package de.rub.nds.tlsscanner.serverscanner.report.result;

import de.rub.nds.tlsattacker.core.https.header.HttpsHeader;
import de.rub.nds.tlsscanner.serverscanner.constants.ProbeType;
import de.rub.nds.tlsscanner.serverscanner.rating.TestResult;
import de.rub.nds.tlsscanner.serverscanner.report.AnalyzedProperty;
import de.rub.nds.tlsscanner.serverscanner.report.SiteReport;
import de.rub.nds.tlsscanner.serverscanner.report.result.hpkp.HpkpPin;
import java.util.Base64;
import java.util.LinkedList;
import java.util.List;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:de/rub/nds/tlsscanner/serverscanner/report/result/HttpHeaderResult.class */
public class HttpHeaderResult extends ProbeResult {
    private static final Logger LOGGER = LogManager.getLogger();
    private List<HttpsHeader> headerList;
    private TestResult speaksHttps;
    private TestResult supportsHsts;
    private Long hstsMaxAge;
    private Integer hpkpMaxAge;
    private TestResult hstsIncludesSubdomains;
    private TestResult hpkpIncludesSubdomains;
    private TestResult supportsHstsPreloading;
    private TestResult hstsNotParseable;
    private TestResult hpkpNotParseable;
    private TestResult supportsHpkp;
    private TestResult supportsHpkpReportOnly;
    private TestResult vulnerableBreach;

    public HttpHeaderResult(TestResult testResult, List<HttpsHeader> list) {
        super(ProbeType.HTTP_HEADER);
        this.headerList = null;
        this.speaksHttps = null;
        this.supportsHsts = TestResult.FALSE;
        this.hstsMaxAge = null;
        this.hpkpMaxAge = null;
        this.hstsIncludesSubdomains = TestResult.FALSE;
        this.hpkpIncludesSubdomains = TestResult.FALSE;
        this.supportsHstsPreloading = TestResult.FALSE;
        this.hstsNotParseable = null;
        this.hpkpNotParseable = null;
        this.supportsHpkp = TestResult.FALSE;
        this.supportsHpkpReportOnly = TestResult.FALSE;
        this.vulnerableBreach = TestResult.FALSE;
        this.speaksHttps = testResult;
        this.headerList = list;
    }

