package org.owasp.dependencycheck.dependency;

import java.io.File;
import java.io.IOException;
import java.io.Serializable;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.builder.EqualsBuilder;
import org.apache.commons.lang3.builder.HashCodeBuilder;
import org.owasp.dependencycheck.data.nexus.MavenArtifact;
import org.owasp.dependencycheck.utils.Checksum;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/dependency-check-core-1.3.4.jar:org/owasp/dependencycheck/dependency/Dependency.class */
public class Dependency implements Serializable, Comparable<Dependency> {
    private static final long serialVersionUID = 1;
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) Dependency.class);
    private static final int MAGIC_HASH_INIT_VALUE = 3;
    private static final int MAGIC_HASH_MULTIPLIER = 47;
    private String actualFilePath;
    private String filePath;
    private String fileName;
    private String md5sum;
    private String sha1sum;
    private Set<Identifier> identifiers;
    private final EvidenceCollection vendorEvidence;
    private final EvidenceCollection productEvidence;
    private final EvidenceCollection versionEvidence;
    private String displayName;
    private Set<Identifier> suppressedIdentifiers;
    private SortedSet<Vulnerability> suppressedVulnerabilities;
    private String description;
    private String license;
    private SortedSet<Vulnerability> vulnerabilities;
    private Set<Dependency> relatedDependencies;
    private Set<String> projectReferences;
    private List<String> availableVersions;

    public Dependency() {
        this.displayName = null;
        this.relatedDependencies = new TreeSet();
        this.projectReferences = new HashSet();
        this.availableVersions = new ArrayList();
        this.vendorEvidence = new EvidenceCollection();
        this.productEvidence = new EvidenceCollection();
        this.versionEvidence = new EvidenceCollection();
        this.identifiers = new TreeSet();
        this.vulnerabilities = new TreeSet(new VulnerabilityComparator());
        this.suppressedIdentifiers = new TreeSet();
        this.suppressedVulnerabilities = new TreeSet(new VulnerabilityComparator());
    }

    public Dependency(File file) {
        this();
        this.actualFilePath = file.getAbsolutePath();
        this.filePath = this.actualFilePath;
        this.fileName = file.getName();
        determineHashes(file);
    }

    public String getFileName() {
        return this.fileName;
    }

    public String getFileNameForJavaScript() {
        return this.fileName.replace("\\", "\\\\");
    }

    public void setFileName(String str) {
        this.fileName = str;
    }

    public void setActualFilePath(String str) {
        this.actualFilePath = str;
        if (this.sha1sum == null) {
            determineHashes(new File(this.actualFilePath));
        }
    }

    public String getActualFilePath() {
        return this.actualFilePath;
    }

    public File getActualFile() {
        return new File(this.actualFilePath);
    }

    public void setFilePath(String str) {
        this.filePath = str;
    }

    public void setDisplayFileName(String str) {
        this.displayName = str;
    }

    public String getDisplayFileName() {
        return this.displayName == null ? this.fileName : this.displayName;
    }

    public String getFilePath() {
        return this.filePath;
    }

    public String getMd5sum() {
        return this.md5sum;
    }

    public void setMd5sum(String str) {
        this.md5sum = str;
    }

    public String getSha1sum() {
        return this.sha1sum;
    }

    public void setSha1sum(String str) {
        this.sha1sum = str;
    }

    public Set<Identifier> getIdentifiers() {
        return this.identifiers;
    }

    public void setIdentifiers(Set<Identifier> set) {
        this.identifiers = set;
    }

    public void addIdentifier(String str, String str2, String str3) {
        this.identifiers.add(new Identifier(str, str2, str3));
    }

    public void addIdentifier(String str, String str2, String str3, Confidence confidence) {
        Identifier identifier = new Identifier(str, str2, str3);
        identifier.setConfidence(confidence);
        this.identifiers.add(identifier);
    }

    public void addAsEvidence(String str, MavenArtifact mavenArtifact, Confidence confidence) {
        if (mavenArtifact.getGroupId() != null && !mavenArtifact.getGroupId().isEmpty()) {
            getVendorEvidence().addEvidence(str, "groupid", mavenArtifact.getGroupId(), confidence);
        }
        if (mavenArtifact.getArtifactId() != null && !mavenArtifact.getArtifactId().isEmpty()) {
            getProductEvidence().addEvidence(str, "artifactid", mavenArtifact.getArtifactId(), confidence);
        }
        if (mavenArtifact.getVersion() != null && !mavenArtifact.getVersion().isEmpty()) {
            getVersionEvidence().addEvidence(str, "version", mavenArtifact.getVersion(), confidence);
        }
        if (mavenArtifact.getArtifactUrl() == null || mavenArtifact.getArtifactUrl().isEmpty()) {
            return;
        }
        boolean z = false;
        Iterator<Identifier> it = getIdentifiers().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Identifier next = it.next();
            if ("maven".equals(next.getType()) && next.getValue().equals(mavenArtifact.toString())) {
                z = true;
                next.setConfidence(Confidence.HIGHEST);
                next.setUrl("http://search.maven.org/#search|ga|1|1%3A%22" + getSha1sum() + "%22");
                LOGGER.debug("Already found identifier {}. Confidence set to highest", next.getValue());
                break;
            }
        }
        if (z) {
            return;
        }
        LOGGER.debug("Adding new maven identifier {}", mavenArtifact);
        addIdentifier("maven", mavenArtifact.toString(), mavenArtifact.getArtifactUrl(), Confidence.HIGHEST);
    }

    public void addIdentifier(Identifier identifier) {
        this.identifiers.add(identifier);
    }

    public Set<Identifier> getSuppressedIdentifiers() {
        return this.suppressedIdentifiers;
    }

    public void setSuppressedIdentifiers(Set<Identifier> set) {
        this.suppressedIdentifiers = set;
    }

