package de.vwag.viwi.mib3.library.internal.network;

import de.vwag.viwi.mib3.library.internal.credentials.Credentials;
import de.vwag.viwi.mib3.library.internal.diagnostic.L;
import de.vwag.viwi.mib3.library.internal.utils.CertificateUtils;
import de.vwag.viwi.mib3.library.internal.utils.CertificateVerifier;
import java.io.IOException;
import org.spongycastle.crypto.tls.Certificate;
import org.spongycastle.crypto.tls.CertificateRequest;
import org.spongycastle.crypto.tls.CipherSuite;
import org.spongycastle.crypto.tls.DefaultTlsClient;
import org.spongycastle.crypto.tls.DefaultTlsSignerCredentials;
import org.spongycastle.crypto.tls.SignatureAndHashAlgorithm;
import org.spongycastle.crypto.tls.TlsAuthentication;
import org.spongycastle.crypto.tls.TlsCredentials;
import org.spongycastle.crypto.util.PrivateKeyFactory;

/* loaded from: classes3.dex */
class RegularCommunicationTlsClient extends DefaultTlsClient {
    private final Credentials credentials;

    public RegularCommunicationTlsClient(Credentials credentials) {
        this.credentials = credentials;
    }

    public TlsAuthentication getAuthentication() throws IOException {
        return new TlsAuthentication() { // from class: de.vwag.viwi.mib3.library.internal.network.RegularCommunicationTlsClient.1
            public TlsCredentials getClientCredentials(CertificateRequest certificateRequest) throws IOException {
                DefaultTlsSignerCredentials defaultTlsSignerCredentials = null;
                try {
                    defaultTlsSignerCredentials = new DefaultTlsSignerCredentials(RegularCommunicationTlsClient.this.context, new Certificate(new org.spongycastle.asn1.x509.Certificate[]{RegularCommunicationTlsClient.this.credentials.getSignedClientCertificate().toASN1Structure()}), PrivateKeyFactory.createKey(RegularCommunicationTlsClient.this.credentials.getClientKeyPair().getPrivate().getEncoded()), new SignatureAndHashAlgorithm((short) 4, (short) 3));
                    return defaultTlsSignerCredentials;
                } catch (Exception e) {
                    L.e(e, "Could not return client certificate during TLS handshake.", new Object[0]);
                    return defaultTlsSignerCredentials;
                }
            }

            public void notifyServerCertificate(Certificate certificate) throws IOException {
                try {
                    if (CertificateVerifier.verifyCertificate(new Certificate(new org.spongycastle.asn1.x509.Certificate[]{certificate.getCertificateAt(0)}), CertificateUtils.convert(RegularCommunicationTlsClient.this.credentials.getMibCertificate()))) {
                    } else {
                        throw new InvalidServerCertificateException();
                    }
                } catch (Exception e) {
                    throw new InvalidServerCertificateException(e);
                }
            }
        };
    }

    public int[] getCipherSuites() {
        return new int[]{CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256};
    }

    public void notifySecureRenegotiation(boolean z) throws IOException {
    }
}
