package de.rub.nds.tlsscanner.serverscanner.probe;

import de.rub.nds.modifiablevariable.bytearray.ModifiableByteArray;
import de.rub.nds.tlsattacker.core.config.Config;
import de.rub.nds.tlsattacker.core.constants.CipherSuite;
import de.rub.nds.tlsattacker.core.constants.HandshakeMessageType;
import de.rub.nds.tlsattacker.core.constants.ProtocolVersion;
import de.rub.nds.tlsattacker.core.constants.SignatureAndHashAlgorithm;
import de.rub.nds.tlsattacker.core.protocol.message.CertificateVerifyMessage;
import de.rub.nds.tlsattacker.core.protocol.message.ServerKeyExchangeMessage;
import de.rub.nds.tlsattacker.core.state.State;
import de.rub.nds.tlsattacker.core.workflow.ParallelExecutor;
import de.rub.nds.tlsattacker.core.workflow.WorkflowTraceUtil;
import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowTraceType;
import de.rub.nds.tlsscanner.core.constants.TlsProbeType;
import de.rub.nds.tlsscanner.serverscanner.probe.result.SignatureAndHashAlgorithmResult;
import de.rub.nds.tlsscanner.serverscanner.report.ServerReport;
import de.rub.nds.tlsscanner.serverscanner.selector.ConfigSelector;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import java.util.function.Predicate;

/* loaded from: input_file:de/rub/nds/tlsscanner/serverscanner/probe/SignatureAndHashAlgorithmProbe.class */
public class SignatureAndHashAlgorithmProbe extends TlsServerProbe<ConfigSelector, ServerReport, SignatureAndHashAlgorithmResult> {
    private List<ProtocolVersion> versions;

    public SignatureAndHashAlgorithmProbe(ConfigSelector configSelector, ParallelExecutor parallelExecutor) {
        super(parallelExecutor, TlsProbeType.SIGNATURE_AND_HASH, configSelector);
    }

    /* renamed from: executeTest, reason: merged with bridge method [inline-methods] */
    public SignatureAndHashAlgorithmResult m127executeTest() {
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        for (ProtocolVersion protocolVersion : this.versions) {
            if (protocolVersion.isTLS13()) {
                hashSet2.addAll(testForVersion(protocolVersion, (v0) -> {
                    return v0.isTLS13();
                }));
            } else {
                hashSet.addAll(testForVersion(protocolVersion, cipherSuite -> {
                    return !cipherSuite.isTLS13() && cipherSuite.isEphemeral();
                }));
            }
        }
        return new SignatureAndHashAlgorithmResult(new ArrayList(hashSet), new ArrayList(hashSet2));
    }

    /* JADX WARN: Multi-variable type inference failed */
    private Set<SignatureAndHashAlgorithm> testForVersion(ProtocolVersion protocolVersion, Predicate<CipherSuite> predicate) {
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        Config tls13BaseConfig = protocolVersion.isTLS13() ? ((ConfigSelector) this.configSelector).getTls13BaseConfig() : ((ConfigSelector) this.configSelector).getBaseConfig();
        tls13BaseConfig.setWorkflowTraceType(WorkflowTraceType.DYNAMIC_HELLO);
        tls13BaseConfig.setAddSignatureAndHashAlgorithmsExtension(true);
        tls13BaseConfig.setHighestProtocolVersion(protocolVersion);
        tls13BaseConfig.getDefaultClientSupportedCipherSuites().removeIf(predicate.negate());
        ((ConfigSelector) this.configSelector).repairConfig(tls13BaseConfig);
        LinkedList linkedList = new LinkedList();
        linkedList.add(protocolVersion.isTLS13() ? SignatureAndHashAlgorithm.getTls13SignatureAndHashAlgorithms() : Arrays.asList(SignatureAndHashAlgorithm.values()));
        while (true) {
            if (linkedList.isEmpty()) {
                break;
            }
            List<SignatureAndHashAlgorithm> list = (List) linkedList.poll();
            if (!hashSet2.contains(list)) {
                hashSet2.add(list);
                State testAlgorithms = testAlgorithms(list, tls13BaseConfig);
                if (testAlgorithms == null) {
                    continue;
                } else {
                    SignatureAndHashAlgorithm selectedSignatureAndHashAlgorithmCV = protocolVersion.isTLS13() ? getSelectedSignatureAndHashAlgorithmCV(testAlgorithms) : getSelectedSignatureAndHashAlgorithmSke(testAlgorithms);
                    if (selectedSignatureAndHashAlgorithmCV == null) {
                        continue;
                    } else {
                        if (!list.contains(selectedSignatureAndHashAlgorithmCV)) {
                            hashSet.add(selectedSignatureAndHashAlgorithmCV);
                            break;
                        }
                        if (!hashSet.contains(selectedSignatureAndHashAlgorithmCV)) {
                            if (list.contains(selectedSignatureAndHashAlgorithmCV)) {
                                ArrayList arrayList = new ArrayList(list);
                                arrayList.remove(selectedSignatureAndHashAlgorithmCV);
                                arrayList.add(selectedSignatureAndHashAlgorithmCV);
                                linkedList.add(arrayList);
                            }
                            ArrayList arrayList2 = new ArrayList(list);
                            arrayList2.remove(selectedSignatureAndHashAlgorithmCV);
                            linkedList.add(arrayList2);
                        }
                        hashSet.add(selectedSignatureAndHashAlgorithmCV);
                    }
                }
            }
        }
        return hashSet;
    }

