package com.ibm.ws.ssl.channel.impl;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.jsse2.ProtoSSLEngine;
import com.ibm.jsse2.ProtoSSLEngineResult;
import com.ibm.jsse2.SSLContext;
import com.ibm.websphere.channel.framework.FlowType;
import com.ibm.websphere.ssl.JSSEHelper;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ssl.JSSEProvider;
import com.ibm.ws.ssl.JSSEProviderFactory;
import com.ibm.ws.ssl.config.SSLConfig;
import com.ibm.ws.ssl.core.Constants;
import com.ibm.ws.ssl.provider.IBMJSSE2Provider;
import com.ibm.ws.util.PlatformHelper;
import com.ibm.ws.util.PlatformHelperFactory;
import com.ibm.ws.webservices.engine.transport.security.SSLpropertyNames;
import com.ibm.wsspi.buffermgmt.WsByteBuffer;
import com.ibm.wsspi.channel.Channel;
import com.ibm.wsspi.channel.ConnectionLink;
import com.ibm.wsspi.channel.Discriminator;
import com.ibm.wsspi.channel.InboundChannel;
import com.ibm.wsspi.channel.OutboundChannel;
import com.ibm.wsspi.channel.OutboundProtocol;
import com.ibm.wsspi.channel.framework.ChannelData;
import com.ibm.wsspi.channel.framework.ChannelFramework;
import com.ibm.wsspi.channel.framework.DiscriminationProcess;
import com.ibm.wsspi.channel.framework.OutboundVirtualConnection;
import com.ibm.wsspi.channel.framework.VirtualConnection;
import com.ibm.wsspi.channel.framework.exception.ChannelException;
import com.ibm.wsspi.tcp.channel.TCPConnectRequestContext;
import java.net.InetSocketAddress;
import java.security.AccessController;
import java.security.PrivilegedExceptionAction;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import javax.net.ssl.SSLSessionContext;

/* loaded from: input_file:lib/com.ibm.ws.webservices.thinclient_6.1.0.jar:com/ibm/ws/ssl/channel/impl/SSLChannel.class */
public class SSLChannel implements InboundChannel, OutboundChannel, Discriminator {
    protected static final TraceComponent tc;
    private static final String CLASS_NAME = "com.ibm.ws.ssl.channel.impl.SSLChannel";
    public static final String SSL_DISCRIMINATOR_STATE = "SSLDiscState";
    protected SSLChannelData sslConfig;
    protected SSLHandshakeErrorTracker handshakeErrorTracker;
    protected JSSEProvider jsse2Provider;
    protected ChannelFramework channelFramework;
    protected boolean isZOS;
    static Class class$com$ibm$ws$ssl$channel$impl$SSLChannel;
    static Class class$com$ibm$wsspi$buffermgmt$WsByteBuffer;
    static Class class$com$ibm$wsspi$tcp$channel$TCPConnectRequestContext;
    static Class class$com$ibm$wsspi$tcp$channel$TCPConnectionContext;
    protected DiscriminationProcess discProcess = null;
    private boolean isInitialized = false;
    protected boolean XD = false;
    protected String alias = null;
    protected String endPointName = null;
    protected String inboundHost = null;
    protected String inboundPort = null;
    private SSLSessionContext sessionContext = null;

    public SSLChannel(ChannelData channelData) throws ChannelException {
        this.sslConfig = null;
        this.handshakeErrorTracker = null;
        this.channelFramework = null;
        this.isZOS = false;
        this.sslConfig = new SSLChannelData(channelData);
        this.handshakeErrorTracker = new SSLHandshakeErrorTracker();
        this.channelFramework = channelData.getChannelFramework();
        PlatformHelper platformHelper = PlatformHelperFactory.getPlatformHelper();
        if (platformHelper != null) {
            this.isZOS = platformHelper.isZOS();
        }
    }

    public SSLHandshakeErrorTracker getHandshakeErrorTracker() {
        return this.handshakeErrorTracker;
    }

    public void setXD(boolean z) {
        this.XD = z;
    }

    @Override // com.ibm.wsspi.channel.InboundChannel
    public Discriminator getDiscriminator() {
        return this;
    }

