package com.sap.db.jdbc;

import com.sap.db.annotations.GuardedBy;
import com.sap.db.annotations.NotThreadSafe;
import com.sap.db.jdbc.Session;
import com.sap.db.jdbc.exceptions.RTEException;
import com.sap.db.jdbc.exceptions.SQLExceptionSapDB;
import com.sap.db.jdbc.packet.HPart;
import com.sap.db.jdbc.packet.InfoRequest;
import com.sap.db.util.Base64Utils;
import com.sap.db.util.BufferUtils;
import com.sap.db.util.MessageKey;
import com.sap.db.util.MessageTranslator;
import com.sap.db.util.RsaOaep;
import com.sap.db.util.SSLUtils;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.TreeMap;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SNIHostName;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import javax.security.cert.X509Certificate;

@NotThreadSafe
/* loaded from: input_file:com/sap/db/jdbc/SecureSession.class */
public abstract class SecureSession extends Session {
    private static final int MAX_SSL_RETRY_COUNT = 500;
    private final boolean _validateCertificate;
    private final String _hostNameInCertificate;
    private final String _keyStore;
    private final String _keyStoreType;
    private final String _keyStorePasswd;
    private final String _sslKeyStore;
    private final String _trustStore;
    private final String _trustStoreType;
    private final String _trustStorePasswd;
    private final String _sslTrustStore;
    private final String _sniHostname;
    private final boolean _sslSniRequest;
    private final String _sslMinProtocolVersion;
    private final String _sslMaxProtocolVersion;
    private final X509Certificate[] _peerCertificateChain;
    private final Certificate[] _peerCertificates;

    @GuardedBy("Socket._socketLock")
    private SSLEngine _sslEngine;

    @GuardedBy("Socket._socketLock")
    private SSLSession _sslSession;

    @GuardedBy("Socket._socketLock")
    private SSLEngine _detachSslEngine;

    @GuardedBy("Socket._socketLock")
    private SSLSession _detachSslSession;

    @GuardedBy("Socket._socketLock")
    private ByteBuffer _sendBuffer;

    @GuardedBy("Socket._socketLock")
    private ByteBuffer _receiveBuffer;

    @GuardedBy("Socket._socketLock")
    private ByteBuffer _applicationBuffer;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.sap.db.jdbc.SecureSession$2, reason: invalid class name */
    /* loaded from: input_file:com/sap/db/jdbc/SecureSession$2.class */
    public static /* synthetic */ class AnonymousClass2 {
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$Status;
        static final /* synthetic */ int[] $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus = new int[SSLEngineResult.HandshakeStatus.values().length];

        static {
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.FINISHED.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_WRAP.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_UNWRAP.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[SSLEngineResult.HandshakeStatus.NEED_TASK.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            $SwitchMap$javax$net$ssl$SSLEngineResult$Status = new int[SSLEngineResult.Status.values().length];
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.OK.ordinal()] = 1;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.BUFFER_UNDERFLOW.ordinal()] = 2;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.BUFFER_OVERFLOW.ordinal()] = 3;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$javax$net$ssl$SSLEngineResult$Status[SSLEngineResult.Status.CLOSED.ordinal()] = 4;
            } catch (NoSuchFieldError e9) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecureSession(ConnectionSapDB connectionSapDB, Address address) throws RTEException {
        super(connectionSapDB, address);
        this._validateCertificate = this._connectionProperties.getBooleanProperty(ConnectionProperty.VALIDATE_CERTIFICATE);
        this._hostNameInCertificate = this._connectionProperties.getProperty(ConnectionProperty.HOST_NAME_IN_CERTIFICATE);
        this._keyStore = this._connectionProperties.getProperty(ConnectionProperty.KEY_STORE);
        this._keyStoreType = this._connectionProperties.getProperty(ConnectionProperty.KEY_STORE_TYPE);
        this._keyStorePasswd = this._connectionProperties.getProperty(ConnectionProperty.KEY_STORE_PASSWD);
        this._sslKeyStore = this._connectionProperties.getProperty(ConnectionProperty.SSL_KEY_STORE);
        this._trustStore = this._connectionProperties.getProperty(ConnectionProperty.TRUST_STORE);
        this._trustStoreType = this._connectionProperties.getProperty(ConnectionProperty.TRUST_STORE_TYPE);
        this._trustStorePasswd = this._connectionProperties.getProperty(ConnectionProperty.TRUST_STORE_PASSWD);
        this._sslTrustStore = this._connectionProperties.getProperty(ConnectionProperty.SSL_TRUST_STORE);
        this._sniHostname = this._connectionProperties.getProperty(ConnectionProperty.SNI_HOSTNAME);
        this._sslSniRequest = this._connectionProperties.getBooleanProperty(ConnectionProperty.SSL_SNI_REQUEST);
        this._sslMinProtocolVersion = this._connectionProperties.getProperty(ConnectionProperty.SSL_MIN_PROTOCOL_VERSION);
        this._sslMaxProtocolVersion = this._connectionProperties.getProperty(ConnectionProperty.SSL_MAX_PROTOCOL_VERSION);
        Object[] _sslInit = _sslInit();
        if (Driver.getJavaVersion() <= 14) {
            this._peerCertificateChain = (X509Certificate[]) _sslInit;
            this._peerCertificates = null;
        } else {
            this._peerCertificateChain = null;
            this._peerCertificates = (Certificate[]) _sslInit;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sap.db.jdbc.Session
    public X509Certificate[] _getPeerCertificateChain() {
        return this._peerCertificateChain;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sap.db.jdbc.Session
    public Certificate[] _getPeerCertificates() {
        return this._peerCertificates;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sap.db.jdbc.Session
    public void _detachSocketOrChannelObject() {
        super._detachSocketOrChannelObject();
        this._detachSslEngine = null;
        this._detachSslSession = null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sap.db.jdbc.Session
    public void _saveSocketOrChannelObject() {
        super._saveSocketOrChannelObject();
        this._detachSslEngine = this._sslEngine;
        this._detachSslSession = this._sslSession;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sap.db.jdbc.Session
    public void _restoreSocketOrChannelObject() {
        super._restoreSocketOrChannelObject();
        this._sslEngine = this._detachSslEngine;
        this._sslSession = this._detachSslSession;
    }

