package com.iplanet.im.server.tiger;

import com.iplanet.im.server.Log;
import com.iplanet.im.server.util.SecureByteChannel;
import com.iplanet.im.server.util.SecureByteChannelListener;
import java.io.EOFException;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.channels.ByteChannel;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLSession;
import org.netbeans.lib.collab.util.Worker;

/* loaded from: input_file:118790-18/SUNWiimdv/reloc/usr/share/lib/xmpp/xmppd.jar:com/iplanet/im/server/tiger/SecureByteChannelImpl.class */
public class SecureByteChannelImpl implements SecureByteChannel {
    ByteChannel clearChannel;
    SSLEngine sslEngine;
    SSLContext ctx;
    SecureByteChannelListener listener;
    Worker worker;
    static final /* synthetic */ boolean $assertionsDisabled;
    ByteBuffer appReadBuffer = null;
    ByteBuffer netReadBuffer = null;
    ByteBuffer netWriteBuffer = null;
    ByteBuffer empty = ByteBuffer.wrap(new byte[0]);
    boolean usetls = false;
    boolean handshakeComplete = false;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.iplanet.im.server.tiger.SecureByteChannelImpl$4, reason: invalid class name */
    /* loaded from: input_file:118790-18/SUNWiimdv/reloc/usr/share/lib/xmpp/xmppd.jar:com/iplanet/im/server/tiger/SecureByteChannelImpl$4.class */
    public static /* synthetic */ class AnonymousClass4 {
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$Status;
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus = new int[SSLEngineResult.HandshakeStatus.values().length];

        static {
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.FINISHED.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_TASK.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_UNWRAP.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_WRAP.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            $SwitchMap$javax$net$ssl$SSLEngineResult$Status = new int[SSLEngineResult.Status.values().length];
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.OK.ordinal()] = 1;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.BUFFER_OVERFLOW.ordinal()] = 2;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.BUFFER_UNDERFLOW.ordinal()] = 3;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.CLOSED.ordinal()] = 4;
            } catch (NoSuchFieldError e9) {
            }
        }
    }

    public SecureByteChannelImpl(ByteChannel byteChannel, SSLContext sSLContext, Worker worker) {
        this.clearChannel = byteChannel;
        this.ctx = sSLContext;
        this.worker = worker;
    }

    @Override // java.nio.channels.ReadableByteChannel
    public synchronized int read(ByteBuffer byteBuffer) throws IOException {
        int i;
        SSLEngineResult unwrap;
        int i2 = 0;
        if (this.usetls) {
            if (this.appReadBuffer.position() > 0) {
                int remaining = byteBuffer.remaining();
                if (this.appReadBuffer.position() > remaining) {
                    byteBuffer.put(this.appReadBuffer.array(), 0, remaining);
                    this.appReadBuffer.flip();
                    this.appReadBuffer.position(remaining);
                    this.appReadBuffer.compact();
                    scheduleNewRead();
                    return remaining;
                }
                byteBuffer.put(this.appReadBuffer.array(), 0, this.appReadBuffer.position());
                i2 = 0 + this.appReadBuffer.position();
                this.appReadBuffer.clear();
            }
            if (this.clearChannel.read(this.netReadBuffer) < 0) {
                throw new EOFException("eof reached");
            }
            this.netReadBuffer.flip();
            boolean z = false;
            if (byteBuffer.remaining() < this.appReadBuffer.limit()) {
                unwrap = this.sslEngine.unwrap(this.netReadBuffer, this.appReadBuffer);
                if (this.appReadBuffer.position() > byteBuffer.remaining()) {
                    int remaining2 = byteBuffer.remaining();
                    this.appReadBuffer.flip();
                    byteBuffer.put(this.appReadBuffer.array(), 0, remaining2);
                    this.appReadBuffer.position(remaining2);
                    this.appReadBuffer.compact();
                    i = i2 + remaining2;
                    scheduleNewRead();
                    z = true;
                } else {
                    byteBuffer.put(this.appReadBuffer.array(), 0, this.appReadBuffer.position());
                    i = i2 + this.appReadBuffer.position();
                    this.appReadBuffer.clear();
                }
            } else {
                unwrap = this.sslEngine.unwrap(this.netReadBuffer, byteBuffer);
                i = i2 + unwrap.bytesProduced();
            }
            if (this.netReadBuffer.remaining() > 0) {
                this.netReadBuffer.compact();
                if (!z) {
                    scheduleNewRead();
                    z = true;
                }
            } else {
                this.netReadBuffer.clear();
            }
            handleResult(unwrap, z);
        } else {
            int read = this.clearChannel.read(byteBuffer);
            if (read < 0) {
                throw new EOFException("eof reached");
            }
            i = 0 + read;
        }
        return i;
    }

