package jdk.incubator.http.internal.common;

import java.io.ByteArrayOutputStream;
import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.nio.BufferUnderflowException;
import java.nio.ByteBuffer;
import java.security.MessageDigest;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.BiFunction;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSession;

/* loaded from: input_file:jdk/incubator/http/internal/common/SSLEngineEx.class */
public final class SSLEngineEx extends SSLEngine {
    private final SSLEngine delegate;
    private String selectedApplicationProtocol;
    private boolean unwrapHelloSeen = false;
    private boolean ourHelloSent = false;
    private ALPNHackServerBAOS alpnHackServerBAOS;
    private ALPNHackClientBAOS alpnHackClientBAOS;
    private List<String> applicationProtocols;
    private ByteBuffer bufferedWrapData;
    private static final boolean IS_JAVA8 = Utils.isJava8();
    private static final Field HANDSHAKER;
    private static final Field HANDSHAKER_PROTOCOL_VERSION;
    private static final Field HANDSHAKE_HASH;
    private static final Field HANDSHAKE_HASH_VERSION;
    private static final Field HANDSHAKE_HASH_DATA;
    private static final Field HANDSHAKE_HASH_FIN_MD;
    private static final Method HANDSHAKE_HASH_UPDATE;
    private static final Method HANDSHAKE_HASH_PROTOCOL_DETERMINED;
    private static final Method ENGINE_APP_PROTOCOL;
    private static final Method HANDSHAKE_APP_PROTOCOL;
    private static final Method HANDSHAKE_APP_PROTOCOL_SELECTOR_GET;
    private static final Method HANDSHAKE_APP_PROTOCOL_SELECTOR_SET;

