package de.rub.nds.tlsscanner.serverscanner.execution;

import de.rub.nds.scanner.core.afterprobe.AfterProbe;
import de.rub.nds.scanner.core.execution.ScanJob;
import de.rub.nds.scanner.core.execution.ThreadedScanJobExecutor;
import de.rub.nds.scanner.core.passive.StatsWriter;
import de.rub.nds.scanner.core.probe.ScannerProbe;
import de.rub.nds.scanner.core.report.rating.ScoreReport;
import de.rub.nds.tlsattacker.core.constants.StarttlsType;
import de.rub.nds.tlsattacker.core.workflow.NamedThreadFactory;
import de.rub.nds.tlsattacker.core.workflow.ParallelExecutor;
import de.rub.nds.tlsscanner.core.execution.TlsScanner;
import de.rub.nds.tlsscanner.core.passive.RandomExtractor;
import de.rub.nds.tlsscanner.serverscanner.afterprobe.CertificateSignatureAndHashAlgorithmAfterProbe;
import de.rub.nds.tlsscanner.serverscanner.afterprobe.DestinationPortAfterProbe;
import de.rub.nds.tlsscanner.serverscanner.afterprobe.DhValueAfterProbe;
import de.rub.nds.tlsscanner.serverscanner.afterprobe.DtlsRetransmissionAfterProbe;
import de.rub.nds.tlsscanner.serverscanner.afterprobe.EcPublicKeyAfterProbe;
import de.rub.nds.tlsscanner.serverscanner.afterprobe.FreakAfterProbe;
import de.rub.nds.tlsscanner.serverscanner.afterprobe.LogjamAfterProbe;
import de.rub.nds.tlsscanner.serverscanner.afterprobe.PaddingOracleIdentificationAfterProbe;
import de.rub.nds.tlsscanner.serverscanner.afterprobe.PoodleAfterProbe;
import de.rub.nds.tlsscanner.serverscanner.afterprobe.RaccoonAttackAfterProbe;
import de.rub.nds.tlsscanner.serverscanner.afterprobe.RandomnessAfterProbe;
import de.rub.nds.tlsscanner.serverscanner.afterprobe.Sweet32AfterProbe;
import de.rub.nds.tlsscanner.serverscanner.config.ServerScannerConfig;
import de.rub.nds.tlsscanner.serverscanner.connectivity.ConnectivityChecker;
import de.rub.nds.tlsscanner.serverscanner.constants.ApplicationProtocol;
import de.rub.nds.tlsscanner.serverscanner.constants.ProtocolType;
import de.rub.nds.tlsscanner.serverscanner.guideline.Guideline;
import de.rub.nds.tlsscanner.serverscanner.guideline.GuidelineChecker;
import de.rub.nds.tlsscanner.serverscanner.guideline.GuidelineIO;
import de.rub.nds.tlsscanner.serverscanner.passive.CbcIvExtractor;
import de.rub.nds.tlsscanner.serverscanner.passive.CookieExtractor;
import de.rub.nds.tlsscanner.serverscanner.passive.DestinationPortExtractor;
import de.rub.nds.tlsscanner.serverscanner.passive.DhPublicKeyExtractor;
import de.rub.nds.tlsscanner.serverscanner.passive.DtlsRetransmissionsExtractor;
import de.rub.nds.tlsscanner.serverscanner.passive.EcPublicKeyExtractor;
import de.rub.nds.tlsscanner.serverscanner.passive.SessionIdExtractor;
import de.rub.nds.tlsscanner.serverscanner.probe.AlpacaProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.AlpnProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.BleichenbacherProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.CcaProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.CcaRequiredProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.CcaSupportProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.CertificateProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.CertificateTransparencyProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.CipherSuiteOrderProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.CipherSuiteProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.CommonBugProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.CompressionsProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.ConnectionClosingProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.DirectRaccoonProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.DrownProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.DtlsApplicationFingerprintProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.DtlsBugsProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.DtlsFragmentationProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.DtlsHelloVerifyRequestProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.DtlsIpAddressInCookieProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.DtlsMessageSequenceProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.DtlsReorderingProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.DtlsRetransmissionsProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.ECPointFormatProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.EarlyCcsProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.EsniProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.ExtensionProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.HeartbleedProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.HelloRetryProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.HttpFalseStartProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.HttpHeaderProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.InvalidCurveProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.NamedCurvesOrderProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.NamedGroupsProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.OcspProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.PaddingOracleProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.ProtocolVersionProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.RandomnessProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.RecordFragmentationProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.RenegotiationProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.ResumptionProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.SessionTicketZeroKeyProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.SignatureAndHashAlgorithmProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.SignatureHashAlgorithmOrderProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.SniProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.TlsFallbackScsvProbe;
import de.rub.nds.tlsscanner.serverscanner.probe.TokenbindingProbe;
import de.rub.nds.tlsscanner.serverscanner.report.ServerReport;
import de.rub.nds.tlsscanner.serverscanner.report.rating.DefaultRatingLoader;
import de.rub.nds.tlsscanner.serverscanner.selector.ConfigSelector;
import de.rub.nds.tlsscanner.serverscanner.trust.TrustAnchorManager;
import java.io.IOException;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.stream.Collectors;
import javax.xml.bind.JAXBException;
import javax.xml.stream.XMLStreamException;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:de/rub/nds/tlsscanner/serverscanner/execution/TlsServerScanner.class */
public final class TlsServerScanner extends TlsScanner {
    private static final Logger LOGGER = LogManager.getLogger();
    private final ConfigSelector configSelector;
    private final ParallelExecutor parallelExecutor;
    private final ServerScannerConfig config;
    private boolean closeAfterFinishParallel;

