package org.owasp.dependencycheck.analyzer;

import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileFilter;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FilenameFilter;
import javax.mail.MessagingException;
import javax.mail.internet.InternetHeaders;
import org.apache.commons.compress.archivers.ArchiveStreamFactory;
import org.apache.commons.io.filefilter.NameFileFilter;
import org.apache.commons.io.filefilter.SuffixFileFilter;
import org.apache.commons.io.input.AutoCloseInputStream;
import org.apache.commons.lang3.StringUtils;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
import org.owasp.dependencycheck.data.cpe.Fields;
import org.owasp.dependencycheck.data.update.cpe.CPEHandler;
import org.owasp.dependencycheck.dependency.Confidence;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.EvidenceCollection;
import org.owasp.dependencycheck.utils.ExtractionException;
import org.owasp.dependencycheck.utils.ExtractionUtil;
import org.owasp.dependencycheck.utils.FileFilterBuilder;
import org.owasp.dependencycheck.utils.FileUtils;
import org.owasp.dependencycheck.utils.Settings;
import org.owasp.dependencycheck.utils.UrlStringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/dependency-check-core-1.3.6.jar:org/owasp/dependencycheck/analyzer/PythonDistributionAnalyzer.class */
public class PythonDistributionAnalyzer extends AbstractFileTypeAnalyzer {
    private static final String ANALYZER_NAME = "Python Distribution Analyzer";
    private File tempFileLocation;
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) PythonDistributionAnalyzer.class);
    private static int dirCount = 0;
    private static final AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.INFORMATION_COLLECTION;
    private static final String[] EXTENSIONS = {"whl", "egg", ArchiveStreamFactory.ZIP};
    private static final FileFilter EGG_OR_ZIP = FileFilterBuilder.newInstance().addExtensions("egg", ArchiveStreamFactory.ZIP).build();
    private static final FileFilter WHL_FILTER = FileFilterBuilder.newInstance().addExtensions("whl").build();
    private static final FilenameFilter DIST_INFO_FILTER = new SuffixFileFilter(".dist-info");
    private static final FilenameFilter EGG_INFO_FILTER = new NameFileFilter("EGG-INFO");
    private static final String METADATA = "METADATA";
    private static final NameFileFilter METADATA_FILTER = new NameFileFilter(METADATA);
    private static final String PKG_INFO = "PKG-INFO";
    private static final NameFileFilter PKG_INFO_FILTER = new NameFileFilter(PKG_INFO);
    private static final FileFilter FILTER = FileFilterBuilder.newInstance().addFileFilters(METADATA_FILTER, PKG_INFO_FILTER).addExtensions(EXTENSIONS).build();

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected FileFilter getFileFilter() {
        return FILTER;
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public String getName() {
        return ANALYZER_NAME;
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public AnalysisPhase getAnalysisPhase() {
        return ANALYSIS_PHASE;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected String getAnalyzerEnabledSettingKey() {
        return Settings.KEYS.ANALYZER_PYTHON_DISTRIBUTION_ENABLED;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected void analyzeFileType(Dependency dependency, Engine engine) throws AnalysisException {
        File actualFile = dependency.getActualFile();
        if (WHL_FILTER.accept(actualFile)) {
            collectMetadataFromArchiveFormat(dependency, DIST_INFO_FILTER, METADATA_FILTER);
            return;
        }
        if (EGG_OR_ZIP.accept(actualFile)) {
            collectMetadataFromArchiveFormat(dependency, EGG_INFO_FILTER, PKG_INFO_FILTER);
            return;
        }
        String name = actualFile.getName();
        boolean equals = METADATA.equals(name);
        if (equals || PKG_INFO.equals(name)) {
            File parentFile = actualFile.getParentFile();
            String name2 = parentFile.getName();
            dependency.setDisplayFileName(name2 + "/" + name);
            if (parentFile.isDirectory()) {
                if ((equals && name2.endsWith(".dist-info")) || name2.endsWith(".egg-info") || "EGG-INFO".equals(name2)) {
                    collectWheelMetadata(dependency, actualFile);
                }
            }
        }
    }

