package com.amazon.communication.socket.ssl;

import com.amazon.client.metrics.MetricEvent;
import com.amazon.communication.TCommMetrics;
import com.amazon.communication.socket.IncompleteIoListener;
import com.amazon.dp.logger.DPFormattedMessage;
import com.amazon.dp.logger.DPLogger;
import com.dp.utils.FailFast;
import java.io.IOException;
import java.net.Socket;
import java.net.SocketAddress;
import java.nio.ByteBuffer;
import java.nio.channels.ClosedChannelException;
import java.nio.channels.SelectableChannel;
import java.nio.channels.SelectionKey;
import java.nio.channels.Selector;
import java.nio.channels.SocketChannel;
import java.nio.channels.spi.SelectorProvider;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.concurrent.atomic.AtomicBoolean;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;

/* loaded from: classes.dex */
public class SslSocketChannel extends SocketChannel {

    /* renamed from: a, reason: collision with root package name */
    private static final int f2560a = 2;
    private final MetricEvent e;
    private final String f;
    private final AtomicBoolean g;
    private final IncompleteIoListener h;
    private final ByteBuffer i;
    private final ByteBuffer j;
    private final ByteBuffer k;
    private final Object l;
    private final SocketChannel m;
    private final SSLEngine n;
    private final SSLSession o;
    private final HostnameVerifier p;
    private final Object q;
    private static final DPLogger d = new DPLogger("TComm.SslSocketChannel");

    /* renamed from: b, reason: collision with root package name */
    private static final ByteBuffer f2561b = ByteBuffer.allocate(0);

    /* renamed from: c, reason: collision with root package name */
    private static final String[] f2562c = {"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA"};

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.amazon.communication.socket.ssl.SslSocketChannel$1, reason: invalid class name */
    /* loaded from: classes.dex */
    public static /* synthetic */ class AnonymousClass1 {

        /* renamed from: a, reason: collision with root package name */
        static final /* synthetic */ int[] f2563a = new int[SSLEngineResult.HandshakeStatus.values().length];

        /* renamed from: b, reason: collision with root package name */
        static final /* synthetic */ int[] f2564b;

        static {
            try {
                f2563a[SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                f2563a[SSLEngineResult.HandshakeStatus.FINISHED.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                f2563a[SSLEngineResult.HandshakeStatus.NEED_TASK.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                f2563a[SSLEngineResult.HandshakeStatus.NEED_UNWRAP.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                f2563a[SSLEngineResult.HandshakeStatus.NEED_WRAP.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            f2564b = new int[SSLEngineResult.Status.values().length];
            try {
                f2564b[SSLEngineResult.Status.OK.ordinal()] = 1;
            } catch (NoSuchFieldError e6) {
            }
            try {
                f2564b[SSLEngineResult.Status.CLOSED.ordinal()] = 2;
            } catch (NoSuchFieldError e7) {
            }
            try {
                f2564b[SSLEngineResult.Status.BUFFER_OVERFLOW.ordinal()] = 3;
            } catch (NoSuchFieldError e8) {
            }
            try {
                f2564b[SSLEngineResult.Status.BUFFER_UNDERFLOW.ordinal()] = 4;
            } catch (NoSuchFieldError e9) {
            }
        }
    }

    protected SslSocketChannel(SelectorProvider selectorProvider, SSLContext sSLContext, SocketChannel socketChannel, String str, int i, IncompleteIoListener incompleteIoListener, MetricEvent metricEvent, HostnameVerifier hostnameVerifier) {
        super(selectorProvider);
        this.q = new Object();
        this.l = new Object();
        this.g = new AtomicBoolean(false);
        this.f = str;
        this.e = metricEvent;
        this.n = sSLContext.createSSLEngine(str, i);
        this.n.setUseClientMode(true);
        HashSet hashSet = new HashSet(Arrays.asList(this.n.getSupportedCipherSuites()));
        ArrayList arrayList = new ArrayList();
        for (String str2 : f2562c) {
            if (hashSet.contains(str2)) {
                d.a("SslSocketChannel", "Enabled cipher suit", "name", str2);
                arrayList.add(str2);
            }
        }
        this.n.setEnabledCipherSuites((String[]) arrayList.toArray(new String[arrayList.size()]));
        this.m = socketChannel;
        this.h = incompleteIoListener;
        this.o = this.n.getSession();
        this.i = ByteBuffer.allocate(this.o.getPacketBufferSize() * 2);
        this.j = ByteBuffer.allocate(this.o.getApplicationBufferSize() * 2);
        this.k = ByteBuffer.allocate(this.o.getPacketBufferSize() * 2);
        this.j.position(this.j.limit());
        this.i.position(this.i.limit());
        this.p = hostnameVerifier;
        d.f("SslSocketChannel.constructor", "SslSocketChannel created", "SslSocketChannel", this);
    }

