package org.sonarsource.sonarlint.core.rule.extractor;

import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.annotation.concurrent.Immutable;
import org.sonarsource.sonarlint.core.commons.VulnerabilityProbability;

@Immutable
/* loaded from: input_file:WEB-INF/lib/sonarlint-core-9.1.1.74346.jar:org/sonarsource/sonarlint/core/rule/extractor/SecurityStandards.class */
public final class SecurityStandards {
    public static final String UNKNOWN_STANDARD = "unknown";
    private static final String CWE_PREFIX = "cwe:";
    public static final Map<SLCategory, Set<String>> CWES_BY_SL_CATEGORY = Map.ofEntries(Map.entry(SLCategory.BUFFER_OVERFLOW, Set.of("119", "120", "131", "676", "788")), Map.entry(SLCategory.SQL_INJECTION, Set.of("89", "564", "943")), Map.entry(SLCategory.COMMAND_INJECTION, Set.of("77", "78", "88", "214")), Map.entry(SLCategory.PATH_TRAVERSAL_INJECTION, Set.of("22")), Map.entry(SLCategory.LDAP_INJECTION, Set.of("90")), Map.entry(SLCategory.XPATH_INJECTION, Set.of("643")), Map.entry(SLCategory.RCE, Set.of("94", "95")), Map.entry(SLCategory.DOS, Set.of("400", "624")), Map.entry(SLCategory.SSRF, Set.of("918")), Map.entry(SLCategory.CSRF, Set.of("352")), Map.entry(SLCategory.XSS, Set.of("79", "80", "81", "82", "83", "84", "85", "86", "87")), Map.entry(SLCategory.LOG_INJECTION, Set.of("117")), Map.entry(SLCategory.HTTP_RESPONSE_SPLITTING, Set.of("113")), Map.entry(SLCategory.OPEN_REDIRECT, Set.of("601")), Map.entry(SLCategory.XXE, Set.of("611", "827")), Map.entry(SLCategory.OBJECT_INJECTION, Set.of("134", "470", "502")), Map.entry(SLCategory.WEAK_CRYPTOGRAPHY, Set.of((Object[]) new String[]{"295", "297", "321", "322", "323", "324", "325", "326", "327", "328", "330", "780"})), Map.entry(SLCategory.AUTH, Set.of((Object[]) new String[]{"798", "640", "620", "549", "522", "521", "263", "262", "261", "259", "308"})), Map.entry(SLCategory.INSECURE_CONF, Set.of("102", "215", "346", "614", "489", "942")), Map.entry(SLCategory.FILE_MANIPULATION, Set.of("97", "73")), Map.entry(SLCategory.ENCRYPTION_OF_SENSITIVE_DATA, Set.of("311", "315", "319")), Map.entry(SLCategory.TRACEABILITY, Set.of("778")), Map.entry(SLCategory.PERMISSION, Set.of("266", "269", "284", "668", "732")));
    private final Set<String> standards;
    private final Set<String> cwe;
    private final SLCategory sLCategory;
    private final Set<SLCategory> ignoredSLCategories;

