package org.openjsse.sun.security.ssl;

import java.io.IOException;
import java.nio.ByteBuffer;
import java.util.Iterator;
import java.util.LinkedList;
import javax.net.ssl.SSLHandshakeException;
import org.openjsse.sun.security.ssl.SSLCipher;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:jre/lib/ext/openjsse.jar:org/openjsse/sun/security/ssl/DTLSOutputRecord.class */
public final class DTLSOutputRecord extends OutputRecord implements DTLSRecord {
    private DTLSFragmenter fragmenter;
    int writeEpoch;
    int prevWriteEpoch;
    Authenticator prevWriteAuthenticator;
    SSLCipher.SSLWriteCipher prevWriteCipher;
    private volatile boolean isCloseWaiting;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:jre/lib/ext/openjsse.jar:org/openjsse/sun/security/ssl/DTLSOutputRecord$DTLSFragmenter.class */
    public final class DTLSFragmenter {
        private final LinkedList<RecordMemo> handshakeMemos;
        private int acquireIndex;
        private int messageSequence;
        private boolean flightIsReady;
        private int retransmits;

        private DTLSFragmenter() {
            this.handshakeMemos = new LinkedList<>();
            this.acquireIndex = 0;
            this.messageSequence = 0;
            this.flightIsReady = false;
            this.retransmits = 2;
        }

        void queueUpHandshake(byte[] bArr, int i, int i2) throws IOException {
            if (this.flightIsReady) {
                this.handshakeMemos.clear();
                this.acquireIndex = 0;
                this.flightIsReady = false;
            }
            HandshakeMemo handshakeMemo = new HandshakeMemo();
            handshakeMemo.contentType = ContentType.HANDSHAKE.id;
            handshakeMemo.majorVersion = DTLSOutputRecord.this.protocolVersion.major;
            handshakeMemo.minorVersion = DTLSOutputRecord.this.protocolVersion.minor;
            handshakeMemo.encodeEpoch = DTLSOutputRecord.this.writeEpoch;
            handshakeMemo.encodeCipher = DTLSOutputRecord.this.writeCipher;
            handshakeMemo.handshakeType = bArr[i];
            int i3 = this.messageSequence;
            this.messageSequence = i3 + 1;
            handshakeMemo.messageSequence = i3;
            handshakeMemo.acquireOffset = 0;
            handshakeMemo.fragment = new byte[i2 - 4];
            System.arraycopy(bArr, i + 4, handshakeMemo.fragment, 0, i2 - 4);
            handshakeHashing(handshakeMemo, handshakeMemo.fragment);
            this.handshakeMemos.add(handshakeMemo);
            if (handshakeMemo.handshakeType == SSLHandshake.CLIENT_HELLO.id || handshakeMemo.handshakeType == SSLHandshake.HELLO_REQUEST.id || handshakeMemo.handshakeType == SSLHandshake.HELLO_VERIFY_REQUEST.id || handshakeMemo.handshakeType == SSLHandshake.SERVER_HELLO_DONE.id || handshakeMemo.handshakeType == SSLHandshake.FINISHED.id) {
                this.flightIsReady = true;
            }
        }

        void queueUpChangeCipherSpec() {
            if (this.flightIsReady) {
                this.handshakeMemos.clear();
                this.acquireIndex = 0;
                this.flightIsReady = false;
            }
            RecordMemo recordMemo = new RecordMemo();
            recordMemo.contentType = ContentType.CHANGE_CIPHER_SPEC.id;
            recordMemo.majorVersion = DTLSOutputRecord.this.protocolVersion.major;
            recordMemo.minorVersion = DTLSOutputRecord.this.protocolVersion.minor;
            recordMemo.encodeEpoch = DTLSOutputRecord.this.writeEpoch;
            recordMemo.encodeCipher = DTLSOutputRecord.this.writeCipher;
            recordMemo.fragment = new byte[1];
            recordMemo.fragment[0] = 1;
            this.handshakeMemos.add(recordMemo);
        }

