package org.owasp.dependencycheck.xml.suppression;

import java.util.ArrayList;
import java.util.Calendar;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import javax.annotation.concurrent.NotThreadSafe;
import org.apache.commons.lang3.time.DateFormatUtils;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.Vulnerability;
import org.owasp.dependencycheck.dependency.naming.CpeIdentifier;
import org.owasp.dependencycheck.dependency.naming.Identifier;
import org.owasp.dependencycheck.dependency.naming.PurlIdentifier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import us.springett.parsers.cpe.Cpe;
import us.springett.parsers.cpe.exceptions.CpeEncodingException;

@NotThreadSafe
/* loaded from: input_file:org/owasp/dependencycheck/xml/suppression/SuppressionRule.class */
public class SuppressionRule {
    private static final Logger LOGGER = LoggerFactory.getLogger(SuppressionRule.class);
    private PropertyType filePath;
    private String sha1;
    private String notes;
    private boolean base;
    private Calendar until;
    private List<PropertyType> cpe = new ArrayList();
    private List<Double> cvssBelow = new ArrayList();
    private List<String> cwe = new ArrayList();
    private List<String> cve = new ArrayList();
    private final List<PropertyType> vulnerabilityNames = new ArrayList();
    private PropertyType gav = null;
    private PropertyType packageUrl = null;
    private boolean matched = false;

    public boolean isMatched() {
        return this.matched;
    }

    public void setMatched(boolean z) {
        this.matched = z;
    }

    public Calendar getUntil() {
        return this.until;
    }

    public void setUntil(Calendar calendar) {
        this.until = calendar;
    }

    public PropertyType getFilePath() {
        return this.filePath;
    }

    public void setFilePath(PropertyType propertyType) {
        this.filePath = propertyType;
    }

    public String getSha1() {
        return this.sha1;
    }

    public void setSha1(String str) {
        this.sha1 = str;
    }

    public List<PropertyType> getCpe() {
        return this.cpe;
    }

    public void setCpe(List<PropertyType> list) {
        this.cpe = list;
    }

    public void addCpe(PropertyType propertyType) {
        this.cpe.add(propertyType);
    }

    public void addVulnerabilityName(PropertyType propertyType) {
        this.vulnerabilityNames.add(propertyType);
    }

    public boolean hasCpe() {
        return !this.cpe.isEmpty();
    }

    public List<Double> getCvssBelow() {
        return this.cvssBelow;
    }

    public void setCvssBelow(List<Double> list) {
        this.cvssBelow = list;
    }

    public void addCvssBelow(Double d) {
        this.cvssBelow.add(d);
    }

    public boolean hasCvssBelow() {
        return !this.cvssBelow.isEmpty();
    }

    public String getNotes() {
        return this.notes;
    }

    public void setNotes(String str) {
        this.notes = str;
    }

    public boolean hasNotes() {
        return !this.notes.isEmpty();
    }

    public List<String> getCwe() {
        return this.cwe;
    }

    public void setCwe(List<String> list) {
        this.cwe = list;
    }

    public void addCwe(String str) {
        this.cwe.add(str);
    }

    public boolean hasCwe() {
        return !this.cwe.isEmpty();
    }

    public List<String> getCve() {
        return this.cve;
    }

    public void setCve(List<String> list) {
        this.cve = list;
    }

    public void addCve(String str) {
        this.cve.add(str);
    }

    public boolean hasCve() {
        return !this.cve.isEmpty();
    }

    public boolean hasVulnerabilityName() {
        return !this.vulnerabilityNames.isEmpty();
    }

    public PropertyType getGav() {
        return this.gav;
    }

    public void setGav(PropertyType propertyType) {
        this.gav = propertyType;
    }

    public boolean hasGav() {
        return this.gav != null;
    }

    public void setPackageUrl(PropertyType propertyType) {
        this.packageUrl = propertyType;
    }