    @Override // com.ibm.wsspi.channel.InboundChannel
    public DiscriminationProcess getDiscriminationProcess() {
        return this.discProcess;
    }

    @Override // com.ibm.wsspi.channel.InboundChannel
    public void setDiscriminationProcess(DiscriminationProcess discriminationProcess) {
        this.discProcess = discriminationProcess;
    }

    @Override // com.ibm.wsspi.channel.InboundChannel
    public Class getDiscriminatoryType() {
        if (class$com$ibm$wsspi$buffermgmt$WsByteBuffer != null) {
            return class$com$ibm$wsspi$buffermgmt$WsByteBuffer;
        }
        Class class$ = class$("com.ibm.wsspi.buffermgmt.WsByteBuffer");
        class$com$ibm$wsspi$buffermgmt$WsByteBuffer = class$;
        return class$;
    }

    @Override // com.ibm.wsspi.channel.OutboundChannel
    public Class getDeviceAddress() {
        if (class$com$ibm$wsspi$tcp$channel$TCPConnectRequestContext != null) {
            return class$com$ibm$wsspi$tcp$channel$TCPConnectRequestContext;
        }
        Class class$ = class$("com.ibm.wsspi.tcp.channel.TCPConnectRequestContext");
        class$com$ibm$wsspi$tcp$channel$TCPConnectRequestContext = class$;
        return class$;
    }

    @Override // com.ibm.wsspi.channel.OutboundChannel
    public Class[] getApplicationAddress() {
        Class cls;
        Class[] clsArr = new Class[1];
        if (class$com$ibm$wsspi$tcp$channel$TCPConnectRequestContext == null) {
            cls = class$("com.ibm.wsspi.tcp.channel.TCPConnectRequestContext");
            class$com$ibm$wsspi$tcp$channel$TCPConnectRequestContext = cls;
        } else {
            cls = class$com$ibm$wsspi$tcp$channel$TCPConnectRequestContext;
        }
        clsArr[0] = cls;
        return clsArr;
    }

    @Override // com.ibm.wsspi.channel.Channel
    public ConnectionLink getConnectionLink(VirtualConnection virtualConnection) {
        if (!this.isInitialized) {
            try {
                init();
            } catch (Exception e) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("Exception caught while getting SSL connection link: ").append(e).toString());
                }
                FFDCFilter.processException(e, CLASS_NAME, "148", this, new Object[]{virtualConnection});
                throw new RuntimeException(e);
            }
        }
        SSLConnectionLink sSLConnectionLink = new SSLConnectionLink(this);
        sSLConnectionLink.init(virtualConnection);
        return sSLConnectionLink;
    }

    /* JADX WARN: Code restructure failed: missing block: B:26:0x0071, code lost:
    
        r11 = java.lang.Boolean.TRUE;
     */
    /* JADX WARN: Code restructure failed: missing block: B:27:0x0078, code lost:
    
        if (com.ibm.ejs.ras.TraceComponent.isAnyTracingEnabled() == false) goto L22;
     */
    /* JADX WARN: Code restructure failed: missing block: B:29:0x0081, code lost:
    
        if (com.ibm.ws.ssl.channel.impl.SSLChannel.tc.isDebugEnabled() == false) goto L22;
     */
    /* JADX WARN: Code restructure failed: missing block: B:30:0x0084, code lost:
    
