package com.h3xstream.findsecbugs.password;

import com.ctrip.ebooking.aphone.deviceInfo.Symbol;
import edu.umd.cs.findbugs.BugInstance;
import edu.umd.cs.findbugs.BugReporter;
import edu.umd.cs.findbugs.OpcodeStack;
import edu.umd.cs.findbugs.ba.XField;
import edu.umd.cs.findbugs.bcel.OpcodeStackDetector;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.regex.Pattern;
import org.apache.bcel.classfile.JavaClass;
import org.apache.bcel.classfile.Method;

@OpcodeStack.CustomUserValue
/* loaded from: classes2.dex */
public class ConstantPasswordDetector extends OpcodeStackDetector {
    private static final String b = "HARD_CODE_PASSWORD";
    private static final String c = "HARD_CODE_KEY";
    private static final String f = "password-methods";
    private static final String g = "password-methods-all.txt";
    private static final String h = "java/lang/String.getBytes(Ljava/lang/String;)[B";
    private static final String i = "java/lang/String.getBytes()[B";
    private static final String j = "java/lang/String.toCharArray()[C";
    private static final String k = "java/math/BigInteger.<init>(Ljava/lang/String;)V";
    private static final String l = "java/math/BigInteger.<init>(Ljava/lang/String;I)V";
    private static final String m = "java/math/BigInteger.<init>([B)V";
    private static final String n = "java/math/BigInteger.<init>(I[B)V";
    private final BugReporter d;
    private boolean e = false;
    private final Map<String, Collection<Integer>> q = new HashMap();
    private boolean r = false;
    private boolean s = false;
    private String v = null;
    static final /* synthetic */ boolean a = !ConstantPasswordDetector.class.desiredAssertionStatus();
    private static final String o = ".*(pass|pwd|psw|secret|key|cipher|crypt|des|aes|mac|private|sign|cert).*";
    private static final Pattern p = Pattern.compile(o, 2);
    private static final Set<String> t = new HashSet();
    private static final Set<String> u = new HashSet();

    public ConstantPasswordDetector(BugReporter bugReporter) {
        this.d = bugReporter;
        try {
            a(g, this.q, "#");
        } catch (IOException e) {
            throw new RuntimeException("cannot load resources", e);
        }
    }

    private void a(int i2, Collection<Integer> collection) {
        String str = c;
        Iterator<Integer> it = collection.iterator();
        while (it.hasNext()) {
            String signature = this.stack.getStackItem(it.next().intValue()).getSignature();
            if ("Ljava/lang/String;".equals(signature) || "[C".equals(signature)) {
                str = b;
                break;
            }
        }
        BugInstance addCalledMethod = new BugInstance(this, str, i2).addClass(this).addMethod(this).addSourceLine(this).addCalledMethod(this);
        for (Integer num : collection) {
            OpcodeStack.Item stackItem = this.stack.getStackItem(num.intValue());
            addCalledMethod.addParameterAnnotation(num.intValue(), "Hard coded parameter number (in reverse order) is").addFieldOrMethodValueSource(stackItem);
            Object constant = stackItem.getConstant();
            if (constant != null) {
                addCalledMethod.addString(constant.toString());
            }
        }
        this.d.reportBug(addCalledMethod);
    }

    private void a(String str, Map<String, Collection<Integer>> map, String str2) {
        BufferedReader bufferedReader;
        try {
            bufferedReader = b(str);
            while (true) {
                try {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    String trim = readLine.trim();
                    if (!trim.isEmpty()) {
                        String[] split = trim.split(str2);
                        int length = split.length - 1;
                        ArrayList arrayList = new ArrayList(length);
                        int i2 = 0;
                        while (i2 < length) {
                            i2++;
                            arrayList.add(Integer.valueOf(Integer.parseInt(split[i2])));
                        }
                        map.put(split[0], arrayList);
                    }
                } catch (Throwable th) {
                    th = th;
                    if (bufferedReader != null) {
                        bufferedReader.close();
                    }
                    throw th;
                }
            }
            if (bufferedReader != null) {
                bufferedReader.close();
            }
        } catch (Throwable th2) {
            th = th2;
            bufferedReader = null;
        }
    }

    private void a(Collection<String> collection, int i2) {
        if (collection.isEmpty()) {
            return;
        }
        String str = c;
        Iterator<String> it = collection.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            } else if (it.next().endsWith("[C")) {
                str = b;
                break;
            }
        }
        BugInstance addClass = new BugInstance(this, str, i2).addClass(this);
        Iterator<String> it2 = collection.iterator();
        while (it2.hasNext()) {
            addClass.addString("is hard coded in field " + it2.next() + " with suspicious name");
        }
        this.d.reportBug(addClass);
    }

    private boolean a() {
        return getMethodName().equals("<clinit>") && this.e;
    }

