package com.metaeffekt.artifact.analysis.vulnerability.enrichment.vulnerabilitystatus;

import com.metaeffekt.artifact.analysis.node.NodeScanSupport;
import com.metaeffekt.artifact.analysis.report.CoverityReport;
import com.metaeffekt.artifact.analysis.utils.FileUtils;
import com.metaeffekt.artifact.analysis.utils.SnakeYamlParser;
import com.metaeffekt.artifact.analysis.utils.StringUtils;
import com.metaeffekt.artifact.analysis.utils.TimeUtils;
import com.metaeffekt.artifact.analysis.vulnerability.enrichment.InventoryAttribute;
import com.metaeffekt.artifact.analysis.vulnerability.enrichment.filter.FilterAttribute;
import com.metaeffekt.artifact.analysis.vulnerability.enrichment.vulnerabilitystatus.VulnerabilityStatus;
import com.metaeffekt.artifact.analysis.vulnerability.enrichment.vulnerabilitystatus.validation.VulnerabilityStatusValidation;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileWriter;
import java.io.IOException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.apache.commons.io.filefilter.DirectoryFileFilter;
import org.apache.commons.io.filefilter.TrueFileFilter;
import org.json.JSONArray;
import org.json.JSONObject;
import org.metaeffekt.core.inventory.processor.model.VulnerabilityMetaData;
import org.metaeffekt.core.inventory.processor.report.configuration.CentralSecurityPolicyConfiguration;
import org.metaeffekt.core.security.cvss.CvssVector;
import org.metaeffekt.core.security.cvss.v2.Cvss2;
import org.metaeffekt.core.security.cvss.v3.Cvss3P1;
import org.metaeffekt.core.security.cvss.v4P0.Cvss4P0;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.yaml.snakeyaml.DumperOptions;
import org.yaml.snakeyaml.Yaml;

/* loaded from: input_file:com/metaeffekt/artifact/analysis/vulnerability/enrichment/vulnerabilitystatus/VulnerabilityStatusConverter.class */
public class VulnerabilityStatusConverter {
    private static final Logger LOG = LoggerFactory.getLogger(VulnerabilityStatusConverter.class);

    @Deprecated
    public static VulnerabilityStatus fromVulnerabilityMetaData(VulnerabilityMetaData vulnerabilityMetaData) {
        VulnerabilityStatus vulnerabilityStatus = new VulnerabilityStatus();
        String str = vulnerabilityMetaData.get(InventoryAttribute.STATUS_HISTORY.getKey());
        if (str != null && str.startsWith("[")) {
            vulnerabilityStatus.addHistoryEntries(VulnerabilityStatusHistoryEntry.parseEntries(new JSONArray(str)));
        }
        if (StringUtils.hasText(vulnerabilityMetaData.get(VulnerabilityMetaData.Attribute.NAME))) {
            vulnerabilityStatus.addAffectedVulnerability(vulnerabilityMetaData.get(VulnerabilityMetaData.Attribute.NAME));
        }
        String str2 = vulnerabilityMetaData.get(InventoryAttribute.REVIEWED_ADVISORIES.getKey());
        if (str2 != null && str2.startsWith("[")) {
            vulnerabilityStatus.addReviewedAdvisoryEntries(VulnerabilityStatusReviewedEntry.fromMultipleFormattedStringOrMapEntries(new JSONArray(str2).toList()));
        }
        Pattern compile = Pattern.compile("^([^(]+)(?: \\(([^)]+)\\))?$");
        String str3 = vulnerabilityMetaData.get(InventoryAttribute.STATUS_ACCEPTED.getKey());
        String str4 = vulnerabilityMetaData.get(InventoryAttribute.STATUS_REPORTED.getKey());
        if (StringUtils.hasText(str3)) {
            Matcher matcher = compile.matcher(str3);
            if (matcher.matches()) {
                vulnerabilityStatus.setAcceptedBy(matcher.group(1));
                vulnerabilityStatus.setAcceptedDate(matcher.groupCount() == 2 ? matcher.group(2) : null);
            }
        }
        if (StringUtils.hasText(str4)) {
            Matcher matcher2 = compile.matcher(str4);
            if (matcher2.matches()) {
                vulnerabilityStatus.setReportedBy(matcher2.group(1));
                vulnerabilityStatus.setReportedDate(matcher2.groupCount() == 2 ? matcher2.group(2) : null);
            }
        }
        String str5 = vulnerabilityMetaData.get(InventoryAttribute.STATUS_TITLE.getKey());
        vulnerabilityStatus.setTitle(StringUtils.hasText(str5) ? str5 : null);
        return vulnerabilityStatus;
    }