        com.ibm.ejs.ras.Tr.debug(com.ibm.ws.ssl.channel.impl.SSLChannel.tc, new java.lang.StringBuffer().append("Found web container channel in chain ").append(r0[r16].getName()).toString());
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.ibm.jsse2.SSLContext getSSLContextForInboundLink(com.ibm.wsspi.channel.framework.VirtualConnection r10) throws com.ibm.wsspi.channel.framework.exception.ChannelException {
        /*
            Method dump skipped, instructions count: 299
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.ssl.channel.impl.SSLChannel.getSSLContextForInboundLink(com.ibm.wsspi.channel.framework.VirtualConnection):com.ibm.jsse2.SSLContext");
    }

    public SSLContext getSSLContextForOutboundLink(VirtualConnection virtualConnection, Object obj) throws ChannelException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLContextForOutboundLink");
        }
        InetSocketAddress remoteAddress = ((TCPConnectRequestContext) obj).getRemoteAddress();
        String str = "HTTP";
        String str2 = (String) virtualConnection.getStateMap().get(OutboundProtocol.PROTOCOL);
        if (str2 != null) {
            str = str2;
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("OutboundProtocol=").append(str).append(" specified by in VC").toString());
            }
        } else {
            Object channelAccessor = ((OutboundVirtualConnection) virtualConnection).getChannelAccessor();
            if (channelAccessor instanceof OutboundProtocol) {
                str = ((OutboundProtocol) channelAccessor).getProtocol();
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("OutboundProtocol=").append(str).append(" specified by ").append(channelAccessor.getClass().getName()).toString());
                }
            }
        }
        SSLContext sSLContextForLink = getSSLContextForLink(virtualConnection, remoteAddress.getHostName(), Integer.toString(remoteAddress.getPort()), str, Boolean.FALSE);
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "getSSLContextForOutboundLink");
        }
        return sSLContextForLink;
    }

    protected SSLContext getSSLContextForLink(VirtualConnection virtualConnection, String str, String str2, String str3, Boolean bool) throws ChannelException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLContextForLink");
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, new StringBuffer().append("host=").append(str).append(" port=").append(str2).append(" endPoint=").append(str3).toString());
        }
        String str4 = this.sslConfig.isInbound() ? "inbound" : "outbound";
        HashMap hashMap = new HashMap();
        hashMap.put("com.ibm.ssl.direction", str4);
        hashMap.put(Constants.CONNECTION_INFO_REMOTE_HOST, str);
        hashMap.put(Constants.CONNECTION_INFO_REMOTE_PORT, str2);
        hashMap.put("com.ibm.ssl.endPointName", str3);
        if (this.isZOS && this.sslConfig.isInbound()) {
            Properties properties = new Properties();
            Object obj = virtualConnection.getStateMap().get("REMOTE_ADDRESS");
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("REMOTE_ADDRESS = ").append(obj).append(" isZWebContainerChain = ").append(bool).toString());
            }
            if (obj != null) {
                properties.put(JSSEHelper.CONNECTION_INFO_CERT_MAPPING_HOST, obj);
            } else {
                FFDCFilter.processException(new Exception("REMOTE_ADDRESS was not found in the VC state map.  Z channel should put it there."), CLASS_NAME, "329", this, new Object[]{virtualConnection});
            }
            properties.put(JSSEHelper.CONNECTION_INFO_IS_WEB_CONTAINER_INBOUND, bool);
            JSSEHelper.getInstance().setInboundConnectionInfo(properties);
            hashMap.put(JSSEHelper.CONNECTION_INFO_IS_WEB_CONTAINER_INBOUND, bool);
        }
        try {
            Properties properties2 = (Properties) AccessController.doPrivileged(new PrivilegedExceptionAction(this, this.alias, hashMap) { // from class: com.ibm.ws.ssl.channel.impl.SSLChannel.1
                private final String val$aliasFinal;
                private final HashMap val$connectionInfo;
                private final SSLChannel this$0;

