package com.progress.blackbird.nwlink.ssl;

import cern.colt.matrix.impl.AbstractFormatter;
import com.progress.blackbird.nwlink.ENwLinkException;
import com.progress.blackbird.nwlink.INwLink;
import com.progress.blackbird.nwlink.INwLinkStatistics;
import com.progress.blackbird.nwlink.NwLink;
import com.progress.blackbird.nwlink.NwLinkDescriptorParser;
import com.progress.blackbird.nwlink.tcp.TCPNwLink;
import com.progress.blackbird.sys.ESysIoctlException;
import com.progress.blackbird.sys.ISysIoctl;
import com.progress.blackbird.sys.SysConfig;
import com.progress.blackbird.sys.SysStatistics;
import com.sonicsw.mf.framework.directory.DSComponent;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.channels.SelectableChannel;
import java.nio.channels.SelectionKey;
import java.nio.channels.Selector;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.text.NumberFormat;
import java.util.Properties;
import java.util.StringTokenizer;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:com/progress/blackbird/nwlink/ssl/SSLNwLink.class */
public final class SSLNwLink extends NwLink implements INwLink {
    private final INwLink tcpLink;
    private final SSLEngine sslEngine;
    private final ByteBuffer inNetBuffer;
    private final ByteBuffer outNetBuffer;
    private final ByteBuffer inAppBuffer;
    private final Statistics statistics;
    private WriteResumeContext writeResumeContext;
    private boolean flgSSLSessionOpen;
    private static final String AUTHENTICATE_PROPNAME = "authenticate";
    private static final String KEYSTORE_FILENAME_PROPNAME = "keyStoreFilename";
    private static final String KEYSTORE_PASSWORD_PROPNAME = "keyStorePassword";
    private static final String TRUSTSTORE_FILENAME_PROPNAME = "trustStoreFilename";
    private static final String TRUSTSTORE_PASSWORD_PROPNAME = "trustStorePassword";
    private static final String PROTOCOLS_PROPNAME = "protocols";
    private static final String CIPHER_SUITES_PROPNAME = "cipherSuites";
    private static final String NEED_CLIENT_AUTH_PROPNAME = "needClientAuth";
    private static final String HANDSHAKE_TIMEOUT_PROPNAME = "handshakeTimeout";
    private static final String CLOSE_TIMEOUT_PROPNAME = "closeTimeout";
    private final NwLink.BooleanProperty authenticate = new NwLink.BooleanProperty(AUTHENTICATE_PROPNAME, SysConfig.getConfigValue(SysConfig.getProperties(), "bb.nwlink.ssl.authenticate", "true"));
    private final NwLink.StringProperty keyStoreFileName = new NwLink.StringProperty(KEYSTORE_FILENAME_PROPNAME, null);
    private final NwLink.StringProperty keyStorePassword = new NwLink.StringProperty(KEYSTORE_PASSWORD_PROPNAME, DSComponent.FAULT_TOLERANCE_ROLE_DEFAULT);
    private final NwLink.StringProperty trustStoreFileName = new NwLink.StringProperty(TRUSTSTORE_FILENAME_PROPNAME, SysConfig.getConfigValue(SysConfig.getProperties(), "bb.nwlink.ssl.trustStoreFilename", (String) null));
    private final NwLink.StringProperty trustStorePassword = new NwLink.StringProperty(TRUSTSTORE_PASSWORD_PROPNAME, null);
    private final NwLink.StringProperty protocols = new NwLink.StringProperty(PROTOCOLS_PROPNAME, SysConfig.getConfigValue(SysConfig.getProperties(), "bb.nwlink.ssl.protocols", (String) null));
    private final NwLink.StringProperty cipherSuites = new NwLink.StringProperty(CIPHER_SUITES_PROPNAME, SysConfig.getConfigValue(SysConfig.getProperties(), "bb.nwlink.ssl.cipherSuites", (String) null));
    private final NwLink.BooleanProperty needClientAuth = new NwLink.BooleanProperty(NEED_CLIENT_AUTH_PROPNAME, SysConfig.getConfigValue(SysConfig.getProperties(), "bb.nwlink.ssl.needClientAuth", "false"));
    private final NwLink.IntProperty handshakeTimeout = new NwLink.IntProperty(HANDSHAKE_TIMEOUT_PROPNAME, SysConfig.getConfigValue(SysConfig.getProperties(), "bb.nwlink.ssl.handshakeTimeout", "20"));
    private final NwLink.IntProperty closeTimeout = new NwLink.IntProperty(CLOSE_TIMEOUT_PROPNAME, SysConfig.getConfigValue(SysConfig.getProperties(), "bb.nwlink.ssl.closeTimeout", "10"));
    private final int HANDSHAKE_CONTINUE = 0;
    private final int HANDSHAKE_WAIT_READ = 1;
    private final int HANDSHAKE_WAIT_WRITE = 2;
    private final int HANDSHAKE_DONE = 3;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.progress.blackbird.nwlink.ssl.SSLNwLink$1, reason: invalid class name */
    /* loaded from: input_file:com/progress/blackbird/nwlink/ssl/SSLNwLink$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$Status;
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus = new int[SSLEngineResult.HandshakeStatus.values().length];

        static {
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_TASK.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_UNWRAP.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_WRAP.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.FINISHED.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            $SwitchMap$javax$net$ssl$SSLEngineResult$Status = new int[SSLEngineResult.Status.values().length];
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.OK.ordinal()] = 1;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.BUFFER_UNDERFLOW.ordinal()] = 2;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.CLOSED.ordinal()] = 3;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.BUFFER_OVERFLOW.ordinal()] = 4;
            } catch (NoSuchFieldError e9) {
            }
        }
    }

