package de.rub.nds.tlsattacker.core.record.cipher;

import de.rub.nds.modifiablevariable.util.ArrayConverter;
import de.rub.nds.tlsattacker.core.constants.ProtocolVersion;
import de.rub.nds.tlsattacker.core.constants.Tls13KeySetType;
import de.rub.nds.tlsattacker.core.crypto.cipher.CipherWrapper;
import de.rub.nds.tlsattacker.core.exceptions.CryptoException;
import de.rub.nds.tlsattacker.core.record.cipher.cryptohelper.DecryptionRequest;
import de.rub.nds.tlsattacker.core.record.cipher.cryptohelper.DecryptionResult;
import de.rub.nds.tlsattacker.core.record.cipher.cryptohelper.EncryptionRequest;
import de.rub.nds.tlsattacker.core.record.cipher.cryptohelper.EncryptionResult;
import de.rub.nds.tlsattacker.core.record.cipher.cryptohelper.KeySet;
import de.rub.nds.tlsattacker.core.state.TlsContext;
import de.rub.nds.tlsattacker.transport.ConnectionEndType;
import java.util.Arrays;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:de/rub/nds/tlsattacker/core/record/cipher/RecordAEADCipher.class */
public class RecordAEADCipher extends RecordCipher {
    private static final Logger LOGGER = LogManager.getLogger();
    public static final int SEQUENCE_NUMBER_LENGTH = 8;
    public static final int AEAD_TAG_LENGTH = 16;
    public static final int AEAD_CCM_8_TAG_LENGTH = 8;
    public static final int AEAD_IV_LENGTH = 12;
    private final int aeadTagLength;

    public RecordAEADCipher(TlsContext tlsContext, KeySet keySet) {
        super(tlsContext, keySet);
        ConnectionEndType localConnectionEndType = tlsContext.getConnection().getLocalConnectionEndType();
        this.encryptCipher = CipherWrapper.getEncryptionCipher(this.cipherSuite, localConnectionEndType, getKeySet());
        this.decryptCipher = CipherWrapper.getDecryptionCipher(this.cipherSuite, localConnectionEndType, getKeySet());
        if (this.cipherSuite.isCCM_8()) {
            this.aeadTagLength = 8;
        } else {
            this.aeadTagLength = 16;
        }
    }

    @Override // de.rub.nds.tlsattacker.core.record.cipher.RecordCipher
    public EncryptionResult encrypt(EncryptionRequest encryptionRequest) {
        try {
            return (this.version.isTLS13() || this.context.getActiveKeySetTypeWrite() == Tls13KeySetType.EARLY_TRAFFIC_SECRETS) ? encryptTLS13(encryptionRequest) : encryptTLS12(encryptionRequest);
        } catch (CryptoException e) {
            LOGGER.warn("Could not encrypt Data with the provided parameters. Returning unencrypted data.", e);
            return new EncryptionResult(encryptionRequest.getPlainText());
        }
    }

    @Override // de.rub.nds.tlsattacker.core.record.cipher.RecordCipher
    public DecryptionResult decrypt(DecryptionRequest decryptionRequest) {
        try {
            return new DecryptionResult(null, (this.version.isTLS13() || this.context.getActiveKeySetTypeRead() == Tls13KeySetType.EARLY_TRAFFIC_SECRETS) ? decryptTLS13(decryptionRequest) : decryptTLS12(decryptionRequest), null, true);
        } catch (CryptoException e) {
            LOGGER.warn("Could not decrypt Data with the provided parameters. Returning undecrypted data.");
            LOGGER.debug(e);
            return new DecryptionResult(null, decryptionRequest.getCipherText(), false, false);
        }
    }

