package de.rub.nds.tlsattacker.core.protocol.handler;

import de.rub.nds.modifiablevariable.util.ArrayConverter;
import de.rub.nds.tlsattacker.core.constants.AlgorithmResolver;
import de.rub.nds.tlsattacker.core.constants.HKDFAlgorithm;
import de.rub.nds.tlsattacker.core.constants.Tls13KeySetType;
import de.rub.nds.tlsattacker.core.crypto.HKDFunction;
import de.rub.nds.tlsattacker.core.exceptions.AdjustmentException;
import de.rub.nds.tlsattacker.core.exceptions.CryptoException;
import de.rub.nds.tlsattacker.core.protocol.message.KeyUpdateMessage;
import de.rub.nds.tlsattacker.core.protocol.parser.KeyUpdateParser;
import de.rub.nds.tlsattacker.core.protocol.preparator.KeyUpdatePreparator;
import de.rub.nds.tlsattacker.core.protocol.serializer.KeyUpdateSerializer;
import de.rub.nds.tlsattacker.core.record.cipher.RecordCipherFactory;
import de.rub.nds.tlsattacker.core.record.cipher.cryptohelper.KeySet;
import de.rub.nds.tlsattacker.core.record.cipher.cryptohelper.KeySetGenerator;
import de.rub.nds.tlsattacker.core.state.TlsContext;
import de.rub.nds.tlsattacker.transport.ConnectionEndType;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Mac;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:de/rub/nds/tlsattacker/core/protocol/handler/KeyUpdateHandler.class */
public class KeyUpdateHandler extends HandshakeMessageHandler<KeyUpdateMessage> {
    private static final Logger LOGGER = LogManager.getLogger();

    public KeyUpdateHandler(TlsContext tlsContext) {
        super(tlsContext);
    }

    @Override // de.rub.nds.tlsattacker.core.protocol.handler.TlsMessageHandler
    public void adjustTLSContext(KeyUpdateMessage keyUpdateMessage) {
        if (this.tlsContext.getChooser().getTalkingConnectionEnd() != this.tlsContext.getChooser().getConnectionEndType()) {
            adjustApplicationTrafficSecrets();
            setRecordCipher(Tls13KeySetType.APPLICATION_TRAFFIC_SECRETS);
        }
    }

    @Override // de.rub.nds.tlsattacker.core.protocol.handler.TlsMessageHandler
    public void adjustTlsContextAfterSerialize(KeyUpdateMessage keyUpdateMessage) {
        adjustApplicationTrafficSecrets();
        setRecordCipher(Tls13KeySetType.APPLICATION_TRAFFIC_SECRETS);
    }

    @Override // de.rub.nds.tlsattacker.core.protocol.handler.HandshakeMessageHandler, de.rub.nds.tlsattacker.core.protocol.handler.TlsMessageHandler, de.rub.nds.tlsattacker.core.protocol.ProtocolMessageHandler, de.rub.nds.tlsattacker.core.protocol.Handler
    public KeyUpdateParser getParser(byte[] bArr, int i) {
        return new KeyUpdateParser(i, bArr, this.tlsContext.getChooser().getSelectedProtocolVersion(), this.tlsContext.getConfig());
    }

    @Override // de.rub.nds.tlsattacker.core.protocol.handler.HandshakeMessageHandler, de.rub.nds.tlsattacker.core.protocol.handler.TlsMessageHandler, de.rub.nds.tlsattacker.core.protocol.ProtocolMessageHandler, de.rub.nds.tlsattacker.core.protocol.Handler
    public KeyUpdatePreparator getPreparator(KeyUpdateMessage keyUpdateMessage) {
        return new KeyUpdatePreparator(this.tlsContext.getChooser(), keyUpdateMessage);
    }

    @Override // de.rub.nds.tlsattacker.core.protocol.handler.HandshakeMessageHandler, de.rub.nds.tlsattacker.core.protocol.handler.TlsMessageHandler, de.rub.nds.tlsattacker.core.protocol.ProtocolMessageHandler, de.rub.nds.tlsattacker.core.protocol.Handler
    public KeyUpdateSerializer getSerializer(KeyUpdateMessage keyUpdateMessage) {
        return new KeyUpdateSerializer(keyUpdateMessage, this.tlsContext.getChooser().getSelectedProtocolVersion());
    }

    private void adjustApplicationTrafficSecrets() {
        HKDFAlgorithm hKDFAlgorithm = AlgorithmResolver.getHKDFAlgorithm(this.tlsContext.getChooser().getSelectedCipherSuite());
        try {
            Mac mac = Mac.getInstance(hKDFAlgorithm.getMacAlgorithm().getJavaName());
            if (this.tlsContext.getChooser().getTalkingConnectionEnd() == ConnectionEndType.CLIENT) {
                byte[] expandLabel = HKDFunction.expandLabel(hKDFAlgorithm, this.tlsContext.getChooser().getClientApplicationTrafficSecret(), HKDFunction.TRAFFICUPD, new byte[0], mac.getMacLength());
                this.tlsContext.setClientApplicationTrafficSecret(expandLabel);
                LOGGER.debug("Set clientApplicationTrafficSecret in Context to " + ArrayConverter.bytesToHexString(expandLabel));
            } else {
                byte[] expandLabel2 = HKDFunction.expandLabel(hKDFAlgorithm, this.tlsContext.getChooser().getServerApplicationTrafficSecret(), HKDFunction.TRAFFICUPD, new byte[0], mac.getMacLength());
                this.tlsContext.setServerApplicationTrafficSecret(expandLabel2);
                LOGGER.debug("Set serverApplicationTrafficSecret in Context to " + ArrayConverter.bytesToHexString(expandLabel2));
            }
        } catch (CryptoException | NoSuchAlgorithmException e) {
            throw new AdjustmentException(e);
        }
    }

