package com.metaeffekt.mirror.contents.advisory;

import com.metaeffekt.artifact.analysis.node.NodeScanSupport;
import com.metaeffekt.artifact.analysis.utils.StringUtils;
import com.metaeffekt.artifact.analysis.utils.TimeUtils;
import com.metaeffekt.artifact.terms.model.NormalizationMetaData;
import com.metaeffekt.mirror.contents.base.DescriptionParagraph;
import com.metaeffekt.mirror.contents.base.Reference;
import com.metaeffekt.mirror.contents.store.AdvisoryTypeStore;
import com.metaeffekt.mirror.contents.store.VulnerabilityTypeStore;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.StringJoiner;
import org.apache.lucene.document.Document;
import org.json.JSONArray;
import org.json.JSONObject;
import org.metaeffekt.core.inventory.processor.model.AdvisoryMetaData;
import org.metaeffekt.core.inventory.processor.report.model.AdvisoryUtils;
import org.metaeffekt.core.security.cvss.CvssSource;
import org.metaeffekt.core.security.cvss.KnownCvssEntities;
import org.metaeffekt.core.security.cvss.v2.Cvss2;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/metaeffekt/mirror/contents/advisory/CertSeiAdvisorEntry.class */
public class CertSeiAdvisorEntry extends AdvisoryEntry {
    private static final Logger LOG = LoggerFactory.getLogger(CertSeiAdvisorEntry.class);
    protected static final Set<String> CONVERSION_KEYS_AMB = new HashSet<String>(AdvisoryEntry.CONVERSION_KEYS_AMB) { // from class: com.metaeffekt.mirror.contents.advisory.CertSeiAdvisorEntry.1
    };
    protected static final Set<String> CONVERSION_KEYS_MAP = new HashSet<String>(AdvisoryEntry.CONVERSION_KEYS_MAP) { // from class: com.metaeffekt.mirror.contents.advisory.CertSeiAdvisorEntry.2
    };
    private static final String[][] CERT_SEI_OVERVIEW_HEADERS_ALTERNATE_NAMES = {new String[]{"Overview"}, new String[]{"Description"}, new String[]{"Impact"}, new String[]{"Solution"}, new String[]{"Acknowledgements"}, new String[]{"Workarounds", "Workaround", "Possible Workarounds", "Apply a workaround"}};

    public CertSeiAdvisorEntry() {
        super(AdvisoryTypeStore.CERT_SEI);
    }

    public CertSeiAdvisorEntry(String str) {
        super(AdvisoryTypeStore.CERT_SEI, str);
    }

    @Override // com.metaeffekt.mirror.contents.advisory.AdvisoryEntry
    public String getUrl() {
        return "https://kb.cert.org/vuls/id/" + this.id.replace("VU#", "");
    }

    @Override // com.metaeffekt.mirror.contents.advisory.AdvisoryEntry
    public String getType() {
        return AdvisoryUtils.normalizeType("alert");
    }

    @Override // com.metaeffekt.mirror.contents.base.AmbDataClass
    protected Set<String> conversionKeysAmb() {
        return CONVERSION_KEYS_AMB;
    }

    @Override // com.metaeffekt.mirror.contents.base.AmbDataClass
    protected Set<String> conversionKeysMap() {
        return CONVERSION_KEYS_MAP;
    }

    @Override // com.metaeffekt.mirror.contents.base.AmbDataClass
    public CertSeiAdvisorEntry constructDataClass() {
        return new CertSeiAdvisorEntry();
    }

    public static CertSeiAdvisorEntry fromAdvisoryMetaData(AdvisoryMetaData advisoryMetaData) {
        return (CertSeiAdvisorEntry) AdvisoryEntry.fromAdvisoryMetaData(advisoryMetaData, CertSeiAdvisorEntry::new);
    }

    public static CertSeiAdvisorEntry fromInputMap(Map<String, Object> map) {
        return (CertSeiAdvisorEntry) AdvisoryEntry.fromInputMap(map, CertSeiAdvisorEntry::new);
    }

    public static CertSeiAdvisorEntry fromJson(JSONObject jSONObject) {
        return (CertSeiAdvisorEntry) AdvisoryEntry.fromJson(jSONObject, CertSeiAdvisorEntry::new);
    }

    public static CertSeiAdvisorEntry fromDocument(Document document) {
        return (CertSeiAdvisorEntry) AdvisoryEntry.fromDocument(document, CertSeiAdvisorEntry::new);
    }

    @Override // com.metaeffekt.mirror.contents.advisory.AdvisoryEntry, com.metaeffekt.mirror.contents.base.MatchableDetailsAmbDataClass, com.metaeffekt.mirror.contents.base.AmbDataClass
    public void appendFromBaseModel(AdvisoryMetaData advisoryMetaData) {
        super.appendFromBaseModel(advisoryMetaData);
    }