    public void addSuppressedIdentifier(Identifier identifier) {
        this.suppressedIdentifiers.add(identifier);
    }

    public SortedSet<Vulnerability> getSuppressedVulnerabilities() {
        return this.suppressedVulnerabilities;
    }

    public void setSuppressedVulnerabilities(SortedSet<Vulnerability> sortedSet) {
        this.suppressedVulnerabilities = sortedSet;
    }

    public void addSuppressedVulnerability(Vulnerability vulnerability) {
        this.suppressedVulnerabilities.add(vulnerability);
    }

    public EvidenceCollection getEvidence() {
        return EvidenceCollection.merge(this.productEvidence, this.vendorEvidence, this.versionEvidence);
    }

    public Set<Evidence> getEvidenceForDisplay() {
        return EvidenceCollection.mergeForDisplay(this.productEvidence, this.vendorEvidence, this.versionEvidence);
    }

    public EvidenceCollection getEvidenceUsed() {
        return EvidenceCollection.mergeUsed(this.productEvidence, this.vendorEvidence, this.versionEvidence);
    }

    public EvidenceCollection getVendorEvidence() {
        return this.vendorEvidence;
    }

    public EvidenceCollection getProductEvidence() {
        return this.productEvidence;
    }

    public EvidenceCollection getVersionEvidence() {
        return this.versionEvidence;
    }

    public String getDescription() {
        return this.description;
    }

    public void setDescription(String str) {
        this.description = str;
    }

    public String getLicense() {
        return this.license;
    }

    public void setLicense(String str) {
        this.license = str;
    }

    public SortedSet<Vulnerability> getVulnerabilities() {
        return this.vulnerabilities;
    }

    public void setVulnerabilities(SortedSet<Vulnerability> sortedSet) {
        this.vulnerabilities = sortedSet;
    }

    private void determineHashes(File file) {
        String str = null;
        String str2 = null;
        try {
            str = Checksum.getMD5Checksum(file);
            str2 = Checksum.getSHA1Checksum(file);
        } catch (IOException e) {
            LOGGER.warn("Unable to read '{}' to determine hashes.", file.getName());
            LOGGER.debug(StringUtils.EMPTY, (Throwable) e);
        } catch (NoSuchAlgorithmException e2) {
            LOGGER.warn("Unable to use MD5 of SHA1 checksums.");
            LOGGER.debug(StringUtils.EMPTY, (Throwable) e2);
        }
        setMd5sum(str);
        setSha1sum(str2);
    }

    public void addVulnerability(Vulnerability vulnerability) {
        this.vulnerabilities.add(vulnerability);
    }

    public Set<Dependency> getRelatedDependencies() {
        return this.relatedDependencies;
    }

    public Set<String> getProjectReferences() {
        return this.projectReferences;
    }

    public void setProjectReferences(Set<String> set) {
        this.projectReferences = set;
    }

    public void addProjectReference(String str) {
        this.projectReferences.add(str);
    }

    public void addAllProjectReferences(Set<String> set) {
        this.projectReferences.addAll(set);
    }

    public void setRelatedDependencies(Set<Dependency> set) {
        this.relatedDependencies = set;
    }

    public void addRelatedDependency(Dependency dependency) {
        if (this == dependency) {
            LOGGER.warn("Attempted to add a circular reference - please post the log file to issue #172 here https://github.com/jeremylong/DependencyCheck/issues/172");
            LOGGER.debug("this: {}", this);
            LOGGER.debug("dependency: {}", dependency);
        } else {
            if (this.relatedDependencies.add(dependency)) {
                return;
            }
            LOGGER.debug("Failed to add dependency, likely due to referencing the same file as another dependency in the set.");
            LOGGER.debug("this: {}", this);
            LOGGER.debug("dependency: {}", dependency);
        }
    }

    public List<String> getAvailableVersions() {
        return this.availableVersions;
    }

    public void setAvailableVersions(List<String> list) {
        this.availableVersions = list;
    }

    public void addAvailableVersion(String str) {
        this.availableVersions.add(str);
    }

    @Override // java.lang.Comparable
    public int compareTo(Dependency dependency) {
        return getFilePath().compareToIgnoreCase(dependency.getFilePath());
    }

    public boolean equals(Object obj) {
        if (obj == null || getClass() != obj.getClass()) {
            return false;
        }
        Dependency dependency = (Dependency) obj;
        return new EqualsBuilder().appendSuper(super.equals(obj)).append(this.actualFilePath, dependency.actualFilePath).append(this.filePath, dependency.filePath).append(this.fileName, dependency.fileName).append(this.md5sum, dependency.md5sum).append(this.sha1sum, dependency.sha1sum).append(this.identifiers, dependency.identifiers).append(this.vendorEvidence, dependency.vendorEvidence).append(this.productEvidence, dependency.productEvidence).append(this.versionEvidence, dependency.versionEvidence).append(this.description, dependency.description).append(this.license, dependency.license).append(this.vulnerabilities, dependency.vulnerabilities).append(this.projectReferences, dependency.projectReferences).append(this.availableVersions, dependency.availableVersions).isEquals();
    }

    public int hashCode() {
        return new HashCodeBuilder(3, 47).append(this.actualFilePath).append(this.filePath).append(this.fileName).append(this.md5sum).append(this.sha1sum).append(this.identifiers).append(this.vendorEvidence).append(this.productEvidence).append(this.versionEvidence).append(this.description).append(this.license).append(this.vulnerabilities).append(this.projectReferences).append(this.availableVersions).toHashCode();
    }

    public String toString() {
        return "Dependency{ fileName='" + this.fileName + "', actualFilePath='" + this.actualFilePath + "', filePath='" + this.filePath + "'}";
    }
}
