package de.rub.nds.tlsattacker.core.protocol.preparator.extension;

import de.rub.nds.modifiablevariable.util.ArrayConverter;
import de.rub.nds.tlsattacker.core.constants.AlgorithmResolver;
import de.rub.nds.tlsattacker.core.constants.DigestAlgorithm;
import de.rub.nds.tlsattacker.core.constants.HKDFAlgorithm;
import de.rub.nds.tlsattacker.core.constants.ProtocolVersion;
import de.rub.nds.tlsattacker.core.crypto.HKDFunction;
import de.rub.nds.tlsattacker.core.exceptions.CryptoException;
import de.rub.nds.tlsattacker.core.exceptions.PreparationException;
import de.rub.nds.tlsattacker.core.protocol.message.ClientHelloMessage;
import de.rub.nds.tlsattacker.core.protocol.message.extension.PreSharedKeyExtensionMessage;
import de.rub.nds.tlsattacker.core.protocol.message.extension.psk.PSKBinder;
import de.rub.nds.tlsattacker.core.protocol.message.extension.psk.PSKIdentity;
import de.rub.nds.tlsattacker.core.protocol.message.extension.psk.PskSet;
import de.rub.nds.tlsattacker.core.protocol.serializer.ClientHelloSerializer;
import de.rub.nds.tlsattacker.core.protocol.serializer.extension.ExtensionSerializer;
import de.rub.nds.tlsattacker.core.protocol.serializer.extension.PSKBinderSerializer;
import de.rub.nds.tlsattacker.core.protocol.serializer.extension.PSKIdentitySerializer;
import de.rub.nds.tlsattacker.core.workflow.chooser.Chooser;
import de.rub.nds.tlsattacker.transport.ConnectionEndType;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Iterator;
import java.util.List;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:de/rub/nds/tlsattacker/core/protocol/preparator/extension/PreSharedKeyExtensionPreparator.class */
public class PreSharedKeyExtensionPreparator extends ExtensionPreparator<PreSharedKeyExtensionMessage> {
    private static final Logger LOGGER = LogManager.getLogger();
    private final PreSharedKeyExtensionMessage msg;
    private ClientHelloMessage clientHello;

    public PreSharedKeyExtensionPreparator(Chooser chooser, PreSharedKeyExtensionMessage preSharedKeyExtensionMessage, ExtensionSerializer<PreSharedKeyExtensionMessage> extensionSerializer) {
        super(chooser, preSharedKeyExtensionMessage, extensionSerializer);
        this.msg = preSharedKeyExtensionMessage;
    }

    @Override // de.rub.nds.tlsattacker.core.protocol.preparator.extension.ExtensionPreparator
    public void prepareExtensionContent() {
        LOGGER.debug("Preparing PreSharedKeyExtensionMessage");
        if (this.chooser.getConnectionEndType() != ConnectionEndType.CLIENT) {
            prepareSelectedIdentity();
            return;
        }
        this.msg.getEntries(this.chooser);
        prepareLists();
        prepareIdentityListBytes();
        prepareBinderListBytes();
    }

    private void prepareLists() {
        if (this.msg.getIdentities() != null) {
            Iterator<PSKIdentity> it = this.msg.getIdentities().iterator();
            while (it.hasNext()) {
                new PSKIdentityPreparator(this.chooser, it.next()).prepare();
            }
        }
        if (this.msg.getBinders() != null) {
            Iterator<PSKBinder> it2 = this.msg.getBinders().iterator();
            while (it2.hasNext()) {
                new PSKBinderPreparator(this.chooser, it2.next()).prepare();
            }
        }
    }

    private void prepareSelectedIdentity() {
        LOGGER.debug("Preparing selected identity");
        this.msg.setSelectedIdentity(this.chooser.getContext().getSelectedIdentityIndex());
    }

    private void prepareIdentityListBytes() {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Iterator<PSKIdentity> it = this.msg.getIdentities().iterator();
        while (it.hasNext()) {
            try {
                byteArrayOutputStream.write(new PSKIdentitySerializer(it.next()).serialize());
            } catch (IOException e) {
                throw new PreparationException("Could not write byte[] from PSKIdentity", e);
            }
        }
        this.msg.setIdentityListBytes(byteArrayOutputStream.toByteArray());
        this.msg.setIdentityListLength(((byte[]) this.msg.getIdentityListBytes().getValue()).length);
    }

    private void prepareBinderListBytes() {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Iterator<PSKBinder> it = this.msg.getBinders().iterator();
        while (it.hasNext()) {
            try {
                byteArrayOutputStream.write(new PSKBinderSerializer(it.next()).serialize());
            } catch (IOException e) {
                throw new PreparationException("Could not write byte[] from PSKIdentity", e);
            }
        }
        this.msg.setBinderListBytes(byteArrayOutputStream.toByteArray());
        this.msg.setBinderListLength(((byte[]) this.msg.getBinderListBytes().getValue()).length);
    }

