package de.rub.nds.tlsattacker.core.record.crypto;

import de.rub.nds.modifiablevariable.bytearray.ModifiableByteArray;
import de.rub.nds.modifiablevariable.util.ArrayConverter;
import de.rub.nds.tlsattacker.core.constants.CipherSuite;
import de.rub.nds.tlsattacker.core.constants.ExtensionType;
import de.rub.nds.tlsattacker.core.constants.ProtocolMessageType;
import de.rub.nds.tlsattacker.core.constants.Tls13KeySetType;
import de.rub.nds.tlsattacker.core.exceptions.CryptoException;
import de.rub.nds.tlsattacker.core.exceptions.WorkflowExecutionException;
import de.rub.nds.tlsattacker.core.record.BlobRecord;
import de.rub.nds.tlsattacker.core.record.Record;
import de.rub.nds.tlsattacker.core.record.cipher.RecordCipher;
import de.rub.nds.tlsattacker.core.record.cipher.RecordCipherFactory;
import de.rub.nds.tlsattacker.core.record.cipher.cryptohelper.DecryptionRequest;
import de.rub.nds.tlsattacker.core.record.cipher.cryptohelper.DecryptionResult;
import de.rub.nds.tlsattacker.core.record.cipher.cryptohelper.KeySetGenerator;
import de.rub.nds.tlsattacker.core.state.TlsContext;
import de.rub.nds.tlsattacker.transport.ConnectionEndType;
import java.math.BigInteger;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:de/rub/nds/tlsattacker/core/record/crypto/RecordDecryptor.class */
public class RecordDecryptor extends Decryptor {
    private static final Logger LOGGER = LogManager.getLogger();
    private final TlsContext context;

    public RecordDecryptor(RecordCipher recordCipher, TlsContext tlsContext) {
        super(recordCipher);
        this.context = tlsContext;
    }

    @Override // de.rub.nds.tlsattacker.core.record.crypto.Decryptor
    public void decrypt(BlobRecord blobRecord) {
        LOGGER.debug("Decrypting BlobRecord");
        blobRecord.setCleanProtocolMessageBytes(this.recordCipher.decrypt(new DecryptionRequest(null, (byte[]) blobRecord.getProtocolMessageBytes().getValue())).getDecryptedCipherText());
        LOGGER.debug("CleanProtocolMessageBytes: " + ArrayConverter.bytesToHexString((byte[]) blobRecord.getCleanProtocolMessageBytes().getValue()));
    }

