package org.glassfish.grizzly.ssl;

import java.nio.ByteBuffer;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import org.glassfish.grizzly.Buffer;
import org.glassfish.grizzly.Connection;
import org.glassfish.grizzly.Grizzly;
import org.glassfish.grizzly.ThreadCache;
import org.glassfish.grizzly.attributes.Attribute;
import org.glassfish.grizzly.attributes.AttributeStorage;
import org.glassfish.grizzly.filterchain.FilterChainContext;
import org.glassfish.grizzly.memory.Buffers;
import org.glassfish.grizzly.memory.ByteBufferWrapper;
import org.glassfish.grizzly.memory.CompositeBuffer;
import org.glassfish.grizzly.memory.MemoryManager;
import org.glassfish.grizzly.ssl.SSLConnectionContext;

/* loaded from: input_file:MICRO-INF/runtime/nucleus-grizzly-all.jar:org/glassfish/grizzly/ssl/SSLUtils.class */
public final class SSLUtils {
    private static final boolean ANDROID_WORKAROUND_NEEDED;
    private static final int LOLLIPOP_VER = 21;
    private static final String SSL_CONNECTION_CTX_ATTR_NAME;
    static final Attribute<SSLConnectionContext> SSL_CTX_ATTR;
    private static final SSLConnectionContext.Allocator HS_UNWRAP_ALLOCATOR;
    private static final SSLConnectionContext.Allocator HS_WRAP_ALLOCATOR;
    private static final byte CHANGE_CIPHER_SPECT_CONTENT_TYPE = 20;
    private static final byte APPLICATION_DATA_CONTENT_TYPE = 23;
    private static final int SSLV3_RECORD_HEADER_SIZE = 5;
    private static final int SSL20_HELLO_VERSION = 2;
    private static final int MIN_VERSION = 768;
    private static final int MAX_MAJOR_VERSION = 3;
    private static final ThreadCache.CachedTypeIndex<Buffer> SSL_OUTPUT_BUFFER_IDX;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* loaded from: input_file:MICRO-INF/runtime/nucleus-grizzly-all.jar:org/glassfish/grizzly/ssl/SSLUtils$AndroidWorkAround.class */
    private static class AndroidWorkAround {
        private AndroidWorkAround() {
        }

        public static SSLEngineResult wrapArray(SSLEngine sSLEngine, ByteBuffer[] byteBufferArr, int i, int i2, ByteBuffer byteBuffer) throws SSLException {
            if (i == 0 && i2 == byteBufferArr.length) {
                return sSLEngine.wrap(byteBufferArr, byteBuffer);
            }
            ByteBuffer[] byteBufferArr2 = new ByteBuffer[i2];
            System.arraycopy(byteBufferArr, i, byteBufferArr2, 0, i2);
            return sSLEngine.wrap(byteBufferArr2, byteBuffer);
        }

        public static SSLEngineResult unwrapArray(SSLEngine sSLEngine, ByteBuffer byteBuffer, ByteBuffer[] byteBufferArr, int i, int i2) throws SSLException {
            if (i == 0 && i2 == byteBufferArr.length) {
                return sSLEngine.unwrap(byteBuffer, byteBufferArr);
            }
            ByteBuffer[] byteBufferArr2 = new ByteBuffer[i2];
            System.arraycopy(byteBufferArr, i, byteBufferArr2, 0, i2);
            return sSLEngine.unwrap(byteBuffer, byteBufferArr2);
        }
    }

    public static SSLConnectionContext getSslConnectionContext(Connection connection) {
        return SSL_CTX_ATTR.get(connection);
    }

    public static SSLEngine getSSLEngine(Connection connection) {
        SSLConnectionContext sslConnectionContext = getSslConnectionContext(connection);
        if (sslConnectionContext == null) {
            return null;
        }
        return sslConnectionContext.getSslEngine();
    }

    public static void setSSLEngine(Connection connection, SSLEngine sSLEngine) {
        SSLConnectionContext sslConnectionContext = getSslConnectionContext(connection);
        if (sslConnectionContext == null) {
            sslConnectionContext = new SSLConnectionContext(connection);
            SSL_CTX_ATTR.set((AttributeStorage) connection, (Connection) sslConnectionContext);
        }
        sslConnectionContext.configure(sSLEngine);
    }

