package net.spy.memcached;

import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.channels.SocketChannel;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import net.spy.memcached.compat.log.Logger;
import net.spy.memcached.compat.log.LoggerFactory;

/* loaded from: input_file:net/spy/memcached/TLSConnectionHandler.class */
public class TLSConnectionHandler {
    protected ByteBuffer myAppData;
    protected ByteBuffer myNetData;
    protected ByteBuffer peerAppData;
    protected ByteBuffer peerNetData;
    private SocketChannel socketChannel;
    private SSLEngine sslEngine;
    private SSLEngineResult.HandshakeStatus handshakeStatus;
    private Logger log = LoggerFactory.getLogger((Class<?>) TLSConnectionHandler.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: net.spy.memcached.TLSConnectionHandler$1, reason: invalid class name */
    /* loaded from: input_file:net/spy/memcached/TLSConnectionHandler$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus;
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$Status = new int[SSLEngineResult.Status.values().length];

        static {
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.OK.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.BUFFER_OVERFLOW.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.CLOSED.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.BUFFER_UNDERFLOW.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus = new int[SSLEngineResult.HandshakeStatus.values().length];
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_UNWRAP.ordinal()] = 1;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_WRAP.ordinal()] = 2;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_TASK.ordinal()] = 3;
            } catch (NoSuchFieldError e7) {
            }
        }
    }

    public TLSConnectionHandler(SocketChannel socketChannel, SSLEngine sSLEngine) {
        this.socketChannel = socketChannel;
        this.sslEngine = sSLEngine;
    }

    public boolean doTlsHandshake(long j) throws IOException {
        SSLSession session = this.sslEngine.getSession();
        int packetBufferSize = session.getPacketBufferSize();
        this.myNetData = ByteBuffer.allocate(packetBufferSize);
        this.peerNetData = ByteBuffer.allocate(packetBufferSize);
        int applicationBufferSize = session.getApplicationBufferSize();
        this.myAppData = ByteBuffer.allocate(applicationBufferSize);
        this.peerAppData = ByteBuffer.allocate(applicationBufferSize);
        this.myNetData.clear();
        this.peerNetData.clear();
        this.myAppData.clear();
        this.peerAppData.clear();
        long nanoTime = System.nanoTime();
        this.sslEngine.beginHandshake();
        this.handshakeStatus = this.sslEngine.getHandshakeStatus();
        while (this.handshakeStatus != SSLEngineResult.HandshakeStatus.FINISHED && this.handshakeStatus != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
            if (System.nanoTime() - nanoTime > TimeUnit.MILLISECONDS.toNanos(j)) {
                throw new OperationTimeoutException("Timeout during TLS handshake");
            }
            switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[this.handshakeStatus.ordinal()]) {
                case 1:
                    if (this.socketChannel.read(this.peerNetData) >= 0) {
                        this.peerNetData.flip();
                        try {
                            SSLEngineResult unwrap = this.sslEngine.unwrap(this.peerNetData, this.peerAppData);
                            this.peerAppData.clear();
                            this.peerNetData.compact();
                            this.handshakeStatus = unwrap.getHandshakeStatus();
                            if (!handleUnwrapResultForHandshake(unwrap, session)) {
                                return false;
                            }
                            break;
                        } catch (SSLException e) {
                            this.log.debug("A problem that caused the SSLEngine to abort", e);
                            this.sslEngine.closeOutbound();
                            this.handshakeStatus = this.sslEngine.getHandshakeStatus();
                            break;
                        }
                    } else if (!this.sslEngine.isInboundDone() || !this.sslEngine.isOutboundDone()) {
                        handleEndOfStream();
                        this.handshakeStatus = this.sslEngine.getHandshakeStatus();
                        break;
                    } else {
                        return false;
                    }
                case 2:
                    this.myNetData.clear();
                    try {
                        SSLEngineResult wrap = this.sslEngine.wrap(this.myAppData, this.myNetData);
                        this.handshakeStatus = wrap.getHandshakeStatus();
                        handleWrapResultForHandshake(wrap, session);
                        break;
                    } catch (SSLException e2) {
                        this.log.debug("Cannot process the data through SSLEngine. Will close the connection", e2);
                        this.sslEngine.closeOutbound();
                        this.handshakeStatus = this.sslEngine.getHandshakeStatus();
                        break;
                    }
                case 3:
                    while (true) {
                        Runnable delegatedTask = this.sslEngine.getDelegatedTask();
                        if (delegatedTask == null) {
                            this.handshakeStatus = this.sslEngine.getHandshakeStatus();
                            break;
                        } else {
                            delegatedTask.run();
                        }
                    }
                default:
                    throw new IllegalArgumentException("Invalid handshake status: " + this.handshakeStatus);
            }
        }
        if (this.handshakeStatus != SSLEngineResult.HandshakeStatus.FINISHED) {
            return false;
        }
        this.peerNetData.compact();
        return true;
    }

