package org.bouncycastle.tls.test;

import java.util.Vector;
import junit.framework.Test;
import junit.framework.TestSuite;
import org.bouncycastle.tls.ProtocolVersion;
import org.bouncycastle.tls.SignatureAndHashAlgorithm;
import org.bouncycastle.tls.SignatureScheme;
import org.bouncycastle.tls.TlsUtils;

/* loaded from: input_file:org/bouncycastle/tls/test/DTLSTestSuite.class */
public class DTLSTestSuite extends TestSuite {

    /* loaded from: input_file:org/bouncycastle/tls/test/DTLSTestSuite$C.class */
    static abstract class C extends TlsTestConfig {
        C() {
        }
    }

    public DTLSTestSuite() {
        super("DTLS");
    }

    public static Test suite() {
        DTLSTestSuite dTLSTestSuite = new DTLSTestSuite();
        addFallbackTests(dTLSTestSuite);
        addVersionTests(dTLSTestSuite, ProtocolVersion.DTLSv10);
        addVersionTests(dTLSTestSuite, ProtocolVersion.DTLSv12);
        return dTLSTestSuite;
    }

    private static void addFallbackTests(TestSuite testSuite) {
        TlsTestConfig createDTLSTestConfig = createDTLSTestConfig(ProtocolVersion.DTLSv12);
        createDTLSTestConfig.clientFallback = true;
        addTestCase(testSuite, createDTLSTestConfig, "FallbackGood");
        TlsTestConfig createDTLSTestConfig2 = createDTLSTestConfig(ProtocolVersion.DTLSv12);
        createDTLSTestConfig2.clientSupportedVersions = ProtocolVersion.DTLSv10.only();
        addTestCase(testSuite, createDTLSTestConfig2, "FallbackNone");
    }

