package de.fhg.aisec.ids.tpm2d.tpm2d_verifier;

import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatVerifierDriver;
import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage;
import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatVerifierFsmListener;
import de.fhg.aisec.ids.tpm2d.TpmException;
import de.fhg.aisec.ids.tpm2d.TpmHelper;
import de.fhg.aisec.ids.tpm2d.TpmMessageFactory;
import de.fhg.aisec.ids.tpm2d.messages.TpmAttestation;
import de.fhg.aisec.ids.tpm2d.tpm2d_verifier.PcrValues;
import java.util.Arrays;
import java.util.List;
import java.util.concurrent.BlockingQueue;
import java.util.concurrent.LinkedBlockingQueue;
import kotlin.Metadata;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* compiled from: TpmVerifier.kt */
@Metadata(mv = {1, 5, 1}, k = 1, xi = TpmAttestation.HashAlgLen.SHA384_VALUE, d1 = {"��>\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\u0010\u0012\n��\n\u0002\u0010\u000b\n��\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u0002\n\u0002\b\u0006\n\u0002\u0018\u0002\n\u0002\b\u0002\u0018�� \u00192\b\u0012\u0004\u0012\u00020\u00020\u0001:\u0001\u0019B\r\u0012\u0006\u0010\u0003\u001a\u00020\u0004¢\u0006\u0002\u0010\u0005J\u0010\u0010\n\u001a\u00020\u000b2\u0006\u0010\f\u001a\u00020\rH\u0002J\u0018\u0010\u000e\u001a\u00020\u000b2\u0006\u0010\f\u001a\u00020\r2\u0006\u0010\u000f\u001a\u00020\tH\u0002J\u0010\u0010\u0010\u001a\u00020\u00112\u0006\u0010\u0012\u001a\u00020\tH\u0016J\b\u0010\u0013\u001a\u00020\u0011H\u0016J\u0010\u0010\u0014\u001a\u00020\u00112\u0006\u0010\u0015\u001a\u00020\u000bH\u0002J\u0010\u0010\u0016\u001a\u00020\u00112\u0006\u0010\u0006\u001a\u00020\u0002H\u0016J\b\u0010\u0017\u001a\u00020\u0018H\u0002R\u000e\u0010\u0006\u001a\u00020\u0002X\u0082.¢\u0006\u0002\n��R\u0014\u0010\u0007\u001a\b\u0012\u0004\u0012\u00020\t0\bX\u0082\u0004¢\u0006\u0002\n��¨\u0006\u001a"}, d2 = {"Lde/fhg/aisec/ids/tpm2d/tpm2d_verifier/TpmVerifier;", "Lde/fhg/aisec/ids/idscp2/idscp_core/drivers/RatVerifierDriver;", "Lde/fhg/aisec/ids/tpm2d/tpm2d_verifier/TpmVerifierConfig;", "fsmListener", "Lde/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatVerifierFsmListener;", "(Lde/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatVerifierFsmListener;)V", "config", "queue", "Ljava/util/concurrent/BlockingQueue;", "", "checkPcrValues", "", "response", "Lde/fhg/aisec/ids/tpm2d/messages/TpmAttestation$TpmResponse;", "checkSignature", "hash", "delegate", "", "message", "run", "sendRatResult", "result", "setConfig", "waitForProverMsg", "Lde/fhg/aisec/ids/tpm2d/messages/TpmAttestation$TpmMessage;", "Companion", "idscp2-rat-tpm2d"})
/* loaded from: input_file:de/fhg/aisec/ids/tpm2d/tpm2d_verifier/TpmVerifier.class */
public final class TpmVerifier extends RatVerifierDriver<TpmVerifierConfig> {

    @NotNull
    private final BlockingQueue<byte[]> queue;
    private TpmVerifierConfig config;

    @NotNull
    public static final String ID = "TPM";

    @NotNull
    public static final Companion Companion = new Companion(null);
    private static final Logger LOG = LoggerFactory.getLogger(TpmVerifier.class);

