package jolie.net.ssl;

import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.URI;
import java.nio.BufferOverflowException;
import java.nio.BufferUnderflowException;
import java.nio.ByteBuffer;
import java.nio.channels.Channels;
import java.nio.channels.WritableByteChannel;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.TrustManagerFactory;
import jolie.lang.Constants;
import jolie.net.CommMessage;
import jolie.net.protocols.CommProtocol;
import jolie.net.protocols.SequentialCommProtocol;
import jolie.runtime.Value;
import jolie.runtime.VariablePath;

/* loaded from: input_file:dist.zip:dist/jolie/lib/jolie-ssl.jar:jolie/net/ssl/SSLProtocol.class */
public class SSLProtocol extends SequentialCommProtocol {
    private static final int INITIAL_BUFFER_SIZE = 32768;
    private final boolean isClient;
    private boolean firstTime;
    private final CommProtocol wrappedProtocol;
    private SSLEngine sslEngine;
    private OutputStream outputStream;
    private InputStream inputStream;
    private SSLInputStream sslInputStream;
    private SSLOutputStream sslOutputStream;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: jolie.net.ssl.SSLProtocol$1, reason: invalid class name */
    /* loaded from: input_file:dist.zip:dist/jolie/lib/jolie-ssl.jar:jolie/net/ssl/SSLProtocol$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus;
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$Status = new int[SSLEngineResult.Status.values().length];

        static {
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.BUFFER_OVERFLOW.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.BUFFER_UNDERFLOW.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.OK.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.CLOSED.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus = new int[SSLEngineResult.HandshakeStatus.values().length];
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_TASK.ordinal()] = 1;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_WRAP.ordinal()] = 2;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_UNWRAP.ordinal()] = 3;
            } catch (NoSuchFieldError e7) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:dist.zip:dist/jolie/lib/jolie-ssl.jar:jolie/net/ssl/SSLProtocol$SSLInputStream.class */
    public class SSLInputStream extends InputStream {
        private ByteBuffer clearInputBuffer;

        private SSLInputStream() {
            this.clearInputBuffer = ByteBuffer.allocate(0);
        }

        @Override // java.io.InputStream
        public int read() throws IOException {
            if (!this.clearInputBuffer.hasRemaining()) {
                SSLProtocol.this.handshake();
                SSLProtocol.this.unwrap(this);
                if (!this.clearInputBuffer.hasRemaining()) {
                    return -1;
                }
            }
            try {
                return this.clearInputBuffer.get();
            } catch (BufferUnderflowException e) {
                return -1;
            }
        }

        @Override // java.io.InputStream
        public int read(byte[] bArr, int i, int i2) throws IOException {
            if (i2 == 0) {
                return 0;
            }
            if (!this.clearInputBuffer.hasRemaining()) {
                SSLProtocol.this.handshake();
                SSLProtocol.this.unwrap(this);
                if (!this.clearInputBuffer.hasRemaining()) {
                    return -1;
                }
            }
            try {
                this.clearInputBuffer.get(bArr, i, i2);
                return i2;
            } catch (BufferUnderflowException e) {
                int remaining = this.clearInputBuffer.remaining();
                this.clearInputBuffer.get(bArr, i, remaining);
                return remaining;
            }
        }

        @Override // java.io.InputStream
        public long skip(long j) throws IOException {
            long j2;
            if (j <= 0) {
                return 0L;
            }
            long j3 = 0;
            while (true) {
                j2 = j3;
                if (j2 >= j || !this.clearInputBuffer.hasRemaining()) {
                    break;
                }
                this.clearInputBuffer.get();
                j3 = j2 + 1;
            }
            return j2;
        }

        @Override // java.io.InputStream
        public int available() throws IOException {
            return this.clearInputBuffer.remaining();
        }

        /* synthetic */ SSLInputStream(SSLProtocol sSLProtocol, AnonymousClass1 anonymousClass1) {
            this();
        }
    }

    /* loaded from: input_file:dist.zip:dist/jolie/lib/jolie-ssl.jar:jolie/net/ssl/SSLProtocol$SSLOutputStream.class */
    private class SSLOutputStream extends OutputStream {
        private final ByteBuffer internalBuffer;

        private SSLOutputStream() {
            this.internalBuffer = ByteBuffer.allocate(32768);
        }

        private void writeCache() throws IOException {
            if (this.internalBuffer.hasRemaining()) {
                SSLProtocol.this.handshake();
                this.internalBuffer.flip();
                SSLProtocol.this.wrap(this.internalBuffer);
                this.internalBuffer.clear();
            }
        }