    protected static int _convertSslProtocolVersionConnectionPropertyToTlsVersion(String str, boolean z) {
        int i = z ? HPart.MAX_ARGUMENT_COUNT : 0;
        if (str == null || str.isEmpty()) {
            return i;
        }
        if (str.equalsIgnoreCase("max") || str.equalsIgnoreCase("maximum") || str.equalsIgnoreCase("high") || str.equalsIgnoreCase("highest")) {
            return HPart.MAX_ARGUMENT_COUNT;
        }
        if (str.length() != 5 || !str.regionMatches(true, 0, "tls", 0, 3)) {
            return i;
        }
        try {
            return Integer.parseInt(str.substring(3));
        } catch (NumberFormatException e) {
            return i;
        }
    }

    protected static int _convertSupportedProtocolToTlsVersion(String str) {
        int numericValue;
        if (str == null || str.isEmpty()) {
            return -1;
        }
        if (!str.startsWith("TLSv")) {
            return -1;
        }
        switch (str.length()) {
            case 5:
                char charAt = str.charAt(4);
                if (charAt >= '0' && charAt <= '9') {
                    numericValue = Character.getNumericValue((int) charAt) * 10;
                    break;
                } else {
                    return -1;
                }
            case InfoRequest.MajorProtocolVersion_O /* 7 */:
                char charAt2 = str.charAt(4);
                char charAt3 = str.charAt(6);
                if (charAt2 >= '0' && charAt2 <= '9' && charAt3 >= '0' && charAt3 <= '9') {
                    numericValue = (Character.getNumericValue((int) charAt2) * 10) + Character.getNumericValue((int) charAt3);
                    break;
                } else {
                    return -1;
                }
            default:
                return -1;
        }
        return numericValue;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v29, types: [java.util.List] */
    /* JADX WARN: Type inference failed for: r0v31, types: [java.util.List] */
    /* JADX WARN: Type inference failed for: r0v36, types: [java.util.List] */
    protected static List<String> _getEnabledProtocols(String[] strArr, int i, int i2) {
        ArrayList arrayList;
        TreeMap treeMap = new TreeMap();
        for (String str : strArr) {
            int _convertSupportedProtocolToTlsVersion = _convertSupportedProtocolToTlsVersion(str);
            if (_convertSupportedProtocolToTlsVersion != -1) {
                treeMap.put(Integer.valueOf(_convertSupportedProtocolToTlsVersion), str);
            }
        }
        if (i != Integer.MAX_VALUE) {
            arrayList = new ArrayList();
            for (Map.Entry entry : treeMap.entrySet()) {
                int intValue = ((Integer) entry.getKey()).intValue();
                if (intValue >= i && intValue <= i2) {
                    arrayList.add((String) entry.getValue());
                }
            }
        } else if (i2 == Integer.MAX_VALUE) {
            arrayList = Collections.singletonList((String) treeMap.lastEntry().getValue());
        } else {
            String str2 = (String) treeMap.get(Integer.valueOf(i2));
            arrayList = str2 != null ? Collections.singletonList(str2) : Collections.emptyList();
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sap.db.jdbc.Session
    public void _attach(ConnectionSapDB connectionSapDB) throws RTEException {
        super._attach(connectionSapDB);
        _sslInit();
    }

