package de.rub.nds.tlsscanner.serverscanner.probe;

import de.rub.nds.tlsattacker.core.config.Config;
import de.rub.nds.tlsattacker.core.constants.CipherSuite;
import de.rub.nds.tlsattacker.core.constants.NamedGroup;
import de.rub.nds.tlsattacker.core.constants.ProtocolVersion;
import de.rub.nds.tlsattacker.core.state.State;
import de.rub.nds.tlsattacker.core.workflow.ParallelExecutor;
import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowTraceType;
import de.rub.nds.tlsscanner.serverscanner.config.ScannerConfig;
import de.rub.nds.tlsscanner.serverscanner.constants.ProbeType;
import de.rub.nds.tlsscanner.serverscanner.rating.TestResult;
import de.rub.nds.tlsscanner.serverscanner.report.SiteReport;
import de.rub.nds.tlsscanner.serverscanner.report.result.CipherSuiteOrderResult;
import de.rub.nds.tlsscanner.serverscanner.report.result.ProbeResult;
import java.util.Arrays;
import java.util.Collections;
import java.util.LinkedList;
import java.util.List;

/* loaded from: input_file:de/rub/nds/tlsscanner/serverscanner/probe/CipherSuiteOrderProbe.class */
public class CipherSuiteOrderProbe extends TlsProbe {
    public CipherSuiteOrderProbe(ScannerConfig scannerConfig, ParallelExecutor parallelExecutor) {
        super(parallelExecutor, ProbeType.CIPHER_SUITE_ORDER, scannerConfig);
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.probe.TlsProbe
    public ProbeResult executeTest() {
        try {
            LinkedList linkedList = new LinkedList();
            linkedList.addAll(Arrays.asList(CipherSuite.values()));
            linkedList.remove(CipherSuite.TLS_FALLBACK_SCSV);
            linkedList.remove(CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV);
            CipherSuite selectedCipherSuite = getSelectedCipherSuite(linkedList);
            Collections.reverse(linkedList);
            return new CipherSuiteOrderResult(selectedCipherSuite == getSelectedCipherSuite(linkedList) ? TestResult.TRUE : TestResult.FALSE);
        } catch (Exception e) {
            LOGGER.error("Could not scan for " + getProbeName(), e);
            return new CipherSuiteOrderResult(TestResult.ERROR_DURING_TEST);
        }
    }

    public CipherSuite getSelectedCipherSuite(List<CipherSuite> list) {
        Config createConfig = getScannerConfig().createConfig();
        createConfig.setEarlyStop(true);
        createConfig.setDefaultClientSupportedCipherSuites(list);
        createConfig.setStopActionsAfterIOException(true);
        createConfig.setHighestProtocolVersion(ProtocolVersion.TLS12);
        createConfig.setEnforceSettings(true);
        createConfig.setAddECPointFormatExtension(true);
        createConfig.setAddEllipticCurveExtension(true);
        createConfig.setQuickReceive(true);
        createConfig.setAddSignatureAndHashAlgorithmsExtension(true);
        createConfig.setWorkflowTraceType(WorkflowTraceType.SHORT_HELLO);
        createConfig.setStopActionsAfterFatal(true);
        createConfig.setDefaultClientNamedGroups(Arrays.asList(NamedGroup.values()));
        State state = new State(createConfig);
        executeState(state);
        return state.getTlsContext().getSelectedCipherSuite();
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.probe.TlsProbe
    public boolean canBeExecuted(SiteReport siteReport) {
        return true;
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.probe.TlsProbe
    public void adjustConfig(SiteReport siteReport) {
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.probe.TlsProbe
    public ProbeResult getCouldNotExecuteResult() {
        return new CipherSuiteOrderResult(TestResult.COULD_NOT_TEST);
    }
}