    public static int getSSLPacketSize(Buffer buffer) throws SSLException {
        byte b;
        byte b2;
        byte b3;
        byte b4;
        byte b5;
        int i;
        if (buffer.remaining() < 5) {
            return -1;
        }
        if (buffer.hasArray()) {
            byte[] array = buffer.array();
            int arrayOffset = buffer.arrayOffset() + buffer.position();
            int i2 = arrayOffset + 1;
            b = array[arrayOffset];
            int i3 = i2 + 1;
            b2 = array[i2];
            int i4 = i3 + 1;
            b3 = array[i3];
            b4 = array[i4];
            b5 = array[i4 + 1];
        } else {
            int position = buffer.position();
            int i5 = position + 1;
            b = buffer.get(position);
            int i6 = i5 + 1;
            b2 = buffer.get(i5);
            int i7 = i6 + 1;
            b3 = buffer.get(i6);
            b4 = buffer.get(i7);
            b5 = buffer.get(i7 + 1);
        }
        if (b < 20 || b > 23) {
            if (!((b & 128) != 0) || (b3 != 1 && b3 != 4)) {
                throw new SSLException("Unrecognized SSL message, plaintext connection?");
            }
            byte b6 = b4;
            byte b7 = b5;
            int i8 = (b6 << 8) | (b7 & 255);
            if ((i8 < 768 || b6 > 3) && i8 != 2) {
                throw new SSLException("Unsupported record version major=" + b6 + " minor=" + b7);
            }
            i = ((b & Byte.MAX_VALUE) << 8) + (b2 & 255) + 2;
        } else {
            byte b8 = b2;
            byte b9 = b3;
            if (((b8 << 8) | (b9 & 255)) < 768 || b8 > 3) {
                throw new SSLException("Unsupported record version major=" + b8 + " minor=" + b9);
            }
            i = ((b4 & 255) << 8) + (b5 & 255) + 5;
        }
        return i;
    }

    public static void executeDelegatedTask(SSLEngine sSLEngine) {
        while (true) {
            Runnable delegatedTask = sSLEngine.getDelegatedTask();
            if (delegatedTask == null) {
                return;
            } else {
                delegatedTask.run();
            }
        }
    }

    public static boolean isHandshaking(SSLEngine sSLEngine) {
        SSLEngineResult.HandshakeStatus handshakeStatus = sSLEngine.getHandshakeStatus();
        return (handshakeStatus == SSLEngineResult.HandshakeStatus.FINISHED || handshakeStatus == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) ? false : true;
    }

    public static SSLEngineResult handshakeUnwrap(int i, SSLConnectionContext sSLConnectionContext, Buffer buffer, Buffer buffer2) throws SSLException {
        SSLConnectionContext.SslResult unwrap = sSLConnectionContext.unwrap(i, buffer, buffer2, HS_UNWRAP_ALLOCATOR);
        Buffer output = unwrap.getOutput();
        if (!$assertionsDisabled && output.isComposite()) {
            throw new AssertionError();
        }
        if (output != buffer2) {
            output.dispose();
        }
        if (unwrap.isError()) {
            throw unwrap.getError();
        }
        return unwrap.getSslEngineResult();
    }

    public static Buffer handshakeWrap(Connection connection, SSLConnectionContext sSLConnectionContext, Buffer buffer) throws SSLException {
        Buffer allocateOutputBuffer;
        int netBufferSize = sSLConnectionContext.getNetBufferSize();
        if (buffer == null || buffer.isComposite() || buffer.capacity() - buffer.limit() < netBufferSize) {
            allocateOutputBuffer = allocateOutputBuffer(netBufferSize * 2);
        } else {
            buffer.position(buffer.limit());
            buffer.limit(buffer.capacity());
            allocateOutputBuffer = buffer;
        }
        SSLConnectionContext.SslResult wrap = sSLConnectionContext.wrap(Buffers.EMPTY_BUFFER, allocateOutputBuffer, HS_WRAP_ALLOCATOR);
        Buffer output = wrap.getOutput();
        output.flip();
        if (allocateOutputBuffer != output && buffer != null && allocateOutputBuffer == buffer) {
            buffer.flip();
        }
        if (wrap.isError()) {
            if (output != buffer) {
                output.dispose();
            }
            throw wrap.getError();
        }
        if (output != buffer) {
            output = allowDispose(Buffers.appendBuffers(connection.getMemoryManager(), buffer, output));
        }
        return output;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Buffer allocateOutputBuffer(int i) {
        Buffer buffer = (Buffer) ThreadCache.takeFromCache(SSL_OUTPUT_BUFFER_IDX);
        if (!(buffer != null) || buffer.remaining() < i) {
            buffer = new ByteBufferWrapper(ByteBuffer.allocate(i)) { // from class: org.glassfish.grizzly.ssl.SSLUtils.3
                @Override // org.glassfish.grizzly.memory.ByteBufferWrapper, org.glassfish.grizzly.Buffer
                public void dispose() {
                    clear();
                    ThreadCache.putToCache(SSLUtils.SSL_OUTPUT_BUFFER_IDX, this);
                }
            };
        }
        return buffer;
    }