        void queueUpAlert(byte b, byte b2) throws IOException {
            RecordMemo recordMemo = new RecordMemo();
            recordMemo.contentType = ContentType.ALERT.id;
            recordMemo.majorVersion = DTLSOutputRecord.this.protocolVersion.major;
            recordMemo.minorVersion = DTLSOutputRecord.this.protocolVersion.minor;
            recordMemo.encodeEpoch = DTLSOutputRecord.this.writeEpoch;
            recordMemo.encodeCipher = DTLSOutputRecord.this.writeCipher;
            recordMemo.fragment = new byte[2];
            recordMemo.fragment[0] = b;
            recordMemo.fragment[1] = b2;
            this.handshakeMemos.add(recordMemo);
        }

        Ciphertext acquireCiphertext(ByteBuffer byteBuffer) throws IOException {
            int min;
            if (isEmpty()) {
                if (!isRetransmittable()) {
                    return null;
                }
                setRetransmission();
            }
            RecordMemo recordMemo = this.handshakeMemos.get(this.acquireIndex);
            HandshakeMemo handshakeMemo = null;
            if (recordMemo.contentType == ContentType.HANDSHAKE.id) {
                handshakeMemo = (HandshakeMemo) recordMemo;
            }
            int calculateFragmentSize = DTLSOutputRecord.this.calculateFragmentSize(DTLSOutputRecord.this.packetSize > 0 ? Math.min(recordMemo.encodeCipher.calculateFragmentSize(Math.min(DTLSRecord.maxRecordSize, DTLSOutputRecord.this.packetSize), 25), 16384) : 16384);
            int position = byteBuffer.position();
            int limit = byteBuffer.limit();
            int explicitNonceSize = position + 13 + recordMemo.encodeCipher.getExplicitNonceSize();
            byteBuffer.position(explicitNonceSize);
            if (handshakeMemo != null) {
                min = Math.min(calculateFragmentSize, handshakeMemo.fragment.length - handshakeMemo.acquireOffset);
                byteBuffer.put(handshakeMemo.handshakeType);
                byteBuffer.put((byte) ((handshakeMemo.fragment.length >> 16) & 255));
                byteBuffer.put((byte) ((handshakeMemo.fragment.length >> 8) & 255));
                byteBuffer.put((byte) (handshakeMemo.fragment.length & 255));
                byteBuffer.put((byte) ((handshakeMemo.messageSequence >> 8) & 255));
                byteBuffer.put((byte) (handshakeMemo.messageSequence & 255));
                byteBuffer.put((byte) ((handshakeMemo.acquireOffset >> 16) & 255));
                byteBuffer.put((byte) ((handshakeMemo.acquireOffset >> 8) & 255));
                byteBuffer.put((byte) (handshakeMemo.acquireOffset & 255));
                byteBuffer.put((byte) ((min >> 16) & 255));
                byteBuffer.put((byte) ((min >> 8) & 255));
                byteBuffer.put((byte) (min & 255));
                byteBuffer.put(handshakeMemo.fragment, handshakeMemo.acquireOffset, min);
            } else {
                min = Math.min(calculateFragmentSize, recordMemo.fragment.length);
                byteBuffer.put(recordMemo.fragment, 0, min);
            }
            byteBuffer.limit(byteBuffer.position());
            byteBuffer.position(explicitNonceSize);
            if (SSLLogger.isOn && SSLLogger.isOn("record")) {
                SSLLogger.fine("WRITE: " + DTLSOutputRecord.this.protocolVersion.name + " " + ContentType.nameOf(recordMemo.contentType) + ", length = " + byteBuffer.remaining(), new Object[0]);
            }
            long encrypt = OutputRecord.encrypt(recordMemo.encodeCipher, recordMemo.contentType, byteBuffer, position, limit, 13, ProtocolVersion.valueOf(recordMemo.majorVersion, recordMemo.minorVersion));
            if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
                ByteBuffer duplicate = byteBuffer.duplicate();
                duplicate.limit(duplicate.position());
                duplicate.position(position);
                SSLLogger.fine("Raw write (" + duplicate.remaining() + ")", duplicate);
            }
            byteBuffer.limit(limit);
            if (handshakeMemo != null) {
                handshakeMemo.acquireOffset += min;
                if (handshakeMemo.acquireOffset == handshakeMemo.fragment.length) {
                    this.acquireIndex++;
                }
                return new Ciphertext(handshakeMemo.contentType, handshakeMemo.handshakeType, encrypt);
            }
            if (DTLSOutputRecord.this.isCloseWaiting && recordMemo.contentType == ContentType.ALERT.id) {
                DTLSOutputRecord.this.close();
            }
            this.acquireIndex++;
            return new Ciphertext(recordMemo.contentType, SSLHandshake.NOT_APPLICABLE.id, encrypt);
        }