    /* loaded from: input_file:WEB-INF/lib/sonarlint-core-9.1.1.74346.jar:org/sonarsource/sonarlint/core/rule/extractor/SecurityStandards$SLCategory.class */
    public enum SLCategory {
        BUFFER_OVERFLOW("buffer-overflow", VulnerabilityProbability.HIGH),
        SQL_INJECTION("sql-injection", VulnerabilityProbability.HIGH),
        RCE("rce", VulnerabilityProbability.MEDIUM),
        OBJECT_INJECTION("object-injection", VulnerabilityProbability.LOW),
        COMMAND_INJECTION("command-injection", VulnerabilityProbability.HIGH),
        PATH_TRAVERSAL_INJECTION("path-traversal-injection", VulnerabilityProbability.HIGH),
        LDAP_INJECTION("ldap-injection", VulnerabilityProbability.LOW),
        XPATH_INJECTION("xpath-injection", VulnerabilityProbability.LOW),
        LOG_INJECTION("log-injection", VulnerabilityProbability.LOW),
        XXE("xxe", VulnerabilityProbability.MEDIUM),
        XSS("xss", VulnerabilityProbability.HIGH),
        DOS("dos", VulnerabilityProbability.MEDIUM),
        SSRF("ssrf", VulnerabilityProbability.MEDIUM),
        CSRF("csrf", VulnerabilityProbability.HIGH),
        HTTP_RESPONSE_SPLITTING("http-response-splitting", VulnerabilityProbability.LOW),
        OPEN_REDIRECT("open-redirect", VulnerabilityProbability.MEDIUM),
        WEAK_CRYPTOGRAPHY("weak-cryptography", VulnerabilityProbability.MEDIUM),
        AUTH("auth", VulnerabilityProbability.HIGH),
        INSECURE_CONF("insecure-conf", VulnerabilityProbability.LOW),
        FILE_MANIPULATION("file-manipulation", VulnerabilityProbability.LOW),
        ENCRYPTION_OF_SENSITIVE_DATA("encrypt-data", VulnerabilityProbability.LOW),
        TRACEABILITY("traceability", VulnerabilityProbability.LOW),
        PERMISSION("permission", VulnerabilityProbability.MEDIUM),
        OTHERS("others", VulnerabilityProbability.LOW);

        private final String key;
        private final VulnerabilityProbability vulnerability;

        SLCategory(String str, VulnerabilityProbability vulnerabilityProbability) {
            this.key = str;
            this.vulnerability = vulnerabilityProbability;
        }

        public String getKey() {
            return this.key;
        }

        public VulnerabilityProbability getVulnerability() {
            return this.vulnerability;
        }
    }

    private SecurityStandards(Set<String> set, Set<String> set2, SLCategory sLCategory, Set<SLCategory> set3) {
        this.standards = set;
        this.cwe = set2;
        this.sLCategory = sLCategory;
        this.ignoredSLCategories = set3;
    }

    public SLCategory getSlCategory() {
        return this.sLCategory;
    }

    public Set<SLCategory> getIgnoredSLCategories() {
        return this.ignoredSLCategories;
    }

    public Set<String> getStandards() {
        return this.standards;
    }

    public Set<String> getCwe() {
        return this.cwe;
    }

    public static SecurityStandards fromSecurityStandards(Set<String> set) {
        Set set2 = (Set) set.stream().filter((v0) -> {
            return Objects.nonNull(v0);
        }).collect(Collectors.toSet());
        Set<String> cwes = toCwes(set2);
        List<SLCategory> sLCategories = toSLCategories(cwes);
        return new SecurityStandards(set2, cwes, sLCategories.iterator().next(), (Set) sLCategories.stream().skip(1L).collect(Collectors.toSet()));
    }

    private static Set<String> toCwes(Collection<String> collection) {
        Set<String> set = (Set) collection.stream().filter(str -> {
            return str.startsWith(CWE_PREFIX);
        }).map(str2 -> {
            return str2.substring(CWE_PREFIX.length());
        }).collect(Collectors.toSet());
        return set.isEmpty() ? Collections.singleton("unknown") : set;
    }

    private static List<SLCategory> toSLCategories(Collection<String> collection) {
        List<SLCategory> list = (List) CWES_BY_SL_CATEGORY.keySet().stream().filter(sLCategory -> {
            Stream stream = collection.stream();
            Set<String> set = CWES_BY_SL_CATEGORY.get(sLCategory);
            Objects.requireNonNull(set);
            return stream.anyMatch((v1) -> {
                return r1.contains(v1);
            });
        }).collect(Collectors.toList());
        return list.isEmpty() ? Collections.singletonList(SLCategory.OTHERS) : list;
    }
}