    public static VulnerabilityStatus fromLegacyFormatFromVulnerabilityMetaData(VulnerabilityMetaData vulnerabilityMetaData) {
        VulnerabilityStatus vulnerabilityStatus = new VulnerabilityStatus();
        vulnerabilityStatus.addAffectedVulnerability(vulnerabilityMetaData.get(VulnerabilityMetaData.Attribute.NAME));
        vulnerabilityStatus.addHistoryEntry(new VulnerabilityStatusHistoryEntry(vulnerabilityMetaData.get(VulnerabilityMetaData.Attribute.STATUS), vulnerabilityMetaData.get(VulnerabilityMetaData.Attribute.RATIONALE), vulnerabilityMetaData.get(VulnerabilityMetaData.Attribute.RISK), vulnerabilityMetaData.get(InventoryAttribute.MEASURES.getKey()), "Reference Inventory", new SimpleDateFormat("yyyy-MM-dd").format(new Date()), Double.valueOf(0.0d), null, null));
        return vulnerabilityStatus;
    }

    public static Set<VulnerabilityStatus> fromStatusFileOrDirectory(File file) {
        return fromStatusFileOrDirectory(file, CentralSecurityPolicyConfiguration.JSON_SCHEMA_VALIDATION_ERRORS_DEFAULT);
    }

    public static Set<VulnerabilityStatus> fromStatusFileOrDirectory(File file, CentralSecurityPolicyConfiguration.JsonSchemaValidationErrorsHandling jsonSchemaValidationErrorsHandling) {
        HashSet hashSet = new HashSet();
        for (File file2 : extractVulnerabilityStatusFilesFromDirectory(file)) {
            LOG.debug("Parsing vulnerability status from YAML file {}.", file2.getAbsolutePath());
            try {
                VulnerabilityStatus.assertVulnerabilityStatusFileValid(file2, jsonSchemaValidationErrorsHandling);
                try {
                    Object parseYaml = SnakeYamlParser.parseYaml(SnakeYamlParser.createNoTimestampYaml(), file2);
                    if (parseYaml instanceof LinkedHashMap) {
                        VulnerabilityStatus fromYaml = fromYaml((LinkedHashMap) parseYaml);
                        fromYaml.originYamlFile = file2;
                        hashSet.add(fromYaml);
                    } else if (parseYaml instanceof List) {
                        Iterator it = ((List) parseYaml).iterator();
                        while (it.hasNext()) {
                            VulnerabilityStatus fromYaml2 = fromYaml((LinkedHashMap) it.next());
                            fromYaml2.originYamlFile = file2;
                            hashSet.add(fromYaml2);
                        }
                    }
                } catch (FileNotFoundException e) {
                    throw new RuntimeException("Failed to read status file " + file2.getAbsolutePath(), e);
                } catch (Exception e2) {
                    throw new RuntimeException("Failed to parse status file, even though validation passed previously from " + file2.getAbsolutePath(), e2);
                }
            } catch (Exception e3) {
                throw new RuntimeException("Failed to parse vulnerability status file from " + file2.getAbsolutePath(), e3);
            }
        }
        return hashSet;
    }