    private Object[] _sslInit() throws RTEException {
        X509Certificate[] x509CertificateArr = null;
        Certificate[] certificateArr = null;
        String host = this._address.get().getHost();
        KeyManager[] keyManagerArr = null;
        TrustManager[] trustManagerArr = null;
        SSLContext sSLContext = null;
        try {
            if (!this._validateCertificate) {
                keyManagerArr = null;
                trustManagerArr = new TrustManager[]{new X509TrustManager() { // from class: com.sap.db.jdbc.SecureSession.1
                    @Override // javax.net.ssl.X509TrustManager
                    public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                        return null;
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public void checkClientTrusted(java.security.cert.X509Certificate[] x509CertificateArr2, String str) {
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public void checkServerTrusted(java.security.cert.X509Certificate[] x509CertificateArr2, String str) {
                    }
                }};
            } else if (_isSystemDefaultUsed()) {
                sSLContext = SSLContext.getDefault();
            } else {
                KeyManagerFactory _getKeyManagerFactory = _getKeyManagerFactory(host);
                TrustManagerFactory _getTrustManagerFactory = _getTrustManagerFactory(host);
                keyManagerArr = _getKeyManagerFactory != null ? _getKeyManagerFactory.getKeyManagers() : null;
                trustManagerArr = _getTrustManagerFactory != null ? _getTrustManagerFactory.getTrustManagers() : null;
            }
            if (sSLContext == null) {
                sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(keyManagerArr, trustManagerArr, new SecureRandom());
            }
            this._sslEngine = sSLContext.createSSLEngine();
            this._sslEngine.setUseClientMode(true);
            this._sslEngine.setEnabledProtocols((String[]) _getEnabledProtocols(this._sslEngine.getSupportedProtocols(), _convertSslProtocolVersionConnectionPropertyToTlsVersion(this._sslMinProtocolVersion, false), _convertSslProtocolVersionConnectionPropertyToTlsVersion(this._sslMaxProtocolVersion, true)).toArray(new String[0]));
            if (this._sslSniRequest) {
                SNIHostName sNIHostName = new SNIHostName(this._sniHostname != null ? this._sniHostname : host);
                SSLParameters sSLParameters = this._sslEngine.getSSLParameters();
                sSLParameters.setServerNames(Collections.singletonList(sNIHostName));
                this._sslEngine.setSSLParameters(sSLParameters);
            }
            _doHandshake();
            this._sslSession = this._sslEngine.getSession();
            int packetBufferSize = this._sslSession.getPacketBufferSize();
            int applicationBufferSize = this._sslSession.getApplicationBufferSize();
            this._sendBuffer = ByteBuffer.allocate(packetBufferSize);
            this._receiveBuffer = ByteBuffer.allocate(packetBufferSize);
            this._applicationBuffer = ByteBuffer.allocate(applicationBufferSize);
            BufferUtils.flip(this._applicationBuffer);
            try {
                certificateArr = this._sslSession.getPeerCertificates();
                if (Driver.getJavaVersion() <= 14) {
                    x509CertificateArr = this._sslSession.getPeerCertificateChain();
                }
            } catch (SSLPeerUnverifiedException e) {
                certificateArr = new Certificate[0];
            }
            _validateHostName(certificateArr, host);
        } catch (RTEException e2) {
            _throwRTEException(e2);
        } catch (KeyManagementException e3) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, host, e3.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e3, MessageKey.ERROR_SSL_KEYMANAGEMENTEXCEPTION, e3.getMessage()));
        } catch (NoSuchAlgorithmException e4) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, host, e4.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e4, MessageKey.ERROR_SSL_NOSUCHALGORITHM, e4.getMessage()));
        }
        return Driver.getJavaVersion() <= 14 ? x509CertificateArr : certificateArr;
    }

    private boolean _isSystemDefaultUsed() {
        return this._keyStore == null && this._keyStoreType == null && this._keyStorePasswd == null && this._sslKeyStore == null && this._trustStore == null && this._trustStorePasswd == null && this._trustStoreType == null && this._sslTrustStore == null;
    }

