package org.owasp.dependencycheck.data.nvdcve;

import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.owasp.dependencycheck.analyzer.CMakeAnalyzer;
import org.owasp.dependencycheck.analyzer.ComposerLockAnalyzer;
import org.owasp.dependencycheck.analyzer.ElixirMixAuditAnalyzer;
import org.owasp.dependencycheck.analyzer.JarAnalyzer;
import org.owasp.dependencycheck.data.nvd.json.DefCveItem;
import org.owasp.dependencycheck.data.nvd.json.Reference;
import org.owasp.dependencycheck.dependency.VulnerableSoftware;

/* loaded from: input_file:org/owasp/dependencycheck/data/nvdcve/CveItemOperator.class */
public class CveItemOperator {
    public String extractDescription(DefCveItem defCveItem) {
        return (String) defCveItem.getCve().getDescription().getDescriptionData().stream().filter(langString -> {
            return "en".equals(langString.getLang());
        }).map(langString2 -> {
            return langString2.getValue();
        }).collect(Collectors.joining(" "));
    }

    public String extractBaseEcosystem(DefCveItem defCveItem, String str) {
        if (str == null) {
            return extractBaseEcosystemFromReferences(defCveItem);
        }
        int indexOfIgnoreCase = StringUtils.indexOfIgnoreCase(str, ".php");
        if ((indexOfIgnoreCase > 0 && (indexOfIgnoreCase + 4 == str.length() || !Character.isLetterOrDigit(str.charAt(indexOfIgnoreCase + 4)))) || StringUtils.containsIgnoreCase(str, "wordpress") || StringUtils.containsIgnoreCase(str, "drupal") || StringUtils.containsIgnoreCase(str, "joomla") || StringUtils.containsIgnoreCase(str, "moodle") || StringUtils.containsIgnoreCase(str, "typo3")) {
            return ComposerLockAnalyzer.DEPENDENCY_ECOSYSTEM;
        }
        if (StringUtils.containsIgnoreCase(str, " npm ")) {
            return "npm";
        }
        if ((StringUtils.containsIgnoreCase(str, "node module") && StringUtils.containsIgnoreCase(str, ".js")) || StringUtils.containsIgnoreCase(str, " node.js")) {
            return "npm";
        }
        int indexOfIgnoreCase2 = StringUtils.indexOfIgnoreCase(str, ".pm");
        if (indexOfIgnoreCase2 > 0 && (indexOfIgnoreCase2 + 3 == str.length() || !Character.isLetterOrDigit(str.charAt(indexOfIgnoreCase2 + 3)))) {
            return "perl";
        }
        int indexOfIgnoreCase3 = StringUtils.indexOfIgnoreCase(str, ".pl");
        if (indexOfIgnoreCase3 > 0 && (indexOfIgnoreCase3 + 3 == str.length() || !Character.isLetterOrDigit(str.charAt(indexOfIgnoreCase3 + 3)))) {
            return "perl";
        }
        int indexOfIgnoreCase4 = StringUtils.indexOfIgnoreCase(str, ".java");
        if (indexOfIgnoreCase4 > 0 && (indexOfIgnoreCase4 + 5 == str.length() || !Character.isLetterOrDigit(str.charAt(indexOfIgnoreCase4 + 5)))) {
            return JarAnalyzer.DEPENDENCY_ECOSYSTEM;
        }
        int indexOfIgnoreCase5 = StringUtils.indexOfIgnoreCase(str, ".jsp");
        if ((indexOfIgnoreCase5 > 0 && (indexOfIgnoreCase5 + 4 == str.length() || !Character.isLetterOrDigit(str.charAt(indexOfIgnoreCase5 + 4)))) || StringUtils.containsIgnoreCase(str, " grails ")) {
            return JarAnalyzer.DEPENDENCY_ECOSYSTEM;
        }
        int indexOfIgnoreCase6 = StringUtils.indexOfIgnoreCase(str, ".rb");
        if ((indexOfIgnoreCase6 > 0 && (indexOfIgnoreCase6 + 3 == str.length() || !Character.isLetterOrDigit(str.charAt(indexOfIgnoreCase6 + 3)))) || StringUtils.containsIgnoreCase(str, "ruby gem")) {
            return "ruby";
        }
        int indexOfIgnoreCase7 = StringUtils.indexOfIgnoreCase(str, ".py");
        if ((indexOfIgnoreCase7 > 0 && (indexOfIgnoreCase7 + 3 == str.length() || !Character.isLetterOrDigit(str.charAt(indexOfIgnoreCase7 + 3)))) || StringUtils.containsIgnoreCase(str, "django")) {
            return "python";
        }
        if (StringUtils.containsIgnoreCase(str, "buffer overflow") && !StringUtils.containsIgnoreCase(str, "android")) {
            return CMakeAnalyzer.DEPENDENCY_ECOSYSTEM;
        }
        int indexOfIgnoreCase8 = StringUtils.indexOfIgnoreCase(str, ".c");
        if (indexOfIgnoreCase8 > 0 && (indexOfIgnoreCase8 + 2 == str.length() || !Character.isLetterOrDigit(str.charAt(indexOfIgnoreCase8 + 2)))) {
            return CMakeAnalyzer.DEPENDENCY_ECOSYSTEM;
        }
        int indexOfIgnoreCase9 = StringUtils.indexOfIgnoreCase(str, ".cpp");
        if (indexOfIgnoreCase9 > 0 && (indexOfIgnoreCase9 + 4 == str.length() || !Character.isLetterOrDigit(str.charAt(indexOfIgnoreCase9 + 4)))) {
            return CMakeAnalyzer.DEPENDENCY_ECOSYSTEM;
        }
        int indexOfIgnoreCase10 = StringUtils.indexOfIgnoreCase(str, ".h");
        return (indexOfIgnoreCase10 <= 0 || (indexOfIgnoreCase10 + 2 != str.length() && Character.isLetterOrDigit(str.charAt(indexOfIgnoreCase10 + 2)))) ? extractBaseEcosystemFromReferences(defCveItem) : CMakeAnalyzer.DEPENDENCY_ECOSYSTEM;
    }

    protected String extractBaseEcosystemFromReferences(DefCveItem defCveItem) {
        for (Reference reference : defCveItem.getCve().getReferences().getReferenceData()) {
            if (reference.getUrl().contains("elixir-security-advisories")) {
                return ElixirMixAuditAnalyzer.DEPENDENCY_ECOSYSTEM;
            }
            if (reference.getUrl().contains("ruby-lang.org")) {
                return "ruby";
            }
            if (reference.getUrl().contains("python.org") || reference.getUrl().contains("drupal.org")) {
                return "python";
            }
            if (reference.getUrl().contains("npm") || reference.getUrl().contains("nodejs.org") || reference.getUrl().contains("nodesecurity.io")) {
                return "npm";
            }
            if (reference.getUrl().contains("rustsec.org")) {
                return "rust";
            }
        }
        return null;
    }

    private String extractEcosystem(String str, String str2, String str3, String str4) {
        return ("ibm".equals(str2) && "java".equals(str3)) ? "c/c++" : ("oracle".equals(str2) && "vm".equals(str3)) ? "c/c++" : ("*".equals(str4) || str != null) ? str : str4;
    }

    public String extractEcosystem(String str, VulnerableSoftware vulnerableSoftware) {
        return extractEcosystem(str, vulnerableSoftware.getVendor(), vulnerableSoftware.getProduct(), vulnerableSoftware.getTargetSw());
    }

    public boolean isRejected(String str) {
        return str.startsWith("** REJECT **");
    }
}
