package de.rub.nds.tlsscanner.serverscanner.probe.padding;

import de.rub.nds.tlsattacker.core.config.Config;
import de.rub.nds.tlsattacker.core.constants.AlgorithmResolver;
import de.rub.nds.tlsattacker.core.constants.CipherSuite;
import de.rub.nds.tlsattacker.core.constants.KeyExchangeAlgorithm;
import de.rub.nds.tlsattacker.core.constants.ProtocolVersion;
import de.rub.nds.tlsattacker.core.state.State;
import de.rub.nds.tlsattacker.core.workflow.ParallelExecutor;
import de.rub.nds.tlsscanner.core.vector.VectorResponse;
import de.rub.nds.tlsscanner.core.vector.response.EqualityError;
import de.rub.nds.tlsscanner.core.vector.response.EqualityErrorTranslator;
import de.rub.nds.tlsscanner.core.vector.response.FingerprintChecker;
import de.rub.nds.tlsscanner.core.vector.response.ResponseFingerprint;
import de.rub.nds.tlsscanner.serverscanner.exceptions.AttackFailedException;
import de.rub.nds.tlsscanner.serverscanner.exceptions.OracleUnstableException;
import de.rub.nds.tlsscanner.serverscanner.probe.padding.constants.PaddingRecordGeneratorType;
import de.rub.nds.tlsscanner.serverscanner.probe.padding.constants.PaddingVectorGeneratorType;
import de.rub.nds.tlsscanner.serverscanner.probe.padding.trace.PaddingTraceGenerator;
import de.rub.nds.tlsscanner.serverscanner.probe.padding.trace.PaddingTraceGeneratorFactory;
import de.rub.nds.tlsscanner.serverscanner.probe.padding.vector.PaddingVector;
import de.rub.nds.tlsscanner.serverscanner.probe.padding.vector.PaddingVectorGenerator;
import de.rub.nds.tlsscanner.serverscanner.task.FingerPrintTask;
import de.rub.nds.tlsscanner.serverscanner.task.FingerprintTaskVectorPair;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import org.apache.logging.log4j.Level;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:de/rub/nds/tlsscanner/serverscanner/probe/padding/PaddingOracleAttacker.class */
public class PaddingOracleAttacker {
    private static final Logger LOGGER = LogManager.getLogger();
    private ParallelExecutor executor;
    private Config tlsConfig;
    private PaddingVectorGeneratorType vectorGeneratorType;
    private PaddingRecordGeneratorType recordGeneratorType;
    private int numberOfIterations;
    private ProtocolVersion testedVersion;
    private CipherSuite testedSuite;
    private List<VectorResponse> fullResponseMap;
    private EqualityError resultError;
    private boolean increasingTimeout = true;
    private long additionalTimeout = 1000;
    private long additionalTcpTimeout = 5000;
    private boolean shakyScans = false;
    private boolean erroneousScans = false;

    public PaddingOracleAttacker(Config config, ParallelExecutor parallelExecutor, PaddingRecordGeneratorType paddingRecordGeneratorType, PaddingVectorGeneratorType paddingVectorGeneratorType, int i, ProtocolVersion protocolVersion, CipherSuite cipherSuite) {
        this.tlsConfig = config;
        this.executor = parallelExecutor;
        this.recordGeneratorType = paddingRecordGeneratorType;
        this.vectorGeneratorType = paddingVectorGeneratorType;
        this.numberOfIterations = i;
        this.testedVersion = protocolVersion;
        this.testedSuite = cipherSuite;
    }

    public Boolean isVulnerable() {
        LOGGER.debug("A server is considered vulnerable to this attack if it responds differently to the test vectors.");
        LOGGER.debug("A server is considered secure if it always responds the same way.");
        this.fullResponseMap = new LinkedList();
        for (int i = 0; i < this.numberOfIterations; i++) {
            try {
                this.fullResponseMap.addAll(createVectorResponseList());
            } catch (AttackFailedException e) {
                LOGGER.debug(e.getMessage());
                return null;
            }
        }
        EqualityError equalityError = getEqualityError(this.fullResponseMap);
        if (equalityError != EqualityError.NONE) {
            LOGGER.debug("Found a behavior difference within the responses. The server could be vulnerable.");
        } else {
            LOGGER.debug("Found no behavior difference within the responses. The server is very likely not vulnerable.");
        }
        LOGGER.debug(EqualityErrorTranslator.translation(equalityError, (ResponseFingerprint) null, (ResponseFingerprint) null));
        if (equalityError != EqualityError.NONE || LOGGER.getLevel().isMoreSpecificThan(Level.INFO)) {
            LOGGER.debug("-------------(Not Grouped)-----------------");
            Iterator<VectorResponse> it = this.fullResponseMap.iterator();
            while (it.hasNext()) {
                LOGGER.debug(it.next().toString());
            }
        }
        this.resultError = equalityError;
        return Boolean.valueOf(equalityError != EqualityError.NONE);
    }

