package de.rub.nds.tlsscanner.serverscanner.guideline.checks;

import de.rub.nds.scanner.core.constants.TestResults;
import de.rub.nds.tlsattacker.core.constants.NamedGroup;
import de.rub.nds.tlsattacker.core.constants.SignatureAlgorithm;
import de.rub.nds.tlsattacker.core.crypto.keys.CustomEcPublicKey;
import de.rub.nds.tlsscanner.core.guideline.GuidelineCheckCondition;
import de.rub.nds.tlsscanner.core.guideline.GuidelineCheckResult;
import de.rub.nds.tlsscanner.core.guideline.RequirementLevel;
import de.rub.nds.tlsscanner.serverscanner.guideline.results.CertificateCurveGuidelineCheckResult;
import de.rub.nds.tlsscanner.serverscanner.probe.certificate.CertificateChain;
import de.rub.nds.tlsscanner.serverscanner.probe.certificate.CertificateReport;
import java.util.List;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlRootElement;

@XmlAccessorType(XmlAccessType.FIELD)
@XmlRootElement
/* loaded from: input_file:de/rub/nds/tlsscanner/serverscanner/guideline/checks/CertificateCurveGuidelineCheck.class */
public class CertificateCurveGuidelineCheck extends CertificateGuidelineCheck {
    private List<NamedGroup> recommendedGroups;

    private CertificateCurveGuidelineCheck() {
        super(null, null);
    }

    public CertificateCurveGuidelineCheck(String str, RequirementLevel requirementLevel, List<NamedGroup> list) {
        super(str, requirementLevel);
        this.recommendedGroups = list;
    }

    public CertificateCurveGuidelineCheck(String str, RequirementLevel requirementLevel, boolean z, List<NamedGroup> list) {
        super(str, requirementLevel, z);
        this.recommendedGroups = list;
    }

    public CertificateCurveGuidelineCheck(String str, RequirementLevel requirementLevel, GuidelineCheckCondition guidelineCheckCondition, boolean z, List<NamedGroup> list) {
        super(str, requirementLevel, guidelineCheckCondition, z);
        this.recommendedGroups = list;
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.guideline.checks.CertificateGuidelineCheck
    public GuidelineCheckResult evaluateChain(CertificateChain certificateChain) {
        CertificateReport certificateReport = certificateChain.getCertificateReportList().get(0);
        if (!SignatureAlgorithm.ECDSA.equals(certificateReport.getSignatureAndHashAlgorithm().getSignatureAlgorithm())) {
            return new CertificateCurveGuidelineCheckResult(TestResults.TRUE);
        }
        if (!(certificateReport.getPublicKey() instanceof CustomEcPublicKey)) {
            return new CertificateCurveGuidelineCheckResult(TestResults.UNCERTAIN);
        }
        NamedGroup group = certificateReport.getPublicKey().getGroup();
        return !this.recommendedGroups.contains(group) ? new CertificateCurveGuidelineCheckResult(TestResults.FALSE, false, group) : new CertificateCurveGuidelineCheckResult(TestResults.TRUE, true, group);
    }

    public String getId() {
        return "CertificateCurve_" + getRequirementLevel() + "_" + this.recommendedGroups;
    }

    public List<NamedGroup> getRecommendedGroups() {
        return this.recommendedGroups;
    }
}
