package de.rub.nds.tlsscanner.serverscanner.probe.bleichenbacher.vector;

import de.rub.nds.modifiablevariable.util.ArrayConverter;
import de.rub.nds.tlsattacker.core.constants.ProtocolVersion;
import de.rub.nds.tlsattacker.core.exceptions.ConfigurationException;
import de.rub.nds.tlsscanner.serverscanner.probe.bleichenbacher.constans.BleichenbacherScanType;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.RSAPublicKey;
import java.util.Arrays;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:de/rub/nds/tlsscanner/serverscanner/probe/bleichenbacher/vector/Pkcs1VectorGenerator.class */
public class Pkcs1VectorGenerator {
    private static final Logger LOGGER = LogManager.getLogger();

    private Pkcs1VectorGenerator() {
    }

    public static List<Pkcs1Vector> generatePkcs1Vectors(RSAPublicKey rSAPublicKey, BleichenbacherScanType bleichenbacherScanType, ProtocolVersion protocolVersion) {
        List<Pkcs1Vector> generatePlainPkcs1Vectors = generatePlainPkcs1Vectors(rSAPublicKey.getModulus().bitLength(), bleichenbacherScanType, protocolVersion);
        try {
            Cipher cipher = Cipher.getInstance("RSA/NONE/NoPadding");
            cipher.init(1, rSAPublicKey);
            for (Pkcs1Vector pkcs1Vector : generatePlainPkcs1Vectors) {
                pkcs1Vector.setEncryptedValue(cipher.doFinal(pkcs1Vector.getPlainValue()));
            }
            return generatePlainPkcs1Vectors;
        } catch (InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new ConfigurationException("The different PKCS#1 attack vectors could not be generated.", e);
        }
    }

    public static Pkcs1Vector generateCorrectPkcs1Vector(RSAPublicKey rSAPublicKey, ProtocolVersion protocolVersion) {
        Pkcs1Vector plainCorrect = getPlainCorrect(rSAPublicKey.getModulus().bitLength(), protocolVersion);
        try {
            Cipher cipher = Cipher.getInstance("RSA/NONE/NoPadding");
            cipher.init(1, rSAPublicKey);
            plainCorrect.setEncryptedValue(cipher.doFinal(plainCorrect.getPlainValue()));
            return plainCorrect;
        } catch (InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new ConfigurationException("The PKCS#1 attack vectors could not be generated.", e);
        }
    }

    public static List<Pkcs1Vector> generatePlainPkcs1Vectors(int i, BleichenbacherScanType bleichenbacherScanType, ProtocolVersion protocolVersion) {
        byte[] bArr = new byte[48];
        Arrays.fill(bArr, (byte) 42);
        bArr[0] = protocolVersion.getMajor();
        bArr[1] = protocolVersion.getMinor();
        int i2 = i / 8;
        LinkedList linkedList = new LinkedList();
        linkedList.add(new Pkcs1Vector("Correctly formatted PKCS#1 PMS message", getPaddedKey(i2, bArr)));
        linkedList.add(new Pkcs1Vector("Wrong first byte (0x00 set to 0x17)", getEK_WrongFirstByte(i2, bArr)));
        linkedList.add(new Pkcs1Vector("Wrong second byte (0x02 set to 0x17)", getEK_WrongSecondByte(i2, bArr)));
        linkedList.add(new Pkcs1Vector("Invalid TLS version in PMS", getEK_WrongTlsVersion(i2, bArr)));
        linkedList.add(new Pkcs1Vector("Correctly formatted PKCS#1 PMS message, but 1 byte shorter", getPaddedKey(i2 - 1, bArr)));
        linkedList.add(new Pkcs1Vector("No 0x00 in message", getEK_NoNullByte(i2, bArr)));
        linkedList.add(new Pkcs1Vector("0x00 in PKCS#1 padding (first 8 bytes after 0x00 0x02)", getEK_NullByteInPkcsPadding(i2, bArr)));
        linkedList.add(new Pkcs1Vector("0x00 in some padding byte", getEK_NullByteInPadding(i2, bArr)));
        linkedList.add(new Pkcs1Vector("0x00 on the last position  (|PMS| = 0)", getEK_SymmetricKeyOfSize(i2, bArr, 0)));
        linkedList.add(new Pkcs1Vector("0x00 on the next to last position (|PMS| = 1)", getEK_SymmetricKeyOfSize(i2, bArr, 1)));
        linkedList.add(new Pkcs1Vector("Correctly formatted PKCS#1 message, (|PMS| = 47)", getPaddedKey(i2, Arrays.copyOf(bArr, 47))));
        linkedList.add(new Pkcs1Vector("Correctly formatted PKCS#1 message, (|PMS| = 49)", getPaddedKey(i2, Arrays.copyOf(bArr, 49))));
        if (bleichenbacherScanType == BleichenbacherScanType.FULL) {
            Iterator<Pkcs1Vector> it = getEK_DifferentPositionsOf0x00(i2, bArr).iterator();
            while (it.hasNext()) {
                linkedList.add(it.next());
            }
        }
        return linkedList;
    }

