package de.rub.nds.tlsscanner.serverscanner.probe;

import de.rub.nds.scanner.core.constants.TestResult;
import de.rub.nds.scanner.core.constants.TestResults;
import de.rub.nds.tlsattacker.core.config.Config;
import de.rub.nds.tlsattacker.core.constants.AlertDescription;
import de.rub.nds.tlsattacker.core.constants.AlertLevel;
import de.rub.nds.tlsattacker.core.constants.CipherSuite;
import de.rub.nds.tlsattacker.core.constants.ExtensionType;
import de.rub.nds.tlsattacker.core.constants.HandshakeMessageType;
import de.rub.nds.tlsattacker.core.constants.PskKeyExchangeMode;
import de.rub.nds.tlsattacker.core.constants.RunningModeType;
import de.rub.nds.tlsattacker.core.protocol.ProtocolMessage;
import de.rub.nds.tlsattacker.core.protocol.message.AlertMessage;
import de.rub.nds.tlsattacker.core.protocol.message.ChangeCipherSpecMessage;
import de.rub.nds.tlsattacker.core.protocol.message.ClientHelloMessage;
import de.rub.nds.tlsattacker.core.protocol.message.EncryptedExtensionsMessage;
import de.rub.nds.tlsattacker.core.protocol.message.FinishedMessage;
import de.rub.nds.tlsattacker.core.protocol.message.HelloVerifyRequestMessage;
import de.rub.nds.tlsattacker.core.protocol.message.NewSessionTicketMessage;
import de.rub.nds.tlsattacker.core.protocol.message.ServerHelloMessage;
import de.rub.nds.tlsattacker.core.state.State;
import de.rub.nds.tlsattacker.core.workflow.ParallelExecutor;
import de.rub.nds.tlsattacker.core.workflow.WorkflowTrace;
import de.rub.nds.tlsattacker.core.workflow.WorkflowTraceUtil;
import de.rub.nds.tlsattacker.core.workflow.action.ReceiveAction;
import de.rub.nds.tlsattacker.core.workflow.action.ResetConnectionAction;
import de.rub.nds.tlsattacker.core.workflow.action.SendAction;
import de.rub.nds.tlsattacker.core.workflow.action.SendDynamicClientKeyExchangeAction;
import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowConfigurationFactory;
import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowTraceType;
import de.rub.nds.tlsscanner.core.constants.TlsProbeType;
import de.rub.nds.tlsscanner.serverscanner.probe.result.ResumptionResult;
import de.rub.nds.tlsscanner.serverscanner.report.ServerReport;
import de.rub.nds.tlsscanner.serverscanner.selector.ConfigSelector;
import java.util.ArrayList;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;

/* loaded from: input_file:de/rub/nds/tlsscanner/serverscanner/probe/ResumptionProbe.class */
public class ResumptionProbe extends TlsServerProbe<ConfigSelector, ServerReport, ResumptionResult> {
    private Set<CipherSuite> supportedSuites;
    private TestResult supportsDtlsCookieExchangeInResumption;
    private TestResult supportsDtlsCookieExchangeInTicketResumption;
    private TestResult respectsPskModes;

