package de.persosim.websocket;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.Socket;
import java.security.SecureRandom;
import java.util.Vector;
import org.bouncycastle.tls.Certificate;
import org.bouncycastle.tls.CertificateRequest;
import org.bouncycastle.tls.PSKTlsServer;
import org.bouncycastle.tls.SignatureAndHashAlgorithm;
import org.bouncycastle.tls.TlsContext;
import org.bouncycastle.tls.TlsCredentialedDecryptor;
import org.bouncycastle.tls.TlsCredentials;
import org.bouncycastle.tls.TlsKeyExchange;
import org.bouncycastle.tls.TlsServerProtocol;
import org.bouncycastle.tls.crypto.TlsSecret;
import org.bouncycastle.tls.crypto.impl.bc.BcDefaultTlsCredentialedDecryptor;
import org.bouncycastle.tls.crypto.impl.bc.BcTlsCrypto;
import org.globaltester.logging.BasicLogger;
import org.globaltester.logging.tags.LogLevel;

/* loaded from: classes34.dex */
public class PairingServer implements TlsHandshaker {
    private Certificate clientCert = null;
    private Socket clientSocket;
    private TlsServerProtocol protocol;
    private byte[] psk;
    private RemoteIfdConfigManager remoteIfdConfig;

    public PairingServer(String str, RemoteIfdConfigManager remoteIfdConfigManager, Socket socket) {
        this.psk = str.getBytes();
        this.clientSocket = socket;
        this.remoteIfdConfig = remoteIfdConfigManager;
    }

    @Override // de.persosim.websocket.TlsHandshaker
    public void closeConnection() {
        try {
            BasicLogger.log(getClass(), "Closing PSK TLS connection", LogLevel.DEBUG);
            this.protocol.close();
        } catch (IOException e) {
        }
    }

    @Override // de.persosim.websocket.TlsHandshaker
    public Certificate getClientCertificate() {
        return this.clientCert;
    }

    @Override // de.persosim.websocket.TlsHandshaker
    public InputStream getInputStream() {
        return this.protocol.getInputStream();
    }

    @Override // de.persosim.websocket.TlsHandshaker
    public OutputStream getOutputStream() {
        return this.protocol.getOutputStream();
    }

    @Override // de.persosim.websocket.TlsHandshaker
    public boolean performHandshake() {
        BcTlsCrypto bcTlsCrypto = new BcTlsCrypto(new SecureRandom());
        SimpleTlsPSKIdentityManager simpleTlsPSKIdentityManager = new SimpleTlsPSKIdentityManager(this.psk);
        try {
            this.protocol = new TlsServerProtocol(this.clientSocket.getInputStream(), this.clientSocket.getOutputStream());
            this.protocol.accept(new PSKTlsServer(bcTlsCrypto, simpleTlsPSKIdentityManager) { // from class: de.persosim.websocket.PairingServer.1
                @Override // org.bouncycastle.tls.AbstractTlsServer, org.bouncycastle.tls.TlsServer
                public CertificateRequest getCertificateRequest() {
                    Vector vector = new Vector();
                    vector.add(new SignatureAndHashAlgorithm((short) 4, (short) 1));
                    return new CertificateRequest(new short[]{1}, vector, null);
                }

                @Override // org.bouncycastle.tls.PSKTlsServer, org.bouncycastle.tls.AbstractTlsServer
                protected int[] getCipherSuites() {
                    return new int[]{149};
                }

                @Override // org.bouncycastle.tls.PSKTlsServer, org.bouncycastle.tls.TlsServer
                public TlsKeyExchange getKeyExchange() throws IOException {
                    final TlsKeyExchange keyExchange = super.getKeyExchange();
                    return new TlsKeyExchange() { // from class: de.persosim.websocket.PairingServer.1.1
                        @Override // org.bouncycastle.tls.TlsKeyExchange
                        public void generateClientKeyExchange(OutputStream outputStream) throws IOException {
                            keyExchange.generateClientKeyExchange(outputStream);
                        }

                        @Override // org.bouncycastle.tls.TlsKeyExchange
                        public TlsSecret generatePreMasterSecret() throws IOException {
                            return keyExchange.generatePreMasterSecret();
                        }

                        @Override // org.bouncycastle.tls.TlsKeyExchange
                        public byte[] generateServerKeyExchange() throws IOException {
                            return keyExchange.generateServerKeyExchange();
                        }

