package org.owasp.dependencycheck.data.nvdcve;

import java.sql.SQLException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.owasp.dependencycheck.BaseDBTestCase;
import org.owasp.dependencycheck.dependency.Vulnerability;
import org.owasp.dependencycheck.utils.DependencyVersion;

/* loaded from: input_file:org/owasp/dependencycheck/data/nvdcve/CveDBIT.class */
public class CveDBIT extends BaseDBTestCase {
    CveDB instance = null;

    @Override // org.owasp.dependencycheck.BaseDBTestCase, org.owasp.dependencycheck.BaseTest
    @Before
    public void setUp() throws Exception {
        super.setUp();
        this.instance = new CveDB(getSettings());
    }

    @Override // org.owasp.dependencycheck.BaseTest
    @After
    public void tearDown() throws Exception {
        this.instance.close();
        super.tearDown();
    }

    @Test
    public void testOpen() {
        try {
            this.instance.commit();
        } catch (DatabaseException | SQLException e) {
            Assert.fail(e.getMessage());
        }
    }

    @Test
    public void testGetCPEs() throws Exception {
        Assert.assertTrue(this.instance.getCPEs("apache", "struts").size() > 5);
    }

    @Test
    public void testgetVulnerability() throws Exception {
        Assert.assertEquals("The ParametersInterceptor in Apache Struts before 2.3.16.1 allows remote attackers to \"manipulate\" the ClassLoader via the class parameter, which is passed to the getClass method.", this.instance.getVulnerability("CVE-2014-0094").getDescription());
    }

    @Test
    public void testGetVulnerabilities() throws Exception {
        Assert.assertTrue(this.instance.getVulnerabilities("cpe:/a:apache:struts:2.1.2").size() > 5);
        List vulnerabilities = this.instance.getVulnerabilities("cpe:/a:jruby:jruby:1.6.3");
        Assert.assertTrue(vulnerabilities.size() > 1);
        boolean z = false;
        Iterator it = vulnerabilities.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            } else if ("CVE-2011-4838".equals(((Vulnerability) it.next()).getName())) {
                z = true;
                break;
            }
        }
        Assert.assertTrue("Expected CVE-2011-4838, but was not identified", z);
        boolean z2 = false;
        Iterator it2 = vulnerabilities.iterator();
        while (true) {
            if (!it2.hasNext()) {
                break;
            } else if ("CVE-2012-5370".equals(((Vulnerability) it2.next()).getName())) {
                z2 = true;
                break;
            }
        }
        Assert.assertTrue("Expected CVE-2012-5370, but was not identified", z2);
    }

    @Test
    public void testGetMatchingSoftware() throws Exception {
        HashMap hashMap = new HashMap();
        DependencyVersion dependencyVersion = new DependencyVersion("1.0.1o");
        hashMap.put("cpe:/a:openssl:openssl:1.0.1e", Boolean.FALSE);
        Assert.assertNull(this.instance.getMatchingSoftware(hashMap, "openssl", "openssl", dependencyVersion));
        hashMap.put("cpe:/a:openssl:openssl:1.0.1p", Boolean.FALSE);
        Assert.assertNull(this.instance.getMatchingSoftware(hashMap, "openssl", "openssl", dependencyVersion));
        hashMap.put("cpe:/a:openssl:openssl:1.0.1q", Boolean.TRUE);
        Map.Entry matchingSoftware = this.instance.getMatchingSoftware(hashMap, "openssl", "openssl", dependencyVersion);
        Assert.assertNotNull(matchingSoftware);
        Assert.assertEquals("cpe:/a:openssl:openssl:1.0.1q", matchingSoftware.getKey());
        hashMap.clear();
        hashMap.put("cpe:/a:springsource:spring_framework:3.2.5", Boolean.FALSE);
        hashMap.put("cpe:/a:springsource:spring_framework:3.2.6", Boolean.FALSE);
        hashMap.put("cpe:/a:springsource:spring_framework:3.2.7", Boolean.TRUE);
        hashMap.put("cpe:/a:springsource:spring_framework:4.0.1", Boolean.TRUE);
        hashMap.put("cpe:/a:springsource:spring_framework:4.0.0:m1", Boolean.FALSE);
        hashMap.put("cpe:/a:springsource:spring_framework:4.0.0:m2", Boolean.FALSE);
        hashMap.put("cpe:/a:springsource:spring_framework:4.0.0:rc1", Boolean.FALSE);
        Map.Entry matchingSoftware2 = this.instance.getMatchingSoftware(hashMap, "springsource", "spring_framework", new DependencyVersion("3.2.2"));
        Assert.assertEquals("cpe:/a:springsource:spring_framework:3.2.7", matchingSoftware2.getKey());
        Assert.assertTrue(((Boolean) matchingSoftware2.getValue()).booleanValue());
        Assert.assertNull(this.instance.getMatchingSoftware(hashMap, "springsource", "spring_framework", new DependencyVersion("3.2.12")));
        Map.Entry matchingSoftware3 = this.instance.getMatchingSoftware(hashMap, "springsource", "spring_framework", new DependencyVersion("4.0.0"));
        Assert.assertEquals("cpe:/a:springsource:spring_framework:4.0.1", matchingSoftware3.getKey());
        Assert.assertTrue(((Boolean) matchingSoftware3.getValue()).booleanValue());
        Assert.assertNull(this.instance.getMatchingSoftware(hashMap, "springsource", "spring_framework", new DependencyVersion("4.1.0")));
        hashMap.clear();
        hashMap.put("cpe:/a:jruby:jruby:-", Boolean.FALSE);
        Assert.assertNotNull(this.instance.getMatchingSoftware(hashMap, "springsource", "spring_framework", new DependencyVersion("1.6.3")));
    }
}