    @Override // de.rub.nds.tlsattacker.core.record.crypto.Decryptor
    public void decrypt(Record record) throws CryptoException {
        LOGGER.debug("Decrypting Record");
        record.prepareComputations();
        if (this.recordCipher.getKeySet() != null) {
            record.getComputations().setMacKey(this.recordCipher.getKeySet().getReadMacSecret(this.context.getChooser().getConnectionEndType()));
            record.getComputations().setCipherKey(this.recordCipher.getKeySet().getReadKey(this.context.getChooser().getConnectionEndType()));
        }
        record.getComputations().setSequenceNumber(BigInteger.valueOf(this.context.getReadSequenceNumber()));
        byte[] bArr = (byte[]) record.getProtocolMessageBytes().getValue();
        CipherSuite selectedCipherSuite = this.context.getChooser().getSelectedCipherSuite();
        prepareNonMetaDataMaced(record, bArr);
        prepareAdditionalMetadata(record);
        if (isEncryptThenMac(selectedCipherSuite)) {
            LOGGER.trace("EncryptThenMac is active");
            record.getComputations().setMac(parseMac((byte[]) record.getProtocolMessageBytes().getValue()));
            bArr = removeMac((byte[]) record.getProtocolMessageBytes().getValue());
        }
        LOGGER.debug("Decrypting:" + ArrayConverter.bytesToHexString(bArr));
        DecryptionResult decrypt = this.recordCipher.decrypt(new DecryptionRequest((byte[]) record.getComputations().getAuthenticatedMetaData().getValue(), bArr));
        record.getComputations().setPlainRecordBytes(decrypt.getDecryptedCipherText());
        record.getComputations().setInitialisationVector(decrypt.getInitialisationVector());
        LOGGER.debug("PlainRecordBytes: " + ArrayConverter.bytesToHexString((byte[]) record.getComputations().getPlainRecordBytes().getValue()));
        if (!this.recordCipher.isUsingPadding() || !decrypt.isSuccessful()) {
            useNoPadding(record);
        } else if (this.context.getChooser().getSelectedProtocolVersion().isTLS13() || this.context.getActiveKeySetTypeRead() == Tls13KeySetType.EARLY_TRAFFIC_SECRETS) {
            adjustPaddingTLS13(record);
        } else {
            adjustPaddingTLS(record);
        }
        if (!isEncryptThenMac(selectedCipherSuite) && this.recordCipher.isUsingMac() && decrypt.isSuccessful()) {
            LOGGER.trace("EncryptThenMac is not active");
            if (selectedCipherSuite.isUsingMac()) {
                adjustMac(record);
            } else {
                useNoMac(record);
            }
            prepareNonMetaDataMaced(record, (byte[]) record.getCleanProtocolMessageBytes().getValue());
            prepareAdditionalMetadata(record);
        } else {
            useNoMac(record);
        }
        this.context.increaseReadSequenceNumber();
        if (this.context.getChooser().getConnectionEndType() == ConnectionEndType.SERVER && this.context.getActiveClientKeySetType() == Tls13KeySetType.EARLY_TRAFFIC_SECRETS) {
            checkForEndOfEarlyData((byte[]) record.getComputations().getUnpaddedRecordBytes().getValue());
        }
        if (decrypt.isSuccessful()) {
            record.getComputations().setPaddingValid(isPaddingValid(record));
            record.getComputations().setMacValid(isMacValid(record));
        }
    }

    private Boolean isPaddingValid(Record record) {
        ModifiableByteArray padding = record.getComputations().getPadding();
        if (padding == null || padding.getValue() == null || ((byte[]) padding.getValue()).length <= 0) {
            return null;
        }
        if (this.context.getChooser().getSelectedProtocolVersion().isSSL()) {
            return true;
        }
        for (int i = 0; i < ((byte[]) padding.getValue()).length; i++) {
            if (((byte[]) padding.getValue())[i] != ((byte[]) padding.getValue()).length - 1) {
                LOGGER.debug("Padding is invalid");
                return false;
            }
        }
        LOGGER.debug("Padding is valid");
        return true;
    }

    /* JADX WARN: Type inference failed for: r0v14, types: [byte[], byte[][]] */
    private Boolean isMacValid(Record record) {
        ModifiableByteArray mac = record.getComputations().getMac();
        if (mac == null || mac.getValue() == null || ((byte[]) mac.getValue()).length <= 0) {
            return null;
        }
        if (Arrays.equals(this.recordCipher.calculateMac(ArrayConverter.concatenate((byte[][]) new byte[]{(byte[]) record.getComputations().getAuthenticatedMetaData().getValue(), (byte[]) record.getComputations().getNonMetaDataMaced().getValue()}), this.context.getChooser().getMyConnectionPeer()), (byte[]) mac.getValue())) {
            LOGGER.debug("Mac is valid");
            return true;
        }
        LOGGER.debug("Mac is invalid");
        return false;
    }

    private void prepareAdditionalMetadata(Record record) throws CryptoException {
        record.getComputations().setAuthenticatedMetaData(collectAdditionalAuthenticatedData(record, this.context.getChooser().getSelectedProtocolVersion()));
    }