    private String a(ByteBuffer byteBuffer) {
        return "[" + byteBuffer.position() + "," + byteBuffer.limit() + "," + byteBuffer.capacity() + "](" + byteBuffer.remaining() + ")";
    }

    public static SocketChannel a(SSLContext sSLContext, SocketChannel socketChannel, String str, int i, IncompleteIoListener incompleteIoListener, MetricEvent metricEvent, HostnameVerifier hostnameVerifier) {
        d.f("open", "opening a new secure socket channel", "host", str, "securePort", Integer.valueOf(i));
        return new SslSocketChannel(SelectorProvider.provider(), sSLContext, socketChannel, str, i, incompleteIoListener, metricEvent, hostnameVerifier);
    }

    private void a(String str, String str2, ByteBuffer byteBuffer, Object... objArr) {
        if (d.a()) {
            Object[] objArr2 = new Object[objArr.length + 6];
            System.arraycopy(objArr, 0, objArr2, 6, objArr.length);
            objArr2[0] = "peerApp";
            objArr2[1] = a(this.j);
            objArr2[2] = "peerNet";
            objArr2[3] = a(this.k);
            objArr2[4] = "target";
            objArr2[5] = a(byteBuffer);
            d.a(str, str2, objArr2);
        }
    }

    private void a(String str, String str2, Object... objArr) {
        if (d.a()) {
            Object[] objArr2 = new Object[objArr.length + 4];
            System.arraycopy(objArr, 0, objArr2, 4, objArr.length);
            objArr2[0] = "peerApp";
            objArr2[1] = a(this.j);
            objArr2[2] = "peerNet";
            objArr2[3] = a(this.k);
            d.a(str, str2, objArr2);
        }
    }

    private void d() {
        while (true) {
            Runnable delegatedTask = this.n.getDelegatedTask();
            if (delegatedTask == null) {
                return;
            } else {
                delegatedTask.run();
            }
        }
    }

    private int e() throws IOException {
        try {
            int write = this.i.hasRemaining() ? this.m.write(this.i) : 0;
            if (this.i.hasRemaining()) {
                this.h.r();
            }
            return write;
        } catch (IOException e) {
            this.i.position(this.i.limit());
            throw e;
        }
    }

    private int f() throws IOException {
        SSLEngineResult unwrap;
        int i = -1;
        synchronized (this.l) {
            if (this.j.hasRemaining()) {
                throw new IllegalStateException("Existing unencrypted data still available for consumption: position: " + this.j.position() + ", remaining: " + this.j.remaining());
            }
            this.j.clear();
            int read = this.m.read(this.k);
            this.k.flip();
            int remaining = this.k.remaining();
            if (read != -1 || this.k.hasRemaining()) {
                do {
                    this.e.g(TCommMetrics.bn);
                    try {
                        unwrap = this.n.unwrap(this.k, this.j);
                        this.e.a(TCommMetrics.e, unwrap.bytesConsumed());
                        this.e.h(TCommMetrics.bn);
                        if (unwrap.getStatus() != SSLEngineResult.Status.OK || unwrap.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NEED_UNWRAP || unwrap.bytesProduced() != 0) {
                            break;
                        }
                    } finally {
                    }
                } while (this.k.remaining() > 0);
                if (this.j.position() == 0 && unwrap.getStatus() == SSLEngineResult.Status.OK && this.k.hasRemaining()) {
                    d.f("readAndUnwrap", "no data was produced, unwrapping once more", new Object[0]);
                    this.e.g(TCommMetrics.bn);
                    try {
                        unwrap = this.n.unwrap(this.k, this.j);
                        this.e.a(TCommMetrics.e, unwrap.bytesConsumed());
                        this.e.h(TCommMetrics.bn);
                        d.a("readAndUnwrap", "finished re-unwrap", "result", unwrap);
                    } finally {
                    }
                }
                SSLEngineResult.Status status = unwrap.getStatus();
                FailFast.a(status == SSLEngineResult.Status.BUFFER_OVERFLOW, "Unable to finish unwrap since we ran overflowed peerAppData. peerAppData Size: " + this.j.limit() + ", Encrypted contents size: " + remaining);
                if (status == SSLEngineResult.Status.CLOSED || (read == -1 && this.j.position() == 0)) {
                    a("readAndUnwrap", "Connection is being closed by peer", new Object[0]);
                    close();
                } else {
                    SSLEngineResult.HandshakeStatus handshakeStatus = unwrap.getHandshakeStatus();
                    if (c() && handshakeStatus != SSLEngineResult.HandshakeStatus.FINISHED && handshakeStatus != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                        d.b("readAndUnwrap", "SSL Hanshake renegotiation requested", "mHost", this.f);
                        throw new IOException("Received request for SSL Handshake renegotiation from: " + this.f);
                    }
                    this.k.compact();
                    this.j.flip();
                    i = this.j.remaining();
                }
            }
            return i;
        }
    }

