package org.bouncycastle.tls.test;

import java.io.OutputStream;
import java.io.PipedInputStream;
import java.io.PipedOutputStream;
import java.security.SecureRandom;
import junit.framework.TestCase;
import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
import org.bouncycastle.tls.ProtocolVersion;
import org.bouncycastle.tls.TlsClient;
import org.bouncycastle.tls.TlsClientProtocol;
import org.bouncycastle.tls.TlsExtensionsUtils;
import org.bouncycastle.tls.TlsFatalAlertReceived;
import org.bouncycastle.tls.TlsServer;
import org.bouncycastle.tls.TlsServerProtocol;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.io.Streams;

/* loaded from: input_file:org/bouncycastle/tls/test/TlsRawKeysProtocolTest.class */
public class TlsRawKeysProtocolTest extends TestCase {
    private final SecureRandom RANDOM = new SecureRandom();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/bouncycastle/tls/test/TlsRawKeysProtocolTest$ServerThread.class */
    public static class ServerThread extends Thread {
        private final TlsServerProtocol serverProtocol;
        private final TlsServer server;

        ServerThread(TlsServerProtocol tlsServerProtocol, TlsServer tlsServer) {
            this.serverProtocol = tlsServerProtocol;
            this.server = tlsServer;
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            try {
                this.serverProtocol.accept(this.server);
                Streams.pipeAll(this.serverProtocol.getInputStream(), this.serverProtocol.getOutputStream());
                this.serverProtocol.close();
            } catch (Exception e) {
            }
        }
    }

    public void testClientSendsExtensionButServerDoesNotSupportIt() throws Exception {
        testClientSendsExtensionButServerDoesNotSupportIt(ProtocolVersion.TLSv12);
    }

    public void testClientSendsExtensionButServerDoesNotSupportIt_13() throws Exception {
        testClientSendsExtensionButServerDoesNotSupportIt(ProtocolVersion.TLSv13);
    }

    private void testClientSendsExtensionButServerDoesNotSupportIt(ProtocolVersion protocolVersion) throws Exception {
        pumpData(new MockRawKeysTlsClient((short) 0, (short) -1, new short[]{2, 0}, null, generateKeyPair(), protocolVersion), new MockRawKeysTlsServer((short) 0, (short) -1, null, generateKeyPair(), protocolVersion));
    }

    public void testExtensionsAreOmittedIfSpecifiedButOnlyContainX509() throws Exception {
        testExtensionsAreOmittedIfSpecifiedButOnlyContainX509(ProtocolVersion.TLSv12);
    }

    public void testExtensionsAreOmittedIfSpecifiedButOnlyContainX509_13() throws Exception {
        testExtensionsAreOmittedIfSpecifiedButOnlyContainX509(ProtocolVersion.TLSv13);
    }

    private void testExtensionsAreOmittedIfSpecifiedButOnlyContainX509(ProtocolVersion protocolVersion) throws Exception {
        MockRawKeysTlsClient mockRawKeysTlsClient = new MockRawKeysTlsClient((short) 0, (short) 0, new short[]{0}, new short[]{0}, generateKeyPair(), protocolVersion);
        MockRawKeysTlsServer mockRawKeysTlsServer = new MockRawKeysTlsServer((short) 0, (short) 0, new short[]{0}, generateKeyPair(), protocolVersion);
        pumpData(mockRawKeysTlsClient, mockRawKeysTlsServer);
        assertFalse("client cert type extension should not be sent", mockRawKeysTlsServer.receivedClientExtensions.containsKey(TlsExtensionsUtils.EXT_client_certificate_type));
        assertFalse("server cert type extension should not be sent", mockRawKeysTlsServer.receivedClientExtensions.containsKey(TlsExtensionsUtils.EXT_server_certificate_type));
    }

    public void testBothSidesUseRawKey() throws Exception {
        testBothSidesUseRawKey(ProtocolVersion.TLSv12);
    }

    public void testBothSidesUseRawKey_13() throws Exception {
        testBothSidesUseRawKey(ProtocolVersion.TLSv13);
    }

    private void testBothSidesUseRawKey(ProtocolVersion protocolVersion) throws Exception {
        pumpData(new MockRawKeysTlsClient((short) 2, (short) 2, new short[]{2}, new short[]{2}, generateKeyPair(), protocolVersion), new MockRawKeysTlsServer((short) 2, (short) 2, new short[]{2}, generateKeyPair(), protocolVersion));
    }

    public void testServerUsesRawKeyAndClientIsAnonymous() throws Exception {
        testServerUsesRawKeyAndClientIsAnonymous(ProtocolVersion.TLSv12);
    }

    public void testServerUsesRawKeyAndClientIsAnonymous_13() throws Exception {
        testServerUsesRawKeyAndClientIsAnonymous(ProtocolVersion.TLSv13);
    }

    private void testServerUsesRawKeyAndClientIsAnonymous(ProtocolVersion protocolVersion) throws Exception {
        pumpData(new MockRawKeysTlsClient((short) 2, (short) -1, new short[]{2}, null, generateKeyPair(), protocolVersion), new MockRawKeysTlsServer((short) 2, (short) -1, null, generateKeyPair(), protocolVersion));
    }