    public static Buffer allocateInputBuffer(SSLConnectionContext sSLConnectionContext) {
        if (sSLConnectionContext.getSslEngine() == null) {
            return null;
        }
        return allocateOutputBuffer(sSLConnectionContext.getNetBufferSize() * 2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Buffer makeInputRemainder(SSLConnectionContext sSLConnectionContext, FilterChainContext filterChainContext, Buffer buffer) {
        if (buffer == null) {
            return null;
        }
        if (!buffer.hasRemaining()) {
            buffer.tryDispose();
            return null;
        }
        if (sSLConnectionContext.resetLastInputBuffer() != null) {
            return move(filterChainContext.getMemoryManager(), buffer);
        }
        Buffer split = buffer.split(buffer.position());
        buffer.tryDispose();
        return split;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Buffer copy(MemoryManager memoryManager, Buffer buffer) {
        Buffer allocate = memoryManager.allocate(buffer.remaining());
        allocate.put(buffer);
        return allocate.flip();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Buffer move(MemoryManager memoryManager, Buffer buffer) {
        Buffer copy = copy(memoryManager, buffer);
        buffer.tryDispose();
        return copy;
    }

    public static Buffer allowDispose(Buffer buffer) {
        if (buffer == null) {
            return null;
        }
        buffer.allowBufferDispose(true);
        if (buffer.isComposite()) {
            ((CompositeBuffer) buffer).allowInternalBuffersDispose(true);
        }
        return buffer;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SSLEngineResult sslEngineWrap(SSLEngine sSLEngine, ByteBuffer byteBuffer, ByteBuffer byteBuffer2) throws SSLException {
        return sSLEngine.wrap(byteBuffer, byteBuffer2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SSLEngineResult sslEngineWrap(SSLEngine sSLEngine, ByteBuffer[] byteBufferArr, int i, int i2, ByteBuffer byteBuffer) throws SSLException {
        return ANDROID_WORKAROUND_NEEDED ? AndroidWorkAround.wrapArray(sSLEngine, byteBufferArr, i, i2, byteBuffer) : sSLEngine.wrap(byteBufferArr, i, i2, byteBuffer);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SSLEngineResult sslEngineUnwrap(SSLEngine sSLEngine, ByteBuffer byteBuffer, ByteBuffer byteBuffer2) throws SSLException {
        return sSLEngine.unwrap(byteBuffer, byteBuffer2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SSLEngineResult sslEngineUnwrap(SSLEngine sSLEngine, ByteBuffer byteBuffer, ByteBuffer[] byteBufferArr, int i, int i2) throws SSLException {
        return ANDROID_WORKAROUND_NEEDED ? AndroidWorkAround.unwrapArray(sSLEngine, byteBuffer, byteBufferArr, i, i2) : sSLEngine.unwrap(byteBuffer, byteBufferArr, i, i2);
    }

    static {
        $assertionsDisabled = !SSLUtils.class.desiredAssertionStatus();
        boolean z = false;
        if ("android runtime".equalsIgnoreCase(System.getProperty("java.runtime.name"))) {
            try {
                z = Class.forName("android.os.Build$VERSION").getField("SDK_INT").getInt(null) >= 21;
            } catch (Throwable th) {
            }
        }
        ANDROID_WORKAROUND_NEEDED = z;
        SSL_CONNECTION_CTX_ATTR_NAME = SSLUtils.class + ".ssl-connection-context";
        SSL_CTX_ATTR = Grizzly.DEFAULT_ATTRIBUTE_BUILDER.createAttribute(SSL_CONNECTION_CTX_ATTR_NAME);
        HS_UNWRAP_ALLOCATOR = new SSLConnectionContext.Allocator() { // from class: org.glassfish.grizzly.ssl.SSLUtils.1
            @Override // org.glassfish.grizzly.ssl.SSLConnectionContext.Allocator
            public Buffer grow(SSLConnectionContext sSLConnectionContext, Buffer buffer, int i) {
                return SSLUtils.allocateOutputBuffer(i);
            }
        };
        HS_WRAP_ALLOCATOR = new SSLConnectionContext.Allocator() { // from class: org.glassfish.grizzly.ssl.SSLUtils.2
            @Override // org.glassfish.grizzly.ssl.SSLConnectionContext.Allocator
            public Buffer grow(SSLConnectionContext sSLConnectionContext, Buffer buffer, int i) {
                return SSLUtils.allocateOutputBuffer(i);
            }
        };
        SSL_OUTPUT_BUFFER_IDX = ThreadCache.obtainIndex(SSLBaseFilter.class.getName() + ".output-buffer-cache", Buffer.class, 4);
    }
}