    public boolean hasPackageUrl() {
        return this.packageUrl != null;
    }

    public boolean isBase() {
        return this.base;
    }

    public void setBase(boolean z) {
        this.base = z;
    }

    public void process(Dependency dependency) {
        if (this.filePath == null || this.filePath.matches(dependency.getFilePath())) {
            if (this.sha1 == null || this.sha1.equalsIgnoreCase(dependency.getSha1sum())) {
                if (hasGav()) {
                    Iterator<Identifier> it = dependency.getSoftwareIdentifiers().iterator();
                    boolean z = false;
                    while (true) {
                        if (it.hasNext()) {
                            if (identifierMatches(this.gav, it.next())) {
                                z = true;
                                break;
                            }
                        } else {
                            break;
                        }
                    }
                    if (!z) {
                        return;
                    }
                }
                if (hasPackageUrl()) {
                    Iterator<Identifier> it2 = dependency.getSoftwareIdentifiers().iterator();
                    boolean z2 = false;
                    while (true) {
                        if (it2.hasNext()) {
                            if (purlMatches(this.packageUrl, it2.next())) {
                                z2 = true;
                                break;
                            }
                        } else {
                            break;
                        }
                    }
                    if (!z2) {
                        return;
                    }
                }
                if (hasCpe()) {
                    HashSet hashSet = new HashSet();
                    for (Identifier identifier : dependency.getVulnerableSoftwareIdentifiers()) {
                        Iterator<PropertyType> it3 = this.cpe.iterator();
                        while (true) {
                            if (!it3.hasNext()) {
                                break;
                            }
                            if (identifierMatches(it3.next(), identifier)) {
                                if (!isBase()) {
                                    this.matched = true;
                                    if (this.notes != null) {
                                        identifier.setNotes(this.notes);
                                    }
                                    dependency.addSuppressedIdentifier(identifier);
                                }
                                hashSet.add(identifier);
                            }
                        }
                    }
                    dependency.getClass();
                    hashSet.forEach(dependency::removeVulnerableSoftwareIdentifier);
                }
                if (hasCve() || hasVulnerabilityName() || hasCwe() || hasCvssBelow()) {
                    HashSet hashSet2 = new HashSet();
                    for (Vulnerability vulnerability : dependency.getVulnerabilities()) {
                        boolean z3 = false;
                        Iterator<String> it4 = this.cve.iterator();
                        while (true) {
                            if (!it4.hasNext()) {
                                break;
                            }
                            if (it4.next().equalsIgnoreCase(vulnerability.getName())) {
                                hashSet2.add(vulnerability);
                                z3 = true;
                                break;
                            }
                        }
                        if (!z3 && this.cwe != null && !vulnerability.getCwes().isEmpty()) {
                            Iterator<String> it5 = this.cwe.iterator();
                            while (true) {
                                if (!it5.hasNext()) {
                                    break;
                                }
                                String format = String.format("CWE-%s", it5.next());
                                if (vulnerability.getCwes().stream().anyMatch(str -> {
                                    return format.regionMatches(0, str, 0, format.length());
                                })) {
                                    z3 = true;
                                    hashSet2.add(vulnerability);
                                    break;
                                }
                            }
                        }
                        if (!z3 && vulnerability.getName() != null) {
                            Iterator<PropertyType> it6 = this.vulnerabilityNames.iterator();
                            while (true) {
                                if (!it6.hasNext()) {
                                    break;
                                }
                                if (it6.next().matches(vulnerability.getName())) {
                                    z3 = true;
                                    hashSet2.add(vulnerability);
                                    break;
                                }
                            }
                        }
                        if (!z3) {
                            Iterator<Double> it7 = this.cvssBelow.iterator();
                            while (true) {
                                if (!it7.hasNext()) {
                                    break;
                                }
                                Double next = it7.next();
                                if (vulnerability.getCvssV2() == null || vulnerability.getCvssV2().getCvssData().getBaseScore().compareTo(next) >= 0) {
                                    if (vulnerability.getCvssV3() != null && vulnerability.getCvssV3().getCvssData().getBaseScore().compareTo(next) < 0) {
                                        z3 = true;
                                        hashSet2.add(vulnerability);
                                        break;
                                    }
                                } else {
                                    z3 = true;
                                    hashSet2.add(vulnerability);
                                    break;
                                }
                            }
                        }
                        if (z3 && !isBase()) {
                            this.matched = true;
                            if (this.notes != null) {
                                vulnerability.setNotes(this.notes);
                            }
                            dependency.addSuppressedVulnerability(vulnerability);
                        }
                    }
                    dependency.getClass();
                    hashSet2.forEach(dependency::removeVulnerability);
                }
            }
        }
    }

