package net.named_data.jndn.security.identity;

import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import net.named_data.jndn.Data;
import net.named_data.jndn.DigestSha256Signature;
import net.named_data.jndn.Interest;
import net.named_data.jndn.KeyLocator;
import net.named_data.jndn.KeyLocatorType;
import net.named_data.jndn.Name;
import net.named_data.jndn.Sha256WithEcdsaSignature;
import net.named_data.jndn.Sha256WithRsaSignature;
import net.named_data.jndn.Signature;
import net.named_data.jndn.encoding.WireFormat;
import net.named_data.jndn.encoding.der.DerDecodingException;
import net.named_data.jndn.encoding.der.DerEncodingException;
import net.named_data.jndn.security.DigestAlgorithm;
import net.named_data.jndn.security.EcdsaKeyParams;
import net.named_data.jndn.security.KeyParams;
import net.named_data.jndn.security.KeyType;
import net.named_data.jndn.security.RsaKeyParams;
import net.named_data.jndn.security.SecurityException;
import net.named_data.jndn.security.certificate.CertificateSubjectDescription;
import net.named_data.jndn.security.certificate.IdentityCertificate;
import net.named_data.jndn.security.certificate.PublicKey;
import net.named_data.jndn.util.Blob;
import net.named_data.jndn.util.Common;

/* loaded from: input_file:net/named_data/jndn/security/identity/IdentityManager.class */
public class IdentityManager {
    private IdentityStorage identityStorage_;
    private PrivateKeyStorage privateKeyStorage_;

    public IdentityManager(IdentityStorage identityStorage, PrivateKeyStorage privateKeyStorage) {
        this.identityStorage_ = identityStorage;
        this.privateKeyStorage_ = privateKeyStorage;
    }

    public IdentityManager(IdentityStorage identityStorage) throws SecurityException {
        this.identityStorage_ = identityStorage;
        if (System.getProperty("os.name").equals("Mac OS X")) {
            throw new SecurityException("OSXPrivateKeyStorage is not implemented yet. You must create an IdentityManager with a different PrivateKeyStorage.");
        }
        this.privateKeyStorage_ = new FilePrivateKeyStorage();
    }

    public IdentityManager() throws SecurityException {
        this.identityStorage_ = new BasicIdentityStorage();
        if (System.getProperty("os.name").equals("Mac OS X")) {
            throw new SecurityException("OSXPrivateKeyStorage is not implemented yet. You must create an IdentityManager with a different PrivateKeyStorage.");
        }
        this.privateKeyStorage_ = new FilePrivateKeyStorage();
    }

    public final Name createIdentityAndCertificate(Name name, KeyParams keyParams) throws SecurityException {
        this.identityStorage_.addIdentity(name);
        Name name2 = null;
        boolean z = true;
        try {
            name2 = this.identityStorage_.getDefaultKeyNameForIdentity(name);
            if (new PublicKey(this.identityStorage_.getKey(name2)).getKeyType() == keyParams.getKeyType()) {
                z = false;
            }
        } catch (SecurityException e) {
        }
        if (z) {
            name2 = generateKeyPair(name, true, keyParams);
            this.identityStorage_.setDefaultKeyNameForIdentity(name2);
        }
        Name name3 = null;
        boolean z2 = true;
        try {
            name3 = this.identityStorage_.getDefaultCertificateNameForKey(name2);
            z2 = false;
        } catch (SecurityException e2) {
        }
        if (z2) {
            IdentityCertificate selfSign = selfSign(name2);
            addCertificateAsIdentityDefault(selfSign);
            name3 = selfSign.getName();
        }
        return name3;
    }

    public final Name createIdentity(Name name, KeyParams keyParams) throws SecurityException {
        return IdentityCertificate.certificateNameToPublicKeyName(createIdentityAndCertificate(name, keyParams));
    }

    public final void deleteIdentity(Name name) throws SecurityException {
        try {
            if (this.identityStorage_.getDefaultIdentity().equals(name)) {
                return;
            }
        } catch (SecurityException e) {
        }
        ArrayList arrayList = new ArrayList();
        this.identityStorage_.getAllKeyNamesOfIdentity(name, arrayList, true);
        this.identityStorage_.getAllKeyNamesOfIdentity(name, arrayList, false);
        this.identityStorage_.deleteIdentityInfo(name);
        for (int i = 0; i < arrayList.size(); i++) {
            this.privateKeyStorage_.deleteKeyPair((Name) arrayList.get(i));
        }
    }