                {
                    this.this$0 = this;
                    this.val$aliasFinal = r5;
                    this.val$connectionInfo = hashMap;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    return JSSEHelper.getInstance().getProperties(this.val$aliasFinal, this.val$connectionInfo, null);
                }
            });
            if (properties2 != null) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "sslProps:\r\n");
                }
                Enumeration<?> propertyNames = properties2.propertyNames();
                Properties properties3 = new Properties();
                while (propertyNames.hasMoreElements()) {
                    String str5 = (String) propertyNames.nextElement();
                    String property = properties2.getProperty(str5);
                    if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append("\t").append(str5).append(" = ").append(-1 == str5.toLowerCase().indexOf("password") ? property : SSLpropertyNames.maskedPropertyName).append("\n").toString());
                    }
                    if (property != null) {
                        properties3.put(str5, property);
                    }
                }
                this.sslConfig.setProperties(properties3);
            } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("Alias not found in security service, ").append(this.alias).append(", using props passed in to channel").toString());
            }
            String str6 = (String) this.sslConfig.getProperties().get("com.ibm.ssl.sslType");
            if (null != str6) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("SSLConfig type: ").append(str6).toString());
                }
                if (null != str6 && str6.equals(Constants.SSLTYPE_SSSL)) {
                    throw new ChannelException(new StringBuffer().append("Invalid SSLConfig type: ").append(str6).toString());
                }
            } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "com.ibm.ssl.sslType property not found by the security service");
            }
            try {
                SSLConfig sSLConfig = new SSLConfig(this.sslConfig.getProperties());
                sSLConfig.putAll(this.sslConfig.getProperties());
                SSLContext sSLContext_JSSE2 = ((IBMJSSE2Provider) this.jsse2Provider).getSSLContext_JSSE2(hashMap, sSLConfig);
                if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                    Tr.exit(tc, "getSSLContextForLink");
                }
                return sSLContext_JSSE2;
            } catch (Exception e) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Exception getting SSLContext from properties.", new Object[]{e});
                }
                throw new ChannelException(e);
            }
        } catch (Exception e2) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("Exception getting SSL properties from alias: ").append(this.alias).toString());
            }
            throw new ChannelException(e2);
        }
    }

    @Override // com.ibm.wsspi.channel.Channel
    public void start() throws ChannelException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "start");
        }
        try {
            if (this.sslConfig.isInbound()) {
                Map propertyBag = ((ChannelData) this.channelFramework.getInternalRunningChains(this.sslConfig.getName())[0].getChannelList()[0]).getPropertyBag();
                this.inboundHost = (String) propertyBag.get("hostname");
                this.inboundPort = (String) propertyBag.get("port");
                this.endPointName = (String) propertyBag.get("endPointName");
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("inboundHost = ").append(this.inboundHost).append(" inboundPort = ").append(this.inboundPort).append(" endPointName = ").append(this.endPointName).toString());
                }
            }
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                Tr.exit(tc, "start");
            }
        } catch (Exception e) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("Caught exception during start, throwing up stack.  ").append(e).toString());
            }
            throw new ChannelException(e);
        }
    }

    @Override // com.ibm.wsspi.channel.Channel
    public void stop(long j) throws ChannelException {
    }

    @Override // com.ibm.wsspi.channel.Channel
    public void init() throws ChannelException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "init");
        }
        if (this.isInitialized) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                Tr.exit(tc, "init");
                return;
            }
            return;
        }
        try {
            Properties properties = this.sslConfig.getProperties();
            if (properties != null) {
                this.alias = (String) properties.get(SSLChannelData.ALIAS_KEY);
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    if (this.alias != null) {
                        Tr.debug(tc, new StringBuffer().append("Found alias in SSL properties, ").append(this.alias).toString());
                    } else {
                        Tr.debug(tc, "No alias found in SSL properties");
                    }
                }
            }
            this.jsse2Provider = JSSEProviderFactory.getInstance("IBMJSSE2");
            if (this.jsse2Provider == null) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unable to get an instance of the JSSEProvider");
                }
                throw new ChannelException("Unable to get an instance of the JSSEProvider");
            }
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Have a valid jsse2Provider");
            }
            this.isInitialized = true;
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                Tr.exit(tc, "init");
            }
        } catch (Exception e) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("init received exception handling properties; ").append(e).toString());
            }
            throw new ChannelException(e);
        }
    }

