package com.sonatype.insight.scanner.call.flow.analyzer.bomxray;

import com.google.common.collect.Iterators;
import com.sonatype.cat.bomxray.asm.skeleton.QualifierFlags;
import com.sonatype.cat.bomxray.callgraph.Callgraph;
import com.sonatype.cat.bomxray.callgraph.CallgraphFactory;
import com.sonatype.cat.bomxray.callgraph.EntrypointBuilder;
import com.sonatype.cat.bomxray.skeleton.MethodDescriptor;
import com.sonatype.cat.bomxray.skeleton.MethodName;
import com.sonatype.cat.bomxray.skeleton.Qualifiers;
import com.sonatype.cat.bomxray.skeleton.SkeletonMethod;
import com.sonatype.cat.bomxray.skeleton.type.java.JavaArrayType;
import com.sonatype.cat.bomxray.skeleton.type.java.JavaString;
import com.sonatype.cat.bomxray.skeleton.type.java.JavaVoidType;
import com.sonatype.cat.bomxray.workspace.Workspace;
import com.sonatype.cat.bomxray.workspace.builder.WorkspaceBuilder;
import com.sonatype.cat.bomxray.workspace.container.PhantomContainer;
import com.sonatype.cat.bomxray.workspace.container.SkeletonContainer;
import com.sonatype.cat.bomxray.workspace.container.truezip.TFileContainer;
import com.sonatype.clm.dto.model.signature.VulnerabilitySignatureAnalysisDTO;
import com.sonatype.insight.scan.archive.TFileUtils;
import com.sonatype.insight.scanner.call.flow.analyzer.CallFlowGraphBuildException;
import com.sonatype.insight.scanner.call.flow.analyzer.CallFlowGraphExtractor;
import de.schlichtherle.truezip.file.TFile;
import java.io.File;
import java.io.IOException;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import org.codehaus.groovy.runtime.InvokerHelper;
import org.jetbrains.annotations.Nullable;
import org.slf4j.Logger;

/* loaded from: input_file:com/sonatype/insight/scanner/call/flow/analyzer/bomxray/BomXrayExtractor.class */
public class BomXrayExtractor implements CallFlowGraphExtractor {
    private final Logger log;
    private final BomXrayRuntime bomxray;
    private final BomXrayConfiguration config;

    public BomXrayExtractor(Logger logger, BomXrayRuntime bomXrayRuntime, BomXrayConfiguration bomXrayConfiguration) {
        this.log = (Logger) Objects.requireNonNull(logger);
        this.bomxray = (BomXrayRuntime) Objects.requireNonNull(bomXrayRuntime);
        this.config = (BomXrayConfiguration) Objects.requireNonNull(bomXrayConfiguration);
    }

    @Override // com.sonatype.insight.scanner.call.flow.analyzer.CallFlowGraphExtractor
    public BomXrayHandler buildCallFlowGraph() throws IOException, CallFlowGraphBuildException {
        long currentTimeMillis = System.currentTimeMillis();
        long usableSpace = new File(System.getProperty("java.io.tmpdir")).getUsableSpace();
        Workspace createWorkspace = createWorkspace();
        this.log.info("Workspace created; {} entries, {} namespaces", Integer.valueOf(createWorkspace.getEntries().size()), Integer.valueOf(createWorkspace.getNamespaces().size()));
        try {
            Set<SkeletonMethod> discoverEntryPoints = discoverEntryPoints(createWorkspace);
            if (discoverEntryPoints.isEmpty()) {
                this.log.warn("No entry-points have been discovered");
            } else {
                this.log.info("Discovered {} entry-points", Integer.valueOf(discoverEntryPoints.size()));
                if (this.log.isDebugEnabled()) {
                    Iterator<SkeletonMethod> it = discoverEntryPoints.iterator();
                    while (it.hasNext()) {
                        this.log.debug("  {}", it.next());
                    }
                }
            }
            try {
                this.log.info("Generating call-graph; algorithm: {}", this.config.getAlgorithm());
                Callgraph create = new CallgraphFactory().create(this.config.getAlgorithm(), createWorkspace, discoverEntryPoints);
                if (this.log.isInfoEnabled() && create.getMethods() != null && create.getCalls() != null) {
                    this.log.info("Call-graph generated; {} methods, {} callsites", Integer.valueOf(Iterators.size(create.getMethods().iterator())), Integer.valueOf(Iterators.size(create.getCalls().iterator())));
                }
                long currentTimeMillis2 = System.currentTimeMillis() - currentTimeMillis;
                VulnerabilitySignatureAnalysisDTO.MetricsDTO calculateCallflowAnalysisMetrics = calculateCallflowAnalysisMetrics(usableSpace, createWorkspace);
                calculateCallflowAnalysisMetrics.millisecondsOfRuntime = currentTimeMillis2;
                return new BomXrayHandler(this.log, this.bomxray, create, calculateCallflowAnalysisMetrics);
            } catch (Exception e) {
                throw new CallFlowGraphBuildException("Failed to generate call-graph", e);
            }
        } catch (Exception e2) {
            throw new CallFlowGraphBuildException("Failed to discover entry-points", e2);
        }
    }

