package io.joern.scanners.java;

import io.joern.console.Query;
import io.joern.console.Query$;
import io.joern.console.QueryBundle;
import io.joern.console.TraversalWithStrRep;
import io.joern.console.q;
import io.joern.scanners.Crew$;
import io.joern.scanners.QueryTags$;
import io.shiftleft.codepropertygraph.generated.nodes.Call;
import io.shiftleft.codepropertygraph.generated.nodes.CfgNode;
import io.shiftleft.codepropertygraph.generated.nodes.Declaration;
import io.shiftleft.codepropertygraph.generated.nodes.Identifier;
import io.shiftleft.codepropertygraph.generated.nodes.Literal;
import io.shiftleft.codepropertygraph.generated.nodes.Local;
import io.shiftleft.codepropertygraph.generated.nodes.Return;
import io.shiftleft.codepropertygraph.generated.traversal.MethodTraversalExtGen$;
import io.shiftleft.semanticcpg.language.ICallResolver;
import io.shiftleft.semanticcpg.language.NoResolve$;
import io.shiftleft.semanticcpg.language.nodemethods.CallMethods$;
import io.shiftleft.semanticcpg.language.nodemethods.CfgNodeMethods$;
import io.shiftleft.semanticcpg.language.package$;
import io.shiftleft.semanticcpg.language.types.expressions.IdentifierTraversal$;
import io.shiftleft.semanticcpg.language.types.expressions.generalizations.CfgNodeTraversal$;
import overflowdb.Node;
import overflowdb.traversal.NodeOps$;
import overflowdb.traversal.TraversalRepeatExt$;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.Tuple2;
import scala.collection.Iterator;
import scala.collection.StringOps$;
import scala.collection.immutable.List;
import scala.collection.immutable.Map;
import scala.runtime.BoxesRunTime;
import scala.runtime.ScalaRunTime$;

/* compiled from: CertificateChecks.scala */
/* loaded from: input_file:io/joern/scanners/java/CertificateChecks$.class */
public final class CertificateChecks$ implements QueryBundle {
    public static final CertificateChecks$ MODULE$ = new CertificateChecks$();
    private static final ICallResolver resolver = NoResolve$.MODULE$;

    public ICallResolver resolver() {
        return resolver;
    }

    @q
    public Query certChecks() {
        return Query$.MODULE$.make("ineffective-certificate-check", Crew$.MODULE$.malte(), "Ineffective Certificate Validation: The validation result is always positive", StringOps$.MODULE$.stripMargin$extension(Predef$.MODULE$.augmentString("\n        |A certificate validation function is implemented as a function that only consists of a prologue where local\n        |variables are initialized to arguments, followed by a (positive) return statement.\n        |")), 6.0d, new TraversalWithStrRep(cpg -> {
            Map map = (Map) Predef$.MODULE$.Map().apply(ScalaRunTime$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("verify"), "boolean(java.lang.String,javax.net.ssl.SSLSession)"), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("checkClientTrusted"), "void(java.security.cert.X509Certificate[],java.lang.String,java.net.Socket)"), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("checkClientTrusted"), "void(java.security.cert.X509Certificate[],java.lang.String,javax.net.ssl.SSLEngine)"), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("checkServerTrusted"), "void(java.security.cert.X509Certificate[],java.lang.String,java.net.Socket)"), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("checkServerTrusted"), "void(java.security.cert.X509Certificate[],java.lang.String,javax.net.ssl.SSLEngine)")}));
            return MethodTraversalExtGen$.MODULE$.cfgFirst$extension(package$.MODULE$.toMethodTraversalExtGen(MethodTraversalExtGen$.MODULE$.signatureExact$extension(package$.MODULE$.toMethodTraversalExtGen(MethodTraversalExtGen$.MODULE$.nameExact$extension(package$.MODULE$.toMethodTraversalExtGen(package$.MODULE$.toNodeTypeStarters(cpg).method()), map.keys().toSeq())), map.values().toSeq()))).flatMap(cfgNode -> {
                return skipPrologue$1(cfgNode);
            }).filter(cfgNode2 -> {
                return BoxesRunTime.boxToBoolean($anonfun$certChecks$9(cfgNode2));
            });
        }, "cpg =>\n        val validators = Map(\n          // javax.net.ssl.HostnameVerifier\n          \"verify\" -> \"boolean(java.lang.String,javax.net.ssl.SSLSession)\",\n          // javax.net.ssl.X509ExtendedTrustManager\n          \"checkClientTrusted\" -> \"void(java.security.cert.X509Certificate[],java.lang.String,java.net.Socket)\",\n          \"checkClientTrusted\" -> \"void(java.security.cert.X509Certificate[],java.lang.String,javax.net.ssl.SSLEngine)\",\n          \"checkServerTrusted\" -> \"void(java.security.cert.X509Certificate[],java.lang.String,java.net.Socket)\",\n          \"checkServerTrusted\" -> \"void(java.security.cert.X509Certificate[],java.lang.String,javax.net.ssl.SSLEngine)\"\n        )\n\n        // skip over arguments getting copied to local variables\n        def isPrologue(node: nodes.CfgNode): Boolean = node match {\n          case id: nodes.Identifier =>\n            id.refsTo.forall(_.isInstanceOf[nodes.Local])\n          case c: nodes.Call =>\n            c.methodFullName == Operators.assignment && c.argument.forall(isPrologue)\n          case _ => false\n        }\n        def skipPrologue(node: nodes.CfgNode): Traversal[nodes.CfgNode] =\n          node.start.repeat(_.cfgNext)(_.until(_.filter(!isPrologue(_))))\n\n        cpg.method\n          .nameExact(validators.keys.toSeq: _*)\n          .signatureExact(validators.values.toSeq: _*)\n          .cfgFirst\n          .flatMap(skipPrologue)\n          .filter {\n            case lit: nodes.Literal =>\n              lit.code == \"1\" && lit.cfgNext\n                .forall(_.isInstanceOf[nodes.Return])\n            case _: nodes.Return => true\n            case _               => false\n          }"), (List) scala.package$.MODULE$.List().apply(ScalaRunTime$.MODULE$.wrapRefArray(new String[]{QueryTags$.MODULE$.badimpl(), QueryTags$.MODULE$.m4default()})), Query$.MODULE$.make$default$8(), Query$.MODULE$.make$default$9());
    }

