package org.bouncycastle.tls.test;

import java.io.IOException;
import java.io.PrintStream;
import java.security.SecureRandom;
import java.util.Vector;
import org.bouncycastle.tls.AlertDescription;
import org.bouncycastle.tls.AlertLevel;
import org.bouncycastle.tls.PSKTlsServer;
import org.bouncycastle.tls.ProtocolName;
import org.bouncycastle.tls.ProtocolVersion;
import org.bouncycastle.tls.TlsCredentialedDecryptor;
import org.bouncycastle.tls.TlsPSKIdentityManager;
import org.bouncycastle.tls.crypto.impl.bc.BcTlsCrypto;
import org.bouncycastle.util.Strings;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: input_file:org/bouncycastle/tls/test/MockPSKTlsServer.class */
class MockPSKTlsServer extends PSKTlsServer {

    /* loaded from: input_file:org/bouncycastle/tls/test/MockPSKTlsServer$MyIdentityManager.class */
    static class MyIdentityManager implements TlsPSKIdentityManager {
        MyIdentityManager() {
        }

        @Override // org.bouncycastle.tls.TlsPSKIdentityManager
        public byte[] getHint() {
            return Strings.toUTF8ByteArray("hint");
        }

        @Override // org.bouncycastle.tls.TlsPSKIdentityManager
        public byte[] getPSK(byte[] bArr) {
            if (bArr == null || !Strings.fromUTF8ByteArray(bArr).equals("client")) {
                return null;
            }
            return Strings.toUTF8ByteArray("TLS_TEST_PSK");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public MockPSKTlsServer() {
        super(new BcTlsCrypto(new SecureRandom()), new MyIdentityManager());
    }

    @Override // org.bouncycastle.tls.AbstractTlsServer
    protected Vector getProtocolNames() {
        Vector vector = new Vector();
        vector.addElement(ProtocolName.HTTP_2_TLS);
        vector.addElement(ProtocolName.HTTP_1_1);
        return vector;
    }

    @Override // org.bouncycastle.tls.AbstractTlsPeer, org.bouncycastle.tls.TlsPeer
    public void notifyAlertRaised(short s, short s2, String str, Throwable th) {
        PrintStream printStream = s == 2 ? System.err : System.out;
        printStream.println("TLS-PSK server raised alert: " + AlertLevel.getText(s) + ", " + AlertDescription.getText(s2));
        if (str != null) {
            printStream.println("> " + str);
        }
        if (th != null) {
            th.printStackTrace(printStream);
        }
    }

    @Override // org.bouncycastle.tls.AbstractTlsPeer, org.bouncycastle.tls.TlsPeer
    public void notifyAlertReceived(short s, short s2) {
        (s == 2 ? System.err : System.out).println("TLS-PSK server received alert: " + AlertLevel.getText(s) + ", " + AlertDescription.getText(s2));
    }

    @Override // org.bouncycastle.tls.AbstractTlsServer, org.bouncycastle.tls.TlsServer
    public ProtocolVersion getServerVersion() throws IOException {
        ProtocolVersion serverVersion = super.getServerVersion();
        System.out.println("TLS-PSK server negotiated " + serverVersion);
        return serverVersion;
    }

    @Override // org.bouncycastle.tls.AbstractTlsPeer, org.bouncycastle.tls.TlsPeer
    public void notifyHandshakeComplete() throws IOException {
        super.notifyHandshakeComplete();
        ProtocolName applicationProtocol = this.context.getSecurityParametersConnection().getApplicationProtocol();
        if (applicationProtocol != null) {
            System.out.println("Server ALPN: " + applicationProtocol.getUtf8Decoding());
        }
        System.out.println("Server 'tls-server-end-point': " + hex(this.context.exportChannelBinding(0)));
        System.out.println("Server 'tls-unique': " + hex(this.context.exportChannelBinding(1)));
        byte[] pSKIdentity = this.context.getSecurityParametersConnection().getPSKIdentity();
        if (pSKIdentity != null) {
            System.out.println("TLS-PSK server completed handshake for PSK identity: " + Strings.fromUTF8ByteArray(pSKIdentity));
        }
    }

    @Override // org.bouncycastle.tls.PSKTlsServer
    protected TlsCredentialedDecryptor getRSAEncryptionCredentials() throws IOException {
        return TlsTestUtils.loadEncryptionCredentials(this.context, new String[]{"x509-server-rsa-enc.pem", "x509-ca-rsa.pem"}, "x509-server-key-rsa-enc.pem");
    }

    protected String hex(byte[] bArr) {
        return bArr == null ? "(null)" : Hex.toHexString(bArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.bouncycastle.tls.AbstractTlsPeer
    public ProtocolVersion[] getSupportedVersions() {
        return ProtocolVersion.TLSv12.only();
    }
}