    /* loaded from: input_file:com/progress/blackbird/nwlink/ssl/SSLNwLink$Statistics.class */
    private class Statistics extends SysStatistics implements INwLinkStatistics {
        private NumberFormat format;
        private long startTime;
        private long deltaStartTime;

        private Statistics() {
            this.format = NumberFormat.getInstance();
            this.format.setMaximumFractionDigits(2);
        }

        @Override // com.progress.blackbird.sys.SysStatistics
        protected final void init() {
            long currentTimeMillis = System.currentTimeMillis();
            this.deltaStartTime = currentTimeMillis;
            this.startTime = currentTimeMillis;
        }

        @Override // com.progress.blackbird.sys.SysStatistics
        protected final void dump() {
            long currentTimeMillis = System.currentTimeMillis();
            long j = currentTimeMillis - this.startTime;
            long j2 = currentTimeMillis - this.deltaStartTime;
            this.deltaStartTime = currentTimeMillis;
            String str = "[SSL Link STATS] DT=" + j2 + AbstractFormatter.DEFAULT_ROW_SEPARATOR;
        }

        /* synthetic */ Statistics(SSLNwLink sSLNwLink, AnonymousClass1 anonymousClass1) {
            this();
        }
    }

    /* loaded from: input_file:com/progress/blackbird/nwlink/ssl/SSLNwLink$WriteResumeContext.class */
    private final class WriteResumeContext {
        final ByteBuffer buffer;
        final ByteBuffer outNetBuffer;
        final SSLEngineResult result;

        WriteResumeContext(ByteBuffer byteBuffer, ByteBuffer byteBuffer2, SSLEngineResult sSLEngineResult) {
            this.buffer = byteBuffer;
            this.outNetBuffer = byteBuffer2;
            this.result = sSLEngineResult;
        }
    }

    private SSLNwLink(int i, INwLink iNwLink, Properties properties, boolean z) throws ENwLinkException {
        this.tcpLink = iNwLink;
        this.trace.updateLevelFromProperty(SysConfig.getProperties(), "bb.nwlink.ssl.trace");
        propertyTableToProps(properties);
        if (i != 1) {
            this.sslEngine = null;
            this.inAppBuffer = null;
            this.outNetBuffer = null;
            this.inNetBuffer = null;
            this.statistics = null;
            return;
        }
        this.trace.outln("Initializing key manager factory <store= '" + (this.keyStoreFileName.value == null ? "default" : this.keyStoreFileName.value) + "'>...", 4);
        try {
            KeyManagerFactory initKeyManagerFactory = initKeyManagerFactory();
            this.trace.outln("Initializing trust manager factory <store= '" + (this.trustStoreFileName.value == null ? "default" : this.trustStoreFileName.value) + "'>...", 4);
            try {
                TrustManagerFactory initTrustManagerFactory = initTrustManagerFactory();
                this.trace.outln("Creating and initializing SSL Context...", 4);
                try {
                    SSLContext sSLContext = SSLContext.getInstance("ssl");
                    sSLContext.init(initKeyManagerFactory.getKeyManagers(), initTrustManagerFactory.getTrustManagers(), null);
                    this.trace.outln("Creating and configuring SSL Engine...", 4);
                    this.sslEngine = sSLContext.createSSLEngine();
                    this.trace.outln("....mode = " + (z ? "client" : "server"), 4);
                    this.sslEngine.setUseClientMode(z);
                    this.trace.outln("....client auth = " + this.needClientAuth.value, 4);
                    this.sslEngine.setNeedClientAuth(this.needClientAuth.value);
                    if (this.protocols.value != null) {
                        StringTokenizer stringTokenizer = new StringTokenizer(this.protocols.value, ",");
                        String[] strArr = new String[stringTokenizer.countTokens()];
                        for (int i2 = 0; i2 < strArr.length; i2++) {
                            strArr[i2] = stringTokenizer.nextToken();
                        }
                        try {
                            this.sslEngine.setEnabledProtocols(strArr);
                        } catch (IllegalArgumentException e) {
                            this.trace.outln("One of the specified protocols is invalid in the provided protocols list [" + this.protocols.value + "]. Switching to default.", 2);
                        }
                    }
                    if (!this.authenticate.value) {
                        this.sslEngine.setEnabledCipherSuites(new String[]{"SSL_DH_anon_WITH_RC4_128_MD5", "TLS_DH_anon_WITH_AES_128_CBC_SHA", "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", "SSL_DH_anon_WITH_DES_CBC_SHA", "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"});
                    } else if (this.cipherSuites.value != null) {
                        StringTokenizer stringTokenizer2 = new StringTokenizer(this.cipherSuites.value, ",");
                        String[] strArr2 = new String[stringTokenizer2.countTokens()];
                        for (int i3 = 0; i3 < strArr2.length; i3++) {
                            strArr2[i3] = stringTokenizer2.nextToken();
                        }
                        try {
                            this.sslEngine.setEnabledCipherSuites(strArr2);
                        } catch (IllegalArgumentException e2) {
                            this.trace.outln("One of the specified cipher suites is invalid in the provided cipher suite list [" + this.cipherSuites.value + "]. Switching to default.", 2);
                        }
                    }
                    this.trace.outln("....enabled cipher suites", 4);
                    if (this.sslEngine.getEnabledCipherSuites().length > 0) {
                        for (int i4 = 0; i4 < this.sslEngine.getEnabledCipherSuites().length; i4++) {
                            this.trace.outln("........" + this.sslEngine.getEnabledCipherSuites()[i4], 4);
                        }
                    } else {
                        this.trace.outln("........none");
                    }
                    this.trace.outln("....enabled protocols", 4);
                    if (this.sslEngine.getEnabledProtocols().length > 0) {
                        for (int i5 = 0; i5 < this.sslEngine.getEnabledProtocols().length; i5++) {
                            this.trace.outln("........" + this.sslEngine.getEnabledProtocols()[i5], 4);
                        }
                    } else {
                        this.trace.outln("........none");
                    }
                    this.inNetBuffer = ByteBuffer.allocate(this.sslEngine.getSession().getPacketBufferSize());
                    this.outNetBuffer = (ByteBuffer) ByteBuffer.allocate(this.sslEngine.getSession().getPacketBufferSize()).limit(0);
                    this.inAppBuffer = ByteBuffer.allocate(this.sslEngine.getSession().getApplicationBufferSize());
                    this.statistics = new Statistics(this, null);
                } catch (KeyManagementException e3) {
                    throw new ENwLinkException("Failed to initialize SSL context [" + e3.getMessage() + "]");
                } catch (NoSuchAlgorithmException e4) {
                    throw new ENwLinkException("SSL protocol not available in default JSSE provider implementation");
                }
            } catch (ENwLinkException e5) {
                this.trace.outln("Trust manager factory initialization failed [" + e5.getMessage() + "]", 1);
                throw e5;
            }
        } catch (ENwLinkException e6) {
            this.trace.outln("Key manager factory initialization failed [" + e6.getMessage() + "]", 1);
            throw e6;
        }
    }

