package org.apache.activemq.transport.nio;

import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.net.Socket;
import java.net.URI;
import java.net.UnknownHostException;
import java.nio.ByteBuffer;
import java.security.cert.X509Certificate;
import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import org.apache.activemq.command.Command;
import org.apache.activemq.command.ConnectionInfo;
import org.apache.activemq.openwire.OpenWireFormat;
import org.apache.activemq.thread.TaskRunnerFactory;
import org.apache.activemq.transport.nio.SelectorManager;
import org.apache.activemq.util.IOExceptionSupport;
import org.apache.activemq.util.ServiceStopper;
import org.apache.activemq.wireformat.WireFormat;
import org.eclipse.jdt.internal.compiler.impl.CompilerOptions;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/activemq-client-5.9.0.redhat-610045.jar:org/apache/activemq/transport/nio/NIOSSLTransport.class
 */
/* loaded from: input_file:WEB-INF/lib/activemq-all-5.9.0.redhat-610045.jar:org/apache/activemq/transport/nio/NIOSSLTransport.class */
public class NIOSSLTransport extends NIOTransport {
    private static final Logger LOG = LoggerFactory.getLogger(NIOSSLTransport.class);
    protected boolean needClientAuth;
    protected boolean wantClientAuth;
    protected String[] enabledCipherSuites;
    protected SSLContext sslContext;
    protected SSLEngine sslEngine;
    protected SSLSession sslSession;
    protected volatile boolean handshakeInProgress;
    protected SSLEngineResult.Status status;
    protected SSLEngineResult.HandshakeStatus handshakeStatus;
    protected TaskRunnerFactory taskRunnerFactory;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/lib/activemq-client-5.9.0.redhat-610045.jar:org/apache/activemq/transport/nio/NIOSSLTransport$2.class
     */
    /* renamed from: org.apache.activemq.transport.nio.NIOSSLTransport$2, reason: invalid class name */
    /* loaded from: input_file:WEB-INF/lib/activemq-all-5.9.0.redhat-610045.jar:org/apache/activemq/transport/nio/NIOSSLTransport$2.class */
    public static /* synthetic */ class AnonymousClass2 {
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus = new int[SSLEngineResult.HandshakeStatus.values().length];

        static {
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_UNWRAP.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_TASK.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_WRAP.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.FINISHED.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
        }
    }

    public NIOSSLTransport(WireFormat wireFormat, SocketFactory socketFactory, URI uri, URI uri2) throws UnknownHostException, IOException {
        super(wireFormat, socketFactory, uri, uri2);
        this.handshakeInProgress = false;
        this.status = null;
        this.handshakeStatus = null;
    }

    public NIOSSLTransport(WireFormat wireFormat, Socket socket) throws IOException {
        super(wireFormat, socket);
        this.handshakeInProgress = false;
        this.status = null;
        this.handshakeStatus = null;
    }

    public void setSslContext(SSLContext sSLContext) {
        this.sslContext = sSLContext;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.activemq.transport.nio.NIOTransport, org.apache.activemq.transport.tcp.TcpTransport
    public void initializeStreams() throws IOException {
        try {
            this.channel = this.socket.getChannel();
            this.channel.configureBlocking(false);
            if (this.sslContext == null) {
                this.sslContext = SSLContext.getDefault();
            }
            String str = null;
            int i = -1;
            try {
                URI uri = new URI(getRemoteAddress());
                str = uri.getHost();
                i = uri.getPort();
            } catch (Exception e) {
            }
            if (str == null || i == -1) {
                this.sslEngine = this.sslContext.createSSLEngine();
            } else {
                this.sslEngine = this.sslContext.createSSLEngine(str, i);
            }
            this.sslEngine.setUseClientMode(false);
            if (this.enabledCipherSuites != null) {
                this.sslEngine.setEnabledCipherSuites(this.enabledCipherSuites);
            }
            if (this.wantClientAuth) {
                this.sslEngine.setWantClientAuth(this.wantClientAuth);
            }
            if (this.needClientAuth) {
                this.sslEngine.setNeedClientAuth(this.needClientAuth);
            }
            this.sslSession = this.sslEngine.getSession();
            this.inputBuffer = ByteBuffer.allocate(this.sslSession.getPacketBufferSize());
            this.inputBuffer.clear();
            NIOOutputStream nIOOutputStream = new NIOOutputStream(this.channel);
            nIOOutputStream.setEngine(this.sslEngine);
            this.dataOut = new DataOutputStream(nIOOutputStream);
            this.buffOut = nIOOutputStream;
            this.sslEngine.beginHandshake();
            this.handshakeStatus = this.sslEngine.getHandshakeStatus();
            doHandshake();
        } catch (Exception e2) {
            throw new IOException(e2);
        }
    }

