package de.rub.nds.tlsattacker.core.crypto;

import de.rub.nds.modifiablevariable.util.ArrayConverter;
import de.rub.nds.tlsattacker.core.constants.MacAlgorithm;
import de.rub.nds.tlsattacker.core.workflow.chooser.Chooser;
import de.rub.nds.tlsattacker.transport.ConnectionEndType;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.text.MessageFormat;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.tls.TlsUtils;
import org.bouncycastle.util.Arrays;

/* loaded from: input_file:de/rub/nds/tlsattacker/core/crypto/SSLUtils.class */
public class SSLUtils {
    private static final MessageFormat ILLEGAL_MAC_ALGORITHM = new MessageFormat("{0}, is not a valid MacAlgorithm for SSLv3, only MD5 and SHA-1 are available.");
    public static final byte[] MD5_PAD1 = ArrayConverter.hexStringToByteArray(StringUtils.repeat("36", 48));
    public static final byte[] MD5_PAD2 = ArrayConverter.hexStringToByteArray(StringUtils.repeat("5c", 48));
    public static final byte[] SHA_PAD1 = ArrayConverter.hexStringToByteArray(StringUtils.repeat("36", 40));
    public static final byte[] SHA_PAD2 = ArrayConverter.hexStringToByteArray(StringUtils.repeat("5c", 40));
    public static final byte[][] SSL3_CONST = genSSL3Const();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: de.rub.nds.tlsattacker.core.crypto.SSLUtils$1, reason: invalid class name */
    /* loaded from: input_file:de/rub/nds/tlsattacker/core/crypto/SSLUtils$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$de$rub$nds$tlsattacker$transport$ConnectionEndType;

        static {
            try {
                $SwitchMap$de$rub$nds$tlsattacker$core$constants$MacAlgorithm[MacAlgorithm.SSLMAC_MD5.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$de$rub$nds$tlsattacker$core$constants$MacAlgorithm[MacAlgorithm.SSLMAC_SHA1.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            $SwitchMap$de$rub$nds$tlsattacker$transport$ConnectionEndType = new int[ConnectionEndType.values().length];
            try {
                $SwitchMap$de$rub$nds$tlsattacker$transport$ConnectionEndType[ConnectionEndType.SERVER.ordinal()] = 1;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$de$rub$nds$tlsattacker$transport$ConnectionEndType[ConnectionEndType.CLIENT.ordinal()] = 2;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:de/rub/nds/tlsattacker/core/crypto/SSLUtils$Sender.class */
    public enum Sender {
        CLIENT("434C4E54"),
        SERVER("53525652");

        private final byte[] value;

        Sender(String str) {
            this.value = ArrayConverter.hexStringToByteArray(str);
        }

        public byte[] getValue() {
            return this.value;
        }
    }

    /* JADX WARN: Type inference failed for: r0v2, types: [byte[], byte[][]] */
    private static byte[][] genSSL3Const() {
        ?? r0 = new byte[10];
        for (int i = 0; i < 10; i++) {
            byte[] bArr = new byte[i + 1];
            Arrays.fill(bArr, (byte) (65 + i));
            r0[i] = bArr;
        }
        return r0;
    }

    public static byte[] calculateMasterSecretSSL3(byte[] bArr, byte[] bArr2) {
        Digest createHash = TlsUtils.createHash((short) 1);
        Digest createHash2 = TlsUtils.createHash((short) 2);
        int digestSize = createHash.getDigestSize();
        byte[] bArr3 = new byte[createHash2.getDigestSize()];
        byte[] bArr4 = new byte[digestSize * 3];
        int i = 0;
        for (int i2 = 0; i2 < 3; i2++) {
            byte[] bArr5 = SSL3_CONST[i2];
            createHash2.update(bArr5, 0, bArr5.length);
            createHash2.update(bArr, 0, bArr.length);
            createHash2.update(bArr2, 0, bArr2.length);
            createHash2.doFinal(bArr3, 0);
            createHash.update(bArr, 0, bArr.length);
            createHash.update(bArr3, 0, bArr3.length);
            createHash.doFinal(bArr4, i);
            i += digestSize;
        }
        return bArr4;
    }

    public static byte[] calculateKeyBlockSSL3(byte[] bArr, byte[] bArr2, int i) {
        Digest createHash = TlsUtils.createHash((short) 1);
        Digest createHash2 = TlsUtils.createHash((short) 2);
        int digestSize = createHash.getDigestSize();
        byte[] bArr3 = new byte[createHash2.getDigestSize()];
        byte[] bArr4 = new byte[i + digestSize];
        int i2 = 0;
        int i3 = 0;
        while (i3 < i) {
            if (SSL3_CONST.length <= i2) {
                i2 = 0;
            }
            byte[] bArr5 = SSL3_CONST[i2];
            createHash2.update(bArr5, 0, bArr5.length);
            createHash2.update(bArr, 0, bArr.length);
            createHash2.update(bArr2, 0, bArr2.length);
            createHash2.doFinal(bArr3, 0);
            createHash.update(bArr, 0, bArr.length);
            createHash.update(bArr3, 0, bArr3.length);
            createHash.doFinal(bArr4, i3);
            i3 += digestSize;
            i2++;
        }
        return Arrays.copyOfRange(bArr4, 0, i);
    }

