package com.ibm.ws.xs.xio.transport.channel;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.objectgrid.security.ObjectGridSecurityException;
import com.ibm.ws.objectgrid.Constants;
import com.ibm.ws.objectgrid.io.XsByteBufferUtilsInternal;
import com.ibm.ws.objectgrid.resources.Messages;
import com.ibm.ws.objectgrid.server.ServerStateUtility;
import com.ibm.ws.objectgrid.transport.XsTransportProperties;
import com.ibm.ws.xs.NLSConstants;
import com.ibm.ws.xs.protobuf.ByteString;
import com.ibm.ws.xs.xio.protobuf.XIOMessage;
import com.ibm.ws.xs.xio.security.XIOAuthKeyClient;
import com.ibm.ws.xs.xio.security.XIOSecurityUtils;
import com.ibm.ws.xs.xio.transport.message.protobuf.XIOProtobufCommonMsgUtil;
import com.ibm.ws.xsspi.xio.actor.XIORegistry;
import com.ibm.ws.xsspi.xio.exception.ObjectGridXIOException;
import com.ibm.wsspi.channel.framework.VirtualConnection;
import com.ibm.wsspi.xs.tcp.channel.TCPReadCompletedCallback;
import com.ibm.wsspi.xs.tcp.channel.TCPReadRequestContext;
import com.ibm.wsspi.xs.tcp.channel.TCPWriteCompletedCallback;
import com.ibm.wsspi.xs.tcp.channel.TCPWriteRequestContext;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.util.List;

/* loaded from: input_file:com/ibm/ws/xs/xio/transport/channel/XIOClientHandshake.class */
public class XIOClientHandshake implements TCPReadCompletedCallback, TCPWriteCompletedCallback {
    private static final TraceComponent tc = Tr.register(XIOClientHandshake.class, Constants.TR_XIO_GROUP_NAME, "com.ibm.ws.objectgrid.resources.ObjectGridMessages");
    private XIOConnectionController conn;
    private TCPWriteRequestContext writer;
    private XIOAuthKeyClient auth = null;
    private byte[] authData = null;
    private boolean authSucceeded = false;
    private Exception authFailure = null;
    private STATE hsState = STATE.WRITE_HELLO;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/ibm/ws/xs/xio/transport/channel/XIOClientHandshake$STATE.class */
    public enum STATE {
        WRITE_HELLO,
        READ_HELLO,
        WRITE_RESPONSE,
        READ_RESPONSE,
        WRITE_ENDPOINT,
        READ_ENDPOINT,
        DONE
    }

    public XIOClientHandshake(XIOConnectionController xIOConnectionController, VirtualConnection virtualConnection) {
        this.conn = null;
        this.writer = null;
        this.conn = xIOConnectionController;
        this.writer = xIOConnectionController.getTCPContext().getWriteInterface();
    }

    public String toString() {
        StringBuilder sb = new StringBuilder(32);
        sb.append(getClass().getName()).append('@').append(System.identityHashCode(this));
        sb.append(' ').append(this.hsState);
        sb.append(' ').append(this.conn);
        return sb.toString();
    }

    public void begin() {
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "begin: " + this);
        }
        this.hsState = STATE.WRITE_HELLO;
        try {
            this.auth = XsTransportProperties.getAuthSecret() != null ? new XIOAuthKeyClient() : null;
            runHandshake();
        } catch (Exception e) {
            this.conn.clientHandshakeFailed(e);
        }
    }

    private void runHandshake() {
        try {
            if (this.hsState == STATE.WRITE_HELLO && writeClientHelloRequest()) {
                return;
            }
            if (this.hsState == STATE.READ_HELLO && readServerHelloRequest()) {
                return;
            }
            if (this.hsState == STATE.WRITE_RESPONSE && writeServerHelloResponse()) {
                return;
            }
            if (this.hsState == STATE.READ_RESPONSE && readClientHelloResponse()) {
                return;
            }
            if (this.hsState == STATE.WRITE_ENDPOINT && writeLocalEndpoints()) {
                return;
            }
            if (this.hsState == STATE.READ_ENDPOINT && readRemoteEndpoints()) {
                return;
            }
            if (this.hsState == STATE.DONE) {
                this.conn.clientHandshakeComplete();
            }
        } catch (Exception e) {
            this.conn.clientHandshakeFailed(e);
        } catch (Throwable th) {
            this.conn.clientHandshakeFailed(new ObjectGridXIOException(th.getMessage(), th));
        }
    }

