package org.apache.mina.filter.ssl;

import f.a.b.a.e.c;
import f.a.b.a.e.d;
import f.a.b.a.f.g;
import f.a.b.a.f.h;
import f.a.b.a.f.i;
import f.a.b.a.f.k;
import f.a.b.a.h.e;
import f.a.b.a.i.j;
import f.a.b.a.j.a;
import f.d.c;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.atomic.AtomicBoolean;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLSession;

/* loaded from: classes.dex */
public class SslFilter extends d {
    public static final boolean CLIENT_HANDSHAKE = false;
    public static final boolean START_HANDSHAKE = true;
    private final boolean autoStart;
    private boolean client;
    private String[] enabledCipherSuites;
    private String[] enabledProtocols;
    private boolean needClientAuth;
    public final SSLContext sslContext;
    private boolean wantClientAuth;
    private static final c LOGGER = f.d.d.i(SslFilter.class);
    public static final f.a.b.a.i.c SSL_SESSION = new f.a.b.a.i.c(SslFilter.class, "session");
    public static final f.a.b.a.i.c DISABLE_ENCRYPTION_ONCE = new f.a.b.a.i.c(SslFilter.class, "disableOnce");
    public static final f.a.b.a.i.c USE_NOTIFICATION = new f.a.b.a.i.c(SslFilter.class, "useNotification");
    public static final f.a.b.a.i.c PEER_ADDRESS = new f.a.b.a.i.c(SslFilter.class, "peerAddress");
    private static final f.a.b.a.i.c NEXT_FILTER = new f.a.b.a.i.c(SslFilter.class, "nextFilter");
    private static final f.a.b.a.i.c SSL_HANDLER = new f.a.b.a.i.c(SslFilter.class, "handler");

    /* loaded from: classes.dex */
    public static class EncryptedWriteRequest extends a {
        private final f.a.b.a.c.c encryptedMessage;
        private f.a.b.a.j.d parentRequest;

        private EncryptedWriteRequest(f.a.b.a.j.d dVar, f.a.b.a.c.c cVar) {
            super(cVar);
            this.parentRequest = dVar;
            this.encryptedMessage = cVar;
        }

        @Override // f.a.b.a.j.a, f.a.b.a.j.d
        public k getFuture() {
            return this.parentRequest.getFuture();
        }

        @Override // f.a.b.a.j.a, f.a.b.a.j.d
        public Object getMessage() {
            return this.encryptedMessage;
        }

        public f.a.b.a.j.d getParentRequest() {
            return this.parentRequest;
        }
    }

    /* loaded from: classes.dex */
    public static class SslFilterMessage {
        private final String name;

        private SslFilterMessage(String str) {
            this.name = str;
        }

        public String toString() {
            return this.name;
        }
    }

    public SslFilter(SSLContext sSLContext) {
        this(sSLContext, true);
    }

    public SslFilter(SSLContext sSLContext, boolean z) {
        if (sSLContext == null) {
            throw new IllegalArgumentException("sslContext");
        }
        this.sslContext = sSLContext;
        this.autoStart = z;
    }

    private SslHandler getSslSessionHandler(j jVar) {
        SslHandler sslHandler = (SslHandler) jVar.getAttribute(SSL_HANDLER);
        if (sslHandler == null) {
            throw new IllegalStateException();
        }
        synchronized (sslHandler) {
            if (sslHandler.getSslFilter() != this) {
                throw new IllegalArgumentException("Not managed by this filter.");
            }
        }
        return sslHandler;
    }

    private void handleAppDataRead(c.a aVar, SslHandler sslHandler) {
        f.a.b.a.c.c fetchAppBuffer = sslHandler.fetchAppBuffer();
        if (fetchAppBuffer.z()) {
            sslHandler.scheduleMessageReceived(aVar, fetchAppBuffer);
        }
    }

    private void handleSslData(c.a aVar, SslHandler sslHandler) throws SSLException {
        f.d.c cVar = LOGGER;
        if (cVar.g()) {
            cVar.D("{}: Processing the SSL Data ", getSessionInfo(sslHandler.getSession()));
        }
        if (sslHandler.isHandshakeComplete()) {
            sslHandler.flushPreHandshakeEvents();
        }
        sslHandler.writeNetBuffer(aVar);
        handleAppDataRead(aVar, sslHandler);
    }

    private k initiateClosure(c.a aVar, j jVar) throws SSLException {
        SslHandler sslSessionHandler = getSslSessionHandler(jVar);
        try {
            synchronized (sslSessionHandler) {
                if (!sslSessionHandler.closeOutbound()) {
                    return g.r(jVar, new IllegalStateException("SSL session is shut down already."));
                }
                k writeNetBuffer = sslSessionHandler.writeNetBuffer(aVar);
                if (writeNetBuffer == null) {
                    writeNetBuffer = g.s(jVar);
                }
                if (sslSessionHandler.isInboundDone()) {
                    sslSessionHandler.destroy();
                }
                jVar.getFilterChain().l(SslEvent.UNSECURED);
                return writeNetBuffer;
            }
        } catch (SSLException e2) {
            sslSessionHandler.release();
            throw e2;
        }
    }

