package org.owasp.dependencycheck.analyzer;

import java.io.FileFilter;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
import org.owasp.dependencycheck.data.cpe.Fields;
import org.owasp.dependencycheck.data.nuget.NugetPackage;
import org.owasp.dependencycheck.data.nuget.NuspecParseException;
import org.owasp.dependencycheck.data.nuget.XPathNuspecParser;
import org.owasp.dependencycheck.data.update.cpe.CPEHandler;
import org.owasp.dependencycheck.dependency.Confidence;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.utils.FileFilterBuilder;
import org.owasp.dependencycheck.utils.Settings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/dependency-check-core-1.3.0.jar:org/owasp/dependencycheck/analyzer/NuspecAnalyzer.class */
public class NuspecAnalyzer extends AbstractFileTypeAnalyzer {
    private static final String ANALYZER_NAME = "Nuspec Analyzer";
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) NuspecAnalyzer.class);
    private static final AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.INFORMATION_COLLECTION;
    private static final String SUPPORTED_EXTENSIONS = "nuspec";
    private static final FileFilter FILTER = FileFilterBuilder.newInstance().addExtensions(SUPPORTED_EXTENSIONS).build();

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    public void initializeFileTypeAnalyzer() throws Exception {
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public String getName() {
        return ANALYZER_NAME;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected String getAnalyzerEnabledSettingKey() {
        return Settings.KEYS.ANALYZER_NUSPEC_ENABLED;
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public AnalysisPhase getAnalysisPhase() {
        return ANALYSIS_PHASE;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected FileFilter getFileFilter() {
        return FILTER;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    public void analyzeFileType(Dependency dependency, Engine engine) throws AnalysisException {
        LOGGER.debug("Checking Nuspec file {}", dependency.toString());
        try {
            XPathNuspecParser xPathNuspecParser = new XPathNuspecParser();
            try {
                try {
                    FileInputStream fileInputStream = new FileInputStream(dependency.getActualFilePath());
                    NugetPackage parse = xPathNuspecParser.parse(fileInputStream);
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException e) {
                            LOGGER.debug("Error closing input stream");
                        }
                    }
                    if (parse.getOwners() != null) {
                        dependency.getVendorEvidence().addEvidence(SUPPORTED_EXTENSIONS, "owners", parse.getOwners(), Confidence.HIGHEST);
                    }
                    dependency.getVendorEvidence().addEvidence(SUPPORTED_EXTENSIONS, "authors", parse.getAuthors(), Confidence.HIGH);
                    dependency.getVersionEvidence().addEvidence(SUPPORTED_EXTENSIONS, "version", parse.getVersion(), Confidence.HIGHEST);
                    dependency.getProductEvidence().addEvidence(SUPPORTED_EXTENSIONS, Fields.DOCUMENT_KEY, parse.getId(), Confidence.HIGHEST);
                    if (parse.getTitle() != null) {
                        dependency.getProductEvidence().addEvidence(SUPPORTED_EXTENSIONS, CPEHandler.Element.TITLE, parse.getTitle(), Confidence.MEDIUM);
                    }
                } finally {
                }
            } catch (FileNotFoundException e2) {
                throw new AnalysisException(e2);
            } catch (NuspecParseException e22) {
                throw new AnalysisException(e22);
            }
        } finally {
            AnalysisException analysisException = new AnalysisException(e22);
        }
    }
}