    public int encryptNextTLSDataRecord(ByteBuffer byteBuffer, ByteBuffer byteBuffer2) throws IOException {
        if (!byteBuffer.hasRemaining() || !byteBuffer2.hasRemaining()) {
            return 0;
        }
        SSLEngineResult wrap = this.sslEngine.wrap(byteBuffer, byteBuffer2);
        switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[wrap.getStatus().ordinal()]) {
            case 1:
                return wrap.bytesProduced();
            case 2:
                return -1;
            case 3:
                throw new RuntimeException("TLS connection is closed...");
            default:
                throw new IllegalArgumentException("Invalid result status after wrap(): " + wrap.getStatus());
        }
    }

    public ByteBuffer decryptNextTLSDataRecord(ByteBuffer byteBuffer) throws IOException {
        SSLSession session = this.sslEngine.getSession();
        this.peerAppData.clear();
        while (true) {
            SSLEngineResult unwrap = this.sslEngine.unwrap(byteBuffer, this.peerAppData);
            switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[unwrap.getStatus().ordinal()]) {
                case 1:
                    this.peerAppData.flip();
                    return this.peerAppData;
                case 2:
                    this.peerAppData = enlargeBuffer(this.peerAppData, session.getApplicationBufferSize());
                case 3:
                    this.sslEngine.closeOutbound();
                    this.socketChannel.close();
                    throw new IOException("The operation could not be completed because it was already closed");
                case 4:
                    return null;
                default:
                    throw new IllegalArgumentException("Invalid result status after unwrap(): " + unwrap.getStatus());
            }
        }
    }

    private ByteBuffer enlargeBuffer(ByteBuffer byteBuffer, int i) {
        if (i <= byteBuffer.capacity()) {
            return byteBuffer;
        }
        ByteBuffer allocate = ByteBuffer.allocate(i);
        byteBuffer.flip();
        allocate.put(byteBuffer);
        return allocate;
    }

    private void handleEndOfStream() throws IOException {
        try {
            this.sslEngine.closeInbound();
        } catch (SSLException e) {
            this.log.error("This engine has not received the proper SSL/TLS close notification message from the peer due to end of stream.", e);
        }
        this.sslEngine.closeOutbound();
    }

    private boolean handleUnwrapResultForHandshake(SSLEngineResult sSLEngineResult, SSLSession sSLSession) throws IOException {
        switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[sSLEngineResult.getStatus().ordinal()]) {
            case 1:
            case 4:
                return true;
            case 2:
                this.peerAppData = enlargeBuffer(this.peerAppData, sSLSession.getApplicationBufferSize());
                return true;
            case 3:
                if (this.sslEngine.isOutboundDone()) {
                    return false;
                }
                this.sslEngine.closeOutbound();
                this.handshakeStatus = this.sslEngine.getHandshakeStatus();
                return true;
            default:
                throw new IllegalArgumentException("Invalid result status after unwrap(): " + sSLEngineResult.getStatus());
        }
    }

    private void writeDataToSocketChannel(ByteBuffer byteBuffer) throws IOException {
        if (byteBuffer.hasRemaining()) {
            this.socketChannel.write(byteBuffer);
        }
    }

    private void handleWrapResultForHandshake(SSLEngineResult sSLEngineResult, SSLSession sSLSession) throws IOException {
        switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[sSLEngineResult.getStatus().ordinal()]) {
            case 1:
                this.myNetData.flip();
                writeDataToSocketChannel(this.myNetData);
                return;
            case 2:
                this.myNetData = enlargeBuffer(this.myNetData, sSLSession.getPacketBufferSize());
                return;
            case 3:
                try {
                    this.myNetData.flip();
                    writeDataToSocketChannel(this.myNetData);
                    this.handshakeStatus = this.sslEngine.getHandshakeStatus();
                    this.peerNetData.clear();
                    return;
                } catch (Exception e) {
                    this.log.error("Failed to send server's CLOSE message due to socket channel's failure", e);
                    this.handshakeStatus = this.sslEngine.getHandshakeStatus();
                    return;
                }
            case 4:
                throw new SSLException("Buffer underflow occured after a wrap");
            default:
                throw new IllegalArgumentException("Invalid result status after wrap(): " + sSLEngineResult.getStatus());
        }
    }
}
