package org.apache.mina.filter.ssl;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLSession;
import org.apache.mina.a.a.c;
import org.apache.mina.a.c.d;
import org.apache.mina.a.c.e;
import org.apache.mina.a.c.f;
import org.apache.mina.a.d.h;
import org.apache.mina.a.d.l;
import org.apache.mina.a.g.q;
import org.apache.mina.a.h.g;
import org.apache.mina.a.h.i;

/* loaded from: classes.dex */
public class SslFilter extends e {
    public static final SslFilterMessage SESSION_SECURED;
    public static final SslFilterMessage SESSION_UNSECURED;
    private static final boolean START_HANDSHAKE = true;
    private final boolean autoStart;
    private boolean client;
    private String[] enabledCipherSuites;
    private String[] enabledProtocols;
    private boolean needClientAuth;
    final SSLContext sslContext;
    private boolean wantClientAuth;
    public static final org.apache.mina.a.g.e SSL_SESSION = new org.apache.mina.a.g.e(SslFilter.class, "session");
    public static final org.apache.mina.a.g.e DISABLE_ENCRYPTION_ONCE = new org.apache.mina.a.g.e(SslFilter.class, "disableOnce");
    public static final org.apache.mina.a.g.e USE_NOTIFICATION = new org.apache.mina.a.g.e(SslFilter.class, "useNotification");
    public static final org.apache.mina.a.g.e PEER_ADDRESS = new org.apache.mina.a.g.e(SslFilter.class, "peerAddress");
    private static final org.apache.mina.a.g.e NEXT_FILTER = new org.apache.mina.a.g.e(SslFilter.class, "nextFilter");
    private static final org.apache.mina.a.g.e SSL_HANDLER = new org.apache.mina.a.g.e(SslFilter.class, "handler");

    /* loaded from: classes.dex */
    private static class EncryptedWriteRequest extends g {
        private final c encryptedMessage;

        private EncryptedWriteRequest(org.apache.mina.a.h.e eVar, c cVar) {
            super(eVar);
            this.encryptedMessage = cVar;
        }

        /* synthetic */ EncryptedWriteRequest(org.apache.mina.a.h.e eVar, c cVar, EncryptedWriteRequest encryptedWriteRequest) {
            this(eVar, cVar);
        }

        @Override // org.apache.mina.a.h.g, org.apache.mina.a.h.e
        public Object getMessage() {
            return this.encryptedMessage;
        }
    }

    /* loaded from: classes.dex */
    public static class SslFilterMessage {
        private final String name;

        private SslFilterMessage(String str) {
            this.name = str;
        }

        /* synthetic */ SslFilterMessage(String str, SslFilterMessage sslFilterMessage) {
            this(str);
        }

        public String toString() {
            return this.name;
        }
    }

    static {
        SslFilterMessage sslFilterMessage = null;
        SESSION_SECURED = new SslFilterMessage("SESSION_SECURED", sslFilterMessage);
        SESSION_UNSECURED = new SslFilterMessage("SESSION_UNSECURED", sslFilterMessage);
    }

    public SslFilter(SSLContext sSLContext) {
        this(sSLContext, true);
    }

    public SslFilter(SSLContext sSLContext, boolean z) {
        if (sSLContext == null) {
            throw new IllegalArgumentException("sslContext");
        }
        this.sslContext = sSLContext;
        this.autoStart = z;
    }

    private SslHandler getSslSessionHandler(q qVar) {
        SslHandler sslHandler = (SslHandler) qVar.getAttribute(SSL_HANDLER);
        if (sslHandler == null) {
            throw new IllegalStateException();
        }
        if (sslHandler.getSslFilter() != this) {
            throw new IllegalArgumentException("Not managed by this filter.");
        }
        return sslHandler;
    }

    private void handleAppDataRead(d.a aVar, SslHandler sslHandler) {
        c fetchAppBuffer = sslHandler.fetchAppBuffer();
        if (fetchAppBuffer.m()) {
            sslHandler.scheduleMessageReceived(aVar, fetchAppBuffer);
        }
    }

