package io.netty.handler.ssl;

import groovy.util.ObjectGraphBuilder;
import io.netty.buffer.ByteBufAllocator;
import io.netty.handler.ssl.ApplicationProtocolConfig;
import io.netty.util.internal.EmptyArrays;
import java.security.Principal;
import java.security.cert.Certificate;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSessionBindingEvent;
import javax.net.ssl.SSLSessionBindingListener;
import javax.net.ssl.SSLSessionContext;
import javax.security.cert.X509Certificate;
import org.apache.tomcat.jni.SSL;
import org.drools.compiler.lang.descr.AnnotationDescr;

/* JADX WARN: Classes with same name are omitted:
  input_file:hawkular-alerts.war:WEB-INF/lib/netty-handler-4.0.37.Final.jar:io/netty/handler/ssl/OpenSslEngine.class
  input_file:hawkular-alerts.war:WEB-INF/lib/netty-handler-4.0.47.Final.jar:io/netty/handler/ssl/OpenSslEngine.class
  input_file:lib/netty-handler.jar:io/netty/handler/ssl/OpenSslEngine.class
 */
/* loaded from: input_file:hawkular-metrics.war:WEB-INF/lib/netty-handler-4.0.47.Final.jar:io/netty/handler/ssl/OpenSslEngine.class */
public final class OpenSslEngine extends ReferenceCountedOpenSslEngine {

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: io.netty.handler.ssl.OpenSslEngine$1, reason: invalid class name */
    /* loaded from: input_file:hawkular-alerts.war:WEB-INF/lib/netty-handler-4.0.37.Final.jar:io/netty/handler/ssl/OpenSslEngine$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$io$netty$handler$ssl$OpenSslEngine$HandshakeState;
        static final /* synthetic */ int[] $SwitchMap$io$netty$handler$ssl$ClientAuth;

        static {
            try {
                $SwitchMap$io$netty$handler$ssl$ApplicationProtocolConfig$Protocol[ApplicationProtocolConfig.Protocol.NONE.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$io$netty$handler$ssl$ApplicationProtocolConfig$Protocol[ApplicationProtocolConfig.Protocol.ALPN.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$io$netty$handler$ssl$ApplicationProtocolConfig$Protocol[ApplicationProtocolConfig.Protocol.NPN.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$io$netty$handler$ssl$ApplicationProtocolConfig$Protocol[ApplicationProtocolConfig.Protocol.NPN_AND_ALPN.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            $SwitchMap$io$netty$handler$ssl$ClientAuth = new int[ClientAuth.values().length];
            try {
                $SwitchMap$io$netty$handler$ssl$ClientAuth[ClientAuth.NONE.ordinal()] = 1;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$io$netty$handler$ssl$ClientAuth[ClientAuth.REQUIRE.ordinal()] = 2;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$io$netty$handler$ssl$ClientAuth[ClientAuth.OPTIONAL.ordinal()] = 3;
            } catch (NoSuchFieldError e7) {
            }
            $SwitchMap$io$netty$handler$ssl$OpenSslEngine$HandshakeState = new int[HandshakeState.values().length];
            try {
                $SwitchMap$io$netty$handler$ssl$OpenSslEngine$HandshakeState[HandshakeState.NOT_STARTED.ordinal()] = 1;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$io$netty$handler$ssl$OpenSslEngine$HandshakeState[HandshakeState.FINISHED.ordinal()] = 2;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$io$netty$handler$ssl$OpenSslEngine$HandshakeState[HandshakeState.STARTED_IMPLICITLY.ordinal()] = 3;
            } catch (NoSuchFieldError e10) {
            }
            try {
                $SwitchMap$io$netty$handler$ssl$OpenSslEngine$HandshakeState[HandshakeState.STARTED_EXPLICITLY.ordinal()] = 4;
            } catch (NoSuchFieldError e11) {
            }
        }
    }

    /* loaded from: input_file:hawkular-alerts.war:WEB-INF/lib/netty-handler-4.0.37.Final.jar:io/netty/handler/ssl/OpenSslEngine$HandshakeState.class */
    private enum HandshakeState {
        NOT_STARTED,
        STARTED_IMPLICITLY,
        STARTED_EXPLICITLY,
        FINISHED
    }

