package org.eclipse.californium.scandium.dtls.cipher;

import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.List;
import org.eclipse.californium.elements.util.StringUtil;
import org.eclipse.californium.scandium.dtls.CertificateType;
import org.eclipse.californium.scandium.dtls.SignatureAndHashAlgorithm;
import org.eclipse.californium.scandium.dtls.SupportedPointFormatsExtension;
import org.eclipse.californium.scandium.dtls.cipher.XECDHECryptography;

/* loaded from: classes17.dex */
public class CipherSuiteParameters {
    private List<X509Certificate> certificateChain;
    private CertificateBasedMismatch certificateMismatch;
    private List<CipherSuite> cipherSuites;
    private boolean clientAuthenticationRequired;
    private boolean clientAuthenticationWanted;
    private List<CertificateType> clientCertTypes;
    private SupportedPointFormatsExtension.ECPointFormat format;
    private GeneralMismatch generalMismatch;
    private PublicKey publicKey;
    private CipherSuite selectedCipherSuite;
    private CertificateType selectedClientCertificateType;
    private CertificateType selectedServerCertificateType;
    private SignatureAndHashAlgorithm selectedSignature;
    private XECDHECryptography.SupportedGroup selectedSupportedGroup;
    private List<CertificateType> serverCertTypes;
    private List<SignatureAndHashAlgorithm> signatures;
    private List<XECDHECryptography.SupportedGroup> supportedGroups;

    /* loaded from: classes17.dex */
    public enum CertificateBasedMismatch {
        SERVER_CERT_TYPE("Peers have no common server certificate type."),
        CLIENT_CERT_TYPE("Peers have no common client certificate type."),
        SIGNATURE_ALGORITHMS("Peers have no common signature and hash algorithm."),
        CERTIFICATE_EC_GROUPS("The peer's node certificate uses no common ec-group."),
        CERTIFICATE_SIGNATURE_ALGORITHMS("The peer's node certificate uses no common signature and hash algorithm."),
        CERTIFICATE_PATH_SIGNATURE_ALGORITHMS("The peer's certificate-chain uses no common signature and hash algorithm.");

        private final String message;

        CertificateBasedMismatch(String str) {
            this.message = str;
        }

        public final String getMessage() {
            return this.message;
        }
    }

    /* loaded from: classes17.dex */
    public enum GeneralMismatch {
        CIPHER_SUITE("Peers have no common cipher suite."),
        EC_FORMAT("Peers have no common ec-point format."),
        EC_GROUPS("Peers have no common ec-groups.");

        private final String message;

        GeneralMismatch(String str) {
            this.message = str;
        }

        public final String getMessage() {
            return this.message;
        }
    }

    public CipherSuiteParameters(PublicKey publicKey, List<X509Certificate> list, CipherSuiteParameters cipherSuiteParameters) {
        this.publicKey = publicKey;
        this.certificateChain = list;
        this.clientAuthenticationRequired = cipherSuiteParameters.clientAuthenticationRequired;
        this.clientAuthenticationWanted = cipherSuiteParameters.clientAuthenticationWanted;
        this.cipherSuites = cipherSuiteParameters.cipherSuites;
        this.serverCertTypes = cipherSuiteParameters.serverCertTypes;
        this.clientCertTypes = cipherSuiteParameters.clientCertTypes;
        this.supportedGroups = cipherSuiteParameters.supportedGroups;
        this.signatures = cipherSuiteParameters.signatures;
        this.format = cipherSuiteParameters.format;
        this.selectedCipherSuite = cipherSuiteParameters.selectedCipherSuite;
        this.selectedServerCertificateType = cipherSuiteParameters.selectedServerCertificateType;
        this.selectedClientCertificateType = cipherSuiteParameters.selectedClientCertificateType;
        this.selectedSupportedGroup = cipherSuiteParameters.selectedSupportedGroup;
        this.selectedSignature = cipherSuiteParameters.selectedSignature;
    }

    public CipherSuiteParameters(PublicKey publicKey, List<X509Certificate> list, boolean z, boolean z2, List<CipherSuite> list2, List<CertificateType> list3, List<CertificateType> list4, List<XECDHECryptography.SupportedGroup> list5, List<SignatureAndHashAlgorithm> list6, SupportedPointFormatsExtension.ECPointFormat eCPointFormat) {
        this.publicKey = publicKey;
        this.certificateChain = list;
        this.clientAuthenticationRequired = z;
        this.clientAuthenticationWanted = !z && z2;
        this.cipherSuites = list2;
        this.serverCertTypes = list3;
        this.clientCertTypes = list4;
        this.supportedGroups = list5;
        this.signatures = list6;
        this.format = eCPointFormat;
    }

