package com.certicom.tls.record;

import com.certicom.locale.Resources;
import com.certicom.tls.ciphersuite.CryptoNames;
import com.certicom.tls.interfaceimpl.ProtocolVersion;
import com.certicom.tls.interfaceimpl.ProtocolVersions;
import com.certicom.tls.interfaceimpl.TLSConnectionImpl;
import com.certicom.tls.provider.Cipher;
import com.certicom.tls.provider.Mac;
import com.certicom.tls.record.alert.Alert;
import com.certicom.tls.record.handshake.HandshakeHandler;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InterruptedIOException;
import javax.net.ssl.impl.SSLSocketImpl;
import weblogic.security.utils.SSLIOContext;
import weblogic.security.utils.SSLIOContextTable;
import weblogic.security.utils.SSLSetup;

/* loaded from: input_file:weblogic.jar:com/certicom/tls/record/ReadHandler.class */
public final class ReadHandler extends InputStream implements ProtocolVersions {
    private TLSConnectionImpl connection;
    private InputStream in;
    private SSLIOContext sslIOCtx;
    private boolean closed = false;
    private byte[] dataBuffer = new byte[0];
    private int dataBufferLen = 0;
    private CryptoRecordState cryptoRecordState = new CryptoRecordState();

    public SSLIOContext getSSLIOContext() {
        return this.sslIOCtx;
    }

    public ReadHandler(TLSConnectionImpl tLSConnectionImpl, InputStream inputStream) {
        this.sslIOCtx = null;
        this.sslIOCtx = SSLIOContextTable.findContext(inputStream);
        this.connection = tLSConnectionImpl;
        this.in = inputStream;
    }

    @Override // java.io.InputStream
    public int available() throws IOException {
        SSLSetup.debug(3, new StringBuffer().append("avalable(): ").append(hashCode()).append(" : ").append(this.dataBufferLen).append(" + ").append(this.in.available()).append(" = ").append(this.dataBufferLen + this.in.available()).toString());
        return this.dataBufferLen + this.in.available();
    }

    @Override // java.io.InputStream, java.io.Closeable, java.lang.AutoCloseable
    public void close() {
        SSLSetup.debug(3, new StringBuffer().append("close(): ").append(hashCode()).toString());
        this.closed = true;
    }

    public void setCryptoRecordState(CryptoRecordState cryptoRecordState) {
        this.cryptoRecordState = cryptoRecordState;
    }

    public CryptoRecordState getCryptoRecordState() {
        return this.cryptoRecordState;
    }

    @Override // java.io.InputStream
    public int read() throws IOException {
        synchronized (this) {
            SSLSetup.debug(3, new StringBuffer().append("read(): ").append(hashCode()).toString());
            byte[] bArr = new byte[1];
            if (read(bArr) == -1) {
                return -1;
            }
            return bArr[0] & 255;
        }
    }

    @Override // java.io.InputStream
    public int read(byte[] bArr) throws IOException {
        int read;
        synchronized (this) {
            SSLSetup.debug(3, new StringBuffer().append("read(byte []): ").append(hashCode()).toString());
            read = read(bArr, 0, bArr.length);
        }
        return read;
    }

    @Override // java.io.InputStream
    public int read(byte[] bArr, int i, int i2) throws IOException {
        synchronized (this) {
            SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" read( offset: ").append(i).append(" length: ").append(i2).append(" )").toString());
            if (bArr == null) {
                throw new NullPointerException();
            }
            if (i < 0 || i2 < 0 || i + i2 > bArr.length) {
                throw new IndexOutOfBoundsException();
            }
            if (i2 == 0) {
                return 0;
            }
            if (this.closed) {
                SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" read returns -1").toString());
                return -1;
            }
            do {
                try {
                    try {
                        if (this.dataBufferLen > 0) {
                            SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" read databufferLen ").append(this.dataBufferLen).toString());
                            if (i2 > this.dataBufferLen) {
                                int i3 = this.dataBufferLen;
                                System.arraycopy(this.dataBuffer, 0, bArr, i, i3);
                                this.dataBufferLen = 0;
                                SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" read A returns ").append(i3).toString());
                                return i3;
                            }
                            System.arraycopy(this.dataBuffer, 0, bArr, i, i2);
                            System.arraycopy(this.dataBuffer, i2, this.dataBuffer, 0, this.dataBufferLen - i2);
                            this.dataBufferLen -= i2;
                            SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" read B returns ").append(i2).toString());
                            return i2;
                        }
                        synchronized (this.connection) {
                            if (!this.connection.isHandshakeComplete()) {
                                this.connection.completeHandshake();
                            }
                        }
                        if (readRecord() == -1) {
                            SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" readRecord returns -1").toString());
                            return -1;
                        }
                    } catch (InterruptedIOException e) {
                        SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" Rethrowing InterruptedIOException").toString());
                        throw e;
                    }
                } catch (IOException e2) {
                    this.connection.getProtocolVersion();
                    if (this.connection.getProtocolVersion().equals(ProtocolVersions.SSL20)) {
                        if (!this.connection.isHandshakeComplete()) {
                            this.connection.getSessionImpl().invalidate();
                        }
                    } else if (!this.connection.isCloseNotifyReceived()) {
                        this.connection.getSessionImpl().invalidate();
                    }
                    if (this.sslIOCtx != null && this.sslIOCtx.isMuxerActivated() && !this.sslIOCtx.hasSSLRecord()) {
                        SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" Muxer is activated, no SSL record available, so close now").toString());
                        this.connection.setWaitForCloseNotify(false);
                        this.connection.close();
                    }
                    throw e2;
                }
            } while (!this.closed);
            SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" closed by last read").toString());
            return -1;
        }
    }