    @Override // com.metaeffekt.mirror.contents.advisory.AdvisoryEntry, com.metaeffekt.mirror.contents.base.MatchableDetailsAmbDataClass, com.metaeffekt.mirror.contents.base.AmbDataClass
    public void appendToBaseModel(AdvisoryMetaData advisoryMetaData) {
        super.appendToBaseModel(advisoryMetaData);
    }

    @Override // com.metaeffekt.mirror.contents.advisory.AdvisoryEntry, com.metaeffekt.mirror.contents.base.MatchableDetailsAmbDataClass, com.metaeffekt.mirror.contents.base.AmbDataClass
    public void appendFromMap(Map<String, Object> map) {
        super.appendFromMap(map);
    }

    @Override // com.metaeffekt.mirror.contents.advisory.AdvisoryEntry, com.metaeffekt.mirror.contents.base.MatchableDetailsAmbDataClass, com.metaeffekt.mirror.contents.base.AmbDataClass
    public void appendToJson(JSONObject jSONObject) {
        super.appendToJson(jSONObject);
    }

    @Override // com.metaeffekt.mirror.contents.advisory.AdvisoryEntry, com.metaeffekt.mirror.contents.base.MatchableDetailsAmbDataClass, com.metaeffekt.mirror.contents.base.AmbDataClass
    public void appendFromDocument(Document document) {
        super.appendFromDocument(document);
    }

    @Override // com.metaeffekt.mirror.contents.advisory.AdvisoryEntry, com.metaeffekt.mirror.contents.base.MatchableDetailsAmbDataClass, com.metaeffekt.mirror.contents.base.AmbDataClass
    public void appendToDocument(Document document) {
        super.appendToDocument(document);
    }