        private void handshakeHashing(HandshakeMemo handshakeMemo, byte[] bArr) {
            if (DTLSOutputRecord.this.handshakeHash.isHashable(handshakeMemo.handshakeType)) {
                byte[] bArr2 = {handshakeMemo.handshakeType, (byte) ((bArr.length >> 16) & 255), (byte) ((bArr.length >> 8) & 255), (byte) (bArr.length & 255), (byte) ((handshakeMemo.messageSequence >> 8) & 255), (byte) (handshakeMemo.messageSequence & 255), 0, 0, 0, bArr2[1], bArr2[2], bArr2[3]};
                DTLSOutputRecord.this.handshakeHash.deliver(bArr2, 0, 12);
                DTLSOutputRecord.this.handshakeHash.deliver(bArr, 0, bArr.length);
            }
        }

        boolean isEmpty() {
            return !this.flightIsReady || this.handshakeMemos.isEmpty() || this.acquireIndex >= this.handshakeMemos.size();
        }

        boolean hasAlert() {
            Iterator<RecordMemo> it = this.handshakeMemos.iterator();
            while (it.hasNext()) {
                if (it.next().contentType == ContentType.ALERT.id) {
                    return true;
                }
            }
            return false;
        }

        boolean isRetransmittable() {
            return this.flightIsReady && !this.handshakeMemos.isEmpty() && this.acquireIndex >= this.handshakeMemos.size();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void setRetransmission() {
            this.acquireIndex = 0;
            Iterator<RecordMemo> it = this.handshakeMemos.iterator();
            while (it.hasNext()) {
                RecordMemo next = it.next();
                if (next instanceof HandshakeMemo) {
                    ((HandshakeMemo) next).acquireOffset = 0;
                }
            }
            if (DTLSOutputRecord.this.packetSize > 16717 || DTLSOutputRecord.this.packetSize <= 256) {
                return;
            }
            int i = this.retransmits;
            this.retransmits = i - 1;
            if (i <= 0) {
                shrinkPacketSize();
                this.retransmits = 2;
            }
        }

        private void shrinkPacketSize() {
            DTLSOutputRecord.this.packetSize = Math.max(256, DTLSOutputRecord.this.packetSize / 2);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:jre/lib/ext/openjsse.jar:org/openjsse/sun/security/ssl/DTLSOutputRecord$HandshakeMemo.class */
    public static class HandshakeMemo extends RecordMemo {
        byte handshakeType;
        int messageSequence;
        int acquireOffset;

        private HandshakeMemo() {
            super();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:jre/lib/ext/openjsse.jar:org/openjsse/sun/security/ssl/DTLSOutputRecord$RecordMemo.class */
    public static class RecordMemo {
        byte contentType;
        byte majorVersion;
        byte minorVersion;
        int encodeEpoch;
        SSLCipher.SSLWriteCipher encodeCipher;
        byte[] fragment;

        private RecordMemo() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DTLSOutputRecord(HandshakeHash handshakeHash) {
        super(handshakeHash, SSLCipher.SSLWriteCipher.nullDTlsWriteCipher());
        this.fragmenter = null;
        this.isCloseWaiting = false;
        this.writeEpoch = 0;
        this.prevWriteEpoch = 0;
        this.prevWriteCipher = SSLCipher.SSLWriteCipher.nullDTlsWriteCipher();
        this.packetSize = DTLSRecord.maxRecordSize;
        this.protocolVersion = ProtocolVersion.NONE;
    }