    protected void finishHandshake() throws Exception {
        if (this.handshakeInProgress) {
            this.handshakeInProgress = false;
            this.nextFrameSize = -1;
            this.sslSession = this.sslEngine.getSession();
            this.selection = SelectorManager.getInstance().register(this.channel, new SelectorManager.Listener() { // from class: org.apache.activemq.transport.nio.NIOSSLTransport.1
                @Override // org.apache.activemq.transport.nio.SelectorManager.Listener
                public void onSelect(SelectorSelection selectorSelection) {
                    NIOSSLTransport.this.serviceRead();
                }

                @Override // org.apache.activemq.transport.nio.SelectorManager.Listener
                public void onError(SelectorSelection selectorSelection, Throwable th) {
                    if (th instanceof IOException) {
                        NIOSSLTransport.this.onException((IOException) th);
                    } else {
                        NIOSSLTransport.this.onException(IOExceptionSupport.create(th));
                    }
                }
            });
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Code restructure failed: missing block: B:14:0x003a, code lost:
    
        onException(new java.io.EOFException());
        r4.selection.close();
     */
    @Override // org.apache.activemq.transport.nio.NIOTransport
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void serviceRead() {
        /*
            r4 = this;
            r0 = r4
            boolean r0 = r0.handshakeInProgress     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            if (r0 == 0) goto Lb
            r0 = r4
            r0.doHandshake()     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
        Lb:
            r0 = r4
            javax.net.ssl.SSLSession r0 = r0.sslSession     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            int r0 = r0.getApplicationBufferSize()     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            java.nio.ByteBuffer r0 = java.nio.ByteBuffer.allocate(r0)     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            r5 = r0
            r0 = r5
            r1 = r5
            int r1 = r1.limit()     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            java.nio.Buffer r0 = r0.position(r1)     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
        L21:
            r0 = r5
            boolean r0 = r0.hasRemaining()     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            if (r0 != 0) goto L59
            r0 = r4
            r1 = r5
            int r0 = r0.secureRead(r1)     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            r6 = r0
            r0 = r6
            if (r0 != 0) goto L35
            goto L75
        L35:
            r0 = r6
            r1 = -1
            if (r0 != r1) goto L4f
            r0 = r4
            java.io.EOFException r1 = new java.io.EOFException     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            r2 = r1
            r2.<init>()     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            r0.onException(r1)     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            r0 = r4
            org.apache.activemq.transport.nio.SelectorSelection r0 = r0.selection     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            r0.close()     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            goto L75
        L4f:
            r0 = r4
            r1 = r0
            int r1 = r1.receiveCounter     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            r2 = r6
            int r1 = r1 + r2
            r0.receiveCounter = r1     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
        L59:
            r0 = r4
            javax.net.ssl.SSLEngineResult$Status r0 = r0.status     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            javax.net.ssl.SSLEngineResult$Status r1 = javax.net.ssl.SSLEngineResult.Status.OK     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            if (r0 != r1) goto L21
            r0 = r4
            javax.net.ssl.SSLEngineResult$HandshakeStatus r0 = r0.handshakeStatus     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            javax.net.ssl.SSLEngineResult$HandshakeStatus r1 = javax.net.ssl.SSLEngineResult.HandshakeStatus.NEED_UNWRAP     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            if (r0 == r1) goto L21
            r0 = r4
            r1 = r5
            r0.processCommand(r1)     // Catch: java.io.IOException -> L78 java.lang.Throwable -> L81
            goto L21
        L75:
            goto L8a
        L78:
            r5 = move-exception
            r0 = r4
            r1 = r5
            r0.onException(r1)
            goto L8a
        L81:
            r5 = move-exception
            r0 = r4
            r1 = r5
            java.io.IOException r1 = org.apache.activemq.util.IOExceptionSupport.create(r1)
            r0.onException(r1)
        L8a:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.activemq.transport.nio.NIOSSLTransport.serviceRead():void");
    }