    private static Pkcs1Vector getPlainCorrect(int i, ProtocolVersion protocolVersion) {
        byte[] bArr = new byte[48];
        Arrays.fill(bArr, (byte) 42);
        bArr[0] = protocolVersion.getMajor();
        bArr[1] = protocolVersion.getMinor();
        return new Pkcs1Vector("Correctly formatted PKCS#1 PMS message", getPaddedKey(i / 8, bArr));
    }

    private static byte[] getPaddedKey(int i, byte[] bArr) {
        byte[] bArr2 = new byte[i];
        Arrays.fill(bArr2, (byte) 42);
        bArr2[0] = 0;
        bArr2[1] = 2;
        bArr2[(i - bArr.length) - 1] = 0;
        System.arraycopy(bArr, 0, bArr2, i - bArr.length, bArr.length);
        LOGGER.debug("Generated a PKCS1 padded message a correct key length, but invalid protocol version: {}", ArrayConverter.bytesToHexString(bArr2));
        return bArr2;
    }

    private static byte[] getEK_WrongTlsVersion(int i, byte[] bArr) {
        byte[] paddedKey = getPaddedKey(i, bArr);
        paddedKey[i - bArr.length] = 66;
        paddedKey[(i - bArr.length) + 1] = 66;
        LOGGER.debug("Generated a PKCS1 padded message with a wrong TLS version bytes: {}", ArrayConverter.bytesToHexString(paddedKey));
        return paddedKey;
    }

    private static byte[] getEK_WrongFirstByte(int i, byte[] bArr) {
        byte[] paddedKey = getPaddedKey(i, bArr);
        paddedKey[0] = 23;
        LOGGER.debug("Generated a PKCS1 padded message with a wrong first byte: {}", ArrayConverter.bytesToHexString(paddedKey));
        return paddedKey;
    }

    private static byte[] getEK_WrongSecondByte(int i, byte[] bArr) {
        byte[] paddedKey = getPaddedKey(i, bArr);
        paddedKey[1] = 23;
        LOGGER.debug("Generated a PKCS1 padded message with a wrong second byte: {}", ArrayConverter.bytesToHexString(paddedKey));
        return paddedKey;
    }

    private static byte[] getEK_NoNullByte(int i, byte[] bArr) {
        byte[] paddedKey = getPaddedKey(i, bArr);
        for (int i2 = 3; i2 < paddedKey.length; i2++) {
            if (paddedKey[i2] == 0) {
                paddedKey[i2] = 1;
            }
        }
        LOGGER.debug("Generated a PKCS1 padded message with no separating byte: {}", ArrayConverter.bytesToHexString(paddedKey));
        return paddedKey;
    }

    private static byte[] getEK_NullByteInPkcsPadding(int i, byte[] bArr) {
        byte[] paddedKey = getPaddedKey(i, bArr);
        paddedKey[3] = 0;
        LOGGER.debug("Generated a PKCS1 padded message with a 0x00 byte in the PKCS1 padding: {}", ArrayConverter.bytesToHexString(paddedKey));
        return paddedKey;
    }

    private static byte[] getEK_NullByteInPadding(int i, byte[] bArr) {
        byte[] paddedKey = getPaddedKey(i, bArr);
        paddedKey[11] = 0;
        LOGGER.debug("Generated a PKCS1 padded message with a 0x00 byte in padding: {}", ArrayConverter.bytesToHexString(paddedKey));
        return paddedKey;
    }

    private static byte[] getEK_SymmetricKeyOfSize(int i, byte[] bArr, int i2) {
        byte[] paddedKey = getPaddedKey(i, bArr);
        for (int i3 = 3; i3 < paddedKey.length; i3++) {
            if (paddedKey[i3] == 0) {
                paddedKey[i3] = 1;
            }
        }
        paddedKey[(i - i2) - 1] = 0;
        LOGGER.debug("Generated a PKCS1 padded symmetric key of size {}: {}", Integer.valueOf(i2), ArrayConverter.bytesToHexString(paddedKey));
        return paddedKey;
    }

    private static List<Pkcs1Vector> getEK_DifferentPositionsOf0x00(int i, byte[] bArr) {
        LinkedList linkedList = new LinkedList();
        for (int i2 = 2; i2 < i; i2++) {
            if ((i - 1) - 48 != i2) {
                byte[] paddedKey = getPaddedKey(i, bArr);
                for (int i3 = 3; i3 < paddedKey.length; i3++) {
                    if (paddedKey[i3] == 0) {
                        paddedKey[i3] = 1;
                    }
                }
                paddedKey[i2] = 0;
                linkedList.add(new Pkcs1Vector("0x00 on a wrong position (" + i2 + ")", paddedKey));
            }
        }
        LOGGER.debug("Generated PKCS1 vectors with different invalid 0x00 positions");
        return linkedList;
    }
}