    private void prepareNonMetaDataMaced(Record record, byte[] bArr) throws CryptoException {
        if (!this.recordCipher.isUsingTags() || this.context.getChooser().getSelectedProtocolVersion().isTLS13()) {
            record.getComputations().setNonMetaDataMaced(bArr);
        } else {
            if (bArr.length < this.recordCipher.getTagSize()) {
                throw new CryptoException("Ciphertext contains no tag");
            }
            record.getComputations().setNonMetaDataMaced(Arrays.copyOfRange(bArr, this.recordCipher.getTagSize(), bArr.length));
        }
        LOGGER.debug("Setting NonMetaData Maced:" + ArrayConverter.bytesToHexString(record.getComputations().getNonMetaDataMaced()));
    }

    private boolean isEncryptThenMac(CipherSuite cipherSuite) {
        return this.context.isExtensionNegotiated(ExtensionType.ENCRYPT_THEN_MAC) && cipherSuite.isCBC() && this.recordCipher.isUsingMac();
    }

    private void adjustMac(Record record) throws CryptoException {
        record.getComputations().setMac(parseMac((byte[]) record.getComputations().getUnpaddedRecordBytes().getValue()));
        record.setCleanProtocolMessageBytes(removeMac((byte[]) record.getComputations().getUnpaddedRecordBytes().getValue()));
    }

    private void useNoMac(Record record) {
        record.getComputations().setMac(new byte[0]);
        record.setCleanProtocolMessageBytes((byte[]) record.getComputations().getUnpaddedRecordBytes().getValue());
    }

    private void useNoPadding(Record record) {
        record.getComputations().setPaddingLength((Integer) 0);
        record.getComputations().setPadding(new byte[0]);
        record.getComputations().setUnpaddedRecordBytes(record.getComputations().getPlainRecordBytes());
    }

    private void adjustPaddingTLS13(Record record) throws CryptoException {
        byte[] parseUnpaddedTLS13 = parseUnpaddedTLS13((byte[]) record.getComputations().getPlainRecordBytes().getValue());
        byte parseContentMessageType = parseContentMessageType(parseUnpaddedTLS13);
        LOGGER.debug("Parsed ContentMessageType:" + ((int) parseContentMessageType));
        ProtocolMessageType contentType = ProtocolMessageType.getContentType(parseContentMessageType);
        if (contentType == null) {
            LOGGER.warn("Parsed unknown TLS 1.3 ProtocolMessage type. Using Unknown instead");
            contentType = ProtocolMessageType.UNKNOWN;
        }
        record.setContentMessageType(contentType);
        LOGGER.debug("ContentMessageType:" + record.getContentMessageType());
        record.getComputations().setUnpaddedRecordBytes(Arrays.copyOf(parseUnpaddedTLS13, parseUnpaddedTLS13.length - 1));
        LOGGER.debug("UnpaddedRecordBytes: " + ArrayConverter.bytesToHexString((byte[]) record.getComputations().getUnpaddedRecordBytes().getValue()));
        record.getComputations().setPadding(parsePadding((byte[]) record.getComputations().getPlainRecordBytes().getValue(), ((byte[]) record.getComputations().getPlainRecordBytes().getValue()).length - parseUnpaddedTLS13.length));
        LOGGER.debug("Padding: " + ArrayConverter.bytesToHexString((byte[]) record.getComputations().getPadding().getValue()));
        record.getComputations().setPaddingLength(Integer.valueOf(((byte[]) record.getComputations().getPadding().getValue()).length));
        LOGGER.debug("PaddingLength: " + record.getComputations().getPaddingLength().getValue());
    }

