package org.apache.hyracks.ipc.sockets;

import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.channels.ClosedChannelException;
import java.nio.channels.SocketChannel;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLSession;
import org.apache.hyracks.api.network.ISocketChannel;
import org.apache.hyracks.ipc.impl.Message;
import org.apache.hyracks.util.NetworkUtil;
import org.apache.hyracks.util.StorageUtil;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:org/apache/hyracks/ipc/sockets/SslSocketChannel.class */
public class SslSocketChannel implements ISocketChannel {
    private static final Logger LOGGER = LogManager.getLogger();
    private static final int DEFAULT_APP_BUFFER_SIZE = StorageUtil.getIntSizeInBytes(1, StorageUtil.StorageUnit.MEGABYTE);
    private final SocketChannel socketChannel;
    private final SSLEngine engine;
    private ByteBuffer outEncryptedData;
    private ByteBuffer inEncryptedData;
    private boolean partialRecord = false;
    private boolean cachedData = false;
    private boolean pendingWrite = false;
    private ByteBuffer inAppData = ByteBuffer.allocate(DEFAULT_APP_BUFFER_SIZE);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.apache.hyracks.ipc.sockets.SslSocketChannel$1, reason: invalid class name */
    /* loaded from: input_file:org/apache/hyracks/ipc/sockets/SslSocketChannel$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$Status = new int[SSLEngineResult.Status.values().length];

        static {
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.OK.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.BUFFER_OVERFLOW.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.BUFFER_UNDERFLOW.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.CLOSED.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    public SslSocketChannel(SocketChannel socketChannel, SSLEngine sSLEngine) {
        this.socketChannel = socketChannel;
        this.engine = sSLEngine;
        this.inAppData.limit(0);
        SSLSession session = sSLEngine.getSession();
        this.inEncryptedData = ByteBuffer.allocate(session.getPacketBufferSize());
        this.outEncryptedData = ByteBuffer.allocate(session.getPacketBufferSize());
        this.outEncryptedData.limit(0);
    }

    public synchronized boolean handshake() {
        try {
            LOGGER.debug("starting SSL handshake {}", this);
            this.engine.beginHandshake();
            boolean handshake = new SslHandshake(this).handshake();
            if (handshake) {
                LOGGER.debug("SSL handshake successful {}", this);
            }
            return handshake;
        } catch (Exception e) {
            LOGGER.error("handshake failed {}", this, e);
            throw new IllegalStateException(e);
        }
    }

    public boolean requiresHandshake() {
        return true;
    }

    public synchronized int read(ByteBuffer byteBuffer) throws IOException {
        int i = 0;
        if (this.cachedData) {
            i = 0 + transferTo(this.inAppData, byteBuffer);
        }
        if (byteBuffer.hasRemaining()) {
            if (!this.partialRecord) {
                this.inEncryptedData.clear();
            }
            int read = this.socketChannel.read(this.inEncryptedData);
            if (read > 0) {
                this.partialRecord = false;
                this.inEncryptedData.flip();
                this.inAppData.clear();
                if (decrypt() > 0) {
                    this.inAppData.flip();
                    i += transferTo(this.inAppData, byteBuffer);
                } else {
                    this.inAppData.limit(0);
                }
            } else if (read < 0) {
                handleEndOfStreamQuietly();
                return -1;
            }
        }
        this.cachedData = this.inAppData.hasRemaining();
        return i;
    }

    private int decrypt() throws IOException {
        int i = 0;
        while (this.inEncryptedData.hasRemaining() && !this.partialRecord) {
            SSLEngineResult unwrap = this.engine.unwrap(this.inEncryptedData, this.inAppData);
            switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[unwrap.getStatus().ordinal()]) {
                case Message.INITIAL_REQ /* 1 */:
                    i += unwrap.bytesProduced();
                    this.partialRecord = false;
                    break;
                case Message.INITIAL_ACK /* 2 */:
                    this.inAppData = NetworkUtil.enlargeSslApplicationBuffer(this.engine, this.inAppData);
                    break;
                case Message.ERROR /* 3 */:
                    handleReadUnderflow();
                    break;
                case 4:
                    close();
                    return -1;
                default:
                    throw new IllegalStateException("Invalid SSL result status: " + unwrap.getStatus());
            }
        }
        return i;
    }