    private KeySet getKeySet(TlsContext tlsContext, Tls13KeySetType tls13KeySetType) {
        try {
            LOGGER.debug("Generating new KeySet");
            return KeySetGenerator.generateKeySet(tlsContext, tlsContext.getChooser().getSelectedProtocolVersion(), tls13KeySetType);
        } catch (CryptoException | NoSuchAlgorithmException e) {
            throw new UnsupportedOperationException("The specified Algorithm is not supported", e);
        }
    }

    private void setRecordCipher(Tls13KeySetType tls13KeySetType) {
        KeySet keySet;
        try {
            HKDFAlgorithm hKDFAlgorithm = AlgorithmResolver.getHKDFAlgorithm(this.tlsContext.getChooser().getSelectedCipherSuite());
            if (this.tlsContext.getChooser().getTalkingConnectionEnd() == ConnectionEndType.CLIENT) {
                this.tlsContext.setActiveClientKeySetType(tls13KeySetType);
                LOGGER.debug("Setting cipher for client to use " + tls13KeySetType);
                keySet = getKeySet(this.tlsContext, this.tlsContext.getActiveClientKeySetType());
            } else {
                this.tlsContext.setActiveServerKeySetType(tls13KeySetType);
                LOGGER.debug("Setting cipher for server to use " + tls13KeySetType);
                keySet = getKeySet(this.tlsContext, this.tlsContext.getActiveServerKeySetType());
            }
            if (this.tlsContext.getChooser().getTalkingConnectionEnd() == this.tlsContext.getChooser().getConnectionEndType()) {
                if (this.tlsContext.getChooser().getConnectionEndType() == ConnectionEndType.CLIENT) {
                    keySet.setClientWriteIv(HKDFunction.expandLabel(hKDFAlgorithm, this.tlsContext.getClientApplicationTrafficSecret(), HKDFunction.IV, new byte[0], 12));
                    keySet.setClientWriteKey(HKDFunction.expandLabel(hKDFAlgorithm, this.tlsContext.getClientApplicationTrafficSecret(), HKDFunction.KEY, new byte[0], AlgorithmResolver.getCipher(this.tlsContext.getChooser().getSelectedCipherSuite()).getKeySize()));
                } else {
                    keySet.setServerWriteIv(HKDFunction.expandLabel(hKDFAlgorithm, this.tlsContext.getServerApplicationTrafficSecret(), HKDFunction.IV, new byte[0], 12));
                    keySet.setServerWriteKey(HKDFunction.expandLabel(hKDFAlgorithm, this.tlsContext.getServerApplicationTrafficSecret(), HKDFunction.KEY, new byte[0], AlgorithmResolver.getCipher(this.tlsContext.getChooser().getSelectedCipherSuite()).getKeySize()));
                }
                this.tlsContext.getRecordLayer().updateEncryptionCipher(RecordCipherFactory.getRecordCipher(this.tlsContext, keySet));
            } else if (this.tlsContext.getChooser().getTalkingConnectionEnd() != this.tlsContext.getChooser().getConnectionEndType()) {
                if (this.tlsContext.getChooser().getTalkingConnectionEnd() == ConnectionEndType.SERVER) {
                    keySet.setServerWriteIv(HKDFunction.expandLabel(hKDFAlgorithm, this.tlsContext.getServerApplicationTrafficSecret(), HKDFunction.IV, new byte[0], 12));
                    keySet.setServerWriteKey(HKDFunction.expandLabel(hKDFAlgorithm, this.tlsContext.getServerApplicationTrafficSecret(), HKDFunction.KEY, new byte[0], AlgorithmResolver.getCipher(this.tlsContext.getChooser().getSelectedCipherSuite()).getKeySize()));
                } else {
                    keySet.setClientWriteIv(HKDFunction.expandLabel(hKDFAlgorithm, this.tlsContext.getClientApplicationTrafficSecret(), HKDFunction.IV, new byte[0], 12));
                    keySet.setClientWriteKey(HKDFunction.expandLabel(hKDFAlgorithm, this.tlsContext.getClientApplicationTrafficSecret(), HKDFunction.KEY, new byte[0], AlgorithmResolver.getCipher(this.tlsContext.getChooser().getSelectedCipherSuite()).getKeySize()));
                }
                this.tlsContext.getRecordLayer().updateDecryptionCipher(RecordCipherFactory.getRecordCipher(this.tlsContext, keySet));
            }
        } catch (CryptoException e) {
            throw new AdjustmentException(e);
        }
    }
}