    public static final /* synthetic */ boolean $anonfun$certChecks$2(Declaration declaration) {
        return declaration instanceof Local;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final boolean isPrologue$1(CfgNode cfgNode) {
        boolean z;
        boolean z2;
        if (cfgNode instanceof Identifier) {
            z = IdentifierTraversal$.MODULE$.refsTo$extension(package$.MODULE$.singleToIdentifierTrav((Identifier) cfgNode)).forall(declaration -> {
                return BoxesRunTime.boxToBoolean($anonfun$certChecks$2(declaration));
            });
        } else if (cfgNode instanceof Call) {
            Call call = (Call) cfgNode;
            String methodFullName = call.methodFullName();
            if (methodFullName != null ? methodFullName.equals("<operator>.assignment") : "<operator>.assignment" == 0) {
                if (CallMethods$.MODULE$.argument$extension(package$.MODULE$.toCallMethods(call)).forall(cfgNode2 -> {
                    return BoxesRunTime.boxToBoolean(isPrologue$1(cfgNode2));
                })) {
                    z2 = true;
                    z = z2;
                }
            }
            z2 = false;
            z = z2;
        } else {
            z = false;
        }
        return z;
    }

    public static final /* synthetic */ boolean $anonfun$certChecks$7(CfgNode cfgNode) {
        return !isPrologue$1(cfgNode);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final Iterator skipPrologue$1(CfgNode cfgNode) {
        return TraversalRepeatExt$.MODULE$.repeat$extension(package$.MODULE$.toRepeatTraversalExt(NodeOps$.MODULE$.start$extension(package$.MODULE$.toNodeOps((Node) cfgNode))), iterator -> {
            return CfgNodeTraversal$.MODULE$.cfgNext$extension(package$.MODULE$.iterOnceToCfgNodeTraversal(iterator));
        }, builder -> {
            return builder.until(iterator2 -> {
                return iterator2.filter(cfgNode2 -> {
                    return BoxesRunTime.boxToBoolean($anonfun$certChecks$7(cfgNode2));
                });
            });
        });
    }

    public static final /* synthetic */ boolean $anonfun$certChecks$10(CfgNode cfgNode) {
        return cfgNode instanceof Return;
    }

    public static final /* synthetic */ boolean $anonfun$certChecks$9(CfgNode cfgNode) {
        boolean z;
        boolean z2;
        if (cfgNode instanceof Literal) {
            Literal literal = (Literal) cfgNode;
            String code = literal.code();
            if (code != null ? code.equals("1") : "1" == 0) {
                if (CfgNodeMethods$.MODULE$.cfgNext$extension(package$.MODULE$.toCfgNodeMethods(literal)).forall(cfgNode2 -> {
                    return BoxesRunTime.boxToBoolean($anonfun$certChecks$10(cfgNode2));
                })) {
                    z2 = true;
                    z = z2;
                }
            }
            z2 = false;
            z = z2;
        } else {
            z = cfgNode instanceof Return;
        }
        return z;
    }

    private CertificateChecks$() {
    }
}
