package de.rub.nds.tlsscanner.serverscanner.probe;

import de.rub.nds.scanner.core.constants.TestResults;
import de.rub.nds.tlsattacker.core.config.Config;
import de.rub.nds.tlsattacker.core.constants.HandshakeMessageType;
import de.rub.nds.tlsattacker.core.constants.ProtocolMessageType;
import de.rub.nds.tlsattacker.core.constants.RunningModeType;
import de.rub.nds.tlsattacker.core.protocol.ProtocolMessage;
import de.rub.nds.tlsattacker.core.protocol.message.ChangeCipherSpecMessage;
import de.rub.nds.tlsattacker.core.protocol.message.FinishedMessage;
import de.rub.nds.tlsattacker.core.state.State;
import de.rub.nds.tlsattacker.core.workflow.ParallelExecutor;
import de.rub.nds.tlsattacker.core.workflow.WorkflowTrace;
import de.rub.nds.tlsattacker.core.workflow.WorkflowTraceUtil;
import de.rub.nds.tlsattacker.core.workflow.action.ActivateEncryptionAction;
import de.rub.nds.tlsattacker.core.workflow.action.ChangeMasterSecretAction;
import de.rub.nds.tlsattacker.core.workflow.action.EarlyCcsAction;
import de.rub.nds.tlsattacker.core.workflow.action.ReceiveAction;
import de.rub.nds.tlsattacker.core.workflow.action.SendAction;
import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowConfigurationFactory;
import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowTraceType;
import de.rub.nds.tlsscanner.core.constants.TlsProbeType;
import de.rub.nds.tlsscanner.serverscanner.probe.earlyccs.EarlyCcsVulnerabilityType;
import de.rub.nds.tlsscanner.serverscanner.probe.result.EarlyCcsResult;
import de.rub.nds.tlsscanner.serverscanner.report.ServerReport;
import de.rub.nds.tlsscanner.serverscanner.selector.ConfigSelector;

/* loaded from: input_file:de/rub/nds/tlsscanner/serverscanner/probe/EarlyCcsProbe.class */
public class EarlyCcsProbe extends TlsServerProbe<ConfigSelector, ServerReport, EarlyCcsResult> {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:de/rub/nds/tlsscanner/serverscanner/probe/EarlyCcsProbe$TargetVersion.class */
    public enum TargetVersion {
        OPENSSL_1_0_0,
        OPENSSL_1_0_1
    }

    public EarlyCcsProbe(ConfigSelector configSelector, ParallelExecutor parallelExecutor) {
        super(parallelExecutor, TlsProbeType.EARLY_CCS, configSelector);
    }

    /* renamed from: executeTest, reason: merged with bridge method [inline-methods] */
    public EarlyCcsResult m82executeTest() {
        return new EarlyCcsResult(isVulnerable());
    }

    private EarlyCcsVulnerabilityType isVulnerable() {
        return checkTargetVersion(TargetVersion.OPENSSL_1_0_0) == TestResults.TRUE ? EarlyCcsVulnerabilityType.VULN_NOT_EXPLOITABLE : checkTargetVersion(TargetVersion.OPENSSL_1_0_1) == TestResults.TRUE ? EarlyCcsVulnerabilityType.VULN_EXPLOITABLE : EarlyCcsVulnerabilityType.NOT_VULNERABLE;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private TestResults checkTargetVersion(TargetVersion targetVersion) {
        Config baseConfig = ((ConfigSelector) this.configSelector).getBaseConfig();
        baseConfig.setFiltersKeepUserSettings(false);
        State state = new State(baseConfig, getTrace(baseConfig, targetVersion));
        executeState(new State[]{state});
        if (WorkflowTraceUtil.didReceiveMessage(ProtocolMessageType.ALERT, state.getWorkflowTrace())) {
            LOGGER.debug("Not vulnerable (definitely), Alert message found");
            return TestResults.FALSE;
        }
        if (WorkflowTraceUtil.didReceiveMessage(HandshakeMessageType.FINISHED, state.getWorkflowTrace())) {
            LOGGER.debug("Vulnerable (definitely), Finished message found");
            return TestResults.TRUE;
        }
        LOGGER.debug("Not vulnerable (probably), No Finished message found, yet also no alert");
        return TestResults.FALSE;
    }

    private WorkflowTrace getTrace(Config config, TargetVersion targetVersion) {
        WorkflowTrace createWorkflowTrace = new WorkflowConfigurationFactory(config).createWorkflowTrace(WorkflowTraceType.DYNAMIC_HELLO, RunningModeType.CLIENT);
        createWorkflowTrace.addTlsAction(new SendAction(new ProtocolMessage[]{new ChangeCipherSpecMessage(config)}));
        createWorkflowTrace.addTlsAction(new ChangeMasterSecretAction(new byte[0]));
        createWorkflowTrace.addTlsAction(new ActivateEncryptionAction());
        createWorkflowTrace.addTlsAction(new EarlyCcsAction(Boolean.valueOf(targetVersion == TargetVersion.OPENSSL_1_0_0)));
        if (targetVersion != TargetVersion.OPENSSL_1_0_0) {
            createWorkflowTrace.addTlsAction(new ChangeMasterSecretAction(new byte[0]));
        }
        createWorkflowTrace.addTlsAction(new SendAction(new ProtocolMessage[]{new FinishedMessage(config)}));
        createWorkflowTrace.addTlsAction(new ReceiveAction(new ProtocolMessage[]{new ChangeCipherSpecMessage(), new FinishedMessage()}));
        return createWorkflowTrace;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public boolean canBeExecuted(ServerReport serverReport) {
        return ((ConfigSelector) this.configSelector).foundWorkingConfig();
    }

    public void adjustConfig(ServerReport serverReport) {
    }

    /* renamed from: getCouldNotExecuteResult, reason: merged with bridge method [inline-methods] */
    public EarlyCcsResult m81getCouldNotExecuteResult() {
        return new EarlyCcsResult(null);
    }
}
