package io.jenkins.plugins.neuvector;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import hudson.AbortException;
import hudson.EnvVars;
import hudson.FilePath;
import hudson.Launcher;
import hudson.model.Computer;
import hudson.model.Run;
import hudson.slaves.SlaveComputer;
import hudson.util.ArgumentListBuilder;
import hudson.util.Secret;
import io.jenkins.plugins.neuvector.model.SeverityRating;
import io.jenkins.plugins.neuvector.model.report.ScanResult;
import io.jenkins.plugins.neuvector.model.report.Vulnerability;
import java.io.File;
import java.io.IOException;
import java.io.PrintStream;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.Objects;
import java.util.Random;
import java.util.Set;
import java.util.stream.Stream;
import javax.annotation.Nonnull;
import net.sf.json.JSONArray;
import net.sf.json.JSONObject;
import org.apache.http.HttpEntity;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpDelete;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.util.EntityUtils;

/* loaded from: input_file:io/jenkins/plugins/neuvector/NeuVectorWorker.class */
public class NeuVectorWorker {
    private static final int HTTP_CLIENT_CONFIG_TIMEOUT_SECOND = 60;
    private static final String SCAN_REPORT = "scan_result.json";
    private final Log logger;
    private final Config config;
    private String token;
    private String artifactname;
    private FilePath workspace;

    public NeuVectorWorker(Log log, Config config) {
        this.logger = log;
        this.config = config;
    }

    public NeuVectorWorker(Log log, Config config, @Nonnull FilePath filePath, String str) {
        this.logger = log;
        this.config = config;
        this.workspace = filePath;
        this.artifactname = str;
    }

    @SuppressFBWarnings({"DMI_HARDCODED_ABSOLUTE_FILENAME"})
    public void scan(Run<?, ?> run, Launcher launcher) throws IOException, InterruptedException {
        String requestScan;
        if (this.config.isStandaloneScanner()) {
            int i = 0;
            ArgumentListBuilder argumentListBuilder = new ArgumentListBuilder();
            File file = new File(run.getRootDir(), "out");
            Launcher.ProcStarter launch = launcher.launch();
            PrintStream printStream = new PrintStream(file, "UTF-8");
            Throwable th = null;
            try {
                try {
                    launch.stderr(printStream);
                    launch.stdout(printStream);
                    launch.quiet(true);
                    if (!this.config.getScannerRegistryUser().isEmpty()) {
                        argumentListBuilder.add(new String[]{"docker", "login"});
                        argumentListBuilder.add(new String[]{"-u", this.config.getScannerRegistryUser(), "-p"});
                        argumentListBuilder.addMasked(this.config.getScannerRegistryPassword().getPlainText());
                        argumentListBuilder.add(this.config.getScannerRegistryURL());
                        launch.cmds(argumentListBuilder);
                        this.logger.println("Logging in " + this.config.getScannerRegistryURL() + " with " + this.config.getScannerRegistryUser() + " ... ");
                        i = launch.join();
                    }
                    if (i != 0) {
                        this.logger.println("docker failed to login " + this.config.getScannerRegistryURL() + " Please check the global configuration.");
                    }
                    argumentListBuilder.clear();
                    argumentListBuilder.add(new String[]{"docker", "pull"});
                    argumentListBuilder.add(this.config.getScannerRegistryURL() + "/" + this.config.getScannerImage());
                    launch.cmds(argumentListBuilder);
                    this.logger.println("Pulling NeuVector Scanner from " + this.config.getScannerRegistryURL() + "/" + this.config.getScannerImage() + " ...");
                    if (launch.join() != 0) {
                        this.logger.println("docker failed to pull " + this.config.getScannerRegistryURL() + "/" + this.config.getScannerImage() + " Please check the global configuration.");
                    }
                    argumentListBuilder.clear();
                    String generateScannerName = generateScannerName();
                    argumentListBuilder.add(new String[]{"docker", "run"});
                    argumentListBuilder.add(new String[]{"--name", generateScannerName, "--rm"});
                    EnvVars environment = run.getEnvironment(launcher.getListener());
                    String absolutePath = run.getRootDir().getAbsolutePath();
                    if (Objects.nonNull(environment.get("JENKINS_MOUNT_PATH")) && !((String) environment.get("JENKINS_MOUNT_PATH")).isEmpty()) {
                        absolutePath = absolutePath.replace((CharSequence) environment.get("JENKINS_HOME"), (CharSequence) environment.get("JENKINS_MOUNT_PATH"));
                    }
                    String str = "";
                    if (!this.config.isLocal()) {
                        String regUrl = this.config.getRegistry().getRegUrl();
                        argumentListBuilder.add(new String[]{"-e", "SCANNER_REGISTRY=" + regUrl, "-e", "SCANNER_REGISTRY_USERNAME=" + this.config.getRegistry().getRegUsername(), "-e", "SCANNER_REGISTRY_PASSWORD=" + this.config.getRegistry().getRegPassword()});
                        str = regUrl + "/";
                    }
                    argumentListBuilder.add(new String[]{"-e", "SCANNER_REPOSITORY=" + this.config.getRepository(), "-e", "SCANNER_TAG=" + this.config.getTag(), "-e", "SCANNER_SCAN_LAYERS=" + this.config.getScanLayers(), "-e", "SCANNER_LICENSE=" + this.config.getLicense(), "-v", "/var/run/docker.sock:/var/run/docker.sock", "-v", absolutePath + ":/var/neuvector", this.config.getScannerRegistryURL() + "/" + this.config.getScannerImage()});
                    launch.cmds(argumentListBuilder);
                    this.logger.println("Scanning " + str + this.config.getRepository() + ":" + this.config.getTag());
                    if (launch.join() != 0) {
                        String str2 = "Failed to run the scan. Check the log in " + file.getAbsolutePath();
                        this.logger.println(str2);
                        throw new AbortException(str2);
                    }
                    if (printStream != null) {
                        if (0 != 0) {
                            try {
                                printStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            printStream.close();
                        }
                    }
                    String str3 = run.getRootDir().getAbsolutePath() + "/" + SCAN_REPORT;
                    StringBuilder sb = new StringBuilder();
                    if (Computer.currentComputer() instanceof SlaveComputer) {
                        sb.append(new FilePath(launcher.getChannel(), str3).readToString());
                    } else {
                        try {
                            Stream<String> lines = Files.lines(Paths.get(str3, new String[0]), StandardCharsets.UTF_8);
                            Throwable th3 = null;
                            try {
                                try {
                                    lines.forEach(str4 -> {
                                        sb.append(str4).append("\n");
                                    });
                                    if (lines != null) {
                                        if (0 != 0) {
                                            try {
                                                lines.close();
                                            } catch (Throwable th4) {
                                                th3.addSuppressed(th4);
                                            }
                                        } else {
                                            lines.close();
                                        }
                                    }
                                } finally {
                                }
                            } finally {
                            }
                        } catch (IOException e) {
                            e.printStackTrace();
                        }
                    }
                    requestScan = sb.toString();
                } finally {
                }
            } catch (Throwable th5) {
                if (printStream != null) {
                    if (th != null) {
                        try {
                            printStream.close();
                        } catch (Throwable th6) {
                            th.addSuppressed(th6);
                        }
                    } else {
                        printStream.close();
                    }
                }
                throw th5;
            }
        } else {
            CloseableHttpClient makeHttpClient = makeHttpClient();
            Throwable th7 = null;
            try {
                getToken(makeHttpClient);
                try {
                    requestScan = requestScan(makeHttpClient);
                    logout(makeHttpClient);
                } catch (Throwable th8) {
                    logout(makeHttpClient);
                    throw th8;
                }
            } finally {
                if (makeHttpClient != null) {
                    if (0 != 0) {
                        try {
                            makeHttpClient.close();
                        } catch (Throwable th9) {
                            th7.addSuppressed(th9);
                        }
                    } else {
                        makeHttpClient.close();
                    }
                }
            }
        }
        ScanResult processScanReport = processScanReport(requestScan, this.config);
        printHTMLReport(processScanReport);
        printTxtReport(processScanReport);
        makeIfFailDecision(processScanReport.getHighSeverityNumber(), processScanReport.getMediumSeverityNumber(), processScanReport.isBlackListVulExisted(), processScanReport.getExistedBlackListVulSet());
    }