    @Override // de.rub.nds.tlsscanner.serverscanner.report.result.ProbeResult
    protected void mergeData(SiteReport siteReport) {
        siteReport.putResult(AnalyzedProperty.SUPPORTS_HTTPS, this.speaksHttps);
        siteReport.setHeaderList(this.headerList);
        LinkedList linkedList = new LinkedList();
        LinkedList linkedList2 = new LinkedList();
        if (this.headerList != null) {
            for (HttpsHeader httpsHeader : this.headerList) {
                if (((String) httpsHeader.getHeaderName().getValue()).equals("Strict-Transport-Security")) {
                    this.supportsHsts = TestResult.TRUE;
                    boolean z = false;
                    for (String str : ((String) httpsHeader.getHeaderValue().getValue()).split(";")) {
                        if (str.trim().startsWith("preload")) {
                            z = true;
                        }
                        if (str.trim().startsWith("includeSubDomains")) {
                            this.hstsIncludesSubdomains = TestResult.TRUE;
                        }
                        if (str.trim().startsWith("max-age")) {
                            String[] split = str.split("=");
                            if (split.length == 2) {
                                try {
                                    this.hstsMaxAge = Long.valueOf(Long.parseLong(split[1].trim()));
                                } catch (Exception e) {
                                    LOGGER.warn("HSTS was not parseable", e);
                                    this.hstsNotParseable = TestResult.TRUE;
                                }
                            } else {
                                this.hstsNotParseable = TestResult.FALSE;
                            }
                        }
                    }
                    this.supportsHstsPreloading = z ? TestResult.TRUE : TestResult.FALSE;
                }
                if (((String) httpsHeader.getHeaderName().getValue()).equals("Public-Key-Pins")) {
                    this.supportsHpkp = TestResult.TRUE;
                    for (String str2 : ((String) httpsHeader.getHeaderValue().getValue()).split(";")) {
                        if (str2.trim().startsWith("includeSubDomains")) {
                            this.hpkpIncludesSubdomains = TestResult.TRUE;
                        }
                        if (str2.trim().startsWith("max-age")) {
                            String[] split2 = str2.split("=");
                            if (split2.length == 2) {
                                try {
                                    this.hpkpMaxAge = Integer.valueOf(Integer.parseInt(split2[1].trim()));
                                } catch (Exception e2) {
                                    LOGGER.warn("HPKP was not parseable", e2);
                                    this.hpkpNotParseable = TestResult.TRUE;
                                }
                            } else {
                                this.hpkpNotParseable = TestResult.FALSE;
                            }
                        }
                        try {
                            String[] split3 = str2.split("=");
                            linkedList.add(new HpkpPin(split3[0], Base64.getDecoder().decode(split3[1].replace("\"", ""))));
                        } catch (Exception e3) {
                            LOGGER.warn("HPKP was not parseable", e3);
                            this.hpkpNotParseable = TestResult.TRUE;
                        }
                    }
                }
                if (((String) httpsHeader.getHeaderName().getValue()).equals("Public-Key-Pins-Report-Only")) {
                    this.supportsHpkpReportOnly = TestResult.TRUE;
                    for (String str3 : ((String) httpsHeader.getHeaderValue().getValue()).split(";")) {
                        if (str3.trim().startsWith("includeSubDomains")) {
                            this.hpkpIncludesSubdomains = TestResult.TRUE;
                        }
                        if (str3.trim().startsWith("max-age")) {
                            String[] split4 = str3.split("=");
                            if (split4.length == 2) {
                                try {
                                    this.hpkpMaxAge = Integer.valueOf(Integer.parseInt(split4[1].trim()));
                                } catch (Exception e4) {
                                    LOGGER.warn("HPKP was not parseable", e4);
                                    this.hpkpNotParseable = TestResult.TRUE;
                                }
                            } else {
                                this.hpkpNotParseable = TestResult.FALSE;
                            }
                        }
                        if (str3.trim().startsWith("pin-")) {
                            try {
                                String[] split5 = str3.split("=");
                                linkedList2.add(new HpkpPin(split5[0], Base64.getDecoder().decode(split5[1].replace("\"", ""))));
                            } catch (Exception e5) {
                                LOGGER.warn("HPKP was not parseable", e5);
                                this.hpkpNotParseable = TestResult.TRUE;
                            }
                        }
                    }
                }
                if (((String) httpsHeader.getHeaderName().getValue()).equals("Content-Encoding")) {
                    String str4 = (String) httpsHeader.getHeaderValue().getValue();
                    for (String str5 : new String[]{"compress", "deflate", "exi", "gzip", "br", "bzip2", "lzma", "xz"}) {
                        if (str4.contains(str5)) {
                            this.vulnerableBreach = TestResult.TRUE;
                        }
                    }
                }
            }
        } else {
            this.supportsHsts = TestResult.COULD_NOT_TEST;
            this.supportsHstsPreloading = TestResult.COULD_NOT_TEST;
            this.supportsHpkp = TestResult.COULD_NOT_TEST;
            this.supportsHpkpReportOnly = TestResult.COULD_NOT_TEST;
            this.vulnerableBreach = TestResult.COULD_NOT_TEST;
        }
        siteReport.setHstsMaxAge(this.hstsMaxAge);
        siteReport.putResult(AnalyzedProperty.SUPPORTS_HSTS, this.supportsHsts);
        siteReport.putResult(AnalyzedProperty.SUPPORTS_HSTS_PRELOADING, this.supportsHstsPreloading);
        siteReport.putResult(AnalyzedProperty.SUPPORTS_HPKP, this.supportsHpkp);
        siteReport.putResult(AnalyzedProperty.SUPPORTS_HPKP_REPORTING, this.supportsHpkpReportOnly);
        siteReport.setHpkpMaxAge(this.hpkpMaxAge);
        siteReport.setNormalHpkpPins(linkedList);
        siteReport.setReportOnlyHpkpPins(linkedList2);
        siteReport.putResult(AnalyzedProperty.VULNERABLE_TO_BREACH, this.vulnerableBreach);
    }
}