    public static Set<File> extractVulnerabilityStatusFilesFromDirectory(File file) {
        HashSet hashSet = new HashSet();
        if (file.exists() && file.isDirectory()) {
            for (File file2 : FileUtils.listFiles(file, TrueFileFilter.INSTANCE, DirectoryFileFilter.DIRECTORY)) {
                if (file2.isFile() && file2.getName().endsWith(".yaml")) {
                    hashSet.add(file2);
                }
            }
        } else if (file.exists() && file.isFile()) {
            hashSet.add(file);
        } else {
            LOG.warn("Status file directory does not exist: [{}]", file.getAbsolutePath());
        }
        return hashSet;
    }

    public static VulnerabilityStatus fromYaml(LinkedHashMap<String, Object> linkedHashMap) {
        VulnerabilityStatus vulnerabilityStatus = new VulnerabilityStatus();
        if (validateEntryType(linkedHashMap, "history", ArrayList.class)) {
            Iterator it = ((ArrayList) linkedHashMap.get("history")).iterator();
            while (it.hasNext()) {
                Object next = it.next();
                if (next instanceof LinkedHashMap) {
                    vulnerabilityStatus.addHistoryEntry(VulnerabilityStatusHistoryEntry.fromMap((LinkedHashMap) next));
                }
            }
        }
        if (validateEntryType(linkedHashMap, "reviewed", ArrayList.class)) {
            vulnerabilityStatus.addReviewedAdvisoryEntries(VulnerabilityStatusReviewedEntry.fromMultipleFormattedStringOrMapEntries((ArrayList) linkedHashMap.get("reviewed")));
        }
        if (validateEntryType(linkedHashMap, "affects", LinkedHashMap.class)) {
            LinkedHashMap linkedHashMap2 = (LinkedHashMap) linkedHashMap.get("affects");
            if (validateEntryType(linkedHashMap2, "cve", ArrayList.class)) {
                List list = (List) linkedHashMap2.get("cve");
                vulnerabilityStatus.getClass();
                list.forEach(vulnerabilityStatus::addAffectedVulnerability);
            }
            if (validateEntryType(linkedHashMap2, "cpe", ArrayList.class)) {
                List list2 = (List) linkedHashMap2.get("cpe");
                vulnerabilityStatus.getClass();
                list2.forEach(vulnerabilityStatus::addAffectedCpe);
            }
            if (validateEntryType(linkedHashMap2, CoverityReport.CWE, ArrayList.class)) {
                List list3 = (List) linkedHashMap2.get(CoverityReport.CWE);
                vulnerabilityStatus.getClass();
                list3.forEach(vulnerabilityStatus::addAffectedCwe);
            }
            if (validateEntryType(linkedHashMap2, "condition", String.class)) {
                vulnerabilityStatus.addAffectedVulnerabilitiesFilter(FilterAttribute.fromString(String.valueOf(linkedHashMap2.get("condition"))));
            }
        }
        if (validateEntryType(linkedHashMap, "accepted", LinkedHashMap.class)) {
            LinkedHashMap linkedHashMap3 = (LinkedHashMap) linkedHashMap.get("accepted");
            if (validateEntryType(linkedHashMap3, "by", String.class)) {
                vulnerabilityStatus.setAcceptedBy(linkedHashMap3.get("by").toString());
            }
            if (validateEntryType(linkedHashMap3, "date", Date.class, String.class)) {
                if (linkedHashMap3.get("date") instanceof String) {
                    vulnerabilityStatus.setAcceptedDate(TimeUtils.formatNormalizedDate(TimeUtils.tryParse(linkedHashMap3.get("date").toString())));
                } else {
                    vulnerabilityStatus.setAcceptedDate(TimeUtils.formatNormalizedDate((Date) linkedHashMap3.get("date")));
                }
            }
        }
        if (validateEntryType(linkedHashMap, "reported", LinkedHashMap.class)) {
            LinkedHashMap linkedHashMap4 = (LinkedHashMap) linkedHashMap.get("reported");
            if (linkedHashMap4.containsKey("by")) {
                vulnerabilityStatus.setReportedBy(linkedHashMap4.get("by").toString());
            }
            if (validateEntryType(linkedHashMap4, "date", Date.class, String.class)) {
                if (linkedHashMap4.get("date") instanceof String) {