    private KeyManagerFactory initKeyManagerFactory() throws ENwLinkException {
        KeyStore keyStore = null;
        char[] cArr = null;
        if (this.keyStoreFileName.value != null) {
            try {
                this.trace.outln("Using store type '" + KeyStore.getDefaultType() + "' for key store.", 4);
                keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                try {
                    FileInputStream fileInputStream = new FileInputStream(this.keyStoreFileName.value);
                    cArr = this.keyStorePassword.value.toCharArray();
                    try {
                        try {
                            try {
                                try {
                                    keyStore.load(fileInputStream, cArr);
                                } catch (IOException e) {
                                    throw new ENwLinkException("Failure in loading keystore '" + this.keyStoreFileName.value + "' [" + e.getMessage() + "]");
                                }
                            } catch (NoSuchAlgorithmException e2) {
                                throw new ENwLinkException("Algorithm used to check the integrity of the keystore '" + this.keyStoreFileName.value + "' could not be found [" + e2.getMessage() + "]");
                            }
                        } catch (CertificateException e3) {
                            throw new ENwLinkException("A certificate could not be loaded from keystore '" + this.keyStoreFileName.value + "' [" + e3.getMessage() + "]");
                        }
                    } finally {
                        try {
                            fileInputStream.close();
                        } catch (IOException e4) {
                            this.trace.outln("Failure in closing keystore '" + this.keyStoreFileName.value + "' [" + e4.getMessage() + "]", 2);
                        }
                    }
                } catch (FileNotFoundException e5) {
                    throw new ENwLinkException("Invalid keystore file name '" + this.keyStoreFileName.value + "'");
                } catch (SecurityException e6) {
                    throw new ENwLinkException("Security exception while opening keystore '" + this.keyStoreFileName.value + "' [" + e6.getMessage() + "]");
                }
            } catch (KeyStoreException e7) {
                throw new InternalError("Keystore creation for default keystore type failed!");
            }
        }
        try {
            this.trace.outln("Using key manager algorithm '" + KeyManagerFactory.getDefaultAlgorithm() + "'", 4);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, cArr);
            return keyManagerFactory;
        } catch (KeyStoreException e8) {
            throw new ENwLinkException("Failure in initializing key manager factory [" + e8.getMessage() + "]");
        } catch (NoSuchAlgorithmException e9) {
            throw new ENwLinkException("Specified algorithm not available for specified provider in initializing key manager factory [" + e9.getMessage() + "]");
        } catch (UnrecoverableKeyException e10) {
            throw new ENwLinkException("Invalid password specified for recovering keys from the specified key store [" + e10.getMessage() + "]");
        }
    }

    private TrustManagerFactory initTrustManagerFactory() throws ENwLinkException {
        KeyStore keyStore = null;
        if (this.trustStoreFileName.value != null) {
            try {
                this.trace.outln("Using store type '" + KeyStore.getDefaultType() + "' for trust store.", 4);
                keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                try {
                    FileInputStream fileInputStream = new FileInputStream(this.trustStoreFileName.value);
                    try {
                        try {
                            try {
                                try {
                                    keyStore.load(fileInputStream, this.trustStorePassword.value == null ? null : this.trustStorePassword.value.toCharArray());
                                } catch (NoSuchAlgorithmException e) {
                                    throw new ENwLinkException("Algorithm used to check the integrity of the trust store '" + this.trustStoreFileName.value + "' could not be found [" + e.getMessage() + "]");
                                }
                            } catch (CertificateException e2) {
                                throw new ENwLinkException("A certificate could not be loaded from trust store '" + this.trustStoreFileName.value + "' [" + e2.getMessage() + "]");
                            }
                        } catch (IOException e3) {
                            throw new ENwLinkException("Failure in loading trust store '" + this.trustStoreFileName.value + "' [" + e3.getMessage() + "]");
                        }
                    } finally {
                        try {
                            fileInputStream.close();
                        } catch (IOException e4) {
                            this.trace.outln("Failure in closing trust store '" + this.trustStoreFileName.value + "' [" + e4.getMessage() + "]", 2);
                        }
                    }
                } catch (FileNotFoundException e5) {
                    throw new ENwLinkException("Invalid trust store '" + this.trustStoreFileName.value + "'");
                } catch (SecurityException e6) {
                    throw new ENwLinkException("Security exception while opening trust store '" + this.trustStoreFileName.value + "' [" + e6.getMessage() + "]");
                }
            } catch (KeyStoreException e7) {
                throw new InternalError("Keystore creation for default keystore type failed!");
            }
        }
        try {
            this.trace.outln("Using trust manager algorithm '" + TrustManagerFactory.getDefaultAlgorithm() + "'", 4);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            return trustManagerFactory;
        } catch (KeyStoreException e8) {
            throw new ENwLinkException("Failure in initializing trust manager factory [" + e8.getMessage() + "]");
        } catch (NoSuchAlgorithmException e9) {
            throw new InternalError("Trust Manager Factory creation for default algorithm failed!");
        }
    }