    public final void setDefaultIdentity(Name name) throws SecurityException {
        this.identityStorage_.setDefaultIdentity(name);
    }

    public final Name getDefaultIdentity() throws SecurityException {
        return this.identityStorage_.getDefaultIdentity();
    }

    public final IdentityCertificate getDefaultCertificate() throws SecurityException {
        return this.identityStorage_.getDefaultCertificate();
    }

    public final Name generateRSAKeyPair(Name name, boolean z, int i) throws SecurityException {
        return generateKeyPair(name, z, new RsaKeyParams(i));
    }

    public final Name generateRSAKeyPair(Name name, boolean z) throws SecurityException {
        return generateRSAKeyPair(name, z, 2048);
    }

    public final Name generateRSAKeyPair(Name name) throws SecurityException {
        return generateRSAKeyPair(name, false, 2048);
    }

    public final Name generateEcdsaKeyPair(Name name, boolean z, int i) throws SecurityException {
        return generateKeyPair(name, z, new EcdsaKeyParams(i));
    }

    public final Name generateEcdsaKeyPair(Name name, boolean z) throws SecurityException {
        return generateEcdsaKeyPair(name, z, 256);
    }

    public final Name generateEcdsaKeyPair(Name name) throws SecurityException {
        return generateEcdsaKeyPair(name, false, 256);
    }

    public final void setDefaultKeyForIdentity(Name name, Name name2) throws SecurityException {
        this.identityStorage_.setDefaultKeyNameForIdentity(name, name2);
    }

    public final void setDefaultKeyForIdentity(Name name) throws SecurityException {
        setDefaultKeyForIdentity(name, new Name());
    }

    public final Name getDefaultKeyNameForIdentity(Name name) throws SecurityException {
        return this.identityStorage_.getDefaultKeyNameForIdentity(name);
    }

    public final Name getDefaultKeyNameForIdentity() throws SecurityException {
        return getDefaultKeyNameForIdentity(new Name());
    }

    public final Name generateRSAKeyPairAsDefault(Name name, boolean z, int i) throws SecurityException {
        Name generateKeyPair = generateKeyPair(name, z, new RsaKeyParams(i));
        this.identityStorage_.setDefaultKeyNameForIdentity(generateKeyPair);
        return generateKeyPair;
    }

    public final Name generateRSAKeyPairAsDefault(Name name, boolean z) throws SecurityException {
        return generateRSAKeyPairAsDefault(name, z, 2048);
    }

    public final Name generateRSAKeyPairAsDefault(Name name) throws SecurityException {
        return generateRSAKeyPairAsDefault(name, false, 2048);
    }

    public final Name generateEcdsaKeyPairAsDefault(Name name, boolean z, int i) throws SecurityException {
        Name generateKeyPair = generateKeyPair(name, z, new EcdsaKeyParams(i));
        this.identityStorage_.setDefaultKeyNameForIdentity(generateKeyPair);
        return generateKeyPair;
    }

    public final Name generateEcdsaKeyPairAsDefault(Name name, boolean z) throws SecurityException {
        return generateEcdsaKeyPairAsDefault(name, z, 256);
    }

    public final Name generateEcdsaKeyPairAsDefault(Name name) throws SecurityException {
        return generateEcdsaKeyPairAsDefault(name, false, 256);
    }

    public final PublicKey getPublicKey(Name name) throws SecurityException {
        return new PublicKey(this.identityStorage_.getKey(name));
    }

    public final Name createIdentityCertificate(Name name, Name name2, double d, double d2) throws SecurityException {
        IdentityCertificate createIdentityCertificate = createIdentityCertificate(name, new PublicKey(this.identityStorage_.getKey(getKeyNameFromCertificatePrefix(name))), name2, d, d2);
        this.identityStorage_.addCertificate(createIdentityCertificate);
        return createIdentityCertificate.getName();
    }

    public final IdentityCertificate prepareUnsignedIdentityCertificate(Name name, Name name2, double d, double d2, List list, Name name3) throws SecurityException {
        try {
            return prepareUnsignedIdentityCertificate(name, new PublicKey(this.identityStorage_.getKey(name)), name2, d, d2, list, name3);
        } catch (SecurityException e) {
            return null;
        }
    }