    public TlsServerScanner(ServerScannerConfig serverScannerConfig) {
        super(serverScannerConfig.getProbes());
        this.config = serverScannerConfig;
        this.configSelector = new ConfigSelector(serverScannerConfig);
        this.closeAfterFinishParallel = true;
        this.parallelExecutor = new ParallelExecutor(serverScannerConfig.getOverallThreads(), 3, new NamedThreadFactory(serverScannerConfig.getClientDelegate().getHost() + "-Worker"));
        setCallbacks();
        fillProbeLists();
    }

    public TlsServerScanner(ServerScannerConfig serverScannerConfig, ParallelExecutor parallelExecutor) {
        super(serverScannerConfig.getProbes());
        this.config = serverScannerConfig;
        this.configSelector = new ConfigSelector(serverScannerConfig);
        this.parallelExecutor = parallelExecutor;
        this.closeAfterFinishParallel = false;
        setCallbacks();
        fillProbeLists();
    }

    public TlsServerScanner(ServerScannerConfig serverScannerConfig, ParallelExecutor parallelExecutor, List<ScannerProbe> list, List<AfterProbe> list2) {
        super((List) list.stream().map((v0) -> {
            return v0.getType();
        }).collect(Collectors.toList()));
        this.probeList.addAll(list);
        this.afterList.addAll(list2);
        this.parallelExecutor = parallelExecutor;
        this.config = serverScannerConfig;
        this.configSelector = new ConfigSelector(serverScannerConfig);
        this.closeAfterFinishParallel = false;
        setDefaultProbeWriter();
        setCallbacks();
    }

    private void setCallbacks() {
        if (this.config.getCallbackDelegate().getBeforeTransportPreInitCallback() != null && this.parallelExecutor.getDefaultBeforeTransportPreInitCallback() == null) {
            this.parallelExecutor.setDefaultBeforeTransportPreInitCallback(this.config.getCallbackDelegate().getBeforeTransportPreInitCallback());
        }
        if (this.config.getCallbackDelegate().getBeforeTransportInitCallback() != null && this.parallelExecutor.getDefaultBeforeTransportInitCallback() == null) {
            this.parallelExecutor.setDefaultBeforeTransportInitCallback(this.config.getCallbackDelegate().getBeforeTransportInitCallback());
        }
        if (this.config.getCallbackDelegate().getAfterTransportInitCallback() != null && this.parallelExecutor.getDefaultAfterTransportInitCallback() == null) {
            this.parallelExecutor.setDefaultAfterTransportInitCallback(this.config.getCallbackDelegate().getAfterTransportInitCallback());
        }
        if (this.config.getCallbackDelegate().getAfterExecutionCallback() == null || this.parallelExecutor.getDefaultAfterExecutionCallback() != null) {
            return;
        }
        this.parallelExecutor.setDefaultAfterExecutionCallback(this.config.getCallbackDelegate().getAfterExecutionCallback());
    }

