package de.rub.nds.tlsscanner.serverscanner.probe.drown;

import de.rub.nds.tlsattacker.core.config.Config;
import de.rub.nds.tlsattacker.core.constants.HandshakeMessageType;
import de.rub.nds.tlsattacker.core.constants.RunningModeType;
import de.rub.nds.tlsattacker.core.constants.SSL2CipherSuite;
import de.rub.nds.tlsattacker.core.protocol.ProtocolMessage;
import de.rub.nds.tlsattacker.core.protocol.message.SSL2ClientMasterKeyMessage;
import de.rub.nds.tlsattacker.core.protocol.message.SSL2ServerVerifyMessage;
import de.rub.nds.tlsattacker.core.state.State;
import de.rub.nds.tlsattacker.core.workflow.ParallelExecutor;
import de.rub.nds.tlsattacker.core.workflow.WorkflowExecutorFactory;
import de.rub.nds.tlsattacker.core.workflow.WorkflowTrace;
import de.rub.nds.tlsattacker.core.workflow.WorkflowTraceUtil;
import de.rub.nds.tlsattacker.core.workflow.action.ReceiveAction;
import de.rub.nds.tlsattacker.core.workflow.action.SendAction;
import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowConfigurationFactory;
import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowTraceType;
import de.rub.nds.tlsscanner.serverscanner.probe.drown.constans.DrownVulnerabilityType;
import java.util.Iterator;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:de/rub/nds/tlsscanner/serverscanner/probe/drown/GeneralDrownAttacker.class */
public class GeneralDrownAttacker extends BaseDrownAttacker {
    private static final Logger LOGGER = LogManager.getLogger();

    public GeneralDrownAttacker(Config config, ParallelExecutor parallelExecutor) {
        super(config, parallelExecutor);
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.probe.drown.BaseDrownAttacker
    public DrownVulnerabilityType getDrownVulnerabilityType() {
        WorkflowTrace createWorkflowTrace = new WorkflowConfigurationFactory(this.tlsConfig).createWorkflowTrace(WorkflowTraceType.SSL2_HELLO, RunningModeType.CLIENT);
        createWorkflowTrace.addTlsAction(new SendAction(new ProtocolMessage[]{new SSL2ClientMasterKeyMessage()}));
        createWorkflowTrace.addTlsAction(new ReceiveAction(new ProtocolMessage[]{new SSL2ServerVerifyMessage()}));
        State state = new State(this.tlsConfig, createWorkflowTrace);
        WorkflowExecutorFactory.createWorkflowExecutor(this.tlsConfig.getWorkflowExecutorType(), state).executeWorkflow();
        if (!WorkflowTraceUtil.didReceiveMessage(HandshakeMessageType.SSL2_SERVER_HELLO, createWorkflowTrace)) {
            return DrownVulnerabilityType.NONE;
        }
        Iterator it = SSL2CipherSuite.getCipherSuites((byte[]) WorkflowTraceUtil.getFirstReceivedMessage(HandshakeMessageType.SSL2_SERVER_HELLO, createWorkflowTrace).getCipherSuites().getValue()).iterator();
        while (it.hasNext()) {
            if (((SSL2CipherSuite) it.next()).isWeak()) {
                LOGGER.debug("Declaring host as vulnerable based on weak cipher suite in ServerHello.");
                return DrownVulnerabilityType.GENERAL;
            }
        }
        SSL2ServerVerifyMessage firstReceivedMessage = WorkflowTraceUtil.getFirstReceivedMessage(HandshakeMessageType.SSL2_SERVER_VERIFY, createWorkflowTrace);
        if (firstReceivedMessage == null || !ServerVerifyChecker.check(firstReceivedMessage, state.getTlsContext(), false)) {
            return DrownVulnerabilityType.SSL2;
        }
        LOGGER.debug("Declaring host as vulnerable based on export cipher suite selection (CVE-2015-3197).");
        return DrownVulnerabilityType.GENERAL;
    }
}