    @Override // com.ibm.wsspi.channel.Channel
    public void destroy() throws ChannelException {
        this.discProcess = null;
        this.sslConfig = null;
        this.sessionContext = null;
    }

    @Override // com.ibm.wsspi.channel.Channel
    public String getName() {
        return this.sslConfig.getName();
    }

    @Override // com.ibm.wsspi.channel.Channel
    public Class getApplicationInterface() {
        if (class$com$ibm$wsspi$tcp$channel$TCPConnectionContext != null) {
            return class$com$ibm$wsspi$tcp$channel$TCPConnectionContext;
        }
        Class class$ = class$("com.ibm.wsspi.tcp.channel.TCPConnectionContext");
        class$com$ibm$wsspi$tcp$channel$TCPConnectionContext = class$;
        return class$;
    }

    @Override // com.ibm.wsspi.channel.Channel
    public Class getDeviceInterface() {
        if (class$com$ibm$wsspi$tcp$channel$TCPConnectionContext != null) {
            return class$com$ibm$wsspi$tcp$channel$TCPConnectionContext;
        }
        Class class$ = class$("com.ibm.wsspi.tcp.channel.TCPConnectionContext");
        class$com$ibm$wsspi$tcp$channel$TCPConnectionContext = class$;
        return class$;
    }

    @Override // com.ibm.wsspi.channel.Channel
    public void update(ChannelData channelData) {
        this.sslConfig.updateChannelData(channelData);
    }

