", handshakeStatus);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:33:0x003b, code lost:
    
        continue;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void doHandshake(java.nio.channels.SocketChannel r5, javax.net.ssl.SSLEngine r6) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 348
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.opendaylight.controller.protocol_plugin.openflow.core.internal.SecureMessageReadWriteService.doHandshake(java.nio.channels.SocketChannel, javax.net.ssl.SSLEngine):void");
    }

    private void createBuffers(SSLEngine sSLEngine) {
        SSLSession session = sSLEngine.getSession();
        this.myAppData = ByteBuffer.allocate(session.getApplicationBufferSize());
        this.peerAppData = ByteBuffer.allocate(session.getApplicationBufferSize() * 20);
        this.myNetData = ByteBuffer.allocate(session.getPacketBufferSize());
        this.peerNetData = ByteBuffer.allocate(session.getPacketBufferSize() * 20);
    }

    @Override // org.opendaylight.controller.protocol_plugin.openflow.core.IMessageReadWrite
    public void stop() throws IOException {
        this.sslEngine = null;
        this.sslEngineResult = null;
        this.myAppData = null;
        this.myNetData = null;
        this.peerAppData = null;
        this.peerNetData = null;
        if (this.kfd != null) {
            this.kfd.close();
            this.kfd = null;
        }
        if (this.tfd != null) {
            this.tfd.close();
            this.tfd = null;
        }
    }
}
