package org.bouncycastle.tls.test;

import java.io.IOException;
import java.io.PrintStream;
import java.math.BigInteger;
import java.security.SecureRandom;
import org.bouncycastle.crypto.agreement.srp.SRP6VerifierGenerator;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.tls.AlertDescription;
import org.bouncycastle.tls.AlertLevel;
import org.bouncycastle.tls.BasicTlsSRPIdentity;
import org.bouncycastle.tls.ProtocolVersion;
import org.bouncycastle.tls.SRPTlsServer;
import org.bouncycastle.tls.SimulatedTlsSRPIdentityManager;
import org.bouncycastle.tls.TlsContext;
import org.bouncycastle.tls.TlsCredentialedSigner;
import org.bouncycastle.tls.TlsSRPIdentity;
import org.bouncycastle.tls.TlsSRPIdentityManager;
import org.bouncycastle.tls.TlsSRPLoginParameters;
import org.bouncycastle.tls.crypto.SRP6Group;
import org.bouncycastle.tls.crypto.SRP6StandardGroups;
import org.bouncycastle.tls.crypto.TlsCrypto;
import org.bouncycastle.tls.crypto.TlsSRPConfig;
import org.bouncycastle.tls.crypto.impl.bc.BcTlsCrypto;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.Strings;

/* loaded from: input_file:org/bouncycastle/tls/test/MockSRPTlsServer.class */
class MockSRPTlsServer extends SRPTlsServer {
    static final SRP6Group TEST_GROUP = SRP6StandardGroups.rfc5054_1024;
    static final byte[] TEST_IDENTITY = Strings.toUTF8ByteArray("client");
    static final byte[] TEST_PASSWORD = Strings.toUTF8ByteArray("password");
    static final TlsSRPIdentity TEST_SRP_IDENTITY = new BasicTlsSRPIdentity(TEST_IDENTITY, TEST_PASSWORD);
    static final byte[] TEST_SALT = Strings.toUTF8ByteArray("salt");
    static final byte[] TEST_SEED_KEY = Strings.toUTF8ByteArray("seed_key");

    /* loaded from: input_file:org/bouncycastle/tls/test/MockSRPTlsServer$MyIdentityManager.class */
    static class MyIdentityManager implements TlsSRPIdentityManager {
        protected SimulatedTlsSRPIdentityManager unknownIdentityManager;

        MyIdentityManager(TlsCrypto tlsCrypto) throws IOException {
            this.unknownIdentityManager = SimulatedTlsSRPIdentityManager.getRFC5054Default(tlsCrypto, MockSRPTlsServer.TEST_GROUP, MockSRPTlsServer.TEST_SEED_KEY);
        }

        public TlsSRPLoginParameters getLoginParameters(byte[] bArr) {
            if (!Arrays.areEqual(MockSRPTlsServer.TEST_IDENTITY, bArr)) {
                return this.unknownIdentityManager.getLoginParameters(bArr);
            }
            SRP6VerifierGenerator sRP6VerifierGenerator = new SRP6VerifierGenerator();
            sRP6VerifierGenerator.init(MockSRPTlsServer.TEST_GROUP.getN(), MockSRPTlsServer.TEST_GROUP.getG(), new SHA1Digest());
            BigInteger generateVerifier = sRP6VerifierGenerator.generateVerifier(MockSRPTlsServer.TEST_SALT, bArr, MockSRPTlsServer.TEST_PASSWORD);
            TlsSRPConfig tlsSRPConfig = new TlsSRPConfig();
            tlsSRPConfig.setExplicitNG(new BigInteger[]{MockSRPTlsServer.TEST_GROUP.getN(), MockSRPTlsServer.TEST_GROUP.getG()});
            return new TlsSRPLoginParameters(bArr, tlsSRPConfig, generateVerifier, MockSRPTlsServer.TEST_SALT);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public MockSRPTlsServer() throws IOException {
        super(new BcTlsCrypto(new SecureRandom()), new MyIdentityManager(new BcTlsCrypto(new SecureRandom())));
    }

    public void notifyAlertRaised(short s, short s2, String str, Throwable th) {
        PrintStream printStream = s == 2 ? System.err : System.out;
        printStream.println(new StringBuffer().append("TLS-SRP server raised alert: ").append(AlertLevel.getText(s)).append(", ").append(AlertDescription.getText(s2)).toString());
        if (str != null) {
            printStream.println(new StringBuffer().append("> ").append(str).toString());
        }
        if (th != null) {
            th.printStackTrace(printStream);
        }
    }

    public void notifyAlertReceived(short s, short s2) {
        (s == 2 ? System.err : System.out).println(new StringBuffer().append("TLS-SRP server received alert: ").append(AlertLevel.getText(s)).append(", ").append(AlertDescription.getText(s2)).toString());
    }

    public void notifyHandshakeComplete() throws IOException {
        super.notifyHandshakeComplete();
        byte[] sRPIdentity = this.context.getSecurityParametersConnection().getSRPIdentity();
        if (sRPIdentity != null) {
            System.out.println(new StringBuffer().append("TLS-SRP server completed handshake for SRP identity: ").append(Strings.fromUTF8ByteArray(sRPIdentity)).toString());
        }
    }

    public ProtocolVersion getServerVersion() throws IOException {
        ProtocolVersion serverVersion = super.getServerVersion();
        System.out.println(new StringBuffer().append("TLS-SRP server negotiated ").append(serverVersion).toString());
        return serverVersion;
    }

    protected TlsCredentialedSigner getDSASignerCredentials() throws IOException {
        return TlsTestUtils.loadSignerCredentials((TlsContext) this.context, this.context.getSecurityParametersHandshake().getClientSigAlgs(), (short) 2, "x509-server-dsa.pem", "x509-server-key-dsa.pem");
    }

    protected TlsCredentialedSigner getRSASignerCredentials() throws IOException {
        return TlsTestUtils.loadSignerCredentialsServer(this.context, this.context.getSecurityParametersHandshake().getClientSigAlgs(), (short) 1);
    }

    protected ProtocolVersion[] getSupportedVersions() {
        return ProtocolVersion.TLSv12.only();
    }
}