        @Override // java.io.OutputStream
        public void write(int i) throws IOException {
            try {
                this.internalBuffer.put((byte) i);
            } catch (BufferOverflowException e) {
                writeCache();
                this.internalBuffer.put((byte) i);
            }
        }

        @Override // java.io.OutputStream
        public void write(byte[] bArr, int i, int i2) throws IOException {
            try {
                this.internalBuffer.put(bArr, i, i2);
            } catch (BufferOverflowException e) {
                writeCache();
                this.internalBuffer.put(bArr, i, i2);
            }
        }

        @Override // java.io.OutputStream, java.io.Flushable
        public void flush() throws IOException {
            writeCache();
        }

        /* synthetic */ SSLOutputStream(SSLProtocol sSLProtocol, AnonymousClass1 anonymousClass1) {
            this();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:dist.zip:dist/jolie/lib/jolie-ssl.jar:jolie/net/ssl/SSLProtocol$SSLResult.class */
    public class SSLResult {
        private ByteBuffer buffer;
        private SSLEngineResult log;

        public SSLResult(int i) {
            this.buffer = ByteBuffer.allocate(i);
        }
    }

    public SSLProtocol(VariablePath variablePath, URI uri, CommProtocol commProtocol, boolean z) {
        super(variablePath);
        this.sslInputStream = new SSLInputStream(this, null);
        this.sslOutputStream = new SSLOutputStream(this, null);
        this.wrappedProtocol = commProtocol;
        this.isClient = z;
        this.firstTime = true;
    }

    @Override // jolie.net.protocols.CommProtocol
    public String name() {
        return this.wrappedProtocol.name() + "s";
    }

    private String getSSLStringParameter(String str, String str2) {
        if (hasParameter("ssl")) {
            Value parameterFirstValue = getParameterFirstValue("ssl");
            if (parameterFirstValue.hasChildren(str)) {
                return parameterFirstValue.getFirstChild(str).strValue();
            }
        }
        return str2;
    }

    private int getSSLIntegerParameter(String str, int i) {
        if (hasParameter("ssl")) {
            Value parameterFirstValue = getParameterFirstValue("ssl");
            if (parameterFirstValue.hasChildren(str)) {
                return parameterFirstValue.getFirstChild(str).intValue();
            }
        }
        return i;
    }