    private void propertyTableToProps(Properties properties) {
        this.authenticate.load(properties);
        this.keyStoreFileName.load(properties);
        this.keyStorePassword.load(properties);
        this.trustStoreFileName.load(properties);
        this.trustStorePassword.load(properties);
        this.protocols.load(properties);
        this.cipherSuites.load(properties);
        this.needClientAuth.load(properties);
        this.handshakeTimeout.load(properties);
        this.closeTimeout.load(properties);
    }

    private Properties propsToPropertyTable() {
        Properties properties = new Properties();
        this.authenticate.save(properties);
        this.keyStoreFileName.save(properties);
        this.keyStorePassword.save(properties);
        this.trustStoreFileName.save(properties);
        this.trustStorePassword.save(properties);
        this.protocols.save(properties);
        this.cipherSuites.save(properties);
        this.needClientAuth.save(properties);
        this.handshakeTimeout.save(properties);
        this.closeTimeout.save(properties);
        return properties;
    }

    private long write(ByteBuffer byteBuffer) throws ENwLinkException {
        return this.tcpLink.write(new INwLink.WriteBufferArray(new ByteBuffer[]{byteBuffer}, 0));
    }

    private int processSSLEngineClosedOnRead(int i) {
        if (this.trace.debug) {
            this.trace.debugln("Received SSL close from peer...");
        }
        if (i != 0) {
            if (this.trace.debug) {
                this.trace.debugln("Bytes have been copied to user buffer. 'End of stream' will be returning on a subsequent call to read()...");
            }
            return i;
        }
        if (!this.trace.debug) {
            return -1;
        }
        this.trace.debugln("No bytes copied to user buffer. Returning 'end of stream'...");
        return -1;
    }

    private void dumpSSLSessionInfo() {
        this.trace.outln("Handshake completed successfully. SSL Session information...", 4);
        this.trace.outln("...Negotiated cipher suite [" + this.sslEngine.getSession().getCipherSuite() + "]", 4);
        if (this.sslEngine.getSession().getLocalPrincipal() != null) {
            this.trace.outln("...Local principal [" + this.sslEngine.getSession().getLocalPrincipal().getName() + "]", 4);
        } else {
            this.trace.outln("...Local principal [Local unverified during handshake]", 4);
        }
        try {
            this.trace.outln("...Peer principal [" + this.sslEngine.getSession().getPeerPrincipal().getName() + "]", 4);
        } catch (SSLPeerUnverifiedException e) {
            this.trace.outln("...Peer principal [Peer unverified during handshake]", 4);
        }
        this.trace.outln("...Local Certificates", 4);
        Certificate[] localCertificates = this.sslEngine.getSession().getLocalCertificates();
        if (localCertificates != null) {
            for (int i = 0; i < localCertificates.length; i++) {
                this.trace.outln("......Certificate #" + i, 4);
                this.trace.outln(localCertificates[i].toString(), 4);
            }
        } else {
            this.trace.outln("......No local certificates sent to peer during handshake", 4);
        }
        this.trace.outln("...Peer Certificates", 4);
        try {
            Certificate[] peerCertificates = this.sslEngine.getSession().getPeerCertificates();
            if (peerCertificates != null) {
                for (int i2 = 0; i2 < peerCertificates.length; i2++) {
                    this.trace.outln("......Certificate #" + i2, 4);
                    this.trace.outln(peerCertificates[i2].toString(), 4);
                }
            } else {
                this.trace.outln("......No peer certificates sent to peer during handshake", 4);
            }
        } catch (SSLPeerUnverifiedException e2) {
            this.trace.outln("......Peer was unverified during handshake", 4);
        }
    }