    public final IdentityCertificate prepareUnsignedIdentityCertificate(Name name, Name name2, double d, double d2, List list) throws SecurityException {
        return prepareUnsignedIdentityCertificate(name, name2, d, d2, list, (Name) null);
    }

    public final IdentityCertificate prepareUnsignedIdentityCertificate(Name name, PublicKey publicKey, Name name2, double d, double d2, List list, Name name3) throws SecurityException {
        if (name.size() < 1) {
            return null;
        }
        String escapedString = name.get(-1).toEscapedString();
        if (escapedString.length() < 4) {
            return null;
        }
        String substring = escapedString.substring(0, 4);
        if (!substring.equals("ksk-") && !substring.equals("dsk-")) {
            return null;
        }
        IdentityCertificate identityCertificate = new IdentityCertificate();
        Name name4 = new Name();
        if (name3 != null) {
            if (!name3.match(name) || name3.equals(name)) {
                return null;
            }
            name4.append(name3).append("KEY").append(name.getSubName(name3.size())).append("ID-CERT").appendVersion((long) Common.getNowMilliseconds());
        } else if (name2.match(name)) {
            name4.append(name2).append("KEY").append(name.getSubName(name2.size())).append("ID-CERT").appendVersion((long) Common.getNowMilliseconds());
        } else {
            name4.append(name.getPrefix(-1)).append("KEY").append(name.get(-1)).append("ID-CERT").appendVersion((long) Common.getNowMilliseconds());
        }
        identityCertificate.setName(name4);
        identityCertificate.setNotBefore(d);
        identityCertificate.setNotAfter(d2);
        identityCertificate.setPublicKeyInfo(publicKey);
        if (list == null || list.isEmpty()) {
            identityCertificate.addSubjectDescription(new CertificateSubjectDescription("2.5.4.41", name.getPrefix(-1).toUri()));
        } else {
            for (int i = 0; i < list.size(); i++) {
                identityCertificate.addSubjectDescription((CertificateSubjectDescription) list.get(i));
            }
        }
        try {
            identityCertificate.encode();
            return identityCertificate;
        } catch (DerDecodingException e) {
            throw new SecurityException("DerDecodingException: " + e);
        } catch (DerEncodingException e2) {
            throw new SecurityException("DerEncodingException: " + e2);
        }
    }

    public final IdentityCertificate prepareUnsignedIdentityCertificate(Name name, PublicKey publicKey, Name name2, double d, double d2, List list) throws SecurityException {
        return prepareUnsignedIdentityCertificate(name, publicKey, name2, d, d2, list, null);
    }

    public final IdentityCertificate createIdentityCertificate(Name name, PublicKey publicKey, Name name2, double d, double d2) throws SecurityException {
        IdentityCertificate identityCertificate = new IdentityCertificate();
        Name keyNameFromCertificatePrefix = getKeyNameFromCertificatePrefix(name);
        Name name3 = new Name(name);
        name3.append("ID-CERT").appendVersion((long) Common.getNowMilliseconds());
        identityCertificate.setName(name3);
        identityCertificate.setNotBefore(d);
        identityCertificate.setNotAfter(d2);
        identityCertificate.setPublicKeyInfo(publicKey);
        identityCertificate.addSubjectDescription(new CertificateSubjectDescription("2.5.4.41", keyNameFromCertificatePrefix.toUri()));
        try {
            identityCertificate.encode();
            Sha256WithRsaSignature sha256WithRsaSignature = new Sha256WithRsaSignature();
            KeyLocator keyLocator = new KeyLocator();
            keyLocator.setType(KeyLocatorType.KEYNAME);
            keyLocator.setKeyName(name2);
            sha256WithRsaSignature.setKeyLocator(keyLocator);
            identityCertificate.setSignature(sha256WithRsaSignature);
            try {
                sha256WithRsaSignature.setSignature(this.privateKeyStorage_.sign(identityCertificate.wireEncode().signedBuf(), getCertificate(name2).getPublicKeyName()));
                return identityCertificate;
            } catch (DerDecodingException e) {
                throw new SecurityException("DerDecodingException: " + e);
            }
        } catch (DerDecodingException e2) {
            throw new SecurityException("DerEncodingException: " + e2);
        } catch (DerEncodingException e3) {
            throw new SecurityException("DerDecodingException: " + e3);
        }
    }

    public final void addCertificate(IdentityCertificate identityCertificate) throws SecurityException {
        this.identityStorage_.addCertificate(identityCertificate);
    }