    protected void processCommand(ByteBuffer byteBuffer) throws Exception {
        if (this.nextFrameSize != -1) {
            if (this.currentBuffer.remaining() >= byteBuffer.remaining()) {
                this.currentBuffer.put(byteBuffer);
            } else {
                byte[] bArr = new byte[this.currentBuffer.remaining()];
                byteBuffer.get(bArr);
                this.currentBuffer.put(bArr);
            }
            if (this.currentBuffer.hasRemaining()) {
                return;
            }
            this.currentBuffer.flip();
            doConsume((Command) this.wireFormat.unmarshal(new DataInputStream(new NIOInputStream(this.currentBuffer))));
            this.nextFrameSize = -1;
            this.currentBuffer = null;
            return;
        }
        if (byteBuffer.remaining() < 32) {
            if (this.currentBuffer == null) {
                this.currentBuffer = ByteBuffer.allocate(4);
            }
            while (this.currentBuffer.hasRemaining() && byteBuffer.hasRemaining()) {
                this.currentBuffer.put(byteBuffer.get());
            }
            if (this.currentBuffer.hasRemaining()) {
                return;
            }
            this.currentBuffer.flip();
            this.nextFrameSize = this.currentBuffer.getInt();
        } else if (this.currentBuffer != null) {
            while (this.currentBuffer.hasRemaining()) {
                this.currentBuffer.put(byteBuffer.get());
            }
            this.currentBuffer.flip();
            this.nextFrameSize = this.currentBuffer.getInt();
        } else {
            this.nextFrameSize = byteBuffer.getInt();
        }
        if (this.wireFormat instanceof OpenWireFormat) {
            long maxFrameSize = ((OpenWireFormat) this.wireFormat).getMaxFrameSize();
            if (this.nextFrameSize > maxFrameSize) {
                throw new IOException("Frame size of " + (this.nextFrameSize / 1048576) + " MB larger than max allowed " + (maxFrameSize / CompilerOptions.MissingJavadocComments) + " MB");
            }
        }
        this.currentBuffer = ByteBuffer.allocate(this.nextFrameSize + 4);
        this.currentBuffer.putInt(this.nextFrameSize);
    }

    protected int secureRead(ByteBuffer byteBuffer) throws Exception {
        SSLEngineResult unwrap;
        if (this.inputBuffer.position() == 0 || !this.inputBuffer.hasRemaining() || this.status == SSLEngineResult.Status.BUFFER_UNDERFLOW) {
            int read = this.channel.read(this.inputBuffer);
            if (read == 0) {
                return 0;
            }
            if (read == -1) {
                this.sslEngine.closeInbound();
                if (this.inputBuffer.position() == 0 || this.status == SSLEngineResult.Status.BUFFER_UNDERFLOW) {
                    return -1;
                }
            }
        }
        byteBuffer.clear();
        this.inputBuffer.flip();
        do {
            unwrap = this.sslEngine.unwrap(this.inputBuffer, byteBuffer);
            if (unwrap.getStatus() != SSLEngineResult.Status.OK || unwrap.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
                break;
            }
        } while (unwrap.bytesProduced() == 0);
        if (unwrap.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.FINISHED) {
            finishHandshake();
        }
        this.status = unwrap.getStatus();
        this.handshakeStatus = unwrap.getHandshakeStatus();
        if (this.status == SSLEngineResult.Status.CLOSED) {
            this.sslEngine.closeInbound();
            return -1;
        }
        this.inputBuffer.compact();
        byteBuffer.flip();
        return byteBuffer.remaining();
    }