    /* JADX WARN: Finally extract failed */
    private KeyManagerFactory _getKeyManagerFactory(String str) throws RTEException {
        String defaultAlgorithm;
        String _getKeyStoreType;
        char[] charArray;
        String _getKeyStoreFileName = _getKeyStoreFileName();
        if (this._sslKeyStore == null && _getKeyStoreFileName == null) {
            return null;
        }
        KeyManagerFactory keyManagerFactory = null;
        java.security.KeyStore keyStore = null;
        if (this._sslKeyStore != null) {
            defaultAlgorithm = "SunX509";
            _getKeyStoreType = "JKS";
            charArray = "".toCharArray();
        } else {
            defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
            _getKeyStoreType = _getKeyStoreType();
            charArray = _getKeyStorePasswd().toCharArray();
        }
        try {
            keyManagerFactory = KeyManagerFactory.getInstance(defaultAlgorithm);
        } catch (NoSuchAlgorithmException e) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, e.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e, MessageKey.ERROR_SSL_KEYMANAGERFACTORYNODEFAULT, e.getMessage()));
        }
        try {
            keyStore = java.security.KeyStore.getInstance(_getKeyStoreType);
        } catch (KeyStoreException e2) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, e2.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e2, MessageKey.ERROR_SSL_KEYSTORE_CREATE, _getKeyStoreType, e2.getMessage()));
        }
        try {
            if (this._sslKeyStore != null) {
                keyStore.load(null);
                List<Certificate> _createCertificatesFromPEM = _createCertificatesFromPEM(this._sslKeyStore);
                List<PrivateKey> _createPrivateKeysFromPEM = _createPrivateKeysFromPEM(this._sslKeyStore);
                if (!_createPrivateKeysFromPEM.isEmpty()) {
                    keyStore.setKeyEntry("key-alias", _createPrivateKeysFromPEM.get(0), charArray, (Certificate[]) _createCertificatesFromPEM.toArray(new Certificate[0]));
                }
            } else {
                FileInputStream fileInputStream = null;
                try {
                    try {
                        fileInputStream = new FileInputStream(_getKeyStoreFileName);
                        keyStore.load(fileInputStream, charArray);
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                            } catch (IOException e3) {
                            }
                        }
                    } catch (Throwable th) {
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                            } catch (IOException e4) {
                            }
                        }
                        throw th;
                    }
                } catch (FileNotFoundException e5) {
                    _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, e5.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e5, MessageKey.ERROR_SSL_KEYSTORE_FILENOTFOUND, e5.getMessage()));
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException e6) {
                        }
                    }
                }
            }
        } catch (IOException e7) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, e7.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e7, MessageKey.ERROR_SSL_KEYSTORELOADFAILED_IOEXCEPTION, e7.getMessage()));
        } catch (KeyStoreException e8) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, "Key manager initialization failed: " + e8.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, e8);
        } catch (NoSuchAlgorithmException e9) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, e9.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e9, MessageKey.ERROR_SSL_KEYSTORELOADFAILED_NOSUCHALGORITHM, e9.getMessage()));
        } catch (CertificateException e10) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, e10.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e10, MessageKey.ERROR_SSL_KEYSTORELOADFAILED_CERTIFICATE, e10.getMessage()));
        } catch (InvalidKeySpecException e11) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, e11.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e11, MessageKey.ERROR_SSL_TRUSTSTORELOADFAILED_INVALIDKEYSPEC, e11.getMessage()));
        }
        try {
            keyManagerFactory.init(keyStore, charArray);
        } catch (KeyStoreException e12) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, "Key manager initialization failed: " + e12.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, e12);
        } catch (NoSuchAlgorithmException e13) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, e13.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e13, MessageKey.ERROR_SSL_KEYMANAGERFACTORY_NOSUCHALGORITHM, e13.getMessage()));
        } catch (UnrecoverableKeyException e14) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, e14.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e14, MessageKey.ERROR_SSL_KEYMANAGERFACTORY_UNRECOVERABLEKEY, e14.getMessage()));
        }
        return keyManagerFactory;
    }

    /* JADX WARN: Finally extract failed */
    private TrustManagerFactory _getTrustManagerFactory(String str) throws RTEException {
        String defaultAlgorithm;
        String _getTrustStoreType;
        char[] charArray;
        String _getTrustStoreFileName = _getTrustStoreFileName();
        if (this._sslTrustStore == null && _getTrustStoreFileName == null) {
            return null;
        }
        TrustManagerFactory trustManagerFactory = null;
        java.security.KeyStore keyStore = null;
        if (this._sslTrustStore != null) {
            defaultAlgorithm = "SunX509";
            _getTrustStoreType = "JKS";
            charArray = null;
        } else {
            defaultAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
            _getTrustStoreType = _getTrustStoreType();
            String _getTrustStorePasswd = _getTrustStorePasswd();
            charArray = _getTrustStorePasswd != null ? _getTrustStorePasswd.toCharArray() : null;
        }
        try {
            trustManagerFactory = TrustManagerFactory.getInstance(defaultAlgorithm);
        } catch (NoSuchAlgorithmException e) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, e.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e, MessageKey.ERROR_SSL_TRUSTMANAGERFACTORYNODEFAULT, e.getMessage()));
        }
        try {
            keyStore = java.security.KeyStore.getInstance(_getTrustStoreType);
        } catch (KeyStoreException e2) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, e2.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e2, MessageKey.ERROR_SSL_TRUSTSTORE_CREATE, _getTrustStoreType, e2.getMessage()));
        }
        try {
            if (this._sslTrustStore != null) {
                keyStore.load(null);
                List<Certificate> _createCertificatesFromPEM = _createCertificatesFromPEM(this._sslTrustStore);
                int size = _createCertificatesFromPEM.size();
                for (int i = 0; i < size; i++) {
                    keyStore.setCertificateEntry("cert-alias-" + i, _createCertificatesFromPEM.get(i));
                }
            } else {
                FileInputStream fileInputStream = null;
                try {
                    try {
                        fileInputStream = new FileInputStream(_getTrustStoreFileName);
                        keyStore.load(fileInputStream, charArray);
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                            } catch (IOException e3) {
                            }
                        }
                    } catch (Throwable th) {
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                            } catch (IOException e4) {
                            }
                        }
                        throw th;
                    }
                } catch (FileNotFoundException e5) {
                    _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, e5.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e5, MessageKey.ERROR_SSL_TRUSTSTORE_FILENOTFOUND, e5.getMessage()));
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException e6) {
                        }
                    }
                }
            }
        } catch (IOException e7) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, e7.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e7, MessageKey.ERROR_SSL_TRUSTSTORELOADFAILED_IOEXCEPTION, e7.getMessage()));
        } catch (KeyStoreException e8) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, e8.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e8, MessageKey.ERROR_SSL_TRUSTMANAGERFACTORY_KEYSTORE, e8.getMessage()));
        } catch (NoSuchAlgorithmException e9) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, e9.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e9, MessageKey.ERROR_SSL_TRUSTSTORELOADFAILED_NOSUCHALGORITHM, e9.getMessage()));
        } catch (CertificateException e10) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, e10.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e10, MessageKey.ERROR_SSL_TRUSTSTORELOADFAILED_CERTIFICATE, e10.getMessage()));
        }
        try {
            trustManagerFactory.init(keyStore);
        } catch (KeyStoreException e11) {
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, e11.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, SQLExceptionSapDB.newInstance(e11, MessageKey.ERROR_SSL_TRUSTMANAGERFACTORY_KEYSTORE, e11.getMessage()));
        }
        return trustManagerFactory;
    }