    private void initiateHandshake(c.a aVar, j jVar) throws SSLException {
        f.d.c cVar = LOGGER;
        if (cVar.g()) {
            cVar.D("{} : Starting the first handshake", getSessionInfo(jVar));
        }
        SslHandler sslSessionHandler = getSslSessionHandler(jVar);
        try {
            synchronized (sslSessionHandler) {
                sslSessionHandler.handshake(aVar);
                sslSessionHandler.flushFilterWrite();
            }
            sslSessionHandler.flushMessageReceived();
        } catch (SSLException e2) {
            sslSessionHandler.release();
            throw e2;
        }
    }

    private boolean isCloseNotify(Object obj) {
        if (!(obj instanceof f.a.b.a.c.c)) {
            return false;
        }
        f.a.b.a.c.c cVar = (f.a.b.a.c.c) obj;
        int I = cVar.I();
        if (cVar.o(I + 0) != 21 || cVar.o(I + 1) != 3) {
            return false;
        }
        int i = I + 2;
        return (cVar.o(i) == 0 || cVar.o(i) == 1 || cVar.o(i) == 2 || cVar.o(i) == 3) && cVar.o(I + 3) == 0;
    }

    @Override // f.a.b.a.e.d, f.a.b.a.e.c
    public void exceptionCaught(c.a aVar, j jVar, Throwable th) throws Exception {
        if (th instanceof f.a.b.a.j.g) {
            List<f.a.b.a.j.d> c2 = ((f.a.b.a.j.g) th).c();
            boolean z = false;
            Iterator<f.a.b.a.j.d> it = c2.iterator();
            while (true) {
                if (it.hasNext()) {
                    if (isCloseNotify(it.next().getMessage())) {
                        z = true;
                        break;
                    }
                } else {
                    break;
                }
            }
            if (z) {
                if (c2.size() == 1) {
                    return;
                }
                ArrayList arrayList = new ArrayList(c2.size() - 1);
                for (f.a.b.a.j.d dVar : c2) {
                    if (!isCloseNotify(dVar.getMessage())) {
                        arrayList.add(dVar);
                    }
                }
                if (arrayList.isEmpty()) {
                    return;
                } else {
                    th = new f.a.b.a.j.g(arrayList, th.getMessage(), th.getCause());
                }
            }
        }
        aVar.exceptionCaught(jVar, th);
    }

    @Override // f.a.b.a.e.d, f.a.b.a.e.c
    public void filterClose(final c.a aVar, final j jVar) throws SSLException {
        SslHandler sslHandler = (SslHandler) jVar.getAttribute(SSL_HANDLER);
        if (sslHandler == null) {
            aVar.b(jVar);
            return;
        }
        k kVar = null;
        try {
            try {
                synchronized (sslHandler) {
                    if (isSslStarted(jVar)) {
                        kVar = initiateClosure(aVar, jVar);
                        kVar.b((i<?>) new i<h>() { // from class: org.apache.mina.filter.ssl.SslFilter.1
                            @Override // f.a.b.a.f.i
                            public void operationComplete(h hVar) {
                                aVar.b(jVar);
                            }
                        });
                    }
                    sslHandler.flushFilterWrite();
                }
            } catch (SSLException e2) {
                sslHandler.release();
                throw e2;
            }
        } finally {
            if (kVar == null) {
                aVar.b(jVar);
            }
        }
    }

    @Override // f.a.b.a.e.d, f.a.b.a.e.c
    public void filterWrite(c.a aVar, j jVar, f.a.b.a.j.d dVar) throws SSLException {
        f.d.c cVar = LOGGER;
        if (cVar.g()) {
            cVar.e("{}: Writing Message : {}", getSessionInfo(jVar), dVar);
        }
        boolean z = true;
        SslHandler sslSessionHandler = getSslSessionHandler(jVar);
        try {
            synchronized (sslSessionHandler) {
                if (isSslStarted(jVar)) {
                    f.a.b.a.i.c cVar2 = DISABLE_ENCRYPTION_ONCE;
                    if (jVar.containsAttribute(cVar2)) {
                        jVar.removeAttribute(cVar2);
                        sslSessionHandler.scheduleFilterWrite(aVar, dVar);
                    } else {
                        f.a.b.a.c.c cVar3 = (f.a.b.a.c.c) dVar.getMessage();
                        if (sslSessionHandler.isWritingEncryptedData()) {
                            sslSessionHandler.scheduleFilterWrite(aVar, dVar);
                        } else if (sslSessionHandler.isHandshakeComplete()) {
                            sslSessionHandler.encrypt(cVar3.e());
                            f.a.b.a.c.c fetchOutNetBuffer = sslSessionHandler.fetchOutNetBuffer();
                            dVar.setMessage(fetchOutNetBuffer);
                            sslSessionHandler.scheduleFilterWrite(aVar, new EncryptedWriteRequest(dVar, fetchOutNetBuffer));
                        } else {
                            if (jVar.isConnected()) {
                                sslSessionHandler.schedulePreHandshakeWriteRequest(aVar, dVar);
                            }
                            z = false;
                        }
                    }
                } else {
                    sslSessionHandler.scheduleFilterWrite(aVar, dVar);
                }
                if (z) {
                    sslSessionHandler.flushFilterWrite();
                }
            }
        } catch (SSLException e2) {
            sslSessionHandler.release();
            throw e2;
        }
    }