    public void printHTMLReport(ScanResult scanResult) throws IOException, InterruptedException {
        PrintStream printStream = new PrintStream(new FilePath(this.workspace, this.artifactname + ".html").write(), false, "UTF-8");
        Throwable th = null;
        try {
            Log log = new Log(printStream);
            log.println("");
            log.println("<!DOCTYPE html>\n<html lang=\"en\">\n<head><link rel=\"stylesheet\" href=\"styles.css\"></head>\n<body>");
            log.println("<h1>Scan Report </h1>\n");
            log.println("<h3>Summary</h3>");
            log.println("<table>\n    <tr>\n        <th>Registry URL</th>\n        <th>Repository</th>\n        <th>Tag</th>\n        <th>High severity VULs</th>\n        <th>High severity threshold</th>\n        <th>Medium severity VULs</th>\n        <th>Medium severity threshold</th>\n        <th>VULs to fail the build</th>\n        <th>Total VULs</th>\n    </tr>");
            log.println("<tr>");
            if (scanResult.isLocalScan()) {
                log.println("<td>Local image</td>");
            } else {
                log.println("<td><a target=\"_parent\" href=\"" + scanResult.getRepository() + "\">" + scanResult.getRegistry() + "</a></td>");
            }
            log.println("<td> " + scanResult.getRepository() + "</td>");
            log.println("<td> " + scanResult.getTag() + "</td>");
            log.println("<td> " + scanResult.getHighVulnerabilitySet().size() + "</td>");
            if (scanResult.getHighSeverityThreshold() != 0) {
                log.println("<td> " + scanResult.getHighSeverityThreshold() + "</td>");
            } else {
                log.println("<td> No Limit </td>");
            }
            log.println("<td> " + scanResult.getMediumVulnerabilitySet().size() + "</td>");
            if (scanResult.getMediumSeverityThreshold() != 0) {
                log.println("<td> " + scanResult.getMediumSeverityThreshold() + "</td>");
            } else {
                log.println("<td> No Limit </td>");
            }
            if (scanResult.isBlackListVulExisted()) {
                log.println("<td> " + String.join(", ", scanResult.getExistedBlackListVulSet()) + "</td>");
            } else {
                log.println("<td></td>");
            }
            log.println("<td> " + scanResult.getTotalVulnerabilityNumber() + "</td>");
            log.println("</tr></table>");
            log.println("<h3> Vulnerabilities </h3>");
            if (scanResult.getTotalVulnerabilityNumber() == 0) {
                log.println("<p>Scanned. No vulnerabilities found.</p>");
            } else {
                log.println("<table>\n    <tr>\n        <th>Name</th>\n        <th>Severity</th>\n        <th>Score</th>\n        <th>Package</th>\n        <th>Fixed_version</th>\n        <th>Vectors</th>\n        <th>Description</th>\n        <th>Feed_rating</th>\n    </tr>");
                for (Vulnerability vulnerability : scanResult.getHighVulnerabilitySet()) {
                    log.println("<tr>");
                    log.println("<td><a target=\"_blank\" href=\"" + vulnerability.getLink() + "\">" + vulnerability.getName().toUpperCase() + "</td>");
                    log.println("<td> High </td>");
                    log.println("<td> " + vulnerability.getScore() + "</td>");
                    log.println("<td>" + vulnerability.getPackage_name() + ":" + vulnerability.getPackage_version() + "</td>");
                    log.println("<td>" + vulnerability.getFixed_version() + "</td>");
                    log.println("<td>" + vulnerability.getVectors() + "</td>");
                    log.println("<td>" + vulnerability.getDescription() + "</td>");
                    log.println("<td>" + vulnerability.getFeed_rating() + "</td>");
                    log.println("</tr>");
                }
                for (Vulnerability vulnerability2 : scanResult.getMediumVulnerabilitySet()) {
                    log.println("<tr>");
                    log.println("<td><a target=\"_blank\" href=\"" + vulnerability2.getLink() + "\">" + vulnerability2.getName().toUpperCase() + "</td>");
                    log.println("<td> Medium </td>");
                    log.println("<td> " + vulnerability2.getScore() + "</td>");
                    log.println("<td>" + vulnerability2.getPackage_name() + ":" + vulnerability2.getPackage_version() + "</td>");
                    log.println("<td>" + vulnerability2.getFixed_version() + "</td>");
                    log.println("<td>" + vulnerability2.getVectors() + "</td>");
                    log.println("<td>" + vulnerability2.getDescription() + "</td>");
                    log.println("<td>" + vulnerability2.getFeed_rating() + "</td>");
                    log.println("</tr>");
                }
                log.println("</table>\n");
            }
            if (scanResult.isScanLayerConfigured()) {
                if (scanResult.isScanLayerSupported()) {
                    log.println("<h3> Layer Vulnerability History </h3>");
                    for (String str : scanResult.getLayeredVulsMap().keySet()) {
                        Set<Vulnerability> set = scanResult.getLayeredVulsMap().get(str);
                        log.println("<p>Layer digest " + str + " contains " + set.size() + " vulnerabilities.</p>");
                        if (set.size() > 0) {
                            log.println("<table>\n    <tr>\n        <th>Name</th>\n        <th>Score</th>\n        <th>Package</th>\n        <th>Fixed_version</th>\n        <th>Link</th>\n        <th>Feed_rating</th>\n    </tr>");
                            for (Vulnerability vulnerability3 : set) {
                                log.println("<tr>\n");
                                log.println("<td><a target=\"_parent\" href=\"" + vulnerability3.getLink() + "\">" + vulnerability3.getName() + "</td>");
                                log.println("<td> " + vulnerability3.getScore() + "</td>");
                                log.println("<td> " + vulnerability3.getPackage_name() + ":" + vulnerability3.getPackage_version() + "</td>");
                                log.println("<td> " + vulnerability3.getFixed_version() + "</td>");
                                log.println("<td> " + vulnerability3.getLink() + "</td>");
                                log.println("<td> " + vulnerability3.getFeed_rating() + "</td>");
                                log.println("</tr>");
                            }
                            log.println("</table>");
                        }
                    }
                } else {
                    log.println("<p> Your Controller Does Not Support Layer Vulnerability Scan </p>");
                }
            }
            if (scanResult.isWhiteListVulExisted()) {
                log.println("<h3>Exempted Vulnerabilities</h3");
                if (scanResult.getExistedWhiteListVulSet().size() == 1) {
                    log.println("<p> " + scanResult.getExistedWhiteListVulSet().iterator().next().toUpperCase() + "</p>");
                } else {
                    log.println("<p> " + String.join(",", scanResult.getExistedWhiteListVulSet()) + "</p>");
                }
            }
            log.println("</body>\n</html>");
            if (printStream != null) {
                if (0 == 0) {
                    printStream.close();
                    return;
                }
                try {
                    printStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (printStream != null) {
                if (0 != 0) {
                    try {
                        printStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    printStream.close();
                }
            }
            throw th3;
        }
    }

