package org.owasp.dependencycheck.data.golang;

import com.github.packageurl.MalformedPackageURLException;
import com.github.packageurl.PackageURL;
import com.github.packageurl.PackageURLBuilder;
import org.apache.commons.jcs.engine.CacheConstants;
import org.apache.commons.lang3.StringUtils;
import org.owasp.dependencycheck.analyzer.GolangModAnalyzer;
import org.owasp.dependencycheck.data.cpe.Fields;
import org.owasp.dependencycheck.dependency.Confidence;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.EvidenceType;
import org.owasp.dependencycheck.dependency.naming.GenericIdentifier;
import org.owasp.dependencycheck.dependency.naming.Identifier;
import org.owasp.dependencycheck.dependency.naming.PurlIdentifier;
import org.owasp.dependencycheck.utils.Checksum;
import org.owasp.dependencycheck.xml.pom.PomHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/dependency-check-core-5.3.2.jar:org/owasp/dependencycheck/data/golang/GoModDependency.class */
public class GoModDependency {
    private static final Logger LOGGER = LoggerFactory.getLogger(GoModDependency.class);
    private final String modulePath;
    private final String version;
    private final PackageURLBuilder packageURLBuilder = PackageURLBuilder.aPackageURL().withType(PackageURL.StandardTypes.GOLANG);

    /* JADX INFO: Access modifiers changed from: package-private */
    public GoModDependency(String str, String str2) {
        this.modulePath = str;
        this.version = str2;
    }

    public Dependency toDependency(Dependency dependency) {
        return createDependency(dependency, this.modulePath, this.version);
    }

    private Dependency createDependency(Dependency dependency, String str, String str2) {
        String str3;
        Identifier genericIdentifier;
        Dependency dependency2 = new Dependency(dependency.getActualFile(), true);
        String str4 = null;
        String str5 = null;
        String str6 = null;
        int lastIndexOf = str.lastIndexOf("/");
        if (lastIndexOf > 0) {
            str6 = str.substring(0, lastIndexOf);
            int indexOf = str6.indexOf("/");
            if (indexOf > 0) {
                str4 = str6.substring(0, indexOf);
                str5 = str6.substring(indexOf + 1);
            }
            str3 = str.substring(lastIndexOf + 1);
        } else {
            str3 = str;
        }
        String format = String.format("%s:%s/%s/%s", dependency.getFilePath(), str6, str3, str2);
        this.packageURLBuilder.withName(str3);
        this.packageURLBuilder.withNamespace(str6);
        this.packageURLBuilder.withVersion(str2);
        dependency2.setEcosystem("Golang");
        dependency2.setDisplayFileName(str + CacheConstants.NAME_COMPONENT_DELIMITER + str2);
        dependency2.setName(str3);
        dependency2.setVersion(str2);
        dependency2.setPackagePath(String.format("%s:%s", str, str2));
        dependency2.setFilePath(format);
        dependency2.setSha1sum(Checksum.getSHA1Checksum(format));
        dependency2.setSha256sum(Checksum.getSHA256Checksum(format));
        dependency2.setMd5sum(Checksum.getMD5Checksum(format));
        if (str5 != null) {
            dependency2.addEvidence(EvidenceType.VENDOR, GolangModAnalyzer.GO_MOD, Fields.VENDOR, str5, Confidence.HIGHEST);
            dependency2.addEvidence(EvidenceType.VENDOR, GolangModAnalyzer.GO_MOD, Fields.VENDOR, str5, Confidence.MEDIUM);
        }
        if (str4 != null && !"golang.org".equals(str4)) {
            dependency2.addEvidence(EvidenceType.VENDOR, GolangModAnalyzer.GO_MOD, "namespace", str4, Confidence.LOW);
        }
        dependency2.addEvidence(EvidenceType.PRODUCT, GolangModAnalyzer.GO_MOD, PomHandler.NAME, str3, Confidence.HIGHEST);
        dependency2.addEvidence(EvidenceType.VENDOR, GolangModAnalyzer.GO_MOD, PomHandler.NAME, str3, Confidence.HIGH);
        dependency2.addEvidence(EvidenceType.VERSION, GolangModAnalyzer.GO_MOD, "version", str2, Confidence.HIGHEST);
        try {
            genericIdentifier = new PurlIdentifier(this.packageURLBuilder.build(), Confidence.HIGHEST);
        } catch (MalformedPackageURLException e) {
            LOGGER.warn("Unable to create package-url identifier for `{}` in `{}` - reason: {}", new Object[]{str, dependency.getFilePath(), e.getMessage()});
            StringBuilder sb = new StringBuilder(str);
            if (StringUtils.isNotBlank(str2)) {
                sb.append("@").append(str2);
            }
            genericIdentifier = new GenericIdentifier(sb.toString(), Confidence.HIGH);
        }
        dependency2.addSoftwareIdentifier(genericIdentifier);
        return dependency2;
    }

    public String toString() {
        return this.modulePath + ": " + this.version;
    }
}
