package net.luminis.quic.crypto;

import at.favre.lib.crypto.HKDF;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.StandardOpenOption;
import java.nio.file.attribute.FileAttribute;
import java.util.ArrayList;
import net.luminis.quic.EncryptionLevel;
import net.luminis.quic.Role;
import net.luminis.quic.Version;
import net.luminis.quic.VersionHolder;
import net.luminis.quic.log.Logger;
import net.luminis.tls.TlsConstants;
import net.luminis.tls.TrafficSecrets;
import net.luminis.tls.util.ByteUtils;

/* loaded from: input_file:net/luminis/quic/crypto/ConnectionSecrets.class */
public class ConnectionSecrets {
    private TlsConstants.CipherSuite selectedCipherSuite;
    public static final byte[] STATIC_SALT_DRAFT_29 = {-81, -65, -20, 40, -103, -109, -46, 76, -98, -105, -122, -15, -100, 97, 17, -32, 67, -112, -88, -103};
    public static final byte[] STATIC_SALT_V1 = {56, 118, 44, -9, -11, 89, 52, -77, 77, 23, -102, -26, -92, -56, 12, -83, -52, -69, Byte.MAX_VALUE, 10};
    public static final byte[] STATIC_SALT_V2 = {13, -19, -29, -34, -9, 0, -90, -37, -127, -109, -127, -66, 110, 38, -99, -53, -7, -67, 46, -39};
    private final VersionHolder quicVersion;
    private final Role ownRole;
    private Logger log;
    private byte[] clientRandom;
    private Aead[] clientSecrets = new Aead[EncryptionLevel.values().length];
    private Aead[] serverSecrets = new Aead[EncryptionLevel.values().length];
    private boolean writeSecretsToFile;
    private Path wiresharkSecretsFile;
    private byte[] originalDestinationConnectionId;

    public ConnectionSecrets(VersionHolder versionHolder, Role role, Path path, Logger logger) {
        this.quicVersion = versionHolder;
        this.ownRole = role;
        this.log = logger;
        if (path != null) {
            this.wiresharkSecretsFile = path;
            try {
                Files.deleteIfExists(this.wiresharkSecretsFile);
                Files.createFile(this.wiresharkSecretsFile, new FileAttribute[0]);
                this.writeSecretsToFile = true;
            } catch (IOException e) {
                logger.error("Initializing (creating/truncating) secrets file '" + this.wiresharkSecretsFile + "' failed", e);
            }
        }
    }

    public synchronized void computeInitialKeys(byte[] bArr) {
        this.originalDestinationConnectionId = bArr;
        Version version = this.quicVersion.getVersion();
        byte[] computeInitialSecret = computeInitialSecret(version);
        this.log.secret("Initial secret", computeInitialSecret);
        this.clientSecrets[EncryptionLevel.Initial.ordinal()] = new Aes128Gcm(version, computeInitialSecret, Role.Client, this.log);
        this.serverSecrets[EncryptionLevel.Initial.ordinal()] = new Aes128Gcm(version, computeInitialSecret, Role.Server, this.log);
    }

    public Aead getInitialPeerSecretsForVersion(Version version) {
        return new Aes128Gcm(version, computeInitialSecret(version), this.ownRole.other(), this.log);
    }

    private byte[] computeInitialSecret(Version version) {
        return HKDF.fromHmacSha256().extract(version.isV1() ? STATIC_SALT_V1 : version.isV2() ? STATIC_SALT_V2 : STATIC_SALT_DRAFT_29, this.originalDestinationConnectionId);
    }

    public void recomputeInitialKeys() {
        computeInitialKeys(this.originalDestinationConnectionId);
    }

    public synchronized void computeEarlySecrets(TrafficSecrets trafficSecrets, TlsConstants.CipherSuite cipherSuite, Version version) {
        createKeys(EncryptionLevel.ZeroRTT, cipherSuite, version);
        this.clientSecrets[EncryptionLevel.ZeroRTT.ordinal()].computeKeys(trafficSecrets.getClientEarlyTrafficSecret());
    }