    public void printTxtReport(ScanResult scanResult) throws IOException, InterruptedException {
        PrintStream printStream = new PrintStream(new FilePath(this.workspace, this.artifactname).write(), false, "UTF-8");
        Throwable th = null;
        try {
            Log log = new Log(printStream);
            log.println("");
            log.println("************************ Scan Report ************************");
            if (!scanResult.isLocalScan()) {
                log.println("Registry URL: " + scanResult.getRegistry());
            }
            log.println("Repository: " + scanResult.getRepository());
            log.println("Tag: " + scanResult.getTag());
            log.println("High severity vulnerabilities: " + scanResult.getHighSeverityNumber());
            log.println("Medium severity vulnerabilities: " + scanResult.getMediumSeverityNumber());
            log.println("Total vulnerabilities: " + scanResult.getTotalVulnerabilityNumber());
            log.println("********************** Vulnerabilities **********************");
            log.println("");
            if (scanResult.getTotalVulnerabilityNumber() == 0) {
                log.println("Scanned. No vulnerabilities found.");
            } else {
                for (Vulnerability vulnerability : scanResult.getHighVulnerabilitySet()) {
                    log.println("Name: " + vulnerability.getName().toUpperCase());
                    log.println("Score: " + vulnerability.getScore());
                    log.println("Severity: High");
                    log.println("Vectors: " + vulnerability.getVectors());
                    log.println("Description: " + vulnerability.getDescription());
                    log.println("Package_name: " + vulnerability.getPackage_name());
                    log.println("Package_version: " + vulnerability.getPackage_version());
                    log.println("Fixed_version: " + vulnerability.getFixed_version());
                    log.println("Link: " + vulnerability.getLink());
                    log.println("");
                }
                for (Vulnerability vulnerability2 : scanResult.getMediumVulnerabilitySet()) {
                    log.println("Name: " + vulnerability2.getName().toUpperCase());
                    log.println("Score: " + vulnerability2.getScore());
                    log.println("Severity: Medium");
                    log.println("Vectors: " + vulnerability2.getVectors());
                    log.println("Description: " + vulnerability2.getDescription());
                    log.println("Package_name: " + vulnerability2.getPackage_name());
                    log.println("Package_version: " + vulnerability2.getPackage_version());
                    log.println("Fixed_version: " + vulnerability2.getFixed_version());
                    log.println("Link: " + vulnerability2.getLink());
                    log.println("");
                }
                if (scanResult.isScanLayerConfigured()) {
                    log.println("");
                    if (scanResult.isScanLayerSupported()) {
                        log.println("**************** Layer Vulnerability History ****************");
                        log.println("");
                        for (String str : scanResult.getLayeredVulsMap().keySet()) {
                            Set<Vulnerability> set = scanResult.getLayeredVulsMap().get(str);
                            log.println("Layer digest " + str + " contains " + set.size() + " vulnerabilities.");
                            log.println("");
                            for (Vulnerability vulnerability3 : set) {
                                log.println("Name: " + vulnerability3.getName().toLowerCase() + ", Score: " + vulnerability3.getScore() + ", Package_name: " + vulnerability3.getPackage_name() + ", Package_version: " + vulnerability3.getPackage_version() + ", Fixed_version: " + vulnerability3.getFixed_version() + ", Link: " + vulnerability3.getLink());
                            }
                        }
                        log.println("");
                    } else {
                        log.println("*** Your Controller Does Not Support Layer Vulnerability Scan ***");
                        log.println("");
                    }
                }
                if (scanResult.isWhiteListVulExisted()) {
                    log.println("********************** Exempt Vulnerability **********************");
                    if (scanResult.getExistedWhiteListVulSet().size() == 1) {
                        log.println("The vulnerability " + scanResult.getExistedWhiteListVulSet().iterator().next().toUpperCase() + " is exempt.");
                    } else {
                        log.println("The vulnerabilities " + String.join(",", scanResult.getExistedWhiteListVulSet()) + " are exempt.");
                    }
                }
            }
            if (printStream != null) {
                if (0 == 0) {
                    printStream.close();
                    return;
                }
                try {
                    printStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (printStream != null) {
                if (0 != 0) {
                    try {
                        printStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    printStream.close();
                }
            }
            throw th3;
        }
    }

