package gov.nist.secauto.scap.validation;

import gov.nist.secauto.scap.validation.utils.FileUtils;
import java.io.BufferedInputStream;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLDecoder;
import java.nio.file.Files;
import java.nio.file.StandardCopyOption;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.LinkedList;
import java.util.List;
import java.util.Objects;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:gov/nist/secauto/scap/validation/DataFeedDownloader.class */
public class DataFeedDownloader {
    static final URLHolder[] dictionaryUrls = {new URLHolder("https://static.nvd.nist.gov/feeds/xml/cce/nvdcce-0.1-feed.xml", "https://static.nvd.nist.gov/feeds/xml/cce/nvdcce-0.1-feed.xml.gz", "https://static.nvd.nist.gov/feeds/xml/cce/nvdcce-0.1-feed.meta", "nvdcce-0.1-feed.xml"), new URLHolder("https://static.nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.2.xml", "https://static.nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.2.xml.gz", "https://static.nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.2.meta", "official-cpe-dictionary_v2.2.xml")};
    private static final Logger log = LogManager.getLogger(DataFeedDownloader.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:gov/nist/secauto/scap/validation/DataFeedDownloader$URLHolder.class */
    public static class URLHolder {
        private final String baseUrl;
        private final String compressedUrl;
        private final String metaUrl;
        private final String localName;
        private byte[] onlineSHA256Hash;

        public URLHolder(String str, String str2, String str3, String str4) {
            this.baseUrl = str;
            this.compressedUrl = str2;
            this.metaUrl = str3;
            this.localName = str4;
        }

        public String getBaseUrl() {
            return this.baseUrl;
        }

        public String getCompressedUrl() {
            return this.compressedUrl;
        }

        public String getMetaUrl() {
            return this.metaUrl;
        }

        public String getLocalName() {
            return this.localName;
        }

        public void setOnlineSHA256Hash(byte[] bArr) {
            this.onlineSHA256Hash = bArr;
        }

        public byte[] getOnlineSHA256Hash() {
            DataFeedDownloader.getOnlineFileHash(this);
            return this.onlineSHA256Hash;
        }
    }

    public static boolean download(int i) {
        Objects.requireNonNull(Integer.valueOf(i), "maxDownloadSizeInMiB can not be null");
        try {
            String decode = URLDecoder.decode(new URL("classpath:data_feeds/").openConnection().getURL().getPath(), "UTF-8");
            if (decode.contains(".jar!")) {
                int length = decode.split("/").length;
                StringBuilder sb = new StringBuilder("");
                for (int i2 = 0; i2 < length - 2; i2++) {
                    sb.append(decode.split("/")[i2] + "/");
                }
                decode = sb.toString().replace("file:", "") + "data_feeds";
            }
            File file = new File(decode);
            if (!file.isDirectory() && file.canRead()) {
                throw new IOException("Cannot read directory: " + decode);
            }
            List<URLHolder> filesNeedUpdating = filesNeedUpdating(file);
            if (filesNeedUpdating.isEmpty()) {
                return true;
            }
            for (URLHolder uRLHolder : filesNeedUpdating) {
                try {
                    if (uRLHolder.getOnlineSHA256Hash() == null) {
                        log.error("Failed to locate the hash value online. File will not be downloaded.");
                    } else {
                        File downloadFile = FileUtils.downloadFile(new URL(uRLHolder.getCompressedUrl()), i * 1024 * 1024);
                        if (downloadFile == null) {
                            log.error("Failed to download file locally. File will not be used.");
                        } else {
                            File decompressGZIPFile = FileUtils.decompressGZIPFile(downloadFile);
                            if (!downloadFile.delete()) {
                                log.error("Unable to clean up the downloaded file: " + downloadFile.getAbsolutePath());
                            }
                            if (decompressGZIPFile == null) {
                                log.error("Failed to decompress the file.");
                            } else if (doesSHA256Match(new BufferedInputStream(new FileInputStream(decompressGZIPFile)), uRLHolder.getOnlineSHA256Hash())) {
                                File file2 = new File(file, uRLHolder.getLocalName());
                                if (file2.exists() && !file2.delete()) {
                                    log.error("Permanent location file could not be deleted.");
                                    decompressGZIPFile.delete();
                                }
                                if (Files.move(decompressGZIPFile.toPath(), file2.toPath(), StandardCopyOption.REPLACE_EXISTING) != file2.toPath()) {
                                    log.error("Could not move temp file to permanent location.");
                                    decompressGZIPFile.delete();
                                }
                            } else {
                                log.error("Downloaded temp file does not match expected hash.  File will not be used.");
                                if (!decompressGZIPFile.delete()) {
                                    log.error("Unable to delete file: " + decompressGZIPFile.getAbsolutePath());
                                }
                            }
                        }
                    }
                } catch (IOException e) {
                    log.error("Unable to download and update " + uRLHolder.getLocalName());
                    ValidationNotes.getInstance().createValidationNote("Unable to download and update " + uRLHolder.getLocalName());
                    return false;
                } catch (NoSuchAlgorithmException e2) {
                    log.error("SHA-256 not supported");
                    return false;
                }
            }
            return true;
        } catch (IOException e3) {
            String str = "Unable to access the data_feeds directory." + System.lineSeparator() + "CCE and CPE dictionaries will not be updated." + System.lineSeparator() + "If problem persists, try to re-extract SCAPVal. " + e3.getMessage();
            log.error(str);
            ValidationNotes.getInstance().createValidationNote(str);
            return false;
        }
    }

