package org.owasp.dependencycheck.dependency;

import java.io.Serializable;
import javax.annotation.concurrent.ThreadSafe;
import org.apache.commons.lang3.builder.CompareToBuilder;
import org.apache.commons.lang3.builder.EqualsBuilder;
import org.apache.commons.lang3.builder.HashCodeBuilder;
import org.owasp.dependencycheck.analyzer.exception.UnexpectedAnalysisException;
import org.owasp.dependencycheck.utils.DependencyVersion;
import us.springett.parsers.cpe.Cpe;
import us.springett.parsers.cpe.ICpe;
import us.springett.parsers.cpe.exceptions.CpeValidationException;
import us.springett.parsers.cpe.values.LogicalValue;
import us.springett.parsers.cpe.values.Part;

@ThreadSafe
/* loaded from: input_file:org/owasp/dependencycheck/dependency/VulnerableSoftware.class */
public class VulnerableSoftware extends Cpe implements Serializable {
    private static final long serialVersionUID = 605319412326651052L;
    private final String versionEndExcluding;
    private final String versionEndIncluding;
    private final String versionStartExcluding;
    private final String versionStartIncluding;
    private final boolean vulnerable;

    public VulnerableSoftware(Part part, String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, String str10, String str11, String str12, String str13, String str14, boolean z) throws CpeValidationException {
        super(part, str, str2, str3, str4, str5, str6, str7, str8, str9, str10);
        this.versionEndExcluding = str11;
        this.versionEndIncluding = str12;
        this.versionStartExcluding = str13;
        this.versionStartIncluding = str14;
        this.vulnerable = z;
    }

    public int compareTo(Object obj) {
        if (obj instanceof VulnerableSoftware) {
            VulnerableSoftware vulnerableSoftware = (VulnerableSoftware) obj;
            return new CompareToBuilder().appendSuper(super.compareTo(vulnerableSoftware)).append(this.versionStartIncluding, vulnerableSoftware.versionStartIncluding).append(this.versionStartExcluding, vulnerableSoftware.versionStartExcluding).append(this.versionEndIncluding, vulnerableSoftware.versionEndIncluding).append(this.versionEndExcluding, vulnerableSoftware.versionEndExcluding).append(this.vulnerable, vulnerableSoftware.vulnerable).build().intValue();
        }
        if (obj instanceof Cpe) {
            return super.compareTo(obj);
        }
        throw new UnexpectedAnalysisException("Unable to compare " + obj.getClass().getCanonicalName());
    }

    public int hashCode() {
        return new HashCodeBuilder(13, 59).appendSuper(super.hashCode()).append(this.versionEndExcluding).append(this.versionEndIncluding).append(this.versionStartExcluding).append(this.versionStartIncluding).toHashCode();
    }

    public boolean equals(Object obj) {
        if (obj == null) {
            return false;
        }
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof VulnerableSoftware)) {
            return false;
        }
        VulnerableSoftware vulnerableSoftware = (VulnerableSoftware) obj;
        return new EqualsBuilder().appendSuper(super.equals(obj)).append(this.versionEndExcluding, vulnerableSoftware.versionEndExcluding).append(this.versionEndIncluding, vulnerableSoftware.versionEndIncluding).append(this.versionStartExcluding, vulnerableSoftware.versionStartExcluding).append(this.versionStartIncluding, vulnerableSoftware.versionStartIncluding).isEquals();
    }

    public boolean matches(ICpe iCpe) {
        return this.vulnerable & compareAttributes(getPart(), iCpe.getPart()) & compareAttributes(getVendor(), iCpe.getVendor()) & compareAttributes(getProduct(), iCpe.getProduct()) & compareVersionRange(iCpe.getVersion()) & compareAttributes(getUpdate(), iCpe.getUpdate()) & compareAttributes(getEdition(), iCpe.getEdition()) & compareAttributes(getLanguage(), iCpe.getLanguage()) & compareAttributes(getSwEdition(), iCpe.getSwEdition()) & compareAttributes(getTargetSw(), iCpe.getTargetSw()) & compareAttributes(getTargetHw(), iCpe.getTargetHw()) & compareAttributes(getOther(), iCpe.getOther());
    }