    public void testConnection() throws IOException {
        CloseableHttpClient makeHttpClient = makeHttpClient();
        Throwable th = null;
        try {
            getToken(makeHttpClient);
            logout(makeHttpClient);
            if (makeHttpClient != null) {
                if (0 == 0) {
                    makeHttpClient.close();
                    return;
                }
                try {
                    makeHttpClient.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (makeHttpClient != null) {
                if (0 != 0) {
                    try {
                        makeHttpClient.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    makeHttpClient.close();
                }
            }
            throw th3;
        }
    }

    private String getSeverity(Double d, Double d2, Double d3) {
        String str = "";
        if (d != null) {
            if (d.doubleValue() >= d2.doubleValue()) {
                str = SeverityRating.High.name();
            } else if (d.doubleValue() >= d3.doubleValue()) {
                str = SeverityRating.Medium.name();
            }
        }
        return str;
    }

    private CloseableHttpClient makeHttpClient() throws AbortException {
        SSLContextBuilder sSLContextBuilder = new SSLContextBuilder();
        try {
            sSLContextBuilder.loadTrustMaterial((KeyStore) null, new TrustSelfSignedStrategy());
            SSLConnectionSocketFactory sSLConnectionSocketFactory = new SSLConnectionSocketFactory(sSLContextBuilder.build(), new TrustAllStrategy());
            return HttpClients.custom().setSSLSocketFactory(sSLConnectionSocketFactory).setDefaultRequestConfig(RequestConfig.custom().setConnectTimeout(60000).build()).build();
        } catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException e) {
            throw new AbortException("SSL context builder error.");
        }
    }

    /* JADX WARN: Failed to calculate best type for var: r12v3 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r12v3 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Failed to calculate best type for var: r13v3 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r13v3 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.RegisterArg.getSVar()" because the return value of "jadx.core.dex.nodes.InsnNode.getResult()" is null
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.collectRelatedVars(AbstractTypeConstraint.java:31)
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.<init>(AbstractTypeConstraint.java:19)
    	at jadx.core.dex.visitors.typeinference.TypeSearch$1.<init>(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeMoveConstraint(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeConstraint(TypeSearch.java:361)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.collectConstraints(TypeSearch.java:341)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.run(TypeSearch.java:60)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.runMultiVariableSearch(FixTypesVisitor.java:116)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Not initialized variable reg: 12, insn: 0x0195: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r12 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:43:0x0195 */
    /* JADX WARN: Not initialized variable reg: 13, insn: 0x019a: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r13 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:45:0x019a */
    /* JADX WARN: Type inference failed for: r12v3, types: [org.apache.http.client.methods.CloseableHttpResponse] */
    /* JADX WARN: Type inference failed for: r13v3, types: [java.lang.Throwable] */
    private void getToken(CloseableHttpClient closeableHttpClient) throws AbortException {
        HttpPost httpPost = new HttpPost(buildUri(this.config.getControllerIP(), this.config.getControllerPort(), "/v1/auth"));
        httpPost.addHeader("Content-Type", "application/json");
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("username", this.config.getUser());
        jSONObject.put("password", this.config.getPassword());
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("password", jSONObject);
        try {
            httpPost.setEntity(new StringEntity(jSONObject2.toString()));
            try {
                try {
                    CloseableHttpResponse execute = closeableHttpClient.execute(httpPost);
                    Throwable th = null;
                    int statusCode = execute.getStatusLine().getStatusCode();
                    HttpEntity entity = execute.getEntity();
                    String entityUtils = EntityUtils.toString(entity);
                    EntityUtils.consume(entity);
                    if (statusCode == 200) {
                        this.token = JSONObject.fromObject(entityUtils).getJSONObject("token").getString("token");
                        if (execute != null) {
                            if (0 != 0) {
                                try {
                                    execute.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                execute.close();
                            }
                        }
                        return;
                    }
                    if (statusCode == 401 || statusCode == 404 || statusCode == 405) {
                        if (this.logger != null) {
                            this.logger.println("Invalid credential of NeuVector controller");
                        }
                        throw new AbortException("Invalid credential of NeuVector controller");
                    }
                    String str = "Failed to get token. Http status code: " + statusCode + ". Message: " + entityUtils;
                    if (this.logger != null) {
                        this.logger.println(str);
                    }
                    throw new AbortException(str);
                } finally {
                }
            } catch (ClientProtocolException e) {
                if (this.logger != null) {
                    this.logger.println("Invalid NeuVector controller IP or port.");
                }
                throw new AbortException("Invalid NeuVector controller IP or port.");
            } catch (IOException e2) {
                if (this.logger != null) {
                    this.logger.println("NeuVector controller connection error.");
                }
                throw new AbortException("NeuVector controller connection error.");
            }
        } catch (UnsupportedEncodingException e3) {
            if (this.logger != null) {
                this.logger.println("Unsupported encoding from NeuVector Username and/or Password in global configuration.");
            }
            throw new AbortException("Unsupported encoding from NeuVector Username and/or Password in global configuration.");
        }
    }