    /* loaded from: input_file:hawkular-alerts.war:WEB-INF/lib/netty-handler-4.0.37.Final.jar:io/netty/handler/ssl/OpenSslEngine$OpenSslSession.class */
    private final class OpenSslSession implements SSLSession, ApplicationProtocolAccessor {
        private final OpenSslSessionContext sessionContext;
        private X509Certificate[] x509PeerCerts;
        private String protocol;
        private String applicationProtocol;
        private Certificate[] peerCerts;
        private String cipher;
        private byte[] id;
        private long creationTime;
        private Map<String, Object> values;
        static final /* synthetic */ boolean $assertionsDisabled;

        OpenSslSession(OpenSslSessionContext openSslSessionContext) {
            this.sessionContext = openSslSessionContext;
        }

        @Override // javax.net.ssl.SSLSession
        public byte[] getId() {
            synchronized (OpenSslEngine.this) {
                if (this.id == null) {
                    return EmptyArrays.EMPTY_BYTES;
                }
                return (byte[]) this.id.clone();
            }
        }

        @Override // javax.net.ssl.SSLSession
        public SSLSessionContext getSessionContext() {
            return this.sessionContext;
        }

        @Override // javax.net.ssl.SSLSession
        public long getCreationTime() {
            synchronized (OpenSslEngine.this) {
                if (this.creationTime == 0 && !OpenSslEngine.access$000(OpenSslEngine.this)) {
                    this.creationTime = SSL.getTime(OpenSslEngine.access$100(OpenSslEngine.this)) * 1000;
                }
            }
            return this.creationTime;
        }

        @Override // javax.net.ssl.SSLSession
        public long getLastAccessedTime() {
            return getCreationTime();
        }

        @Override // javax.net.ssl.SSLSession
        public void invalidate() {
            synchronized (OpenSslEngine.this) {
                if (!OpenSslEngine.access$000(OpenSslEngine.this)) {
                    SSL.setTimeout(OpenSslEngine.access$100(OpenSslEngine.this), 0L);
                }
            }
        }

        @Override // javax.net.ssl.SSLSession
        public boolean isValid() {
            synchronized (OpenSslEngine.this) {
                if (OpenSslEngine.access$000(OpenSslEngine.this)) {
                    return false;
                }
                return System.currentTimeMillis() - (SSL.getTimeout(OpenSslEngine.access$100(OpenSslEngine.this)) * 1000) < SSL.getTime(OpenSslEngine.access$100(OpenSslEngine.this)) * 1000;
            }
        }

        @Override // javax.net.ssl.SSLSession
        public void putValue(String str, Object obj) {
            if (str == null) {
                throw new NullPointerException(ObjectGraphBuilder.CLASSNAME_RESOLVER_KEY);
            }
            if (obj == null) {
                throw new NullPointerException(AnnotationDescr.VALUE);
            }
            Map<String, Object> map = this.values;
            if (map == null) {
                HashMap hashMap = new HashMap(2);
                this.values = hashMap;
                map = hashMap;
            }
            Object put = map.put(str, obj);
            if (obj instanceof SSLSessionBindingListener) {
                ((SSLSessionBindingListener) obj).valueBound(new SSLSessionBindingEvent(this, str));
            }
            notifyUnbound(put, str);
        }

        @Override // javax.net.ssl.SSLSession
        public Object getValue(String str) {
            if (str == null) {
                throw new NullPointerException(ObjectGraphBuilder.CLASSNAME_RESOLVER_KEY);
            }
            if (this.values == null) {
                return null;
            }
            return this.values.get(str);
        }

        @Override // javax.net.ssl.SSLSession
        public void removeValue(String str) {
            if (str == null) {
                throw new NullPointerException(ObjectGraphBuilder.CLASSNAME_RESOLVER_KEY);
            }
            Map<String, Object> map = this.values;
            if (map == null) {
                return;
            }
            notifyUnbound(map.remove(str), str);
        }

