package de.rub.nds.tlsattacker.core.protocol.preparator;

import de.rub.nds.modifiablevariable.util.ArrayConverter;
import de.rub.nds.tlsattacker.core.constants.CertificateVerifiyConstants;
import de.rub.nds.tlsattacker.core.constants.SignatureAndHashAlgorithm;
import de.rub.nds.tlsattacker.core.crypto.SSLUtils;
import de.rub.nds.tlsattacker.core.crypto.SignatureCalculator;
import de.rub.nds.tlsattacker.core.exceptions.CryptoException;
import de.rub.nds.tlsattacker.core.protocol.message.CertificateVerifyMessage;
import de.rub.nds.tlsattacker.core.workflow.chooser.Chooser;
import de.rub.nds.tlsattacker.transport.ConnectionEndType;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:de/rub/nds/tlsattacker/core/protocol/preparator/CertificateVerifyPreparator.class */
public class CertificateVerifyPreparator extends HandshakeMessagePreparator<CertificateVerifyMessage> {
    private static final Logger LOGGER = LogManager.getLogger();
    private SignatureAndHashAlgorithm algorithm;
    private byte[] signature;
    private final CertificateVerifyMessage msg;

    public CertificateVerifyPreparator(Chooser chooser, CertificateVerifyMessage certificateVerifyMessage) {
        super(chooser, certificateVerifyMessage);
        this.msg = certificateVerifyMessage;
    }

    @Override // de.rub.nds.tlsattacker.core.protocol.preparator.HandshakeMessagePreparator
    public void prepareHandshakeMessageContents() {
        LOGGER.debug("Preparing CertificateVerifiyMessage");
        this.algorithm = this.chooser.getSelectedSigHashAlgorithm();
        this.signature = new byte[0];
        try {
            this.signature = createSignature();
        } catch (CryptoException e) {
            LOGGER.warn("Could not generate Signature! Using empty one instead!", e);
        }
        prepareSignature(this.msg);
        prepareSignatureLength(this.msg);
        prepareSignatureHashAlgorithm(this.msg);
    }

    /* JADX WARN: Type inference failed for: r0v31, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r0v34, types: [byte[], byte[][]] */
    private byte[] createSignature() throws CryptoException {
        byte[] rawBytes = this.chooser.getContext().getDigest().getRawBytes();
        if (this.chooser.getSelectedProtocolVersion().isTLS13()) {
            rawBytes = this.chooser.getConnectionEndType() == ConnectionEndType.CLIENT ? ArrayConverter.concatenate((byte[][]) new byte[]{ArrayConverter.hexStringToByteArray("20202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020"), CertificateVerifiyConstants.CLIENT_CERTIFICATE_VERIFY.getBytes(), new byte[]{0}, this.chooser.getContext().getDigest().digest(this.chooser.getSelectedProtocolVersion(), this.chooser.getSelectedCipherSuite())}) : ArrayConverter.concatenate((byte[][]) new byte[]{ArrayConverter.hexStringToByteArray("20202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020"), CertificateVerifiyConstants.SERVER_CERTIFICATE_VERIFY.getBytes(), new byte[]{0}, this.chooser.getContext().getDigest().digest(this.chooser.getSelectedProtocolVersion(), this.chooser.getSelectedCipherSuite())});
        } else if (this.chooser.getSelectedProtocolVersion().isSSL()) {
            return SSLUtils.calculateSSLCertificateVerifySignature(this.chooser.getContext().getDigest().getRawBytes(), this.chooser.getMasterSecret());
        }
        this.algorithm = this.chooser.getSelectedSigHashAlgorithm();
        return SignatureCalculator.generateSignature(this.algorithm, this.chooser, rawBytes);
    }

    private void prepareSignature(CertificateVerifyMessage certificateVerifyMessage) {
        certificateVerifyMessage.setSignature(this.signature);
        LOGGER.debug("Signature: " + ArrayConverter.bytesToHexString((byte[]) certificateVerifyMessage.getSignature().getValue()));
    }

    private void prepareSignatureLength(CertificateVerifyMessage certificateVerifyMessage) {
        certificateVerifyMessage.setSignatureLength(((byte[]) certificateVerifyMessage.getSignature().getValue()).length);
        LOGGER.debug("SignatureLength: " + certificateVerifyMessage.getSignatureLength().getValue());
    }

    private void prepareSignatureHashAlgorithm(CertificateVerifyMessage certificateVerifyMessage) {
        certificateVerifyMessage.setSignatureHashAlgorithm(this.algorithm.getByteValue());
        LOGGER.debug("SignatureHasAlgorithm: " + ArrayConverter.bytesToHexString((byte[]) certificateVerifyMessage.getSignatureHashAlgorithm().getValue()));
    }
}