    private void handleSslData(d.a aVar, SslHandler sslHandler) throws SSLException {
        if (sslHandler.isHandshakeComplete()) {
            sslHandler.flushPreHandshakeEvents();
        }
        sslHandler.writeNetBuffer(aVar);
        handleAppDataRead(aVar, sslHandler);
    }

    private l initiateClosure(d.a aVar, q qVar) throws SSLException {
        SslHandler sslSessionHandler = getSslSessionHandler(qVar);
        if (!sslSessionHandler.closeOutbound()) {
            return org.apache.mina.a.d.g.a(qVar, new IllegalStateException("SSL session is shut down already."));
        }
        l writeNetBuffer = sslSessionHandler.writeNetBuffer(aVar);
        if (writeNetBuffer == null) {
            writeNetBuffer = org.apache.mina.a.d.g.a(qVar);
        }
        if (sslSessionHandler.isInboundDone()) {
            sslSessionHandler.destroy();
        }
        if (!qVar.containsAttribute(USE_NOTIFICATION)) {
            return writeNetBuffer;
        }
        sslSessionHandler.scheduleMessageReceived(aVar, SESSION_UNSECURED);
        return writeNetBuffer;
    }

    private void initiateHandshake(d.a aVar, q qVar) throws SSLException {
        org.a.c.b("SslFilter", "{} : Starting the first handshake" + getSessionInfo(qVar));
        SslHandler sslSessionHandler = getSslSessionHandler(qVar);
        synchronized (sslSessionHandler) {
            sslSessionHandler.handshake(aVar);
        }
        sslSessionHandler.flushScheduledEvents();
    }

    private boolean isCloseNotify(Object obj) {
        if (!(obj instanceof c)) {
            return false;
        }
        c cVar = (c) obj;
        int f = cVar.f();
        return cVar.l() == 23 && cVar.f(f + 0) == 21 && cVar.f(f + 1) == 3 && cVar.f(f + 2) == 1 && cVar.f(f + 3) == 0 && cVar.f(f + 4) == 18;
    }

    @Override // org.apache.mina.a.c.e, org.apache.mina.a.c.d
    public void exceptionCaught(d.a aVar, q qVar, Throwable th) throws Exception {
        boolean z;
        if (th instanceof i) {
            List<org.apache.mina.a.h.e> a2 = ((i) th).a();
            Iterator<org.apache.mina.a.h.e> it = a2.iterator();
            while (true) {
                if (it.hasNext()) {
                    if (isCloseNotify(it.next().getMessage())) {
                        z = true;
                        break;
                    }
                } else {
                    z = false;
                    break;
                }
            }
            if (z) {
                if (a2.size() == 1) {
                    return;
                }
                ArrayList arrayList = new ArrayList(a2.size() - 1);
                for (org.apache.mina.a.h.e eVar : a2) {
                    if (!isCloseNotify(eVar.getMessage())) {
                        arrayList.add(eVar);
                    }
                }
                if (arrayList.isEmpty()) {
                    return;
                } else {
                    th = new i(arrayList, th.getMessage(), th.getCause());
                }
            }
        }
        aVar.a(qVar, th);
    }

    @Override // org.apache.mina.a.c.e, org.apache.mina.a.c.d
    public void filterClose(final d.a aVar, final q qVar) throws SSLException {
        SslHandler sslHandler = (SslHandler) qVar.getAttribute(SSL_HANDLER);
        if (sslHandler == null) {
            aVar.d(qVar);
            return;
        }
        l lVar = null;
        try {
            synchronized (sslHandler) {
                if (isSslStarted(qVar)) {
                    lVar = initiateClosure(aVar, qVar);
                    lVar.a(new org.apache.mina.a.d.i<h>() { // from class: org.apache.mina.filter.ssl.SslFilter.1
                        @Override // org.apache.mina.a.d.i
                        public void operationComplete(h hVar) {
                            aVar.d(qVar);
                        }
                    });
                }
            }
            sslHandler.flushScheduledEvents();
        } finally {
            if (lVar == null) {
                aVar.d(qVar);
            }
        }
    }

