package de.rub.nds.tlsscanner.serverscanner.probe;

import de.rub.nds.tlsattacker.core.config.Config;
import de.rub.nds.tlsattacker.core.constants.CipherSuite;
import de.rub.nds.tlsattacker.core.constants.ECPointFormat;
import de.rub.nds.tlsattacker.core.constants.HandshakeMessageType;
import de.rub.nds.tlsattacker.core.constants.NamedGroup;
import de.rub.nds.tlsattacker.core.constants.ProtocolVersion;
import de.rub.nds.tlsattacker.core.constants.SignatureAndHashAlgorithm;
import de.rub.nds.tlsattacker.core.state.State;
import de.rub.nds.tlsattacker.core.workflow.ParallelExecutor;
import de.rub.nds.tlsattacker.core.workflow.WorkflowTraceUtil;
import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowTraceType;
import de.rub.nds.tlsscanner.serverscanner.config.ScannerConfig;
import de.rub.nds.tlsscanner.serverscanner.constants.ProbeType;
import de.rub.nds.tlsscanner.serverscanner.rating.TestResult;
import de.rub.nds.tlsscanner.serverscanner.report.AnalyzedProperty;
import de.rub.nds.tlsscanner.serverscanner.report.SiteReport;
import de.rub.nds.tlsscanner.serverscanner.report.result.ECPointFormatResult;
import de.rub.nds.tlsscanner.serverscanner.report.result.ProbeResult;
import java.util.Arrays;
import java.util.LinkedList;
import java.util.List;

/* loaded from: input_file:de/rub/nds/tlsscanner/serverscanner/probe/ECPointFormatProbe.class */
public class ECPointFormatProbe extends TlsProbe {
    private Boolean shouldTestTls13;
    private Boolean shouldTestPointFormats;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: de.rub.nds.tlsscanner.serverscanner.probe.ECPointFormatProbe$1, reason: invalid class name */
    /* loaded from: input_file:de/rub/nds/tlsscanner/serverscanner/probe/ECPointFormatProbe$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$de$rub$nds$tlsattacker$core$constants$ECPointFormat = new int[ECPointFormat.values().length];

        static {
            try {
                $SwitchMap$de$rub$nds$tlsattacker$core$constants$ECPointFormat[ECPointFormat.UNCOMPRESSED.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$de$rub$nds$tlsattacker$core$constants$ECPointFormat[ECPointFormat.ANSIX962_COMPRESSED_PRIME.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$de$rub$nds$tlsattacker$core$constants$ECPointFormat[ECPointFormat.ANSIX962_COMPRESSED_CHAR2.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    public ECPointFormatProbe(ScannerConfig scannerConfig, ParallelExecutor parallelExecutor) {
        super(parallelExecutor, ProbeType.EC_POINT_FORMAT, scannerConfig);
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.probe.TlsProbe
    public ProbeResult executeTest() {
        try {
            List<ECPointFormat> list = null;
            if (this.shouldTestPointFormats.booleanValue()) {
                list = getSupportedPointFormats();
            }
            TestResult tls13SecpCompressionSupported = this.shouldTestTls13.booleanValue() ? getTls13SecpCompressionSupported() : TestResult.COULD_NOT_TEST;
            if (list != null) {
                return new ECPointFormatResult(list, tls13SecpCompressionSupported);
            }
            LOGGER.debug("Unable to determine supported point formats");
            return new ECPointFormatResult(null, tls13SecpCompressionSupported);
        } catch (Exception e) {
            LOGGER.error("Could not scan for " + getProbeName(), e);
            return new ECPointFormatResult(null, TestResult.ERROR_DURING_TEST);
        }
    }

    private List<ECPointFormat> getSupportedPointFormats() {
        LinkedList linkedList = new LinkedList();
        testPointFormat(ECPointFormat.UNCOMPRESSED, linkedList);
        testPointFormat(ECPointFormat.ANSIX962_COMPRESSED_PRIME, linkedList);
        testPointFormat(ECPointFormat.ANSIX962_COMPRESSED_CHAR2, linkedList);
        return linkedList;
    }

    private void testPointFormat(ECPointFormat eCPointFormat, List<ECPointFormat> list) {
        LinkedList linkedList = new LinkedList();
        for (CipherSuite cipherSuite : CipherSuite.values()) {
            if (cipherSuite.name().contains("TLS_ECDH")) {
                linkedList.add(cipherSuite);
            }
        }
        List<NamedGroup> list2 = null;
        switch (AnonymousClass1.$SwitchMap$de$rub$nds$tlsattacker$core$constants$ECPointFormat[eCPointFormat.ordinal()]) {
            case 1:
                list2 = new LinkedList();
                list2.addAll(Arrays.asList(NamedGroup.values()));
                list2.remove(NamedGroup.ECDH_X25519);
                list2.remove(NamedGroup.ECDH_X448);
                break;
            case SessionTicketZeroKeyProbe.SESSION_STATE_LENFIELD_LEN /* 2 */:
                list2 = getSecpGroups();
                break;
            case 3:
                list2 = getSectGroups();
                break;
        }
        Config createConfig = getScannerConfig().createConfig();
        createConfig.setDefaultClientSupportedCiphersuites(linkedList);
        createConfig.setDefaultSelectedCipherSuite((CipherSuite) linkedList.get(0));
        createConfig.setHighestProtocolVersion(ProtocolVersion.TLS12);
        createConfig.setEnforceSettings(true);
        createConfig.setAddServerNameIndicationExtension(true);
        createConfig.setAddEllipticCurveExtension(true);
        createConfig.setAddECPointFormatExtension(true);
        createConfig.setAddSignatureAndHashAlgorithmsExtension(true);
        createConfig.setAddRenegotiationInfoExtension(true);
        createConfig.setWorkflowTraceType(WorkflowTraceType.HANDSHAKE);
        createConfig.setQuickReceive(true);
        createConfig.setDefaultSelectedPointFormat(eCPointFormat);
        createConfig.setEarlyStop(true);
        createConfig.setStopActionsAfterFatal(true);
        createConfig.setDefaultClientNamedGroups(list2);
        State state = new State(createConfig);
        executeState(state);
        if (WorkflowTraceUtil.didReceiveMessage(HandshakeMessageType.FINISHED, state.getWorkflowTrace())) {
            list.add(eCPointFormat);
        }
    }