    public SelectionKey a(Selector selector) {
        return this.m.keyFor(selector);
    }

    public SelectionKey a(Selector selector, int i, Object obj) throws ClosedChannelException {
        d.a("registerDelegate", "registering selector for operations", "interestedOperations", Integer.valueOf(i));
        return this.m.register(selector, i, obj);
    }

    public boolean a() throws IOException {
        SSLEngineResult.HandshakeStatus handshakeStatus = this.n.getHandshakeStatus();
        while (true) {
            switch (AnonymousClass1.f2563a[handshakeStatus.ordinal()]) {
                case 1:
                case 2:
                    if (!this.g.compareAndSet(false, true)) {
                        d.g("continueHandshake", "handshake finished again", new Object[0]);
                    } else {
                        if (!this.p.verify(this.f, this.n.getSession())) {
                            throw new SSLPeerUnverifiedException(DPFormattedMessage.a("continueHandshake", "Hostname could not be verified by certificate", "hostname", this.f));
                        }
                        d.a("continueHandshake", "handshake finished", "handshakeStatus", handshakeStatus);
                    }
                    this.e.h(TCommMetrics.bo);
                    return true;
                case 3:
                    d();
                    break;
                case 4:
                    int f = f();
                    if (f == -1) {
                        a("continueHandshake", "EOF reached for socket, cleaning up and abandoning handshake.", new Object[0]);
                        close();
                        throw new IOException("EOF reached for socket, cleaning up and abandoning handshake.");
                    }
                    if (f == 0 && this.n.getHandshakeStatus().equals(SSLEngineResult.HandshakeStatus.NEED_UNWRAP)) {
                        this.h.q();
                        return false;
                    }
                    break;
                case 5:
                    this.i.clear();
                    SSLEngineResult.Status status = this.n.wrap(f2561b, this.i).getStatus();
                    switch (AnonymousClass1.f2564b[status.ordinal()]) {
                        case 1:
                            this.i.flip();
                            while (this.i.hasRemaining()) {
                                if (this.m.write(this.i) < 0) {
                                    close();
                                    throw new IOException("Underlying socket found closed while writing");
                                }
                            }
                            break;
                        case 2:
                            close();
                            throw new IOException("Underlying socket found closed while writing");
                        default:
                            d.g("continueHandshake", "unhandled wrap result state", "status", status);
                            break;
                    }
                default:
                    d.g("continueHandshake", "unexpected state", "handshakeStatus", handshakeStatus);
                    throw new IllegalStateException("Unexpected state " + handshakeStatus + " during ssl handshake");
            }
            handshakeStatus = this.n.getHandshakeStatus();
        }
    }

    public boolean a(SelectableChannel selectableChannel) {
        return this.m == selectableChannel;
    }

    public void b() throws IOException {
        synchronized (this.q) {
            e();
        }
    }

    public boolean c() {
        return this.g.get();
    }

    @Override // java.nio.channels.SocketChannel
    public boolean connect(SocketAddress socketAddress) throws IOException {
        return this.m.connect(socketAddress);
    }

    @Override // java.nio.channels.SocketChannel
    public boolean finishConnect() throws IOException {
        boolean finishConnect = this.m.finishConnect();
        if (!finishConnect) {
            throw new IOException("Unable to finish connection to peer");
        }
        this.e.h(TCommMetrics.bw);
        this.e.g(TCommMetrics.bo);
        d.f("finishConnect", "beginning SSL handshake.", new Object[0]);
        this.n.beginHandshake();
        a();
        return finishConnect;
    }

