package com.sun.grizzly.portunif;

import com.sun.grizzly.Context;
import com.sun.grizzly.Controller;
import com.sun.grizzly.SSLConfig;
import com.sun.grizzly.util.SSLUtils;
import java.io.EOFException;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.channels.SelectableChannel;
import java.nio.channels.SelectionKey;
import java.util.logging.Level;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;

/* loaded from: input_file:com/sun/grizzly/portunif/TLSPUPreProcessor.class */
public class TLSPUPreProcessor implements PUPreProcessor {
    public static final String ID = "TLS";
    private static final String TMP_DECODED_BUFFER = "TMP_DECODED_BUFFER";
    private static final int appBBSize = 20480;
    private SSLContext sslContext;
    private boolean needClientAuth = false;
    private boolean wantClientAuth = false;

    public TLSPUPreProcessor() {
    }

    public TLSPUPreProcessor(SSLConfig sSLConfig) {
        configure(sSLConfig);
    }

    public TLSPUPreProcessor(SSLContext sSLContext) {
        this.sslContext = sSLContext;
    }

    @Override // com.sun.grizzly.portunif.PUPreProcessor
    public String getId() {
        return ID;
    }

    @Override // com.sun.grizzly.portunif.PUPreProcessor
    public boolean process(Context context, PUProtocolRequest pUProtocolRequest) throws IOException {
        SSLEngine createSSLEngine;
        if (this.sslContext == null) {
            return false;
        }
        SelectionKey selectionKey = context.getSelectionKey();
        SelectableChannel channel = selectionKey.channel();
        Object attachment = selectionKey.attachment();
        if (attachment == null || !(attachment instanceof SSLEngine)) {
            createSSLEngine = this.sslContext.createSSLEngine();
            createSSLEngine.setUseClientMode(false);
            createSSLEngine.setNeedClientAuth(this.needClientAuth);
            createSSLEngine.setWantClientAuth(this.wantClientAuth);
        } else {
            createSSLEngine = (SSLEngine) attachment;
        }
        ByteBuffer securedInputByteBuffer = pUProtocolRequest.getSecuredInputByteBuffer();
        ByteBuffer securedOutputByteBuffer = pUProtocolRequest.getSecuredOutputByteBuffer();
        ByteBuffer byteBuffer = pUProtocolRequest.getByteBuffer();
        int packetBufferSize = createSSLEngine.getSession().getPacketBufferSize();
        if (securedInputByteBuffer == null || (securedInputByteBuffer != null && packetBufferSize > securedInputByteBuffer.capacity())) {
            securedInputByteBuffer = ByteBuffer.allocate(packetBufferSize * 2);
            securedOutputByteBuffer = ByteBuffer.allocate(packetBufferSize * 2);
            int applicationBufferSize = createSSLEngine.getSession().getApplicationBufferSize();
            if (byteBuffer == null || applicationBufferSize > byteBuffer.capacity()) {
                ByteBuffer allocate = ByteBuffer.allocate(applicationBufferSize);
                byteBuffer.flip();
                allocate.put(byteBuffer);
                byteBuffer = allocate;
                pUProtocolRequest.setByteBuffer(byteBuffer);
            }
            pUProtocolRequest.setSecuredInputByteBuffer(securedInputByteBuffer);
            pUProtocolRequest.setSecuredOutputByteBuffer(securedOutputByteBuffer);
        }
        securedInputByteBuffer.clear();
        securedOutputByteBuffer.position(0);
        securedOutputByteBuffer.limit(0);
        securedInputByteBuffer.put((ByteBuffer) byteBuffer.flip());
        byteBuffer.clear();
        boolean equals = Boolean.TRUE.equals(createSSLEngine.getSession().getValue("handshake"));
        if (equals) {
            ByteBuffer byteBuffer2 = (ByteBuffer) context.removeAttribute(TMP_DECODED_BUFFER);
            if (byteBuffer2 != null) {
                byteBuffer.put(byteBuffer2);
            }
        } else {
            try {
                byteBuffer = SSLUtils.doHandshake(channel, byteBuffer, securedInputByteBuffer, securedOutputByteBuffer, createSSLEngine, SSLEngineResult.HandshakeStatus.NEED_UNWRAP, SSLUtils.getReadTimeout(), securedInputByteBuffer.position() > 0);
                createSSLEngine.getSession().putValue("handshake", true);
                selectionKey.attach(createSSLEngine);
                pUProtocolRequest.setSSLEngine(createSSLEngine);
                securedOutputByteBuffer.limit(securedOutputByteBuffer.position());
                equals = true;
            } catch (EOFException e) {
            } catch (Exception e2) {
                if (Controller.logger().isLoggable(Level.FINE)) {
                    Controller.logger().log(Level.FINE, "Exception during handshake attempt", (Throwable) e2);
                }
                byteBuffer.put(securedInputByteBuffer);
            }
        }
        if (equals) {
            if ((securedInputByteBuffer.position() == 0 ? SSLUtils.doRead(channel, securedInputByteBuffer, createSSLEngine, SSLUtils.getReadTimeout()) : securedInputByteBuffer.position()) <= -1) {
                throw new EOFException();
            }
            pUProtocolRequest.setByteBuffer(SSLUtils.unwrapAll(byteBuffer, securedInputByteBuffer, createSSLEngine));
            createSSLEngine.getSession().putValue("dataDecoded", Boolean.TRUE);
        }
        return equals;
    }

    @Override // com.sun.grizzly.portunif.PUPreProcessor
    public void postProcess(Context context, PUProtocolRequest pUProtocolRequest) {
        ByteBuffer byteBuffer = pUProtocolRequest.getByteBuffer();
        byteBuffer.flip();
        if (byteBuffer.hasRemaining()) {
            ByteBuffer allocate = ByteBuffer.allocate(byteBuffer.remaining());
            allocate.put(byteBuffer);
            allocate.flip();
            context.setAttribute(TMP_DECODED_BUFFER, allocate);
        }
        ByteBuffer securedInputByteBuffer = pUProtocolRequest.getSecuredInputByteBuffer();
        securedInputByteBuffer.flip();
        byteBuffer.clear();
        byteBuffer.put(securedInputByteBuffer);
        securedInputByteBuffer.clear();
    }

    public void setSSLContext(SSLContext sSLContext) {
        this.sslContext = sSLContext;
    }

    public void configure(SSLConfig sSLConfig) {
        this.sslContext = sSLConfig.createSSLContext();
        this.wantClientAuth = sSLConfig.isWantClientAuth();
        this.needClientAuth = sSLConfig.isNeedClientAuth();
    }

    public SSLContext getSSLContext() {
        return this.sslContext;
    }

    public boolean isNeedClientAuth() {
        return this.needClientAuth;
    }

    public void setNeedClientAuth(boolean z) {
        this.needClientAuth = z;
    }

    public boolean isWantClientAuth() {
        return this.wantClientAuth;
    }

    public void setWantClientAuth(boolean z) {
        this.wantClientAuth = z;
    }
}