    private VulnerabilitySignatureAnalysisDTO.MetricsDTO calculateCallflowAnalysisMetrics(long j, Workspace workspace) {
        long j2 = 0;
        long j3 = 0;
        long j4 = 0;
        Iterator it = ((Set) workspace.getEntries().values().stream().map(workspaceEntry -> {
            return workspaceEntry.getContainer();
        }).filter(skeletonContainer -> {
            return !PhantomContainer.ID.equalsIgnoreCase(skeletonContainer.getId());
        }).collect(Collectors.toSet())).iterator();
        while (it.hasNext()) {
            j2++;
            j3 += r0.getClasses().size();
            j4 += TFileUtils.dataLength(new TFile(((SkeletonContainer) it.next()).getId().replace("truezip:", "")));
        }
        VulnerabilitySignatureAnalysisDTO.MetricsDTO metricsDTO = new VulnerabilitySignatureAnalysisDTO.MetricsDTO();
        metricsDTO.bytesOfContainers = j4;
        metricsDTO.numberOfProcessors = Runtime.getRuntime().availableProcessors();
        metricsDTO.bytesOfMaxHeapSize = Runtime.getRuntime().maxMemory();
        metricsDTO.numberOfClassFiles = j3;
        metricsDTO.numberOfContainers = j2;
        metricsDTO.bytesOfAvailableDiskSpaceInTempBefore = j;
        metricsDTO.bytesOfAvailableDiskSpaceInTempAfter = new File(System.getProperty("java.io.tmpdir")).getUsableSpace();
        return metricsDTO;
    }

    private Workspace createWorkspace() throws IOException, CallFlowGraphBuildException {
        try {
            this.log.info("Creating workspace for call-flow analysis");
            WorkspaceBuilder inspector = this.bomxray.createWorkspaceBuilder().inspector(this.bomxray.createClassInspector());
            this.log.info("Thread-count: {}", Integer.valueOf(this.config.getThreadCount()));
            inspector.threadCount(this.config.getThreadCount());
            this.log.info("Adding {} scan targets", Integer.valueOf(this.config.getScanTargets().size()));
            Iterator<String> it = this.config.getScanTargets().iterator();
            while (it.hasNext()) {
                File canonicalFile = new File(it.next()).getCanonicalFile();
                if (canonicalFile.exists()) {
                    inspector.container(new TFileContainer(canonicalFile));
                } else {
                    this.log.warn("Missing file; ignoring: {}", canonicalFile);
                }
            }
            return inspector.build();
        } catch (IOException e) {
            throw new IOException("Failed to create workspace", e);
        } catch (Exception e2) {
            throw new CallFlowGraphBuildException("Failed to create workspace", e2);
        }
    }

    private Set<SkeletonMethod> discoverEntryPoints(Workspace workspace) {
        this.log.info("Discovering entry-points");
        List<String> applicationNamespaces = this.config.getApplicationNamespaces();
        EntrypointBuilder entrypointBuilder = new EntrypointBuilder(workspace);
        if (applicationNamespaces.isEmpty()) {
            MethodName parseMethodName = this.bomxray.parseMethodName(InvokerHelper.MAIN_METHOD_NAME);
            MethodDescriptor methodDescriptor = new MethodDescriptor(Collections.singletonList(new JavaArrayType(JavaString.INSTANCE, 1)), JavaVoidType.INSTANCE);
            entrypointBuilder.setMethods(skeletonMethod -> {
                Qualifiers qualifiers = skeletonMethod.getQualifiers();
                return Boolean.valueOf(!qualifiers.hasAny("abstract", QualifierFlags.FLAG_SYNTHETIC) && qualifiers.hasAll("public", "static") && parseMethodName.equals(skeletonMethod.getName()) && methodDescriptor.equals(skeletonMethod.getDescriptor()));
            });
        } else {
            entrypointBuilder.setEntries(workspaceEntry -> {
                Iterator it = applicationNamespaces.iterator();
                while (it.hasNext()) {
                    if (startsWith(workspaceEntry.getKlass().getName().getNamespace(), (String) it.next())) {
                        return true;
                    }
                }
                return false;
            });
            entrypointBuilder.setMethods(skeletonMethod2 -> {
                return Boolean.valueOf(!skeletonMethod2.getQualifiers().hasAny("abstract", QualifierFlags.FLAG_SYNTHETIC));
            });
        }
        return entrypointBuilder.build();
    }

    private boolean startsWith(@Nullable String str, String str2) {
        return str != null && str.startsWith(str2);
    }
}