    public List<X509Certificate> getCertificateChain() {
        return this.certificateChain;
    }

    public CertificateBasedMismatch getCertificateMismatch() {
        return this.certificateMismatch;
    }

    public List<CipherSuite> getCipherSuites() {
        return this.cipherSuites;
    }

    public List<CertificateType> getClientCertTypes() {
        return this.clientCertTypes;
    }

    public SupportedPointFormatsExtension.ECPointFormat getFormat() {
        return this.format;
    }

    public GeneralMismatch getGeneralMismatch() {
        return this.generalMismatch;
    }

    public String getMismatchDescription() {
        String mismatchSummary = getMismatchSummary();
        if (mismatchSummary == null) {
            return mismatchSummary;
        }
        StringBuilder sb = new StringBuilder(mismatchSummary);
        sb.append(StringUtil.lineSeparator());
        sb.append("\tcipher suites: ");
        Iterator<CipherSuite> it = this.cipherSuites.iterator();
        while (it.hasNext()) {
            sb.append(it.next().name());
            sb.append(",");
        }
        sb.setLength(sb.length() - 1);
        if (this.certificateMismatch == CertificateBasedMismatch.CERTIFICATE_EC_GROUPS) {
            sb.append(StringUtil.lineSeparator());
            sb.append("\t\tec-groups: ");
            Iterator<XECDHECryptography.SupportedGroup> it2 = this.supportedGroups.iterator();
            while (it2.hasNext()) {
                sb.append(it2.next().name());
                sb.append(",");
            }
            sb.setLength(sb.length() - 1);
        } else if (this.certificateMismatch == CertificateBasedMismatch.CERTIFICATE_SIGNATURE_ALGORITHMS || this.certificateMismatch == CertificateBasedMismatch.CERTIFICATE_PATH_SIGNATURE_ALGORITHMS) {
            sb.append(StringUtil.lineSeparator());
            sb.append("\t\tsignatures: ");
            Iterator<SignatureAndHashAlgorithm> it3 = this.signatures.iterator();
            while (it3.hasNext()) {
                sb.append(it3.next().getJcaName());
                sb.append(",");
            }
            sb.setLength(sb.length() - 1);
        }
        return sb.toString();
    }

    public String getMismatchSummary() {
        GeneralMismatch generalMismatch = this.generalMismatch;
        if (generalMismatch != null) {
            return generalMismatch.getMessage();
        }
        CertificateBasedMismatch certificateBasedMismatch = this.certificateMismatch;
        if (certificateBasedMismatch != null) {
            return certificateBasedMismatch.getMessage();
        }
        return null;
    }

    public PublicKey getPublicKey() {
        return this.publicKey;
    }

    public CipherSuite getSelectedCipherSuite() {
        return this.selectedCipherSuite;
    }

    public CertificateType getSelectedClientCertificateType() {
        return this.selectedClientCertificateType;
    }

    public CertificateType getSelectedServerCertificateType() {
        return this.selectedServerCertificateType;
    }

    public SignatureAndHashAlgorithm getSelectedSignature() {
        return this.selectedSignature;
    }

    public XECDHECryptography.SupportedGroup getSelectedSupportedGroup() {
        return this.selectedSupportedGroup;
    }

    public List<CertificateType> getServerCertTypes() {
        return this.serverCertTypes;
    }

    public List<SignatureAndHashAlgorithm> getSignatures() {
        return this.signatures;
    }

    public List<XECDHECryptography.SupportedGroup> getSupportedGroups() {
        return this.supportedGroups;
    }

    public boolean isClientAuthenticationRequired() {
        return this.clientAuthenticationRequired;
    }

    public boolean isClientAuthenticationWanted() {
        return this.clientAuthenticationWanted;
    }

    public void select(CipherSuite cipherSuite) {
        if (cipherSuite == null) {
            throw new NullPointerException("Cipher suite must not be null!");
        }
        if (this.cipherSuites.contains(cipherSuite)) {
            this.selectedCipherSuite = cipherSuite;
            return;
        }
        StringBuilder sb = new StringBuilder();
        sb.append(cipherSuite);
        sb.append(" is no common cipher suite!");
        throw new IllegalArgumentException(sb.toString());
    }