    @Override // org.openjsse.sun.security.ssl.OutputRecord, java.io.ByteArrayOutputStream, java.io.OutputStream, java.io.Closeable, java.lang.AutoCloseable
    public synchronized void close() throws IOException {
        if (this.isClosed) {
            return;
        }
        if (this.fragmenter == null || !this.fragmenter.hasAlert()) {
            super.close();
        } else {
            this.isCloseWaiting = true;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.openjsse.sun.security.ssl.OutputRecord
    public boolean isClosed() {
        return this.isClosed || this.isCloseWaiting;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.openjsse.sun.security.ssl.OutputRecord
    public void initHandshaker() {
        this.fragmenter = null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.openjsse.sun.security.ssl.OutputRecord
    public void finishHandshake() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.openjsse.sun.security.ssl.OutputRecord
    public void changeWriteCiphers(SSLCipher.SSLWriteCipher sSLWriteCipher, boolean z) throws IOException {
        if (isClosed()) {
            if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
                SSLLogger.warning("outbound has closed, ignore outbound change_cipher_spec message", new Object[0]);
                return;
            }
            return;
        }
        if (z) {
            encodeChangeCipherSpec();
        }
        this.prevWriteCipher.dispose();
        this.prevWriteCipher = this.writeCipher;
        this.prevWriteEpoch = this.writeEpoch;
        this.writeCipher = sSLWriteCipher;
        this.writeEpoch++;
        this.isFirstAppOutputRecord = true;
        this.writeCipher.authenticator.setEpochNumber(this.writeEpoch);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.openjsse.sun.security.ssl.OutputRecord
    public void encodeAlert(byte b, byte b2) throws IOException {
        if (!isClosed()) {
            if (this.fragmenter == null) {
                this.fragmenter = new DTLSFragmenter();
            }
            this.fragmenter.queueUpAlert(b, b2);
        } else if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
            SSLLogger.warning("outbound has closed, ignore outbound alert message: " + Alert.nameOf(b2), new Object[0]);
        }
    }

    @Override // org.openjsse.sun.security.ssl.OutputRecord
    void encodeChangeCipherSpec() throws IOException {
        if (!isClosed()) {
            if (this.fragmenter == null) {
                this.fragmenter = new DTLSFragmenter();
            }
            this.fragmenter.queueUpChangeCipherSpec();
        } else if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
            SSLLogger.warning("outbound has closed, ignore outbound change_cipher_spec message", new Object[0]);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.openjsse.sun.security.ssl.OutputRecord
    public void encodeHandshake(byte[] bArr, int i, int i2) throws IOException {
        if (isClosed()) {
            if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
                SSLLogger.warning("outbound has closed, ignore outbound handshake message", ByteBuffer.wrap(bArr, i, i2));
                return;
            }
            return;
        }
        if (this.firstMessage) {
            this.firstMessage = false;
        }
        if (this.fragmenter == null) {
            this.fragmenter = new DTLSFragmenter();
        }
        this.fragmenter.queueUpHandshake(bArr, i, i2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.openjsse.sun.security.ssl.OutputRecord
    public Ciphertext encode(ByteBuffer[] byteBufferArr, int i, int i2, ByteBuffer[] byteBufferArr2, int i3, int i4) throws IOException {
        if (this.isClosed) {
            if (!SSLLogger.isOn || !SSLLogger.isOn("ssl")) {
                return null;
            }
            SSLLogger.warning("outbound has closed, ignore outbound application data or cached messages", new Object[0]);
            return null;
        }
        if (this.isCloseWaiting) {
            if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
                SSLLogger.warning("outbound has closed, ignore outbound application data", new Object[0]);
            }
            byteBufferArr = null;
        }
        return encode(byteBufferArr, i, i2, byteBufferArr2[0]);
    }