    private String _getKeyStoreFileName() {
        return this._keyStore != null ? this._keyStore : System.getProperty("javax.net.ssl.keyStore");
    }

    private String _getKeyStoreType() {
        return this._keyStoreType != null ? this._keyStoreType : "JKS";
    }

    private String _getKeyStorePasswd() {
        if (this._keyStorePasswd != null) {
            return this._keyStorePasswd;
        }
        String property = System.getProperty("javax.net.ssl.keyStorePassword");
        return property != null ? property : "";
    }

    private String _getTrustStoreFileName() {
        return this._trustStore != null ? this._trustStore : System.getProperty("javax.net.ssl.trustStore");
    }

    private String _getTrustStoreType() {
        return this._trustStoreType != null ? this._trustStoreType : "JKS";
    }

    private String _getTrustStorePasswd() {
        return this._trustStorePasswd != null ? this._trustStorePasswd : System.getProperty("javax.net.ssl.trustStorePassword");
    }

    private void _validateHostName(Certificate[] certificateArr, String str) throws RTEException {
        HostnameVerifier hostnameVerifier;
        if ("*".equals(this._hostNameInCertificate) || !this._validateCertificate) {
            return;
        }
        if (certificateArr.length == 0) {
            SQLException newInstance = SQLExceptionSapDB.newInstance(MessageKey.ERROR_SSL_NO_CERTIFICATE_FOUND, new String[0]);
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, newInstance.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, newInstance);
        }
        try {
            java.security.cert.X509Certificate x509Certificate = (java.security.cert.X509Certificate) certificateArr[0];
            String name = x509Certificate.getSubjectX500Principal().getName("RFC2253");
            if (!SSLUtils.validateHostName(name, x509Certificate.getSubjectAlternativeNames(), this._hostNameInCertificate == null ? str : this._hostNameInCertificate) && ((hostnameVerifier = Driver.getHostnameVerifier()) == null || !hostnameVerifier.verify(str, this._sslSession))) {
                String[] strArr = new String[2];
                strArr[0] = name;
                strArr[1] = this._hostNameInCertificate == null ? str : this._hostNameInCertificate;
                SQLException newInstance2 = SQLExceptionSapDB.newInstance(MessageKey.ERROR_SSL_HOSTNAMEVERIFICATION_FAILED, strArr);
                _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, newInstance2.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, newInstance2);
            }
        } catch (ClassCastException | CertificateParsingException e) {
            SQLException newInstance3 = SQLExceptionSapDB.newInstance(e, MessageKey.ERROR_SSL_NOX509CERTIFICATE, new String[0]);
            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, str, newInstance3.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSTART_REQUIRED, newInstance3);
        }
    }

    private static List<Certificate> _createCertificatesFromPEM(String str) throws CertificateException {
        ArrayList arrayList = new ArrayList();
        List<byte[]> decodeCertificates = Base64Utils.decodeCertificates(str);
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        Iterator<byte[]> it = decodeCertificates.iterator();
        while (it.hasNext()) {
            arrayList.add(certificateFactory.generateCertificate(new ByteArrayInputStream(it.next())));
        }
        return arrayList;
    }