    private TestResult getTls13SecpCompressionSupported() {
        try {
            List<NamedGroup> secpGroups = getSecpGroups();
            Config createConfig = getScannerConfig().createConfig();
            createConfig.setQuickReceive(true);
            createConfig.setDefaultClientSupportedCiphersuites(CipherSuite.getImplemented());
            createConfig.setHighestProtocolVersion(ProtocolVersion.TLS13);
            createConfig.setSupportedVersions(new ProtocolVersion[]{ProtocolVersion.TLS13});
            createConfig.setEnforceSettings(false);
            createConfig.setEarlyStop(true);
            createConfig.setStopReceivingAfterFatal(true);
            createConfig.setStopActionsAfterFatal(true);
            createConfig.setWorkflowTraceType(WorkflowTraceType.HELLO);
            createConfig.setDefaultClientNamedGroups(secpGroups);
            createConfig.setDefaultClientKeyShareNamedGroups(secpGroups);
            createConfig.setAddECPointFormatExtension(false);
            createConfig.setAddEllipticCurveExtension(true);
            createConfig.setAddSignatureAndHashAlgorithmsExtension(true);
            createConfig.setAddSupportedVersionsExtension(true);
            createConfig.setAddKeyShareExtension(true);
            createConfig.setAddServerNameIndicationExtension(true);
            createConfig.setAddCertificateStatusRequestExtension(true);
            createConfig.setUseFreshRandom(true);
            createConfig.setDefaultClientSupportedSignatureAndHashAlgorithms(SignatureAndHashAlgorithm.getTls13SignatureAndHashAlgorithms());
            createConfig.setDefaultClientSupportedPointFormats(new ECPointFormat[]{ECPointFormat.ANSIX962_COMPRESSED_PRIME});
            createConfig.setDefaultSelectedPointFormat(ECPointFormat.ANSIX962_COMPRESSED_PRIME);
            State state = new State(createConfig);
            executeState(state);
            return WorkflowTraceUtil.didReceiveMessage(HandshakeMessageType.FINISHED, state.getWorkflowTrace()) ? TestResult.TRUE : TestResult.FALSE;
        } catch (Exception e) {
            LOGGER.error("Could not test for Tls13SecpCompression", e);
            return TestResult.ERROR_DURING_TEST;
        }
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.probe.TlsProbe
    public boolean canBeExecuted(SiteReport siteReport) {
        return siteReport.isProbeAlreadyExecuted(ProbeType.PROTOCOL_VERSION) && (siteReport.getResult(AnalyzedProperty.SUPPORTS_ECDH) == TestResult.TRUE || siteReport.getResult(AnalyzedProperty.SUPPORTS_TLS_1_3) == TestResult.TRUE);
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.probe.TlsProbe
    public ProbeResult getCouldNotExecuteResult() {
        return new ECPointFormatResult(null, TestResult.COULD_NOT_TEST);
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.probe.TlsProbe
    public void adjustConfig(SiteReport siteReport) {
        this.shouldTestPointFormats = Boolean.valueOf(siteReport.getResult(AnalyzedProperty.SUPPORTS_TLS_1_2) == TestResult.TRUE || siteReport.getResult(AnalyzedProperty.SUPPORTS_TLS_1_1) == TestResult.TRUE || siteReport.getResult(AnalyzedProperty.SUPPORTS_TLS_1_0) == TestResult.TRUE);
        this.shouldTestTls13 = Boolean.valueOf(siteReport.getResult(AnalyzedProperty.SUPPORTS_TLS_1_3) == TestResult.TRUE);
    }

    private List<NamedGroup> getSecpGroups() {
        LinkedList linkedList = new LinkedList();
        for (NamedGroup namedGroup : NamedGroup.getImplemented()) {
            if (namedGroup.name().contains("SECP")) {
                linkedList.add(namedGroup);
            }
        }
        return linkedList;
    }

    private List<NamedGroup> getSectGroups() {
        LinkedList linkedList = new LinkedList();
        for (NamedGroup namedGroup : NamedGroup.getImplemented()) {
            if (namedGroup.name().contains("SECT")) {
                linkedList.add(namedGroup);
            }
        }
        return linkedList;
    }
}
