package de.rub.nds.tlsscanner.serverscanner.probe;

import de.rub.nds.scanner.core.constants.TestResults;
import de.rub.nds.tlsattacker.core.config.Config;
import de.rub.nds.tlsattacker.core.constants.CipherSuite;
import de.rub.nds.tlsattacker.core.constants.HandshakeMessageType;
import de.rub.nds.tlsattacker.core.constants.ProtocolMessageType;
import de.rub.nds.tlsattacker.core.constants.ProtocolVersion;
import de.rub.nds.tlsattacker.core.state.State;
import de.rub.nds.tlsattacker.core.workflow.ParallelExecutor;
import de.rub.nds.tlsattacker.core.workflow.WorkflowTraceUtil;
import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowTraceType;
import de.rub.nds.tlsscanner.core.constants.TlsAnalyzedProperty;
import de.rub.nds.tlsscanner.core.constants.TlsProbeType;
import de.rub.nds.tlsscanner.core.probe.result.VersionSuiteListPair;
import de.rub.nds.tlsscanner.serverscanner.probe.result.CipherSuiteResult;
import de.rub.nds.tlsscanner.serverscanner.report.ServerReport;
import de.rub.nds.tlsscanner.serverscanner.selector.ConfigSelector;
import java.util.Arrays;
import java.util.LinkedList;
import java.util.List;
import java.util.stream.Collectors;

/* loaded from: input_file:de/rub/nds/tlsscanner/serverscanner/probe/CipherSuiteProbe.class */
public class CipherSuiteProbe extends TlsServerProbe<ConfigSelector, ServerReport, CipherSuiteResult> {
    private final List<ProtocolVersion> protocolVersions;

    public CipherSuiteProbe(ConfigSelector configSelector, ParallelExecutor parallelExecutor) {
        super(parallelExecutor, TlsProbeType.CIPHER_SUITE, configSelector);
        this.protocolVersions = new LinkedList();
    }

    /* renamed from: executeTest, reason: merged with bridge method [inline-methods] */
    public CipherSuiteResult m48executeTest() {
        LinkedList linkedList = new LinkedList();
        for (ProtocolVersion protocolVersion : this.protocolVersions) {
            LOGGER.debug("Testing:" + protocolVersion.name());
            if (protocolVersion.isTLS13()) {
                linkedList.add(new VersionSuiteListPair(protocolVersion, getSupportedTls13CipherSuites()));
            } else {
                List<CipherSuite> supportedCipherSuites = getSupportedCipherSuites(new LinkedList(Arrays.asList(CipherSuite.values())), protocolVersion);
                if (supportedCipherSuites.isEmpty()) {
                    supportedCipherSuites = getSupportedCipherSuites(CipherSuite.getImplemented(), protocolVersion);
                }
                if (supportedCipherSuites.size() > 0) {
                    linkedList.add(new VersionSuiteListPair(protocolVersion, supportedCipherSuites));
                }
            }
        }
        return new CipherSuiteResult(linkedList);
    }

    private List<CipherSuite> getCipherSuitesForVersion(List<CipherSuite> list, ProtocolVersion protocolVersion) {
        List<CipherSuite> list2 = (List) list.stream().filter(cipherSuite -> {
            return cipherSuite.isSupportedInProtocol(protocolVersion);
        }).collect(Collectors.toList());
        list2.remove(CipherSuite.TLS_FALLBACK_SCSV);
        list2.remove(CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV);
        return list2;
    }

    private List<CipherSuite> getSupportedTls13CipherSuites() {
        List<CipherSuite> tls13CipherSuites = CipherSuite.getTls13CipherSuites();
        LinkedList linkedList = new LinkedList();
        while (true) {
            CipherSuite selectedTls13CipherSuite = getSelectedTls13CipherSuite(tls13CipherSuites);
            if (selectedTls13CipherSuite != null) {
                if (!tls13CipherSuites.contains(selectedTls13CipherSuite)) {
                    LOGGER.warn("Server chose a CipherSuite we did not propose!");
                    break;
                }
                linkedList.add(selectedTls13CipherSuite);
                tls13CipherSuites.remove(selectedTls13CipherSuite);
            }
            if (selectedTls13CipherSuite == null || tls13CipherSuites.isEmpty()) {
                break;
            }
        }
        return linkedList;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private CipherSuite getSelectedTls13CipherSuite(List<CipherSuite> list) {
        Config tls13BaseConfig = ((ConfigSelector) this.configSelector).getTls13BaseConfig();
        tls13BaseConfig.setWorkflowTraceType(WorkflowTraceType.DYNAMIC_HELLO);
        tls13BaseConfig.setDefaultClientSupportedCipherSuites(list);
        ((ConfigSelector) this.configSelector).repairConfig(tls13BaseConfig);
        State state = new State(tls13BaseConfig);
        executeState(new State[]{state});
        if (!WorkflowTraceUtil.didReceiveMessage(HandshakeMessageType.SERVER_HELLO, state.getWorkflowTrace()) && !WorkflowTraceUtil.didReceiveMessage(HandshakeMessageType.HELLO_RETRY_REQUEST, state.getWorkflowTrace())) {
            LOGGER.debug("Did not receive ServerHello Message");
            LOGGER.debug(state.getWorkflowTrace().toString());
            return null;
        }
        return state.getTlsContext().getSelectedCipherSuite();
    }