    private static List<PrivateKey> _createPrivateKeysFromPEM(String str) throws NoSuchAlgorithmException, InvalidKeySpecException {
        ArrayList arrayList = new ArrayList();
        List<byte[]> decodePrivateKeys = Base64Utils.decodePrivateKeys(str);
        KeyFactory keyFactory = KeyFactory.getInstance(RsaOaep.JAVA_ALGORITHM_NAME);
        Iterator<byte[]> it = decodePrivateKeys.iterator();
        while (it.hasNext()) {
            arrayList.add(keyFactory.generatePrivate(new PKCS8EncodedKeySpec(it.next())));
        }
        return arrayList;
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:36:0x027d. Please report as an issue. */
    private void _doHandshake() throws RTEException {
        boolean on = this._tracer.on();
        SSLEngineResult.HandshakeStatus handshakeStatus = this._sslEngine.getHandshakeStatus();
        int i = 0;
        try {
            if (on) {
                try {
                    try {
                        this._tracer.printSSLMessage("SSL handshake: begin: " + handshakeStatus);
                    } catch (SSLException e) {
                        _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, this._address.toString(), e.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSERVER_OR_DB_UNKNOWN, RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode(), e.getMessage().contains("Received fatal alert: internal_error") ? SQLExceptionSapDB.newInstance(e, MessageKey.ERROR_SSL_NOSSLSUPPORT, e.getMessage()) : SQLExceptionSapDB.newInstance(e, MessageKey.ERROR_SSL_HANDSHAKE, e.getMessage()));
                        if (on) {
                            this._tracer.printSSLMessage("SSL handshake: end: " + handshakeStatus + " u=0");
                            return;
                        }
                        return;
                    }
                } catch (SSLHandshakeException e2) {
                    _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_HOST_CONNECT, this._address.toString(), e2.getMessage(), Integer.valueOf(RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode())), RteReturnCode.SQLSERVER_OR_DB_UNKNOWN, RteReturnCode.SQLSTART_REQUIRED.getCommunicationErrorCode(), e2.getMessage().contains("PKIX path building failed") ? SQLExceptionSapDB.newInstance(e2, MessageKey.ERROR_SSL_CERTIFICATEPATH, e2.getMessage()) : SQLExceptionSapDB.newInstance(e2, MessageKey.ERROR_SSL_HANDSHAKE, e2.getMessage()));
                    if (on) {
                        this._tracer.printSSLMessage("SSL handshake: end: " + handshakeStatus + " u=0");
                        return;
                    }
                    return;
                }
            }
            this._sslEngine.beginHandshake();
            SSLEngineResult.HandshakeStatus handshakeStatus2 = this._sslEngine.getHandshakeStatus();
            if (on) {
                this._tracer.printSSLMessage("\tbeginHandshake: " + handshakeStatus2);
            }
            SSLSession session = this._sslEngine.getSession();
            int packetBufferSize = session.getPacketBufferSize();
            int applicationBufferSize = session.getApplicationBufferSize();
            ByteBuffer allocate = ByteBuffer.allocate(packetBufferSize);
            ByteBuffer allocate2 = ByteBuffer.allocate(packetBufferSize);
            BufferUtils.flip(allocate2);
            ByteBuffer allocate3 = ByteBuffer.allocate(applicationBufferSize);
            while (true) {
                switch (AnonymousClass2.$SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[handshakeStatus2.ordinal()]) {
                    case 1:
                    case 2:
                        if (on) {
                            this._tracer.printSSLMessage("SSL handshake: end: " + handshakeStatus2 + " u=" + i);
                            return;
                        }
                        return;
                    case 3:
                        SSLEngineResult wrap = this._sslEngine.wrap(allocate3, allocate);
                        handshakeStatus2 = wrap.getHandshakeStatus();
                        if (on) {
                            this._tracer.printSSLMessage("\twrap: " + wrap.toString().replace('\n', ' '));
                        }
                        switch (AnonymousClass2.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[wrap.getStatus().ordinal()]) {
                            case 1:
                                break;
                            case 2:
                                throw new SSLException("Unexpected buffer underflow");
                            case 3:
                                throw new SSLException("Unexpected buffer overflow");
                            case 4:
                                if (on) {
                                    this._tracer.printSSLMessage("Unexpected closed status");
                                }
                                _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_OBJECTISCLOSED, toString()), RteReturnCode.SQLSEND_LINE_DOWN);
                                break;
                            default:
                                throw new SSLException("Unknown result status: " + wrap.getStatus());
                        }
                        BufferUtils.flip(allocate);
                        if (on) {
                            this._tracer.printSSLPacket("SSL send", allocate.array(), 0, allocate.limit());
                        }
                        _writeBytes(allocate.array(), allocate.limit(), Session.SendType.DEFAULT);
                        BufferUtils.clear(allocate);
                        break;
                    case 4:
                        if (allocate2.remaining() == 0) {
                            BufferUtils.clear(allocate2);
                            int _readBytes = _readBytes(allocate2.array(), 0, allocate2.capacity(), false);
                            if (_readBytes == -1) {
                                _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_OBJECTISCLOSED, toString()), RteReturnCode.SQLRECEIVE_LINE_DOWN);
                            }
                            if (on) {
                                this._tracer.printSSLPacket("SSL receive", allocate2.array(), 0, _readBytes);
                            }
                            BufferUtils.position(allocate2, _readBytes);
                            BufferUtils.flip(allocate2);
                        }
                        for (int i2 = 0; i2 < MAX_SSL_RETRY_COUNT; i2++) {
                            SSLEngineResult unwrap = this._sslEngine.unwrap(allocate2, allocate3);
