package org.bouncycastle.tls.test;

import java.io.IOException;
import java.io.PrintStream;
import java.util.Hashtable;
import org.bouncycastle.asn1.x509.Certificate;
import org.bouncycastle.tls.AlertDescription;
import org.bouncycastle.tls.AlertLevel;
import org.bouncycastle.tls.BasicTlsPSKIdentity;
import org.bouncycastle.tls.PSKTlsClient;
import org.bouncycastle.tls.ProtocolName;
import org.bouncycastle.tls.ProtocolVersion;
import org.bouncycastle.tls.ServerOnlyTlsAuthentication;
import org.bouncycastle.tls.TlsAuthentication;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.TlsPSKIdentity;
import org.bouncycastle.tls.TlsServerCertificate;
import org.bouncycastle.tls.TlsSession;
import org.bouncycastle.tls.TlsUtils;
import org.bouncycastle.tls.crypto.TlsCertificate;
import org.bouncycastle.tls.crypto.impl.bc.BcTlsCrypto;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.Strings;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: input_file:org/bouncycastle/tls/test/MockPSKDTLSClient.class */
class MockPSKDTLSClient extends PSKTlsClient {
    TlsSession session;

    /* JADX INFO: Access modifiers changed from: package-private */
    public MockPSKDTLSClient(TlsSession tlsSession) {
        this(tlsSession, new BasicTlsPSKIdentity("client", Strings.toUTF8ByteArray("TLS_TEST_PSK")));
    }

    MockPSKDTLSClient(TlsSession tlsSession, TlsPSKIdentity tlsPSKIdentity) {
        super(new BcTlsCrypto(), tlsPSKIdentity);
        this.session = tlsSession;
    }

    public TlsSession getSessionToResume() {
        return this.session;
    }

    public void notifyAlertRaised(short s, short s2, String str, Throwable th) {
        PrintStream printStream = s == 2 ? System.err : System.out;
        printStream.println("DTLS-PSK client raised alert: " + AlertLevel.getText(s) + ", " + AlertDescription.getText(s2));
        if (str != null) {
            printStream.println("> " + str);
        }
        if (th != null) {
            th.printStackTrace(printStream);
        }
    }

    public void notifyAlertReceived(short s, short s2) {
        (s == 2 ? System.err : System.out).println("DTLS-PSK client received alert: " + AlertLevel.getText(s) + ", " + AlertDescription.getText(s2));
    }

    public void notifyServerVersion(ProtocolVersion protocolVersion) throws IOException {
        super.notifyServerVersion(protocolVersion);
        System.out.println("DTLS-PSK client negotiated " + protocolVersion);
    }

    public TlsAuthentication getAuthentication() throws IOException {
        return new ServerOnlyTlsAuthentication() { // from class: org.bouncycastle.tls.test.MockPSKDTLSClient.1
            public void notifyServerCertificate(TlsServerCertificate tlsServerCertificate) throws IOException {
                TlsCertificate[] certificateList = tlsServerCertificate.getCertificate().getCertificateList();
                System.out.println("DTLS-PSK client received server certificate chain of length " + certificateList.length);
                for (int i = 0; i != certificateList.length; i++) {
                    Certificate certificate = Certificate.getInstance(certificateList[i].getEncoded());
                    System.out.println("    fingerprint:SHA-256 " + TlsTestUtils.fingerprint(certificate) + " (" + certificate.getSubject() + ")");
                }
                if (tlsServerCertificate == null || tlsServerCertificate.getCertificate() == null || tlsServerCertificate.getCertificate().isEmpty()) {
                    throw new TlsFatalAlert((short) 42);
                }
                TlsCertificate[] trustedCertPath = TlsTestUtils.getTrustedCertPath(MockPSKDTLSClient.this.context.getCrypto(), certificateList[0], new String[]{"x509-server-rsa-enc.pem"});
                if (null == trustedCertPath) {
                    throw new TlsFatalAlert((short) 42);
                }
                TlsUtils.checkPeerSigAlgs(MockPSKDTLSClient.this.context, trustedCertPath);
            }
        };
    }

    public void notifyHandshakeComplete() throws IOException {
        super.notifyHandshakeComplete();
        ProtocolName applicationProtocol = this.context.getSecurityParametersConnection().getApplicationProtocol();
        if (applicationProtocol != null) {
            System.out.println("Client ALPN: " + applicationProtocol.getUtf8Decoding());
        }
        TlsSession session = this.context.getSession();
        if (session != null) {
            if (session.isResumable()) {
                byte[] sessionID = session.getSessionID();
                String hex = hex(sessionID);
                if (this.session == null || !Arrays.areEqual(this.session.getSessionID(), sessionID)) {
                    System.out.println("Client established session: " + hex);
                } else {
                    System.out.println("Client resumed session: " + hex);
                }
                this.session = session;
            }
            byte[] exportChannelBinding = this.context.exportChannelBinding(0);
            if (null != exportChannelBinding) {
                System.out.println("Client 'tls-server-end-point': " + hex(exportChannelBinding));
            }
            System.out.println("Client 'tls-unique': " + hex(this.context.exportChannelBinding(1)));
        }
    }

    public Hashtable getClientExtensions() throws IOException {
        if (this.context.getSecurityParametersHandshake().getClientRandom() == null) {
            throw new TlsFatalAlert((short) 80);
        }
        return super.getClientExtensions();
    }

    public void processServerExtensions(Hashtable hashtable) throws IOException {
        if (this.context.getSecurityParametersHandshake().getServerRandom() == null) {
            throw new TlsFatalAlert((short) 80);
        }
        super.processServerExtensions(hashtable);
    }

    protected String hex(byte[] bArr) {
        return bArr == null ? "(null)" : Hex.toHexString(bArr);
    }

    protected ProtocolVersion[] getSupportedVersions() {
        return ProtocolVersion.DTLSv12.only();
    }
}
