package de.rub.nds.tlsscanner.serverscanner.probe;

import de.rub.nds.tlsattacker.core.config.Config;
import de.rub.nds.tlsattacker.core.constants.CipherSuite;
import de.rub.nds.tlsattacker.core.constants.HandshakeMessageType;
import de.rub.nds.tlsattacker.core.constants.NamedGroup;
import de.rub.nds.tlsattacker.core.constants.ProtocolVersion;
import de.rub.nds.tlsattacker.core.constants.RunningModeType;
import de.rub.nds.tlsattacker.core.constants.SignatureAndHashAlgorithm;
import de.rub.nds.tlsattacker.core.state.State;
import de.rub.nds.tlsattacker.core.state.TlsContext;
import de.rub.nds.tlsattacker.core.workflow.ParallelExecutor;
import de.rub.nds.tlsattacker.core.workflow.WorkflowTrace;
import de.rub.nds.tlsattacker.core.workflow.WorkflowTraceUtil;
import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowConfigurationFactory;
import de.rub.nds.tlsattacker.core.workflow.factory.WorkflowTraceType;
import de.rub.nds.tlsscanner.serverscanner.config.ScannerConfig;
import de.rub.nds.tlsscanner.serverscanner.constants.ProbeType;
import de.rub.nds.tlsscanner.serverscanner.rating.TestResult;
import de.rub.nds.tlsscanner.serverscanner.report.SiteReport;
import de.rub.nds.tlsscanner.serverscanner.report.result.EsniResult;
import de.rub.nds.tlsscanner.serverscanner.report.result.ProbeResult;
import de.rub.nds.tlsscanner.serverscanner.report.result.SniResult;
import java.util.Arrays;
import java.util.LinkedList;
import java.util.List;

/* loaded from: input_file:de/rub/nds/tlsscanner/serverscanner/probe/EsniProbe.class */
public class EsniProbe extends TlsProbe {
    public EsniProbe(ScannerConfig scannerConfig, ParallelExecutor parallelExecutor) {
        super(parallelExecutor, ProbeType.ESNI, scannerConfig);
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.probe.TlsProbe
    public ProbeResult executeTest() {
        Config createConfig = getScannerConfig().createConfig();
        createConfig.setHighestProtocolVersion(ProtocolVersion.TLS13);
        createConfig.setSupportedVersions(new ProtocolVersion[]{ProtocolVersion.TLS13});
        createConfig.setUseFreshRandom(true);
        createConfig.setQuickReceive(true);
        createConfig.setDefaultClientSupportedCipherSuites(getClientSupportedCipherSuites());
        createConfig.setDefaultClientSupportedSignatureAndHashAlgorithms(SignatureAndHashAlgorithm.getImplementedTls13SignatureAndHashAlgorithms());
        createConfig.setEnforceSettings(false);
        createConfig.setEarlyStop(true);
        createConfig.setStopReceivingAfterFatal(true);
        createConfig.setStopActionsAfterFatal(true);
        createConfig.setDefaultClientNamedGroups(new NamedGroup[]{NamedGroup.ECDH_X25519});
        createConfig.setDefaultSelectedNamedGroup(NamedGroup.ECDH_X25519);
        LinkedList linkedList = new LinkedList();
        linkedList.add(NamedGroup.ECDH_X25519);
        createConfig.setDefaultClientKeyShareNamedGroups(linkedList);
        createConfig.setAddECPointFormatExtension(false);
        createConfig.setAddEllipticCurveExtension(true);
        createConfig.setAddSignatureAndHashAlgorithmsExtension(true);
        createConfig.setAddSupportedVersionsExtension(true);
        createConfig.setAddKeyShareExtension(true);
        createConfig.setClientSupportedEsniCipherSuites(getClientSupportedCipherSuites());
        createConfig.getClientSupportedEsniNamedGroups().addAll(getImplementedGroups());
        createConfig.setAddServerNameIndicationExtension(false);
        createConfig.setAddEncryptedServerNameIndicationExtension(true);
        WorkflowTrace createWorkflowTrace = new WorkflowConfigurationFactory(createConfig).createWorkflowTrace(WorkflowTraceType.HELLO, RunningModeType.CLIENT);
        State state = new State(createConfig, createWorkflowTrace);
        executeState(state);
        TlsContext tlsContext = state.getTlsContext();
        return !WorkflowTraceUtil.didReceiveMessage(HandshakeMessageType.SERVER_HELLO, createWorkflowTrace) ? new SniResult(TestResult.ERROR_DURING_TEST) : ((tlsContext.getEsniRecordBytes() != null) && (tlsContext.getEsniServerNonce() != null && Arrays.equals(tlsContext.getEsniServerNonce(), tlsContext.getEsniClientNonce()))) ? new EsniResult(TestResult.TRUE) : new EsniResult(TestResult.FALSE);
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.probe.TlsProbe
    public boolean canBeExecuted(SiteReport siteReport) {
        return true;
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.probe.TlsProbe
    public void adjustConfig(SiteReport siteReport) {
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.probe.TlsProbe
    public ProbeResult getCouldNotExecuteResult() {
        return new SniResult(TestResult.COULD_NOT_TEST);
    }

    private List<CipherSuite> getClientSupportedCipherSuites() {
        LinkedList linkedList = new LinkedList();
        linkedList.add(CipherSuite.TLS_AES_128_GCM_SHA256);
        linkedList.add(CipherSuite.TLS_AES_256_GCM_SHA384);
        return linkedList;
    }

    private List<NamedGroup> getImplementedGroups() {
        LinkedList linkedList = new LinkedList();
        linkedList.add(NamedGroup.ECDH_X25519);
        linkedList.add(NamedGroup.ECDH_X448);
        linkedList.add(NamedGroup.SECP160K1);
        linkedList.add(NamedGroup.SECP160R1);
        linkedList.add(NamedGroup.SECP160R2);
        linkedList.add(NamedGroup.SECP192K1);
        linkedList.add(NamedGroup.SECP192R1);
        linkedList.add(NamedGroup.SECP224K1);
        linkedList.add(NamedGroup.SECP224R1);
        linkedList.add(NamedGroup.SECP256K1);
        linkedList.add(NamedGroup.SECP256R1);
        linkedList.add(NamedGroup.SECP384R1);
        linkedList.add(NamedGroup.SECP521R1);
        linkedList.add(NamedGroup.SECT163K1);
        linkedList.add(NamedGroup.SECT163R1);
        linkedList.add(NamedGroup.SECT163R2);
        linkedList.add(NamedGroup.SECT193R1);
        linkedList.add(NamedGroup.SECT193R2);
        linkedList.add(NamedGroup.SECT233K1);
        linkedList.add(NamedGroup.SECT233R1);
        linkedList.add(NamedGroup.SECT239K1);
        linkedList.add(NamedGroup.SECT283K1);
        linkedList.add(NamedGroup.SECT283R1);
        linkedList.add(NamedGroup.SECT409K1);
        linkedList.add(NamedGroup.SECT409R1);
        linkedList.add(NamedGroup.SECT571K1);
        linkedList.add(NamedGroup.SECT571R1);
        return linkedList;
    }
}