    /* JADX WARN: Type inference failed for: r0v6, types: [byte[], byte[][]] */
    private EncryptionResult encryptTLS13(EncryptionRequest encryptionRequest) throws CryptoException {
        byte[] encrypt;
        byte[] longToBytes = ArrayConverter.longToBytes(this.context.getWriteSequenceNumber(), 8);
        LOGGER.debug("SQN bytes: " + ArrayConverter.bytesToHexString(longToBytes));
        byte[] concatenate = ArrayConverter.concatenate((byte[][]) new byte[]{new byte[4], longToBytes});
        LOGGER.debug("NonceBytes:" + ArrayConverter.bytesToHexString(concatenate));
        byte[] prepareAeadParameters = prepareAeadParameters(concatenate, getEncryptionIV());
        LOGGER.debug("Encrypting GCM with the following IV: {}", ArrayConverter.bytesToHexString(prepareAeadParameters));
        if (this.version == ProtocolVersion.TLS13 || this.version == ProtocolVersion.TLS13_DRAFT25 || this.version == ProtocolVersion.TLS13_DRAFT26 || this.version == ProtocolVersion.TLS13_DRAFT27 || this.version == ProtocolVersion.TLS13_DRAFT28) {
            LOGGER.debug("AAD:" + ArrayConverter.bytesToHexString(encryptionRequest.getAdditionalAuthenticatedData()));
            encrypt = this.encryptCipher.encrypt(prepareAeadParameters, this.aeadTagLength * 8, encryptionRequest.getAdditionalAuthenticatedData(), encryptionRequest.getPlainText());
        } else {
            encrypt = this.encryptCipher.encrypt(prepareAeadParameters, this.aeadTagLength * 8, encryptionRequest.getPlainText());
        }
        return new EncryptionResult(prepareAeadParameters, encrypt, false);
    }

    private byte[] prepareAeadParameters(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[12];
        for (int i = 0; i < 12; i++) {
            bArr3[i] = (byte) (bArr2[i] ^ bArr[i]);
        }
        return bArr3;
    }

    /* JADX WARN: Type inference failed for: r0v5, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r3v8, types: [byte[], byte[][]] */
    private EncryptionResult encryptTLS12(EncryptionRequest encryptionRequest) throws CryptoException {
        byte[] longToBytes = ArrayConverter.longToBytes(this.context.getWriteSequenceNumber(), 8);
        byte[] concatenate = ArrayConverter.concatenate((byte[][]) new byte[]{getKeySet().getWriteIv(this.context.getConnection().getLocalConnectionEndType()), longToBytes});
        LOGGER.debug("Encrypting AEAD with the following IV: {}", ArrayConverter.bytesToHexString(concatenate));
        LOGGER.debug("Encrypting AEAD with the following AAD: {}", ArrayConverter.bytesToHexString(encryptionRequest.getAdditionalAuthenticatedData()));
        byte[] encrypt = this.encryptCipher.encrypt(concatenate, this.aeadTagLength * 8, encryptionRequest.getAdditionalAuthenticatedData(), encryptionRequest.getPlainText());
        return this.cipherSuite.usesStrictExplicitIv() ? new EncryptionResult(encrypt) : new EncryptionResult(concatenate, ArrayConverter.concatenate((byte[][]) new byte[]{longToBytes, encrypt}), false);
    }

    /* JADX WARN: Type inference failed for: r0v6, types: [byte[], byte[][]] */
    private byte[] decryptTLS13(DecryptionRequest decryptionRequest) throws CryptoException {
        LOGGER.debug("Decrypting using SQN:" + this.context.getReadSequenceNumber());
        byte[] prepareAeadParameters = prepareAeadParameters(ArrayConverter.concatenate((byte[][]) new byte[]{new byte[4], ArrayConverter.longToBytes(this.context.getReadSequenceNumber(), 8)}), getDecryptionIV());
        LOGGER.debug("Decrypting AEAD with the following IV: {}", ArrayConverter.bytesToHexString(prepareAeadParameters));
        LOGGER.debug("Decrypting the following AEAD ciphertext: {}", ArrayConverter.bytesToHexString(decryptionRequest.getCipherText()));
        return (this.version == ProtocolVersion.TLS13 || this.version == ProtocolVersion.TLS13_DRAFT25 || this.version == ProtocolVersion.TLS13_DRAFT26 || this.version == ProtocolVersion.TLS13_DRAFT27 || this.version == ProtocolVersion.TLS13_DRAFT28) ? this.decryptCipher.decrypt(prepareAeadParameters, this.aeadTagLength * 8, decryptionRequest.getAdditionalAuthenticatedData(), decryptionRequest.getCipherText()) : this.decryptCipher.decrypt(prepareAeadParameters, this.aeadTagLength * 8, decryptionRequest.getCipherText());
    }