    public String[] getEnabledCipherSuites() {
        return this.enabledCipherSuites;
    }

    public String[] getEnabledProtocols() {
        return this.enabledProtocols;
    }

    public String getSessionInfo(j jVar) {
        StringBuilder sb = new StringBuilder();
        if (jVar.getService() instanceof e) {
            sb.append("Session Server");
        } else {
            sb.append("Session Client");
        }
        sb.append('[');
        sb.append(jVar.getId());
        sb.append(']');
        SslHandler sslHandler = (SslHandler) jVar.getAttribute(SSL_HANDLER);
        if (sslHandler == null) {
            sb.append("(no sslEngine)");
        } else if (isSslStarted(jVar)) {
            if (sslHandler.isHandshakeComplete()) {
                sb.append("(SSL)");
            } else {
                sb.append("(ssl...)");
            }
        }
        return sb.toString();
    }

    public SSLSession getSslSession(j jVar) {
        return (SSLSession) jVar.getAttribute(SSL_SESSION);
    }

    public void initiateHandshake(j jVar) throws SSLException {
        f.a.b.a.e.e filterChain = jVar.getFilterChain();
        if (filterChain == null) {
            throw new SSLException("No filter chain");
        }
        c.a u = filterChain.u(SslFilter.class);
        if (u == null) {
            throw new SSLException("No SSL next filter in the chain");
        }
        initiateHandshake(u, jVar);
    }

    public boolean isNeedClientAuth() {
        return this.needClientAuth;
    }

    public boolean isSecured(j jVar) {
        SslHandler sslHandler = (SslHandler) jVar.getAttribute(SSL_HANDLER);
        boolean z = false;
        if (sslHandler == null) {
            return false;
        }
        synchronized (sslHandler) {
            if (!sslHandler.isOutboundDone() && sslHandler.isHandshakeComplete()) {
                z = true;
            }
        }
        return z;
    }

    public boolean isSslStarted(j jVar) {
        boolean z;
        SslHandler sslHandler = (SslHandler) jVar.getAttribute(SSL_HANDLER);
        if (sslHandler == null) {
            return false;
        }
        synchronized (sslHandler) {
            z = sslHandler.isOutboundDone() ? false : true;
        }
        return z;
    }

    public boolean isUseClientMode() {
        return this.client;
    }

    public boolean isWantClientAuth() {
        return this.wantClientAuth;
    }

    @Override // f.a.b.a.e.d, f.a.b.a.e.c
    public void messageReceived(c.a aVar, j jVar, Object obj) throws SSLException {
        f.d.c cVar = LOGGER;
        if (cVar.g()) {
            cVar.e("{}: Message received : {}", getSessionInfo(jVar), obj);
        }
        SslHandler sslSessionHandler = getSslSessionHandler(jVar);
        AtomicBoolean atomicBoolean = new AtomicBoolean(false);
        synchronized (sslSessionHandler) {
            if (sslSessionHandler.isOutboundDone() && sslSessionHandler.isInboundDone()) {
                atomicBoolean.set(true);
            } else {
                atomicBoolean.set(false);
                f.a.b.a.c.c cVar2 = (f.a.b.a.c.c) obj;
                try {
                    if (sslSessionHandler.isOutboundDone()) {
                        sslSessionHandler.destroy();
                        throw new SSLException("Outbound done");
                    }
                    sslSessionHandler.messageReceived(aVar, cVar2.e());
                    handleSslData(aVar, sslSessionHandler);
                    if (sslSessionHandler.isInboundDone()) {
                        if (sslSessionHandler.isOutboundDone()) {
                            sslSessionHandler.destroy();
                        } else {
                            initiateClosure(aVar, jVar);
                        }
                        if (cVar2.z()) {
                            sslSessionHandler.scheduleMessageReceived(aVar, cVar2);
                        }
                    }
                } catch (SSLException e2) {
                    if (sslSessionHandler.isHandshakeComplete()) {
                        sslSessionHandler.release();
                        throw e2;
                    }
                    SSLHandshakeException sSLHandshakeException = new SSLHandshakeException("SSL handshake failed.");
                    sSLHandshakeException.initCause(e2);
                    jVar.closeNow();
                    throw sSLHandshakeException;
                }
            }
        }
        if (atomicBoolean.get()) {
            aVar.messageReceived(jVar, obj);
        } else {
            sslSessionHandler.flushMessageReceived();
        }
    }