    public final void setDefaultCertificateForKey(IdentityCertificate identityCertificate) throws SecurityException {
        Name publicKeyName = identityCertificate.getPublicKeyName();
        if (!this.identityStorage_.doesKeyExist(publicKeyName)) {
            throw new SecurityException("No corresponding Key record for certificate!");
        }
        this.identityStorage_.setDefaultCertificateNameForKey(publicKeyName, identityCertificate.getName());
    }

    public final void addCertificateAsIdentityDefault(IdentityCertificate identityCertificate) throws SecurityException {
        this.identityStorage_.addCertificate(identityCertificate);
        setDefaultKeyForIdentity(identityCertificate.getPublicKeyName());
        setDefaultCertificateForKey(identityCertificate);
    }

    public final void addCertificateAsDefault(IdentityCertificate identityCertificate) throws SecurityException {
        this.identityStorage_.addCertificate(identityCertificate);
        setDefaultCertificateForKey(identityCertificate);
    }

    public final IdentityCertificate getCertificate(Name name) throws SecurityException, DerDecodingException {
        return this.identityStorage_.getCertificate(name);
    }

    public final Name getDefaultCertificateNameForIdentity(Name name) throws SecurityException {
        return this.identityStorage_.getDefaultCertificateNameForIdentity(name);
    }

    public final Name getDefaultCertificateName() throws SecurityException {
        return this.identityStorage_.getDefaultCertificateNameForIdentity(getDefaultIdentity());
    }

    public void getAllIdentities(ArrayList arrayList, boolean z) throws SecurityException {
        this.identityStorage_.getAllIdentities(arrayList, z);
    }

    public final void getAllKeyNamesOfIdentity(Name name, ArrayList arrayList, boolean z) throws SecurityException {
        this.identityStorage_.getAllKeyNamesOfIdentity(name, arrayList, z);
    }

    public void getAllCertificateNamesOfKey(Name name, ArrayList arrayList, boolean z) throws SecurityException {
        this.identityStorage_.getAllCertificateNamesOfKey(name, arrayList, z);
    }

    public final Signature signByCertificate(ByteBuffer byteBuffer, Name name) throws SecurityException {
        DigestAlgorithm[] digestAlgorithmArr = new DigestAlgorithm[1];
        Signature makeSignatureByCertificate = makeSignatureByCertificate(name, digestAlgorithmArr);
        makeSignatureByCertificate.setSignature(this.privateKeyStorage_.sign(byteBuffer, IdentityCertificate.certificateNameToPublicKeyName(name), digestAlgorithmArr[0]));
        return makeSignatureByCertificate;
    }

    public final void signByCertificate(Data data, Name name) throws SecurityException {
        signByCertificate(data, name, WireFormat.getDefaultWireFormat());
    }

    public final void signByCertificate(Data data, Name name, WireFormat wireFormat) throws SecurityException {
        DigestAlgorithm[] digestAlgorithmArr = new DigestAlgorithm[1];
        data.setSignature(makeSignatureByCertificate(name, digestAlgorithmArr));
        data.getSignature().setSignature(this.privateKeyStorage_.sign(data.wireEncode(wireFormat).signedBuf(), IdentityCertificate.certificateNameToPublicKeyName(name), digestAlgorithmArr[0]));
        data.wireEncode(wireFormat);
    }

    public final void signInterestByCertificate(Interest interest, Name name, WireFormat wireFormat) throws SecurityException {
        DigestAlgorithm[] digestAlgorithmArr = new DigestAlgorithm[1];
        Signature makeSignatureByCertificate = makeSignatureByCertificate(name, digestAlgorithmArr);
        interest.getName().append(wireFormat.encodeSignatureInfo(makeSignatureByCertificate));
        interest.getName().append(new Name.Component());
        makeSignatureByCertificate.setSignature(this.privateKeyStorage_.sign(interest.wireEncode(wireFormat).signedBuf(), IdentityCertificate.certificateNameToPublicKeyName(name), digestAlgorithmArr[0]));
        interest.setName(interest.getName().getPrefix(-1).append(wireFormat.encodeSignatureValue(makeSignatureByCertificate)));
    }

    public final void signWithSha256(Data data, WireFormat wireFormat) {
        data.setSignature(new DigestSha256Signature());
        data.getSignature().setSignature(new Blob(Common.digestSha256(data.wireEncode(wireFormat).signedBuf()), false));
        data.wireEncode(wireFormat);
    }

