package org.sonar.java.checks;

import java.util.Arrays;
import java.util.List;
import java.util.Set;
import org.apache.xerces.impl.xs.SchemaSymbols;
import org.sonar.check.Rule;
import org.sonar.java.model.ExpressionUtils;
import org.sonar.plugins.java.api.IssuableSubscriptionVisitor;
import org.sonar.plugins.java.api.semantic.MethodMatchers;
import org.sonar.plugins.java.api.tree.IdentifierTree;
import org.sonar.plugins.java.api.tree.MethodInvocationTree;
import org.sonar.plugins.java.api.tree.NewClassTree;
import org.sonar.plugins.java.api.tree.Tree;
import org.sonarsource.analyzer.commons.collections.SetUtils;

@Rule(key = "S2245")
/* loaded from: input_file:WEB-INF/lib/sonar-java-plugin-7.23.0.32023.jar:org/sonar/java/checks/PseudoRandomCheck.class */
public class PseudoRandomCheck extends IssuableSubscriptionVisitor {
    private static final String MESSAGE = "Make sure that using this pseudorandom number generator is safe here.";
    private static final MethodMatchers STATIC_RANDOM_METHODS = MethodMatchers.or(MethodMatchers.create().ofTypes("java.lang.Math").names("random").addWithoutParametersMatcher().build(), MethodMatchers.create().ofSubTypes("java.util.concurrent.ThreadLocalRandom", "org.apache.commons.lang.math.RandomUtils", "org.apache.commons.lang3.RandomUtils", "org.apache.commons.lang.RandomStringUtils", "org.apache.commons.lang3.RandomStringUtils").anyName().withAnyParameters().build());
    private static final MethodMatchers RANDOM_STRING_UTILS_RANDOM_WITH_RANDOM_SOURCE = MethodMatchers.create().ofSubTypes("org.apache.commons.lang.RandomStringUtils", "org.apache.commons.lang3.RandomStringUtils").names("random").addParametersMatcher(SchemaSymbols.ATTVAL_INT, SchemaSymbols.ATTVAL_INT, SchemaSymbols.ATTVAL_INT, SchemaSymbols.ATTVAL_BOOLEAN, SchemaSymbols.ATTVAL_BOOLEAN, "char[]", "java.util.Random").build();
    private static final Set<String> RANDOM_CONSTRUCTOR_TYPES = SetUtils.immutableSetOf("java.util.Random", "org.apache.commons.lang.math.JVMRandom");

    @Override // org.sonar.java.ast.visitors.SubscriptionVisitor
    public List<Tree.Kind> nodesToVisit() {
        return Arrays.asList(Tree.Kind.NEW_CLASS, Tree.Kind.METHOD_INVOCATION);
    }

    @Override // org.sonar.java.ast.visitors.SubscriptionVisitor
    public void visitNode(Tree tree) {
        if (!tree.is(Tree.Kind.METHOD_INVOCATION)) {
            NewClassTree newClassTree = (NewClassTree) tree;
            if (RANDOM_CONSTRUCTOR_TYPES.contains(newClassTree.symbolType().fullyQualifiedName())) {
                reportIssue(newClassTree.identifier(), MESSAGE);
                return;
            }
            return;
        }
        MethodInvocationTree methodInvocationTree = (MethodInvocationTree) tree;
        IdentifierTree methodName = ExpressionUtils.methodName(methodInvocationTree);
        if (isStaticCallToInsecureRandomMethod(methodInvocationTree)) {
            reportIssue(methodName, MESSAGE);
        }
    }

    private static boolean isStaticCallToInsecureRandomMethod(MethodInvocationTree methodInvocationTree) {
        return STATIC_RANDOM_METHODS.matches(methodInvocationTree) && !RANDOM_STRING_UTILS_RANDOM_WITH_RANDOM_SOURCE.matches(methodInvocationTree) && methodInvocationTree.methodSymbol().isStatic();
    }
}
