package de.rub.nds.tlsattacker.core.protocol.handler.extension;

import de.rub.nds.modifiablevariable.util.ArrayConverter;
import de.rub.nds.tlsattacker.core.constants.HKDFAlgorithm;
import de.rub.nds.tlsattacker.core.crypto.HKDFunction;
import de.rub.nds.tlsattacker.core.exceptions.CryptoException;
import de.rub.nds.tlsattacker.core.protocol.message.extension.PWDProtectExtensionMessage;
import de.rub.nds.tlsattacker.core.protocol.parser.extension.PWDProtectExtensionParser;
import de.rub.nds.tlsattacker.core.protocol.preparator.extension.PWDProtectExtensionPreparator;
import de.rub.nds.tlsattacker.core.protocol.serializer.extension.PWDProtectExtensionSerializer;
import de.rub.nds.tlsattacker.core.state.TlsContext;
import de.rub.nds.tlsattacker.transport.ConnectionEndType;
import java.math.BigInteger;
import java.util.Arrays;
import javax.crypto.IllegalBlockSizeException;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.jce.ECNamedCurveTable;
import org.bouncycastle.math.ec.ECCurve;
import org.cryptomator.siv.SivMode;
import org.cryptomator.siv.UnauthenticCiphertextException;

/* loaded from: input_file:de/rub/nds/tlsattacker/core/protocol/handler/extension/PWDProtectExtensionHandler.class */
public class PWDProtectExtensionHandler extends ExtensionHandler<PWDProtectExtensionMessage> {
    private static final Logger LOGGER = LogManager.getLogger();

    public PWDProtectExtensionHandler(TlsContext tlsContext) {
        super(tlsContext);
    }

    @Override // de.rub.nds.tlsattacker.core.protocol.handler.extension.ExtensionHandler
    public PWDProtectExtensionParser getParser(byte[] bArr, int i) {
        return new PWDProtectExtensionParser(i, bArr);
    }

    @Override // de.rub.nds.tlsattacker.core.protocol.handler.extension.ExtensionHandler
    public PWDProtectExtensionPreparator getPreparator(PWDProtectExtensionMessage pWDProtectExtensionMessage) {
        return new PWDProtectExtensionPreparator(this.context.getChooser(), pWDProtectExtensionMessage, getSerializer(pWDProtectExtensionMessage));
    }

    @Override // de.rub.nds.tlsattacker.core.protocol.handler.extension.ExtensionHandler
    public PWDProtectExtensionSerializer getSerializer(PWDProtectExtensionMessage pWDProtectExtensionMessage) {
        return new PWDProtectExtensionSerializer(pWDProtectExtensionMessage);
    }

    /* JADX WARN: Type inference failed for: r6v2, types: [byte[], byte[][]] */
    @Override // de.rub.nds.tlsattacker.core.protocol.handler.extension.ExtensionHandler
    public void adjustTLSExtensionContext(PWDProtectExtensionMessage pWDProtectExtensionMessage) {
        HKDFAlgorithm hKDFAlgorithm;
        if (this.context.getChooser().getConnectionEndType() == ConnectionEndType.CLIENT) {
            this.context.setClientPWDUsername(this.context.getConfig().getDefaultClientPWDUsername());
            return;
        }
        ECCurve curve = ECNamedCurveTable.getParameterSpec(this.context.getConfig().getDefaultPWDProtectGroup().getJavaName()).getCurve();
        BigInteger characteristic = curve.getField().getCharacteristic();
        if (curve.getFieldSize() <= 256) {
            hKDFAlgorithm = HKDFAlgorithm.TLS_HKDF_SHA256;
        } else {
            if (curve.getFieldSize() > 384) {
                LOGGER.warn("Missing HKDF algorithm for curves larger than 384 bits");
                return;
            }
            hKDFAlgorithm = HKDFAlgorithm.TLS_HKDF_SHA384;
        }
        byte[] bArr = (byte[]) pWDProtectExtensionMessage.getUsername().getValue();
        BigInteger bigInteger = new BigInteger(1, Arrays.copyOfRange(bArr, 0, curve.getFieldSize() / 8));
        try {
            byte[] expand = HKDFunction.expand(hKDFAlgorithm, HKDFunction.extract(hKDFAlgorithm, null, ArrayConverter.bigIntegerToByteArray(curve.createPoint(bigInteger, bigInteger.pow(3).add(bigInteger.multiply(curve.getA().toBigInteger())).add(curve.getB().toBigInteger()).mod(characteristic).modPow(characteristic.add(BigInteger.ONE).shiftRight(2), characteristic)).multiply(this.context.getConfig().getDefaultServerPWDProtectPrivateKey()).normalize().getXCoord().toBigInteger())), new byte[0], curve.getFieldSize() / 8);
            this.context.setClientPWDUsername(new String(new SivMode().decrypt(Arrays.copyOfRange(expand, 0, expand.length / 2), Arrays.copyOfRange(expand, expand.length / 2, expand.length), Arrays.copyOfRange(bArr, curve.getFieldSize() / 8, bArr.length), (byte[][]) new byte[0])));
            LOGGER.debug("Username: " + this.context.getClientPWDUsername());
        } catch (IllegalBlockSizeException | UnauthenticCiphertextException | CryptoException e) {
            LOGGER.warn("Failed to decrypt username: " + e.getMessage());
        }
    }
}