                            handshakeStatus2 = unwrap.getHandshakeStatus();
                            if (on) {
                                this._tracer.printSSLMessage("\tunwrap: " + unwrap.toString().replace('\n', ' '));
                            }
                            switch (AnonymousClass2.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[unwrap.getStatus().ordinal()]) {
                                case 1:
                                    break;
                                case 2:
                                    if (on) {
                                        i++;
                                    }
                                    allocate2.compact();
                                    int _readBytes2 = _readBytes(allocate2.array(), allocate2.position(), allocate2.capacity() - allocate2.position(), false);
                                    if (_readBytes2 == -1) {
                                        _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_OBJECTISCLOSED, toString()), RteReturnCode.SQLRECEIVE_LINE_DOWN);
                                    }
                                    if (on) {
                                        this._tracer.printSSLPacket("SSL receive", allocate2.array(), allocate2.position(), _readBytes2);
                                    }
                                    BufferUtils.position(allocate2, allocate2.position() + _readBytes2);
                                    BufferUtils.flip(allocate2);
                                case 3:
                                    throw new SSLException("Unexpected buffer overflow");
                                case 4:
                                    if (on) {
                                        this._tracer.printSSLMessage("Unexpected closed status");
                                    }
                                    _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_OBJECTISCLOSED, toString()), RteReturnCode.SQLRECEIVE_LINE_DOWN);
                                default:
                                    throw new SSLException("Unknown result status: " + unwrap.getStatus());
                            }
                        }
                        break;
                    case 5:
                        this._sslEngine.getDelegatedTask().run();
                        handshakeStatus2 = this._sslEngine.getHandshakeStatus();
                        if (on) {
                            this._tracer.printSSLMessage("\ttask: " + handshakeStatus2);
                            break;
                        } else {
                            break;
                        }
                    default:
                        throw new SSLHandshakeException("Unknown handshake status: " + handshakeStatus2);
                }
            }
        } catch (Throwable th) {
            if (on) {
                this._tracer.printSSLMessage("SSL handshake: end: " + handshakeStatus + " u=0");
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void _encodeBytes(byte[] bArr, int i, Session.SendType sendType) throws RTEException {
        boolean on = this._tracer.on();
        SSLEngineResult.HandshakeStatus handshakeStatus = this._sslEngine.getHandshakeStatus();
        ByteBuffer wrap = ByteBuffer.wrap(bArr, 0, i);
        try {
            if (on) {
                try {
                    this._tracer.printSSLMessage("SSL send: begin: " + handshakeStatus);
                } catch (SSLException e) {
                    _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_WRAP_FAILED, e.getMessage()), RteReturnCode.SQLSEND_LINE_DOWN, e);
                    if (on) {
                        this._tracer.printSSLMessage("SSL send: end: " + handshakeStatus);
                        return;
                    }
                    return;
                }
            }
            BufferUtils.clear(this._sendBuffer);
            while (wrap.remaining() > 0) {
                switch (AnonymousClass2.$SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[handshakeStatus.ordinal()]) {
                    case 1:
                    case 2:
                    case 3:
                        SSLEngineResult wrap2 = this._sslEngine.wrap(wrap, this._sendBuffer);
                        handshakeStatus = wrap2.getHandshakeStatus();
                        if (on) {
                            this._tracer.printSSLMessage("\t" + wrap2.toString().replace('\n', ' '));
                        }
                        switch (AnonymousClass2.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[wrap2.getStatus().ordinal()]) {
                            case 1:
                                break;
                            case 2:
                                throw new SSLException("Unexpected buffer underflow");
                            case 3:
                                throw new SSLException("Unexpected buffer overflow");
                            case 4:
                                if (on) {
                                    this._tracer.printSSLMessage("Unexpected closed status");
                                }
                                _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_OBJECTISCLOSED, toString()), RteReturnCode.SQLSEND_LINE_DOWN);
                                break;
                            default:
                                throw new SSLException("Unknown result status: " + wrap2.getStatus());
                        }
                        BufferUtils.flip(this._sendBuffer);
                        if (on) {
                            this._tracer.printSSLPacket("SSL send", this._sendBuffer.array(), 0, this._sendBuffer.limit());
                        }
                        _writeBytes(this._sendBuffer.array(), this._sendBuffer.limit(), sendType);
                        BufferUtils.clear(this._sendBuffer);
                    case 4:
                    case 5:
                        throw new SSLHandshakeException("Unexpected handshake status: " + handshakeStatus);
                    default:
                        throw new SSLHandshakeException("Unknown handshake status: " + handshakeStatus);
                }
            }
            if (on) {
                this._tracer.printSSLMessage("SSL send: end: " + handshakeStatus);
            }
        } catch (Throwable th) {
            if (on) {
                this._tracer.printSSLMessage("SSL send: end: " + handshakeStatus);
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Failed to find 'out' block for switch in B:23:0x00ec. Please report as an issue. */