    private void releaseWriteBuffers() {
        XsByteBufferUtilsInternal.releaseBufferArray(this.writer.getBuffers());
        this.writer.setBuffer(null);
    }

    @Override // com.ibm.wsspi.xs.tcp.channel.TCPWriteCompletedCallback
    public void complete(VirtualConnection virtualConnection, TCPWriteRequestContext tCPWriteRequestContext) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Write complete: " + this);
        }
        try {
            switch (this.hsState) {
                case WRITE_HELLO:
                    finishClientHelloRequest();
                    break;
                case WRITE_RESPONSE:
                    finishServerHelloResponse();
                    break;
                case WRITE_ENDPOINT:
                    finishLocalEndpoints();
                    break;
                case DONE:
                    break;
                default:
                    if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
                        Tr.event(tc, "Unexpected handshake state: " + this);
                    }
                    throw new IllegalStateException("Unexpected state: " + this);
            }
            runHandshake();
        } catch (Exception e) {
            this.conn.clientHandshakeFailed(e);
        } catch (Throwable th) {
            this.conn.clientHandshakeFailed(new ObjectGridXIOException(th.getMessage(), th));
        }
    }

    @Override // com.ibm.wsspi.xs.tcp.channel.TCPWriteCompletedCallback
    public void error(VirtualConnection virtualConnection, TCPWriteRequestContext tCPWriteRequestContext, IOException iOException) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Write failure: " + this + "; " + iOException);
        }
        releaseWriteBuffers();
        this.conn.clientHandshakeFailed(iOException);
    }

    @Override // com.ibm.wsspi.xs.tcp.channel.TCPReadCompletedCallback
    public void complete(VirtualConnection virtualConnection, TCPReadRequestContext tCPReadRequestContext) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Read complete: " + this);
        }
        try {
            switch (this.hsState) {
                case DONE:
                    break;
                case READ_HELLO:
                    finishServerHelloRequest();
                    break;
                case READ_RESPONSE:
                    finishClientHelloResponse();
                    break;
                case READ_ENDPOINT:
                    finishRemoteEndpoints();
                    break;
                default:
                    if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
                        Tr.event(tc, "Unexpected handshake state: " + this);
                    }
                    throw new IllegalStateException("Unexpected state: " + this);
            }
            runHandshake();
        } catch (Exception e) {
            this.conn.clientHandshakeFailed(e);
        } catch (Throwable th) {
            this.conn.clientHandshakeFailed(new ObjectGridXIOException(th.getMessage(), th));
        }
    }

    @Override // com.ibm.wsspi.xs.tcp.channel.TCPReadCompletedCallback
    public void error(VirtualConnection virtualConnection, TCPReadRequestContext tCPReadRequestContext, IOException iOException) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Read failure: " + this + "; " + iOException);
        }
        this.conn.clientHandshakeFailed(iOException);
    }

    private boolean writeClientHelloRequest() {
        XIOMessage.ClientHelloRequest.Builder newBuilder = XIOMessage.ClientHelloRequest.newBuilder();
        newBuilder.setIsServer(ServerStateUtility.isServer());
        newBuilder.setVersion(70);
        if (null != this.auth) {
            newBuilder.setRandomSequenceNumber(ByteString.copyFrom(this.auth.clientSQN()));
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "writeClientHelloRequest clientSQN=" + XIOProtobufCommonMsgUtil.hexString(newBuilder.getRandomSequenceNumber()) + " isServer=" + newBuilder.getIsServer());
        }
        this.writer.setBuffer(XIOProtobufCommonMsgUtil.writeDelimitedToBufferFromMessage(newBuilder.build()));
        if (null != this.writer.write(-1L, this, false, this.conn.getWriteTimeout())) {
            finishClientHelloRequest();
            return false;
        }
        if (!TraceComponent.isAnyTracingEnabled() || !tc.isDebugEnabled()) {
            return true;
        }
        Tr.debug(tc, "Write of ClientHelloRequest went async");
        return true;
    }

