package cn.com.bouncycastle.tls.test;

import cn.com.bouncycastle.tls.AlertDescription;
import cn.com.bouncycastle.tls.AlertLevel;
import cn.com.bouncycastle.tls.Certificate;
import cn.com.bouncycastle.tls.CertificateRequest;
import cn.com.bouncycastle.tls.DefaultTlsServer;
import cn.com.bouncycastle.tls.ProtocolVersion;
import cn.com.bouncycastle.tls.TlsCredentialedDecryptor;
import cn.com.bouncycastle.tls.TlsCredentialedSigner;
import cn.com.bouncycastle.tls.TlsFatalAlert;
import cn.com.bouncycastle.tls.TlsUtils1;
import cn.com.bouncycastle.tls.crypto.TlsCertificate;
import cn.com.bouncycastle.tls.crypto.impl.bc.BcTlsCrypto;
import java.io.IOException;
import java.io.PrintStream;
import java.security.SecureRandom;
import java.util.Vector;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: classes.dex */
public class MockTlsServer extends DefaultTlsServer {
    public MockTlsServer() {
        super(new BcTlsCrypto(new SecureRandom()));
    }

    @Override // cn.com.bouncycastle.tls.AbstractTlsServer, cn.com.bouncycastle.tls.TlsServer
    public CertificateRequest getCertificateRequest() throws IOException {
        short[] sArr = {1, 2, 64};
        Vector defaultSupportedSignatureAlgorithms = TlsUtils1.isSignatureAlgorithmsExtensionAllowed(this.serverVersion) ? TlsUtils1.getDefaultSupportedSignatureAlgorithms(this.context) : null;
        Vector vector = new Vector();
        vector.addElement(new X500Name("CN=BouncyCastle TLS Test CA"));
        return new CertificateRequest(sArr, defaultSupportedSignatureAlgorithms, vector);
    }

    @Override // cn.com.bouncycastle.tls.DefaultTlsServer
    public TlsCredentialedDecryptor getRSAEncryptionCredentials() throws IOException {
        return TlsTestUtils.loadEncryptionCredentials(this.context, new String[]{"x509-server-rsa-enc.pem", "x509-ca-rsa.pem"}, "x509-server-key-rsa-enc.pem");
    }

    @Override // cn.com.bouncycastle.tls.DefaultTlsServer
    public TlsCredentialedSigner getRSASignerCredentials() throws IOException {
        return TlsTestUtils.loadSignerCredentials(this.context, this.supportedSignatureAlgorithms, (short) 1, "x509-server-rsa-sign.pem", "x509-server-key-rsa-sign.pem");
    }

    @Override // cn.com.bouncycastle.tls.AbstractTlsServer, cn.com.bouncycastle.tls.TlsServer
    public ProtocolVersion getServerVersion() throws IOException {
        ProtocolVersion serverVersion = super.getServerVersion();
        System.out.println("TLS server negotiated " + serverVersion);
        return serverVersion;
    }

    @Override // cn.com.bouncycastle.tls.AbstractTlsPeer, cn.com.bouncycastle.tls.TlsPeer
    public void notifyAlertRaised(short s, short s2, String str, Throwable th) {
        PrintStream printStream = s == 2 ? System.err : System.out;
        printStream.println("TLS server raised alert: " + AlertLevel.getText(s) + ", " + AlertDescription.getText(s2));
        if (str != null) {
            printStream.println("> " + str);
        }
        if (th != null) {
            th.printStackTrace(printStream);
        }
    }

    @Override // cn.com.bouncycastle.tls.AbstractTlsPeer, cn.com.bouncycastle.tls.TlsPeer
    public void notifyAlertReceived(short s, short s2) {
        (s == 2 ? System.err : System.out).println("TLS server received alert: " + AlertLevel.getText(s) + ", " + AlertDescription.getText(s2));
    }

    @Override // cn.com.bouncycastle.tls.AbstractTlsServer, cn.com.bouncycastle.tls.TlsServer
    public void notifyClientCertificate(Certificate certificate) throws IOException {
        TlsCertificate[] certificateList = certificate.getCertificateList();
        System.out.println("TLS server received client certificate chain of length " + certificateList.length);
        for (int i2 = 0; i2 != certificateList.length; i2++) {
            org.bouncycastle.asn1.x509.Certificate certificate2 = org.bouncycastle.asn1.x509.Certificate.getInstance(certificateList[i2].getEncoded());
            System.out.println("    fingerprint:SHA-256 " + TlsTestUtils.fingerprint(certificate2) + " (" + certificate2.getSubject() + ")");
        }
        if (!(certificate == null || certificate.isEmpty()) && !TlsTestUtils.isCertificateOneOf(this.context.getCrypto(), certificateList[0], new String[]{"x509-client-dsa.pem", "x509-client-ecdsa.pem", "x509-client-rsa.pem"})) {
            throw new TlsFatalAlert((short) 42);
        }
    }

    @Override // cn.com.bouncycastle.tls.AbstractTlsPeer, cn.com.bouncycastle.tls.TlsPeer
    public void notifyHandshakeComplete() throws IOException {
        super.notifyHandshakeComplete();
        byte[] exportChannelBinding = this.context.exportChannelBinding(1);
        System.out.println("'tls-unique': " + Hex.toHexString(exportChannelBinding));
    }
}