    public ResumptionProbe(ConfigSelector configSelector, ParallelExecutor parallelExecutor) {
        super(parallelExecutor, TlsProbeType.RESUMPTION, configSelector);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* renamed from: executeTest, reason: merged with bridge method [inline-methods] */
    public ResumptionResult m122executeTest() {
        this.respectsPskModes = TestResults.TRUE;
        if (((ConfigSelector) this.configSelector).getScannerConfig().getDtlsDelegate().isDTLS()) {
            this.supportsDtlsCookieExchangeInResumption = getSupportsDtlsCookieExchangeInResumption();
            this.supportsDtlsCookieExchangeInTicketResumption = getSupportsDtlsCookieExchangeInSessionTicketResumption();
            return new ResumptionResult(getSupportsSessionResumption(), getSupportsSessionTicketResumption(), TestResults.NOT_TESTED_YET, TestResults.NOT_TESTED_YET, TestResults.NOT_TESTED_YET, TestResults.NOT_TESTED_YET, this.supportsDtlsCookieExchangeInResumption, this.supportsDtlsCookieExchangeInTicketResumption, this.respectsPskModes);
        }
        this.supportsDtlsCookieExchangeInResumption = TestResults.NOT_TESTED_YET;
        this.supportsDtlsCookieExchangeInTicketResumption = TestResults.NOT_TESTED_YET;
        return new ResumptionResult(getSupportsSessionResumption(), getSupportsSessionTicketResumption(), getIssuesTls13SessionTicket(), getSupportsTls13Psk(PskKeyExchangeMode.PSK_DHE_KE), getSupportsTls13Psk(PskKeyExchangeMode.PSK_KE), getSupports0rtt(), this.supportsDtlsCookieExchangeInResumption, this.supportsDtlsCookieExchangeInTicketResumption, this.respectsPskModes);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private TestResult getSupportsDtlsCookieExchangeInResumption() {
        try {
            Config baseConfig = ((ConfigSelector) this.configSelector).getBaseConfig();
            baseConfig.setDefaultClientSupportedCipherSuites(new ArrayList(this.supportedSuites));
            WorkflowTrace createWorkflowTrace = new WorkflowConfigurationFactory(baseConfig).createWorkflowTrace(WorkflowTraceType.DYNAMIC_HANDSHAKE, baseConfig.getDefaultRunningMode());
            addAlertToTrace(createWorkflowTrace);
            createWorkflowTrace.addTlsAction(new ResetConnectionAction());
            createWorkflowTrace.addTlsAction(new SendAction(new ProtocolMessage[]{new ClientHelloMessage(baseConfig)}));
            createWorkflowTrace.addTlsAction(new ReceiveAction(new ProtocolMessage[]{new HelloVerifyRequestMessage(baseConfig)}));
            State state = new State(baseConfig, createWorkflowTrace);
            executeState(new State[]{state});
            return state.getWorkflowTrace().executedAsPlanned() ? TestResults.TRUE : TestResults.FALSE;
        } catch (Exception e) {
            if (e.getCause() instanceof InterruptedException) {
                LOGGER.error("Timeout on " + getProbeName());
                throw new RuntimeException(e);
            }
            LOGGER.error("Could not test for support for Tls13PskDhe");
            return TestResults.ERROR_DURING_TEST;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private TestResult getSupportsSessionResumption() {
        try {
            if (!((ConfigSelector) this.configSelector).foundWorkingConfig()) {
                return TestResults.FALSE;
            }
            Config baseConfig = ((ConfigSelector) this.configSelector).getBaseConfig();
            baseConfig.setDefaultClientSupportedCipherSuites(new ArrayList(this.supportedSuites));
            WorkflowTrace createWorkflowTrace = new WorkflowConfigurationFactory(baseConfig).createWorkflowTrace(WorkflowTraceType.DYNAMIC_HANDSHAKE, baseConfig.getDefaultRunningMode());
            addAlertToTrace(createWorkflowTrace);
            createWorkflowTrace.addTlsAction(new ResetConnectionAction());
            baseConfig.setDtlsCookieExchange(Boolean.valueOf(this.supportsDtlsCookieExchangeInResumption == TestResults.TRUE));
            createWorkflowTrace.addTlsActions(new WorkflowConfigurationFactory(baseConfig).createWorkflowTrace(WorkflowTraceType.RESUMPTION, baseConfig.getDefaultRunningMode()).getTlsActions());
            State state = new State(baseConfig, createWorkflowTrace);
            executeState(new State[]{state});
            return state.getWorkflowTrace().executedAsPlanned() ? TestResults.TRUE : TestResults.FALSE;
        } catch (Exception e) {
            if (e.getCause() instanceof InterruptedException) {
                LOGGER.error("Timeout on " + getProbeName());
                throw new RuntimeException(e);
            }
            LOGGER.error("Could not test for support for SessionResumption");
            return TestResults.ERROR_DURING_TEST;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private TestResult getSupportsDtlsCookieExchangeInSessionTicketResumption() {
        try {
            Config baseConfig = ((ConfigSelector) this.configSelector).getBaseConfig();
            baseConfig.setDefaultClientSupportedCipherSuites(new ArrayList(this.supportedSuites));
            baseConfig.setAddSessionTicketTLSExtension(true);
            WorkflowTrace createWorkflowTrace = new WorkflowConfigurationFactory(baseConfig).createWorkflowTrace(WorkflowTraceType.DYNAMIC_HELLO, RunningModeType.CLIENT);
            createWorkflowTrace.addTlsAction(new SendDynamicClientKeyExchangeAction());
            createWorkflowTrace.addTlsAction(new SendAction(new ProtocolMessage[]{new ChangeCipherSpecMessage(), new FinishedMessage()}));
            createWorkflowTrace.addTlsAction(new ReceiveAction(new ProtocolMessage[]{new NewSessionTicketMessage(), new ChangeCipherSpecMessage(), new FinishedMessage()}));
            addAlertToTrace(createWorkflowTrace);
            createWorkflowTrace.addTlsAction(new ResetConnectionAction());
            createWorkflowTrace.addTlsAction(new SendAction(new ProtocolMessage[]{new ClientHelloMessage(baseConfig)}));
            createWorkflowTrace.addTlsAction(new ReceiveAction(new ProtocolMessage[]{new HelloVerifyRequestMessage(baseConfig)}));
            State state = new State(baseConfig, createWorkflowTrace);
            executeState(new State[]{state});
            return state.getWorkflowTrace().executedAsPlanned() ? TestResults.TRUE : TestResults.FALSE;
        } catch (Exception e) {
            if (e.getCause() instanceof InterruptedException) {
                LOGGER.error("Timeout on " + getProbeName());
                throw new RuntimeException(e);
            }
            LOGGER.error("Could not test for support for dtls cookie exchange in SessionTicketResumption");
            return TestResults.ERROR_DURING_TEST;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private TestResult getSupportsSessionTicketResumption() {
        try {
            if (!((ConfigSelector) this.configSelector).foundWorkingConfig()) {
                return TestResults.FALSE;
            }
            Config baseConfig = ((ConfigSelector) this.configSelector).getBaseConfig();
            baseConfig.setDefaultClientSupportedCipherSuites(new ArrayList(this.supportedSuites));
            baseConfig.setAddSessionTicketTLSExtension(true);
            WorkflowTrace createWorkflowTrace = new WorkflowConfigurationFactory(baseConfig).createWorkflowTrace(WorkflowTraceType.DYNAMIC_HELLO, RunningModeType.CLIENT);
            createWorkflowTrace.addTlsAction(new SendDynamicClientKeyExchangeAction());
            createWorkflowTrace.addTlsAction(new SendAction(new ProtocolMessage[]{new ChangeCipherSpecMessage(), new FinishedMessage()}));
            createWorkflowTrace.addTlsAction(new ReceiveAction(new ProtocolMessage[]{new NewSessionTicketMessage(), new ChangeCipherSpecMessage(), new FinishedMessage()}));
            addAlertToTrace(createWorkflowTrace);
            createWorkflowTrace.addTlsAction(new ResetConnectionAction());
            baseConfig.setDtlsCookieExchange(Boolean.valueOf(this.supportsDtlsCookieExchangeInResumption == TestResults.TRUE));
            createWorkflowTrace.addTlsActions(new WorkflowConfigurationFactory(baseConfig).createWorkflowTrace(WorkflowTraceType.RESUMPTION, baseConfig.getDefaultRunningMode()).getTlsActions());
            State state = new State(baseConfig, createWorkflowTrace);
            executeState(new State[]{state});
            return state.getWorkflowTrace().executedAsPlanned() ? TestResults.TRUE : TestResults.FALSE;
        } catch (Exception e) {
            if (e.getCause() instanceof InterruptedException) {
                LOGGER.error("Timeout on " + getProbeName());
                throw new RuntimeException(e);
            }
            LOGGER.error("Could not test for support for SessionTicketResumption");
            return TestResults.ERROR_DURING_TEST;
        }
    }