    protected void fillProbeLists() {
        if (this.config.getAdditionalRandomnessHandshakes() > 0) {
            addProbeToProbeList(new RandomnessProbe(this.configSelector, this.parallelExecutor));
        }
        addProbeToProbeList(new AlpnProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new AlpacaProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new CommonBugProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new SniProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new CompressionsProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new NamedGroupsProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new NamedCurvesOrderProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new CertificateProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new OcspProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new ProtocolVersionProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new CipherSuiteProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new DirectRaccoonProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new CipherSuiteOrderProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new ExtensionProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new ECPointFormatProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new ResumptionProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new RenegotiationProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new SessionTicketZeroKeyProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new HeartbleedProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new PaddingOracleProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new BleichenbacherProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new InvalidCurveProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new CertificateTransparencyProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new CcaSupportProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new CcaRequiredProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new SignatureAndHashAlgorithmProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new SignatureHashAlgorithmOrderProbe(this.configSelector, this.parallelExecutor));
        addProbeToProbeList(new TlsFallbackScsvProbe(this.configSelector, this.parallelExecutor));
        this.afterList.add(new Sweet32AfterProbe());
        this.afterList.add(new FreakAfterProbe());
        this.afterList.add(new LogjamAfterProbe());
        this.afterList.add(new RandomnessAfterProbe());
        this.afterList.add(new EcPublicKeyAfterProbe());
        this.afterList.add(new DhValueAfterProbe());
        this.afterList.add(new PaddingOracleIdentificationAfterProbe());
        this.afterList.add(new RaccoonAttackAfterProbe());
        this.afterList.add(new CertificateSignatureAndHashAlgorithmAfterProbe());
        if (this.config.getDtlsDelegate().isDTLS()) {
            addProbeToProbeList(new DtlsReorderingProbe(this.configSelector, this.parallelExecutor));
            addProbeToProbeList(new DtlsFragmentationProbe(this.configSelector, this.parallelExecutor));
            addProbeToProbeList(new DtlsHelloVerifyRequestProbe(this.configSelector, this.parallelExecutor));
            addProbeToProbeList(new DtlsBugsProbe(this.configSelector, this.parallelExecutor));
            addProbeToProbeList(new DtlsMessageSequenceProbe(this.configSelector, this.parallelExecutor));
            addProbeToProbeList(new DtlsRetransmissionsProbe(this.configSelector, this.parallelExecutor));
            addProbeToProbeList(new DtlsApplicationFingerprintProbe(this.configSelector, this.parallelExecutor));
            addProbeToProbeList(new DtlsIpAddressInCookieProbe(this.configSelector, this.parallelExecutor), false);
            this.afterList.add(new DtlsRetransmissionAfterProbe());
            this.afterList.add(new DestinationPortAfterProbe());
        } else {
            addProbeToProbeList(new HelloRetryProbe(this.configSelector, this.parallelExecutor));
            addProbeToProbeList(new RecordFragmentationProbe(this.configSelector, this.parallelExecutor));
            addProbeToProbeList(new EarlyCcsProbe(this.configSelector, this.parallelExecutor));
            addProbeToProbeList(new CcaProbe(this.configSelector, this.parallelExecutor));
            addProbeToProbeList(new EsniProbe(this.configSelector, this.parallelExecutor));
            addProbeToProbeList(new TokenbindingProbe(this.configSelector, this.parallelExecutor));
            if (this.config.getApplicationProtocol() == ApplicationProtocol.HTTP || this.config.getApplicationProtocol() == ApplicationProtocol.UNKNOWN) {
                addProbeToProbeList(new HttpHeaderProbe(this.configSelector, this.parallelExecutor));
                addProbeToProbeList(new HttpFalseStartProbe(this.configSelector, this.parallelExecutor));
            }
            addProbeToProbeList(new DrownProbe(this.configSelector, this.parallelExecutor));
            addProbeToProbeList(new ConnectionClosingProbe(this.configSelector, this.parallelExecutor), false);
            this.afterList.add(new PoodleAfterProbe());
        }
        setDefaultProbeWriter();
    }

    private void setDefaultProbeWriter() {
        for (ScannerProbe scannerProbe : this.probeList) {
            StatsWriter statsWriter = new StatsWriter();
            statsWriter.addExtractor(new CookieExtractor());
            statsWriter.addExtractor(new RandomExtractor());
            statsWriter.addExtractor(new DhPublicKeyExtractor());
            statsWriter.addExtractor(new EcPublicKeyExtractor());
            statsWriter.addExtractor(new CbcIvExtractor());
            statsWriter.addExtractor(new SessionIdExtractor());
            statsWriter.addExtractor(new DtlsRetransmissionsExtractor());
            statsWriter.addExtractor(new DestinationPortExtractor());
            scannerProbe.setWriter(statsWriter);
        }
    }