    @Override // de.rub.nds.tlsattacker.core.protocol.preparator.extension.ExtensionPreparator
    public void afterPrepareExtensionContent() {
        if (this.chooser.getConnectionEndType() == ConnectionEndType.CLIENT) {
            prepareActualBinders();
        }
    }

    private void prepareActualBinders() {
        LOGGER.debug("Preparing binder values to replace dummy bytes");
        calculateBinders(getRelevantBytes(new ClientHelloSerializer(this.clientHello, this.chooser.getSelectedProtocolVersion()).serialize()), this.msg);
        prepareBinderListBytes();
    }

    private byte[] getRelevantBytes(byte[] bArr) {
        int length = bArr.length - 2;
        Iterator<PSKBinder> it = this.msg.getBinders().iterator();
        while (it.hasNext()) {
            length = (length - 1) - ((Integer) it.next().getBinderEntryLength().getValue()).intValue();
        }
        if (length <= 0) {
            return new byte[0];
        }
        byte[] bArr2 = new byte[length];
        System.arraycopy(bArr, 0, bArr2, 0, Math.min(length, bArr.length));
        LOGGER.debug("Relevant Bytes:" + ArrayConverter.bytesToHexString(bArr2));
        return bArr2;
    }

    private void calculateBinders(byte[] bArr, PreSharedKeyExtensionMessage preSharedKeyExtensionMessage) {
        List<PskSet> pskSets = this.chooser.getPskSets();
        LOGGER.debug("Calculating Binders");
        for (int i = 0; i < preSharedKeyExtensionMessage.getBinders().size(); i++) {
            try {
                if (pskSets.size() > i) {
                    HKDFAlgorithm hKDFAlgorithm = AlgorithmResolver.getHKDFAlgorithm(pskSets.get(i).getCipherSuite());
                    Mac mac = Mac.getInstance(hKDFAlgorithm.getMacAlgorithm().getJavaName());
                    DigestAlgorithm digestAlgorithm = AlgorithmResolver.getDigestAlgorithm(ProtocolVersion.TLS13, pskSets.get(i).getCipherSuite());
                    byte[] preSharedKey = pskSets.get(i).getPreSharedKey();
                    byte[] expandLabel = HKDFunction.expandLabel(hKDFAlgorithm, HKDFunction.deriveSecret(hKDFAlgorithm, digestAlgorithm.getJavaName(), HKDFunction.extract(hKDFAlgorithm, new byte[0], preSharedKey), HKDFunction.BINDER_KEY_RES, ArrayConverter.hexStringToByteArray("")), HKDFunction.FINISHED, new byte[0], mac.getMacLength());
                    this.chooser.getContext().getDigest().setRawBytes(bArr);
                    mac.init(new SecretKeySpec(expandLabel, mac.getAlgorithm()));
                    mac.update(this.chooser.getContext().getDigest().digest(ProtocolVersion.TLS13, pskSets.get(i).getCipherSuite()));
                    byte[] doFinal = mac.doFinal();
                    this.chooser.getContext().getDigest().setRawBytes(new byte[0]);
                    LOGGER.debug("Using PSK:" + ArrayConverter.bytesToHexString(preSharedKey));
                    LOGGER.debug("Calculated Binder:" + ArrayConverter.bytesToHexString(doFinal));
                    preSharedKeyExtensionMessage.getBinders().get(i).setBinderEntry(doFinal);
                    if (i == 0) {
                        this.chooser.getContext().setEarlyDataPsk(preSharedKey);
                    }
                } else {
                    LOGGER.warn("Skipping BinderCalculation as Config has not enough PSK sets");
                }
            } catch (CryptoException | InvalidKeyException | NoSuchAlgorithmException e) {
                throw new PreparationException("Could not calculate Binders", e);
            }
        }
    }

    public ClientHelloMessage getClientHello() {
        return this.clientHello;
    }

    public void setClientHello(ClientHelloMessage clientHelloMessage) {
        this.clientHello = clientHelloMessage;
    }
}