                    vulnerabilityStatus.setReportedDate(TimeUtils.formatNormalizedDate(TimeUtils.tryParse(linkedHashMap4.get("date").toString())));
                } else {
                    vulnerabilityStatus.setReportedDate(TimeUtils.formatNormalizedDate((Date) linkedHashMap4.get("date")));
                }
            }
        }
        if (validateEntryType(linkedHashMap, "cvssV2", String.class, LinkedHashMap.class)) {
            if (linkedHashMap.get("cvssV2") instanceof LinkedHashMap) {
                LinkedHashMap linkedHashMap5 = (LinkedHashMap) linkedHashMap.get("cvssV2");
                if (validateEntryType(linkedHashMap5, "all", String.class)) {
                    vulnerabilityStatus.setCvss2(new Cvss2(linkedHashMap5.get("all").toString()));
                }
                if (validateEntryType(linkedHashMap5, "higher", String.class)) {
                    vulnerabilityStatus.setCvss2Higher(new Cvss2(linkedHashMap5.get("higher").toString()));
                }
                if (validateEntryType(linkedHashMap5, "lower", String.class)) {
                    vulnerabilityStatus.setCvss2Lower(new Cvss2(linkedHashMap5.get("lower").toString()));
                }
            } else {
                vulnerabilityStatus.setCvss2(new Cvss2(linkedHashMap.get("cvssV2").toString()));
            }
        }
        if (validateEntryType(linkedHashMap, "cvssV3", String.class, LinkedHashMap.class)) {
            if (linkedHashMap.get("cvssV3") instanceof LinkedHashMap) {
                LinkedHashMap linkedHashMap6 = (LinkedHashMap) linkedHashMap.get("cvssV3");
                if (validateEntryType(linkedHashMap6, "all", String.class)) {
                    vulnerabilityStatus.setCvss3P1(new Cvss3P1(linkedHashMap6.get("all").toString()));
                }
                if (validateEntryType(linkedHashMap6, "higher", String.class)) {
                    vulnerabilityStatus.setCvss3P1Higher(new Cvss3P1(linkedHashMap6.get("higher").toString()));
                }
                if (validateEntryType(linkedHashMap6, "lower", String.class)) {
                    vulnerabilityStatus.setCvss3P1Lower(new Cvss3P1(linkedHashMap6.get("lower").toString()));
                }
            } else {
                vulnerabilityStatus.setCvss3P1(new Cvss3P1(linkedHashMap.get("cvssV3").toString()));
            }
        }
        if (validateEntryType(linkedHashMap, "cvssV4", String.class, LinkedHashMap.class)) {
            if (linkedHashMap.get("cvssV4") instanceof LinkedHashMap) {
                LinkedHashMap linkedHashMap7 = (LinkedHashMap) linkedHashMap.get("cvssV4");
                if (validateEntryType(linkedHashMap7, "all", String.class)) {
                    vulnerabilityStatus.setCvss4(new Cvss4P0(linkedHashMap7.get("all").toString()));
                }
                if (validateEntryType(linkedHashMap7, "higher", String.class)) {
                    vulnerabilityStatus.setCvss4Higher(new Cvss4P0(linkedHashMap7.get("higher").toString()));
                }
                if (validateEntryType(linkedHashMap7, "lower", String.class)) {
                    vulnerabilityStatus.setCvss4Lower(new Cvss4P0(linkedHashMap7.get("lower").toString()));
                }
            } else {
                vulnerabilityStatus.setCvss4(new Cvss4P0(linkedHashMap.get("cvssV4").toString()));
            }
        }
        if (validateEntryType(linkedHashMap, "title", String.class)) {
            vulnerabilityStatus.setTitle(linkedHashMap.get("title").toString());
        }
        if (validateEntryType(linkedHashMap, "scope", String.class)) {
            vulnerabilityStatus.setScope(VulnerabilityStatus.Scope.fromString(linkedHashMap.get("scope").toString()));
            Iterator<VulnerabilityStatusHistoryEntry> it2 = vulnerabilityStatus.getStatusHistory().iterator();
            while (it2.hasNext()) {
                it2.next().setScope(vulnerabilityStatus.getScope());
            }
        }
        if (validateEntryType(linkedHashMap, "validation", LinkedHashMap.class)) {
            vulnerabilityStatus.setValidation(VulnerabilityStatusValidation.fromYamlMap((Map) linkedHashMap.get("validation")));
        }
        return vulnerabilityStatus;
    }