    private String requestScan(CloseableHttpClient closeableHttpClient) throws IOException {
        long currentTimeMillis = System.currentTimeMillis();
        int timeout = this.config.getTimeout() * HTTP_CLIENT_CONFIG_TIMEOUT_SECOND;
        HttpPost httpPost = new HttpPost(buildUri(this.config.getControllerIP(), this.config.getControllerPort(), "/v1/scan/repository"));
        httpPost.addHeader("Content-Type", "application/json");
        httpPost.addHeader("X-Auth-Token", this.token);
        JSONObject jSONObject = new JSONObject();
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("repository", this.config.getRepository());
        if (this.config.getTag() != null) {
            jSONObject2.put("tag", this.config.getTag());
        }
        if (this.config.getScanMeta() != null) {
            JSONObject jSONObject3 = new JSONObject();
            jSONObject3.put("source", this.config.getScanMeta().getSource());
            jSONObject3.put("user", this.config.getScanMeta().getUser());
            jSONObject3.put("job", this.config.getScanMeta().getJob());
            jSONObject3.put("workspace", this.config.getScanMeta().getWorkspace());
            jSONObject2.put("metadata", jSONObject3);
        } else {
            jSONObject2.put("metadata", (Object) null);
        }
        if (this.config.isLocal()) {
            jSONObject2.put("registry", "");
            jSONObject2.put("username", "");
            jSONObject2.put("password", "");
        } else {
            jSONObject2.put("registry", this.config.getRegistry().getRegUrl());
            jSONObject2.put("username", this.config.getRegistry().getRegUsername());
            jSONObject2.put("password", Secret.toString(this.config.getRegistry().getRegPassword()).trim());
        }
        jSONObject2.put("scan_layers", Boolean.valueOf(this.config.getScanLayers()));
        jSONObject.put("request", jSONObject2);
        try {
            httpPost.setEntity(new StringEntity(jSONObject.toString()));
            CloseableHttpResponse closeableHttpResponse = null;
            try {
                try {
                    CloseableHttpResponse execute = closeableHttpClient.execute(httpPost);
                    while (execute.getStatusLine().getStatusCode() == 304) {
                        if (timeout > 0 && (System.currentTimeMillis() - currentTimeMillis) / 1000 > timeout) {
                            this.logger.println("Time out.");
                            throw new AbortException("Time out.");
                        }
                        execute = closeableHttpClient.execute(httpPost);
                        this.logger.println("Scanning in progress...");
                    }
                    int statusCode = execute.getStatusLine().getStatusCode();
                    HttpEntity entity = execute.getEntity();
                    String str = "N/A";
                    if (entity != null) {
                        str = EntityUtils.toString(entity);
                        EntityUtils.consume(entity);
                    }
                    if (statusCode != 200 || entity == null) {
                        String str2 = "Scan failed. Http status code: " + statusCode + ". Message: " + str;
                        this.logger.println(str2);
                        throw new AbortException(str2);
                    }
                    String str3 = str;
                    if (execute != null) {
                        execute.close();
                    }
                    return str3;
                } catch (IOException e) {
                    this.logger.println("NeuVector controller connection error.");
                    throw new AbortException("NeuVector controller connection error.");
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    closeableHttpResponse.close();
                }
                throw th;
            }
        } catch (UnsupportedEncodingException e2) {
            this.logger.println("Unsupported encoding from registry, repository or tag.");
            throw new AbortException("Unsupported encoding from registry, repository or tag.");
        }
    }

    private void logout(CloseableHttpClient closeableHttpClient) throws IOException {
        HttpDelete httpDelete = new HttpDelete(buildUri(this.config.getControllerIP(), this.config.getControllerPort(), "/v1/auth"));
        httpDelete.addHeader("Content-Type", "application/json");
        httpDelete.addHeader("X-Auth-Token", this.token);
        closeableHttpClient.execute(httpDelete).close();
    }

    private URI buildUri(String str, int i, String str2) throws AbortException {
        try {
            return new URIBuilder().setScheme("https").setHost(str).setPort(i).setPath(str2).build();
        } catch (URISyntaxException e) {
            this.logger.println("URI syntax error from NeuVector Controller IP and/or API port in global configuration.");
            throw new AbortException("URI syntax error from NeuVector Controller IP and/or API port in global configuration.");
        }
    }