    private int handleSSLEngineHandshakeStatus(SSLEngineResult.HandshakeStatus handshakeStatus) throws ENwLinkException {
        if (this.trace.debug) {
            this.trace.debugln("[SSL HANDSHAKE] state=" + handshakeStatus);
        }
        switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[handshakeStatus.ordinal()]) {
            case 1:
                try {
                    if (this.trace.debug) {
                        this.trace.debugln("[SSL HANDSHAKE] Beginning handshake...");
                    }
                    this.sslEngine.beginHandshake();
                    return 0;
                } catch (Exception e) {
                    this.trace.outln("Failure to begin SSL handshake [" + e.getMessage() + "].", 4);
                    throw new ENwLinkException(e);
                }
            case 2:
                break;
            case 3:
                try {
                    if (this.trace.debug) {
                        this.trace.debugln("[SSL HANDSHAKE] Reading data from link...");
                    }
                    int read = this.tcpLink.read(this.inNetBuffer);
                    if (this.trace.debug) {
                        this.trace.debugln("[SSL HANDSHAKE] Bytes read = " + read + " [pos=" + this.inNetBuffer.position() + " limit=" + this.inNetBuffer.limit() + "]...");
                    }
                    if (read < 0) {
                        throw new ENwLinkException("Underlying link was closed before SSL handshake completed");
                    }
                    this.inNetBuffer.flip();
                    if (this.trace.debug) {
                        this.trace.debugln("[SSL HANDSHAKE] Handing data to engine for unwrap [FROM pos=" + this.inNetBuffer.position() + ", limit=" + this.inNetBuffer.limit() + "] [TO pos=" + this.inAppBuffer.position() + ", limit=" + this.inAppBuffer.limit() + "]...");
                    }
                    SSLEngineResult unwrap = this.sslEngine.unwrap(this.inNetBuffer, this.inAppBuffer);
                    if (this.trace.debug) {
                        this.trace.debugln("[SSL HANDSHAKE] Unwrap complete [status=" + unwrap.getStatus() + "] [FROM pos=" + this.inNetBuffer.position() + ", limit=" + this.inNetBuffer.limit() + "] [TO pos=" + this.inAppBuffer.position() + ", limit=" + this.inAppBuffer.limit() + "]...");
                    }
                    this.inNetBuffer.compact();
                    switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[unwrap.getStatus().ordinal()]) {
                        case 1:
                            return 0;
                        case 2:
                            return 1;
                        default:
                            throw new ENwLinkException("Failure in unwrapping handshake data [" + unwrap.getStatus() + "]");
                    }
                } catch (Exception e2) {
                    this.trace.outln("Failure in read/unwrap during SSL handshake [" + e2.getMessage() + "].", 4);
                    if (e2 instanceof ENwLinkException) {
                        throw ((ENwLinkException) e2);
                    }
                    throw new ENwLinkException(e2);
                }
            case 4:
                try {
                    if (this.outNetBuffer.remaining() == 0) {
                        this.outNetBuffer.clear();
                        if (this.trace.debug) {
                            this.trace.debugln("[SSL HANDSHAKE] Handing data to engine for wrap [TO pos=" + this.outNetBuffer.position() + ", limit=" + this.outNetBuffer.limit() + "]...");
                        }
                        SSLEngineResult wrap = this.sslEngine.wrap(ByteBuffer.allocate(0), this.outNetBuffer);
                        if (this.trace.debug) {
                            this.trace.debugln("[SSL HANDSHAKE] Wrap complete [status=" + wrap.getStatus() + ", bytes=" + wrap.bytesProduced() + "]");
                        }
                        switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[wrap.getStatus().ordinal()]) {
                            case 1:
                                this.outNetBuffer.flip();
                                break;
                            default:
                                throw new ENwLinkException("Failure in wrapping handshake data [" + wrap.getStatus() + "]");
                        }
                    }
                    if (this.outNetBuffer.remaining() <= 0) {
                        if (!this.trace.debug) {
                            return 0;
                        }
                        this.trace.debugln("[SSL HANDSHAKE] No data to send.");
                        return 0;
                    }
                    if (this.trace.debug) {
                        this.trace.debugln("[SSL HANDSHAKE] Sending data [pos=" + this.outNetBuffer.position() + " limit=" + this.outNetBuffer.limit() + "]...");
                    }
                    long write = write(this.outNetBuffer);
                    if (this.trace.debug) {
                        this.trace.debugln("[SSL HANDSHAKE] Bytes sent = " + write + " [pos=" + this.outNetBuffer.position() + " limit=" + this.outNetBuffer.limit() + "]...");
                    }
                    return this.outNetBuffer.remaining() > 0 ? 2 : 0;
                } catch (Exception e3) {
                    this.trace.outln("Failure in write/wrap during SSL handshake [" + e3.getMessage() + "].", 4);
                    if (e3 instanceof ENwLinkException) {
                        throw ((ENwLinkException) e3);
                    }
                    throw new ENwLinkException(e3);
                }
            case 5:
                return 3;
            default:
                throw new ENwLinkException("Illegal SSL handshake state");
        }
        while (true) {
            try {
                Runnable delegatedTask = this.sslEngine.getDelegatedTask();
                if (delegatedTask == null) {
                    return 0;
                }
                if (this.trace.debug) {
                    this.trace.debugln("[SSL HANDSHAKE] Executing delegated task [" + delegatedTask + "]...");
                }
                delegatedTask.run();
            } catch (Exception e4) {
                this.trace.outln("Error in delegated task during SSL handshake [" + e4.getMessage() + "].", 4);
                throw new ENwLinkException(e4);
            }
        }
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:17:0x00b8. Please report as an issue. */
    /* JADX WARN: Failed to find 'out' block for switch in B:71:0x0338. Please report as an issue. */
    /* JADX WARN: Removed duplicated region for block: B:124:0x049a A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:20:0x01cd A[Catch: all -> 0x0494, TryCatch #3 {all -> 0x0494, blocks: (B:4:0x0002, B:6:0x0011, B:8:0x001b, B:9:0x0025, B:11:0x007e, B:12:0x008b, B:14:0x0096, B:52:0x00ac, B:53:0x00b6, B:17:0x00b8, B:38:0x00d4, B:40:0x00de, B:41:0x00e8, B:43:0x010b, B:25:0x0149, B:27:0x0153, B:28:0x015d, B:30:0x0180, B:18:0x01be, B:20:0x01cd, B:48:0x011a, B:49:0x0148, B:34:0x018f, B:35:0x01bd, B:55:0x01d4, B:57:0x01de, B:60:0x0235, B:64:0x0244, B:66:0x0256, B:67:0x02a9, B:69:0x02c4, B:70:0x0324, B:71:0x0338, B:77:0x035d, B:79:0x0367, B:83:0x0377, B:84:0x039b, B:88:0x03e1, B:90:0x03eb, B:91:0x0411, B:92:0x0412, B:107:0x03a4, B:109:0x03d1, B:110:0x03d6, B:111:0x03d7, B:112:0x03e0, B:113:0x0039, B:115:0x0043, B:117:0x0051, B:118:0x007d), top: B:2:0x0002, inners: #0, #1, #5, #6 }] */
    /* JADX WARN: Removed duplicated region for block: B:23:0x01d1 A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void performSSLHandshake() throws com.progress.blackbird.nwlink.ENwLinkException {
        /*
            Method dump skipped, instructions count: 1251
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.progress.blackbird.nwlink.ssl.SSLNwLink.performSSLHandshake():void");
    }