    @Override // com.ibm.wsspi.channel.Discriminator
    public int discriminate(VirtualConnection virtualConnection, Object obj) {
        int i;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "discriminate");
        }
        if (obj == null) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Received null discrim data.  Returning NO from discriminator.");
            }
            if (!TraceComponent.isAnyTracingEnabled() || !tc.isEntryEnabled()) {
                return 0;
            }
            Tr.exit(tc, "discriminate");
            return 0;
        }
        WsByteBuffer wsByteBuffer = ((WsByteBuffer[]) obj)[0];
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, new StringBuffer().append("netBuffer: ").append(SSLUtils.getBufferTraceInfo(wsByteBuffer)).toString());
        }
        if (0 == wsByteBuffer.position()) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Received empty discrim data.  Returning MAYBE from discriminator.");
            }
            if (!TraceComponent.isAnyTracingEnabled() || !tc.isEntryEnabled()) {
                return -1;
            }
            Tr.exit(tc, "discriminate");
            return -1;
        }
        if (!this.isInitialized) {
            try {
                init();
            } catch (Exception e) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("Exception caught while getting SSL connection link: ").append(e).toString());
                }
                FFDCFilter.processException(e, CLASS_NAME, "148", this, new Object[]{virtualConnection});
                if (!TraceComponent.isAnyTracingEnabled() || !tc.isEntryEnabled()) {
                    return 0;
                }
                Tr.exit(tc, "discriminate");
                return 0;
            }
        }
        int position = wsByteBuffer.position();
        int limit = wsByteBuffer.limit();
        WsByteBuffer wsByteBuffer2 = null;
        Map stateMap = virtualConnection.getStateMap();
        ProtoSSLEngine protoSSLEngine = null;
        SSLContext sSLContext = null;
        ProtoSSLEngineResult protoSSLEngineResult = null;
        SSLDiscriminatorState sSLDiscriminatorState = null;
        try {
            wsByteBuffer.flip();
            sSLDiscriminatorState = (SSLDiscriminatorState) stateMap.get(SSL_DISCRIMINATOR_STATE);
            if (sSLDiscriminatorState == null) {
                sSLContext = getSSLContextForInboundLink(virtualConnection);
                protoSSLEngine = SSLUtils.getSSLEngine(sSLContext, FlowType.INBOUND, this.sslConfig);
                wsByteBuffer2 = SSLUtils.allocateByteBuffer(protoSSLEngine.getApplicationBufferSize(), this.sslConfig.getDecryptBuffersDirect());
            } else {
                protoSSLEngine = sSLDiscriminatorState.getEngine();
                sSLContext = sSLDiscriminatorState.getSSLContext();
                wsByteBuffer2 = sSLDiscriminatorState.getDecryptedNetBuffer();
            }
            if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
                Tr.event(tc, new StringBuffer().append("before unwrap: netBuf.pos: ").append(wsByteBuffer.position()).append(" netBuf.lim=").append(wsByteBuffer.limit()).append(" decNetBuf.pos=").append(wsByteBuffer2.position()).append(" decNetBuf.lim=").append(wsByteBuffer2.limit()).toString());
            }
            WsByteBuffer[] wsByteBufferArr = {wsByteBuffer};
            int[] adjustBuffersForJSSE = SSLUtils.adjustBuffersForJSSE(wsByteBufferArr, protoSSLEngine.getPacketBufferSize());
            protoSSLEngineResult = protoSSLEngine.unwrap(wsByteBuffer.getWrappedByteBuffer(), wsByteBuffer2.getWrappedByteBuffer());
            if (adjustBuffersForJSSE != null) {
                SSLUtils.resetBuffersAfterJSSE(wsByteBufferArr, adjustBuffersForJSSE);
            }
            ProtoSSLEngineResult.Status status = protoSSLEngineResult.getStatus();
            if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
                Tr.event(tc, new StringBuffer().append("after unwrap: netBuf.pos=").append(wsByteBuffer.position()).append(" netBuf.lim=").append(wsByteBuffer.limit()).append(" decNetBuf.pos=").append(wsByteBuffer2.position()).append(" decNetBuf.lim=").append(wsByteBuffer2.limit()).append("\nstatus=").append(status).append(" consumed=").append(protoSSLEngineResult.inBytesConsumed()).append(" produced=").append(protoSSLEngineResult.outBytesProduced()).toString());
            }
            if (status == ProtoSSLEngineResult.Status.BUFFER_UNDERFLOW) {
                i = -1;
            } else {
                i = 1;
                if (wsByteBuffer.remaining() == 0) {
                    wsByteBuffer.clear();
                }
            }
        } catch (Exception e2) {
            i = 0;
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("Caught Exception during discriminate: ").append(e2).toString());
            }
        }
        switch (i) {
            case 0:
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Discriminator returning NO");
                }
                if (sSLDiscriminatorState != null) {
                    stateMap.remove(SSL_DISCRIMINATOR_STATE);
                    closeEngine(sSLDiscriminatorState.getEngine());
                }
                if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
                    Tr.event(tc, "Releasing decryptedNetworkBuffer");
                }
                wsByteBuffer2.release();
                break;
            case 1:
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Discriminator returning YES");
                }
                if (sSLDiscriminatorState == null) {
                    sSLDiscriminatorState = new SSLDiscriminatorState();
                }
                sSLDiscriminatorState.updateState(sSLContext, protoSSLEngine, protoSSLEngineResult, wsByteBuffer2, wsByteBuffer.position(), wsByteBuffer.limit());
                stateMap.put(SSL_DISCRIMINATOR_STATE, sSLDiscriminatorState);
                break;
            default:
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Discriminator returning MAYBE");
                }
                if (sSLDiscriminatorState == null) {
                    SSLDiscriminatorState sSLDiscriminatorState2 = new SSLDiscriminatorState();
                    sSLDiscriminatorState2.updateState(sSLContext, protoSSLEngine, protoSSLEngineResult, wsByteBuffer2, wsByteBuffer.position(), wsByteBuffer.limit());
                    stateMap.put(SSL_DISCRIMINATOR_STATE, sSLDiscriminatorState2);
                    break;
                }
                break;
        }
        wsByteBuffer.limit(limit);
        wsByteBuffer.position(position);
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "discriminate");
        }
        return i;
    }

