package org.owasp.dependencycheck.analyzer;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.io.File;
import java.io.FileFilter;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.charset.Charset;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang3.StringUtils;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
import org.owasp.dependencycheck.dependency.Confidence;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.exception.InitializationException;
import org.owasp.dependencycheck.utils.Checksum;
import org.owasp.dependencycheck.utils.FileFilterBuilder;
import org.owasp.dependencycheck.utils.Settings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Experimental
/* loaded from: input_file:WEB-INF/lib/dependency-check-core-2.0.0.jar:org/owasp/dependencycheck/analyzer/CMakeAnalyzer.class */
public class CMakeAnalyzer extends AbstractFileTypeAnalyzer {
    private static final int REGEX_OPTIONS = 42;
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) CMakeAnalyzer.class);
    private static final Pattern PROJECT = Pattern.compile("^ *project *\\([ \\n]*(\\w+)[ \\n]*.*?\\)", 42);
    private static final Pattern SET_VERSION = Pattern.compile("^ *set\\s*\\(\\s*(\\w+)_version\\s+\"?(\\d+(?:\\.\\d+)+)[\\s\"]?\\)", 42);
    private static final FileFilter FILTER = FileFilterBuilder.newInstance().addExtensions(".cmake").addFilenames("CMakeLists.txt").build();

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public String getName() {
        return "CMake Analyzer";
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public AnalysisPhase getAnalysisPhase() {
        return AnalysisPhase.INFORMATION_COLLECTION;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected FileFilter getFileFilter() {
        return FILTER;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected void initializeFileTypeAnalyzer() throws InitializationException {
        try {
            getSha1MessageDigest();
        } catch (IllegalStateException e) {
            setEnabled(false);
            throw new InitializationException("Unable to create SHA1 MessageDigest", e);
        }
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer
    protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException {
        File actualFile = dependency.getActualFile();
        String name = actualFile.getParentFile().getName();
        String name2 = actualFile.getName();
        dependency.setDisplayFileName(String.format("%s%c%s", name, Character.valueOf(File.separatorChar), name2));
        try {
            String trim = FileUtils.readFileToString(actualFile, Charset.defaultCharset()).trim();
            if (StringUtils.isNotBlank(trim)) {
                Matcher matcher = PROJECT.matcher(trim);
                int i = 0;
                while (matcher.find()) {
                    i++;
                    LOGGER.debug(String.format("Found project command match with %d groups: %s", Integer.valueOf(matcher.groupCount()), matcher.group(0)));
                    String group = matcher.group(1);
                    LOGGER.debug("Group 1: {}", group);
                    dependency.getProductEvidence().addEvidence(name2, "Project", group, Confidence.HIGH);
                }
                LOGGER.debug("Found {} matches.", Integer.valueOf(i));
                analyzeSetVersionCommand(dependency, engine, trim);
            }
        } catch (IOException e) {
            throw new AnalysisException("Problem occurred while reading dependency file.", e);
        }
    }

    @SuppressFBWarnings(value = {"DM_DEFAULT_ENCODING"}, justification = "Default encoding is only used if UTF-8 is not available")
    private void analyzeSetVersionCommand(Dependency dependency, Engine engine, String str) {
        byte[] bytes;
        Dependency dependency2 = dependency;
        Matcher matcher = SET_VERSION.matcher(str);
        int i = 0;
        while (matcher.find()) {
            i++;
            LOGGER.debug("Found project command match with {} groups: {}", Integer.valueOf(matcher.groupCount()), matcher.group(0));
            String group = matcher.group(1);
            String group2 = matcher.group(2);
            LOGGER.debug("Group 1: {}", group);
            LOGGER.debug("Group 2: {}", group2);
            if (group.startsWith("ALIASOF_")) {
                group = group.replaceFirst("ALIASOF_", StringUtils.EMPTY);
            }
            if (i > 1) {
                dependency2 = new Dependency(dependency.getActualFile());
                dependency2.setDisplayFileName(String.format("%s:%s", dependency.getDisplayFileName(), group));
                String format = String.format("%s:%s", dependency.getFilePath(), group);
                dependency2.setFilePath(format);
                try {
                    bytes = format.getBytes("UTF-8");
                } catch (UnsupportedEncodingException e) {
                    bytes = format.getBytes();
                }
                dependency2.setSha1sum(Checksum.getHex(getSha1MessageDigest().digest(bytes)));
                engine.getDependencies().add(dependency2);
            }
            String displayFileName = dependency2.getDisplayFileName();
            dependency2.getProductEvidence().addEvidence(displayFileName, "Product", group, Confidence.MEDIUM);
            dependency2.getVersionEvidence().addEvidence(displayFileName, "Version", group2, Confidence.MEDIUM);
        }
        LOGGER.debug("Found {} matches.", Integer.valueOf(i));
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer
    protected String getAnalyzerEnabledSettingKey() {
        return Settings.KEYS.ANALYZER_CMAKE_ENABLED;
    }

    private MessageDigest getSha1MessageDigest() {
        try {
            return MessageDigest.getInstance("SHA1");
        } catch (NoSuchAlgorithmException e) {
            LOGGER.error(e.getMessage());
            throw new IllegalStateException("Failed to obtain the SHA1 message digest.", e);
        }
    }
}
