package de.rub.nds.tlsattacker.core.protocol.preparator.extension;

import de.rub.nds.modifiablevariable.util.ArrayConverter;
import de.rub.nds.tlsattacker.core.config.Config;
import de.rub.nds.tlsattacker.core.constants.HKDFAlgorithm;
import de.rub.nds.tlsattacker.core.crypto.HKDFunction;
import de.rub.nds.tlsattacker.core.crypto.ec.CurveFactory;
import de.rub.nds.tlsattacker.core.crypto.ec.EllipticCurve;
import de.rub.nds.tlsattacker.core.crypto.ec.Point;
import de.rub.nds.tlsattacker.core.exceptions.CryptoException;
import de.rub.nds.tlsattacker.core.exceptions.PreparationException;
import de.rub.nds.tlsattacker.core.protocol.message.extension.PWDProtectExtensionMessage;
import de.rub.nds.tlsattacker.core.protocol.serializer.extension.PWDProtectExtensionSerializer;
import de.rub.nds.tlsattacker.core.workflow.chooser.Chooser;
import java.math.BigInteger;
import java.util.Arrays;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.cryptomator.siv.SivMode;

/* loaded from: input_file:de/rub/nds/tlsattacker/core/protocol/preparator/extension/PWDProtectExtensionPreparator.class */
public class PWDProtectExtensionPreparator extends ExtensionPreparator<PWDProtectExtensionMessage> {
    private static final Logger LOGGER = LogManager.getLogger();
    private final PWDProtectExtensionMessage msg;

    public PWDProtectExtensionPreparator(Chooser chooser, PWDProtectExtensionMessage pWDProtectExtensionMessage, PWDProtectExtensionSerializer pWDProtectExtensionSerializer) {
        super(chooser, pWDProtectExtensionMessage, pWDProtectExtensionSerializer);
        this.msg = pWDProtectExtensionMessage;
    }

    @Override // de.rub.nds.tlsattacker.core.protocol.preparator.extension.ExtensionPreparator
    public void prepareExtensionContent() {
        LOGGER.debug("Preparing PWDProtectExtension");
        try {
            prepareUsername(this.msg);
            prepareUsernameLength(this.msg);
        } catch (CryptoException e) {
            throw new PreparationException("Failed to encrypt username", e);
        }
    }

    /* JADX WARN: Type inference failed for: r1v20, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r4v2, types: [byte[], byte[][]] */
    private void prepareUsername(PWDProtectExtensionMessage pWDProtectExtensionMessage) throws CryptoException {
        HKDFAlgorithm hKDFAlgorithm;
        Config config = this.chooser.getConfig();
        EllipticCurve curve = CurveFactory.getCurve(config.getDefaultPWDProtectGroup());
        Point basePoint = curve.getBasePoint();
        Point defaultServerPWDProtectPublicKey = config.getDefaultServerPWDProtectPublicKey();
        if (curve.getModulus().bitLength() <= 256) {
            hKDFAlgorithm = HKDFAlgorithm.TLS_HKDF_SHA256;
        } else {
            if (curve.getModulus().bitLength() > 384) {
                throw new CryptoException("Missing HKDF algorithm for curves larger than 384 bits");
            }
            hKDFAlgorithm = HKDFAlgorithm.TLS_HKDF_SHA384;
        }
        BigInteger data = curve.mult(config.getDefaultServerPWDProtectRandomSecret(), basePoint).getX().getData();
        byte[] expand = HKDFunction.expand(hKDFAlgorithm, HKDFunction.extract(hKDFAlgorithm, null, ArrayConverter.bigIntegerToByteArray(curve.mult(config.getDefaultServerPWDProtectRandomSecret(), defaultServerPWDProtectPublicKey).getX().getData())), new byte[0], curve.getModulus().bitLength() / 8);
        LOGGER.debug("Username encryption key: " + ArrayConverter.bytesToHexString(expand));
        pWDProtectExtensionMessage.setUsername(ArrayConverter.concatenate((byte[][]) new byte[]{ArrayConverter.bigIntegerToByteArray(data, curve.getModulus().bitLength() / 8, true), new SivMode().encrypt(Arrays.copyOfRange(expand, 0, expand.length / 2), Arrays.copyOfRange(expand, expand.length / 2, expand.length), this.chooser.getClientPWDUsername().getBytes(), (byte[][]) new byte[0])}));
        LOGGER.debug("Username: " + ArrayConverter.bytesToHexString(pWDProtectExtensionMessage.getUsername()));
    }

    private void prepareUsernameLength(PWDProtectExtensionMessage pWDProtectExtensionMessage) {
        pWDProtectExtensionMessage.setUsernameLength(((byte[]) pWDProtectExtensionMessage.getUsername().getValue()).length);
        LOGGER.debug("UsernameLength: " + pWDProtectExtensionMessage.getUsernameLength().getValue());
    }
}