    public ServerReport scan() {
        LOGGER.debug("Initializing TrustAnchorManager");
        TrustAnchorManager.getInstance();
        LOGGER.debug("Finished TrustAnchorManager initialization");
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        ProtocolType protocolType = getProtocolType();
        ThreadedScanJobExecutor threadedScanJobExecutor = null;
        try {
            ServerReport serverReport = new ServerReport(this.config.getClientDelegate().getExtractedHost(), this.config.getClientDelegate().getExtractedPort());
            if (isConnectable()) {
                z = true;
                LOGGER.debug(this.config.getClientDelegate().getHost() + " is connectable");
                this.configSelector.findWorkingConfigs();
                serverReport.setConfigProfileIdentifier(this.configSelector.getConfigProfileIdentifier());
                serverReport.setConfigProfileIdentifierTls13(this.configSelector.getConfigProfileIdentifierTls13());
                if (this.configSelector.isSpeaksProtocol()) {
                    z2 = true;
                    LOGGER.debug(this.config.getClientDelegate().getHost() + " speaks " + protocolType.getName());
                    if (this.configSelector.isIsHandshaking()) {
                        z3 = true;
                        LOGGER.debug(this.config.getClientDelegate().getHost() + " is handshaking");
                        threadedScanJobExecutor = new ThreadedScanJobExecutor(this.config, new ScanJob(this.probeList, this.afterList), this.config.getParallelProbes(), this.config.getClientDelegate().getHost());
                        long currentTimeMillis = System.currentTimeMillis();
                        serverReport = (ServerReport) threadedScanJobExecutor.execute(serverReport);
                        try {
                            ScoreReport scoreReport = DefaultRatingLoader.getServerReportRater("en").getScoreReport(serverReport.getResultMap());
                            serverReport.setScore(scoreReport.getScore());
                            serverReport.setScoreReport(scoreReport);
                        } catch (IOException | JAXBException | XMLStreamException e) {
                            LOGGER.error("Could not retrieve scoring results");
                        }
                        if (protocolType != ProtocolType.DTLS) {
                            executeGuidelineEvaluation(serverReport);
                        }
                        long currentTimeMillis2 = System.currentTimeMillis();
                        serverReport.setScanStartTime(currentTimeMillis);
                        serverReport.setScanEndTime(currentTimeMillis2);
                    }
                }
            }
            serverReport.setServerIsAlive(Boolean.valueOf(z));
            serverReport.setSpeaksProtocol(Boolean.valueOf(z2));
            serverReport.setIsHandshaking(Boolean.valueOf(z3));
            serverReport.setProtocolType(protocolType);
            ServerReport serverReport2 = serverReport;
            if (threadedScanJobExecutor != null) {
                threadedScanJobExecutor.shutdown();
            }
            closeParallelExecutorIfNeeded();
            return serverReport2;
        } catch (Throwable th) {
            if (threadedScanJobExecutor != null) {
                threadedScanJobExecutor.shutdown();
            }
            closeParallelExecutorIfNeeded();
            throw th;
        }
    }

    private void executeGuidelineEvaluation(ServerReport serverReport) {
        LOGGER.debug("Evaluating guidelines...");
        Iterator it = Arrays.asList("bsi.xml", "nist.xml").iterator();
        while (it.hasNext()) {
            try {
                Guideline read = GuidelineIO.read(GuidelineIO.class.getResourceAsStream("/guideline/" + ((String) it.next())));
                LOGGER.debug("Evaluating guideline {} ...", read.getName());
                new GuidelineChecker(read).fillReport(serverReport);
            } catch (JAXBException | IOException | XMLStreamException e) {
                LOGGER.error("Could not read guideline", e);
            }
        }
        LOGGER.debug("Finished evaluating guidelines");
    }

    private void closeParallelExecutorIfNeeded() {
        if (this.closeAfterFinishParallel) {
            this.parallelExecutor.shutdown();
        }
    }

    private ProtocolType getProtocolType() {
        return this.config.getDtlsDelegate().isDTLS() ? ProtocolType.DTLS : this.config.getStarttlsDelegate().getStarttlsType() != StarttlsType.NONE ? ProtocolType.STARTTLS : ProtocolType.TLS;
    }

    public boolean isConnectable() {
        try {
            return new ConnectivityChecker(this.config.createConfig().getDefaultClientConnection()).isConnectable();
        } catch (Exception e) {
            LOGGER.warn("Could not test if we can connect to the server", e);
            return false;
        }
    }

    public void setCloseAfterFinishParallel(boolean z) {
        this.closeAfterFinishParallel = z;
    }

    public boolean isCloseAfterFinishParallel() {
        return this.closeAfterFinishParallel;
    }
}
