package de.rub.nds.tlsscanner.serverscanner.afterprobe;

import de.rub.nds.modifiablevariable.util.ArrayConverter;
import de.rub.nds.scanner.core.afterprobe.AfterProbe;
import de.rub.nds.scanner.core.passive.ExtractedValueContainer;
import de.rub.nds.scanner.core.util.ComparableByteArray;
import de.rub.nds.tlsscanner.core.constants.TlsAnalyzedProperty;
import de.rub.nds.tlsscanner.core.passive.TrackableValueType;
import de.rub.nds.tlsscanner.core.vector.statistics.StatisticalTests;
import de.rub.nds.tlsscanner.serverscanner.constants.RandomType;
import de.rub.nds.tlsscanner.serverscanner.report.EntropyReport;
import de.rub.nds.tlsscanner.serverscanner.report.ServerReport;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:de/rub/nds/tlsscanner/serverscanner/afterprobe/RandomnessAfterProbe.class */
public class RandomnessAfterProbe extends AfterProbe<ServerReport> {
    private static final Logger LOGGER = LogManager.getLogger();
    private static final byte[] HELLO_RETRY_REQUEST_CONST = ArrayConverter.hexStringToByteArray("CF21AD74E59A6111BE1D8C021E65B891C2A211167ABB8C5E079E09E2C8A8339C");
    private static final byte[] TLS_1_3_TO_TLS_1_2_DOWNGRADE_CONST = ArrayConverter.hexStringToByteArray("444F574E47524401");
    private static final byte[] TLS_1_3_TO_TLS_1_1_DOWNGRADE_CONST = ArrayConverter.hexStringToByteArray("444F574E47524400");
    private final int MINIMUM_AMOUNT_OF_BYTES = 32000;
    private final double MINIMUM_P_VALUE = 0.01d;
    private final int MONOBIT_TEST_BLOCK_SIZE = 1;
    private final int FREQUENCY_TEST_BLOCK_SIZE = 128;
    private final int LONGEST_RUN_BLOCK_SIZE = 8;
    private final int TEMPLATE_TEST_BLOCK_SIZE = 9;
    private final int ENTROPY_TEST_BLOCK_SIZE = 10;
    private final int UNIX_TIME_ALLOWED_DEVIATION = 31556926;

    private boolean checkForUnixTime(ExtractedValueContainer<ComparableByteArray> extractedValueContainer) {
        Iterator it = extractedValueContainer.getExtractedValueList().iterator();
        while (it.hasNext()) {
            byte[] array = ((ComparableByteArray) it.next()).getArray();
            if (array != null) {
                byte[] bArr = new byte[4];
                System.arraycopy(array, 0, bArr, 0, 4);
                Integer valueOf = Integer.valueOf(ArrayConverter.bytesToInt(bArr));
                if (valueOf.intValue() > (System.currentTimeMillis() / 1000) + 31556926 || valueOf.intValue() < (System.currentTimeMillis() / 1000) - 31556926) {
                    return false;
                }
            }
        }
        return true;
    }

    public void analyze(ServerReport serverReport) {
        ExtractedValueContainer extractedValueContainer = (ExtractedValueContainer) serverReport.getExtractedValueContainerMap().get(TrackableValueType.COOKIE);
        ExtractedValueContainer<ComparableByteArray> extractedValueContainer2 = (ExtractedValueContainer) serverReport.getExtractedValueContainerMap().get(TrackableValueType.RANDOM);
        ExtractedValueContainer extractedValueContainer3 = (ExtractedValueContainer) serverReport.getExtractedValueContainerMap().get(TrackableValueType.SESSION_ID);
        ExtractedValueContainer extractedValueContainer4 = (ExtractedValueContainer) serverReport.getExtractedValueContainerMap().get(TrackableValueType.CBC_IV);
        boolean checkForUnixTime = checkForUnixTime(extractedValueContainer2);
        List<ComparableByteArray> extractedValueList = extractedValueContainer.getExtractedValueList();
        List<ComparableByteArray> filterRandoms = filterRandoms(extractedValueContainer2.getExtractedValueList(), checkForUnixTime);
        List<ComparableByteArray> extractedValueList2 = extractedValueContainer4.getExtractedValueList();
        List<ComparableByteArray> extractedValueList3 = extractedValueContainer3.getExtractedValueList();
        LinkedList linkedList = new LinkedList();
        linkedList.add(createEntropyReport(filterRandoms, RandomType.RANDOM));
        linkedList.add(createEntropyReport(extractedValueList3, RandomType.SESSION_ID));
        linkedList.add(createEntropyReport(extractedValueList, RandomType.COOKIE));
        linkedList.add(createEntropyReport(extractedValueList2, RandomType.CBC_IV));
        serverReport.putResult(TlsAnalyzedProperty.USES_UNIX_TIMESTAMPS_IN_RANDOM, Boolean.valueOf(checkForUnixTime));
        serverReport.setEntropyReportList(linkedList);
    }

