package de.rub.nds.tlsscanner.serverscanner.probe;

import de.rub.nds.tlsattacker.attacks.cca.CcaCertificateManager;
import de.rub.nds.tlsattacker.attacks.cca.CcaCertificateType;
import de.rub.nds.tlsattacker.attacks.cca.CcaWorkflowGenerator;
import de.rub.nds.tlsattacker.attacks.cca.CcaWorkflowType;
import de.rub.nds.tlsattacker.core.config.Config;
import de.rub.nds.tlsattacker.core.config.delegate.CcaDelegate;
import de.rub.nds.tlsattacker.core.constants.HandshakeMessageType;
import de.rub.nds.tlsattacker.core.constants.ProtocolVersion;
import de.rub.nds.tlsattacker.core.state.State;
import de.rub.nds.tlsattacker.core.workflow.ParallelExecutor;
import de.rub.nds.tlsattacker.core.workflow.WorkflowTraceUtil;
import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowTraceType;
import de.rub.nds.tlsscanner.serverscanner.config.ScannerConfig;
import de.rub.nds.tlsscanner.serverscanner.constants.ProbeType;
import de.rub.nds.tlsscanner.serverscanner.rating.TestResult;
import de.rub.nds.tlsscanner.serverscanner.report.AnalyzedProperty;
import de.rub.nds.tlsscanner.serverscanner.report.SiteReport;
import de.rub.nds.tlsscanner.serverscanner.report.result.CcaRequiredResult;
import de.rub.nds.tlsscanner.serverscanner.report.result.ProbeResult;

/* loaded from: input_file:de/rub/nds/tlsscanner/serverscanner/probe/CcaRequiredProbe.class */
public class CcaRequiredProbe extends TlsProbe {
    public CcaRequiredProbe(ScannerConfig scannerConfig, ParallelExecutor parallelExecutor) {
        super(parallelExecutor, ProbeType.CCA_SUPPORT, scannerConfig);
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.probe.TlsProbe
    public ProbeResult executeTest() {
        CcaCertificateManager ccaCertificateManager = new CcaCertificateManager(getScannerConfig().getDelegate(CcaDelegate.class));
        Config generateConfig = generateConfig();
        CcaWorkflowType ccaWorkflowType = CcaWorkflowType.CRT_CKE_CCS_FIN;
        CcaCertificateType ccaCertificateType = CcaCertificateType.EMPTY;
        generateConfig.setHighestProtocolVersion(ProtocolVersion.TLS12);
        State state = new State(generateConfig, CcaWorkflowGenerator.generateWorkflow(generateConfig, ccaCertificateManager, ccaWorkflowType, ccaCertificateType));
        try {
            executeState(state);
        } catch (Exception e) {
            LOGGER.warn("Could not test if client authentication is required.");
        }
        return WorkflowTraceUtil.didReceiveMessage(HandshakeMessageType.FINISHED, state.getWorkflowTrace()) ? new CcaRequiredResult(TestResult.FALSE) : new CcaRequiredResult(TestResult.TRUE);
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.probe.TlsProbe
    public boolean canBeExecuted(SiteReport siteReport) {
        return siteReport.getResult(AnalyzedProperty.SUPPORTS_CCA) == TestResult.TRUE;
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.probe.TlsProbe
    public void adjustConfig(SiteReport siteReport) {
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.probe.TlsProbe
    public ProbeResult getCouldNotExecuteResult() {
        return new CcaRequiredResult(TestResult.COULD_NOT_TEST);
    }

    private Config generateConfig() {
        Config createConfig = getScannerConfig().createConfig();
        createConfig.setAutoSelectCertificate(false);
        createConfig.setAddServerNameIndicationExtension(true);
        createConfig.setWorkflowTraceType(WorkflowTraceType.HELLO);
        createConfig.setDefaultSelectedProtocolVersion(ProtocolVersion.TLS10);
        createConfig.setQuickReceive(true);
        createConfig.setEarlyStop(true);
        createConfig.setStopActionsAfterIOException(true);
        createConfig.setStopActionsAfterFatal(true);
        return createConfig;
    }
}