    private TestResult isKeyShareExtensionNegotiated(State state) {
        List list = (List) WorkflowTraceUtil.getAllReceivedHandshakeMessages(state.getWorkflowTrace()).stream().filter(handshakeMessage -> {
            return handshakeMessage instanceof ServerHelloMessage;
        }).map(handshakeMessage2 -> {
            return (ServerHelloMessage) handshakeMessage2;
        }).collect(Collectors.toList());
        return list.size() < 2 ? TestResults.COULD_NOT_TEST : ((ServerHelloMessage) list.get(1)).containsExtension(ExtensionType.KEY_SHARE) ? TestResults.TRUE : TestResults.FALSE;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private TestResult getSupportsTls13Psk(PskKeyExchangeMode pskKeyExchangeMode) {
        try {
            if (((ConfigSelector) this.configSelector).foundWorkingTls13Config()) {
                Config tls13BaseConfig = ((ConfigSelector) this.configSelector).getTls13BaseConfig();
                LinkedList linkedList = new LinkedList();
                linkedList.add(pskKeyExchangeMode);
                tls13BaseConfig.setPSKKeyExchangeModes(linkedList);
                tls13BaseConfig.setAddPSKKeyExchangeModesExtension(true);
                tls13BaseConfig.setAddPreSharedKeyExtension(true);
                tls13BaseConfig.setWorkflowTraceType(WorkflowTraceType.FULL_TLS13_PSK);
                State state = new State(tls13BaseConfig);
                executeState(new State[]{state});
                if (state.getWorkflowTrace().getLastReceivingAction().executedAsPlanned()) {
                    TestResult isKeyShareExtensionNegotiated = isKeyShareExtensionNegotiated(state);
                    if (!isKeyShareExtensionNegotiated.equals(TestResults.of(pskKeyExchangeMode.equals(PskKeyExchangeMode.PSK_DHE_KE))) && !TestResults.COULD_NOT_TEST.equals(isKeyShareExtensionNegotiated)) {
                        this.respectsPskModes = TestResults.FALSE;
                    }
                    return TestResults.TRUE;
                }
            }
            return TestResults.FALSE;
        } catch (Exception e) {
            if (e.getCause() instanceof InterruptedException) {
                LOGGER.error("Timeout on " + getProbeName());
                throw new RuntimeException(e);
            }
            LOGGER.error("Could not test for support for Tls13Psk (" + pskKeyExchangeMode + ")");
            return TestResults.ERROR_DURING_TEST;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private TestResult getSupports0rtt() {
        try {
            if (((ConfigSelector) this.configSelector).foundWorkingTls13Config()) {
                Config tls13BaseConfig = ((ConfigSelector) this.configSelector).getTls13BaseConfig();
                tls13BaseConfig.setAddPSKKeyExchangeModesExtension(true);
                tls13BaseConfig.setAddPreSharedKeyExtension(true);
                tls13BaseConfig.setAddEarlyDataExtension(true);
                tls13BaseConfig.setWorkflowTraceType(WorkflowTraceType.FULL_ZERO_RTT);
                State state = new State(tls13BaseConfig);
                executeState(new State[]{state});
                EncryptedExtensionsMessage lastReceivedMessage = state.getWorkflowTrace().getLastReceivedMessage(EncryptedExtensionsMessage.class);
                if (lastReceivedMessage != null && lastReceivedMessage.containsExtension(ExtensionType.EARLY_DATA)) {
                    return TestResults.TRUE;
                }
            }
            return TestResults.FALSE;
        } catch (Exception e) {
            if (e.getCause() instanceof InterruptedException) {
                LOGGER.error("Timeout on " + getProbeName());
                throw new RuntimeException(e);
            }
            LOGGER.error("Could not test for support for Tls13PskDhe");
            return TestResults.ERROR_DURING_TEST;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private TestResult getIssuesTls13SessionTicket() {
        try {
            if (((ConfigSelector) this.configSelector).foundWorkingTls13Config()) {
                Config tls13BaseConfig = ((ConfigSelector) this.configSelector).getTls13BaseConfig();
                LinkedList linkedList = new LinkedList();
                linkedList.add(PskKeyExchangeMode.PSK_DHE_KE);
                linkedList.add(PskKeyExchangeMode.PSK_KE);
                tls13BaseConfig.setPSKKeyExchangeModes(linkedList);
                tls13BaseConfig.setAddPSKKeyExchangeModesExtension(true);
                tls13BaseConfig.setWorkflowTraceType(WorkflowTraceType.DYNAMIC_HANDSHAKE);
                State state = new State(tls13BaseConfig);
                state.getWorkflowTrace().addTlsAction(new ReceiveAction(tls13BaseConfig.getDefaultClientConnection().getAlias(), new ProtocolMessage[]{new NewSessionTicketMessage(false)}));
                executeState(new State[]{state});
                if (WorkflowTraceUtil.didReceiveMessage(HandshakeMessageType.NEW_SESSION_TICKET, state.getWorkflowTrace())) {
                    return TestResults.TRUE;
                }
            }
            return TestResults.FALSE;
        } catch (Exception e) {
            if (e.getCause() instanceof InterruptedException) {
                LOGGER.error("Timeout on " + getProbeName());
                throw new RuntimeException(e);
            }
            LOGGER.error("Could not test for support for Tls13SessionTickets");
            return TestResults.ERROR_DURING_TEST;
        }
    }