    public SSLEngineEx(SSLEngine sSLEngine) {
        this.delegate = sSLEngine;
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLEngineResult unwrap(ByteBuffer byteBuffer, ByteBuffer[] byteBufferArr, int i, int i2) throws SSLException {
        if (!IS_JAVA8) {
            return this.delegate.unwrap(byteBuffer, byteBufferArr, i, i2);
        }
        if (!this.unwrapHelloSeen) {
            if (!this.delegate.getUseClientMode() && this.applicationProtocols != null) {
                try {
                    List<String> exploreClientHello = ALPNHackClientHelloExplorer.exploreClientHello(byteBuffer.duplicate());
                    if (exploreClientHello != null) {
                        Iterator<String> it = this.applicationProtocols.iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            String next = it.next();
                            if (exploreClientHello.contains(next)) {
                                this.selectedApplicationProtocol = next;
                                break;
                            }
                        }
                    }
                    this.unwrapHelloSeen = true;
                } catch (BufferUnderflowException e) {
                    return new SSLEngineResult(SSLEngineResult.Status.BUFFER_UNDERFLOW, SSLEngineResult.HandshakeStatus.NEED_UNWRAP, 0, 0);
                }
            } else if (this.delegate.getUseClientMode() && this.alpnHackClientBAOS != null) {
                if (!byteBuffer.hasRemaining()) {
                    return this.delegate.unwrap(byteBuffer, byteBufferArr, i, i2);
                }
                try {
                    ByteBuffer duplicate = byteBuffer.duplicate();
                    byte b = duplicate.get();
                    byte b2 = duplicate.get();
                    byte b3 = duplicate.get();
                    if (b == 22 && b2 == 3 && b3 == 3) {
                        List<ByteBuffer> extractRecords = ALPNHackServerHelloExplorer.extractRecords(byteBuffer.duplicate());
                        ByteBuffer byteBuffer2 = extractRecords.get(0);
                        AtomicReference atomicReference = new AtomicReference();
                        ByteBuffer duplicate2 = byteBuffer2.duplicate();
                        duplicate2.position(byteBuffer2.position() + 5);
                        ByteBuffer duplicate3 = duplicate2.duplicate();
                        byte[] removeAlpnExtensionsFromServerHello = ALPNHackServerHelloExplorer.removeAlpnExtensionsFromServerHello(duplicate2, atomicReference);
                        duplicate3.limit(duplicate2.position());
                        this.unwrapHelloSeen = true;
                        if (removeAlpnExtensionsFromServerHello != null) {
                            this.selectedApplicationProtocol = (String) atomicReference.get();
                            byte[] bArr = new byte[removeAlpnExtensionsFromServerHello.length + duplicate2.remaining()];
                            System.arraycopy(removeAlpnExtensionsFromServerHello, 0, bArr, 0, removeAlpnExtensionsFromServerHello.length);
                            duplicate2.get(bArr, removeAlpnExtensionsFromServerHello.length, duplicate2.remaining());
                            byteBuffer.position(byteBuffer.limit());
                            byte[] bArr2 = new byte[duplicate3.remaining()];
                            duplicate3.get(bArr2);
                            ByteBuffer createNewOutputRecords = ALPNHackServerHelloExplorer.createNewOutputRecords(bArr, extractRecords);
                            byteBuffer.clear();
                            byteBuffer.put(createNewOutputRecords);
                            byteBuffer.flip();
                            this.alpnHackClientBAOS.setReceivedServerHello(bArr2);
                        }
                    }
                } catch (BufferUnderflowException e2) {
                    return new SSLEngineResult(SSLEngineResult.Status.BUFFER_UNDERFLOW, SSLEngineResult.HandshakeStatus.NEED_UNWRAP, 0, 0);
                }
            }
        }
        SSLEngineResult unwrap = this.delegate.unwrap(byteBuffer, byteBufferArr, i, i2);
        if (!this.delegate.getUseClientMode() && this.selectedApplicationProtocol != null && this.alpnHackServerBAOS == null) {
            this.alpnHackServerBAOS = replaceServerByteOutput(this.delegate, this.selectedApplicationProtocol);
        }
        return unwrap;
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLEngineResult wrap(ByteBuffer[] byteBufferArr, int i, int i2, ByteBuffer byteBuffer) throws SSLException {
        byte[] serverHello;
        if (!IS_JAVA8) {
            return this.delegate.wrap(byteBufferArr, i, i2, byteBuffer);
        }
        if (this.bufferedWrapData != null) {
            int remaining = this.bufferedWrapData.remaining();
            byteBuffer.put(this.bufferedWrapData);
            this.bufferedWrapData = null;
            return new SSLEngineResult(SSLEngineResult.Status.OK, SSLEngineResult.HandshakeStatus.NEED_WRAP, 0, remaining);
        }
        int position = byteBuffer.position();
        int limit = byteBuffer.limit();
        SSLEngineResult wrap = this.delegate.wrap(byteBufferArr, i, i2, byteBuffer);
        if (!this.ourHelloSent && wrap.bytesProduced() > 0) {
            if (this.delegate.getUseClientMode() && this.applicationProtocols != null && !this.applicationProtocols.isEmpty()) {
                this.ourHelloSent = true;
                this.alpnHackClientBAOS = replaceClientByteOutput(this.delegate);
                ByteBuffer duplicate = byteBuffer.duplicate();
                duplicate.flip();
                byte[] bArr = new byte[duplicate.remaining()];
                duplicate.get(bArr);
                byte[] rewriteClientHello = ALPNHackClientHelloExplorer.rewriteClientHello(bArr, this.applicationProtocols);
                if (rewriteClientHello != null) {
                    byte[] bArr2 = new byte[rewriteClientHello.length - 5];
                    System.arraycopy(rewriteClientHello, 5, bArr2, 0, bArr2.length);
                    this.alpnHackClientBAOS.setSentClientHello(bArr2);
                    byteBuffer.clear();
                    byteBuffer.put(rewriteClientHello);
                }
            } else if (!getUseClientMode() && this.selectedApplicationProtocol != null && this.alpnHackServerBAOS != null && (serverHello = this.alpnHackServerBAOS.getServerHello()) != null) {
                byteBuffer.flip();
                ByteBuffer createNewOutputRecords = ALPNHackServerHelloExplorer.createNewOutputRecords(serverHello, ALPNHackServerHelloExplorer.extractRecords(byteBuffer));
                byteBuffer.position(position);
                byteBuffer.limit(limit);
                if (createNewOutputRecords.remaining() > byteBuffer.remaining()) {
                    int limit2 = createNewOutputRecords.limit();
                    createNewOutputRecords.limit(createNewOutputRecords.position() + byteBuffer.remaining());
                    wrap = new SSLEngineResult(wrap.getStatus(), wrap.getHandshakeStatus(), wrap.bytesConsumed(), createNewOutputRecords.remaining());
                    byteBuffer.put(createNewOutputRecords);
                    createNewOutputRecords.limit(limit2);
                    this.bufferedWrapData = createNewOutputRecords;
                } else {
                    wrap = new SSLEngineResult(wrap.getStatus(), wrap.getHandshakeStatus(), wrap.bytesConsumed(), createNewOutputRecords.remaining());
                    byteBuffer.put(createNewOutputRecords);
                }
            }
        }
        if (wrap.bytesProduced() > 0) {
            this.ourHelloSent = true;
        }
        return wrap;
    }