    public static boolean testMatch(ICpe iCpe, ICpe iCpe2) {
        boolean compareAttributes;
        boolean compareAttributes2 = true & compareAttributes(iCpe.getPart(), iCpe2.getPart()) & compareAttributes(iCpe.getWellFormedVendor(), iCpe2.getWellFormedVendor()) & compareAttributes(iCpe.getWellFormedProduct(), iCpe2.getWellFormedProduct());
        if (iCpe2 instanceof VulnerableSoftware) {
            VulnerableSoftware vulnerableSoftware = (VulnerableSoftware) iCpe2;
            compareAttributes = compareAttributes2 & vulnerableSoftware.vulnerable & compareVersions(vulnerableSoftware, iCpe.getVersion());
        } else if (iCpe instanceof VulnerableSoftware) {
            VulnerableSoftware vulnerableSoftware2 = (VulnerableSoftware) iCpe;
            compareAttributes = compareAttributes2 & vulnerableSoftware2.vulnerable & compareVersions(vulnerableSoftware2, iCpe2.getVersion());
        } else {
            compareAttributes = compareAttributes2 & compareAttributes(iCpe.getWellFormedVersion(), iCpe2.getWellFormedVersion());
        }
        return compareAttributes & compareAttributes(iCpe.getWellFormedUpdate(), iCpe2.getWellFormedUpdate()) & compareAttributes(iCpe.getWellFormedEdition(), iCpe2.getWellFormedEdition()) & compareAttributes(iCpe.getWellFormedLanguage(), iCpe2.getWellFormedLanguage()) & compareAttributes(iCpe.getWellFormedSwEdition(), iCpe2.getWellFormedSwEdition()) & compareAttributes(iCpe.getWellFormedTargetSw(), iCpe2.getWellFormedTargetSw()) & compareAttributes(iCpe.getWellFormedTargetHw(), iCpe2.getWellFormedTargetHw()) & compareAttributes(iCpe.getWellFormedOther(), iCpe2.getWellFormedOther());
    }

    public boolean matchedBy(ICpe iCpe) {
        return testMatch(iCpe, this);
    }

    protected boolean compareVersionRange(String str) {
        return compareVersions(this, str);
    }

    protected static boolean compareVersions(VulnerableSoftware vulnerableSoftware, String str) {
        if (LogicalValue.NA.getAbbreviation().equals(vulnerableSoftware.getVersion())) {
            return false;
        }
        boolean z = ((vulnerableSoftware.versionEndExcluding == null || vulnerableSoftware.versionEndExcluding.isEmpty()) && (vulnerableSoftware.versionStartExcluding == null || vulnerableSoftware.versionStartExcluding.isEmpty()) && ((vulnerableSoftware.versionEndIncluding == null || vulnerableSoftware.versionEndIncluding.isEmpty()) && (vulnerableSoftware.versionStartIncluding == null || vulnerableSoftware.versionStartIncluding.isEmpty()))) ? false : true;
        if (!z && compareAttributes(vulnerableSoftware.getVersion(), str)) {
            return true;
        }
        DependencyVersion dependencyVersion = new DependencyVersion(str);
        if (dependencyVersion.getVersionParts().isEmpty()) {
            return false;
        }
        if (z && vulnerableSoftware.versionEndExcluding != null && !vulnerableSoftware.versionEndExcluding.isEmpty()) {
            z = new DependencyVersion(vulnerableSoftware.versionEndExcluding).compareTo(dependencyVersion) > 0;
        }
        if (z && vulnerableSoftware.versionStartExcluding != null && !vulnerableSoftware.versionStartExcluding.isEmpty()) {
            z = new DependencyVersion(vulnerableSoftware.versionStartExcluding).compareTo(dependencyVersion) < 0;
        }
        if (z && vulnerableSoftware.versionEndIncluding != null && !vulnerableSoftware.versionEndIncluding.isEmpty()) {
            z &= new DependencyVersion(vulnerableSoftware.versionEndIncluding).compareTo(dependencyVersion) >= 0;
        }
        if (z && vulnerableSoftware.versionStartIncluding != null && !vulnerableSoftware.versionStartIncluding.isEmpty()) {
            z &= new DependencyVersion(vulnerableSoftware.versionStartIncluding).compareTo(dependencyVersion) <= 0;
        }
        return z;
    }

    public String getVersionEndExcluding() {
        return this.versionEndExcluding;
    }

    public String getVersionEndIncluding() {
        return this.versionEndIncluding;
    }

    public String getVersionStartExcluding() {
        return this.versionStartExcluding;
    }

    public String getVersionStartIncluding() {
        return this.versionStartIncluding;
    }

    public boolean isVulnerable() {
        return this.vulnerable;
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append(toCpe23FS());
        boolean z = false;
        if (this.versionStartIncluding != null && !this.versionStartIncluding.isEmpty()) {
            sb.append(" versions from (including) ").append(this.versionStartIncluding);
            z = true;
        }
        if (this.versionStartExcluding != null && !this.versionStartExcluding.isEmpty()) {
            if (z) {
                sb.append(";");
            }
            sb.append(" versions from (excluding) ").append(this.versionStartExcluding);
            z = true;
        }
        if (this.versionEndIncluding != null && !this.versionEndIncluding.isEmpty()) {
            if (z) {
                sb.append(";");
            }
            sb.append(" versions up to (including) ").append(this.versionEndIncluding);
            z = true;
        }
        if (this.versionEndExcluding != null && !this.versionEndExcluding.isEmpty()) {
            if (z) {
                sb.append(";");
            }
            sb.append(" versions up to (excluding) ").append(this.versionEndExcluding);
            z = true;
        }
        if (!this.vulnerable) {
            if (z) {
                sb.append(";");
            }
            sb.append(" version is NOT VULNERABLE");
        }
        return sb.toString();
    }
}