    private void scheduleNewWrite() {
        this.worker.addRunnable(new Runnable() { // from class: com.iplanet.im.server.tiger.SecureByteChannelImpl.1
            @Override // java.lang.Runnable
            public void run() {
                try {
                    SecureByteChannelImpl.this.write(SecureByteChannelImpl.this.empty);
                } catch (IOException e) {
                    Log.printStackTrace(e);
                    if (SecureByteChannelImpl.this.sslEngine.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                        SecureByteChannelImpl.this.listener.securityHandshakeFailed();
                    }
                }
            }
        });
    }

    private void scheduleNewRead() {
        this.worker.addRunnable(new Runnable() { // from class: com.iplanet.im.server.tiger.SecureByteChannelImpl.2
            @Override // java.lang.Runnable
            public void run() {
                SecureByteChannelImpl.this.listener.process();
            }
        });
    }

    @Override // java.nio.channels.WritableByteChannel
    public synchronized int write(ByteBuffer byteBuffer) throws IOException {
        int write;
        if (this.usetls) {
            int remaining = byteBuffer.remaining();
            while (true) {
                SSLEngineResult wrap = this.sslEngine.wrap(byteBuffer, this.netWriteBuffer);
                this.netWriteBuffer.flip();
                this.clearChannel.write(this.netWriteBuffer);
                if (this.netWriteBuffer.hasRemaining()) {
                    this.netWriteBuffer.compact();
                } else {
                    this.netWriteBuffer.clear();
                }
                handleResult(wrap, false);
                if (wrap.getStatus() != SSLEngineResult.Status.OK) {
                    if (wrap.getStatus() == SSLEngineResult.Status.BUFFER_OVERFLOW) {
                        Log.info("[SecureByteChannel] BUFFER_OVERFLOW while wrapping data : " + byteBuffer.remaining() + " , buffer : " + this.netWriteBuffer.remaining());
                    }
                } else if (!byteBuffer.hasRemaining()) {
                    break;
                }
            }
            write = remaining - byteBuffer.remaining();
        } else {
            write = this.clearChannel.write(byteBuffer);
        }
        return write;
    }

    @Override // java.nio.channels.Channel
    public boolean isOpen() {
        return this.clearChannel.isOpen();
    }

    private void _closeSSLEngine() {
        if (!$assertionsDisabled && !this.usetls) {
            throw new AssertionError();
        }
        if (!this.sslEngine.isInboundDone()) {
            try {
                ByteBuffer allocate = ByteBuffer.allocate(this.appReadBuffer.capacity() + 2);
                this.sslEngine.closeOutbound();
                read(allocate);
            } catch (Exception e) {
            }
        }
        if (this.sslEngine.isOutboundDone()) {
            return;
        }
        try {
            this.sslEngine.closeOutbound();
            write(this.empty);
        } catch (Exception e2) {
        }
    }