    public void setApplicationProtocols(String[] strArr) {
        if (strArr != null) {
            this.applicationProtocols = Arrays.asList(Arrays.copyOf(strArr, strArr.length));
        }
    }

    public String[] getApplicationProtocols() {
        return this.applicationProtocols == null ? new String[0] : (String[]) this.applicationProtocols.toArray(new String[0]);
    }

    private static ALPNHackServerBAOS replaceServerByteOutput(SSLEngine sSLEngine, String str) {
        try {
            Object obj = HANDSHAKE_HASH.get(HANDSHAKER.get(sSLEngine));
            ALPNHackServerBAOS aLPNHackServerBAOS = new ALPNHackServerBAOS(sSLEngine, ((ByteArrayOutputStream) HANDSHAKE_HASH_DATA.get(obj)).toByteArray(), str);
            HANDSHAKE_HASH_DATA.set(obj, aLPNHackServerBAOS);
            return aLPNHackServerBAOS;
        } catch (Exception e) {
            throw new Error(e);
        }
    }

    private static ALPNHackClientBAOS replaceClientByteOutput(SSLEngine sSLEngine) {
        try {
            Object obj = HANDSHAKE_HASH.get(HANDSHAKER.get(sSLEngine));
            ALPNHackClientBAOS aLPNHackClientBAOS = new ALPNHackClientBAOS(sSLEngine);
            HANDSHAKE_HASH_DATA.set(obj, aLPNHackClientBAOS);
            return aLPNHackClientBAOS;
        } catch (Exception e) {
            throw new Error(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void regenerateHashes(SSLEngine sSLEngine, ByteArrayOutputStream byteArrayOutputStream, byte[]... bArr) {
        try {
            Object obj = HANDSHAKER.get(sSLEngine);
            Object obj2 = HANDSHAKE_HASH.get(obj);
            byteArrayOutputStream.reset();
            Object obj3 = HANDSHAKER_PROTOCOL_VERSION.get(obj);
            HANDSHAKE_HASH_VERSION.set(obj2, -1);
            HANDSHAKE_HASH_PROTOCOL_DETERMINED.invoke(obj2, obj3);
            MessageDigest messageDigest = (MessageDigest) HANDSHAKE_HASH_FIN_MD.get(obj2);
            if (messageDigest != null) {
                messageDigest.reset();
            }
            for (byte[] bArr2 : bArr) {
                HANDSHAKE_HASH_UPDATE.invoke(obj2, bArr2, 0, Integer.valueOf(bArr2.length));
            }
        } catch (Exception e) {
            throw new Error(e);
        }
    }

    @Override // javax.net.ssl.SSLEngine
    public String getApplicationProtocol() {
        return IS_JAVA8 ? this.selectedApplicationProtocol : getApplicationProtocol(this.delegate);
    }

    @Override // javax.net.ssl.SSLEngine
    public String getHandshakeApplicationProtocol() {
        if (IS_JAVA8) {
            throw new UnsupportedOperationException();
        }
        return getHandshakeApplicationProtocol(this.delegate);
    }

    @Override // javax.net.ssl.SSLEngine
    public void setHandshakeApplicationProtocolSelector(BiFunction<SSLEngine, List<String>, String> biFunction) {
        if (IS_JAVA8) {
            throw new UnsupportedOperationException();
        }
        setHandshakeApplicationProtocolSelector(this.delegate, biFunction);
    }