    @Override // f.a.b.a.e.d, f.a.b.a.e.c
    public void messageSent(c.a aVar, j jVar, f.a.b.a.j.d dVar) {
        if (dVar instanceof EncryptedWriteRequest) {
            aVar.c(jVar, ((EncryptedWriteRequest) dVar).getParentRequest());
        }
    }

    @Override // f.a.b.a.e.d, f.a.b.a.e.c
    public void onPostAdd(f.a.b.a.e.e eVar, String str, c.a aVar) throws SSLException {
        if (this.autoStart) {
            initiateHandshake(aVar, eVar.c());
        }
    }

    @Override // f.a.b.a.e.d, f.a.b.a.e.c
    public void onPreAdd(f.a.b.a.e.e eVar, String str, c.a aVar) throws SSLException {
        if (eVar.f(SslFilter.class)) {
            LOGGER.i("Only one SSL filter is permitted in a chain.");
            throw new IllegalStateException("Only one SSL filter is permitted in a chain.");
        }
        f.d.c cVar = LOGGER;
        if (cVar.g()) {
            cVar.D("Adding the SSL Filter {} to the chain", str);
        }
        j c2 = eVar.c();
        c2.setAttribute(NEXT_FILTER, aVar);
        SslHandler sslHandler = new SslHandler(this, c2);
        String[] strArr = this.enabledCipherSuites;
        if (strArr == null || strArr.length == 0) {
            this.enabledCipherSuites = this.sslContext.getServerSocketFactory().getSupportedCipherSuites();
        }
        sslHandler.init();
        c2.setAttribute(SSL_HANDLER, sslHandler);
    }

    @Override // f.a.b.a.e.d, f.a.b.a.e.c
    public void onPreRemove(f.a.b.a.e.e eVar, String str, c.a aVar) throws SSLException {
        j c2 = eVar.c();
        stopSsl(c2);
        c2.removeAttribute(NEXT_FILTER);
        c2.removeAttribute(SSL_HANDLER);
    }

    @Override // f.a.b.a.e.d, f.a.b.a.e.c
    public void sessionClosed(c.a aVar, j jVar) throws SSLException {
        SslHandler sslSessionHandler = getSslSessionHandler(jVar);
        try {
            synchronized (sslSessionHandler) {
                sslSessionHandler.destroy();
            }
        } finally {
            aVar.sessionClosed(jVar);
        }
    }

    public void setEnabledCipherSuites(String[] strArr) {
        this.enabledCipherSuites = strArr;
    }

    public void setEnabledProtocols(String[] strArr) {
        this.enabledProtocols = strArr;
    }

    public void setNeedClientAuth(boolean z) {
        this.needClientAuth = z;
    }

    public void setUseClientMode(boolean z) {
        this.client = z;
    }

    public void setWantClientAuth(boolean z) {
        this.wantClientAuth = z;
    }

    public boolean startSsl(j jVar) throws SSLException {
        boolean z;
        SslHandler sslSessionHandler = getSslSessionHandler(jVar);
        try {
            synchronized (sslSessionHandler) {
                if (sslSessionHandler.isOutboundDone()) {
                    c.a aVar = (c.a) jVar.getAttribute(NEXT_FILTER);
                    sslSessionHandler.destroy();
                    sslSessionHandler.init();
                    sslSessionHandler.handshake(aVar);
                    z = true;
                } else {
                    z = false;
                }
                sslSessionHandler.flushFilterWrite();
            }
            sslSessionHandler.flushMessageReceived();
            return z;
        } catch (SSLException e2) {
            sslSessionHandler.release();
            throw e2;
        }
    }

    public k stopSsl(j jVar) throws SSLException {
        k initiateClosure;
        SslHandler sslSessionHandler = getSslSessionHandler(jVar);
        c.a aVar = (c.a) jVar.getAttribute(NEXT_FILTER);
        try {
            synchronized (sslSessionHandler) {
                initiateClosure = initiateClosure(aVar, jVar);
                sslSessionHandler.flushFilterWrite();
            }
            return initiateClosure;
        } catch (SSLException e2) {
            sslSessionHandler.release();
            throw e2;
        }
    }
}
