package org.owasp.dependencycheck.analyzer;

import java.io.FileFilter;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.util.List;
import javax.annotation.concurrent.ThreadSafe;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
import org.owasp.dependencycheck.data.cpe.Fields;
import org.owasp.dependencycheck.data.nuget.MSBuildProjectParseException;
import org.owasp.dependencycheck.data.nuget.NugetPackageReference;
import org.owasp.dependencycheck.data.nuget.XPathMSBuildProjectParser;
import org.owasp.dependencycheck.dependency.Confidence;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.EvidenceType;
import org.owasp.dependencycheck.exception.InitializationException;
import org.owasp.dependencycheck.utils.Checksum;
import org.owasp.dependencycheck.utils.FileFilterBuilder;
import org.owasp.dependencycheck.utils.Settings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Experimental
@ThreadSafe
/* loaded from: input_file:WEB-INF/lib/dependency-check-core-3.3.0.jar:org/owasp/dependencycheck/analyzer/MSBuildProjectAnalyzer.class */
public class MSBuildProjectAnalyzer extends AbstractFileTypeAnalyzer {
    private static final String ANALYZER_NAME = "MSBuild Project Analyzer";
    private static final Logger LOGGER = LoggerFactory.getLogger(NuspecAnalyzer.class);
    private static final AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.INFORMATION_COLLECTION;
    private static final String[] SUPPORTED_EXTENSIONS = {"csproj", "vbproj"};
    private static final FileFilter FILTER = FileFilterBuilder.newInstance().addExtensions(SUPPORTED_EXTENSIONS).build();

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public String getName() {
        return ANALYZER_NAME;
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public AnalysisPhase getAnalysisPhase() {
        return ANALYSIS_PHASE;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected FileFilter getFileFilter() {
        return FILTER;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer
    protected String getAnalyzerEnabledSettingKey() {
        return Settings.KEYS.ANALYZER_MSBUILD_PROJECT_ENABLED;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected void prepareFileTypeAnalyzer(Engine engine) throws InitializationException {
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer
    protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException {
        LOGGER.debug("Checking MSBuild project file {}", dependency);
        try {
            XPathMSBuildProjectParser xPathMSBuildProjectParser = new XPathMSBuildProjectParser();
            try {
                FileInputStream fileInputStream = new FileInputStream(dependency.getActualFilePath());
                Throwable th = null;
                try {
                    try {
                        List<NugetPackageReference> parse = xPathMSBuildProjectParser.parse(fileInputStream);
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                        if (parse == null || parse.isEmpty()) {
                            return;
                        }
                        for (NugetPackageReference nugetPackageReference : parse) {
                            Dependency dependency2 = new Dependency(dependency.getActualFile(), true);
                            String id = nugetPackageReference.getId();
                            String version = nugetPackageReference.getVersion();
                            dependency2.setEcosystem(NuspecAnalyzer.DEPENDENCY_ECOSYSTEM);
                            dependency2.setName(id);
                            dependency2.setVersion(version);
                            dependency2.setPackagePath(String.format("%s:%s", id, version));
                            dependency2.setSha1sum(Checksum.getSHA1Checksum(String.format("%s:%s", id, version)));
                            dependency2.setSha256sum(Checksum.getSHA256Checksum(String.format("%s:%s", id, version)));
                            dependency2.setMd5sum(Checksum.getMD5Checksum(String.format("%s:%s", id, version)));
                            dependency2.addEvidence(EvidenceType.PRODUCT, "msbuild", Fields.DOCUMENT_KEY, id, Confidence.HIGHEST);
                            dependency2.addEvidence(EvidenceType.VERSION, "msbuild", "version", version, Confidence.HIGHEST);
                            if (id.indexOf(".") > 0) {
                                String[] split = id.split("\\.");
                                dependency2.addEvidence(EvidenceType.VENDOR, "msbuild", Fields.DOCUMENT_KEY, split[0], Confidence.MEDIUM);
                                dependency2.addEvidence(EvidenceType.PRODUCT, "msbuild", Fields.DOCUMENT_KEY, split[1], Confidence.MEDIUM);
                                if (split.length > 2) {
                                    dependency2.addEvidence(EvidenceType.PRODUCT, "msbuild", Fields.DOCUMENT_KEY, id.substring(id.indexOf(".") + 1), Confidence.MEDIUM);
                                }
                            } else {
                                dependency2.addEvidence(EvidenceType.VENDOR, "msbuild", Fields.DOCUMENT_KEY, id, Confidence.LOW);
                            }
                            engine.addDependency(dependency2);
                        }
                    } catch (Throwable th3) {
                        th = th3;
                        throw th3;
                    }
                } catch (Throwable th4) {
                    if (fileInputStream != null) {
                        if (th != null) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th5) {
                                th.addSuppressed(th5);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                    throw th4;
                }
            } catch (FileNotFoundException | MSBuildProjectParseException e) {
                throw new AnalysisException(e);
            }
        } catch (Throwable th6) {
            throw new AnalysisException(th6);
        }
    }
}