    public EntropyReport createEntropyReport(List<ComparableByteArray> list, RandomType randomType) {
        byte[] convertToSingleByteArray = convertToSingleByteArray(list);
        StatisticalTests.approximateEntropyTest(HELLO_RETRY_REQUEST_CONST, 8);
        int numberOfDuplicates = getNumberOfDuplicates(list);
        boolean z = numberOfDuplicates > 0;
        String byteArrayToBitString = StatisticalTests.byteArrayToBitString(convertToSingleByteArray);
        boolean z2 = StatisticalTests.approximateEntropyTest(byteArrayToBitString, 10).doubleValue() <= 0.01d;
        boolean z3 = StatisticalTests.discreteFourierTest(byteArrayToBitString).doubleValue() <= 0.01d;
        boolean z4 = StatisticalTests.frequencyTest(byteArrayToBitString, 128).doubleValue() <= 0.01d;
        boolean z5 = StatisticalTests.longestRunWithinBlock(byteArrayToBitString, 8).doubleValue() <= 0.01d;
        return new EntropyReport(randomType, list.size(), convertToSingleByteArray.length, z, numberOfDuplicates, z4, StatisticalTests.frequencyTest(byteArrayToBitString, 1).doubleValue() <= 0.01d, StatisticalTests.runsTest(byteArrayToBitString).doubleValue() <= 0.01d, z5, z3, z2, StatisticalTests.nonOverlappingTemplateTest(byteArrayToBitString, 9, 0.01d).doubleValue());
    }

    private byte[] convertToSingleByteArray(List<ComparableByteArray> list) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Iterator<ComparableByteArray> it = list.iterator();
        while (it.hasNext()) {
            try {
                byteArrayOutputStream.write(it.next().getArray());
            } catch (IOException e) {
                LOGGER.error("Could not write byteArray to outputStream");
            }
        }
        return byteArrayOutputStream.toByteArray();
    }

    private List<ComparableByteArray> filterRandoms(List<ComparableByteArray> list, boolean z) {
        LinkedList linkedList = new LinkedList();
        for (ComparableByteArray comparableByteArray : list) {
            if (Arrays.equals(comparableByteArray.getArray(), HELLO_RETRY_REQUEST_CONST)) {
                linkedList.remove(comparableByteArray);
            } else {
                byte[] copyOfRange = Arrays.copyOfRange(comparableByteArray.getArray(), 24, 32);
                linkedList.add(new ComparableByteArray(Arrays.copyOfRange(comparableByteArray.getArray(), z ? 4 : 0, Arrays.equals(copyOfRange, TLS_1_3_TO_TLS_1_1_DOWNGRADE_CONST) ? 24 : Arrays.equals(copyOfRange, TLS_1_3_TO_TLS_1_2_DOWNGRADE_CONST) ? 24 : 32)));
            }
        }
        return linkedList;
    }

    private int getNumberOfDuplicates(List<ComparableByteArray> list) {
        HashSet hashSet = new HashSet();
        hashSet.addAll(list);
        return list.size() - hashSet.size();
    }
}