    private void collectMetadataFromArchiveFormat(Dependency dependency, FilenameFilter filenameFilter, FilenameFilter filenameFilter2) throws AnalysisException {
        File nextTempDirectory = getNextTempDirectory();
        LOGGER.debug("{} exists? {}", nextTempDirectory, Boolean.valueOf(nextTempDirectory.exists()));
        try {
            ExtractionUtil.extractFilesUsingFilter(new File(dependency.getActualFilePath()), nextTempDirectory, filenameFilter2);
            collectWheelMetadata(dependency, getMatchingFile(getMatchingFile(nextTempDirectory, filenameFilter), filenameFilter2));
        } catch (ExtractionException e) {
            throw new AnalysisException(e);
        }
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected void initializeFileTypeAnalyzer() throws Exception {
        this.tempFileLocation = File.createTempFile(CPEHandler.Element.CHECK, "tmp", Settings.getTempDirectory());
        if (!this.tempFileLocation.delete()) {
            throw new AnalysisException(String.format("Unable to delete temporary file '%s'.", this.tempFileLocation.getAbsolutePath()));
        }
        if (!this.tempFileLocation.mkdirs()) {
            throw new AnalysisException(String.format("Unable to create directory '%s'.", this.tempFileLocation.getAbsolutePath()));
        }
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer, org.owasp.dependencycheck.analyzer.Analyzer
    public void close() {
        if (this.tempFileLocation == null || !this.tempFileLocation.exists()) {
            return;
        }
        LOGGER.debug("Attempting to delete temporary files");
        if (FileUtils.delete(this.tempFileLocation)) {
            return;
        }
        LOGGER.warn("Failed to delete some temporary files, see the log for more details");
    }

    private static void collectWheelMetadata(Dependency dependency, File file) {
        InternetHeaders manifestProperties = getManifestProperties(file);
        addPropertyToEvidence(manifestProperties, dependency.getVersionEvidence(), "Version", Confidence.HIGHEST);
        addPropertyToEvidence(manifestProperties, dependency.getProductEvidence(), "Name", Confidence.HIGHEST);
        String header = manifestProperties.getHeader("Home-page", null);
        EvidenceCollection vendorEvidence = dependency.getVendorEvidence();
        if (StringUtils.isNotBlank(header) && UrlStringUtils.isUrl(header)) {
            vendorEvidence.addEvidence(METADATA, Fields.VENDOR, header, Confidence.MEDIUM);
        }
        addPropertyToEvidence(manifestProperties, vendorEvidence, "Author", Confidence.LOW);
        String header2 = manifestProperties.getHeader("Summary", null);
        if (StringUtils.isNotBlank(header2)) {
            JarAnalyzer.addDescription(dependency, header2, METADATA, "summary");
        }
    }

    private static void addPropertyToEvidence(InternetHeaders internetHeaders, EvidenceCollection evidenceCollection, String str, Confidence confidence) {
        String header = internetHeaders.getHeader(str, null);
        LOGGER.debug("Property: {}, Value: {}", str, header);
        if (StringUtils.isNotBlank(header)) {
            evidenceCollection.addEvidence(METADATA, str, header, confidence);
        }
    }

    private static File getMatchingFile(File file, FilenameFilter filenameFilter) {
        File file2 = null;
        File[] listFiles = file.listFiles(filenameFilter);
        if (null != listFiles && 1 == listFiles.length) {
            file2 = listFiles[0];
        }
        return file2;
    }

    private static InternetHeaders getManifestProperties(File file) {
        InternetHeaders internetHeaders = new InternetHeaders();
        if (null == file) {
            LOGGER.debug("Manifest file not found.");
        } else {
            try {
                internetHeaders.load(new AutoCloseInputStream(new BufferedInputStream(new FileInputStream(file))));
            } catch (FileNotFoundException e) {
                LOGGER.warn(e.getMessage(), (Throwable) e);
            } catch (MessagingException e2) {
                LOGGER.warn(e2.getMessage(), (Throwable) e2);
            }
        }
        return internetHeaders;
    }

    private File getNextTempDirectory() throws AnalysisException {
        File file;
        do {
            dirCount++;
            file = new File(this.tempFileLocation, String.valueOf(dirCount));
        } while (file.exists());
        if (file.mkdirs()) {
            return file;
        }
        throw new AnalysisException(String.format("Unable to create temp directory '%s'.", file.getAbsolutePath()));
    }
}
