package com.h3xstream.findsecbugs.crypto;

import edu.umd.cs.findbugs.BugInstance;
import edu.umd.cs.findbugs.BugReporter;
import edu.umd.cs.findbugs.OpcodeStack;
import edu.umd.cs.findbugs.bcel.OpcodeStackDetector;

/* loaded from: input_file:findsecbugs-plugin.jar:com/h3xstream/findsecbugs/crypto/WeakMessageDigestDetector.class */
public class WeakMessageDigestDetector extends OpcodeStackDetector {
    private static final String WEAK_MESSAGE_DIGEST_MD5_TYPE = "WEAK_MESSAGE_DIGEST_MD5";
    private static final String WEAK_MESSAGE_DIGEST_SHA1_TYPE = "WEAK_MESSAGE_DIGEST_SHA1";
    private final BugReporter bugReporter;

    public WeakMessageDigestDetector(BugReporter bugReporter) {
        this.bugReporter = bugReporter;
    }

    @Override // edu.umd.cs.findbugs.bcel.OpcodeStackDetector, edu.umd.cs.findbugs.visitclass.DismantleBytecode
    public void sawOpcode(int i) {
        OpcodeStack.Item stackItem;
        OpcodeStack.Item stackItem2;
        if (i != 184) {
            return;
        }
        String classConstantOperand = getClassConstantOperand();
        String nameConstantOperand = getNameConstantOperand();
        if (classConstantOperand.equals("java/security/MessageDigest") && nameConstantOperand.equals("getInstance")) {
            String sigConstantOperand = getSigConstantOperand();
            if (sigConstantOperand.equals("(Ljava/lang/String;)Ljava/security/MessageDigest;")) {
                stackItem2 = this.stack.getStackItem(0);
            } else if (sigConstantOperand.equals("(Ljava/lang/String;Ljava/lang/String;)Ljava/security/MessageDigest;")) {
                stackItem2 = this.stack.getStackItem(1);
            } else if (!sigConstantOperand.equals("(Ljava/lang/String;Ljava/security/Provider;)Ljava/security/MessageDigest;")) {
                return;
            } else {
                stackItem2 = this.stack.getStackItem(1);
            }
            checkHashFunction((String) stackItem2.getConstant());
            return;
        }
        if (!classConstantOperand.equals("org/apache/commons/codec/digest/DigestUtils")) {
            if (classConstantOperand.equals("java/security/Signature") && nameConstantOperand.equals("getInstance")) {
                String sigConstantOperand2 = getSigConstantOperand();
                if (sigConstantOperand2.equals("(Ljava/lang/String;)Ljava/security/Signature;")) {
                    stackItem = this.stack.getStackItem(0);
                } else if (sigConstantOperand2.equals("(Ljava/lang/String;Ljava/security/Provider;)Ljava/security/Signature;")) {
                    stackItem = this.stack.getStackItem(1);
                } else if (!sigConstantOperand2.equals("(Ljava/lang/String;Ljava/lang/String;)Ljava/security/Signature;")) {
                    return;
                } else {
                    stackItem = this.stack.getStackItem(1);
                }
                String str = (String) stackItem.getConstant();
                if (str != null) {
                    int indexOf = str.indexOf("with");
                    checkHashFunction(str.substring(0, indexOf > 0 ? indexOf : 0));
                    return;
                }
                return;
            }
            return;
        }
        if (nameConstantOperand.equals("getMd2Digest") || nameConstantOperand.equals("md2") || nameConstantOperand.equals("md2Hex")) {
            checkHashFunction("md2");
            return;
        }
        if (nameConstantOperand.equals("getMd5Digest") || nameConstantOperand.equals("md5") || nameConstantOperand.equals("md5Hex")) {
            checkHashFunction("md5");
            return;
        }
        if (nameConstantOperand.equals("getSha1Digest") || nameConstantOperand.equals("getShaDigest") || nameConstantOperand.equals("sha1") || nameConstantOperand.equals("sha") || nameConstantOperand.equals("sha1Hex") || nameConstantOperand.equals("shaHex")) {
            checkHashFunction("sha1");
        } else if (nameConstantOperand.equals("getDigest")) {
            checkHashFunction((String) this.stack.getStackItem(0).getConstant());
        }
    }

    private void checkHashFunction(String str) {
        if (str == null) {
            return;
        }
        String upperCase = str.toUpperCase();
        if ("MD2".equals(upperCase) || "MD4".equals(upperCase) || "MD5".equals(upperCase)) {
            this.bugReporter.reportBug(new BugInstance(this, WEAK_MESSAGE_DIGEST_MD5_TYPE, 1).addClass(this).addMethod(this).addSourceLine(this).addString(upperCase));
        } else if ("SHA1".equals(upperCase) || "SHA-1".equals(upperCase) || "SHA".equals(upperCase)) {
            this.bugReporter.reportBug(new BugInstance(this, WEAK_MESSAGE_DIGEST_SHA1_TYPE, 2).addClass(this).addMethod(this).addSourceLine(this).addString(upperCase));
        }
    }
}
