package org.owasp.dependencycheck.suppression;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.Identifier;
import org.owasp.dependencycheck.dependency.Vulnerability;

/* loaded from: input_file:WEB-INF/lib/dependency-check-core-1.2.6.jar:org/owasp/dependencycheck/suppression/SuppressionRule.class */
public class SuppressionRule {
    private PropertyType filePath;
    private String sha1;
    private List<PropertyType> cpe = new ArrayList();
    private List<Float> cvssBelow = new ArrayList();
    private List<String> cwe = new ArrayList();
    private List<String> cve = new ArrayList();
    private PropertyType gav = null;
    private boolean base;

    public PropertyType getFilePath() {
        return this.filePath;
    }

    public void setFilePath(PropertyType propertyType) {
        this.filePath = propertyType;
    }

    public String getSha1() {
        return this.sha1;
    }

    public void setSha1(String str) {
        this.sha1 = str;
    }

    public List<PropertyType> getCpe() {
        return this.cpe;
    }

    public void setCpe(List<PropertyType> list) {
        this.cpe = list;
    }

    public void addCpe(PropertyType propertyType) {
        this.cpe.add(propertyType);
    }

    public boolean hasCpe() {
        return this.cpe.size() > 0;
    }

    public List<Float> getCvssBelow() {
        return this.cvssBelow;
    }

    public void setCvssBelow(List<Float> list) {
        this.cvssBelow = list;
    }

    public void addCvssBelow(Float f) {
        this.cvssBelow.add(f);
    }

    public boolean hasCvssBelow() {
        return this.cvssBelow.size() > 0;
    }

    public List<String> getCwe() {
        return this.cwe;
    }

    public void setCwe(List<String> list) {
        this.cwe = list;
    }

    public void addCwe(String str) {
        this.cwe.add(str);
    }

    public boolean hasCwe() {
        return this.cwe.size() > 0;
    }

    public List<String> getCve() {
        return this.cve;
    }

    public void setCve(List<String> list) {
        this.cve = list;
    }

    public void addCve(String str) {
        this.cve.add(str);
    }

    public boolean hasCve() {
        return this.cve.size() > 0;
    }

    public PropertyType getGav() {
        return this.gav;
    }

    public void setGav(PropertyType propertyType) {
        this.gav = propertyType;
    }

    public boolean hasGav() {
        return this.gav != null;
    }

    public boolean isBase() {
        return this.base;
    }

    public void setBase(boolean z) {
        this.base = z;
    }

    public void process(Dependency dependency) {
        if (this.filePath == null || this.filePath.matches(dependency.getFilePath())) {
            if (this.sha1 == null || this.sha1.equalsIgnoreCase(dependency.getSha1sum())) {
                if (this.gav != null) {
                    Iterator<Identifier> it = dependency.getIdentifiers().iterator();
                    boolean z = false;
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        } else if (identifierMatches("maven", this.gav, it.next())) {
                            z = true;
                            break;
                        }
                    }
                    if (!z) {
                        return;
                    }
                }
                if (hasCpe()) {
                    Iterator<Identifier> it2 = dependency.getIdentifiers().iterator();
                    while (it2.hasNext()) {
                        Identifier next = it2.next();
                        Iterator<PropertyType> it3 = this.cpe.iterator();
                        while (true) {
                            if (!it3.hasNext()) {
                                break;
                            }
                            if (identifierMatches(SuppressionHandler.CPE, it3.next(), next)) {
                                if (!isBase()) {
                                    dependency.addSuppressedIdentifier(next);
                                }
                                it2.remove();
                            }
                        }
                    }
                }
                if (hasCve() || hasCwe() || hasCvssBelow()) {
                    Iterator<Vulnerability> it4 = dependency.getVulnerabilities().iterator();
                    while (it4.hasNext()) {
                        boolean z2 = false;
                        Vulnerability next2 = it4.next();
                        Iterator<String> it5 = this.cve.iterator();
                        while (true) {
                            if (!it5.hasNext()) {
                                break;
                            } else if (it5.next().equalsIgnoreCase(next2.getName())) {
                                z2 = true;
                                break;
                            }
                        }
                        if (!z2) {
                            Iterator<String> it6 = this.cwe.iterator();
                            while (true) {
                                if (!it6.hasNext()) {
                                    break;
                                }
                                String next3 = it6.next();
                                if (next2.getCwe() != null) {
                                    String format = String.format("CWE-%s ", next3);
                                    if (next2.getCwe().substring(0, format.length()).toUpperCase().equals(format)) {
                                        z2 = true;
                                        break;
                                    }
                                }
                            }
                        }
                        if (!z2) {
                            Iterator<Float> it7 = this.cvssBelow.iterator();
                            while (true) {
                                if (!it7.hasNext()) {
                                    break;
                                } else if (next2.getCvssScore() < it7.next().floatValue()) {
                                    z2 = true;
                                    break;
                                }
                            }
                        }
                        if (z2) {
                            if (!isBase()) {
                                dependency.addSuppressedVulnerability(next2);
                            }
                            it4.remove();
                        }
                    }
                }
            }
        }
    }

    boolean cpeHasNoVersion(PropertyType propertyType) {
        return !propertyType.isRegex() && countCharacter(propertyType.getValue(), ':') == 3;
    }

    int countCharacter(String str, char c) {
        int i = 0;
        int indexOf = str.indexOf(c);
        while (true) {
            int i2 = indexOf + 1;
            if (i2 <= 0) {
                return i;
            }
            i++;
            indexOf = str.indexOf(c, i2);
        }
    }

    boolean identifierMatches(String str, PropertyType propertyType, Identifier identifier) {
        if (!str.equals(identifier.getType())) {
            return false;
        }
        if (propertyType.matches(identifier.getValue())) {
            return true;
        }
        if (SuppressionHandler.CPE.equals(str) && cpeHasNoVersion(propertyType)) {
            return propertyType.isCaseSensitive() ? identifier.getValue().startsWith(propertyType.getValue()) : identifier.getValue().toLowerCase().startsWith(propertyType.getValue().toLowerCase());
        }
        return false;
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("SuppressionRule{");
        if (this.filePath != null) {
            sb.append("filePath=").append(this.filePath).append(",");
        }
        if (this.sha1 != null) {
            sb.append("sha1=").append(this.sha1).append(",");
        }
        if (this.gav != null) {
            sb.append("gav=").append(this.gav).append(",");
        }
        if (this.cpe != null && this.cpe.size() > 0) {
            sb.append("cpe={");
            Iterator<PropertyType> it = this.cpe.iterator();
            while (it.hasNext()) {
                sb.append(it.next()).append(",");
            }
            sb.append("}");
        }
        if (this.cwe != null && this.cwe.size() > 0) {
            sb.append("cwe={");
            Iterator<String> it2 = this.cwe.iterator();
            while (it2.hasNext()) {
                sb.append(it2.next()).append(",");
            }
            sb.append("}");
        }
        if (this.cve != null && this.cve.size() > 0) {
            sb.append("cve={");
            Iterator<String> it3 = this.cve.iterator();
            while (it3.hasNext()) {
                sb.append(it3.next()).append(",");
            }
            sb.append("}");
        }
        if (this.cvssBelow != null && this.cvssBelow.size() > 0) {
            sb.append("cvssBelow={");
            Iterator<Float> it4 = this.cvssBelow.iterator();
            while (it4.hasNext()) {
                sb.append(it4.next()).append(",");
            }
            sb.append("}");
        }
        sb.append("}");
        return sb.toString();
    }
}