    private static boolean validateEntryType(Map<String, ?> map, String str, Class<?>... clsArr) {
        if (map == null || !map.containsKey(str)) {
            return false;
        }
        if (Arrays.stream(clsArr).noneMatch(cls -> {
            return map.get(str).getClass().equals(cls);
        })) {
            throw new IllegalArgumentException(String.format("Expected %s on element [%s] but got [%s]", (List) Arrays.stream(clsArr).map((v0) -> {
                return v0.getSimpleName();
            }).collect(Collectors.toList()), str, map.get(str).getClass().getSimpleName()));
        }
        return true;
    }

    public static List<VulnerabilityStatus> fromJson(JSONArray jSONArray) {
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < jSONArray.length(); i++) {
            arrayList.add(fromJson(jSONArray.getJSONObject(i)));
        }
        return arrayList;
    }

    public static VulnerabilityStatus fromJson(JSONObject jSONObject) {
        VulnerabilityStatus vulnerabilityStatus = new VulnerabilityStatus();
        vulnerabilityStatus.appendFromJson(jSONObject);
        return vulnerabilityStatus;
    }

    public static void exportYaml(VulnerabilityStatus vulnerabilityStatus, File file) throws IOException {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        exportCvssInformationToYaml(linkedHashMap, vulnerabilityStatus.getCvss2(), vulnerabilityStatus.getCvss2Higher(), vulnerabilityStatus.getCvss2Lower(), "cvssV2");
        exportCvssInformationToYaml(linkedHashMap, vulnerabilityStatus.getCvss3P1(), vulnerabilityStatus.getCvss3P1Higher(), vulnerabilityStatus.getCvss3P1Lower(), "cvssV3");
        exportCvssInformationToYaml(linkedHashMap, vulnerabilityStatus.getCvss4(), vulnerabilityStatus.getCvss4Higher(), vulnerabilityStatus.getCvss4Lower(), "cvssV4");
        if (vulnerabilityStatus.getTitle() != null) {
            linkedHashMap.put("title", vulnerabilityStatus.getTitle());
        }
        LinkedHashMap linkedHashMap2 = new LinkedHashMap();
        if (!vulnerabilityStatus.getAffectedVulnerabilities().isEmpty()) {
            linkedHashMap2.put("cve", new ArrayList(vulnerabilityStatus.getAffectedVulnerabilities()));
        }
        if (!vulnerabilityStatus.getAffectedCpe().isEmpty()) {
            linkedHashMap2.put("cpe", new ArrayList(vulnerabilityStatus.getAffectedCpe()));
        }
        if (!vulnerabilityStatus.getAffectedCwe().isEmpty()) {
            linkedHashMap2.put(CoverityReport.CWE, new ArrayList(vulnerabilityStatus.getAffectedCwe()));
        }
        linkedHashMap.put("affects", linkedHashMap2);
        HashSet hashSet = new HashSet();
        Iterator<VulnerabilityStatusReviewedEntry> it = vulnerabilityStatus.getReviewedAdvisories().iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().toString());
        }
        if (!hashSet.isEmpty()) {
            linkedHashMap.put("reviewed", hashSet);
        }
        LinkedHashMap linkedHashMap3 = new LinkedHashMap();
        if (vulnerabilityStatus.getReportedDate() != null) {
            linkedHashMap3.put("date", vulnerabilityStatus.getReportedDate());
        }
        if (vulnerabilityStatus.getReportedBy() != null) {