    private void addAlertToTrace(WorkflowTrace workflowTrace) {
        ProtocolMessage alertMessage = new AlertMessage();
        alertMessage.setConfig(AlertLevel.WARNING, AlertDescription.CLOSE_NOTIFY);
        workflowTrace.addTlsAction(new SendAction(new ProtocolMessage[]{alertMessage}));
    }

    public boolean canBeExecuted(ServerReport serverReport) {
        return (serverReport.getCipherSuites() == null || serverReport.getCipherSuites().isEmpty()) ? false : true;
    }

    public void adjustConfig(ServerReport serverReport) {
        this.supportedSuites = serverReport.getCipherSuites();
        this.supportedSuites.remove(CipherSuite.TLS_FALLBACK_SCSV);
        this.supportedSuites.remove(CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV);
    }

    /* renamed from: getCouldNotExecuteResult, reason: merged with bridge method [inline-methods] */
    public ResumptionResult m121getCouldNotExecuteResult() {
        return new ResumptionResult(TestResults.COULD_NOT_TEST, TestResults.COULD_NOT_TEST, TestResults.COULD_NOT_TEST, TestResults.COULD_NOT_TEST, TestResults.COULD_NOT_TEST, TestResults.COULD_NOT_TEST, TestResults.COULD_NOT_TEST, TestResults.COULD_NOT_TEST, TestResults.COULD_NOT_TEST);
    }
}