    private boolean wrapNSendSSLCloseData() throws ENwLinkException {
        try {
            if (this.outNetBuffer.remaining() == 0) {
                this.outNetBuffer.clear();
                if (this.trace.debug) {
                    this.trace.debugln("[SSL CLOSE] Handing data to engine for wrap [TO pos=" + this.outNetBuffer.position() + ", limit=" + this.outNetBuffer.limit() + "]...");
                }
                SSLEngineResult wrap = this.sslEngine.wrap(ByteBuffer.allocate(0), this.outNetBuffer);
                if (this.trace.debug) {
                    this.trace.debugln("[SSL CLOSE] Wrap complete [status=" + wrap.getStatus() + ", bytes=" + wrap.bytesProduced() + "]");
                }
                switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[wrap.getStatus().ordinal()]) {
                    case 1:
                        break;
                    case 3:
                        break;
                    default:
                        throw new ENwLinkException("Failure in wrapping close data [" + wrap.getStatus() + "]");
                }
                this.outNetBuffer.flip();
            }
            if (this.outNetBuffer.remaining() <= 0) {
                if (!this.trace.debug) {
                    return true;
                }
                this.trace.debugln("[SSL CLOSE] No data to send.");
                return true;
            }
            if (this.trace.debug) {
                this.trace.debugln("[SSL CLOSE] Sending data [pos=" + this.outNetBuffer.position() + " limit=" + this.outNetBuffer.limit() + "]...");
            }
            long write = write(this.outNetBuffer);
            if (this.trace.debug) {
                this.trace.debugln("[SSL CLOSE] Bytes sent = " + write + " [pos=" + this.outNetBuffer.position() + " limit=" + this.outNetBuffer.limit() + "]...");
            }
            return this.outNetBuffer.remaining() <= 0;
        } catch (Exception e) {
            this.trace.outln("Failure in write/wrap during SSL close [" + e.getMessage() + "].", 4);
            if (e instanceof ENwLinkException) {
                throw ((ENwLinkException) e);
            }
            throw new ENwLinkException(e);
        }
    }

    private void performSSLClose() throws ENwLinkException {
        SelectionKey selectionKey = null;
        try {
            try {
                if (!this.tcpLink.getChannel().isBlocking()) {
                    if (this.trace.debug) {
                        this.trace.debugln("[SSL CLOSE] Link is non-blocking. Registering link with selector...");
                    }
                    selectionKey = this.tcpLink.getChannel().register(Selector.open(), 0);
                } else if (this.trace.debug) {
                    this.trace.debugln("[SSL CLOSE] Link is blocking.");
                }
                this.outNetBuffer.clear().flip();
                this.sslEngine.closeOutbound();
                long currentTimeMillis = System.currentTimeMillis();
                while (!this.sslEngine.isOutboundDone()) {
                    if (System.currentTimeMillis() - currentTimeMillis >= this.closeTimeout.value * 1000) {
                        throw new ENwLinkException("SSL close timed out");
                    }
                    if (!wrapNSendSSLCloseData()) {
                        try {
                            if (this.trace.debug) {
                                this.trace.debugln("[SSL CLOSE] Waiting in select for write to be ready...");
                            }
                            selectionKey.interestOps(4);
                            selectionKey.selector().select(1000L);
                            selectionKey.interestOps(0);
                            if (this.trace.debug) {
                                this.trace.debugln("[SSL CLOSE] Out of select.");
                            }
                        } catch (Exception e) {
                            this.trace.outln("Failure in waiting to complete data write during for SSL handshake [" + e.getMessage() + "].", 4);
                            throw new ENwLinkException(e);
                        }
                    }
                }
                this.flgSSLSessionOpen = false;
                if (selectionKey != null) {
                    try {
                        if (this.trace.debug) {
                            this.trace.debugln("[SSL CLOSE] Closing selector...");
                        }
                        selectionKey.selector().close();
                    } catch (Exception e2) {
                        this.trace.outln("Failure in closing internal selector on SSL close completion [" + e2.getMessage() + "]", 2);
                    }
                }
            } catch (Exception e3) {
                this.trace.outln("Failure in switching link state for SSL close [" + e3 + "].", 4);
                throw new ENwLinkException(e3);
            }
        } catch (Throwable th) {
            if (selectionKey != null) {
                try {
                    if (this.trace.debug) {
                        this.trace.debugln("[SSL CLOSE] Closing selector...");
                    }
                    selectionKey.selector().close();
                } catch (Exception e4) {
                    this.trace.outln("Failure in closing internal selector on SSL close completion [" + e4.getMessage() + "]", 2);
                }
            }
            throw th;
        }
    }

    public static INwLink create(Integer num, String str) throws ENwLinkException {
        return new SSLNwLink(num.intValue(), TCPNwLink.create(num, str), NwLinkDescriptorParser.create(str).getProperties(), num.intValue() == 1);
    }

