package de.rub.nds.tlsattacker.core.crypto;

import de.rub.nds.modifiablevariable.util.ArrayConverter;
import de.rub.nds.tlsattacker.core.constants.PRFAlgorithm;
import de.rub.nds.tlsattacker.core.exceptions.CryptoException;
import java.lang.reflect.Field;
import java.nio.charset.Charset;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.crypto.tls.TlsUtils;

/* loaded from: input_file:de/rub/nds/tlsattacker/core/crypto/PseudoRandomFunction.class */
public class PseudoRandomFunction {
    private static final Logger LOGGER = LogManager.getLogger();
    public static final String MASTER_SECRET_LABEL = "master secret";
    public static final String CLIENT_FINISHED_LABEL = "client finished";
    public static final String SERVER_FINISHED_LABEL = "server finished";
    public static final String KEY_EXPANSION_LABEL = "key expansion";
    public static final String EXTENDED_MASTER_SECRET_LABEL = "extended master secret";
    public static final String CLIENT_WRITE_KEY_LABEL = "client write key";
    public static final String SERVER_WRITE_KEY_LABEL = "server write key";
    public static final String IV_BLOCK_LABEL = "IV block";

    /* renamed from: de.rub.nds.tlsattacker.core.crypto.PseudoRandomFunction$1, reason: invalid class name */
    /* loaded from: input_file:de/rub/nds/tlsattacker/core/crypto/PseudoRandomFunction$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$de$rub$nds$tlsattacker$core$constants$PRFAlgorithm = new int[PRFAlgorithm.values().length];

        static {
            try {
                $SwitchMap$de$rub$nds$tlsattacker$core$constants$PRFAlgorithm[PRFAlgorithm.TLS_PRF_SHA256.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$de$rub$nds$tlsattacker$core$constants$PRFAlgorithm[PRFAlgorithm.TLS_PRF_SHA384.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$de$rub$nds$tlsattacker$core$constants$PRFAlgorithm[PRFAlgorithm.TLS_PRF_GOSTR3411.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$de$rub$nds$tlsattacker$core$constants$PRFAlgorithm[PRFAlgorithm.TLS_PRF_GOSTR3411_2012_256.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$de$rub$nds$tlsattacker$core$constants$PRFAlgorithm[PRFAlgorithm.TLS_PRF_LEGACY.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
        }
    }

    public static byte[] compute(PRFAlgorithm pRFAlgorithm, byte[] bArr, String str, byte[] bArr2, int i) throws CryptoException {
        if (pRFAlgorithm == null) {
            LOGGER.warn("Trying to compute PRF without specified PRF algorithm. Using TLS 1.0/TLS 1.1 as default.");
            pRFAlgorithm = PRFAlgorithm.TLS_PRF_LEGACY;
        }
        switch (AnonymousClass1.$SwitchMap$de$rub$nds$tlsattacker$core$constants$PRFAlgorithm[pRFAlgorithm.ordinal()]) {
            case 1:
            case 2:
            case 3:
            case 4:
                return computeTls12(bArr, str, bArr2, i, pRFAlgorithm.getMacAlgorithm().getJavaName());
            case EXPORT_SYMMETRIC_KEY_SIZE_BYTES:
                return TlsUtils.PRF_legacy(bArr, str, bArr2, i);
            default:
                throw new UnsupportedOperationException("PRF computation for different protocol versions is not supported yet");
        }
    }

    /* JADX WARN: Type inference failed for: r0v2, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r0v36, types: [byte[], byte[][]] */
    private static byte[] computeTls12(byte[] bArr, String str, byte[] bArr2, int i, String str2) throws CryptoException {
        SecretKeySpec secretKeySpec;
        try {
            byte[] concatenate = ArrayConverter.concatenate((byte[][]) new byte[]{str.getBytes(Charset.forName("ASCII")), bArr2});
            if (bArr == null || bArr.length == 0) {
                try {
                    secretKeySpec = new SecretKeySpec(new byte[]{0, 0}, str2);
                    try {
                        Field declaredField = secretKeySpec.getClass().getDeclaredField(HKDFunction.KEY);
                        declaredField.setAccessible(true);
                        declaredField.set(secretKeySpec, new byte[0]);
                    } catch (IllegalAccessException | IllegalArgumentException | NoSuchFieldException | SecurityException e) {
                        throw new CryptoException("Could not access KeySpec with empty Key", e);
                    }
                } catch (IllegalArgumentException e2) {
                    throw new CryptoException("Could not tls12_prf output without Secret", e2);
                }
            } else {
                secretKeySpec = new SecretKeySpec(bArr, str2);
            }
            Mac mac = Mac.getInstance(str2);
            mac.init(secretKeySpec);
            byte[] bArr3 = new byte[0];
            byte[] bArr4 = concatenate;
            while (bArr3.length < i) {
                mac.update(bArr4);
                bArr4 = mac.doFinal();
                mac.update(bArr4);
                mac.update(concatenate);
                byte[] doFinal = mac.doFinal();
                if (doFinal.length == 0) {
                    throw new CryptoException("Could not Calc PRF output. Mac length is zero!");
                }
                bArr3 = ArrayConverter.concatenate((byte[][]) new byte[]{bArr3, doFinal});
            }
            return Arrays.copyOf(bArr3, i);
        } catch (InvalidKeyException | NoSuchAlgorithmException e3) {
            throw new CryptoException(e3);
        }
    }

    private PseudoRandomFunction() {
    }
}