    public void readUntilHandshakeComplete() throws IOException {
        while (!this.connection.isHandshakeComplete()) {
            if (readRecord() == -1) {
                close();
                this.connection.getProtocolVersion();
                if (this.connection.getProtocolVersion().equals(ProtocolVersions.SSL20)) {
                    if (!this.connection.isHandshakeComplete()) {
                        this.connection.getSessionImpl().invalidate();
                    }
                } else if (!this.connection.isCloseNotifyReceived()) {
                    this.connection.getSessionImpl().invalidate();
                }
                String failureDetails = this.connection.getFailureDetails();
                throw new IOException(failureDetails != null ? failureDetails : Resources.getMessage("236"));
            }
        }
    }

    private int readRecord() throws IOException {
        byte[] readBytesLength16;
        int i = 0;
        int i2 = 0;
        int i3 = 0;
        Cipher cipher = this.cryptoRecordState.getCipher();
        Mac mac = this.cryptoRecordState.getMac();
        InputStream inputStream = this.in;
        if (this.sslIOCtx != null) {
            if (this.sslIOCtx.isMuxerActivated() && !this.sslIOCtx.hasSSLRecord()) {
                throw new InterruptedIOException();
            }
            if (this.sslIOCtx.getMuxerIS() != null) {
                inputStream = this.sslIOCtx.getMuxerIS();
            }
        }
        int readUInt8 = Util.readUInt8(inputStream);
        HandshakeHandler handshakeHandler = this.connection.getHandshakeHandler();
        ProtocolVersion protocolVersion = this.connection.getProtocolVersion();
        ProtocolVersion protocolVersion2 = null;
        SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" readRecord()").toString());
        if (readUInt8 == -1) {
            return -1;
        }
        if ((readUInt8 & 128) == 128) {
            SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" SSL Version 2 with no padding").toString());
            readBytesLength16 = new byte[((readUInt8 & 127) << 8) | Util.readUInt8(inputStream)];
            Util.readFully(readBytesLength16, inputStream);
        } else {
            i3 = readUInt8;
            i = Util.readUInt8(inputStream);
            i2 = Util.readUInt8(inputStream);
            try {
                protocolVersion2 = new ProtocolVersion(i, i2);
            } catch (IllegalArgumentException e) {
                SSLSetup.debug(1, new StringBuffer().append(hashCode()).append(" SSL Version data invalid").toString());
                int matchPlainText = SSLSetup.matchPlainText(readUInt8, i, i2, inputStream);
                SSLSocketImpl sSLSocketImpl = (SSLSocketImpl) this.sslIOCtx.getSSLSocket();
                switch (matchPlainText) {
                    case 0:
                    case 1:
                    case 2:
                        SSLSetup.logPlaintextProtocolClientError(sSLSocketImpl, matchPlainText);
                        this.connection.drop();
                        SSLSetup.debug(1, new StringBuffer().append(hashCode()).append(" Throwing InterruptedIOException to handle drop").toString());
                        throw new InterruptedIOException();
                    default:
                        SSLSetup.logProtocolVersionError(sSLSocketImpl);
                        fireAlert(new Alert(2, 70));
                        break;
                }
            }
            readBytesLength16 = Util.readBytesLength16(inputStream);
            if (i3 == 23 && !protocolVersion2.equals(protocolVersion)) {
                fireAlert(new Alert(2, 70));
            }
        }
        byte[] processWithFragmentLimit = (SSLSetup.getOverrideSSLFragmentSizeEnabled() && cipher.getTransformation().startsWith(CryptoNames.DES)) ? processWithFragmentLimit(cipher, readBytesLength16) : cipher.update(readBytesLength16);
        int macLength = mac.getMacLength();
        int length = processWithFragmentLimit.length - macLength;
        if (cipher.getBlockSize() > 1) {
            length -= processWithFragmentLimit[processWithFragmentLimit.length - 1] + 1;
        }
        if (protocolVersion.getMajor() == 3) {
            SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" SSL3/TLS MAC").toString());
            mac.update(this.cryptoRecordState.getSequenceNumber());
            mac.update(Util.toUInt8(i3));
            if (protocolVersion.equals(ProtocolVersions.TLS10)) {
                mac.update(Util.toUInt8(i));
                mac.update(Util.toUInt8(i2));
            }
            mac.update(Util.toUInt16(length));
            mac.update(processWithFragmentLimit, 0, length);
            byte[] doFinal = mac.doFinal();
            for (int i4 = 0; i4 < macLength; i4++) {
                if (processWithFragmentLimit[i4 + length] != doFinal[i4]) {
                    fireAlert(new Alert(2, 20));
                }
            }
        } else {
            SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" SSL Version 2 MAC").toString());
            byte[] bArr = new byte[length];
            byte[] bArr2 = new byte[macLength];
            System.arraycopy(processWithFragmentLimit, 0, bArr2, 0, macLength);
            System.arraycopy(processWithFragmentLimit, macLength, bArr, 0, length);
            mac.update(bArr);
            mac.update(this.cryptoRecordState.getSSL2SequenceNumber());
            processWithFragmentLimit = bArr;
            byte[] doFinal2 = mac.doFinal();
            for (int i5 = 0; i5 < macLength; i5++) {
                if (bArr2[i5] != doFinal2[i5]) {
                    handshakeHandler.fireSSL2ErrorException("Mac verify failed");
                }
            }
        }
        this.cryptoRecordState.incrementSequenceNumber();
        interpretContent(processWithFragmentLimit, length, i3, protocolVersion2);
        return 0;
    }