    @Override // com.ibm.wsspi.channel.Discriminator
    public void cleanUpState(VirtualConnection virtualConnection) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "cleanUpState");
        }
        SSLDiscriminatorState sSLDiscriminatorState = (SSLDiscriminatorState) virtualConnection.getStateMap().remove(SSL_DISCRIMINATOR_STATE);
        closeEngine(sSLDiscriminatorState.getEngine());
        WsByteBuffer decryptedNetBuffer = sSLDiscriminatorState.getDecryptedNetBuffer();
        if (decryptedNetBuffer != null) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
                Tr.event(tc, "Releasing decryptedNetworkBuffer");
            }
            decryptedNetBuffer.release();
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "cleanUpState");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void onHandshakeFinish(ProtoSSLEngine protoSSLEngine) {
        try {
            SSLSessionContext sSLSessionContext = (SSLSessionContext) AccessController.doPrivileged(new PrivilegedExceptionAction(this, protoSSLEngine) { // from class: com.ibm.ws.ssl.channel.impl.SSLChannel.2
                private final ProtoSSLEngine val$localEngine;
                private final SSLChannel this$0;

                {
                    this.this$0 = this;
                    this.val$localEngine = protoSSLEngine;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    return this.val$localEngine.getSession().getSessionContext();
                }
            });
            if (null == sSLSessionContext || sSLSessionContext.equals(this.sessionContext)) {
                return;
            }
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("Channel [").append(this).append("] saving context: ").append(sSLSessionContext).toString());
            }
            this.sessionContext = sSLSessionContext;
            sSLSessionContext.setSessionCacheSize(getConfig().getSSLSessionCacheSize());
            sSLSessionContext.setSessionTimeout(getConfig().getSSLSessionTimeout());
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("Session cache size set to ").append(sSLSessionContext.getSessionCacheSize()).toString());
                Tr.debug(tc, new StringBuffer().append("Session timeout set to ").append(sSLSessionContext.getSessionTimeout()).toString());
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.ssl.channel.impl.SSLChannel.onHandshakeFinish", "814");
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("Exception querying sessioncontext; ").append(e).toString());
            }
        }
    }

    private void closeEngine(ProtoSSLEngine protoSSLEngine) {
        if (null != protoSSLEngine) {
            if (!protoSSLEngine.isInboundDone()) {
                protoSSLEngine.closeInbound();
            }
            if (protoSSLEngine.isOutboundDone()) {
                return;
            }
            protoSSLEngine.closeOutbound();
        }
    }

    @Override // com.ibm.wsspi.channel.Discriminator
    public Class getDiscriminatoryDataType() {
        if (class$com$ibm$wsspi$buffermgmt$WsByteBuffer != null) {
            return class$com$ibm$wsspi$buffermgmt$WsByteBuffer;
        }
        Class class$ = class$("com.ibm.wsspi.buffermgmt.WsByteBuffer");
        class$com$ibm$wsspi$buffermgmt$WsByteBuffer = class$;
        return class$;
    }

    @Override // com.ibm.wsspi.channel.Discriminator
    public Channel getChannel() {
        return this;
    }

    @Override // com.ibm.wsspi.channel.Discriminator
    public int getWeight() {
        return this.sslConfig.getWeight();
    }

    public SSLChannelData getConfig() {
        return this.sslConfig;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ws$ssl$channel$impl$SSLChannel == null) {
            cls = class$(CLASS_NAME);
            class$com$ibm$ws$ssl$channel$impl$SSLChannel = cls;
        } else {
            cls = class$com$ibm$ws$ssl$channel$impl$SSLChannel;
        }
        tc = Tr.register(cls, SSLChannelConstants.SSL_TRACE_NAME, SSLChannelConstants.SSL_BUNDLE);
    }
}
