package org.owasp.dependencycheck.data.update;

import java.io.File;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import javax.annotation.concurrent.ThreadSafe;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.data.nvd.json.MetaProperties;
import org.owasp.dependencycheck.data.nvdcve.CveDB;
import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
import org.owasp.dependencycheck.data.nvdcve.DatabaseProperties;
import org.owasp.dependencycheck.data.update.exception.InvalidDataException;
import org.owasp.dependencycheck.data.update.exception.UpdateException;
import org.owasp.dependencycheck.data.update.nvd.DownloadTask;
import org.owasp.dependencycheck.data.update.nvd.NvdCveInfo;
import org.owasp.dependencycheck.data.update.nvd.ProcessTask;
import org.owasp.dependencycheck.utils.DateUtil;
import org.owasp.dependencycheck.utils.DownloadFailedException;
import org.owasp.dependencycheck.utils.Downloader;
import org.owasp.dependencycheck.utils.InvalidSettingException;
import org.owasp.dependencycheck.utils.ResourceNotFoundException;
import org.owasp.dependencycheck.utils.Settings;
import org.owasp.dependencycheck.utils.TooManyRequestsException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ThreadSafe
/* loaded from: input_file:org/owasp/dependencycheck/data/update/NvdCveUpdater.class */
public class NvdCveUpdater implements CachedWebDataSource {
    private static final Logger LOGGER = LoggerFactory.getLogger(NvdCveUpdater.class);
    private static final int PROCESSING_THREAD_POOL_SIZE = Runtime.getRuntime().availableProcessors();
    private static final int DOWNLOAD_THREAD_POOL_SIZE = Math.round(1.5f * Runtime.getRuntime().availableProcessors());
    private Settings settings;
    private ExecutorService processingExecutorService = null;
    private ExecutorService downloadExecutorService = null;
    private CveDB cveDb = null;
    private DatabaseProperties dbProperties = null;

    @Override // org.owasp.dependencycheck.data.update.CachedWebDataSource
    public synchronized boolean update(Engine engine) throws UpdateException {
        String property;
        this.settings = engine.getSettings();
        this.cveDb = engine.getDatabase();
        if (isUpdateConfiguredFalse()) {
            return false;
        }
        boolean z = false;
        try {
            try {
                this.dbProperties = this.cveDb.getDatabaseProperties();
                if (checkUpdate()) {
                    List<NvdCveInfo> updatesNeeded = getUpdatesNeeded();
                    if (!updatesNeeded.isEmpty()) {
                        initializeExecutorServices();
                        performUpdate(updatesNeeded);
                        z = true;
                    }
                    this.dbProperties.save(DatabaseProperties.LAST_CHECKED, Long.toString(System.currentTimeMillis() / 1000));
                }
                return z;
            } catch (DatabaseException e) {
                throw new UpdateException("Database Exception, unable to update the data to use the most current data.", e);
            } catch (UpdateException e2) {
                if (e2.getCause() != null && (e2.getCause() instanceof DownloadFailedException) && ((property = System.getProperty("java.version")) == null || property.startsWith("1.4") || property.startsWith("1.5") || property.startsWith("1.6") || property.startsWith("1.7"))) {
                    LOGGER.error("An old JRE is being used ({} {}), and likely does not have the correct root certificates or algorithms to connect to the NVD - consider upgrading your JRE.", System.getProperty("java.vendor"), property);
                }
                throw e2;
            }
        } finally {
            shutdownExecutorServices();
        }
    }

    private boolean isUpdateConfiguredFalse() {
        if (!this.settings.getBoolean("updater.nvdcve.enabled", true)) {
            return true;
        }
        boolean z = true;
        try {
            z = this.settings.getBoolean("odc.autoupdate");
        } catch (InvalidSettingException e) {
            LOGGER.debug("Invalid setting for auto-update; using true.");
        }
        return !z;
    }

    protected void initializeExecutorServices() {
        int i = this.settings.getInt("max.download.threads", 3);
        int i2 = DOWNLOAD_THREAD_POOL_SIZE > i ? i : DOWNLOAD_THREAD_POOL_SIZE;
        this.downloadExecutorService = Executors.newFixedThreadPool(i2);
        this.processingExecutorService = Executors.newFixedThreadPool(PROCESSING_THREAD_POOL_SIZE);
        LOGGER.debug("#download   threads: {}", Integer.valueOf(i2));
        LOGGER.debug("#processing threads: {}", Integer.valueOf(PROCESSING_THREAD_POOL_SIZE));
    }

    private void shutdownExecutorServices() {
        if (this.processingExecutorService != null) {
            this.processingExecutorService.shutdownNow();
        }
        if (this.downloadExecutorService != null) {
            this.downloadExecutorService.shutdownNow();
        }
    }