    private boolean a(OpcodeStack.Item item) {
        String[] split;
        int length;
        XField xField = item.getXField();
        if (xField == null || (length = (split = xField.toString().split(" ")).length) < 2) {
            return false;
        }
        String str = split[length - 1];
        if (!a(str)) {
            return false;
        }
        return t.contains(split[length - 2] + str);
    }

    private static boolean a(String str) {
        return "[C".equals(str) || "[B".equals(str) || "Ljava/math/BigInteger;".equals(str);
    }

    private boolean a(String str, int i2) {
        return str.equals(this.v) && f(i2);
    }

    private static boolean a(String str, JavaClass javaClass) {
        return p.matcher(str.substring(javaClass.getClassName().length())).matches();
    }

    private BufferedReader b(String str) {
        return new BufferedReader(new InputStreamReader(getClass().getClassLoader().getResourceAsStream("password-methods/" + str)));
    }

    private void b() {
        for (int i2 = 0; i2 < this.stack.getStackDepth(); i2++) {
            OpcodeStack.Item stackItem = this.stack.getStackItem(i2);
            if ((stackItem.getConstant() != null || stackItem.isNull()) && !stackItem.getSignature().startsWith(Symbol.p)) {
                b(stackItem);
            }
            if (a(stackItem)) {
                b(stackItem);
            }
        }
    }

    private void b(OpcodeStack.Item item) {
        item.setUserValue(Boolean.TRUE);
    }

    private static boolean b(int i2) {
        return i2 == 85 || i2 == 84 || i2 == 86 || i2 == 79;
    }

    private void c() {
        if (!f(0) || !f(1)) {
            this.stack.getStackItem(2).setUserValue((Object) null);
        } else if (this.r) {
            e(2);
        }
    }

    private static boolean c(int i2) {
        return i2 >= 182 && i2 <= 185;
    }

    private String d(int i2) {
        XField xField = this.stack.getStackItem(i2).getXField();
        if (xField == null) {
            return null;
        }
        String[] split = xField.toString().split(" ");
        if (split.length < 2) {
            return null;
        }
        return split[split.length - 2] + split[split.length - 1];
    }

    private void d() {
        if (!a && this.stack.getStackDepth() <= 0) {
            throw new AssertionError();
        }
        e(0);
    }

    private void e() {
        if (a(getSigConstantOperand()) && f(0) && !this.stack.getStackItem(0).isNull()) {
            t.add(i());
        }
    }

    private void e(int i2) {
        b(this.stack.getStackItem(i2));
    }

    private boolean f() {
        return a(j, 0) || a(i, 0) || a(h, 1);
    }

    private boolean f(int i2) {
        return this.stack.getStackItem(i2).getUserValue() != null;
    }

    private void g() {
        if (a(k, 0) || a(m, 0)) {
            e(1);
        } else if (a(l, 1) || a(n, 0)) {
            e(2);
        }
    }

    private void h() {
        if (this.q.containsKey(this.v)) {
            Collection<Integer> collection = this.q.get(this.v);
            ArrayList arrayList = new ArrayList();
            for (Integer num : collection) {
                if (f(num.intValue()) && !this.stack.getStackItem(num.intValue()).isNull()) {
                    arrayList.add(num);
                    String d = d(num.intValue());
                    if (d != null) {
                        u.add(d);
                    }
                }
            }
            if (arrayList.isEmpty()) {
                return;
            }
            a(1, collection);
        }
    }

    private String i() {
        return getDottedClassConstantOperand() + "." + getNameConstantOperand() + getSigConstantOperand();
    }

    private String j() {
        return getClassConstantOperand() + "." + (getNameConstantOperand() + getSigConstantOperand());
    }

    public void a(int i2) {
        if (a()) {
            return;
        }
        b();
        if (i2 == 188) {
            this.r = true;
        }
        if (b(i2)) {
            c();
            this.r = false;
        }
        if (this.s) {
            d();
            this.s = false;
        }
        if (i2 == 181 || i2 == 179) {
            e();
        }
        if (c(i2)) {
            this.v = j();
            this.s = f();
            g();
            h();
        }
    }

    public void a(JavaClass javaClass) {
        this.e = false;
        Method[] methods = javaClass.getMethods();
        int length = methods.length;
        int i2 = 0;
        while (true) {
            if (i2 >= length) {
                break;
            }
            Method method = methods[i2];
            if (method.getName().equals("<clinit>")) {
                doVisitMethod(method);
                this.e = true;
                break;
            }
            i2++;
        }
        this.r = false;
        this.s = false;
    }

    public void a(Method method) {
        this.r = false;
        this.s = false;
    }

    public void b(JavaClass javaClass) {
        ArrayList arrayList = new ArrayList();
        for (String str : t) {
            if (a(str, javaClass) && !u.contains(str)) {
                arrayList.add(str);
            }
        }
        a(arrayList, 2);
        t.clear();
        u.clear();
        super.visitAfter(javaClass);
    }
}