    @Override // com.progress.blackbird.nwlink.INwLink
    public final int getType() {
        return this.tcpLink.getType();
    }

    @Override // com.progress.blackbird.nwlink.INwLink
    public final SelectableChannel getChannel() {
        return this.tcpLink.getChannel();
    }

    @Override // com.progress.blackbird.nwlink.INwLink
    public final SelectableChannel getServerChannel() {
        return this.tcpLink.getServerChannel();
    }

    @Override // com.progress.blackbird.nwlink.INwLink
    public final INwLinkStatistics getStatistics() {
        return this.statistics;
    }

    @Override // com.progress.blackbird.nwlink.INwLink
    public final boolean connect() throws ENwLinkException {
        if (this.flgSSLSessionOpen) {
            throw new ENwLinkException("link already connected");
        }
        if (!this.tcpLink.connect()) {
            return false;
        }
        this.trace.outln("Successfully established underlying TCP link.", 4);
        try {
            this.trace.outln("Starting SSL handshake...", 4);
            performSSLHandshake();
            this.trace.outln("SSL handshake successful.", 4);
            return true;
        } catch (ENwLinkException e) {
            this.trace.outln("SSL Handshake on established link failed [" + e.getMessage() + "]. Closing underlying link and failing connect.", 1);
            try {
                this.tcpLink.close();
            } catch (ENwLinkException e2) {
                this.trace.outln("Failure in closing underlying TCP link on SSL handshake failure [" + e2.getMessage() + "]", 2);
            }
            throw e;
        }
    }

    @Override // com.progress.blackbird.nwlink.INwLink
    public final INwLink accept() throws ENwLinkException {
        INwLink accept = this.tcpLink.accept();
        SSLNwLink sSLNwLink = null;
        if (accept != null) {
            try {
                this.trace.outln("Successfully accepted underlying TCP link. Wrapping SSL link around it...", 4);
                sSLNwLink = new SSLNwLink(1, accept, propsToPropertyTable(), false);
                this.trace.outln("Starting SSL handshake...", 4);
                sSLNwLink.performSSLHandshake();
                this.trace.outln("SSL handshake successful.", 4);
            } catch (ENwLinkException e) {
                this.trace.outln("SSL Handshake on accepted link failed [" + e.getMessage() + "]. Closing accepted link.", 1);
                try {
                    accept.close();
                } catch (Exception e2) {
                    if (sSLNwLink == null) {
                        this.trace.outln("Failure in closing accepted underlying TCP link on SSL link creation failure [" + e2.getMessage() + "]", 2);
                    } else {
                        this.trace.outln("Failure in closing accepted underlying TCP link on SSL handshake failure [" + e2.getMessage() + "]", 2);
                    }
                }
                sSLNwLink = null;
            }
        }
        return sSLNwLink;
    }