    private boolean checkUpdate() throws UpdateException {
        boolean z = true;
        int i = this.settings.getInt("cve.check.validforhours", 0);
        if (dataExists() && 0 < i) {
            long j = i * 60 * 60;
            long propertyInSeconds = getPropertyInSeconds(DatabaseProperties.LAST_CHECKED);
            long currentTimeMillis = System.currentTimeMillis() / 1000;
            z = currentTimeMillis - propertyInSeconds > j;
            if (!z) {
                LOGGER.info("Skipping NVD check since last check was within {} hours.", Integer.valueOf(i));
                LOGGER.debug("Last NVD was at {}, and now {} is within {} s.", new Object[]{Long.valueOf(propertyInSeconds), Long.valueOf(currentTimeMillis), Long.valueOf(j)});
            }
        }
        return z;
    }

    private boolean dataExists() {
        return this.cveDb.dataExists();
    }

    private void performUpdate(List<NvdCveInfo> list) throws UpdateException {
        if (list.isEmpty()) {
            return;
        }
        if (list.size() > 3) {
            LOGGER.info("NVD CVE requires several updates; this could take a couple of minutes.");
        }
        DownloadTask downloadTask = null;
        HashSet hashSet = new HashSet(list.size());
        for (NvdCveInfo nvdCveInfo : list) {
            DownloadTask downloadTask2 = new DownloadTask(nvdCveInfo, this.processingExecutorService, this.cveDb, this.settings);
            if (downloadTask2.isModified()) {
                downloadTask = downloadTask2;
            } else if (!hashSet.add(this.downloadExecutorService.submit(downloadTask2))) {
                throw new UpdateException("Unable to add the download task for " + nvdCveInfo.getId());
            }
        }
        HashSet hashSet2 = new HashSet(list.size());
        Iterator it = hashSet.iterator();
        while (it.hasNext()) {
            try {
                Future future = (Future) ((Future) it.next()).get();
                if (future != null) {
                    hashSet2.add(future);
                }
            } catch (InterruptedException e) {
                LOGGER.debug("Thread was interrupted during download", e);
                Thread.currentThread().interrupt();
                throw new UpdateException("The download was interrupted", e);
            } catch (ExecutionException e2) {
                LOGGER.debug("Thread was interrupted during download execution", e2);
                throw new UpdateException("The execution of the download was interrupted", e2);
            }
        }
        Iterator it2 = hashSet2.iterator();
        while (it2.hasNext()) {
            try {
                ProcessTask processTask = (ProcessTask) ((Future) it2.next()).get();
                if (processTask.getException() != null) {
                    throw processTask.getException();
                }
            } catch (InterruptedException e3) {
                LOGGER.debug("Thread was interrupted during processing", e3);
                Thread.currentThread().interrupt();
                throw new UpdateException(e3);
            } catch (ExecutionException e4) {
                LOGGER.debug("Execution Exception during process", e4);
                throw new UpdateException(e4);
            }
        }
        if (downloadTask != null) {
            try {
                ProcessTask processTask2 = (ProcessTask) ((Future) this.downloadExecutorService.submit(downloadTask).get()).get();
                if (processTask2.getException() != null) {
                    throw processTask2.getException();
                }
            } catch (InterruptedException e5) {
                LOGGER.debug("Thread was interrupted during download", e5);
                Thread.currentThread().interrupt();
                throw new UpdateException("The download was interrupted", e5);
            } catch (ExecutionException e6) {
                LOGGER.debug("Thread was interrupted during download execution", e6);
                throw new UpdateException("The execution of the download was interrupted", e6);
            }
        }
        try {
            this.cveDb.cleanupDatabase();
        } catch (DatabaseException e7) {
            throw new UpdateException(e7.getMessage(), e7.getCause());
        }
    }

    protected final MetaProperties getMetaFile(String str) throws UpdateException {
        String str2 = str.substring(0, str.length() - 7) + "meta";
        try {
            return new MetaProperties(new Downloader(this.settings).fetchContent(new URL(str2), true, "cve.user", "cve.password"));
        } catch (MalformedURLException e) {
            throw new UpdateException("Meta file url is invalid: " + str2, e);
        } catch (InvalidDataException e2) {
            throw new UpdateException("Meta file content is invalid: " + str2, e2);
        } catch (TooManyRequestsException e3) {
            throw new UpdateException("Unable to download meta file: " + str2 + "; received 429 -- too many requests", e3);
        } catch (DownloadFailedException e4) {
            throw new UpdateException("Unable to download meta file: " + str2, e4);
        } catch (ResourceNotFoundException e5) {
            throw new UpdateException("Unable to download meta file: " + str2 + "; received 404 -- resource not found", e5);
        }
    }