    private ScanResult processScanReport(String str, Config config) throws AbortException {
        ScanResult scanResult = new ScanResult();
        if (config.isLocal()) {
            scanResult.setLocalScan(true);
        } else {
            scanResult.setLocalScan(false);
            scanResult.setRegistry(config.getRegistry().getRegUrl());
        }
        scanResult.setRepository(config.getRepository());
        scanResult.setTag(config.getTag());
        int i = 0;
        if (Objects.nonNull(config.getNumberOfHighSeverityToFail()) && !config.getNumberOfHighSeverityToFail().isEmpty()) {
            i = Integer.parseInt(config.getNumberOfHighSeverityToFail());
        }
        int i2 = 0;
        if (Objects.nonNull(config.getNumberOfMediumSeverityToFail()) && !config.getNumberOfMediumSeverityToFail().isEmpty()) {
            i2 = Integer.parseInt(config.getNumberOfMediumSeverityToFail());
        }
        scanResult.setHighSeverityThreshold(i);
        scanResult.setMediumSeverityThreshold(i2);
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        if (config.getNameOfVulnerabilityToFailOne() != null && !config.getNameOfVulnerabilityToFailOne().isEmpty()) {
            hashSet.add(config.getNameOfVulnerabilityToFailOne().toLowerCase());
        }
        if (config.getNameOfVulnerabilityToFailTwo() != null && !config.getNameOfVulnerabilityToFailTwo().isEmpty()) {
            hashSet.add(config.getNameOfVulnerabilityToFailTwo().toLowerCase());
        }
        if (config.getNameOfVulnerabilityToFailThree() != null && !config.getNameOfVulnerabilityToFailThree().isEmpty()) {
            hashSet.add(config.getNameOfVulnerabilityToFailThree().toLowerCase());
        }
        if (config.getNameOfVulnerabilityToFailFour() != null && !config.getNameOfVulnerabilityToFailFour().isEmpty()) {
            hashSet.add(config.getNameOfVulnerabilityToFailFour().toLowerCase());
        }
        if (config.getNameOfVulnerabilityToExemptOne() != null && !config.getNameOfVulnerabilityToExemptOne().isEmpty()) {
            hashSet2.add(config.getNameOfVulnerabilityToExemptOne().toLowerCase());
        }
        if (config.getNameOfVulnerabilityToExemptTwo() != null && !config.getNameOfVulnerabilityToExemptTwo().isEmpty()) {
            hashSet2.add(config.getNameOfVulnerabilityToExemptTwo().toLowerCase());
        }
        if (config.getNameOfVulnerabilityToExemptThree() != null && !config.getNameOfVulnerabilityToExemptThree().isEmpty()) {
            hashSet2.add(config.getNameOfVulnerabilityToExemptThree().toLowerCase());
        }
        if (config.getNameOfVulnerabilityToExemptFour() != null && !config.getNameOfVulnerabilityToExemptFour().isEmpty()) {
            hashSet2.add(config.getNameOfVulnerabilityToExemptFour().toLowerCase());
        }
        scanResult.setBlackListVulSet(hashSet);
        scanResult.setWhiteListVulSet(hashSet2);
        JSONObject jSONObject = JSONObject.fromObject(str).getJSONObject("report");
        if (jSONObject.isNullObject()) {
            String str2 = "Scan failed. Error Message: " + JSONObject.fromObject(str).get("error_message").toString();
            this.logger.println(str2);
            throw new AbortException(str2);
        }
        int i3 = 0;
        int i4 = 0;
        int i5 = 0;
        boolean customizedRatingScale = config.getCustomizedRatingScale();
        Double highSeverityThreshold = config.getHighSeverityThreshold();
        Double mediumSeverityThreshold = config.getMediumSeverityThreshold();
        boolean z = false;
        boolean z2 = false;
        HashSet hashSet3 = new HashSet();
        HashSet hashSet4 = new HashSet();
        HashSet hashSet5 = new HashSet();
        HashSet hashSet6 = new HashSet();
        JSONArray jSONArray = jSONObject.getJSONArray("vulnerabilities");
        if (jSONArray.size() > 0) {
            for (int i6 = 0; i6 < jSONArray.size(); i6++) {
                JSONObject jSONObject2 = jSONArray.getJSONObject(i6);
                String lowerCase = jSONObject2.getString("name").toLowerCase();
                if (!hashSet.isEmpty() && hashSet.contains(lowerCase)) {
                    z = true;
                    hashSet3.add(lowerCase.toUpperCase());
                }
                if (hashSet2.isEmpty() || !hashSet2.contains(lowerCase)) {
                    i3++;
                    String severity = customizedRatingScale ? getSeverity(Double.valueOf(Double.parseDouble(jSONObject2.getString("score"))), highSeverityThreshold, mediumSeverityThreshold) : jSONObject2.getString("severity");
