package org.openeuler.sun.security.ssl;

import defpackage.b40;
import java.io.EOFException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import javax.crypto.BadPaddingException;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLProtocolException;
import org.openeuler.sun.security.ssl.SSLCipher;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes6.dex */
public final class SSLSocketInputRecord extends InputRecord implements SSLRecord {
    private boolean formatVerified;
    private ByteBuffer handshakeBuffer;
    private boolean hasHeader;
    private InputStream is;
    private OutputStream os;
    private final byte[] temporary;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLSocketInputRecord(HandshakeHash handshakeHash) {
        super(handshakeHash, SSLCipher.SSLReadCipher.nullTlsReadCipher());
        this.is = null;
        this.os = null;
        this.temporary = new byte[1024];
        this.formatVerified = false;
        this.handshakeBuffer = null;
        this.hasHeader = false;
    }

    private Plaintext[] decodeInputRecord(byte[] bArr) throws IOException, BadPaddingException {
        ByteBuffer byteBuffer;
        ByteBuffer byteBuffer2;
        SSLSocketInputRecord sSLSocketInputRecord = this;
        int i = 0;
        byte b = bArr[0];
        byte b2 = bArr[1];
        byte b3 = bArr[2];
        int i2 = ((bArr[3] & 255) << 8) + (bArr[4] & 255);
        if (SSLLogger.isOn && SSLLogger.isOn(b40.f110310oO08)) {
            SSLLogger.fine("READ: " + ProtocolVersion.nameOf(b2, b3) + " " + ContentType.nameOf(b) + ", length = " + i2, new Object[0]);
        }
        if (i2 < 0 || i2 > 33088) {
            throw new SSLProtocolException("Bad input record size, TLSCiphertext.length = " + i2);
        }
        ByteBuffer allocate = ByteBuffer.allocate(i2 + 5);
        int position = allocate.position();
        allocate.put(sSLSocketInputRecord.temporary, 0, 5);
        while (i2 > 0) {
            int min = Math.min(sSLSocketInputRecord.temporary.length, i2);
            if (read(sSLSocketInputRecord.is, sSLSocketInputRecord.temporary, 0, min) < 0) {
                throw new EOFException("SSL peer shut down incorrectly");
            }
            allocate.put(sSLSocketInputRecord.temporary, 0, min);
            i2 -= min;
        }
        allocate.flip();
        allocate.position(position + 5);
        if (SSLLogger.isOn && SSLLogger.isOn(b40.f110310oO08)) {
            SSLLogger.fine("READ: " + ProtocolVersion.nameOf(b2, b3) + " " + ContentType.nameOf(b) + ", length = " + allocate.remaining(), new Object[0]);
        }
        try {
            Plaintext decrypt = sSLSocketInputRecord.readCipher.decrypt(b, allocate, null);
            ByteBuffer byteBuffer3 = decrypt.fragment;
            byte b4 = decrypt.contentType;
            ContentType contentType = ContentType.HANDSHAKE;
            if (b4 != contentType.f36073id && (byteBuffer2 = sSLSocketInputRecord.handshakeBuffer) != null && byteBuffer2.hasRemaining()) {
                throw new SSLProtocolException("Expecting a handshake fragment, but received " + ContentType.nameOf(b4));
            }
            if (b4 != contentType.f36073id) {
                return new Plaintext[]{new Plaintext(b4, b2, b3, -1, -1L, byteBuffer3)};
            }
            ByteBuffer byteBuffer4 = sSLSocketInputRecord.handshakeBuffer;
            if (byteBuffer4 == null || byteBuffer4.remaining() == 0) {
                byteBuffer = byteBuffer3;
            } else {
                ByteBuffer wrap = ByteBuffer.wrap(new byte[sSLSocketInputRecord.handshakeBuffer.remaining() + byteBuffer3.remaining()]);
                wrap.put(sSLSocketInputRecord.handshakeBuffer);
                wrap.put(byteBuffer3);
                ByteBuffer byteBuffer5 = (ByteBuffer) wrap.rewind();
                sSLSocketInputRecord.handshakeBuffer = null;
                byteBuffer = byteBuffer5;
            }
            ArrayList arrayList = new ArrayList(5);
            while (true) {
                if (!byteBuffer.hasRemaining()) {
                    break;
                }
                int remaining = byteBuffer.remaining();
                if (remaining < 4) {
                    ByteBuffer wrap2 = ByteBuffer.wrap(new byte[remaining]);
                    sSLSocketInputRecord.handshakeBuffer = wrap2;
                    wrap2.put(byteBuffer);
                    sSLSocketInputRecord.handshakeBuffer.rewind();
                    break;