    private void createKeys(EncryptionLevel encryptionLevel, TlsConstants.CipherSuite cipherSuite, Version version) {
        BaseAeadImpl chaCha20;
        Aead chaCha202;
        if (cipherSuite == TlsConstants.CipherSuite.TLS_AES_128_GCM_SHA256) {
            chaCha20 = new Aes128Gcm(version, Role.Client, this.log);
            chaCha202 = new Aes128Gcm(version, Role.Server, this.log);
        } else if (cipherSuite == TlsConstants.CipherSuite.TLS_AES_256_GCM_SHA384) {
            chaCha20 = new Aes256Gcm(version, Role.Client, this.log);
            chaCha202 = new Aes256Gcm(version, Role.Server, this.log);
        } else {
            if (cipherSuite != TlsConstants.CipherSuite.TLS_CHACHA20_POLY1305_SHA256) {
                throw new IllegalStateException("unsupported cipher suite " + cipherSuite);
            }
            chaCha20 = new ChaCha20(version, Role.Client, this.log);
            chaCha202 = new ChaCha20(version, Role.Server, this.log);
        }
        this.clientSecrets[encryptionLevel.ordinal()] = chaCha20;
        if (encryptionLevel != EncryptionLevel.ZeroRTT) {
            this.serverSecrets[encryptionLevel.ordinal()] = chaCha202;
        }
        chaCha20.setPeerAead(chaCha202);
        chaCha202.setPeerAead(chaCha20);
    }

    public synchronized void computeHandshakeSecrets(TrafficSecrets trafficSecrets, TlsConstants.CipherSuite cipherSuite) {
        this.selectedCipherSuite = cipherSuite;
        createKeys(EncryptionLevel.Handshake, cipherSuite, this.quicVersion.getVersion());
        byte[] clientHandshakeTrafficSecret = trafficSecrets.getClientHandshakeTrafficSecret();
        this.log.secret("ClientHandshakeTrafficSecret: ", clientHandshakeTrafficSecret);
        this.clientSecrets[EncryptionLevel.Handshake.ordinal()].computeKeys(clientHandshakeTrafficSecret);
        byte[] serverHandshakeTrafficSecret = trafficSecrets.getServerHandshakeTrafficSecret();
        this.log.secret("ServerHandshakeTrafficSecret: ", serverHandshakeTrafficSecret);
        this.serverSecrets[EncryptionLevel.Handshake.ordinal()].computeKeys(serverHandshakeTrafficSecret);
        if (this.writeSecretsToFile) {
            appendToFile("HANDSHAKE_TRAFFIC_SECRET", EncryptionLevel.Handshake);
        }
    }

    public synchronized void computeApplicationSecrets(TrafficSecrets trafficSecrets) {
        createKeys(EncryptionLevel.App, this.selectedCipherSuite, this.quicVersion.getVersion());
        byte[] clientApplicationTrafficSecret = trafficSecrets.getClientApplicationTrafficSecret();
        this.log.secret("ClientApplicationTrafficSecret: ", clientApplicationTrafficSecret);
        this.clientSecrets[EncryptionLevel.App.ordinal()].computeKeys(clientApplicationTrafficSecret);
        byte[] serverApplicationTrafficSecret = trafficSecrets.getServerApplicationTrafficSecret();
        this.log.secret("ServerApplicationTrafficSecret: ", serverApplicationTrafficSecret);
        this.serverSecrets[EncryptionLevel.App.ordinal()].computeKeys(serverApplicationTrafficSecret);
        if (this.writeSecretsToFile) {
            appendToFile("TRAFFIC_SECRET_0", EncryptionLevel.App);
        }
    }

    private void appendToFile(String str, EncryptionLevel encryptionLevel) {
        ArrayList arrayList = new ArrayList();
        arrayList.add("CLIENT_" + str + " " + ByteUtils.bytesToHex(this.clientRandom) + " " + ByteUtils.bytesToHex(this.clientSecrets[encryptionLevel.ordinal()].getTrafficSecret()));
        arrayList.add("SERVER_" + str + " " + ByteUtils.bytesToHex(this.clientRandom) + " " + ByteUtils.bytesToHex(this.serverSecrets[encryptionLevel.ordinal()].getTrafficSecret()));
        try {
            Files.write(this.wiresharkSecretsFile, arrayList, StandardOpenOption.APPEND);
        } catch (IOException e) {
            this.log.error("Writing secrets to file '" + this.wiresharkSecretsFile + "' failed", e);
            this.writeSecretsToFile = false;
        }
    }

    public void setClientRandom(byte[] bArr) {
        this.clientRandom = bArr;
    }

    public synchronized Aead getClientAead(EncryptionLevel encryptionLevel) {
        return this.clientSecrets[encryptionLevel.ordinal()];
    }

    public synchronized Aead getServerAead(EncryptionLevel encryptionLevel) {
        return this.serverSecrets[encryptionLevel.ordinal()];
    }

    public synchronized Aead getPeerAead(EncryptionLevel encryptionLevel) {
        return this.ownRole == Role.Client ? this.serverSecrets[encryptionLevel.ordinal()] : this.clientSecrets[encryptionLevel.ordinal()];
    }

    public synchronized Aead getOwnAead(EncryptionLevel encryptionLevel) {
        return this.ownRole == Role.Client ? this.clientSecrets[encryptionLevel.ordinal()] : this.serverSecrets[encryptionLevel.ordinal()];
    }
}
