package de.rub.nds.tlsattacker.core.protocol.handler.extension;

import de.rub.nds.tlsattacker.core.config.Config;
import de.rub.nds.tlsattacker.core.exceptions.CryptoException;
import de.rub.nds.tlsattacker.core.protocol.message.extension.SessionTicketTLSExtensionMessage;
import de.rub.nds.tlsattacker.core.protocol.parser.extension.ExtensionParser;
import de.rub.nds.tlsattacker.core.protocol.parser.extension.SessionTicketTLSExtensionParser;
import de.rub.nds.tlsattacker.core.protocol.preparator.extension.SessionTicketTLSExtensionPreparator;
import de.rub.nds.tlsattacker.core.protocol.serializer.extension.SessionTicketTLSExtensionSerializer;
import de.rub.nds.tlsattacker.core.state.StatePlaintext;
import de.rub.nds.tlsattacker.core.state.TlsContext;
import de.rub.nds.tlsattacker.core.state.parser.StatePlaintextParser;
import de.rub.nds.tlsattacker.core.util.StaticTicketCrypto;
import de.rub.nds.tlsattacker.transport.ConnectionEndType;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:de/rub/nds/tlsattacker/core/protocol/handler/extension/SessionTicketTlsExtensionHandler.class */
public class SessionTicketTlsExtensionHandler extends ExtensionHandler<SessionTicketTLSExtensionMessage> {
    private static final Logger LOGGER = LogManager.getLogger();

    public SessionTicketTlsExtensionHandler(TlsContext tlsContext) {
        super(tlsContext);
    }

    @Override // de.rub.nds.tlsattacker.core.protocol.handler.extension.ExtensionHandler
    /* renamed from: getParser */
    public ExtensionParser<SessionTicketTLSExtensionMessage> getParser2(byte[] bArr, int i, Config config) {
        return new SessionTicketTLSExtensionParser(i, bArr, config);
    }

    @Override // de.rub.nds.tlsattacker.core.protocol.handler.extension.ExtensionHandler
    public SessionTicketTLSExtensionPreparator getPreparator(SessionTicketTLSExtensionMessage sessionTicketTLSExtensionMessage) {
        return new SessionTicketTLSExtensionPreparator(this.context.getChooser(), sessionTicketTLSExtensionMessage, getSerializer(sessionTicketTLSExtensionMessage));
    }

    @Override // de.rub.nds.tlsattacker.core.protocol.handler.extension.ExtensionHandler
    public SessionTicketTLSExtensionSerializer getSerializer(SessionTicketTLSExtensionMessage sessionTicketTLSExtensionMessage) {
        return new SessionTicketTLSExtensionSerializer(sessionTicketTLSExtensionMessage);
    }

    @Override // de.rub.nds.tlsattacker.core.protocol.handler.extension.ExtensionHandler
    public void adjustTLSExtensionContext(SessionTicketTLSExtensionMessage sessionTicketTLSExtensionMessage) {
        StatePlaintext stateFromTicket;
        if (((Integer) sessionTicketTLSExtensionMessage.getExtensionLength().getValue()).intValue() > 65535) {
            LOGGER.warn("The SessionTLS ticket length shouldn't exceed 2 bytes as defined in RFC 4507. Length was " + sessionTicketTLSExtensionMessage.getExtensionLength().getValue());
        }
        if (((Integer) sessionTicketTLSExtensionMessage.getExtensionLength().getValue()).intValue() <= 0) {
            if (this.context.getTalkingConnectionEndType() == ConnectionEndType.CLIENT && this.context.getChooser().getConnectionEndType() == ConnectionEndType.SERVER && this.context.getConfig().isOverrideSessionIdForTickets().booleanValue() && this.context.getConfig().isAddSessionTicketTLSExtension().booleanValue()) {
                this.context.setServerSessionId(new byte[0]);
                return;
            }
            return;
        }
        LOGGER.debug("Adjusting for client offered session ticket");
        if (this.context.getTalkingConnectionEndType() == this.context.getChooser().getConnectionEndType() || (stateFromTicket = getStateFromTicket(sessionTicketTLSExtensionMessage)) == null) {
            return;
        }
        LOGGER.info("Resuming Session using Ticket");
        LOGGER.debug("Restoring MasterSecret from SessionTicket");
        this.context.setMasterSecret((byte[]) stateFromTicket.getMasterSecret().getValue());
        if (this.context.getClientSessionId().length > 0) {
            LOGGER.debug("Setting ServerSessionId equal to ClientSessionId");
            this.context.setServerSessionId((byte[]) this.context.getClientSessionId().clone());
        }
    }

    private StatePlaintext getStateFromTicket(SessionTicketTLSExtensionMessage sessionTicketTLSExtensionMessage) {
        try {
            return new StatePlaintextParser(0, decryptState((byte[]) sessionTicketTLSExtensionMessage.getSessionTicket().getEncryptedState().getValue(), (byte[]) sessionTicketTLSExtensionMessage.getSessionTicket().getIV().getValue())).parse();
        } catch (CryptoException e) {
            LOGGER.warn("Was unable to decrypt session ticket ", e);
            return null;
        }
    }

    private byte[] decryptState(byte[] bArr, byte[] bArr2) throws CryptoException {
        Config config = this.context.getConfig();
        return StaticTicketCrypto.decrypt(config.getSessionTicketCipherAlgorithm(), bArr, config.getSessionTicketEncryptionKey(), bArr2);
    }
}