                    Vulnerability vulnerability = new Vulnerability();
                    vulnerability.setName(lowerCase);
                    vulnerability.setLink(jSONObject2.getString("link"));
                    vulnerability.setScore(Float.valueOf(jSONObject2.getString("score")).floatValue());
                    vulnerability.setPackage_name(jSONObject2.getString("package_name"));
                    vulnerability.setPackage_version(jSONObject2.getString("package_version"));
                    vulnerability.setFixed_version(jSONObject2.getString("fixed_version"));
                    vulnerability.setVectors(jSONObject2.getString("vectors"));
                    vulnerability.setDescription(jSONObject2.getString("description"));
                    vulnerability.setFeed_rating(jSONObject2.getString("feed_rating"));
                    if (severity.equalsIgnoreCase("High")) {
                        i4++;
                        vulnerability.setSeverity("High");
                        hashSet5.add(vulnerability);
                    } else if (severity.equalsIgnoreCase("Medium")) {
                        i5++;
                        vulnerability.setSeverity("Medium");
                        hashSet6.add(vulnerability);
                    }
                } else {
                    z2 = true;
                    hashSet4.add(lowerCase.toUpperCase());
                }
            }
            scanResult.setBlackListVulExisted(z);
            scanResult.setWhiteListVulExisted(z2);
            scanResult.setExistedBlackListVulSet(hashSet3);
            scanResult.setExistedWhiteListVulSet(hashSet4);
            scanResult.setTotalVulnerabilityNumber(i3);
            scanResult.setHighSeverityNumber(i4);
            scanResult.setMediumSeverityNumber(i5);
            scanResult.setHighVulnerabilitySet(hashSet5);
            scanResult.setMediumVulnerabilitySet(hashSet6);
            if (config.getScanLayers()) {
                scanResult.setScanLayerConfigured(true);
                if (jSONObject.has("layers")) {
                    scanResult.setScanLayerSupported(true);
                    JSONArray jSONArray2 = jSONObject.getJSONArray("layers");
                    LinkedHashMap<String, Set<Vulnerability>> linkedHashMap = new LinkedHashMap<>();
                    for (int i7 = 0; i7 < jSONArray2.size(); i7++) {
                        JSONObject jSONObject3 = jSONArray2.getJSONObject(i7);
                        String substring = jSONObject3.getString("digest").substring(0, 12);
                        JSONArray jSONArray3 = jSONObject3.getJSONArray("vulnerabilities");
                        HashSet hashSet7 = new HashSet();
                        for (int i8 = 0; i8 < jSONArray3.size(); i8++) {
                            JSONObject jSONObject4 = jSONArray3.getJSONObject(i8);
                            String lowerCase2 = jSONObject4.getString("name").toLowerCase();
                            if (!z2 || !hashSet2.contains(lowerCase2)) {
                                Vulnerability vulnerability2 = new Vulnerability();
                                vulnerability2.setName(lowerCase2);
                                vulnerability2.setScore(Float.valueOf(jSONObject4.getString("score")).floatValue());
                                vulnerability2.setPackage_name(jSONObject4.getString("package_name"));
                                vulnerability2.setPackage_version(jSONObject4.getString("package_version"));
                                vulnerability2.setFixed_version(jSONObject4.getString("fixed_version"));
                                vulnerability2.setLink(jSONObject4.getString("link"));
                                vulnerability2.setFeed_rating(jSONObject4.getString("feed_rating"));
                                hashSet7.add(vulnerability2);
                            }
                        }
                        linkedHashMap.put(substring, hashSet7);
                    }
                    scanResult.setLayeredVulsMap(linkedHashMap);
                } else {
                    scanResult.setScanLayerSupported(false);
                }
            } else {
                scanResult.setScanLayerConfigured(false);
            }
        } else {
            scanResult.setTotalVulnerabilityNumber(0);
            scanResult.setScanSummary("Scanned. No vulnerabilities found.");
        }
        return scanResult;
    }