    @Override // java.nio.channels.Channel, java.io.Closeable, java.lang.AutoCloseable
    public synchronized void close() throws IOException {
        if (this.usetls) {
            _closeSSLEngine();
        }
        this.clearChannel.close();
    }

    private synchronized void handleResult(SSLEngineResult sSLEngineResult, boolean z) throws EOFException {
        switch (AnonymousClass4.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[sSLEngineResult.getStatus().ordinal()]) {
            case 1:
                handleHandshakeResult(sSLEngineResult.getHandshakeStatus(), z);
                return;
            case 2:
                if (this.sslEngine.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING || this.handshakeComplete) {
                    return;
                }
                this.listener.securityHandshakeFailed();
                return;
            case 3:
            default:
                return;
            case 4:
                throw new EOFException("sslEngine closed");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized void handleHandshakeResult(SSLEngineResult.HandshakeStatus handshakeStatus, boolean z) {
        switch (AnonymousClass4.$SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[handshakeStatus.ordinal()]) {
            case 1:
            case 2:
                if (this.handshakeComplete) {
                    return;
                }
                this.handshakeComplete = true;
                this.listener.securityHandshakeComplete();
                if (Log.dbgon()) {
                    Log.debug("[SecureByteChannel] security handshake is complete.");
                    return;
                }
                return;
            case 3:
                final Runnable delegatedTask = this.sslEngine.getDelegatedTask();
                if (delegatedTask != null) {
                    this.worker.addRunnable(new Runnable() { // from class: com.iplanet.im.server.tiger.SecureByteChannelImpl.3
                        @Override // java.lang.Runnable
                        public void run() {
                            Runnable runnable = delegatedTask;
                            do {
                                runnable.run();
                                runnable = SecureByteChannelImpl.this.sslEngine.getDelegatedTask();
                            } while (null != runnable);
                            SecureByteChannelImpl.this.handleHandshakeResult(SecureByteChannelImpl.this.sslEngine.getHandshakeStatus(), false);
                        }
                    });
                    return;
                }
                return;
            case 4:
                if (z) {
                    return;
                }
                scheduleNewRead();
                return;
            case 5:
                scheduleNewWrite();
                return;
            default:
                return;
        }
    }

    @Override // com.iplanet.im.server.util.SecureByteChannel
    public boolean startServer(ByteBuffer byteBuffer, SecureByteChannelListener secureByteChannelListener) {
        synchronized (this) {
            this.listener = secureByteChannelListener;
            try {
                init(false);
                this.sslEngine.beginHandshake();
                this.usetls = true;
                this.clearChannel.write(byteBuffer);
                if (Log.dbgon()) {
                    Log.debug("[SecureByteChannel] TLS started for " + this.clearChannel.toString());
                }
            } catch (Exception e) {
                Log.printStackTrace(e);
                Log.warning("[SecureByteChannel] TLS handshake failed " + this.clearChannel.toString());
                return false;
            }
        }
        return true;
    }

    @Override // com.iplanet.im.server.util.SecureByteChannel
    public boolean startClient(SecureByteChannelListener secureByteChannelListener) {
        synchronized (this) {
            this.listener = secureByteChannelListener;
            try {
                init(true);
                this.usetls = true;
                this.sslEngine.beginHandshake();
                if (Log.dbgon()) {
                    Log.debug("[SecureByteChannel] TLS started for " + this.clearChannel.toString());
                }
            } catch (Exception e) {
                Log.printStackTrace(e);
                Log.warning("[SecureByteChannel] TLS handshake failed " + this.clearChannel.toString());
                return false;
            }
        }
        return true;
    }

    private void init(boolean z) throws Exception {
        this.sslEngine = this.ctx.createSSLEngine();
        this.sslEngine.setUseClientMode(z);
        this.sslEngine.setEnabledCipherSuites(this.sslEngine.getSupportedCipherSuites());
        SSLSession session = this.sslEngine.getSession();
        int packetBufferSize = session.getPacketBufferSize();
        int i = packetBufferSize + (packetBufferSize / 2);
        this.netReadBuffer = ByteBuffer.allocate(i);
        this.netWriteBuffer = ByteBuffer.allocate(i);
        this.appReadBuffer = ByteBuffer.allocate(session.getApplicationBufferSize());
    }

    public String toString() {
        return this.clearChannel.toString() + (this.usetls ? " encrypted" : " clear");
    }

    @Override // com.iplanet.im.server.util.SecureByteChannel
    public boolean usingTLS() {
        return this.usetls;
    }

    static {
        $assertionsDisabled = !SecureByteChannelImpl.class.desiredAssertionStatus();
    }
}