    /* compiled from: TpmVerifier.kt */
    @Metadata(mv = {1, 5, 1}, k = 1, xi = TpmAttestation.HashAlgLen.SHA384_VALUE, d1 = {"��\u001a\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0010\u000e\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\b\u0086\u0003\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002R\u000e\u0010\u0003\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n��R\u0016\u0010\u0005\u001a\n \u0007*\u0004\u0018\u00010\u00060\u0006X\u0082\u0004¢\u0006\u0002\n��¨\u0006\b"}, d2 = {"Lde/fhg/aisec/ids/tpm2d/tpm2d_verifier/TpmVerifier$Companion;", "", "()V", "ID", "", "LOG", "Lorg/slf4j/Logger;", "kotlin.jvm.PlatformType", "idscp2-rat-tpm2d"})
    /* loaded from: input_file:de/fhg/aisec/ids/tpm2d/tpm2d_verifier/TpmVerifier$Companion.class */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public TpmVerifier(@NotNull RatVerifierFsmListener ratVerifierFsmListener) {
        super(ratVerifierFsmListener);
        Intrinsics.checkNotNullParameter(ratVerifierFsmListener, "fsmListener");
        this.queue = new LinkedBlockingQueue();
    }

    public void setConfig(@NotNull TpmVerifierConfig tpmVerifierConfig) {
        Intrinsics.checkNotNullParameter(tpmVerifierConfig, "config");
        this.config = tpmVerifierConfig;
    }

    public void delegate(@NotNull byte[] bArr) {
        Intrinsics.checkNotNullParameter(bArr, "message");
        if (LOG.isTraceEnabled()) {
            LOG.trace("Delegated TPM prover message to TPM verifier");
        }
        this.queue.add(bArr);
    }

    private final TpmAttestation.TpmMessage waitForProverMsg() {
        try {
            TpmAttestation.TpmMessage parseFrom = TpmAttestation.TpmMessage.parseFrom(this.queue.take());
            Intrinsics.checkNotNullExpressionValue(parseFrom, "parseFrom(msg)");
            return parseFrom;
        } catch (Exception e) {
            if (getRunning()) {
                getFsmListener().onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED);
            }
            throw new TpmException("Interrupted or invalid message", e);
        }
    }

    private final void sendRatResult(boolean z) {
        byte[] byteArray = TpmMessageFactory.INSTANCE.getAttestationResultMessage(z).toByteArray();
        RatVerifierFsmListener fsmListener = getFsmListener();
        InternalControlMessage internalControlMessage = InternalControlMessage.RAT_VERIFIER_MSG;
        Intrinsics.checkNotNullExpressionValue(byteArray, "ratResult");
        fsmListener.onRatVerifierMessage(internalControlMessage, byteArray);
        if (z) {
            getFsmListener().onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK);
        } else {
            getFsmListener().onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED);
        }
    }