    public static CertSeiAdvisorEntry fromDownloadJson(JSONObject jSONObject) {
        CertSeiAdvisorEntry certSeiAdvisorEntry = new CertSeiAdvisorEntry();
        certSeiAdvisorEntry.setId(firstNonEmpty(jSONObject.optString("vuid", null), jSONObject.optString("idnumber", null), jSONObject.optString("id", null), "unknown").toUpperCase(Locale.ENGLISH).replaceAll("[-–_ ]+", "-").replaceAll("\\D*(\\d+)\\D*", "VU#$1"));
        certSeiAdvisorEntry.setCreateDate(TimeUtils.tryParse(firstNonEmpty(jSONObject.optString("datecreated", null), jSONObject.optString("datefirstpublished", null), jSONObject.optString("publicdate", null), jSONObject.optString("dateupdated", null))));
        certSeiAdvisorEntry.setUpdateDate(TimeUtils.tryParse(firstNonEmpty(jSONObject.optString("dateupdated", null), jSONObject.optString("datecreated", null), jSONObject.optString("datefirstpublished", null), jSONObject.optString("publicdate", null))));
        JSONArray optJSONArray = jSONObject.optJSONArray("public");
        if (optJSONArray != null) {
            StringBuilder sb = new StringBuilder();
            for (int i = 0; i < optJSONArray.length(); i++) {
                if (StringUtils.hasText(optJSONArray.optString(i))) {
                    if (optJSONArray.getString(i).length() == 1) {
                        sb.append(optJSONArray.getString(i));
                    } else {
                        certSeiAdvisorEntry.addReference(Reference.fromUrl(optJSONArray.optString(i)));
                    }
                }
            }
            if (sb.length() > 0) {
                certSeiAdvisorEntry.addReference(Reference.fromUrl(sb.toString()));
            }
        }
        JSONArray optJSONArray2 = jSONObject.optJSONArray("keywords");
        if (optJSONArray2 != null) {
            for (int i2 = 0; i2 < optJSONArray2.length(); i2++) {
                certSeiAdvisorEntry.addKeyword(optJSONArray2.optString(i2));
            }
        }
        HashMap hashMap = new HashMap();
        if (jSONObject.optJSONObject("overview") != null) {
            LOG.info("overview is JSON on {}", certSeiAdvisorEntry.getId());
            jSONObject.optJSONObject("overview").toMap().forEach((str, obj) -> {
            });
        } else if (jSONObject.has("overview")) {
            String valueOf = String.valueOf(jSONObject.opt("overview"));
            String str2 = "";
            StringJoiner stringJoiner = new StringJoiner("\n");
            for (String str3 : valueOf.split("\r?\n")) {
                String certSeiNormalizeTitleIfAvailable = certSeiNormalizeTitleIfAvailable(str3);
                if (certSeiNormalizeTitleIfAvailable != null) {
                    if (stringJoiner.length() > 0) {
                        hashMap.put(str2, trimNewlines(stringJoiner.toString()));
                        stringJoiner = new StringJoiner("\n");
                    }
                    str2 = certSeiNormalizeTitleIfAvailable;
                } else {
                    stringJoiner.add(str3);
                }
            }
            if (stringJoiner.length() > 0) {
                hashMap.put(str2, trimNewlines(stringJoiner.toString()));
            }
        }
        String optString = jSONObject.optString("clean_desc", null);
        String optString2 = jSONObject.optString("impact", null);
        String optString3 = jSONObject.optString("resolution", null);
        String optString4 = jSONObject.optString("workarounds", null);
        certSeiAdvisorEntry.setSummary(firstNonEmpty(jSONObject.optString("name", null), (String) hashMap.get("Overview"), optString));
        certSeiAdvisorEntry.addDescription(DescriptionParagraph.fromContent(longestNonEmpty((String) hashMap.get("Description"), (String) hashMap.get(""), optString)));
        certSeiAdvisorEntry.setThreat(firstNonEmpty((String) hashMap.get("Impact"), optString2));
        certSeiAdvisorEntry.setRecommendations(firstNonEmpty((String) hashMap.get("Solution"), optString3));
        certSeiAdvisorEntry.setWorkarounds(firstNonEmpty((String) hashMap.get("Workarounds"), optString4));
        certSeiAdvisorEntry.addAcknowledgements(Arrays.asList(jSONObject.optString(NodeScanSupport.KEY_AUTHOR, "").split("(,|\n\n)")));
        certSeiAdvisorEntry.addAcknowledgements(Arrays.asList(jSONObject.optString("thanks", "").split("(,|\n\n)")));
        certSeiAdvisorEntry.addAcknowledgements(Arrays.asList(((String) hashMap.getOrDefault("Acknowledgements", "")).split("(,|\n\n)")));
        JSONArray optJSONArray3 = jSONObject.optJSONArray("cveids");
        if (optJSONArray3 != null && !optJSONArray3.isEmpty()) {
            for (int i3 = 0; i3 < optJSONArray3.length(); i3++) {
                String optString5 = optJSONArray3.optString(i3, null);
                if (StringUtils.hasText(optString5)) {
                    if (optString5.contains(NormalizationMetaData.STRING_WHITESPACE)) {
                        certSeiAdvisorEntry.addReferencedVulnerabilities(VulnerabilityTypeStore.CVE, Arrays.asList(optJSONArray3.optString(i3).split(" ?,? ")));
                    } else {
                        certSeiAdvisorEntry.addReferencedVulnerability(VulnerabilityTypeStore.CVE, optJSONArray3.optString(i3));
                    }
                }
            }
        }
        if (certSeiAdvisorEntry.getReferencedVulnerabilities(VulnerabilityTypeStore.CVE).isEmpty()) {
            extractReferenceIdsFromStringIfPresent(certSeiAdvisorEntry.getSummary(), certSeiAdvisorEntry, VulnerabilityTypeStore.CVE);
            extractReferenceIdsFromStringIfPresent(certSeiAdvisorEntry.getTextDescription(), certSeiAdvisorEntry, VulnerabilityTypeStore.CVE);
            extractReferenceIdsFromStringIfPresent(certSeiAdvisorEntry.getThreat(), certSeiAdvisorEntry, VulnerabilityTypeStore.CVE);
            extractReferenceIdsFromStringIfPresent(certSeiAdvisorEntry.getRecommendations(), certSeiAdvisorEntry, VulnerabilityTypeStore.CVE);
            extractReferenceIdsFromStringIfPresent(certSeiAdvisorEntry.getWorkarounds(), certSeiAdvisorEntry, VulnerabilityTypeStore.CVE);
        }
        if (certSeiAdvisorEntry.getReferencedVulnerabilities(VulnerabilityTypeStore.CVE).isEmpty()) {
            LOG.debug("No referenced CVEs found for [{}], which makes it impossible for this advisory to be found during our enrichment.", certSeiAdvisorEntry.getId());
        }
        String optString6 = jSONObject.optString("cvss_basevector", null);
        String optString7 = jSONObject.optString("cvss_environmentalvector", null);
        StringJoiner stringJoiner2 = new StringJoiner("/");
        if (StringUtils.hasText(optString6) && !optString6.equals("N/A") && !optString6.contains("--")) {
            stringJoiner2.add(optString6);
        }
        if (StringUtils.hasText(optString7) && !optString7.equals("N/A") && !optString7.contains("--")) {
            stringJoiner2.add(optString7);
        }
        if (!stringJoiner2.toString().trim().isEmpty()) {
            Cvss2 cvss2 = new Cvss2(stringJoiner2.toString(), new CvssSource(KnownCvssEntities.CERT_SEI, Cvss2.class));
            if (cvss2.isAnyBaseDefined() || cvss2.isAnyEnvironmentalDefined() || cvss2.isAnyTemporalDefined()) {
                certSeiAdvisorEntry.getCvssVectors().addCvssVector(cvss2);
            }
        }
        return certSeiAdvisorEntry;
    }

    private static String certSeiNormalizeTitleIfAvailable(String str) {
        if (!str.startsWith("### ") && !str.startsWith("#### ")) {
            return null;
        }
        String trim = str.replace("#### ", "").replace(" ####", "").replace("### ", "").replace(" ###", "").trim();
        for (String[] strArr : CERT_SEI_OVERVIEW_HEADERS_ALTERNATE_NAMES) {
            for (String str2 : strArr) {
                if (str2.equals(trim)) {
                    return strArr[0];
                }
            }
        }
        return null;
    }
}