    public void testServerUsesRawKeyAndClientUsesX509() throws Exception {
        testServerUsesRawKeyAndClientUsesX509(ProtocolVersion.TLSv12);
    }

    public void testServerUsesRawKeyAndClientUsesX509_13() throws Exception {
        testServerUsesRawKeyAndClientUsesX509(ProtocolVersion.TLSv13);
    }

    private void testServerUsesRawKeyAndClientUsesX509(ProtocolVersion protocolVersion) throws Exception {
        pumpData(new MockRawKeysTlsClient((short) 2, (short) 0, new short[]{2}, null, generateKeyPair(), protocolVersion), new MockRawKeysTlsServer((short) 2, (short) 0, null, generateKeyPair(), protocolVersion));
    }

    public void testServerUsesX509AndClientUsesRawKey() throws Exception {
        testServerUsesX509AndClientUsesRawKey(ProtocolVersion.TLSv12);
    }

    public void testServerUsesX509AndClientUsesRawKey_13() throws Exception {
        testServerUsesX509AndClientUsesRawKey(ProtocolVersion.TLSv13);
    }

    private void testServerUsesX509AndClientUsesRawKey(ProtocolVersion protocolVersion) throws Exception {
        pumpData(new MockRawKeysTlsClient((short) 0, (short) 2, null, new short[]{2}, generateKeyPair(), protocolVersion), new MockRawKeysTlsServer((short) 0, (short) 2, new short[]{2}, generateKeyPair(), protocolVersion));
    }

    public void testClientSendsClientCertExtensionButServerHasNoCommonTypes() throws Exception {
        testClientSendsClientCertExtensionButServerHasNoCommonTypes(ProtocolVersion.TLSv12);
    }

    public void testClientSendsClientCertExtensionButServerHasNoCommonTypes_13() throws Exception {
        testClientSendsClientCertExtensionButServerHasNoCommonTypes(ProtocolVersion.TLSv13);
    }

    private void testClientSendsClientCertExtensionButServerHasNoCommonTypes(ProtocolVersion protocolVersion) throws Exception {
        try {
            pumpData(new MockRawKeysTlsClient((short) 0, (short) 2, null, new short[]{2}, generateKeyPair(), protocolVersion), new MockRawKeysTlsServer((short) 0, (short) 0, new short[]{0}, generateKeyPair(), protocolVersion));
            fail("Should have caused unsupported_certificate alert");
        } catch (TlsFatalAlertReceived e) {
            assertEquals("Should have caused unsupported_certificate alert", e.getAlertDescription(), (short) 43);
        }
    }

    public void testClientSendsServerCertExtensionButServerHasNoCommonTypes() throws Exception {
        testClientSendsServerCertExtensionButServerHasNoCommonTypes(ProtocolVersion.TLSv12);
    }

    public void testClientSendsServerCertExtensionButServerHasNoCommonTypes_13() throws Exception {
        testClientSendsServerCertExtensionButServerHasNoCommonTypes(ProtocolVersion.TLSv13);
    }

    private void testClientSendsServerCertExtensionButServerHasNoCommonTypes(ProtocolVersion protocolVersion) throws Exception {
        try {
            pumpData(new MockRawKeysTlsClient((short) 2, (short) 2, new short[]{2}, null, generateKeyPair(), protocolVersion), new MockRawKeysTlsServer((short) 0, (short) 2, new short[]{2}, generateKeyPair(), protocolVersion));
            fail("Should have caused unsupported_certificate alert");
        } catch (TlsFatalAlertReceived e) {
            assertEquals("Should have caused unsupported_certificate alert", e.getAlertDescription(), (short) 43);
        }
    }

    private Ed25519PrivateKeyParameters generateKeyPair() {
        return new Ed25519PrivateKeyParameters(this.RANDOM);
    }

    private void pumpData(TlsClient tlsClient, TlsServer tlsServer) throws Exception {
        PipedInputStream createPipedInputStream = TlsTestUtils.createPipedInputStream();
        PipedInputStream createPipedInputStream2 = TlsTestUtils.createPipedInputStream();
        PipedOutputStream pipedOutputStream = new PipedOutputStream(createPipedInputStream2);
        PipedOutputStream pipedOutputStream2 = new PipedOutputStream(createPipedInputStream);
        TlsClientProtocol tlsClientProtocol = new TlsClientProtocol(createPipedInputStream, pipedOutputStream);
        ServerThread serverThread = new ServerThread(new TlsServerProtocol(createPipedInputStream2, pipedOutputStream2), tlsServer);
        serverThread.start();
        tlsClientProtocol.connect(tlsClient);
        byte[] bArr = new byte[1000];
        this.RANDOM.nextBytes(bArr);
        OutputStream outputStream = tlsClientProtocol.getOutputStream();
        outputStream.write(bArr);
        byte[] bArr2 = new byte[bArr.length];
        assertEquals(Streams.readFully(tlsClientProtocol.getInputStream(), bArr2), bArr.length);
        assertTrue(Arrays.areEqual(bArr, bArr2));
        outputStream.close();
        serverThread.join();
    }
}