    protected final List<NvdCveInfo> getUpdatesNeeded() throws UpdateException {
        LOGGER.debug("starting getUpdatesNeeded() ...");
        ArrayList arrayList = new ArrayList();
        if (this.dbProperties != null && !this.dbProperties.isEmpty()) {
            try {
                int i = this.settings.getInt("cve.startyear", 2002);
                int i2 = Calendar.getInstance().get(1);
                boolean z = false;
                int i3 = i;
                while (true) {
                    if (i3 > i2) {
                        break;
                    }
                    if (Long.parseLong(this.dbProperties.getProperty(DatabaseProperties.LAST_UPDATED_BASE + i3, "0")) == 0) {
                        z = true;
                        break;
                    }
                    i3++;
                }
                long propertyInSeconds = getPropertyInSeconds(DatabaseProperties.LAST_UPDATED);
                long currentTimeMillis = System.currentTimeMillis() / 1000;
                int i4 = this.settings.getInt("cve.url.modified.validfordays", 7);
                String string = this.settings.getString("cve.url.modified");
                MetaProperties metaFile = getMetaFile(string);
                if (!z && propertyInSeconds == metaFile.getLastModifiedDate()) {
                    return arrayList;
                }
                arrayList.add(new NvdCveInfo(DatabaseProperties.MODIFIED, string, metaFile.getLastModifiedDate()));
                if (z || !DateUtil.withinDateRange(propertyInSeconds, currentTimeMillis, i4)) {
                    int i5 = this.settings.getInt("cve.startyear");
                    int i6 = Calendar.getInstance().get(1);
                    String string2 = this.settings.getString("cve.url.base");
                    for (int i7 = i5; i7 <= i6; i7++) {
                        try {
                            String format = String.format(string2, Integer.valueOf(i7));
                            MetaProperties metaFile2 = getMetaFile(format);
                            if (getPropertyInSeconds(DatabaseProperties.LAST_UPDATED_BASE + i7) < metaFile2.getLastModifiedDate()) {
                                arrayList.add(new NvdCveInfo(Integer.toString(i7), format, metaFile2.getLastModifiedDate()));
                            }
                        } catch (UpdateException e) {
                            Calendar calendar = Calendar.getInstance();
                            int i8 = calendar.get(1);
                            int i9 = calendar.get(2);
                            int i10 = calendar.get(5);
                            int i11 = this.settings.getInt("nvd.newyear.grace.period", 10);
                            if (!e.getMessage().contains("Unable to download meta file") || i7 != i8 || i9 != 0 || i10 >= i11) {
                                throw e;
                            }
                            LOGGER.warn("NVD Data for {} has not been published yet.", Integer.valueOf(i8));
                        }
                    }
                }
            } catch (NumberFormatException e2) {
                LOGGER.warn("An invalid schema version or timestamp exists in the data.properties file.");
                LOGGER.debug("", e2);
            } catch (InvalidSettingException e3) {
                throw new UpdateException("The NVD CVE start year property is set to an invalid value", e3);
            }
        }
        return arrayList;
    }

    private long getPropertyInSeconds(String str) {
        return DateUtil.getEpochValueInSeconds(this.dbProperties.getProperty(str, "0"));
    }

    protected synchronized void setSettings(Settings settings) {
        this.settings = settings;
    }

    @Override // org.owasp.dependencycheck.data.update.CachedWebDataSource
    public boolean purge(Engine engine) {
        boolean z = true;
        try {
            File dataDirectory = engine.getSettings().getDataDirectory();
            File file = new File(dataDirectory, engine.getSettings().getString("data.file_name", "odc.mv.db"));
            if (!file.exists()) {
                LOGGER.info("Unable to purge database; the database file does not exist: {}", file.getAbsolutePath());
                z = false;
            } else if (file.delete()) {
                LOGGER.info("Database file purged; local copy of the NVD has been removed");
            } else {
                LOGGER.error("Unable to delete '{}'; please delete the file manually", file.getAbsolutePath());
                z = false;
            }
            File file2 = new File(dataDirectory, "odc.trace.db");
            if (file2.exists() && !file2.delete()) {
                LOGGER.error("Unable to delete '{}'; please delete the file manually", file2.getAbsolutePath());
                z = false;
            }
            File file3 = new File(dataDirectory, "odc.update.lock");
            if (file3.exists() && !file3.delete()) {
                LOGGER.error("Unable to delete '{}'; please delete the file manually", file3.getAbsolutePath());
                z = false;
            }
        } catch (IOException e) {
            LOGGER.error("Unable to delete the database", e);
            z = false;
        }
        return z;
    }
}
