package net.named_data.jndn.security.policy;

import java.util.logging.Level;
import java.util.logging.Logger;
import net.named_data.jndn.Data;
import net.named_data.jndn.Interest;
import net.named_data.jndn.KeyLocator;
import net.named_data.jndn.KeyLocatorType;
import net.named_data.jndn.Name;
import net.named_data.jndn.Signature;
import net.named_data.jndn.encoding.EncodingException;
import net.named_data.jndn.encoding.WireFormat;
import net.named_data.jndn.security.OnDataValidationFailed;
import net.named_data.jndn.security.OnInterestValidationFailed;
import net.named_data.jndn.security.OnVerified;
import net.named_data.jndn.security.OnVerifiedInterest;
import net.named_data.jndn.security.SecurityException;
import net.named_data.jndn.security.ValidationRequest;
import net.named_data.jndn.security.certificate.IdentityCertificate;
import net.named_data.jndn.security.identity.IdentityStorage;
import net.named_data.jndn.util.Blob;
import net.named_data.jndn.util.SignedBlob;

/* loaded from: input_file:net/named_data/jndn/security/policy/SelfVerifyPolicyManager.class */
public class SelfVerifyPolicyManager extends PolicyManager {
    private final IdentityStorage identityStorage_;
    private static final Logger logger_ = Logger.getLogger(SelfVerifyPolicyManager.class.getName());

    public SelfVerifyPolicyManager(IdentityStorage identityStorage) {
        this.identityStorage_ = identityStorage;
    }

    public SelfVerifyPolicyManager() {
        this.identityStorage_ = null;
    }

    @Override // net.named_data.jndn.security.policy.PolicyManager
    public boolean skipVerifyAndTrust(Data data) {
        return false;
    }

    @Override // net.named_data.jndn.security.policy.PolicyManager
    public boolean skipVerifyAndTrust(Interest interest) {
        return false;
    }

    @Override // net.named_data.jndn.security.policy.PolicyManager
    public boolean requireVerify(Data data) {
        return true;
    }

    @Override // net.named_data.jndn.security.policy.PolicyManager
    public boolean requireVerify(Interest interest) {
        return true;
    }

    @Override // net.named_data.jndn.security.policy.PolicyManager
    public ValidationRequest checkVerificationPolicy(Data data, int i, OnVerified onVerified, OnDataValidationFailed onDataValidationFailed) throws SecurityException {
        String[] strArr = {"unknown"};
        if (verify(data.getSignature(), data.wireEncode(), strArr)) {
            try {
                onVerified.onVerified(data);
                return null;
            } catch (Throwable th) {
                logger_.log(Level.SEVERE, "Error in onVerified", th);
                return null;
            }
        }
        try {
            onDataValidationFailed.onDataValidationFailed(data, strArr[0]);
            return null;
        } catch (Throwable th2) {
            logger_.log(Level.SEVERE, "Error in onDataValidationFailed", th2);
            return null;
        }
    }

    @Override // net.named_data.jndn.security.policy.PolicyManager
    public ValidationRequest checkVerificationPolicy(Interest interest, int i, OnVerifiedInterest onVerifiedInterest, OnInterestValidationFailed onInterestValidationFailed, WireFormat wireFormat) throws SecurityException {
        if (interest.getName().size() < 2) {
            try {
                onInterestValidationFailed.onInterestValidationFailed(interest, "The signed interest has less than 2 components: " + interest.getName().toUri());
                return null;
            } catch (Throwable th) {
                logger_.log(Level.SEVERE, "Error in onInterestValidationFailed", th);
                return null;
            }
        }
        try {
            String[] strArr = {"unknown"};
            if (verify(wireFormat.decodeSignatureInfoAndValue(interest.getName().get(-2).getValue().buf(), interest.getName().get(-1).getValue().buf(), false), interest.wireEncode(wireFormat), strArr)) {
                try {
                    onVerifiedInterest.onVerifiedInterest(interest);
                    return null;
                } catch (Throwable th2) {
                    logger_.log(Level.SEVERE, "Error in onVerifiedInterest", th2);
                    return null;
                }
            }
            try {
                onInterestValidationFailed.onInterestValidationFailed(interest, strArr[0]);
                return null;
            } catch (Throwable th3) {
                logger_.log(Level.SEVERE, "Error in onInterestValidationFailed", th3);
                return null;
            }
        } catch (EncodingException e) {
            logger_.log(Level.INFO, "Cannot decode the signed interest SignatureInfo and value", (Throwable) e);
            try {
                onInterestValidationFailed.onInterestValidationFailed(interest, "Error decoding the signed interest signature: " + e);
                return null;
            } catch (Throwable th4) {
                logger_.log(Level.SEVERE, "Error in onInterestValidationFailed", th4);
                return null;
            }
        }
    }

    @Override // net.named_data.jndn.security.policy.PolicyManager
    public boolean checkSigningPolicy(Name name, Name name2) {
        return true;
    }

    @Override // net.named_data.jndn.security.policy.PolicyManager
    public Name inferSigningIdentity(Name name) {
        return new Name();
    }

    private boolean verify(Signature signature, SignedBlob signedBlob, String[] strArr) throws SecurityException {
        Blob blob = null;
        if (KeyLocator.canGetFromSignature(signature)) {
            blob = getPublicKeyDer(KeyLocator.getFromSignature(signature), strArr);
            if (blob.isNull()) {
                return false;
            }
        }
        if (verifySignature(signature, signedBlob, blob)) {
            return true;
        }
        strArr[0] = "The signature did not verify with the given public key";
        return false;
    }

    private Blob getPublicKeyDer(KeyLocator keyLocator, String[] strArr) throws SecurityException {
        if (keyLocator.getType() != KeyLocatorType.KEYNAME || this.identityStorage_ == null) {
            strArr[0] = "The signature KeyLocator doesn't have a key name";
            return new Blob();
        }
        try {
            Name certificateNameToPublicKeyName = IdentityCertificate.certificateNameToPublicKeyName(keyLocator.getKeyName());
            try {
                return this.identityStorage_.getKey(certificateNameToPublicKeyName);
            } catch (SecurityException e) {
                strArr[0] = "The identityStorage doesn't have the key named " + certificateNameToPublicKeyName.toUri();
                return new Blob();
            }
        } catch (Throwable th) {
            strArr[0] = "Cannot get a public key name from the certificate named: " + keyLocator.getKeyName().toUri();
            return new Blob();
        }
    }
}
