package com.denimgroup.threadfix;

import com.denimgroup.threadfix.data.entities.DataFlowElement;
import com.denimgroup.threadfix.data.entities.Dependency;
import com.denimgroup.threadfix.data.entities.Finding;
import com.denimgroup.threadfix.data.entities.SurfaceLocation;
import com.denimgroup.threadfix.data.entities.Vulnerability;
import com.denimgroup.threadfix.data.entities.ssvl.generated.ObjectFactory;
import com.denimgroup.threadfix.data.entities.ssvl.generated.Severities;
import com.denimgroup.threadfix.data.entities.ssvl.generated.Vulnerabilities;
import java.io.StringWriter;
import java.math.BigInteger;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;

/* loaded from: input_file:com/denimgroup/threadfix/ObjectToSSVLParser.class */
public class ObjectToSSVLParser {
    public static final String SSVL_SPEC_VERSION_0_3 = "0.3";
    public static SimpleDateFormat OUR_DATE_FORMAT = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss aaa XXX");
    private static final ObjectFactory factory = new ObjectFactory();

    public static String getTimestamp(Calendar calendar) {
        return OUR_DATE_FORMAT.format(calendar.getTime());
    }

    public static String getCurrentTimestamp() {
        return OUR_DATE_FORMAT.format(new Date());
    }

    private ObjectToSSVLParser() {
    }

    public static void main(String[] strArr) {
        parse(null);
    }

    public static String parse(List<Vulnerability> list) {
        Vulnerabilities createVulnerabilities = factory.createVulnerabilities();
        if (list != null) {
            Iterator<Vulnerability> it = list.iterator();
            while (it.hasNext()) {
                createVulnerabilities.getVulnerability().add(convertTFVulnToSSVLVuln(it.next()));
            }
        }
        createVulnerabilities.setExportTimestamp(getCurrentTimestamp());
        createVulnerabilities.setSpecVersion(SSVL_SPEC_VERSION_0_3);
        StringWriter stringWriter = new StringWriter();
        try {
            Marshaller createMarshaller = JAXBContext.newInstance("com.denimgroup.threadfix.data.entities.ssvl.generated").createMarshaller();
            createMarshaller.setProperty("jaxb.formatted.output", Boolean.TRUE);
            createMarshaller.marshal(createVulnerabilities, stringWriter);
        } catch (JAXBException e) {
            e.printStackTrace();
        }
        return stringWriter.toString();
    }

    public static List<Vulnerabilities.Vulnerability> convertTFVulnsToSSVLVulns(List<Vulnerability> list) {
        List<Vulnerabilities.Vulnerability> list2 = CollectionUtils.list(new Vulnerabilities.Vulnerability[0]);
        Iterator<Vulnerability> it = list.iterator();
        while (it.hasNext()) {
            list2.add(convertTFVulnToSSVLVuln(it.next()));
        }
        return list2;
    }

    public static Vulnerabilities.Vulnerability convertTFVulnToSSVLVuln(Vulnerability vulnerability) {
        Vulnerabilities.Vulnerability createVulnerabilitiesVulnerability = factory.createVulnerabilitiesVulnerability();
        createVulnerabilitiesVulnerability.setDescription(vulnerability.getGenericVulnName());
        if (vulnerability.getDefect() != null) {
            createVulnerabilitiesVulnerability.setIssueID(vulnerability.getDefect().getNativeId());
        }
        createVulnerabilitiesVulnerability.setCWE(vulnerability.getGenericVulnerability().getDisplayId());
        createVulnerabilitiesVulnerability.setSeverity(Severities.fromValue(vulnerability.getSeverityName()));
        createVulnerabilitiesVulnerability.setApplication(vulnerability.getAppName());
        if (vulnerability.getFindings() != null) {
            Iterator<Finding> it = vulnerability.getFindings().iterator();
            while (it.hasNext()) {
                createVulnerabilitiesVulnerability.getFinding().add(convertTFFindingToSSVLFinding(it.next()));
            }
        }
        return createVulnerabilitiesVulnerability;
    }

    public static List<Vulnerabilities.Vulnerability.Finding> convertTFFindingsToSSVLFindings(List<Finding> list) {
        List<Vulnerabilities.Vulnerability.Finding> list2 = CollectionUtils.list(new Vulnerabilities.Vulnerability.Finding[0]);
        Iterator<Finding> it = list.iterator();
        while (it.hasNext()) {
            list2.add(convertTFFindingToSSVLFinding(it.next()));
        }
        return list2;
    }

    public static Vulnerabilities.Vulnerability.Finding convertTFFindingToSSVLFinding(Finding finding) {
        Vulnerabilities.Vulnerability.Finding createVulnerabilitiesVulnerabilityFinding = factory.createVulnerabilitiesVulnerabilityFinding();
        createVulnerabilitiesVulnerabilityFinding.setFindingDescription(finding.getChannelVulnerability().getName());
        createVulnerabilitiesVulnerabilityFinding.setLongDescription(finding.getLongDescription());
        createVulnerabilitiesVulnerabilityFinding.setNativeID(finding.getNativeId());
        createVulnerabilitiesVulnerabilityFinding.setAttackString(finding.getAttackString());
        createVulnerabilitiesVulnerabilityFinding.setScanner(finding.getChannelNameOrNull());
        createVulnerabilitiesVulnerabilityFinding.setSeverity(finding.getChannelSeverity().getName());
        createVulnerabilitiesVulnerabilityFinding.setIdentifiedTimestamp(getTimestamp(finding.getScan().getImportTime()));
        if (!finding.getIsStatic()) {
            createVulnerabilitiesVulnerabilityFinding.setSurfaceLocation(convertTFSurfaceLocationToSSVL(finding.getSurfaceLocation()));
        }
        if (finding.getDataFlowElements() != null) {
            Iterator<DataFlowElement> it = finding.getDataFlowElements().iterator();
            while (it.hasNext()) {
                createVulnerabilitiesVulnerabilityFinding.getDataFlowElement().add(convertTFDataFlowElementToSSVL(it.next()));
            }
        }
        createVulnerabilitiesVulnerabilityFinding.setDependency(convertTFDependencyToSSVL(finding.getDependency()));
        return createVulnerabilitiesVulnerabilityFinding;
    }