    static List<URLHolder> filesNeedUpdating(File file) {
        Objects.requireNonNull(file, "dir can not be null");
        LinkedList linkedList = new LinkedList();
        for (URLHolder uRLHolder : dictionaryUrls) {
            if (getOnlineFileHash(uRLHolder) && isUpdateRecommended(file, uRLHolder)) {
                linkedList.add(uRLHolder);
            }
        }
        return linkedList;
    }

    static boolean isUpdateRecommended(File file, URLHolder uRLHolder) {
        Objects.requireNonNull(file, "dir cannot be null");
        Objects.requireNonNull(uRLHolder, "url cannot be null");
        File file2 = new File(file, uRLHolder.getLocalName());
        try {
            if (doesSHA256Match(new BufferedInputStream(new FileInputStream(file2)), uRLHolder.getOnlineSHA256Hash())) {
                log.info(file2 + " (SHA-256: " + FileUtils.getFileHash(file2, FileUtils.DEFAULT_HASH_ALGORITHM) + ") is current.");
                return false;
            }
            log.info("There is a newer version of: " + file2.getAbsolutePath());
            return true;
        } catch (IOException e) {
            log.info("Unable to access: " + file2.getAbsolutePath() + " an update will attempt to replace it.");
            return true;
        } catch (NoSuchAlgorithmException e2) {
            return false;
        }
    }

    private static byte[] getSHA256Hash(InputStream inputStream) throws IOException {
        Objects.requireNonNull(inputStream, "metafile can not be null");
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
        byte[] bArr = null;
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                bufferedReader.close();
                return bArr;
            }
            if (readLine.startsWith("sha256:")) {
                String substring = readLine.substring("sha256:".length());
                bArr = new byte[(int) Math.ceil(substring.length() / 2)];
                int length = bArr.length;
                for (int i = 0; i < length; i++) {
                    bArr[i] = (byte) Integer.parseInt(substring.substring(i * 2, (i * 2) + 2), 16);
                }
            }
        }
    }

    private static boolean doesSHA256Match(InputStream inputStream, byte[] bArr) throws IOException, NoSuchAlgorithmException {
        int i = 65536;
        LinkedList linkedList = new LinkedList();
        while (i == 65536) {
            byte[] bArr2 = new byte[FileUtils.BUFFER_SIZE];
            i = inputStream.read(bArr2);
            linkedList.add(bArr2);
        }
        inputStream.close();
        byte[] bArr3 = new byte[(FileUtils.BUFFER_SIZE * (linkedList.size() - 1)) + i];
        int i2 = 0;
        int size = linkedList.size();
        for (int i3 = 0; i3 < size - 1; i3++) {
            System.arraycopy(linkedList.get(i3), 0, bArr3, i2, FileUtils.BUFFER_SIZE);
            i2 += FileUtils.BUFFER_SIZE;
        }
        System.arraycopy(linkedList.get(linkedList.size() - 1), 0, bArr3, i2, i);
        byte[] digest = MessageDigest.getInstance(FileUtils.DEFAULT_HASH_ALGORITHM).digest(bArr3);
        if (digest.length != bArr.length) {
            return false;
        }
        int length = bArr.length;
        for (int i4 = 0; i4 < length; i4++) {
            if (bArr[i4] != digest[i4]) {
                return false;
            }
        }
        return true;
    }

    private static boolean getOnlineFileHash(URLHolder uRLHolder) {
        Objects.requireNonNull(uRLHolder, "urlHolder can not be null");
        try {
            if (uRLHolder.getMetaUrl() == null) {
                return false;
            }
            uRLHolder.setOnlineSHA256Hash(getSHA256Hash(new BufferedInputStream(new URL(uRLHolder.getMetaUrl()).openStream())));
            return true;
        } catch (MalformedURLException e) {
            return false;
        } catch (IOException e2) {
            log.info("Unable to reach the server for metadata on the latest file online. Local file: " + uRLHolder.getLocalName() + " will not be updated.");
            return false;
        }
    }
}