    @Override // org.apache.mina.a.c.e, org.apache.mina.a.c.d
    public void filterWrite(d.a aVar, q qVar, org.apache.mina.a.h.e eVar) throws SSLException {
        boolean z;
        SslHandler sslSessionHandler = getSslSessionHandler(qVar);
        synchronized (sslSessionHandler) {
            if (!isSslStarted(qVar)) {
                sslSessionHandler.scheduleFilterWrite(aVar, eVar);
                z = true;
            } else if (qVar.containsAttribute(DISABLE_ENCRYPTION_ONCE)) {
                qVar.removeAttribute(DISABLE_ENCRYPTION_ONCE);
                sslSessionHandler.scheduleFilterWrite(aVar, eVar);
                z = true;
            } else {
                c cVar = (c) eVar.getMessage();
                if (sslSessionHandler.isWritingEncryptedData()) {
                    sslSessionHandler.scheduleFilterWrite(aVar, eVar);
                    z = true;
                } else if (sslSessionHandler.isHandshakeComplete()) {
                    int f = cVar.f();
                    sslSessionHandler.encrypt(cVar.z());
                    cVar.d(f);
                    sslSessionHandler.scheduleFilterWrite(aVar, new EncryptedWriteRequest(eVar, sslSessionHandler.fetchOutNetBuffer(), null));
                    z = true;
                } else {
                    if (qVar.isConnected()) {
                        sslSessionHandler.schedulePreHandshakeWriteRequest(aVar, eVar);
                    }
                    z = false;
                }
            }
        }
        if (z) {
            sslSessionHandler.flushScheduledEvents();
        }
    }

    public String[] getEnabledCipherSuites() {
        return this.enabledCipherSuites;
    }

    public String[] getEnabledProtocols() {
        return this.enabledProtocols;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getSessionInfo(q qVar) {
        StringBuilder sb = new StringBuilder();
        if (qVar.getService() instanceof org.apache.mina.a.f.i) {
            sb.append("Session Server");
        } else {
            sb.append("Session Client");
        }
        sb.append('[').append(qVar.getId()).append(']');
        SslHandler sslHandler = (SslHandler) qVar.getAttribute(SSL_HANDLER);
        if (sslHandler == null) {
            sb.append("(no sslEngine)");
        } else if (isSslStarted(qVar)) {
            if (sslHandler.isHandshakeComplete()) {
                sb.append("(SSL)");
            } else {
                sb.append("(ssl...)");
            }
        }
        return sb.toString();
    }

    public SSLSession getSslSession(q qVar) {
        return (SSLSession) qVar.getAttribute(SSL_SESSION);
    }

    public boolean isNeedClientAuth() {
        return this.needClientAuth;
    }

    public boolean isSslStarted(q qVar) {
        boolean z;
        SslHandler sslHandler = (SslHandler) qVar.getAttribute(SSL_HANDLER);
        if (sslHandler == null) {
            return false;
        }
        synchronized (sslHandler) {
            z = sslHandler.isOutboundDone() ? false : true;
        }
        return z;
    }

    public boolean isUseClientMode() {
        return this.client;
    }

    public boolean isWantClientAuth() {
        return this.wantClientAuth;
    }

    @Override // org.apache.mina.a.c.e, org.apache.mina.a.c.d
    public void messageReceived(d.a aVar, q qVar, Object obj) throws SSLException {
        SslHandler sslSessionHandler = getSslSessionHandler(qVar);
        synchronized (sslSessionHandler) {
            if (isSslStarted(qVar) || !sslSessionHandler.isInboundDone()) {
                c cVar = (c) obj;
                try {
                    sslSessionHandler.messageReceived(aVar, cVar.z());
                    handleSslData(aVar, sslSessionHandler);
                    if (sslSessionHandler.isInboundDone()) {
                        if (sslSessionHandler.isOutboundDone()) {
                            sslSessionHandler.destroy();
                        } else {
                            initiateClosure(aVar, qVar);
                        }
                        if (cVar.m()) {
                            sslSessionHandler.scheduleMessageReceived(aVar, cVar);
                        }
                    }
                } catch (SSLException e) {
                    if (sslSessionHandler.isHandshakeComplete()) {
                        throw e;
                    }
                    SSLHandshakeException sSLHandshakeException = new SSLHandshakeException("SSL handshake failed.");
                    sSLHandshakeException.initCause(e);
                    throw sSLHandshakeException;
                }
            } else {
                sslSessionHandler.scheduleMessageReceived(aVar, obj);
            }
        }
        sslSessionHandler.flushScheduledEvents();
    }