    public synchronized int write(ByteBuffer byteBuffer) throws IOException {
        if (this.pendingWrite && !completeWrite()) {
            return 0;
        }
        int i = 0;
        while (byteBuffer.hasRemaining()) {
            this.outEncryptedData.clear();
            if (!this.socketChannel.isConnected()) {
                throw new ClosedChannelException();
            }
            SSLEngineResult wrap = this.engine.wrap(byteBuffer, this.outEncryptedData);
            switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[wrap.getStatus().ordinal()]) {
                case Message.INITIAL_REQ /* 1 */:
                    this.outEncryptedData.flip();
                    i += wrap.bytesConsumed();
                    while (this.outEncryptedData.hasRemaining()) {
                        if (this.socketChannel.write(this.outEncryptedData) == 0) {
                            this.pendingWrite = true;
                            return i;
                        }
                    }
                    break;
                case Message.INITIAL_ACK /* 2 */:
                    this.outEncryptedData = NetworkUtil.enlargeSslPacketBuffer(this.engine, this.outEncryptedData);
                    break;
                case Message.ERROR /* 3 */:
                default:
                    throw new IllegalStateException("Invalid SSL result status: " + wrap.getStatus());
                case 4:
                    close();
                    return -1;
            }
        }
        this.pendingWrite = false;
        return i;
    }

    public synchronized boolean completeWrite() throws IOException {
        while (this.outEncryptedData.hasRemaining()) {
            if (this.socketChannel.write(this.outEncryptedData) == 0) {
                return false;
            }
        }
        this.pendingWrite = false;
        return true;
    }

    public synchronized void close() throws IOException {
        if (this.socketChannel.isOpen()) {
            this.engine.closeOutbound();
            try {
                new SslHandshake(this).handshake();
            } finally {
                this.socketChannel.close();
            }
        }
    }

    public SocketChannel getSocketChannel() {
        return this.socketChannel;
    }

    public synchronized boolean isPendingRead() {
        return this.cachedData;
    }

    public synchronized boolean isPendingWrite() {
        return this.pendingWrite;
    }

    public SSLEngine getSslEngine() {
        return this.engine;
    }

    public String toString() {
        return getConnectionInfo();
    }

    private void handleReadUnderflow() {
        if (this.engine.getSession().getPacketBufferSize() > this.inEncryptedData.capacity()) {
            this.inEncryptedData = NetworkUtil.enlargeSslPacketBuffer(this.engine, this.inEncryptedData);
        } else {
            this.inEncryptedData.compact();
        }
        this.partialRecord = true;
    }

    private void handleEndOfStreamQuietly() {
        try {
            try {
                this.engine.closeInbound();
                close();
            } catch (Throwable th) {
                close();
                throw th;
            }
        } catch (Exception e) {
            LOGGER.warn("failed to close socket gracefully", e);
        }
    }

    private String getConnectionInfo() {
        try {
            return getSocketChannel().getLocalAddress() + " -> " + getSocketChannel().getRemoteAddress();
        } catch (IOException e) {
            LOGGER.warn("failed to get connection info", e);
            return "";
        }
    }

    private static int transferTo(ByteBuffer byteBuffer, ByteBuffer byteBuffer2) {
        int min = Math.min(byteBuffer2.remaining(), byteBuffer.remaining());
        if (min > 0) {
            byteBuffer2.put(byteBuffer.array(), byteBuffer.arrayOffset() + byteBuffer.position(), min);
            byteBuffer.position(byteBuffer.position() + min);
        }
        return min;
    }
}