    public void selectClientCertificateType(CertificateType certificateType) {
        if (certificateType == null || this.clientCertTypes.contains(certificateType)) {
            this.selectedClientCertificateType = certificateType;
            return;
        }
        StringBuilder sb = new StringBuilder();
        sb.append(certificateType);
        sb.append(" client certificate type is no common certificate type.");
        throw new IllegalArgumentException(sb.toString());
    }

    public void selectServerCertificateType(CertificateType certificateType) {
        if (certificateType == null || this.serverCertTypes.contains(certificateType)) {
            this.selectedServerCertificateType = certificateType;
            return;
        }
        StringBuilder sb = new StringBuilder();
        sb.append(certificateType);
        sb.append(" server certificate type is no common certificate type.");
        throw new IllegalArgumentException(sb.toString());
    }

    public void selectSignatureAndHashAlgorithm(SignatureAndHashAlgorithm signatureAndHashAlgorithm) {
        if (signatureAndHashAlgorithm == null || this.signatures.contains(signatureAndHashAlgorithm)) {
            this.selectedSignature = signatureAndHashAlgorithm;
            return;
        }
        StringBuilder sb = new StringBuilder();
        sb.append(signatureAndHashAlgorithm);
        sb.append(" is no common signature and hash algorithm.");
        throw new IllegalArgumentException(sb.toString());
    }

    public void selectSupportedGroup(XECDHECryptography.SupportedGroup supportedGroup) {
        if (supportedGroup == null || this.supportedGroups.contains(supportedGroup)) {
            this.selectedSupportedGroup = supportedGroup;
            return;
        }
        StringBuilder sb = new StringBuilder();
        sb.append(supportedGroup);
        sb.append(" is no common group/curve.");
        throw new IllegalArgumentException(sb.toString());
    }

    public void setCertificateMismatch(CertificateBasedMismatch certificateBasedMismatch) {
        this.certificateMismatch = certificateBasedMismatch;
    }

    public void setGeneralMismatch(GeneralMismatch generalMismatch) {
        this.generalMismatch = generalMismatch;
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("cipher suites: ");
        for (CipherSuite cipherSuite : this.cipherSuites) {
            if (this.selectedCipherSuite == cipherSuite) {
                sb.append("#");
            }
            sb.append(cipherSuite.name());
            sb.append(",");
        }
        sb.setLength(sb.length() - 1);
        sb.append(StringUtil.lineSeparator());
        List<X509Certificate> list = this.certificateChain;
        if (list != null && !list.isEmpty()) {
            sb.append("x509-DN: [");
            sb.append(this.certificateChain.get(0).getSubjectX500Principal().getName());
            sb.append("]");
            sb.append(StringUtil.lineSeparator());
        }
        if (this.publicKey != null) {
            if (this.clientAuthenticationRequired) {
                sb.append("client certificate required");
            } else if (this.clientAuthenticationWanted) {
                sb.append("client certificate wanted");
            } else {
                sb.append("no client certificate");
            }
            sb.append(StringUtil.lineSeparator());
        }
        sb.append("server certificate types: ");
        for (CertificateType certificateType : this.serverCertTypes) {
            if (this.selectedServerCertificateType == certificateType) {
                sb.append("#");
            }
            sb.append(certificateType.name());
            sb.append(",");
        }
        sb.setLength(sb.length() - 1);
        sb.append(StringUtil.lineSeparator());
        sb.append("client certificate types: ");
        for (CertificateType certificateType2 : this.clientCertTypes) {
            if (this.selectedClientCertificateType == certificateType2) {
                sb.append("#");
            }
            sb.append(certificateType2.name());
            sb.append(",");
        }
        sb.setLength(sb.length() - 1);
        sb.append(StringUtil.lineSeparator());
        sb.append("ec-groups: ");
        for (XECDHECryptography.SupportedGroup supportedGroup : this.supportedGroups) {
            if (this.selectedSupportedGroup == supportedGroup) {
                sb.append("#");
            }
            sb.append(supportedGroup.name());
            sb.append(",");
        }
        sb.setLength(sb.length() - 1);
        sb.append(StringUtil.lineSeparator());
        sb.append("signatures: ");
        for (SignatureAndHashAlgorithm signatureAndHashAlgorithm : this.signatures) {
            if (this.selectedSignature == signatureAndHashAlgorithm) {
                sb.append("#");
            }
            sb.append(signatureAndHashAlgorithm.getJcaName());
            sb.append(",");
        }
        sb.setLength(sb.length() - 1);
        sb.append(StringUtil.lineSeparator());
        return sb.toString();
    }
}