        @Override // javax.net.ssl.SSLSession
        public String[] getValueNames() {
            Map<String, Object> map = this.values;
            return (map == null || map.isEmpty()) ? EmptyArrays.EMPTY_STRINGS : (String[]) map.keySet().toArray(new String[map.size()]);
        }

        private void notifyUnbound(Object obj, String str) {
            if (obj instanceof SSLSessionBindingListener) {
                ((SSLSessionBindingListener) obj).valueUnbound(new SSLSessionBindingEvent(this, str));
            }
        }

        void handshakeFinished() throws SSLException {
            synchronized (OpenSslEngine.this) {
                if (OpenSslEngine.access$000(OpenSslEngine.this)) {
                    throw new SSLException("Already closed");
                }
                this.id = SSL.getSessionId(OpenSslEngine.access$100(OpenSslEngine.this));
                this.cipher = OpenSslEngine.access$200(OpenSslEngine.this, SSL.getCipherForSSL(OpenSslEngine.access$100(OpenSslEngine.this)));
                this.protocol = SSL.getVersion(OpenSslEngine.access$100(OpenSslEngine.this));
                initPeerCerts();
                selectApplicationProtocol();
                OpenSslEngine.access$302(OpenSslEngine.this, HandshakeState.FINISHED);
            }
        }

        private void initPeerCerts() {
            Certificate[] certificateArr;
            byte[][] peerCertChain = SSL.getPeerCertChain(OpenSslEngine.access$100(OpenSslEngine.this));
            byte[] peerCertificate = !OpenSslEngine.access$400(OpenSslEngine.this) ? SSL.getPeerCertificate(OpenSslEngine.access$100(OpenSslEngine.this)) : null;
            if (peerCertChain == null && peerCertificate == null) {
                this.peerCerts = OpenSslEngine.access$500();
                this.x509PeerCerts = OpenSslEngine.access$600();
                return;
            }
            int length = peerCertChain != null ? peerCertChain.length : 0;
            int i = 0;
            if (peerCertificate != null) {
                certificateArr = new Certificate[length + 1];
                i = 0 + 1;
                certificateArr[0] = new OpenSslX509Certificate(peerCertificate);
            } else {
                certificateArr = new Certificate[length];
            }
            if (peerCertChain != null) {
                X509Certificate[] x509CertificateArr = new X509Certificate[peerCertChain.length];
                for (int i2 = 0; i2 < x509CertificateArr.length; i2++) {
                    byte[] bArr = peerCertChain[i2];
                    x509CertificateArr[i2] = new OpenSslJavaxX509Certificate(bArr);
                    certificateArr[i] = new OpenSslX509Certificate(bArr);
                    i++;
                }
                this.x509PeerCerts = x509CertificateArr;
            } else {
                this.x509PeerCerts = OpenSslEngine.access$600();
            }
            this.peerCerts = certificateArr;
        }

        private void selectApplicationProtocol() throws SSLException {
            ApplicationProtocolConfig.SelectedListenerFailureBehavior selectedListenerFailureBehavior = OpenSslEngine.access$700(OpenSslEngine.this).selectedListenerFailureBehavior();
            List<String> protocols = OpenSslEngine.access$700(OpenSslEngine.this).protocols();
            switch (OpenSslEngine.access$700(OpenSslEngine.this).protocol()) {
                case NONE:
                    return;
                case ALPN:
                    String alpnSelected = SSL.getAlpnSelected(OpenSslEngine.access$100(OpenSslEngine.this));
                    if (alpnSelected != null) {
                        this.applicationProtocol = selectApplicationProtocol(protocols, selectedListenerFailureBehavior, alpnSelected);
                        return;
                    }
                    return;
                case NPN:
                    String nextProtoNegotiated = SSL.getNextProtoNegotiated(OpenSslEngine.access$100(OpenSslEngine.this));
                    if (nextProtoNegotiated != null) {
                        this.applicationProtocol = selectApplicationProtocol(protocols, selectedListenerFailureBehavior, nextProtoNegotiated);
                        return;
                    }
                    return;
                case NPN_AND_ALPN:
                    String alpnSelected2 = SSL.getAlpnSelected(OpenSslEngine.access$100(OpenSslEngine.this));
                    if (alpnSelected2 == null) {
                        alpnSelected2 = SSL.getNextProtoNegotiated(OpenSslEngine.access$100(OpenSslEngine.this));
                    }
                    if (alpnSelected2 != null) {
                        this.applicationProtocol = selectApplicationProtocol(protocols, selectedListenerFailureBehavior, alpnSelected2);
                        return;
                    }
                    return;
                default:
                    throw new Error();
            }
        }