    private void finishClientHelloRequest() {
        releaseWriteBuffers();
        this.hsState = STATE.READ_HELLO;
    }

    private boolean readServerHelloRequest() throws IOException, ObjectGridSecurityException, InvalidKeyException {
        if (this.conn.getInputStream().preloadVarIntData(this)) {
            return true;
        }
        finishServerHelloRequest();
        return false;
    }

    private void finishServerHelloRequest() throws IOException {
        XIOMessage.ServerHelloRequest serverHelloRequest = (XIOMessage.ServerHelloRequest) this.conn.getInputStream().parseLoadedMessage(XIOMessage.ServerHelloRequest.getDefaultInstance());
        this.conn.setRemoteVersion(serverHelloRequest.getVersion());
        boolean z = null != this.auth;
        boolean hasRandomChallenge = serverHelloRequest.hasRandomChallenge();
        boolean z2 = false;
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "readServerHelloRequest mac=" + XIOProtobufCommonMsgUtil.hexString(serverHelloRequest.getMac()) + ", randomChallenge=" + XIOProtobufCommonMsgUtil.hexString(serverHelloRequest.getRandomChallenge()) + ", serverVersion=" + serverHelloRequest.getVersion());
        }
        try {
            try {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "clientHandshake serverRequiresTrust=" + hasRandomChallenge);
                }
                if (ServerStateUtility.isServer()) {
                    XIOSecurityUtils.checkTrustMismatch(z, hasRandomChallenge);
                }
                if (hasRandomChallenge) {
                    z2 = true;
                    this.authData = serverHelloRequest.getRandomChallenge().toByteArray();
                    if (this.authData.length == 16) {
                        this.authSucceeded = this.auth.client_verifyServerMac(this.authData, serverHelloRequest.getMac().toByteArray());
                    }
                }
            } catch (Exception e) {
                this.authFailure = e;
                if (z2) {
                    this.hsState = STATE.WRITE_RESPONSE;
                    return;
                } else if (null != this.authFailure) {
                    this.conn.clientHandshakeFailed(this.authFailure);
                }
            }
            if (z2) {
                this.hsState = STATE.WRITE_RESPONSE;
                return;
            }
            if (null != this.authFailure) {
                this.conn.clientHandshakeFailed(this.authFailure);
            }
            this.hsState = STATE.WRITE_ENDPOINT;
        } catch (Throwable th) {
            if (z2) {
                this.hsState = STATE.WRITE_RESPONSE;
            } else {
                if (null != this.authFailure) {
                    this.conn.clientHandshakeFailed(this.authFailure);
                }
                throw th;
            }
        }
    }

    private boolean writeServerHelloResponse() throws ObjectGridSecurityException, InvalidKeyException {
        XIOMessage.ServerHelloResponse.Builder newBuilder = XIOMessage.ServerHelloResponse.newBuilder();
        if (this.authData != null && this.authSucceeded) {
            newBuilder.setMac(ByteString.copyFrom(this.auth.clientMac(this.authData)));
        }
        newBuilder.setAuthSucceeded(this.authSucceeded);
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "writeServerHelloResponse mac=" + XIOProtobufCommonMsgUtil.hexString(newBuilder.getMac()) + ", authSucceeded=" + this.authSucceeded);
        }
        this.writer.setBuffer(XIOProtobufCommonMsgUtil.writeDelimitedToBufferFromMessage(newBuilder.build()));
        if (null != this.writer.write(-1L, this, false, this.conn.getWriteTimeout())) {
            finishServerHelloResponse();
            return false;
        }
        if (!TraceComponent.isAnyTracingEnabled() || !tc.isDebugEnabled()) {
            return true;
        }
        Tr.debug(tc, "Write of ServerHelloResponse went async");
        return true;
    }

