package de.authada.eid.core.tls;

import de.authada.org.bouncycastle.tls.CipherSuite;
import de.authada.org.bouncycastle.tls.DefaultTlsDHGroupVerifier;
import de.authada.org.bouncycastle.tls.DefaultTlsKeyExchangeFactory;
import de.authada.org.bouncycastle.tls.PSKTlsClient;
import de.authada.org.bouncycastle.tls.ProtocolVersion;
import de.authada.org.bouncycastle.tls.ServerName;
import de.authada.org.bouncycastle.tls.TlsAuthentication;
import de.authada.org.bouncycastle.tls.TlsDHGroupVerifier;
import de.authada.org.bouncycastle.tls.TlsKeyExchangeFactory;
import de.authada.org.bouncycastle.tls.TlsPSKIdentity;
import de.authada.org.bouncycastle.tls.crypto.TlsCertificate;
import de.authada.org.bouncycastle.tls.crypto.impl.bc.BcTlsCrypto;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Collections;
import java.util.Hashtable;
import java.util.Vector;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public final class EidServerPskClient extends PSKTlsClient implements AuthadaTlsClient {
    private final String hostname;
    private final EidTlsAuthentication tlsAuthentication;
    private static final ProtocolVersion MINIMUM_VERSION = ProtocolVersion.TLSv12;
    private static final int[] CIPHERSUITES = {CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA};
    private static final Short[] HASH_ALGORITHMS = {6, 5, 4};
    private static final Short[] SIGNATURE_ALGORITHMS = {1};

    public EidServerPskClient(BcTlsCrypto bcTlsCrypto, TlsPSKIdentity tlsPSKIdentity, String str) {
        super(bcTlsCrypto, tlsPSKIdentity);
        this.hostname = str;
        this.tlsAuthentication = new EidTlsAuthentication(bcTlsCrypto, str);
    }

    @Override // de.authada.org.bouncycastle.tls.PSKTlsClient, de.authada.org.bouncycastle.tls.TlsClient
    public TlsAuthentication getAuthentication() {
        return this.tlsAuthentication;
    }

    @Override // de.authada.org.bouncycastle.tls.AbstractTlsClient, de.authada.org.bouncycastle.tls.TlsPeer
    public int[] getCipherSuites() {
        return (int[]) CIPHERSUITES.clone();
    }

    @Override // de.authada.org.bouncycastle.tls.AbstractTlsClient, de.authada.org.bouncycastle.tls.TlsClient
    public Hashtable getClientExtensions() {
        Hashtable clientExtensions = super.getClientExtensions();
        this.supportedGroups = TlsUtils.replaceGroupExtension(clientExtensions);
        return clientExtensions;
    }

    @Override // de.authada.org.bouncycastle.tls.AbstractTlsClient, de.authada.org.bouncycastle.tls.TlsClient
    public TlsDHGroupVerifier getDHGroupVerifier() {
        return new DefaultTlsDHGroupVerifier(new Vector(Collections.singleton(TlsUtils.TLS_CURVES)), 2048);
    }

    @Override // de.authada.org.bouncycastle.tls.AbstractTlsPeer, de.authada.org.bouncycastle.tls.TlsPeer
    public TlsKeyExchangeFactory getKeyExchangeFactory() {
        return new DefaultTlsKeyExchangeFactory();
    }

    @Override // de.authada.eid.core.tls.AuthadaTlsClient
    public TlsCertificate getPeerCertificate() {
        return this.tlsAuthentication.getCertificate();
    }

    @Override // de.authada.org.bouncycastle.tls.AbstractTlsClient
    public Vector getSNIServerNames() {
        Vector vector = new Vector();
        vector.add(new ServerName((short) 0, this.hostname.getBytes(StandardCharsets.UTF_8)));
        return vector;
    }

    @Override // de.authada.org.bouncycastle.tls.AbstractTlsClient
    public Vector getSupportedSignatureAlgorithms() {
        return TlsUtils.createSignatureAlgorithms(this.context.getCrypto(), Arrays.asList(SIGNATURE_ALGORITHMS), Arrays.asList(HASH_ALGORITHMS));
    }

    @Override // de.authada.org.bouncycastle.tls.PSKTlsClient, de.authada.org.bouncycastle.tls.AbstractTlsPeer
    public ProtocolVersion[] getSupportedVersions() {
        return MINIMUM_VERSION.only();
    }
}