    /* JADX WARN: Removed duplicated region for block: B:9:0x0029 A[Catch: all -> 0x0066, TryCatch #0 {, blocks: (B:3:0x0001, B:4:0x000b, B:6:0x0013, B:7:0x0021, B:9:0x0029, B:13:0x005e, B:14:0x0065, B:18:0x006c), top: B:2:0x0001 }] */
    @Override // java.nio.channels.spi.AbstractSelectableChannel
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected void implCloseSelectableChannel() throws java.io.IOException {
        /*
            r7 = this;
            monitor-enter(r7)
            javax.net.ssl.SSLEngine r0 = r7.n     // Catch: java.lang.Throwable -> L66
            r0.closeOutbound()     // Catch: java.lang.Throwable -> L66
            java.nio.ByteBuffer r0 = r7.i     // Catch: java.lang.Throwable -> L66
            r0.compact()     // Catch: java.lang.Throwable -> L66
        Lb:
            javax.net.ssl.SSLEngine r0 = r7.n     // Catch: java.lang.Throwable -> L66
            boolean r0 = r0.isOutboundDone()     // Catch: java.lang.Throwable -> L66
            if (r0 != 0) goto L6c
            javax.net.ssl.SSLEngine r0 = r7.n     // Catch: java.lang.Throwable -> L66
            java.nio.ByteBuffer r1 = com.amazon.communication.socket.ssl.SslSocketChannel.f2561b     // Catch: java.lang.Throwable -> L66
            java.nio.ByteBuffer r2 = r7.i     // Catch: java.lang.Throwable -> L66
            r0.wrap(r1, r2)     // Catch: java.lang.Throwable -> L66
            java.nio.ByteBuffer r0 = r7.i     // Catch: java.lang.Throwable -> L66
            r0.flip()     // Catch: java.lang.Throwable -> L66
        L21:
            java.nio.ByteBuffer r0 = r7.i     // Catch: java.lang.Throwable -> L66
            boolean r0 = r0.hasRemaining()     // Catch: java.lang.Throwable -> L66
            if (r0 == 0) goto Lb
            java.nio.channels.SocketChannel r0 = r7.m     // Catch: java.lang.Throwable -> L66
            java.nio.ByteBuffer r1 = r7.i     // Catch: java.lang.Throwable -> L66
            int r0 = r0.write(r1)     // Catch: java.lang.Throwable -> L66
            com.amazon.dp.logger.DPLogger r1 = com.amazon.communication.socket.ssl.SslSocketChannel.d     // Catch: java.lang.Throwable -> L66
            java.lang.String r2 = "implCloseSelectableChannel"
            java.lang.String r3 = "wrote to socket channel"
            r4 = 4
            java.lang.Object[] r4 = new java.lang.Object[r4]     // Catch: java.lang.Throwable -> L66
            r5 = 0
            java.lang.String r6 = "remaining"
            r4[r5] = r6     // Catch: java.lang.Throwable -> L66
            r5 = 1
            java.nio.ByteBuffer r6 = r7.i     // Catch: java.lang.Throwable -> L66
            int r6 = r6.remaining()     // Catch: java.lang.Throwable -> L66
            java.lang.Integer r6 = java.lang.Integer.valueOf(r6)     // Catch: java.lang.Throwable -> L66
            r4[r5] = r6     // Catch: java.lang.Throwable -> L66
            r5 = 2
            java.lang.String r6 = "bytes written"
            r4[r5] = r6     // Catch: java.lang.Throwable -> L66
            r5 = 3
            java.lang.Integer r6 = java.lang.Integer.valueOf(r0)     // Catch: java.lang.Throwable -> L66
            r4[r5] = r6     // Catch: java.lang.Throwable -> L66
            r1.f(r2, r3, r4)     // Catch: java.lang.Throwable -> L66
            r1 = -1
            if (r0 != r1) goto L69
            java.io.IOException r0 = new java.io.IOException     // Catch: java.lang.Throwable -> L66
            java.lang.String r1 = "Underlying socket channel was closed before shutting down ssl engine"
            r0.<init>(r1)     // Catch: java.lang.Throwable -> L66
            throw r0     // Catch: java.lang.Throwable -> L66
        L66:
            r0 = move-exception
            monitor-exit(r7)
            throw r0
        L69:
            if (r0 != 0) goto L21
            goto L21
        L6c:
            java.nio.channels.SocketChannel r0 = r7.m     // Catch: java.lang.Throwable -> L66
            r0.close()     // Catch: java.lang.Throwable -> L66
            monitor-exit(r7)
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.amazon.communication.socket.ssl.SslSocketChannel.implCloseSelectableChannel():void");
    }