    /* JADX WARN: Failed to find 'out' block for switch in B:29:0x019c. Please report as an issue. */
    public int _decodeBytes(byte[] bArr, int i, int i2) throws RTEException {
        boolean on = this._tracer.on();
        SSLEngineResult.HandshakeStatus handshakeStatus = this._sslEngine.getHandshakeStatus();
        int i3 = i;
        int i4 = i2;
        int i5 = 0;
        int i6 = 0;
        try {
            if (on) {
                try {
                    this._tracer.printSSLMessage("SSL receive: begin: " + handshakeStatus);
                } catch (SSLException e) {
                    _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_UNWRAP_FAILED, e.getMessage()), RteReturnCode.SQLRECEIVE_LINE_DOWN, e);
                    if (on) {
                        this._tracer.printSSLMessage("SSL receive: end: " + handshakeStatus + " u=0 o=0");
                    }
                }
            }
            BufferUtils.clear(this._receiveBuffer);
            while (i4 > 0) {
                if (this._applicationBuffer.remaining() == 0) {
                    BufferUtils.clear(this._applicationBuffer);
                    BufferUtils.clear(this._receiveBuffer);
                    int _readBytes = _readBytes(this._receiveBuffer.array(), 0, this._receiveBuffer.capacity(), false);
                    if (_readBytes == -1) {
                        _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_OBJECTISCLOSED, toString()), RteReturnCode.SQLRECEIVE_LINE_DOWN);
                    }
                    if (on) {
                        this._tracer.printSSLPacket("SSL receive", this._receiveBuffer.array(), 0, _readBytes);
                    }
                    BufferUtils.position(this._receiveBuffer, _readBytes);
                    BufferUtils.flip(this._receiveBuffer);
                    while (this._receiveBuffer.remaining() > 0) {
                        for (int i7 = 0; i7 < MAX_SSL_RETRY_COUNT; i7++) {
                            SSLEngineResult.HandshakeStatus handshakeStatus2 = this._sslEngine.getHandshakeStatus();
                            switch (AnonymousClass2.$SwitchMap$javax$net$ssl$SSLEngineResult$HandshakeStatus[handshakeStatus2.ordinal()]) {
                                case 1:
                                case 2:
                                case 4:
                                    SSLEngineResult unwrap = this._sslEngine.unwrap(this._receiveBuffer, this._applicationBuffer);
                                    handshakeStatus = unwrap.getHandshakeStatus();
                                    if (on) {
                                        this._tracer.printSSLMessage("\t" + unwrap.toString().replace('\n', ' '));
                                    }
                                    switch (AnonymousClass2.$SwitchMap$javax$net$ssl$SSLEngineResult$Status[unwrap.getStatus().ordinal()]) {
                                        case 1:
                                            break;
                                        case 2:
                                            if (on) {
                                                i5++;
                                            }
                                            this._receiveBuffer.compact();
                                            int _readBytes2 = _readBytes(this._receiveBuffer.array(), this._receiveBuffer.position(), this._receiveBuffer.capacity() - this._receiveBuffer.position(), false);
                                            if (_readBytes2 == -1) {
                                                _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_OBJECTISCLOSED, toString()), RteReturnCode.SQLRECEIVE_LINE_DOWN);
                                            }
                                            if (on) {
                                                this._tracer.printSSLPacket("SSL receive", this._receiveBuffer.array(), this._receiveBuffer.position(), _readBytes2);
                                            }
                                            BufferUtils.position(this._receiveBuffer, this._receiveBuffer.position() + _readBytes2);
                                            BufferUtils.flip(this._receiveBuffer);
                                        case 3:
                                            if (on) {
                                                i6++;
                                            }
                                            BufferUtils.flip(this._applicationBuffer);
                                            ByteBuffer allocate = ByteBuffer.allocate(this._applicationBuffer.capacity() * 2);
                                            allocate.put(this._applicationBuffer);
                                            this._applicationBuffer = allocate;
                                        case 4:
                                            if (on) {
                                                this._tracer.printSSLMessage("Unexpected closed status");
                                            }
                                            _throwRTEException(MessageTranslator.translate(MessageKey.ERROR_OBJECTISCLOSED, toString()), RteReturnCode.SQLRECEIVE_LINE_DOWN);
                                        default:
                                            throw new SSLException("Unknown result status: " + unwrap.getStatus());
                                    }
                                    break;
                                case 3:
                                case 5:
                                    throw new SSLHandshakeException("Unexpected handshake status: " + handshakeStatus2);
                                default:
                                    throw new SSLHandshakeException("Unknown handshake status: " + handshakeStatus2);
                            }
                        }
                    }
                    BufferUtils.flip(this._applicationBuffer);
                }
                int min = Math.min(i4, this._applicationBuffer.remaining());
                this._applicationBuffer.get(bArr, i3, min);
                i3 += min;
                i4 -= min;
            }
            if (on) {
                this._tracer.printSSLMessage("SSL receive: end: " + handshakeStatus + " u=" + i5 + " o=" + i6);
            }
            return i2;
        } catch (Throwable th) {
            if (on) {
                this._tracer.printSSLMessage("SSL receive: end: " + handshakeStatus + " u=0 o=0");
            }
            throw th;
        }
    }
}