    public void run() {
        if (LOG.isDebugEnabled()) {
            LOG.debug("Generate and send TPM challenge to remote TPM prover");
        }
        byte[] generateNonce = TpmHelper.INSTANCE.generateNonce(20);
        Logger logger = LOG;
        String arrays = Arrays.toString(generateNonce);
        Intrinsics.checkNotNullExpressionValue(arrays, "java.util.Arrays.toString(this)");
        logger.debug("Challenge nonce is: " + arrays);
        TpmMessageFactory tpmMessageFactory = TpmMessageFactory.INSTANCE;
        TpmVerifierConfig tpmVerifierConfig = this.config;
        if (tpmVerifierConfig == null) {
            Intrinsics.throwUninitializedPropertyAccessException("config");
            throw null;
        }
        TpmAttestation.IdsAttestationType expectedAType = tpmVerifierConfig.getExpectedAType();
        TpmVerifierConfig tpmVerifierConfig2 = this.config;
        if (tpmVerifierConfig2 == null) {
            Intrinsics.throwUninitializedPropertyAccessException("config");
            throw null;
        }
        byte[] byteArray = tpmMessageFactory.getAttestationChallengeMessage(generateNonce, expectedAType, tpmVerifierConfig2.getExpectedAttestationMask()).toByteArray();
        RatVerifierFsmListener fsmListener = getFsmListener();
        InternalControlMessage internalControlMessage = InternalControlMessage.RAT_VERIFIER_MSG;
        Intrinsics.checkNotNullExpressionValue(byteArray, "ratChallenge");
        fsmListener.onRatVerifierMessage(internalControlMessage, byteArray);
        LOG.debug("Wait for RAT prover message with TPM attestation response");
        TpmAttestation.TpmMessage waitForProverMsg = waitForProverMsg();
        if (!waitForProverMsg.hasRatResponse()) {
            getFsmListener().onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED);
            throw new TpmException("Missing TPM challenge response");
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("Got TPM challenge response. Start validation ...");
        }
        TpmAttestation.TpmResponse ratResponse = waitForProverMsg.getRatResponse();
        Intrinsics.checkNotNullExpressionValue(ratResponse, "resp");
        TpmHelper tpmHelper = TpmHelper.INSTANCE;
        TpmVerifierConfig tpmVerifierConfig3 = this.config;
        if (tpmVerifierConfig3 == null) {
            Intrinsics.throwUninitializedPropertyAccessException("config");
            throw null;
        }
        if (!checkSignature(ratResponse, tpmHelper.calculateHash(generateNonce, tpmVerifierConfig3.getLocalCertificate()))) {
            sendRatResult(false);
            throw new TpmException("Invalid TPM signature");
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("TPM signature valid and certificate trusted");
        }
        if (!checkPcrValues(ratResponse)) {
            sendRatResult(false);
            throw new TpmException("Mismatch between pcr values and golden values");
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("PCR values trusted");
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("TPM verification succeed");
        }
        sendRatResult(true);
    }

    private final boolean checkPcrValues(TpmAttestation.TpmResponse tpmResponse) {
        try {
            PcrValues.Companion companion = PcrValues.Companion;
            List<TpmAttestation.Pcr> pcrValuesList = tpmResponse.getPcrValuesList();
            Intrinsics.checkNotNullExpressionValue(pcrValuesList, "response.pcrValuesList");
            PcrValues parse = companion.parse(pcrValuesList);
            if (LOG.isDebugEnabled()) {
                LOG.debug("Peer PCR values from TPM response: " + parse);
            }
            PcrValues parse2 = PcrValues.Companion.parse(getFsmListener().getRemotePeerDat());
            if (LOG.isDebugEnabled()) {
                LOG.debug("Golden values from DAPS: " + parse2);
            }
            TpmVerifierConfig tpmVerifierConfig = this.config;
            if (tpmVerifierConfig == null) {
                Intrinsics.throwUninitializedPropertyAccessException("config");
                throw null;
            }
            TpmAttestation.IdsAttestationType expectedAType = tpmVerifierConfig.getExpectedAType();
            TpmVerifierConfig tpmVerifierConfig2 = this.config;
            if (tpmVerifierConfig2 != null) {
                return parse.isTrusted(parse2, expectedAType, tpmVerifierConfig2.getExpectedAttestationMask());
            }
            Intrinsics.throwUninitializedPropertyAccessException("config");
            throw null;
        } catch (Exception e) {
            LOG.error("Cannot check PCR values against golden values", e);
            return false;
        }
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockSplitter
        jadx.core.utils.exceptions.JadxRuntimeException: Unexpected missing predecessor for block: B:35:0x0162
        	at jadx.core.dex.visitors.blocks.BlockSplitter.addTempConnectionsForExcHandlers(BlockSplitter.java:275)
        	at jadx.core.dex.visitors.blocks.BlockSplitter.visit(BlockSplitter.java:68)
        */
    private final boolean checkSignature(de.fhg.aisec.ids.tpm2d.messages.TpmAttestation.TpmResponse r7, byte[] r8) {
        /*
            Method dump skipped, instructions count: 910
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: de.fhg.aisec.ids.tpm2d.tpm2d_verifier.TpmVerifier.checkSignature(de.fhg.aisec.ids.tpm2d.messages.TpmAttestation$TpmResponse, byte[]):boolean");
    }
}
