package jade.imtp.leap.nio;

import jade.imtp.leap.ICPException;
import jade.imtp.leap.SSLHelper;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;

/* loaded from: input_file:jade/imtp/leap/nio/SSLEngineHelper.class */
public final class SSLEngineHelper implements BufferTransformer {
    public static final int INCREASE_SIZE = 5120;
    private SSLEngine ssle;
    private ByteBuffer wrapData;
    private ByteBuffer unwrapData;
    private ByteBuffer sendData;
    private NIOJICPConnection connection;
    public static final ByteBuffer EMPTY_BUFFER = NIOHelper.EMPTY_BUFFER;
    private static Logger log = Logger.getLogger(SSLEngineHelper.class.getName());

    public SSLEngineHelper(String str, int i, NIOJICPConnection nIOJICPConnection) throws ICPException {
        this.ssle = null;
        this.connection = null;
        this.ssle = SSLHelper.createContext().createSSLEngine(str, i);
        this.ssle.setUseClientMode(false);
        this.ssle.setNeedClientAuth(SSLHelper.needAuth());
        if (!SSLHelper.needAuth()) {
            this.ssle.setEnabledCipherSuites(SSLHelper.getSupportedKeys());
        }
        SSLSession session = this.ssle.getSession();
        this.unwrapData = ByteBuffer.allocateDirect(session.getApplicationBufferSize() + 1500);
        this.wrapData = ByteBuffer.allocateDirect(session.getPacketBufferSize());
        this.sendData = ByteBuffer.allocateDirect(this.wrapData.capacity());
        this.connection = nIOJICPConnection;
    }

    private SSLEngineResult encode(ByteBuffer byteBuffer) throws SSLException {
        return this.ssle.wrap(byteBuffer, this.wrapData);
    }

    private SSLEngineResult.HandshakeStatus runHandshakeTasks() {
        while (true) {
            Runnable delegatedTask = this.ssle.getDelegatedTask();
            if (delegatedTask == null) {
                return this.ssle.getHandshakeStatus();
            }
            delegatedTask.run();
        }
    }

    public void close() throws IOException {
        this.ssle.closeOutbound();
        sendSSLClose();
        this.ssle.closeInbound();
    }

    private void sendSSLClose() {
        while (!this.ssle.isOutboundDone()) {
            try {
                wrapAndSend();
            } catch (IOException e) {
                log.log(Level.FINE, "unable to send ssl close packet", (Throwable) e);
                return;
            }
        }
    }

    private final int writeToChannel(ByteBuffer byteBuffer) throws IOException {
        int remaining = byteBuffer.remaining();
        int writeToChannel = this.connection.writeToChannel(byteBuffer);
        if (writeToChannel != remaining) {
            throw new IOException("should write " + remaining + ", written " + writeToChannel);
        }
        return writeToChannel;
    }

    private String getRemoteHost() {
        return this.connection.getRemoteHost();
    }

    private SSLEngineResult unwrapData(ByteBuffer byteBuffer) throws SSLException {
        SSLEngineResult unwrap;
        do {
            try {
                unwrap = this.ssle.unwrap(byteBuffer, this.unwrapData);
                if (log.isLoggable(Level.FINE)) {
                    log.fine("Decoded " + unwrap.bytesConsumed() + " bytes; Produced " + unwrap.bytesProduced() + " application-data bytes [" + getRemoteHost() + "]");
                }
                if (!unwrap.getStatus().equals(SSLEngineResult.Status.OK)) {
                    break;
                }
            } catch (SSLException e) {
                log.log(Level.WARNING, "Unwrap failure [" + getRemoteHost() + "]", (Throwable) e);
                try {
                    close();
                } catch (IOException e2) {
                }
                throw e;
            }
        } while (unwrap.getHandshakeStatus().equals(SSLEngineResult.HandshakeStatus.NEED_UNWRAP));
        return unwrap;
    }

    private void checkStatusAfterHandshakeTasks(SSLEngineResult.HandshakeStatus handshakeStatus) throws SSLException, IOException {
        if (handshakeStatus.equals(SSLEngineResult.HandshakeStatus.FINISHED)) {
            log.warning("Unexpected FINISHED SSL handshake status after execution of handshake tasks [" + getRemoteHost() + "]");
            return;
        }
        if (handshakeStatus.equals(SSLEngineResult.HandshakeStatus.NEED_TASK)) {
            log.warning("Unexpected NEED_TASK SSL handshake status after execution of handshake tasks [" + getRemoteHost() + "]");
            return;
        }
        if (handshakeStatus.equals(SSLEngineResult.HandshakeStatus.NEED_UNWRAP)) {
            if (log.isLoggable(Level.FINE)) {
                log.fine("Need more data to proceed with Handshake [" + getRemoteHost() + "]");
            }
        } else if (handshakeStatus.equals(SSLEngineResult.HandshakeStatus.NEED_WRAP)) {
            if (log.isLoggable(Level.FINE)) {
                log.fine("Send back Handshake data after task execution [" + getRemoteHost() + "]");
            }
            wrapAndSend();
        } else if (handshakeStatus.equals(SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING)) {
            log.warning("Unexpected NOT_HANDSHAKING SSL handshake status after execution of handshake tasks [" + getRemoteHost() + "]");
        }
    }