    private List<VectorResponse> createVectorResponseList() {
        prepareConfig();
        PaddingTraceGenerator paddingTraceGenerator = PaddingTraceGeneratorFactory.getPaddingTraceGenerator(this.vectorGeneratorType, this.recordGeneratorType);
        PaddingVectorGenerator vectorGenerator = paddingTraceGenerator.getVectorGenerator();
        LinkedList linkedList = new LinkedList();
        LinkedList<FingerprintTaskVectorPair> linkedList2 = new LinkedList();
        for (PaddingVector paddingVector : vectorGenerator.getVectors(this.tlsConfig.getDefaultSelectedCipherSuite(), this.tlsConfig.getDefaultHighestClientProtocolVersion())) {
            FingerPrintTask fingerPrintTask = new FingerPrintTask(new State(this.tlsConfig, paddingTraceGenerator.getPaddingOracleWorkflowTrace(this.tlsConfig, paddingVector)), this.additionalTimeout, this.increasingTimeout, this.executor.getReexecutions(), this.additionalTcpTimeout);
            linkedList.add(fingerPrintTask);
            linkedList2.add(new FingerprintTaskVectorPair(fingerPrintTask, paddingVector));
        }
        LinkedList linkedList3 = new LinkedList();
        this.executor.bulkExecuteTasks(linkedList);
        for (FingerprintTaskVectorPair fingerprintTaskVectorPair : linkedList2) {
            if (fingerprintTaskVectorPair.getFingerPrintTask().isHasError()) {
                this.erroneousScans = true;
                LOGGER.warn("Could not extract fingerprint for " + fingerprintTaskVectorPair.toString());
            } else {
                this.testedSuite = fingerprintTaskVectorPair.getFingerPrintTask().getState().getTlsContext().getSelectedCipherSuite();
                this.testedVersion = fingerprintTaskVectorPair.getFingerPrintTask().getState().getTlsContext().getSelectedProtocolVersion();
                if (this.testedSuite == null || this.testedVersion == null) {
                    LOGGER.fatal("Could not find ServerHello after successful extraction");
                    throw new OracleUnstableException("Fatal Extraction error");
                }
                linkedList3.add(new VectorResponse(fingerprintTaskVectorPair.getVector(), fingerprintTaskVectorPair.getFingerPrintTask().getFingerprint()));
            }
        }
        return linkedList3;
    }

    private EqualityError getEqualityError(List<VectorResponse> list) {
        EqualityError checkEquality;
        for (VectorResponse vectorResponse : list) {
            for (VectorResponse vectorResponse2 : list) {
                if (vectorResponse != vectorResponse2 && (checkEquality = FingerprintChecker.checkEquality(vectorResponse.getFingerprint(), vectorResponse2.getFingerprint())) != EqualityError.NONE) {
                    LOGGER.debug("Found an EqualityError: " + checkEquality);
                    LOGGER.debug("Fingerprint1: " + vectorResponse.getFingerprint().toString());
                    LOGGER.debug("Fingerprint2: " + vectorResponse2.getFingerprint().toString());
                    return checkEquality;
                }
            }
        }
        return EqualityError.NONE;
    }

    private void prepareConfig() {
        this.tlsConfig.setHighestProtocolVersion(this.testedVersion);
        this.tlsConfig.setDefaultClientSupportedCipherSuites(new CipherSuite[]{this.testedSuite});
        KeyExchangeAlgorithm keyExchangeAlgorithm = AlgorithmResolver.getKeyExchangeAlgorithm(this.testedSuite);
        if (keyExchangeAlgorithm == null || !keyExchangeAlgorithm.name().toUpperCase().contains("EC")) {
            this.tlsConfig.setAddEllipticCurveExtension(false);
            this.tlsConfig.setAddECPointFormatExtension(false);
        } else {
            this.tlsConfig.setAddEllipticCurveExtension(true);
            this.tlsConfig.setAddECPointFormatExtension(true);
        }
        this.tlsConfig.setStopReceivingAfterFatal(false);
        this.tlsConfig.setStopActionsAfterFatal(false);
        this.tlsConfig.setStopReceivingAfterWarning(false);
        this.tlsConfig.setStopActionsAfterWarning(false);
        this.tlsConfig.setWorkflowExecutorShouldClose(false);
    }

    public void setIncreasingTimeout(boolean z) {
        this.increasingTimeout = z;
    }

    public void setAdditionalTimeout(long j) {
        this.additionalTimeout = j;
    }

    public void setAdditionalTcpTimeout(long j) {
        this.additionalTcpTimeout = j;
    }

    public List<VectorResponse> getFullResponseMap() {
        return this.fullResponseMap;
    }
}