                        @Override // org.bouncycastle.tls.TlsKeyExchange
                        public short[] getClientCertificateTypes() {
                            return new short[]{1};
                        }

                        @Override // org.bouncycastle.tls.TlsKeyExchange
                        public void init(TlsContext tlsContext) {
                            keyExchange.init(tlsContext);
                        }

                        @Override // org.bouncycastle.tls.TlsKeyExchange
                        public void processClientCertificate(Certificate certificate) throws IOException {
                            keyExchange.processClientCertificate(certificate);
                        }

                        @Override // org.bouncycastle.tls.TlsKeyExchange
                        public void processClientCredentials(TlsCredentials tlsCredentials) throws IOException {
                            keyExchange.processClientCredentials(tlsCredentials);
                        }

                        @Override // org.bouncycastle.tls.TlsKeyExchange
                        public void processClientKeyExchange(InputStream inputStream) throws IOException {
                            keyExchange.processClientKeyExchange(inputStream);
                        }

                        @Override // org.bouncycastle.tls.TlsKeyExchange
                        public void processServerCertificate(Certificate certificate) throws IOException {
                            keyExchange.processServerCertificate(certificate);
                        }

                        @Override // org.bouncycastle.tls.TlsKeyExchange
                        public void processServerCredentials(TlsCredentials tlsCredentials) throws IOException {
                            keyExchange.processServerCredentials(tlsCredentials);
                        }

                        @Override // org.bouncycastle.tls.TlsKeyExchange
                        public void processServerKeyExchange(InputStream inputStream) throws IOException {
                            keyExchange.processServerKeyExchange(inputStream);
                        }

                        @Override // org.bouncycastle.tls.TlsKeyExchange
                        public boolean requiresCertificateVerify() {
                            return keyExchange.requiresCertificateVerify();
                        }

                        @Override // org.bouncycastle.tls.TlsKeyExchange
                        public boolean requiresServerKeyExchange() {
                            return keyExchange.requiresServerKeyExchange();
                        }

                        @Override // org.bouncycastle.tls.TlsKeyExchange
                        public void skipClientCredentials() throws IOException {
                            keyExchange.skipClientCredentials();
                        }

                        @Override // org.bouncycastle.tls.TlsKeyExchange
                        public void skipServerCredentials() throws IOException {
                            keyExchange.skipServerCredentials();
                        }

                        @Override // org.bouncycastle.tls.TlsKeyExchange
                        public void skipServerKeyExchange() throws IOException {
                            keyExchange.skipServerKeyExchange();
                        }
                    };
                }

                @Override // org.bouncycastle.tls.PSKTlsServer
                protected TlsCredentialedDecryptor getRSAEncryptionCredentials() throws IOException {
                    return new BcDefaultTlsCredentialedDecryptor((BcTlsCrypto) getCrypto(), CertificateConverter.fromJavaCertificateToBcTlsCertificate(PairingServer.this.remoteIfdConfig.getHostCertificate()), CertificateConverter.fromJavaKeyToBcAsymetricKeyParameter(PairingServer.this.remoteIfdConfig.getHostPrivateKey()));
                }

                @Override // org.bouncycastle.tls.AbstractTlsServer, org.bouncycastle.tls.TlsServer
                public void notifyClientCertificate(Certificate certificate) throws IOException {
                    PairingServer.this.clientCert = certificate;
                }

                @Override // org.bouncycastle.tls.AbstractTlsPeer, org.bouncycastle.tls.TlsPeer
                public void notifyHandshakeComplete() throws IOException {
                    super.notifyHandshakeComplete();
                    PairingServer.this.remoteIfdConfig.addPairedCertificate(CertificateConverter.fromBcTlsCertificateToJavaCertificate(PairingServer.this.clientCert));
                    BasicLogger.log(getClass(), "Handshake done", LogLevel.DEBUG);
                }

                @Override // org.bouncycastle.tls.AbstractTlsServer, org.bouncycastle.tls.TlsServer
                public void notifyOfferedCipherSuites(int[] iArr) throws IOException {
                    super.notifyOfferedCipherSuites(iArr);
                    String str = "Offered cipher suites:";
                    for (int i : iArr) {
                        str = String.valueOf(str) + System.lineSeparator() + Integer.toHexString(i);
                    }
                    BasicLogger.log(getClass(), str, LogLevel.DEBUG);
                }
            });
            return true;
        } catch (IOException e) {
            BasicLogger.logException(getClass(), e);
            return false;
        }
    }
}