    /* JADX WARN: Code restructure failed: missing block: B:17:0x0070, code lost:
    
        finishHandshake();
     */
    /* JADX WARN: Code restructure failed: missing block: B:18:0x0074, code lost:
    
        return;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected void doHandshake() throws java.lang.Exception {
        /*
            r3 = this;
            r0 = r3
            r1 = 1
            r0.handshakeInProgress = r1
        L5:
            int[] r0 = org.apache.activemq.transport.nio.NIOSSLTransport.AnonymousClass2.$SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus
            r1 = r3
            javax.net.ssl.SSLEngine r1 = r1.sslEngine
            javax.net.ssl.SSLEngineResult$HandshakeStatus r1 = r1.getHandshakeStatus()
            int r1 = r1.ordinal()
            r0 = r0[r1]
            switch(r0) {
                case 1: goto L34;
                case 2: goto L48;
                case 3: goto L5f;
                case 4: goto L70;
                case 5: goto L70;
                default: goto L75;
            }
        L34:
            r0 = r3
            r1 = r3
            javax.net.ssl.SSLSession r1 = r1.sslSession
            int r1 = r1.getApplicationBufferSize()
            java.nio.ByteBuffer r1 = java.nio.ByteBuffer.allocate(r1)
            int r0 = r0.secureRead(r1)
            goto L75
        L48:
            r0 = r3
            javax.net.ssl.SSLEngine r0 = r0.sslEngine
            java.lang.Runnable r0 = r0.getDelegatedTask()
            r1 = r0
            r4 = r1
            if (r0 == 0) goto L75
            r0 = r3
            org.apache.activemq.thread.TaskRunnerFactory r0 = r0.taskRunnerFactory
            r1 = r4
            r0.execute(r1)
            goto L48
        L5f:
            r0 = r3
            org.apache.activemq.transport.tcp.TimeStampStream r0 = r0.buffOut
            org.apache.activemq.transport.nio.NIOOutputStream r0 = (org.apache.activemq.transport.nio.NIOOutputStream) r0
            r1 = 0
            java.nio.ByteBuffer r1 = java.nio.ByteBuffer.allocate(r1)
            r0.write(r1)
            goto L75
        L70:
            r0 = r3
            r0.finishHandshake()
            return
        L75:
            goto L5
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.activemq.transport.nio.NIOSSLTransport.doHandshake():void");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.activemq.transport.nio.NIOTransport, org.apache.activemq.transport.tcp.TcpTransport, org.apache.activemq.transport.TransportThreadSupport, org.apache.activemq.util.ServiceSupport
    public void doStart() throws Exception {
        this.taskRunnerFactory = new TaskRunnerFactory("ActiveMQ NIOSSLTransport Task");
        super.doStart();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.activemq.transport.nio.NIOTransport, org.apache.activemq.transport.tcp.TcpTransport, org.apache.activemq.util.ServiceSupport
    public void doStop(ServiceStopper serviceStopper) throws Exception {
        if (this.taskRunnerFactory != null) {
            this.taskRunnerFactory.shutdownNow();
            this.taskRunnerFactory = null;
        }
        if (this.channel != null) {
            this.channel.close();
            this.channel = null;
        }
        super.doStop(serviceStopper);
    }

    @Override // org.apache.activemq.transport.TransportSupport
    public void doConsume(Object obj) {
        if (obj instanceof ConnectionInfo) {
            ((ConnectionInfo) obj).setTransportContext(getPeerCertificates());
        }
        super.doConsume(obj);
    }

    public X509Certificate[] getPeerCertificates() {
        X509Certificate[] x509CertificateArr = null;
        try {
            if (this.sslEngine.getSession() != null) {
                x509CertificateArr = (X509Certificate[]) this.sslEngine.getSession().getPeerCertificates();
            }
        } catch (SSLPeerUnverifiedException e) {
            if (LOG.isTraceEnabled()) {
                LOG.trace("Failed to get peer certificates.", (Throwable) e);
            }
        }
        return x509CertificateArr;
    }

    public boolean isNeedClientAuth() {
        return this.needClientAuth;
    }

    public void setNeedClientAuth(boolean z) {
        this.needClientAuth = z;
    }

    public boolean isWantClientAuth() {
        return this.wantClientAuth;
    }

    public void setWantClientAuth(boolean z) {
        this.wantClientAuth = z;
    }

    public String[] getEnabledCipherSuites() {
        return this.enabledCipherSuites;
    }

    public void setEnabledCipherSuites(String[] strArr) {
        this.enabledCipherSuites = strArr;
    }
}