    private SignatureAndHashAlgorithm getSelectedSignatureAndHashAlgorithmCV(State state) {
        ModifiableByteArray signatureHashAlgorithm;
        if (!WorkflowTraceUtil.didReceiveMessage(HandshakeMessageType.CERTIFICATE_VERIFY, state.getWorkflowTrace())) {
            return null;
        }
        CertificateVerifyMessage lastReceivedMessage = WorkflowTraceUtil.getLastReceivedMessage(HandshakeMessageType.CERTIFICATE_VERIFY, state.getWorkflowTrace());
        if (!(lastReceivedMessage instanceof CertificateVerifyMessage) || (signatureHashAlgorithm = lastReceivedMessage.getSignatureHashAlgorithm()) == null) {
            return null;
        }
        return SignatureAndHashAlgorithm.getSignatureAndHashAlgorithm((byte[]) signatureHashAlgorithm.getValue());
    }

    private SignatureAndHashAlgorithm getSelectedSignatureAndHashAlgorithmSke(State state) {
        ModifiableByteArray signatureAndHashAlgorithm;
        if (!WorkflowTraceUtil.didReceiveMessage(HandshakeMessageType.SERVER_KEY_EXCHANGE, state.getWorkflowTrace())) {
            return null;
        }
        ServerKeyExchangeMessage lastReceivedMessage = WorkflowTraceUtil.getLastReceivedMessage(HandshakeMessageType.SERVER_KEY_EXCHANGE, state.getWorkflowTrace());
        if (!(lastReceivedMessage instanceof ServerKeyExchangeMessage) || (signatureAndHashAlgorithm = lastReceivedMessage.getSignatureAndHashAlgorithm()) == null) {
            return null;
        }
        return SignatureAndHashAlgorithm.getSignatureAndHashAlgorithm((byte[]) signatureAndHashAlgorithm.getValue());
    }

    private State testAlgorithms(List<SignatureAndHashAlgorithm> list, Config config) {
        config.setDefaultClientSupportedSignatureAndHashAlgorithms(list);
        State state = new State(config);
        executeState(new State[]{state});
        if (state.getWorkflowTrace().executedAsPlanned()) {
            return state;
        }
        LOGGER.debug("Did not receive a ServerHello, something went wrong or the Server has some intolerance");
        return null;
    }

    public boolean canBeExecuted(ServerReport serverReport) {
        return serverReport.isProbeAlreadyExecuted(TlsProbeType.PROTOCOL_VERSION) && (serverReport.getVersions().contains(ProtocolVersion.TLS12) || serverReport.getVersions().contains(ProtocolVersion.TLS13) || serverReport.getVersions().contains(ProtocolVersion.DTLS12));
    }

    public void adjustConfig(ServerReport serverReport) {
        this.versions = new ArrayList();
        for (ProtocolVersion protocolVersion : serverReport.getVersions()) {
            if (protocolVersion.equals(ProtocolVersion.DTLS12) || protocolVersion.equals(ProtocolVersion.TLS12) || protocolVersion.isTLS13()) {
                this.versions.add(protocolVersion);
            }
        }
    }

    /* renamed from: getCouldNotExecuteResult, reason: merged with bridge method [inline-methods] */
    public SignatureAndHashAlgorithmResult m126getCouldNotExecuteResult() {
        return new SignatureAndHashAlgorithmResult(null, null);
    }
}