    @Override // javax.net.ssl.SSLEngine
    public BiFunction<SSLEngine, List<String>, String> getHandshakeApplicationProtocolSelector() {
        if (IS_JAVA8) {
            throw new UnsupportedOperationException();
        }
        return getHandshakeApplicationProtocolSelector(this.delegate);
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLSession getHandshakeSession() {
        return this.delegate.getHandshakeSession();
    }

    @Override // javax.net.ssl.SSLEngine
    public void setSSLParameters(SSLParameters sSLParameters) {
        this.delegate.setSSLParameters(sSLParameters);
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLParameters getSSLParameters() {
        return this.delegate.getSSLParameters();
    }

    @Override // javax.net.ssl.SSLEngine
    public void beginHandshake() throws SSLException {
        this.delegate.beginHandshake();
    }

    @Override // javax.net.ssl.SSLEngine
    public void closeInbound() throws SSLException {
        this.delegate.closeInbound();
    }

    @Override // javax.net.ssl.SSLEngine
    public void closeOutbound() {
        this.delegate.closeOutbound();
    }

    @Override // javax.net.ssl.SSLEngine
    public Runnable getDelegatedTask() {
        return this.delegate.getDelegatedTask();
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean getEnableSessionCreation() {
        return this.delegate.getEnableSessionCreation();
    }

    @Override // javax.net.ssl.SSLEngine
    public String[] getEnabledCipherSuites() {
        return this.delegate.getEnabledCipherSuites();
    }

    @Override // javax.net.ssl.SSLEngine
    public String[] getEnabledProtocols() {
        return this.delegate.getEnabledProtocols();
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLEngineResult.HandshakeStatus getHandshakeStatus() {
        return this.delegate.getHandshakeStatus();
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean getNeedClientAuth() {
        return this.delegate.getNeedClientAuth();
    }

    @Override // javax.net.ssl.SSLEngine
    public SSLSession getSession() {
        return this.delegate.getSession();
    }

    @Override // javax.net.ssl.SSLEngine
    public String[] getSupportedCipherSuites() {
        return this.delegate.getSupportedCipherSuites();
    }

    @Override // javax.net.ssl.SSLEngine
    public String[] getSupportedProtocols() {
        return this.delegate.getSupportedProtocols();
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean getUseClientMode() {
        return this.delegate.getUseClientMode();
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean getWantClientAuth() {
        return this.delegate.getWantClientAuth();
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean isInboundDone() {
        return this.delegate.isInboundDone();
    }

    @Override // javax.net.ssl.SSLEngine
    public boolean isOutboundDone() {
        return this.delegate.isOutboundDone();
    }

    @Override // javax.net.ssl.SSLEngine
    public void setEnableSessionCreation(boolean z) {
        this.delegate.setEnableSessionCreation(z);
    }

    @Override // javax.net.ssl.SSLEngine
    public void setEnabledCipherSuites(String[] strArr) {
        this.delegate.setEnabledCipherSuites(strArr);
    }

    @Override // javax.net.ssl.SSLEngine
    public void setEnabledProtocols(String[] strArr) {
        this.delegate.setEnabledProtocols(strArr);
    }

    @Override // javax.net.ssl.SSLEngine
    public void setNeedClientAuth(boolean z) {
        this.delegate.setNeedClientAuth(z);
    }

    @Override // javax.net.ssl.SSLEngine
    public void setUseClientMode(boolean z) {
        this.delegate.setUseClientMode(z);
    }

    @Override // javax.net.ssl.SSLEngine
    public void setWantClientAuth(boolean z) {
        this.delegate.setWantClientAuth(z);
    }

    @Override // javax.net.ssl.SSLEngine
    public String getPeerHost() {
        return this.delegate.getPeerHost();
    }