    protected boolean cpeHasNoVersion(PropertyType propertyType) {
        return !propertyType.isRegex() && countCharacter(propertyType.getValue(), ':') <= 3;
    }

    private int countCharacter(String str, char c) {
        int i = 0;
        int indexOf = str.indexOf(c);
        while (true) {
            int i2 = indexOf + 1;
            if (i2 <= 0) {
                return i;
            }
            i++;
            indexOf = str.indexOf(c, i2);
        }
    }

    protected boolean purlMatches(PropertyType propertyType, Identifier identifier) {
        if (identifier instanceof PurlIdentifier) {
            return propertyType.matches(((PurlIdentifier) identifier).toString());
        }
        return false;
    }

    protected boolean identifierMatches(PropertyType propertyType, Identifier identifier) {
        if (identifier instanceof PurlIdentifier) {
            return propertyType.matches(((PurlIdentifier) identifier).toGav());
        }
        if (identifier instanceof CpeIdentifier) {
            Cpe cpe = ((CpeIdentifier) identifier).getCpe();
            if (propertyType.isRegex()) {
                try {
                    return propertyType.matches(cpe.toCpe22Uri());
                } catch (CpeEncodingException e) {
                    LOGGER.debug("Unable to convert CPE to 22 URI?" + cpe);
                }
            } else {
                if (!propertyType.isCaseSensitive()) {
                    try {
                        return cpe.toCpe22Uri().toLowerCase().startsWith(propertyType.getValue().toLowerCase());
                    } catch (CpeEncodingException e2) {
                        LOGGER.debug("Unable to convert CPE to 22 URI?" + cpe);
                        return false;
                    }
                }
                try {
                    return cpe.toCpe22Uri().startsWith(propertyType.getValue());
                } catch (CpeEncodingException e3) {
                    LOGGER.debug("Unable to convert CPE to 22 URI?" + cpe);
                }
            }
        }
        return propertyType.matches(identifier.getValue());
    }

    public String toString() {
        StringBuilder sb = new StringBuilder(64);
        sb.append("SuppressionRule{");
        if (this.until != null) {
            sb.append("until=").append(DateFormatUtils.ISO_8601_EXTENDED_DATETIME_TIME_ZONE_FORMAT.format(this.until)).append(',');
        }
        if (this.filePath != null) {
            sb.append("filePath=").append(this.filePath).append(',');
        }
        if (this.sha1 != null) {
            sb.append("sha1=").append(this.sha1).append(',');
        }
        if (this.packageUrl != null) {
            sb.append("packageUrl=").append(this.packageUrl).append(',');
        }
        if (this.gav != null) {
            sb.append("gav=").append(this.gav).append(',');
        }
        if (this.cpe != null && !this.cpe.isEmpty()) {
            sb.append("cpe={");
            this.cpe.forEach(propertyType -> {
                sb.append(propertyType).append(',');
            });
            sb.append('}');
        }
        if (this.cwe != null && !this.cwe.isEmpty()) {
            sb.append("cwe={");
            this.cwe.forEach(str -> {
                sb.append(str).append(',');
            });
            sb.append('}');
        }
        if (this.cve != null && !this.cve.isEmpty()) {
            sb.append("cve={");
            this.cve.forEach(str2 -> {
                sb.append(str2).append(',');
            });
            sb.append('}');
        }
        if (this.vulnerabilityNames != null && !this.vulnerabilityNames.isEmpty()) {
            sb.append("vulnerabilityName={");
            this.vulnerabilityNames.forEach(propertyType2 -> {
                sb.append(propertyType2).append(',');
            });
            sb.append('}');
        }
        if (this.cvssBelow != null && !this.cvssBelow.isEmpty()) {
            sb.append("cvssBelow={");
            this.cvssBelow.forEach(d -> {
                sb.append(d).append(',');
            });
            sb.append('}');
        }
        sb.append('}');
        return sb.toString();
    }
}