    @Override // com.progress.blackbird.nwlink.INwLink
    public final int read(ByteBuffer byteBuffer) throws ENwLinkException {
        if (!this.flgSSLSessionOpen) {
            throw new ENwLinkException("link not connected");
        }
        int i = 0;
        try {
            if (this.inAppBuffer.remaining() == 0) {
                if (this.trace.debug) {
                    this.trace.debugln("Reading [pos=" + this.inNetBuffer.position() + " limit=" + this.inNetBuffer.limit() + "]...");
                }
                int read = this.tcpLink.read(this.inNetBuffer);
                if (this.trace.debug) {
                    this.trace.debugln("Read [bytes=" + read + "]...");
                }
                if (read >= 0) {
                    boolean z = true;
                    while (z) {
                        this.inNetBuffer.flip();
                        if (this.trace.debug) {
                            this.trace.debugln("Unwrapping direct [FROM pos=" + this.inNetBuffer.position() + " limit=" + this.inNetBuffer.limit() + "] [TO pos=" + byteBuffer.position() + " limit=" + byteBuffer.limit() + "]...");
                        }
                        SSLEngineResult unwrap = this.sslEngine.unwrap(this.inNetBuffer, byteBuffer);
                        if (this.trace.debug) {
                            this.trace.debugln("Unwrapped direct [status=" + unwrap.getStatus() + " consumed=" + unwrap.bytesConsumed() + " produced=" + unwrap.bytesProduced() + "] [FROM pos=" + this.inNetBuffer.position() + " limit=" + this.inNetBuffer.limit() + "] [TO pos=" + byteBuffer.position() + " limit=" + byteBuffer.limit() + "]...");
                        }
                        switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[unwrap.getStatus().ordinal()]) {
                            case 1:
                                i += unwrap.bytesProduced();
                                break;
                            case 2:
                                z = false;
                                break;
                            case 3:
                                i = processSSLEngineClosedOnRead(i);
                                z = false;
                                break;
                            case 4:
                                this.inAppBuffer.clear();
                                if (this.trace.debug) {
                                    this.trace.debugln("Unwrapping indirect [FROM pos=" + this.inNetBuffer.position() + " limit=" + this.inNetBuffer.limit() + "] [TO pos=" + this.inAppBuffer.position() + " limit=" + this.inAppBuffer.limit() + "]...");
                                }
                                SSLEngineResult unwrap2 = this.sslEngine.unwrap(this.inNetBuffer, this.inAppBuffer);
                                if (this.trace.debug) {
                                    this.trace.debugln("Unwrapped indirect [status=" + unwrap2.getStatus() + " consumed=" + unwrap2.bytesConsumed() + " produced=" + unwrap2.bytesProduced() + "] [FROM pos=" + this.inNetBuffer.position() + " limit=" + this.inNetBuffer.limit() + "] [TO pos=" + this.inAppBuffer.position() + " limit=" + this.inAppBuffer.limit() + "]...");
                                }
                                this.inAppBuffer.flip();
                                switch (AnonymousClass1.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[unwrap2.getStatus().ordinal()]) {
                                    case 1:
                                        if (this.inAppBuffer.remaining() > 0) {
                                            if (this.trace.debug) {
                                                this.trace.debugln("Produced bytes into excess buffer. Copying to user buffer");
                                            }
                                            i += read(byteBuffer);
                                            break;
                                        }
                                        break;
                                    case 2:
                                        break;
                                    case 3:
                                        i = processSSLEngineClosedOnRead(i);
                                        break;
                                    default:
                                        throw new InternalError("Unexpected SSL unwrap status [" + unwrap2 + "] in unwrapping to internal app buffer");
                                }
                                z = false;
                                break;
                        }
                        this.inNetBuffer.compact();
                    }
                } else {
                    i = read;
                    if (i < 0) {
                        if (this.trace.debug) {
                            this.trace.debugln("Peer has closed link. Closing SSL Engine inbound stream...");
                        }
                        try {
                            this.sslEngine.closeInbound();
                        } catch (Exception e) {
                            this.trace.outln("Peer has closed link but failure in closing SSL inbound stream [" + e.getMessage() + "]", 2);
                        }
                    }
                }
            } else {
                i = Math.min(this.inAppBuffer.remaining(), byteBuffer.remaining());
                if (this.trace.debug) {
                    this.trace.debugln("Excess buffer not empty [" + this.inAppBuffer.remaining() + " bytes]. Draining [bytes=" + i + "]...");
                }
                byteBuffer.put(this.inAppBuffer.array(), this.inAppBuffer.position(), i);
                this.inAppBuffer.position(this.inAppBuffer.position() + i);
            }
            if (this.trace.debug) {
                this.trace.debugln("Returning bytes read = " + i);
            }
            return i;
        } catch (Exception e2) {
            this.trace.outln("Read failed [" + e2.getMessage() + "].", 1);
            if (e2 instanceof ENwLinkException) {
                throw ((ENwLinkException) e2);
            }
            throw new ENwLinkException(e2);
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:21:0x008a A[Catch: Exception -> 0x0555, TryCatch #0 {Exception -> 0x0555, blocks: (B:5:0x0009, B:7:0x0010, B:9:0x001a, B:11:0x0024, B:13:0x0030, B:15:0x004b, B:16:0x007a, B:21:0x008a, B:23:0x00a2, B:24:0x00fc, B:26:0x0115, B:27:0x0198, B:29:0x01ad, B:32:0x01bc, B:33:0x01f1, B:35:0x01f2, B:36:0x01fe, B:37:0x0210, B:39:0x021a, B:40:0x025c, B:42:0x0270, B:43:0x029e, B:45:0x02a8, B:47:0x02b2, B:48:0x02d4, B:50:0x02f6, B:52:0x0300, B:56:0x0328, B:58:0x0332, B:61:0x0357, B:63:0x0361, B:64:0x0383, B:67:0x039d, B:68:0x03c1, B:70:0x03c5, B:74:0x03cc, B:76:0x03d6, B:72:0x03e3, B:84:0x03f0, B:86:0x03fa, B:87:0x0435, B:89:0x044c, B:90:0x046d, B:92:0x047a, B:94:0x0484, B:95:0x048e, B:97:0x04a1, B:99:0x04ab, B:100:0x04cf, B:101:0x052e, B:102:0x0500, B:104:0x050a, B:105:0x053e, B:107:0x0548), top: B:4:0x0009 }] */
    @Override // com.progress.blackbird.nwlink.INwLink
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final long write(com.progress.blackbird.nwlink.INwLink.WriteBufferArray r9) throws com.progress.blackbird.nwlink.ENwLinkException {
        /*
            Method dump skipped, instructions count: 1478
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.progress.blackbird.nwlink.ssl.SSLNwLink.write(com.progress.blackbird.nwlink.INwLink$WriteBufferArray):long");
    }

    @Override // com.progress.blackbird.nwlink.INwLink
    public final void close() throws ENwLinkException {
        if (this.flgSSLSessionOpen && getType() == 1) {
            try {
                performSSLClose();
            } catch (ENwLinkException e) {
                this.trace.outln("SSL close failed [" + e.getMessage() + "].", 2);
            }
        }
        this.tcpLink.close();
    }

    @Override // com.progress.blackbird.nwlink.NwLink, com.progress.blackbird.sys.ISysIoctl
    public final Object ioctl(String str, Object obj) throws ESysIoctlException, ENwLinkException {
        try {
            return ((ISysIoctl) this.tcpLink).ioctl(str, obj);
        } catch (Exception e) {
            if (e instanceof ENwLinkException) {
                throw ((ENwLinkException) e);
            }
            throw new ENwLinkException(e);
        }
    }
}