    @Override // javax.net.ssl.SSLEngine
    public int getPeerPort() {
        return this.delegate.getPeerPort();
    }

    private static String getApplicationProtocol(SSLEngine sSLEngine) {
        try {
            return (String) ENGINE_APP_PROTOCOL.invoke(sSLEngine, new Object[0]);
        } catch (Exception e) {
            throw new Error(e);
        }
    }

    private static String getHandshakeApplicationProtocol(SSLEngine sSLEngine) {
        try {
            return (String) HANDSHAKE_APP_PROTOCOL.invoke(sSLEngine, new Object[0]);
        } catch (Exception e) {
            throw new Error(e);
        }
    }

    private static BiFunction<SSLEngine, List<String>, String> getHandshakeApplicationProtocolSelector(SSLEngine sSLEngine) {
        try {
            return (BiFunction) HANDSHAKE_APP_PROTOCOL_SELECTOR_GET.invoke(sSLEngine, new Object[0]);
        } catch (Exception e) {
            throw new Error(e);
        }
    }

    private static void setHandshakeApplicationProtocolSelector(SSLEngine sSLEngine, BiFunction<SSLEngine, List<String>, String> biFunction) {
        try {
            HANDSHAKE_APP_PROTOCOL_SELECTOR_SET.invoke(sSLEngine, biFunction);
        } catch (Exception e) {
            throw new Error(e);
        }
    }

    static {
        if (!IS_JAVA8) {
            try {
                ENGINE_APP_PROTOCOL = SSLEngine.class.getDeclaredMethod("getApplicationProtocol", new Class[0]);
                HANDSHAKE_APP_PROTOCOL = SSLEngine.class.getDeclaredMethod("getHandshakeApplicationProtocol", new Class[0]);
                HANDSHAKE_APP_PROTOCOL_SELECTOR_GET = SSLEngine.class.getDeclaredMethod("getHandshakeApplicationProtocolSelector", new Class[0]);
                HANDSHAKE_APP_PROTOCOL_SELECTOR_SET = SSLEngine.class.getDeclaredMethod("setHandshakeApplicationProtocolSelector", BiFunction.class);
                HANDSHAKER = null;
                HANDSHAKE_HASH = null;
                HANDSHAKE_HASH_PROTOCOL_DETERMINED = null;
                HANDSHAKE_HASH_VERSION = null;
                HANDSHAKE_HASH_UPDATE = null;
                HANDSHAKE_HASH_DATA = null;
                HANDSHAKE_HASH_FIN_MD = null;
                HANDSHAKER_PROTOCOL_VERSION = null;
                return;
            } catch (Exception e) {
                throw new Error(e);
            }
        }
        try {
            Class<?> cls = Class.forName("sun.security.ssl.ProtocolVersion", true, ClassLoader.getSystemClassLoader());
            HANDSHAKER = Class.forName("sun.security.ssl.SSLEngineImpl", true, ClassLoader.getSystemClassLoader()).getDeclaredField("handshaker");
            HANDSHAKER.setAccessible(true);
            HANDSHAKE_HASH = HANDSHAKER.getType().getDeclaredField("handshakeHash");
            HANDSHAKE_HASH.setAccessible(true);
            HANDSHAKER_PROTOCOL_VERSION = HANDSHAKER.getType().getDeclaredField("protocolVersion");
            HANDSHAKER_PROTOCOL_VERSION.setAccessible(true);
            HANDSHAKE_HASH_VERSION = HANDSHAKE_HASH.getType().getDeclaredField("version");
            HANDSHAKE_HASH_VERSION.setAccessible(true);
            HANDSHAKE_HASH_UPDATE = HANDSHAKE_HASH.getType().getDeclaredMethod("update", byte[].class, Integer.TYPE, Integer.TYPE);
            HANDSHAKE_HASH_UPDATE.setAccessible(true);
            HANDSHAKE_HASH_PROTOCOL_DETERMINED = HANDSHAKE_HASH.getType().getDeclaredMethod("protocolDetermined", cls);
            HANDSHAKE_HASH_PROTOCOL_DETERMINED.setAccessible(true);
            HANDSHAKE_HASH_DATA = HANDSHAKE_HASH.getType().getDeclaredField("data");
            HANDSHAKE_HASH_DATA.setAccessible(true);
            HANDSHAKE_HASH_FIN_MD = HANDSHAKE_HASH.getType().getDeclaredField("finMD");
            HANDSHAKE_HASH_FIN_MD.setAccessible(true);
            ENGINE_APP_PROTOCOL = null;
            HANDSHAKE_APP_PROTOCOL = null;
            HANDSHAKE_APP_PROTOCOL_SELECTOR_GET = null;
            HANDSHAKE_APP_PROTOCOL_SELECTOR_SET = null;
        } catch (Exception e2) {
            throw new Error(e2);
        }
    }
}