    private static void addVersionTests(TestSuite testSuite, ProtocolVersion protocolVersion) {
        String str = protocolVersion.toString().replaceAll("[ \\.]", "") + "_";
        if (TlsUtils.isTLSv12(protocolVersion)) {
            TlsTestConfig createDTLSTestConfig = createDTLSTestConfig(protocolVersion);
            createDTLSTestConfig.clientAuth = 1;
            createDTLSTestConfig.clientAuthSigAlg = new SignatureAndHashAlgorithm((short) 4, (short) 1);
            createDTLSTestConfig.serverCertReqSigAlgs = TlsUtils.vectorOfOne(new SignatureAndHashAlgorithm((short) 4, (short) 3));
            createDTLSTestConfig.expectClientFatalAlert((short) 80);
            addTestCase(testSuite, createDTLSTestConfig, str + "BadCertVerifySigAlgClient");
        }
        if (TlsUtils.isTLSv12(protocolVersion)) {
            TlsTestConfig createDTLSTestConfig2 = createDTLSTestConfig(protocolVersion);
            createDTLSTestConfig2.clientAuth = 1;
            createDTLSTestConfig2.clientAuthSigAlg = SignatureAndHashAlgorithm.rsa_pss_rsae_sha256;
            createDTLSTestConfig2.clientAuthSigAlgClaimed = SignatureScheme.getSignatureAndHashAlgorithm(1027);
            createDTLSTestConfig2.serverCertReqSigAlgs = TlsUtils.vectorOfOne(SignatureAndHashAlgorithm.rsa_pss_rsae_sha256);
            createDTLSTestConfig2.serverCheckSigAlgOfClientCerts = false;
            createDTLSTestConfig2.expectServerFatalAlert((short) 47);
            addTestCase(testSuite, createDTLSTestConfig2, str + "BadCertVerifySigAlgServer1");
        }
        if (TlsUtils.isTLSv12(protocolVersion)) {
            TlsTestConfig createDTLSTestConfig3 = createDTLSTestConfig(protocolVersion);
            createDTLSTestConfig3.clientAuth = 1;
            createDTLSTestConfig3.clientAuthSigAlg = SignatureAndHashAlgorithm.rsa_pss_rsae_sha256;
            createDTLSTestConfig3.clientAuthSigAlgClaimed = SignatureScheme.getSignatureAndHashAlgorithm(1027);
            createDTLSTestConfig3.serverCertReqSigAlgs = new Vector(2);
            createDTLSTestConfig3.serverCertReqSigAlgs.addElement(SignatureAndHashAlgorithm.rsa_pss_rsae_sha256);
            createDTLSTestConfig3.serverCertReqSigAlgs.addElement(SignatureScheme.getSignatureAndHashAlgorithm(1027));
            createDTLSTestConfig3.expectServerFatalAlert((short) 42);
            addTestCase(testSuite, createDTLSTestConfig3, str + "BadCertVerifySigAlgServer2");
        }
        TlsTestConfig createDTLSTestConfig4 = createDTLSTestConfig(protocolVersion);
        createDTLSTestConfig4.clientAuth = 3;
        createDTLSTestConfig4.expectServerFatalAlert((short) 51);
        addTestCase(testSuite, createDTLSTestConfig4, str + "BadCertVerifySignature");
        TlsTestConfig createDTLSTestConfig5 = createDTLSTestConfig(protocolVersion);
        createDTLSTestConfig5.clientAuth = 2;
        createDTLSTestConfig5.expectServerFatalAlert((short) 42);
        addTestCase(testSuite, createDTLSTestConfig5, str + "BadClientCertificate");
        TlsTestConfig createDTLSTestConfig6 = createDTLSTestConfig(protocolVersion);
        createDTLSTestConfig6.clientAuth = 0;
        createDTLSTestConfig6.serverCertReq = 2;
        createDTLSTestConfig6.expectServerFatalAlert((short) 40);
        addTestCase(testSuite, createDTLSTestConfig6, str + "BadMandatoryCertReqDeclined");
        if (TlsUtils.isTLSv12(protocolVersion)) {
            TlsTestConfig createDTLSTestConfig7 = createDTLSTestConfig(protocolVersion);
            createDTLSTestConfig7.clientSendSignatureAlgorithms = false;
            createDTLSTestConfig7.clientSendSignatureAlgorithmsCert = false;
            createDTLSTestConfig7.serverAuthSigAlg = new SignatureAndHashAlgorithm((short) 4, (short) 1);
            createDTLSTestConfig7.expectClientFatalAlert((short) 42);
            addTestCase(testSuite, createDTLSTestConfig7, str + "BadServerCertSigAlg");
        }
        if (TlsUtils.isTLSv12(protocolVersion)) {
            TlsTestConfig createDTLSTestConfig8 = createDTLSTestConfig(protocolVersion);
            createDTLSTestConfig8.clientCHSigAlgs = TlsUtils.vectorOfOne(new SignatureAndHashAlgorithm((short) 4, (short) 1));
            createDTLSTestConfig8.serverAuthSigAlg = new SignatureAndHashAlgorithm((short) 5, (short) 1);
            createDTLSTestConfig8.expectClientFatalAlert((short) 47);
            addTestCase(testSuite, createDTLSTestConfig8, str + "BadServerKeyExchangeSigAlg");
        }
        if (TlsUtils.isTLSv12(protocolVersion)) {
            TlsTestConfig createDTLSTestConfig9 = createDTLSTestConfig(protocolVersion);
            createDTLSTestConfig9.clientCheckSigAlgOfServerCerts = false;
            createDTLSTestConfig9.clientSendSignatureAlgorithms = false;
            createDTLSTestConfig9.clientSendSignatureAlgorithmsCert = false;
            createDTLSTestConfig9.serverAuthSigAlg = new SignatureAndHashAlgorithm((short) 4, (short) 1);
            createDTLSTestConfig9.expectClientFatalAlert((short) 47);
            addTestCase(testSuite, createDTLSTestConfig9, str + "BadServerKeyExchangeSigAlg2");
        }
        addTestCase(testSuite, createDTLSTestConfig(protocolVersion), str + "GoodDefault");
        TlsTestConfig createDTLSTestConfig10 = createDTLSTestConfig(protocolVersion);
        createDTLSTestConfig10.serverCertReq = 0;
        addTestCase(testSuite, createDTLSTestConfig10, str + "GoodNoCertReq");
        TlsTestConfig createDTLSTestConfig11 = createDTLSTestConfig(protocolVersion);
        createDTLSTestConfig11.clientAuth = 0;
        addTestCase(testSuite, createDTLSTestConfig11, str + "GoodOptionalCertReqDeclined");
        if (TlsUtils.isTLSv12(protocolVersion)) {
            return;
        }
        TlsTestConfig createDTLSTestConfig12 = createDTLSTestConfig(protocolVersion);
        createDTLSTestConfig12.serverNegotiateVersion = protocolVersion;
        createDTLSTestConfig12.serverSupportedVersions = ProtocolVersion.DTLSv12.downTo(protocolVersion);
        createDTLSTestConfig12.expectClientFatalAlert((short) 47);
        addTestCase(testSuite, createDTLSTestConfig12, str + "BadDowngrade");
    }

    private static void addTestCase(TestSuite testSuite, TlsTestConfig tlsTestConfig, String str) {
        testSuite.addTest(new DTLSTestCase(tlsTestConfig, str));
    }

    private static TlsTestConfig createDTLSTestConfig(ProtocolVersion protocolVersion) {
        TlsTestConfig tlsTestConfig = new TlsTestConfig();
        tlsTestConfig.clientSupportedVersions = ProtocolVersion.DTLSv12.downTo(ProtocolVersion.DTLSv10);
        tlsTestConfig.serverSupportedVersions = protocolVersion.downTo(ProtocolVersion.DTLSv10);
        return tlsTestConfig;
    }
}