    private void adjustPaddingTLS(Record record) throws CryptoException {
        int parsePaddingLength = parsePaddingLength((byte[]) record.getComputations().getPlainRecordBytes().getValue());
        record.getComputations().setPaddingLength(Integer.valueOf(parsePaddingLength));
        LOGGER.debug("PaddingLength: " + record.getComputations().getPaddingLength().getValue());
        byte[] parseUnpadded = parseUnpadded((byte[]) record.getComputations().getPlainRecordBytes().getValue(), parsePaddingLength);
        record.getComputations().setUnpaddedRecordBytes(parseUnpadded);
        LOGGER.debug("UnpaddedRecordBytes: " + ArrayConverter.bytesToHexString((byte[]) record.getComputations().getUnpaddedRecordBytes().getValue()));
        record.getComputations().setPadding(parsePadding((byte[]) record.getComputations().getPlainRecordBytes().getValue(), parsePaddingLength));
        LOGGER.debug("Padding: " + ArrayConverter.bytesToHexString((byte[]) record.getComputations().getPadding().getValue()));
        LOGGER.debug("Unpadded data:  {}", ArrayConverter.bytesToHexString(parseUnpadded));
    }

    private int parsePaddingLength(byte[] bArr) throws CryptoException {
        if (bArr.length == 0) {
            throw new CryptoException("Could not extract padding.");
        }
        return bArr[bArr.length - 1];
    }

    private byte[] parseUnpadded(byte[] bArr, int i) throws CryptoException {
        if (i > bArr.length) {
            throw new CryptoException("Could not unpad decrypted Data. Padding length greater than data length");
        }
        return i == bArr.length ? new byte[0] : Arrays.copyOf(bArr, (bArr.length - i) - 1);
    }

    private byte[] parseUnpaddedTLS13(byte[] bArr) throws CryptoException {
        if (bArr.length == 0) {
            throw new CryptoException("Could not extract padding.");
        }
        int length = bArr.length - 1;
        while (length >= 0 && bArr[length] == 0) {
            length--;
        }
        return Arrays.copyOf(bArr, length + 1);
    }

    private byte[] parsePadding(byte[] bArr, int i) throws CryptoException {
        int length = (bArr.length - i) - 1;
        if (length > bArr.length) {
            throw new CryptoException("Could parse Padding. Padding start greater than data length");
        }
        if (length < 0) {
            throw new CryptoException("Could not parse Padding. Padding start is negative");
        }
        return Arrays.copyOfRange(bArr, length, bArr.length);
    }

    private byte[] parseMac(byte[] bArr) throws CryptoException {
        if (bArr.length - this.recordCipher.getMacLength() < 0) {
            throw new CryptoException("Could not parse MAC, not enough bytes left");
        }
        return Arrays.copyOfRange(bArr, bArr.length - this.recordCipher.getMacLength(), bArr.length);
    }

    private byte[] removeMac(byte[] bArr) {
        return Arrays.copyOf(bArr, bArr.length - this.recordCipher.getMacLength());
    }

    private byte parseContentMessageType(byte[] bArr) throws CryptoException {
        if (bArr.length == 0) {
            throw new CryptoException("Could not extract content type of message.");
        }
        return bArr[bArr.length - 1];
    }

    private void checkForEndOfEarlyData(byte[] bArr) throws CryptoException {
        if (Arrays.equals(bArr, new byte[]{5, 0, 0, 0})) {
            adjustClientCipherAfterEarly();
        }
    }

    public void adjustClientCipherAfterEarly() throws CryptoException {
        try {
            this.context.setActiveClientKeySetType(Tls13KeySetType.HANDSHAKE_TRAFFIC_SECRETS);
            LOGGER.debug("Setting cipher for client to use handshake secrets");
            this.context.getRecordLayer().setRecordCipher(RecordCipherFactory.getRecordCipher(this.context, KeySetGenerator.generateKeySet(this.context, this.context.getChooser().getSelectedProtocolVersion(), this.context.getActiveClientKeySetType()), this.context.getChooser().getSelectedCipherSuite()));
            this.context.getRecordLayer().updateDecryptionCipher();
            this.context.setReadSequenceNumber(0L);
        } catch (NoSuchAlgorithmException e) {
            LOGGER.error("Generating KeySet failed - Unknown algorithm");
            throw new WorkflowExecutionException(e.toString());
        }
    }
}