    private synchronized int decrypt(ByteBuffer byteBuffer) throws SSLException, IOException {
        if (log.isLoggable(Level.FINE)) {
            log.fine("Decrypt incoming data: remaining = " + byteBuffer.remaining() + ", position = " + byteBuffer.position() + ", limit = " + byteBuffer.limit() + " [" + getRemoteHost() + "]");
        }
        SSLEngineResult unwrapData = unwrapData(byteBuffer);
        if (log.isLoggable(Level.FINE)) {
            log.fine("Checking handshake result [" + getRemoteHost() + "]");
        }
        int i = 0;
        SSLEngineResult.Status status = unwrapData.getStatus();
        SSLEngineResult.HandshakeStatus handshakeStatus = unwrapData.getHandshakeStatus();
        if (status.equals(SSLEngineResult.Status.OK)) {
            if (handshakeStatus.equals(SSLEngineResult.HandshakeStatus.FINISHED)) {
                if (log.isLoggable(Level.FINE)) {
                    log.fine("Handshake finished [" + getRemoteHost() + "]");
                }
            } else if (handshakeStatus.equals(SSLEngineResult.HandshakeStatus.NEED_TASK)) {
                if (log.isLoggable(Level.FINE)) {
                    log.fine("Activate Handshake task [" + getRemoteHost() + "]");
                }
                checkStatusAfterHandshakeTasks(runHandshakeTasks());
            } else {
                if (handshakeStatus.equals(SSLEngineResult.HandshakeStatus.NEED_UNWRAP)) {
                    throw new SSLException("Unexpected NEED_UNWRAP SSL handshake status! [" + getRemoteHost() + "]");
                }
                if (handshakeStatus.equals(SSLEngineResult.HandshakeStatus.NEED_WRAP)) {
                    if (log.isLoggable(Level.FINE)) {
                        log.fine("Send back Handshake data [" + getRemoteHost() + "]");
                    }
                    wrapAndSend();
                } else if (handshakeStatus.equals(SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING)) {
                    i = unwrapData.bytesProduced();
                }
            }
        } else if (status.equals(SSLEngineResult.Status.CLOSED)) {
            log.info(" sslengine closed [" + getRemoteHost() + "]");
            close();
        } else {
            if (status.equals(SSLEngineResult.Status.BUFFER_UNDERFLOW)) {
                if (log.isLoggable(Level.FINE)) {
                    log.fine("Not enough data to decode a meaningful SSL block. " + byteBuffer.remaining() + " unprocessed bytes. [" + getRemoteHost() + "]");
                }
                return 0;
            }
            if (status.equals(SSLEngineResult.Status.BUFFER_OVERFLOW)) {
                if (log.isLoggable(Level.FINE)) {
                    NIOHelper.logBuffer(byteBuffer, "socketData");
                    NIOHelper.logBuffer(this.unwrapData, "overflow unwrapData");
                    log.fine("enlarging unwrap buffer with5120");
                }
                log.info("Buffer overflow. Enlarge buffer and retry [" + getRemoteHost() + "]");
                this.unwrapData.flip();
                this.unwrapData = NIOHelper.enlargeAndFillBuffer(this.unwrapData, 5120);
                return decrypt(byteBuffer);
            }
        }
        if (byteBuffer.hasRemaining()) {
            i += decrypt(byteBuffer);
        }
        return i;
    }

    private int wrapAndSend() throws SSLException, IOException {
        this.wrapData.clear();
        SSLEngineResult encode = encode(EMPTY_BUFFER);
        if (log.isLoggable(Level.FINE)) {
            log.fine("wrapped " + encode);
        }
        if (encode.bytesProduced() <= 0) {
            log.warning("wrap produced no data " + getRemoteHost());
            return 0;
        }
        this.wrapData.flip();
        int writeToChannel = writeToChannel(this.wrapData);
        if (encode.getHandshakeStatus().equals(SSLEngineResult.HandshakeStatus.NEED_WRAP)) {
            writeToChannel += wrapAndSend();
        }
        return writeToChannel;
    }

    private SSLEngineResult wrapAppData(ByteBuffer byteBuffer) throws SSLException, IOException {
        this.wrapData.clear();
        SSLEngineResult encode = encode(byteBuffer);
        if (log.isLoggable(Level.FINE)) {
            log.fine("wrapped " + encode);
        }
        if (encode.bytesProduced() <= 0) {
            throw new IOException("wrap produced no data " + getRemoteHost());
        }
        this.wrapData.flip();
        return encode;
    }

    @Override // jade.imtp.leap.nio.BufferTransformer
    public synchronized ByteBuffer preprocessBufferToWrite(ByteBuffer byteBuffer) throws IOException {
        this.sendData.clear();
        while (byteBuffer.hasRemaining()) {
            wrapAppData(byteBuffer);
            if (this.wrapData.remaining() > this.sendData.remaining()) {
                int remaining = this.wrapData.remaining() - this.sendData.remaining();
                this.sendData.flip();
                this.sendData = NIOHelper.enlargeAndFillBuffer(this.sendData, remaining);
            }
            NIOHelper.copyAsMuchAsFits(this.sendData, this.wrapData);
        }
        this.sendData.flip();
        return this.sendData;
    }

    @Override // jade.imtp.leap.nio.BufferTransformer
    public synchronized ByteBuffer postprocessBufferRead(ByteBuffer byteBuffer) throws PacketIncompleteException, IOException {
        this.unwrapData.clear();
        if (decrypt(byteBuffer) <= 0) {
            return EMPTY_BUFFER;
        }
        this.unwrapData.flip();
        return this.unwrapData;
    }

    public boolean needSocketData() {
        return false;
    }
}