    public static byte[] getSenderConstant(Chooser chooser) {
        return getSenderConstant(chooser.getConnectionEndType());
    }

    public static byte[] getSenderConstant(ConnectionEndType connectionEndType) {
        if (null == connectionEndType) {
            throw new IllegalStateException("The ConnectionEnd should be either of Type Client or Server but it is " + connectionEndType);
        }
        switch (AnonymousClass1.$SwitchMap$de$rub$nds$tlsattacker$transport$ConnectionEndType[connectionEndType.ordinal()]) {
            case 1:
                return Sender.SERVER.getValue();
            case 2:
                return Sender.CLIENT.getValue();
            default:
                throw new IllegalStateException("The ConnectionEnd should be either of Type Client or Server but it is " + connectionEndType);
        }
    }

    public static byte[] getPad1(MacAlgorithm macAlgorithm) {
        if (null == macAlgorithm) {
            throw new IllegalArgumentException(ILLEGAL_MAC_ALGORITHM.format(macAlgorithm.getJavaName()));
        }
        switch (macAlgorithm) {
            case SSLMAC_MD5:
                return MD5_PAD1;
            case SSLMAC_SHA1:
                return SHA_PAD1;
            default:
                throw new IllegalArgumentException(ILLEGAL_MAC_ALGORITHM.format(macAlgorithm.getJavaName()));
        }
    }

    public static byte[] getPad2(MacAlgorithm macAlgorithm) {
        if (null == macAlgorithm) {
            throw new IllegalArgumentException(ILLEGAL_MAC_ALGORITHM.format(macAlgorithm.getJavaName()));
        }
        switch (macAlgorithm) {
            case SSLMAC_MD5:
                return MD5_PAD2;
            case SSLMAC_SHA1:
                return SHA_PAD2;
            default:
                throw new IllegalArgumentException(ILLEGAL_MAC_ALGORITHM.format(macAlgorithm.getJavaName()));
        }
    }

    private static String getHashAlgorithm(MacAlgorithm macAlgorithm) {
        if (null == macAlgorithm) {
            throw new IllegalArgumentException(ILLEGAL_MAC_ALGORITHM.format(macAlgorithm.getJavaName()));
        }
        switch (macAlgorithm) {
            case SSLMAC_MD5:
                return "MD5";
            case SSLMAC_SHA1:
                return "SHA-1";
            default:
                throw new IllegalArgumentException(ILLEGAL_MAC_ALGORITHM.format(macAlgorithm.getJavaName()));
        }
    }

    /* JADX WARN: Type inference failed for: r0v10, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r0v15, types: [byte[], byte[][]] */
    public static byte[] calculateSSLMac(byte[] bArr, byte[] bArr2, MacAlgorithm macAlgorithm) {
        byte[] pad1 = getPad1(macAlgorithm);
        byte[] pad2 = getPad2(macAlgorithm);
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(getHashAlgorithm(macAlgorithm));
            return messageDigest.digest(ArrayConverter.concatenate((byte[][]) new byte[]{bArr2, pad2, messageDigest.digest(ArrayConverter.concatenate((byte[][]) new byte[]{bArr2, pad1, bArr}))}));
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException(ILLEGAL_MAC_ALGORITHM.format(macAlgorithm.getJavaName()));
        }
    }

    public static byte[] calculateSSLCertificateVerifySignature(byte[] bArr, byte[] bArr2) {
        return calculateSSLMd5SHASignature(bArr, bArr2);
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [byte[], byte[][]] */
    public static byte[] calculateFinishedData(byte[] bArr, byte[] bArr2, ConnectionEndType connectionEndType) {
        return calculateSSLMd5SHASignature(ArrayConverter.concatenate((byte[][]) new byte[]{bArr, getSenderConstant(connectionEndType)}), bArr2);
    }

    /* JADX WARN: Type inference failed for: r0v16, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r0v19, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r0v26, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r0v6, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r0v9, types: [byte[], byte[][]] */
    private static byte[] calculateSSLMd5SHASignature(byte[] bArr, byte[] bArr2) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            MessageDigest messageDigest2 = MessageDigest.getInstance("SHA-1");
            byte[] concatenate = ArrayConverter.concatenate((byte[][]) new byte[]{bArr, bArr2, MD5_PAD1});
            byte[] concatenate2 = ArrayConverter.concatenate((byte[][]) new byte[]{bArr, bArr2, SHA_PAD1});
            byte[] digest = messageDigest.digest(concatenate);
            byte[] digest2 = messageDigest2.digest(concatenate2);
            return ArrayConverter.concatenate((byte[][]) new byte[]{messageDigest.digest(ArrayConverter.concatenate((byte[][]) new byte[]{bArr2, MD5_PAD2, digest})), messageDigest2.digest(ArrayConverter.concatenate((byte[][]) new byte[]{bArr2, SHA_PAD2, digest2}))});
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalStateException("Either MD5 or SHA-1 algorithm is not provided by the Execution-Enviroment, check your providers.", e);
        }
    }

    private SSLUtils() {
    }
}