    @Override // java.nio.channels.spi.AbstractSelectableChannel
    protected void implConfigureBlocking(boolean z) throws IOException {
        this.m.configureBlocking(z);
    }

    @Override // java.nio.channels.SocketChannel
    public boolean isConnected() {
        return this.m.isConnected();
    }

    @Override // java.nio.channels.SocketChannel
    public boolean isConnectionPending() {
        return this.m.isConnectionPending();
    }

    @Override // java.nio.channels.SocketChannel, java.nio.channels.ReadableByteChannel
    public int read(ByteBuffer byteBuffer) throws IOException {
        int f;
        int i = 0;
        synchronized (this.l) {
            if (this.n.isInboundDone()) {
                d.a("read", "EOF reached", new Object[0]);
                return -1;
            }
            while (byteBuffer.hasRemaining()) {
                if (!this.j.hasRemaining() && ((f = f()) == -1 || f == 0)) {
                    return i > 0 ? i : f;
                }
                int i2 = i;
                int min = Math.min(this.j.remaining(), byteBuffer.remaining());
                while (min > 0) {
                    byteBuffer.put(this.j.get());
                    min--;
                    i2++;
                }
                i = i2;
            }
            return i;
        }
    }

    @Override // java.nio.channels.SocketChannel, java.nio.channels.ScatteringByteChannel
    public long read(ByteBuffer[] byteBufferArr, int i, int i2) throws IOException {
        throw new UnsupportedOperationException();
    }

    @Override // java.nio.channels.SocketChannel
    public Socket socket() {
        return this.m.socket();
    }

    public String toString() {
        return "SslSocketChannel netData size: " + this.i.capacity() + ", peerAppData size: " + this.j.capacity() + ", peerNetData size: " + this.k.capacity();
    }

    @Override // java.nio.channels.SocketChannel, java.nio.channels.WritableByteChannel
    public int write(ByteBuffer byteBuffer) throws IOException {
        int i = 0;
        synchronized (this.q) {
            if (byteBuffer.remaining() == 0) {
                d.d("write", "0-byte write attempted", new Object[0]);
            } else if (this.i.hasRemaining()) {
                d.g("write", "There is still encrypted data waiting to be flushed. Attempting to flush it now.", "mMyNetData", this.i);
                e();
            } else {
                this.i.clear();
                this.e.g(TCommMetrics.br);
                try {
                    SSLEngineResult wrap = this.n.wrap(byteBuffer, this.i);
                    this.e.a(TCommMetrics.f, wrap.bytesConsumed());
                    this.e.h(TCommMetrics.br);
                    this.i.flip();
                    e();
                    i = wrap.bytesConsumed();
                } catch (Throwable th) {
                    this.e.h(TCommMetrics.br);
                    throw th;
                }
            }
        }
        return i;
    }

    @Override // java.nio.channels.SocketChannel, java.nio.channels.GatheringByteChannel
    public long write(ByteBuffer[] byteBufferArr, int i, int i2) throws IOException {
        if (i < 0 || i2 < 0 || i + i2 > byteBufferArr.length) {
            throw new IllegalArgumentException("Invalid offset: " + i + " and/or length: " + i2 + ". Sources length: " + byteBufferArr.length);
        }
        synchronized (this.q) {
            if (this.i.hasRemaining()) {
                d.g("write(ByteBuffer[])", "There is still encrypted data waiting to be flushed. Attempting to flush it now.", "mMyNetData", this.i);
                e();
                return 0L;
            }
            this.i.clear();
            this.e.g(TCommMetrics.br);
            try {
                SSLEngineResult wrap = this.n.wrap(byteBufferArr, i, i2, this.i);
                this.e.a(TCommMetrics.f, wrap.bytesConsumed());
                this.e.h(TCommMetrics.br);
                this.i.flip();
                e();
                return wrap.bytesConsumed();
            } catch (Throwable th) {
                this.e.h(TCommMetrics.br);
                throw th;
            }
        }
    }
}