    private void init() throws IOException {
        String sSLStringParameter = getSSLStringParameter(Constants.PROTOCOL_NODE_NAME, "TLSv1");
        String sSLStringParameter2 = getSSLStringParameter("keyStoreFormat", "JKS");
        String sSLStringParameter3 = getSSLStringParameter("trustStoreFormat", "JKS");
        String sSLStringParameter4 = getSSLStringParameter("keyStore", null);
        String sSLStringParameter5 = getSSLStringParameter("keyStorePassword", null);
        String sSLStringParameter6 = getSSLStringParameter("trustStore", System.getProperty("java.home") + "/lib/security/cacerts");
        String sSLStringParameter7 = getSSLStringParameter("trustStorePassword", null);
        if (sSLStringParameter4 == null && !this.isClient) {
            throw new IOException("Compulsory parameter needed for server mode: ssl.keyStore");
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance(sSLStringParameter);
            KeyStore keyStore = KeyStore.getInstance(sSLStringParameter2);
            KeyStore keyStore2 = KeyStore.getInstance(sSLStringParameter3);
            char[] charArray = sSLStringParameter5 != null ? sSLStringParameter5.toCharArray() : null;
            if (sSLStringParameter4 != null) {
                keyStore.load(new FileInputStream(sSLStringParameter4), charArray);
            } else {
                keyStore.load(null, null);
            }
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
            keyManagerFactory.init(keyStore, charArray);
            keyStore2.load(new FileInputStream(sSLStringParameter6), sSLStringParameter7 != null ? sSLStringParameter7.toCharArray() : null);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
            trustManagerFactory.init(keyStore2);
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
            this.sslEngine = sSLContext.createSSLEngine();
            this.sslEngine.setEnabledProtocols(new String[]{sSLStringParameter});
            this.sslEngine.setUseClientMode(this.isClient);
            if (!this.isClient) {
                if (getSSLIntegerParameter("wantClientAuth", 1) > 0) {
                    this.sslEngine.setWantClientAuth(true);
                } else {
                    this.sslEngine.setWantClientAuth(false);
                }
            }
        } catch (KeyManagementException e) {
            throw new IOException(e);
        } catch (KeyStoreException e2) {
            throw new IOException(e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new IOException(e3);
        } catch (UnrecoverableKeyException e4) {
            throw new IOException(e4);
        } catch (CertificateException e5) {
            throw new IOException(e5);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void handshake() throws IOException, SSLException {
        if (this.firstTime) {
            init();
            this.sslEngine.beginHandshake();
            this.firstTime = false;
        }
        while (this.sslEngine.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING && this.sslEngine.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.FINISHED) {
            switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[this.sslEngine.getHandshakeStatus().ordinal()]) {
                case 1:
                    while (true) {
                        Runnable delegatedTask = this.sslEngine.getDelegatedTask();
                        if (delegatedTask != null) {
                            delegatedTask.run();
                        }
                    }
                    break;
                case 2:
                    wrap(ByteBuffer.allocate(32768));
                    break;
                case 3:
                    unwrap(null);
                    break;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void unwrap(SSLInputStream sSLInputStream) throws IOException {
        ByteBuffer allocate = ByteBuffer.allocate(0);
        SSLResult sSLResult = new SSLResult(32768);
        boolean z = true;
        while (z) {
            sSLResult.log = this.sslEngine.unwrap(allocate, sSLResult.buffer);
            switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[sSLResult.log.getStatus().ordinal()]) {
                case 1:
                    int applicationBufferSize = this.sslEngine.getSession().getApplicationBufferSize();
                    if (applicationBufferSize <= sSLResult.buffer.capacity()) {
                        sSLResult.buffer.compact();
                        break;
                    } else {
                        ByteBuffer allocate2 = ByteBuffer.allocate(applicationBufferSize);
                        sSLResult.buffer.flip();
                        allocate2.put(sSLResult.buffer);
                        sSLResult.buffer = allocate2;
                        break;
                    }
                case 2:
                    int packetBufferSize = this.sslEngine.getSession().getPacketBufferSize();
                    if (packetBufferSize > allocate.capacity()) {
                        ByteBuffer allocate3 = ByteBuffer.allocate(packetBufferSize);
                        allocate.flip();
                        allocate3.put(allocate);
                        allocate = allocate3;
                    } else {
                        allocate.compact();
                    }
                    int read = this.inputStream.read();
                    if (read < 0) {
                        z = false;
                        break;
                    } else {
                        allocate.put((byte) read);
                        allocate.flip();
                        break;
                    }
                case 3:
                case 4:
                    if (sSLInputStream != null && sSLResult.log.bytesProduced() > 0) {
                        sSLInputStream.clearInputBuffer = sSLResult.buffer;
                        sSLInputStream.clearInputBuffer.flip();
                    }
                    z = false;
                    break;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void wrap(ByteBuffer byteBuffer) throws IOException {
        SSLResult sSLResult = new SSLResult(byteBuffer.capacity());
        sSLResult.log = this.sslEngine.wrap(byteBuffer, sSLResult.buffer);
        while (sSLResult.log.getStatus() == SSLEngineResult.Status.BUFFER_OVERFLOW) {
            int applicationBufferSize = this.sslEngine.getSession().getApplicationBufferSize();
            if (applicationBufferSize > sSLResult.buffer.capacity()) {
                ByteBuffer allocate = ByteBuffer.allocate(applicationBufferSize);
                sSLResult.buffer.flip();
                allocate.put(sSLResult.buffer);
                sSLResult.buffer = allocate;
            } else {
                sSLResult.buffer.compact();
            }
            sSLResult.log = this.sslEngine.wrap(byteBuffer, sSLResult.buffer);
        }
        if (sSLResult.log.bytesProduced() > 0) {
            WritableByteChannel newChannel = Channels.newChannel(this.outputStream);
            sSLResult.buffer.flip();
            while (sSLResult.buffer.hasRemaining()) {
                newChannel.write(sSLResult.buffer);
            }
            this.outputStream.flush();
        }
    }

    @Override // jolie.net.protocols.CommProtocol
    public void send(OutputStream outputStream, CommMessage commMessage, InputStream inputStream) throws IOException {
        this.outputStream = outputStream;
        this.inputStream = inputStream;
        if (this.firstTime) {
            this.wrappedProtocol.setChannel(channel());
        }
        this.wrappedProtocol.send(this.sslOutputStream, commMessage, this.sslInputStream);
        this.sslOutputStream.flush();
    }

    @Override // jolie.net.protocols.CommProtocol
    public CommMessage recv(InputStream inputStream, OutputStream outputStream) throws IOException {
        this.outputStream = outputStream;
        this.inputStream = inputStream;
        if (this.firstTime) {
            this.wrappedProtocol.setChannel(channel());
        }
        CommMessage recv = this.wrappedProtocol.recv(this.sslInputStream, this.sslOutputStream);
        this.sslOutputStream.flush();
        return recv;
    }
}