    private void interpretContent(byte[] bArr, int i, int i2, ProtocolVersion protocolVersion) throws IOException {
        HandshakeHandler handshakeHandler = this.connection.getHandshakeHandler();
        if (this.connection.returnDebugFlag()) {
            System.out.print("\nAttempting to read ");
            Util.PrintDebugMessage(bArr, 2, i2, bArr.length);
            if (i2 == 22 || i2 == 0) {
                System.out.print("Message was: ");
            } else {
                System.out.println("End read");
            }
        }
        switch (i2) {
            case 0:
                SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" received SSL_20_RECORD").toString());
                if (!this.connection.isHandshakeComplete()) {
                    handshakeHandler.handleVersion2HandshakeMessages(bArr);
                    return;
                }
                byte[] bArr2 = new byte[i + this.dataBufferLen];
                System.arraycopy(this.dataBuffer, 0, bArr2, 0, this.dataBufferLen);
                System.arraycopy(bArr, 0, bArr2, this.dataBufferLen, i);
                this.dataBuffer = bArr2;
                this.dataBufferLen = i + this.dataBufferLen;
                return;
            case 20:
                SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" received CHANGE_CIPHER_SPEC").toString());
                handshakeHandler.handleChangeCipherSpec();
                return;
            case 21:
                SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" received ALERT").toString());
                this.connection.getAlertHandler().handleAlertMessages(new ByteArrayInputStream(bArr, 0, i));
                return;
            case 22:
                SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" received HANDSHAKE").toString());
                handshakeHandler.handleHandshakeMessages(bArr, i, protocolVersion);
                return;
            case 23:
                SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" received APPLICATION_DATA").toString());
                if (!this.connection.isHandshakeComplete()) {
                    fireAlert(new Alert(2, 47));
                }
                SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" APPDATA databufferLen ").append(this.dataBufferLen).toString());
                SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" APPDATA contentLength ").append(i).toString());
                byte[] bArr3 = new byte[i + this.dataBufferLen];
                System.arraycopy(this.dataBuffer, 0, bArr3, 0, this.dataBufferLen);
                System.arraycopy(bArr, 0, bArr3, this.dataBufferLen, i);
                this.dataBuffer = bArr3;
                this.dataBufferLen = i + this.dataBufferLen;
                return;
            default:
                SSLSetup.debug(3, new StringBuffer().append(hashCode()).append(" received DECODE_ERROR").toString());
                fireAlert(new Alert(2, 50));
                return;
        }
    }

    private void fireAlert(Alert alert) throws IOException {
        if (this.connection.fireAlertSent(alert).isIgnored()) {
            return;
        }
        this.connection.close();
    }

    private byte[] processWithFragmentLimit(Cipher cipher, byte[] bArr) throws IOException {
        int overrideSSLFragmentSize = SSLSetup.getOverrideSSLFragmentSize();
        if (bArr.length <= overrideSSLFragmentSize) {
            return cipher.update(bArr);
        }
        int i = 0;
        int length = bArr.length;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        while (length > 0) {
            int i2 = length <= overrideSSLFragmentSize ? length : overrideSSLFragmentSize;
            byteArrayOutputStream.write(cipher.update(bArr, i, i2));
            length -= i2;
            i += i2;
        }
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.close();
        return byteArray;
    }
}