    private static Vulnerabilities.Vulnerability.Finding.Dependency convertTFDependencyToSSVL(Dependency dependency) {
        if (dependency == null) {
            return null;
        }
        Vulnerabilities.Vulnerability.Finding.Dependency createVulnerabilitiesVulnerabilityFindingDependency = factory.createVulnerabilitiesVulnerabilityFindingDependency();
        createVulnerabilitiesVulnerabilityFindingDependency.setCVE(dependency.getCve());
        createVulnerabilitiesVulnerabilityFindingDependency.setComponentName(dependency.getComponentName());
        createVulnerabilitiesVulnerabilityFindingDependency.setComponentFilePath(dependency.getComponentFilePath());
        createVulnerabilitiesVulnerabilityFindingDependency.setRefLink(dependency.getRefLink());
        createVulnerabilitiesVulnerabilityFindingDependency.setSource(dependency.getSource());
        createVulnerabilitiesVulnerabilityFindingDependency.setDescription(dependency.getDescription());
        return createVulnerabilitiesVulnerabilityFindingDependency;
    }

    private static Vulnerabilities.Vulnerability.Finding.DataFlowElement convertTFDataFlowElementToSSVL(DataFlowElement dataFlowElement) {
        Vulnerabilities.Vulnerability.Finding.DataFlowElement createVulnerabilitiesVulnerabilityFindingDataFlowElement = factory.createVulnerabilitiesVulnerabilityFindingDataFlowElement();
        createVulnerabilitiesVulnerabilityFindingDataFlowElement.setLineText(dataFlowElement.getLineText());
        createVulnerabilitiesVulnerabilityFindingDataFlowElement.setSourceFileName(dataFlowElement.getSourceFileName());
        createVulnerabilitiesVulnerabilityFindingDataFlowElement.setLineNumber(BigInteger.valueOf(dataFlowElement.getLineNumber()));
        createVulnerabilitiesVulnerabilityFindingDataFlowElement.setColumnNumber(BigInteger.valueOf(dataFlowElement.getColumnNumber()));
        createVulnerabilitiesVulnerabilityFindingDataFlowElement.setSequence(BigInteger.valueOf(dataFlowElement.getSequence()));
        return createVulnerabilitiesVulnerabilityFindingDataFlowElement;
    }

    private static List<Vulnerabilities.Vulnerability.Finding.DataFlowElement> convertTFDataFlowElementsToSSVL(List<DataFlowElement> list) {
        if (list == null) {
            return null;
        }
        List<Vulnerabilities.Vulnerability.Finding.DataFlowElement> list2 = CollectionUtils.list(new Vulnerabilities.Vulnerability.Finding.DataFlowElement[0]);
        for (DataFlowElement dataFlowElement : list) {
            Vulnerabilities.Vulnerability.Finding.DataFlowElement createVulnerabilitiesVulnerabilityFindingDataFlowElement = factory.createVulnerabilitiesVulnerabilityFindingDataFlowElement();
            createVulnerabilitiesVulnerabilityFindingDataFlowElement.setLineText(dataFlowElement.getLineText());
            createVulnerabilitiesVulnerabilityFindingDataFlowElement.setSourceFileName(dataFlowElement.getSourceFileName());
            createVulnerabilitiesVulnerabilityFindingDataFlowElement.setLineNumber(BigInteger.valueOf(dataFlowElement.getLineNumber()));
            createVulnerabilitiesVulnerabilityFindingDataFlowElement.setColumnNumber(BigInteger.valueOf(dataFlowElement.getColumnNumber()));
            createVulnerabilitiesVulnerabilityFindingDataFlowElement.setSequence(BigInteger.valueOf(dataFlowElement.getSequence()));
            list2.add(createVulnerabilitiesVulnerabilityFindingDataFlowElement);
        }
        return list2;
    }

    private static Vulnerabilities.Vulnerability.Finding.SurfaceLocation convertTFSurfaceLocationToSSVL(SurfaceLocation surfaceLocation) {
        if (surfaceLocation == null) {
            return null;
        }
        Vulnerabilities.Vulnerability.Finding.SurfaceLocation createVulnerabilitiesVulnerabilityFindingSurfaceLocation = factory.createVulnerabilitiesVulnerabilityFindingSurfaceLocation();
        createVulnerabilitiesVulnerabilityFindingSurfaceLocation.setParameter(surfaceLocation.getParameter());
        createVulnerabilitiesVulnerabilityFindingSurfaceLocation.setUrl(surfaceLocation.getUrl().toString());
        return createVulnerabilitiesVulnerabilityFindingSurfaceLocation;
    }
}