    private void finishServerHelloResponse() throws ObjectGridSecurityException {
        releaseWriteBuffers();
        if (this.authSucceeded) {
            this.hsState = STATE.READ_RESPONSE;
        } else {
            if (null == this.authFailure) {
                throw new ObjectGridSecurityException(Messages.getString(NLSConstants.MAC_FAILED_CLIENT, new Object[]{this.conn.getTCPContext().getRemoteAddress(), String.valueOf(this.conn.getTCPContext().getRemotePort())}));
            }
            if (!(this.authFailure instanceof ObjectGridSecurityException)) {
                throw new ObjectGridSecurityException(this.authFailure.getMessage(), this.authFailure);
            }
            throw ((ObjectGridSecurityException) this.authFailure);
        }
    }

    private boolean readClientHelloResponse() throws IOException, ObjectGridSecurityException {
        if (this.conn.getInputStream().preloadVarIntData(this)) {
            return true;
        }
        finishClientHelloResponse();
        return false;
    }

    private void finishClientHelloResponse() throws IOException, ObjectGridSecurityException {
        boolean authSucceeded = ((XIOMessage.ClientHelloResponse) this.conn.getInputStream().parseLoadedMessage(XIOMessage.ClientHelloResponse.getDefaultInstance())).getAuthSucceeded();
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "finishClientHelloResponse authSucceeded=" + authSucceeded);
        }
        if (!authSucceeded) {
            throw new ObjectGridSecurityException(Messages.getString(NLSConstants.MAC_FAILED_SERVER));
        }
        this.hsState = STATE.WRITE_ENDPOINT;
    }

    private boolean writeLocalEndpoints() {
        XIOMessage.EndpointHelloRequest.Builder newBuilder = XIOMessage.EndpointHelloRequest.newBuilder();
        ByteString localEndPointID = XIORegistry.getLocalEndPointID();
        newBuilder.addAllEndpoints(XIORegistry.getEndpointsForEndpointID(localEndPointID));
        newBuilder.setEndpointId(localEndPointID);
        this.writer.setBuffer(XIOProtobufCommonMsgUtil.writeDelimitedToBufferFromMessage(newBuilder.build()));
        if (null != this.writer.write(-1L, this, false, this.conn.getWriteTimeout())) {
            finishLocalEndpoints();
            return false;
        }
        if (!TraceComponent.isAnyTracingEnabled() || !tc.isDebugEnabled()) {
            return true;
        }
        Tr.debug(tc, "Write of EndpointHelloRequest went async");
        return true;
    }

    private void finishLocalEndpoints() {
        releaseWriteBuffers();
        this.hsState = STATE.READ_ENDPOINT;
    }

    private boolean readRemoteEndpoints() throws IOException {
        if (this.conn.getInputStream().preloadVarIntData(this)) {
            return true;
        }
        finishRemoteEndpoints();
        return false;
    }

    private void finishRemoteEndpoints() throws IOException {
        XIOMessage.EndpointHelloResponse endpointHelloResponse = (XIOMessage.EndpointHelloResponse) this.conn.getInputStream().parseLoadedMessage(XIOMessage.EndpointHelloResponse.getDefaultInstance());
        ByteString endpointId = endpointHelloResponse.getEndpointId();
        List<XIOMessage.C0006Endpoint> endpointsList = endpointHelloResponse.getEndpointsList();
        this.conn.setRemoteEndpoint(endpointId, endpointsList);
        if (null == endpointsList || 0 >= endpointsList.size()) {
            XIORegistry.putTargetServerForEndpointID(endpointId, this.conn.getTarget());
        } else {
            XIORegistry.putEndpointsForEndpointID(endpointId, endpointsList);
        }
        this.hsState = STATE.DONE;
    }
}