    /* JADX WARN: Type inference failed for: r0v13, types: [byte[], byte[][]] */
    private byte[] decryptTLS12(DecryptionRequest decryptionRequest) throws CryptoException {
        byte[] copyOf;
        byte[] copyOfRange;
        if (decryptionRequest.getCipherText().length < 8) {
            LOGGER.warn("Could not decrypt ciphertext. Too short. Returning undecrypted Ciphertext");
            return decryptionRequest.getCipherText();
        }
        if (this.cipherSuite.usesStrictExplicitIv()) {
            copyOf = ArrayConverter.longToBytes(this.context.getReadSequenceNumber(), 8);
            copyOfRange = decryptionRequest.getCipherText();
        } else {
            copyOf = Arrays.copyOf(decryptionRequest.getCipherText(), 8);
            copyOfRange = Arrays.copyOfRange(decryptionRequest.getCipherText(), 8, decryptionRequest.getCipherText().length);
        }
        byte[] concatenate = ArrayConverter.concatenate((byte[][]) new byte[]{getKeySet().getReadIv(this.context.getConnection().getLocalConnectionEndType()), copyOf});
        LOGGER.debug("Decrypting AEAD with the following IV: {}", ArrayConverter.bytesToHexString(concatenate));
        LOGGER.debug("Decrypting AEAD with the following AAD: {}", ArrayConverter.bytesToHexString(decryptionRequest.getAdditionalAuthenticatedData()));
        LOGGER.debug("Decrypting the following ciphertext: {}", ArrayConverter.bytesToHexString(copyOfRange));
        return this.decryptCipher.decrypt(concatenate, this.aeadTagLength * 8, decryptionRequest.getAdditionalAuthenticatedData(), copyOfRange);
    }

    @Override // de.rub.nds.tlsattacker.core.record.cipher.RecordCipher
    public boolean isUsingPadding() {
        return this.version.isTLS13() || this.context.getActiveKeySetTypeWrite() == Tls13KeySetType.EARLY_TRAFFIC_SECRETS || this.context.getActiveKeySetTypeRead() == Tls13KeySetType.EARLY_TRAFFIC_SECRETS;
    }

    @Override // de.rub.nds.tlsattacker.core.record.cipher.RecordCipher
    public boolean isUsingMac() {
        return false;
    }

    @Override // de.rub.nds.tlsattacker.core.record.cipher.RecordCipher
    public boolean isUsingTags() {
        return true;
    }

    @Override // de.rub.nds.tlsattacker.core.record.cipher.RecordCipher
    public int getTagSize() {
        return (this.cipherSuite.usesStrictExplicitIv() || this.version.isTLS13()) ? this.aeadTagLength : 8 + this.aeadTagLength;
    }

    /* JADX WARN: Type inference failed for: r0v5, types: [byte[], byte[][]] */
    @Override // de.rub.nds.tlsattacker.core.record.cipher.RecordCipher
    public byte[] getEncryptionIV() {
        return ArrayConverter.concatenate((byte[][]) new byte[]{getKeySet().getWriteIv(this.context.getConnection().getLocalConnectionEndType()), ArrayConverter.longToBytes(this.context.getWriteSequenceNumber(), 8)});
    }

    /* JADX WARN: Type inference failed for: r0v5, types: [byte[], byte[][]] */
    @Override // de.rub.nds.tlsattacker.core.record.cipher.RecordCipher
    public byte[] getDecryptionIV() {
        return ArrayConverter.concatenate((byte[][]) new byte[]{getKeySet().getReadIv(this.context.getConnection().getLocalConnectionEndType()), ArrayConverter.longToBytes(this.context.getReadSequenceNumber(), 8)});
    }
}
