package org.sonar.java.checks;

import com.google.common.collect.ImmutableList;
import java.util.List;
import org.sonar.check.Priority;
import org.sonar.check.Rule;
import org.sonar.java.checks.methods.MethodInvocationMatcher;
import org.sonar.java.model.AbstractTypedTree;
import org.sonar.plugins.java.api.tree.MethodInvocationTree;
import org.sonar.plugins.java.api.tree.Tree;

@Rule(key = "S2245", priority = Priority.CRITICAL, tags = {"cert", "cwe", "sans-top25-2011", "security"})
/* loaded from: input_file:META-INF/lib/java-checks-2.7.jar:org/sonar/java/checks/PseudoRandomCheck.class */
public class PseudoRandomCheck extends SubscriptionBaseVisitor {
    private MethodInvocationMatcher methodInvocationMatcher = MethodInvocationMatcher.create().typeDefinition("java.lang.Math").name("random");

    @Override // org.sonar.java.ast.visitors.SubscriptionVisitor
    public List<Tree.Kind> nodesToVisit() {
        return ImmutableList.of(Tree.Kind.NEW_CLASS, Tree.Kind.METHOD_INVOCATION);
    }

    @Override // org.sonar.java.ast.visitors.SubscriptionVisitor
    public void visitNode(Tree tree) {
        if (isMathRandom(tree) || isJavaUtilRandom(tree)) {
            addIssue(tree, "Use a cryptographically strong random number generator (RNG) like \"java.security.SecureRandom\" in place of this PRNG");
        }
    }

    private boolean isMathRandom(Tree tree) {
        return tree.is(Tree.Kind.METHOD_INVOCATION) && hasSemantic() && this.methodInvocationMatcher.matches((MethodInvocationTree) tree, getSemanticModel());
    }

    private boolean isJavaUtilRandom(Tree tree) {
        return tree.is(Tree.Kind.NEW_CLASS) && ((AbstractTypedTree) tree).getSymbolType().is("java.util.Random");
    }
}