                }
                byteBuffer.mark();
                byte b5 = byteBuffer.get();
                if (!SSLHandshake.isKnown(b5)) {
                    throw new SSLProtocolException("Unknown handshake type size, Handshake.msg_type = " + (b5 & 255));
                }
                int int24 = Record.getInt24(byteBuffer);
                int i3 = SSLConfiguration.maxHandshakeMessageSize;
                if (int24 > i3) {
                    throw new SSLProtocolException("The size of the handshake message (" + int24 + ") exceeds the maximum allowed size (" + i3 + ")");
                }
                byteBuffer.reset();
                int i4 = int24 + 4;
                if (remaining < i4) {
                    ByteBuffer wrap3 = ByteBuffer.wrap(new byte[remaining]);
                    sSLSocketInputRecord.handshakeBuffer = wrap3;
                    wrap3.put(byteBuffer);
                    sSLSocketInputRecord.handshakeBuffer.rewind();
                    break;
                }
                if (remaining == i4) {
                    if (sSLSocketInputRecord.handshakeHash.isHashable(b5)) {
                        sSLSocketInputRecord.handshakeHash.receive(byteBuffer);
                    }
                    arrayList.add(new Plaintext(b4, b2, b3, -1, -1L, byteBuffer));
                } else {
                    int position2 = byteBuffer.position();
                    int limit = byteBuffer.limit();
                    int i5 = position2 + i4;
                    byteBuffer.limit(i5);
                    if (sSLSocketInputRecord.handshakeHash.isHashable(b5)) {
                        sSLSocketInputRecord.handshakeHash.receive(byteBuffer);
                    }
                    arrayList.add(new Plaintext(b4, b2, b3, -1, -1L, byteBuffer.slice()));
                    byteBuffer.position(i5);
                    byteBuffer.limit(limit);
                    sSLSocketInputRecord = this;
                    i = 0;
                }
            }
            return (Plaintext[]) arrayList.toArray(new Plaintext[i]);
        } catch (BadPaddingException e) {
            throw e;
        } catch (GeneralSecurityException e2) {
            throw ((SSLProtocolException) new SSLProtocolException("Unexpected exception").initCause(e2));
        }
    }

    private Plaintext[] handleUnknownRecord(byte[] bArr) throws IOException, BadPaddingException {
        byte b = bArr[0];
        byte b2 = bArr[2];
        int i = b & 128;
        if (i == 0 || b2 != 1) {
            if (i == 0 || b2 != 4) {
                throw new SSLException("Unsupported or unrecognized SSL message");
            }
            throw new SSLException("SSL V2.0 servers are not supported.");
        }
        ProtocolVersion protocolVersion = this.helloVersion;
        ProtocolVersion protocolVersion2 = ProtocolVersion.SSL20Hello;
        if (protocolVersion != protocolVersion2) {
            throw new SSLHandshakeException("SSLv2Hello is not enabled");
        }
        byte b3 = bArr[3];
        byte b4 = bArr[4];
        if (b3 == protocolVersion2.major && b4 == protocolVersion2.minor) {
            OutputStream outputStream = this.os;
            byte[] bArr2 = SSLRecord.v2NoCipher;
            outputStream.write(bArr2);
            if (SSLLogger.isOn) {
                if (SSLLogger.isOn(b40.f110310oO08)) {
                    SSLLogger.fine("Requested to negotiate unsupported SSLv2!", new Object[0]);
                }
                if (SSLLogger.isOn("packet")) {
                    SSLLogger.fine("Raw write", bArr2);
                }
            }
            throw new SSLException("Unsupported SSL v2.0 ClientHello");
        }
        int i2 = ((b & Byte.MAX_VALUE) << 8) | (bArr[1] & 255);
        ByteBuffer allocate = ByteBuffer.allocate(i2 + 5);
        allocate.put(this.temporary, 0, 5);
        int i3 = i2 - 3;
        while (i3 > 0) {
            int min = Math.min(this.temporary.length, i3);
            if (read(this.is, this.temporary, 0, min) < 0) {
                throw new EOFException("SSL peer shut down incorrectly");
            }
            allocate.put(this.temporary, 0, min);
            i3 -= min;
        }
        allocate.flip();
        allocate.position(2);
        this.handshakeHash.receive(allocate);
        allocate.position(0);
        ByteBuffer convertToClientHello = InputRecord.convertToClientHello(allocate);
        if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