        private String selectApplicationProtocol(List<String> list, ApplicationProtocolConfig.SelectedListenerFailureBehavior selectedListenerFailureBehavior, String str) throws SSLException {
            if (selectedListenerFailureBehavior == ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT) {
                return str;
            }
            int size = list.size();
            if (!$assertionsDisabled && size <= 0) {
                throw new AssertionError();
            }
            if (list.contains(str)) {
                return str;
            }
            if (selectedListenerFailureBehavior == ApplicationProtocolConfig.SelectedListenerFailureBehavior.CHOOSE_MY_LAST_PROTOCOL) {
                return list.get(size - 1);
            }
            throw new SSLException("unknown protocol " + str);
        }

        @Override // javax.net.ssl.SSLSession
        public Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException {
            Certificate[] certificateArr;
            synchronized (OpenSslEngine.this) {
                if (this.peerCerts == null || this.peerCerts.length == 0) {
                    throw new SSLPeerUnverifiedException("peer not verified");
                }
                certificateArr = this.peerCerts;
            }
            return certificateArr;
        }

        @Override // javax.net.ssl.SSLSession
        public Certificate[] getLocalCertificates() {
            if (OpenSslEngine.access$800(OpenSslEngine.this) == null) {
                return null;
            }
            return (Certificate[]) OpenSslEngine.access$800(OpenSslEngine.this).clone();
        }

        @Override // javax.net.ssl.SSLSession
        public X509Certificate[] getPeerCertificateChain() throws SSLPeerUnverifiedException {
            X509Certificate[] x509CertificateArr;
            synchronized (OpenSslEngine.this) {
                if (this.x509PeerCerts == null || this.x509PeerCerts.length == 0) {
                    throw new SSLPeerUnverifiedException("peer not verified");
                }
                x509CertificateArr = this.x509PeerCerts;
            }
            return x509CertificateArr;
        }

        @Override // javax.net.ssl.SSLSession
        public Principal getPeerPrincipal() throws SSLPeerUnverifiedException {
            return ((java.security.cert.X509Certificate) getPeerCertificates()[0]).getSubjectX500Principal();
        }

        @Override // javax.net.ssl.SSLSession
        public Principal getLocalPrincipal() {
            Certificate[] access$800 = OpenSslEngine.access$800(OpenSslEngine.this);
            if (access$800 == null || access$800.length == 0) {
                return null;
            }
            return ((java.security.cert.X509Certificate) access$800[0]).getIssuerX500Principal();
        }

        @Override // javax.net.ssl.SSLSession
        public String getCipherSuite() {
            synchronized (OpenSslEngine.this) {
                if (this.cipher == null) {
                    return "SSL_NULL_WITH_NULL_NULL";
                }
                return this.cipher;
            }
        }

        @Override // javax.net.ssl.SSLSession
        public String getProtocol() {
            String str = this.protocol;
            if (str == null) {
                synchronized (OpenSslEngine.this) {
                    str = !OpenSslEngine.access$000(OpenSslEngine.this) ? SSL.getVersion(OpenSslEngine.access$100(OpenSslEngine.this)) : "";
                }
            }
            return str;
        }

        @Override // io.netty.handler.ssl.ApplicationProtocolAccessor
        public String getApplicationProtocol() {
            String str;
            synchronized (OpenSslEngine.this) {
                str = this.applicationProtocol;
            }
            return str;
        }

        @Override // javax.net.ssl.SSLSession
        public String getPeerHost() {
            return OpenSslEngine.this.getPeerHost();
        }

        @Override // javax.net.ssl.SSLSession
        public int getPeerPort() {
            return OpenSslEngine.this.getPeerPort();
        }

        @Override // javax.net.ssl.SSLSession
        public int getPacketBufferSize() {
            return 18713;
        }

        @Override // javax.net.ssl.SSLSession
        public int getApplicationBufferSize() {
            return 16384;
        }

        static {
            $assertionsDisabled = !OpenSslEngine.class.desiredAssertionStatus();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OpenSslEngine(OpenSslContext openSslContext, ByteBufAllocator byteBufAllocator, String str, int i) {
        super(openSslContext, byteBufAllocator, str, i, false);
    }

    protected void finalize() throws Throwable {
        super.finalize();
        OpenSsl.releaseIfNeeded(this);
    }
}