    private void makeIfFailDecision(int i, int i2, boolean z, Set<String> set) throws AbortException {
        int parseInt;
        int parseInt2;
        boolean z2 = false;
        StringBuilder sb = new StringBuilder();
        if (this.config.getNumberOfHighSeverityToFail() != null && !this.config.getNumberOfHighSeverityToFail().isEmpty() && (parseInt2 = Integer.parseInt(this.config.getNumberOfHighSeverityToFail())) != 0 && parseInt2 <= i) {
            z2 = true;
            sb.append(i).append(" High severity vulnerabilities");
        }
        if (this.config.getNumberOfMediumSeverityToFail() != null && !this.config.getNumberOfMediumSeverityToFail().isEmpty() && (parseInt = Integer.parseInt(this.config.getNumberOfMediumSeverityToFail())) != 0 && parseInt <= i2) {
            if (z2) {
                sb.append(", ");
            }
            z2 = true;
            sb.append(i2).append(" Medium severity vulnerabilities");
        }
        if (z) {
            if (z2) {
                sb.append(", and ");
            }
            sb.append("vulnerabilities: ").append(set.toString());
        }
        this.logger.println("");
        this.logger.println("****************** NeuVector scan summary *******************");
        if (z2 || z) {
            sb.append(" are present.");
            String str = "Build failed because " + ((Object) sb);
            this.logger.println(str);
            throw new AbortException(str);
        }
        StringBuilder sb2 = new StringBuilder();
        if (!this.config.isLocal()) {
            sb2.append("Registry URL: ").append(this.config.getRegistry().getRegUrl()).append(", ");
        }
        sb2.append("Repository: ").append(this.config.getRepository()).append(", ").append("Tag: ").append(this.config.getTag()).append(", ").append("Total vulnerabilities: ").append(i + i2).append(", ").append("High severity vulnerabilities: ").append(i).append(", ").append("Medium severity vulnerabilities: ").append(i2).toString();
        this.logger.println(sb2.toString());
    }

    private String generateScannerName() {
        StringBuilder sb = new StringBuilder();
        Random random = new Random();
        while (sb.length() < 6) {
            sb.append("ABCDEFGHIJKLMNOPQRSTUVWXYZ".charAt((int) (random.nextFloat() * "ABCDEFGHIJKLMNOPQRSTUVWXYZ".length())));
        }
        return sb.toString();
    }
}