            SSLLogger.fine("[Converted] ClientHello", convertToClientHello);
        }
        return new Plaintext[]{new Plaintext(ContentType.HANDSHAKE.f36073id, b3, b4, -1, -1L, convertToClientHello)};
    }

    private static int read(InputStream inputStream, byte[] bArr, int i, int i2) throws IOException {
        int i3 = 0;
        while (i3 < i2) {
            int i4 = i + i3;
            int read = inputStream.read(bArr, i4, i2 - i3);
            if (read < 0) {
                if (!SSLLogger.isOn || !SSLLogger.isOn("packet")) {
                    return -1;
                }
                SSLLogger.fine("Raw read: EOF", new Object[0]);
                return -1;
            }
            if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
                SSLLogger.fine("Raw read", ByteBuffer.wrap(bArr, i4, read));
            }
            i3 += read;
        }
        return i3;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.openeuler.sun.security.ssl.InputRecord
    public int bytesInCompletePacket() throws IOException {
        byte b;
        if (!this.hasHeader) {
            try {
                if (read(this.is, this.temporary, 0, 5) < 0) {
                    return -1;
                }
                this.hasHeader = true;
            } catch (EOFException unused) {
                return -1;
            }
        }
        byte[] bArr = this.temporary;
        byte b2 = bArr[0];
        if (this.formatVerified || b2 == ContentType.HANDSHAKE.f36073id || b2 == ContentType.ALERT.f36073id) {
            if (ProtocolVersion.isNegotiable(bArr[1], bArr[2], false)) {
                this.formatVerified = true;
                byte[] bArr2 = this.temporary;
                return ((bArr2[3] & 255) << 8) + (bArr2[4] & 255) + 5;
            }
            StringBuilder sb = new StringBuilder();
            sb.append("Unrecognized record version ");
            byte[] bArr3 = this.temporary;
            sb.append(ProtocolVersion.nameOf(bArr3[1], bArr3[2]));
            sb.append(" , plaintext connection?");
            throw new SSLException(sb.toString());
        }
        if ((b2 & 128) == 0 || !((b = bArr[2]) == 1 || b == 4)) {
            throw new SSLException("Unrecognized SSL message, plaintext connection?");
        }
        if (ProtocolVersion.isNegotiable(bArr[3], bArr[4], false)) {
            return ((b2 & Byte.MAX_VALUE) << 8) + (this.temporary[1] & 255) + 2;
        }
        StringBuilder sb2 = new StringBuilder();
        sb2.append("Unrecognized record version ");
        byte[] bArr4 = this.temporary;
        sb2.append(ProtocolVersion.nameOf(bArr4[3], bArr4[4]));
        sb2.append(" , plaintext connection?");
        throw new SSLException(sb2.toString());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.openeuler.sun.security.ssl.InputRecord
    public Plaintext[] decode(ByteBuffer[] byteBufferArr, int i, int i2) throws IOException, BadPaddingException {
        if (this.isClosed) {
            return null;
        }
        if (!this.hasHeader) {
            if (read(this.is, this.temporary, 0, 5) < 0) {
                throw new EOFException("SSL peer shut down incorrectly");
            }
            this.hasHeader = true;
        }
        if (!this.formatVerified) {
            this.formatVerified = true;
            byte[] bArr = this.temporary;
            byte b = bArr[0];
            if (b != ContentType.HANDSHAKE.f36073id && b != ContentType.ALERT.f36073id) {
                this.hasHeader = false;
                return handleUnknownRecord(bArr);
            }
        }
        this.hasHeader = false;
        return decodeInputRecord(this.temporary);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void deplete(boolean z) throws IOException {
        int available = this.is.available();
        if (z && available == 0) {
            this.is.read();
        }
        while (true) {
            int available2 = this.is.available();
            if (available2 == 0) {
                return;
            } else {
                this.is.skip(available2);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.openeuler.sun.security.ssl.InputRecord
    public void setDeliverStream(OutputStream outputStream) {
        this.os = outputStream;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.openeuler.sun.security.ssl.InputRecord
    public void setReceiverStream(InputStream inputStream) {
        this.is = inputStream;
    }
}