            linkedHashMap3.put("by", vulnerabilityStatus.getReportedBy());
        }
        if (!linkedHashMap3.isEmpty()) {
            linkedHashMap.put("reported", linkedHashMap3);
        }
        LinkedHashMap linkedHashMap4 = new LinkedHashMap();
        if (vulnerabilityStatus.getAcceptedDate() != null) {
            linkedHashMap4.put("date", vulnerabilityStatus.getAcceptedDate());
        }
        if (vulnerabilityStatus.getAcceptedBy() != null) {
            linkedHashMap4.put("by", vulnerabilityStatus.getAcceptedBy());
        }
        if (linkedHashMap4.size() > 0) {
            linkedHashMap.put("accepted", linkedHashMap4);
        }
        if (vulnerabilityStatus.getScope() != null) {
            linkedHashMap.put("scope", vulnerabilityStatus.getScope());
        }
        ArrayList arrayList = new ArrayList();
        for (VulnerabilityStatusHistoryEntry vulnerabilityStatusHistoryEntry : vulnerabilityStatus.getStatusHistory()) {
            LinkedHashMap linkedHashMap5 = new LinkedHashMap();
            if (vulnerabilityStatusHistoryEntry.getStatus() != null) {
                linkedHashMap5.put(CoverityReport.STATUS, vulnerabilityStatusHistoryEntry.getStatus());
            }
            if (vulnerabilityStatusHistoryEntry.getAuthor() != null) {
                linkedHashMap5.put(NodeScanSupport.KEY_AUTHOR, vulnerabilityStatusHistoryEntry.getAuthor());
            }
            if (vulnerabilityStatusHistoryEntry.getDate() != null) {
                linkedHashMap5.put("date", vulnerabilityStatusHistoryEntry.getDate());
            }
            if (vulnerabilityStatusHistoryEntry.getRationale() != null) {
                linkedHashMap5.put("rationale", vulnerabilityStatusHistoryEntry.getRationale());
            }
            if (vulnerabilityStatusHistoryEntry.getRisk() != null) {
                linkedHashMap5.put("risk", vulnerabilityStatusHistoryEntry.getRisk());
            }
            if (vulnerabilityStatusHistoryEntry.getScore().doubleValue() != -1.0d) {
                linkedHashMap5.put("score", vulnerabilityStatusHistoryEntry.getScore());
            }
            arrayList.add(linkedHashMap5);
        }
        if (arrayList.size() > 0) {
            linkedHashMap.put("history", arrayList);
        }
        DumperOptions dumperOptions = new DumperOptions();
        dumperOptions.setDefaultFlowStyle(DumperOptions.FlowStyle.BLOCK);
        new Yaml(dumperOptions).dump(linkedHashMap, new FileWriter(file));
    }

    private static void exportCvssInformationToYaml(Map<String, Object> map, CvssVector cvssVector, CvssVector cvssVector2, CvssVector cvssVector3, String str) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        if (cvssVector != null) {
            linkedHashMap.put("all", cvssVector.toString());
        }
        if (cvssVector2 != null) {
            linkedHashMap.put("higher", cvssVector2.toString());
        }
        if (cvssVector3 != null) {
            linkedHashMap.put("lower", cvssVector3.toString());
        }
        if (linkedHashMap.isEmpty()) {
            return;
        }
        map.put(str, linkedHashMap);
    }
}
