package de.rub.nds.tlsattacker.core.protocol.preparator;

import de.rub.nds.modifiablevariable.util.ArrayConverter;
import de.rub.nds.modifiablevariable.util.RandomHelper;
import de.rub.nds.tlsattacker.core.config.Config;
import de.rub.nds.tlsattacker.core.constants.CipherAlgorithm;
import de.rub.nds.tlsattacker.core.exceptions.CryptoException;
import de.rub.nds.tlsattacker.core.protocol.message.NewSessionTicketMessage;
import de.rub.nds.tlsattacker.core.state.SessionTicket;
import de.rub.nds.tlsattacker.core.state.StatePlaintext;
import de.rub.nds.tlsattacker.core.state.serializer.SessionTicketSerializer;
import de.rub.nds.tlsattacker.core.state.serializer.StatePlaintextSerializer;
import de.rub.nds.tlsattacker.core.util.StaticTicketCrypto;
import de.rub.nds.tlsattacker.core.workflow.chooser.Chooser;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:de/rub/nds/tlsattacker/core/protocol/preparator/NewSessionTicketPreparator.class */
public class NewSessionTicketPreparator extends HandshakeMessagePreparator<NewSessionTicketMessage> {
    private static final Logger LOGGER = LogManager.getLogger();
    private final NewSessionTicketMessage msg;

    public NewSessionTicketPreparator(Chooser chooser, NewSessionTicketMessage newSessionTicketMessage) {
        super(chooser, newSessionTicketMessage);
        this.msg = newSessionTicketMessage;
    }

    private long generateTicketLifetimeHint() {
        return this.chooser.getConfig().getSessionTicketLifetimeHint();
    }

    private void prepareTicketLifetimeHint(NewSessionTicketMessage newSessionTicketMessage) {
        newSessionTicketMessage.setTicketLifetimeHint(generateTicketLifetimeHint());
        LOGGER.debug("TicketLifetimeHint: " + newSessionTicketMessage.getTicketLifetimeHint().getValue());
    }

    /* JADX WARN: Type inference failed for: r0v28, types: [byte[], byte[][]] */
    private void prepareTicket(NewSessionTicketMessage newSessionTicketMessage) {
        byte[] bArr;
        byte[] bArr2;
        Config config = this.chooser.getConfig();
        SessionTicket ticket = newSessionTicketMessage.getTicket();
        ticket.setKeyName(config.getSessionTicketKeyName());
        CipherAlgorithm sessionTicketCipherAlgorithm = config.getSessionTicketCipherAlgorithm();
        byte[] sessionTicketEncryptionKey = config.getSessionTicketEncryptionKey();
        byte[] bArr3 = new byte[sessionTicketCipherAlgorithm.getBlocksize()];
        RandomHelper.getRandom().nextBytes(bArr3);
        ticket.setIV(bArr3);
        StatePlaintext statePlaintext = new StatePlaintext();
        statePlaintext.generateStatePlaintext(this.chooser);
        try {
            bArr = StaticTicketCrypto.encrypt(sessionTicketCipherAlgorithm, new StatePlaintextSerializer(statePlaintext).serialize(), sessionTicketEncryptionKey, (byte[]) ticket.getIV().getValue());
        } catch (CryptoException e) {
            LOGGER.warn("Could not encrypt SessionState. Using empty byte[]");
            LOGGER.debug(e);
            bArr = new byte[0];
        }
        ticket.setEncryptedState(bArr);
        try {
            bArr2 = StaticTicketCrypto.generateHMAC(config.getSessionTicketMacAlgorithm(), ArrayConverter.concatenate((byte[][]) new byte[]{config.getSessionTicketKeyName(), bArr3, ArrayConverter.intToBytes(bArr.length, 2), bArr}), config.getSessionTicketKeyHMAC());
        } catch (CryptoException e2) {
            LOGGER.warn("Could generate HMAC. Using empty byte[]");
            LOGGER.debug(e2);
            bArr2 = new byte[0];
        }
        ticket.setMAC(bArr2);
        ticket.setEncryptedStateLength(bArr.length);
        byte[] serialize = new SessionTicketSerializer(ticket).serialize();
        newSessionTicketMessage.getTicket().setIdentityLength(serialize.length);
        newSessionTicketMessage.getTicket().setIdentity(serialize);
    }

    @Override // de.rub.nds.tlsattacker.core.protocol.preparator.HandshakeMessagePreparator
    protected void prepareHandshakeMessageContents() {
        LOGGER.debug("Preparing NewSessionTicketMessage");
        prepareTicketLifetimeHint(this.msg);
        if (this.chooser.getSelectedProtocolVersion().isTLS13()) {
            prepareTicketTls13(this.msg);
        } else {
            prepareTicket(this.msg);
        }
    }

    private void prepareTicketTls13(NewSessionTicketMessage newSessionTicketMessage) {
        prepareTicketAgeAdd(newSessionTicketMessage);
        prepareNonce(newSessionTicketMessage);
        prepareIdentity(newSessionTicketMessage);
        prepareExtensions();
        prepareExtensionLength();
    }

    private void prepareTicketAgeAdd(NewSessionTicketMessage newSessionTicketMessage) {
        newSessionTicketMessage.getTicket().setTicketAgeAdd(this.chooser.getConfig().getDefaultSessionTicketAgeAdd());
    }

    private void prepareIdentity(NewSessionTicketMessage newSessionTicketMessage) {
        newSessionTicketMessage.getTicket().setIdentity(this.chooser.getConfig().getDefaultSessionTicketIdentity());
        newSessionTicketMessage.getTicket().setIdentityLength(((byte[]) newSessionTicketMessage.getTicket().getIdentity().getValue()).length);
    }

    private void prepareNonce(NewSessionTicketMessage newSessionTicketMessage) {
        newSessionTicketMessage.getTicket().setTicketNonce(this.chooser.getConfig().getDefaultSessionTicketNonce());
        newSessionTicketMessage.getTicket().setTicketNonceLength(((byte[]) newSessionTicketMessage.getTicket().getTicketNonce().getValue()).length);
    }
}