    /* JADX WARN: Multi-variable type inference failed */
    public List<CipherSuite> getSupportedCipherSuites(List<CipherSuite> list, ProtocolVersion protocolVersion) {
        boolean z;
        List<CipherSuite> cipherSuitesForVersion = getCipherSuitesForVersion(list, protocolVersion);
        LinkedList linkedList = new LinkedList();
        do {
            Config baseConfig = ((ConfigSelector) this.configSelector).getBaseConfig();
            baseConfig.setWorkflowTraceType(WorkflowTraceType.DYNAMIC_HELLO);
            baseConfig.setDefaultClientSupportedCipherSuites(cipherSuitesForVersion);
            baseConfig.setDefaultSelectedProtocolVersion(protocolVersion);
            baseConfig.setHighestProtocolVersion(protocolVersion);
            baseConfig.setEnforceSettings(true);
            ((ConfigSelector) this.configSelector).repairConfig(baseConfig);
            State state = new State(baseConfig);
            executeState(new State[]{state});
            if (!WorkflowTraceUtil.didReceiveMessage(HandshakeMessageType.SERVER_HELLO, state.getWorkflowTrace())) {
                z = false;
                LOGGER.debug("Server did not send ServerHello");
                LOGGER.debug(state.getWorkflowTrace().toString());
                if (state.getTlsContext().isReceivedFatalAlert()) {
                    LOGGER.debug("Received Fatal Alert");
                    LOGGER.debug("Type:" + WorkflowTraceUtil.getFirstReceivedMessage(ProtocolMessageType.ALERT, state.getWorkflowTrace()).toString());
                }
            } else {
                if (state.getTlsContext().getSelectedProtocolVersion() != protocolVersion) {
                    LOGGER.debug("Server does not support " + protocolVersion);
                    return new LinkedList();
                }
                LOGGER.debug("Server chose " + state.getTlsContext().getSelectedCipherSuite().name());
                if (cipherSuitesForVersion.contains(state.getTlsContext().getSelectedCipherSuite())) {
                    z = true;
                    linkedList.add(state.getTlsContext().getSelectedCipherSuite());
                    cipherSuitesForVersion.remove(state.getTlsContext().getSelectedCipherSuite());
                } else {
                    z = false;
                    LOGGER.warn("Server chose not proposed cipher suite");
                }
            }
        } while (z);
        return linkedList;
    }

    public boolean canBeExecuted(ServerReport serverReport) {
        return serverReport.isProbeAlreadyExecuted(TlsProbeType.PROTOCOL_VERSION);
    }

    public void adjustConfig(ServerReport serverReport) {
        if (serverReport.getResult(TlsAnalyzedProperty.SUPPORTS_DTLS_1_0) == TestResults.TRUE) {
            this.protocolVersions.add(ProtocolVersion.DTLS10);
        }
        if (serverReport.getResult(TlsAnalyzedProperty.SUPPORTS_DTLS_1_2) == TestResults.TRUE) {
            this.protocolVersions.add(ProtocolVersion.DTLS12);
        }
        if (serverReport.getResult(TlsAnalyzedProperty.SUPPORTS_SSL_3) == TestResults.TRUE) {
            this.protocolVersions.add(ProtocolVersion.SSL3);
        }
        if (serverReport.getResult(TlsAnalyzedProperty.SUPPORTS_TLS_1_0) == TestResults.TRUE) {
            this.protocolVersions.add(ProtocolVersion.TLS10);
        }
        if (serverReport.getResult(TlsAnalyzedProperty.SUPPORTS_TLS_1_1) == TestResults.TRUE) {
            this.protocolVersions.add(ProtocolVersion.TLS11);
        }
        if (serverReport.getResult(TlsAnalyzedProperty.SUPPORTS_TLS_1_2) == TestResults.TRUE) {
            this.protocolVersions.add(ProtocolVersion.TLS12);
        }
        if (serverReport.getResult(TlsAnalyzedProperty.SUPPORTS_TLS_1_3) == TestResults.TRUE) {
            this.protocolVersions.add(ProtocolVersion.TLS13);
        }
    }

    /* renamed from: getCouldNotExecuteResult, reason: merged with bridge method [inline-methods] */
    public CipherSuiteResult m47getCouldNotExecuteResult() {
        return new CipherSuiteResult(null);
    }
}