    public final void signInterestWithSha256(Interest interest, WireFormat wireFormat) {
        DigestSha256Signature digestSha256Signature = new DigestSha256Signature();
        interest.getName().append(wireFormat.encodeSignatureInfo(digestSha256Signature));
        interest.getName().append(new Name.Component());
        digestSha256Signature.setSignature(new Blob(Common.digestSha256(interest.wireEncode(wireFormat).signedBuf()), false));
        interest.setName(interest.getName().getPrefix(-1).append(wireFormat.encodeSignatureValue(digestSha256Signature)));
    }

    public IdentityCertificate selfSign(Name name) throws SecurityException {
        IdentityCertificate identityCertificate = new IdentityCertificate();
        PublicKey publicKey = new PublicKey(this.identityStorage_.getKey(name));
        Calendar calendar = Calendar.getInstance();
        double timeInMillis = calendar.getTimeInMillis();
        calendar.add(1, 2);
        double timeInMillis2 = calendar.getTimeInMillis();
        identityCertificate.setNotBefore(timeInMillis);
        identityCertificate.setNotAfter(timeInMillis2);
        identityCertificate.setName(name.getPrefix(-1).append("KEY").append(name.get(-1)).append("ID-CERT").appendVersion((long) identityCertificate.getNotBefore()));
        identityCertificate.setPublicKeyInfo(publicKey);
        identityCertificate.addSubjectDescription(new CertificateSubjectDescription("2.5.4.41", name.toUri()));
        try {
            identityCertificate.encode();
            signByCertificate(identityCertificate, identityCertificate.getName());
            return identityCertificate;
        } catch (DerDecodingException e) {
            Logger.getLogger(IdentityManager.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e);
            return null;
        } catch (DerEncodingException e2) {
            Logger.getLogger(IdentityManager.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e2);
            return null;
        }
    }

    private Name generateKeyPair(Name name, boolean z, KeyParams keyParams) throws SecurityException {
        Logger.getLogger(getClass().getName()).log(Level.INFO, "Get new key ID");
        Name newKeyName = this.identityStorage_.getNewKeyName(name, z);
        Logger.getLogger(getClass().getName()).log(Level.INFO, "Generate key pair in private storage");
        this.privateKeyStorage_.generateKeyPair(newKeyName, keyParams);
        Logger.getLogger(getClass().getName()).log(Level.INFO, "Create a key record in public storage");
        this.identityStorage_.addKey(newKeyName, keyParams.getKeyType(), this.privateKeyStorage_.getPublicKey(newKeyName).getKeyDer());
        return newKeyName;
    }

    private static Name getKeyNameFromCertificatePrefix(Name name) throws SecurityException {
        Name name2 = new Name();
        int i = 0;
        while (i < name.size() && !name.get(i).toEscapedString().equals("KEY")) {
            i++;
        }
        if (i >= name.size()) {
            throw new SecurityException("Identity Certificate Prefix does not have a KEY component");
        }
        name2.append(name.getSubName(0, i));
        name2.append(name.getSubName(i + 1, (name.size() - i) - 1));
        return name2;
    }

    private Signature makeSignatureByCertificate(Name name, DigestAlgorithm[] digestAlgorithmArr) throws SecurityException {
        KeyType keyType = this.privateKeyStorage_.getPublicKey(IdentityCertificate.certificateNameToPublicKeyName(name)).getKeyType();
        if (keyType == KeyType.RSA) {
            Sha256WithRsaSignature sha256WithRsaSignature = new Sha256WithRsaSignature();
            digestAlgorithmArr[0] = DigestAlgorithm.SHA256;
            sha256WithRsaSignature.getKeyLocator().setType(KeyLocatorType.KEYNAME);
            sha256WithRsaSignature.getKeyLocator().setKeyName(name.getPrefix(-1));
            return sha256WithRsaSignature;
        }
        if (keyType != KeyType.ECDSA) {
            throw new SecurityException("Key type is not recognized");
        }
        Sha256WithEcdsaSignature sha256WithEcdsaSignature = new Sha256WithEcdsaSignature();
        digestAlgorithmArr[0] = DigestAlgorithm.SHA256;
        sha256WithEcdsaSignature.getKeyLocator().setType(KeyLocatorType.KEYNAME);
        sha256WithEcdsaSignature.getKeyLocator().setKeyName(name.getPrefix(-1));
        return sha256WithEcdsaSignature;
    }
}