    @Override // org.apache.mina.a.c.e, org.apache.mina.a.c.d
    public void messageSent(d.a aVar, q qVar, org.apache.mina.a.h.e eVar) {
        if (eVar instanceof EncryptedWriteRequest) {
            aVar.a(qVar, ((EncryptedWriteRequest) eVar).getParentRequest());
        }
    }

    @Override // org.apache.mina.a.c.e, org.apache.mina.a.c.d
    public void onPostAdd(f fVar, String str, d.a aVar) throws SSLException {
        if (this.autoStart) {
            initiateHandshake(aVar, fVar.a());
        }
    }

    @Override // org.apache.mina.a.c.e, org.apache.mina.a.c.d
    public void onPreAdd(f fVar, String str, d.a aVar) throws SSLException {
        if (fVar.c(SslFilter.class)) {
            org.a.c.d("SslFilter", "Only one SSL filter is permitted in a chain.");
            throw new IllegalStateException("Only one SSL filter is permitted in a chain.");
        }
        org.a.c.b("SslFilter", "Adding the SSL Filter {} to the chain" + str);
        q a2 = fVar.a();
        a2.setAttribute(NEXT_FILTER, aVar);
        SslHandler sslHandler = new SslHandler(this, a2);
        sslHandler.init();
        a2.setAttribute(SSL_HANDLER, sslHandler);
    }

    @Override // org.apache.mina.a.c.e, org.apache.mina.a.c.d
    public void onPreRemove(f fVar, String str, d.a aVar) throws SSLException {
        q a2 = fVar.a();
        stopSsl(a2);
        a2.removeAttribute(NEXT_FILTER);
        a2.removeAttribute(SSL_HANDLER);
    }

    @Override // org.apache.mina.a.c.e, org.apache.mina.a.c.d
    public void sessionClosed(d.a aVar, q qVar) throws SSLException {
        SslHandler sslSessionHandler = getSslSessionHandler(qVar);
        try {
            synchronized (sslSessionHandler) {
                sslSessionHandler.destroy();
            }
            sslSessionHandler.flushScheduledEvents();
        } finally {
            aVar.c(qVar);
        }
    }

    public void setEnabledCipherSuites(String[] strArr) {
        this.enabledCipherSuites = strArr;
    }

    public void setEnabledProtocols(String[] strArr) {
        this.enabledProtocols = strArr;
    }

    public void setNeedClientAuth(boolean z) {
        this.needClientAuth = z;
    }

    public void setUseClientMode(boolean z) {
        this.client = z;
    }

    public void setWantClientAuth(boolean z) {
        this.wantClientAuth = z;
    }

    public boolean startSsl(q qVar) throws SSLException {
        boolean z;
        SslHandler sslSessionHandler = getSslSessionHandler(qVar);
        synchronized (sslSessionHandler) {
            if (sslSessionHandler.isOutboundDone()) {
                d.a aVar = (d.a) qVar.getAttribute(NEXT_FILTER);
                sslSessionHandler.destroy();
                sslSessionHandler.init();
                sslSessionHandler.handshake(aVar);
                z = true;
            } else {
                z = false;
            }
        }
        sslSessionHandler.flushScheduledEvents();
        return z;
    }

    public l stopSsl(q qVar) throws SSLException {
        l initiateClosure;
        SslHandler sslSessionHandler = getSslSessionHandler(qVar);
        d.a aVar = (d.a) qVar.getAttribute(NEXT_FILTER);
        synchronized (sslSessionHandler) {
            initiateClosure = initiateClosure(aVar, qVar);
        }
        sslSessionHandler.flushScheduledEvents();
        return initiateClosure;
    }
}