    private Ciphertext encode(ByteBuffer[] byteBufferArr, int i, int i2, ByteBuffer byteBuffer) throws IOException {
        Ciphertext acquireCiphertext;
        if (this.writeCipher.authenticator.seqNumOverflow()) {
            if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
                SSLLogger.fine("sequence number extremely close to overflow (2^64-1 packets). Closing connection.", new Object[0]);
            }
            throw new SSLHandshakeException("sequence number overflow");
        }
        if ((!isEmpty() || byteBufferArr == null || byteBufferArr.length == 0) && (acquireCiphertext = acquireCiphertext(byteBuffer)) != null) {
            return acquireCiphertext;
        }
        if (byteBufferArr == null || byteBufferArr.length == 0) {
            return null;
        }
        int i3 = 0;
        for (int i4 = i; i4 < i + i2; i4++) {
            i3 += byteBufferArr[i4].remaining();
        }
        if (i3 == 0) {
            return null;
        }
        int calculateFragmentSize = calculateFragmentSize(this.packetSize > 0 ? Math.min(this.writeCipher.calculateFragmentSize(Math.min(DTLSRecord.maxRecordSize, this.packetSize), 13), 16384) : 16384);
        int position = byteBuffer.position();
        int limit = byteBuffer.limit();
        int explicitNonceSize = position + 13 + this.writeCipher.getExplicitNonceSize();
        byteBuffer.position(explicitNonceSize);
        int min = Math.min(calculateFragmentSize, byteBuffer.remaining());
        int i5 = 0;
        int i6 = i + i2;
        for (int i7 = i; i7 < i6 && min > 0; i7++) {
            int min2 = Math.min(byteBufferArr[i7].remaining(), min);
            int limit2 = byteBufferArr[i7].limit();
            byteBufferArr[i7].limit(byteBufferArr[i7].position() + min2);
            byteBuffer.put(byteBufferArr[i7]);
            byteBufferArr[i7].limit(limit2);
            min -= min2;
            i5 += min2;
        }
        byteBuffer.limit(byteBuffer.position());
        byteBuffer.position(explicitNonceSize);
        if (SSLLogger.isOn && SSLLogger.isOn("record")) {
            SSLLogger.fine("WRITE: " + this.protocolVersion.name + " " + ContentType.APPLICATION_DATA.name + ", length = " + byteBuffer.remaining(), new Object[0]);
        }
        long encrypt = encrypt(this.writeCipher, ContentType.APPLICATION_DATA.id, byteBuffer, position, limit, 13, this.protocolVersion);
        if (SSLLogger.isOn && SSLLogger.isOn("packet")) {
            ByteBuffer duplicate = byteBuffer.duplicate();
            duplicate.limit(duplicate.position());
            duplicate.position(position);
            SSLLogger.fine("Raw write", duplicate);
        }
        byteBuffer.limit(limit);
        return new Ciphertext(ContentType.APPLICATION_DATA.id, SSLHandshake.NOT_APPLICABLE.id, encrypt);
    }

    private Ciphertext acquireCiphertext(ByteBuffer byteBuffer) throws IOException {
        if (this.fragmenter != null) {
            return this.fragmenter.acquireCiphertext(byteBuffer);
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.openjsse.sun.security.ssl.OutputRecord
    public boolean isEmpty() {
        return this.fragmenter == null || this.fragmenter.isEmpty();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.openjsse.sun.security.ssl.OutputRecord
    public void launchRetransmission() {
        if (this.fragmenter == null || !this.fragmenter.isRetransmittable()) {
            return;
        }
        this.fragmenter.setRetransmission();
    }
}
