package net.named_data.jndn.security.v2;

import java.io.IOException;
import java.util.ArrayList;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import net.named_data.jndn.Data;
import net.named_data.jndn.Interest;
import net.named_data.jndn.Name;
import net.named_data.jndn.security.ValidatorConfigError;
import net.named_data.jndn.security.v2.CertificateV2;
import net.named_data.jndn.security.v2.TrustAnchorContainer;
import net.named_data.jndn.security.v2.ValidationPolicy;
import net.named_data.jndn.security.v2.validator_config.ConfigRule;
import net.named_data.jndn.util.Blob;
import net.named_data.jndn.util.BoostInfoParser;
import net.named_data.jndn.util.BoostInfoTree;
import net.named_data.jndn.util.Common;

/* loaded from: input_file:net/named_data/jndn/security/v2/ValidationPolicyConfig.class */
public class ValidationPolicyConfig extends ValidationPolicy {
    private final ArrayList<ConfigRule> dataRules_ = new ArrayList<>();
    private final ArrayList<ConfigRule> interestRules_ = new ArrayList<>();
    private boolean shouldBypass_ = false;
    private boolean isConfigured_ = false;

    public final void load(String str) throws IOException, ValidatorConfigError {
        BoostInfoParser boostInfoParser = new BoostInfoParser();
        boostInfoParser.read(str);
        load(boostInfoParser.getRoot(), str);
    }

    public final void load(String str, String str2) throws IOException, ValidatorConfigError {
        BoostInfoParser boostInfoParser = new BoostInfoParser();
        boostInfoParser.read(str, str2);
        load(boostInfoParser.getRoot(), str2);
    }

    public final void load(BoostInfoTree boostInfoTree, String str) throws ValidatorConfigError {
        if (this.isConfigured_) {
            this.shouldBypass_ = false;
            this.dataRules_.clear();
            this.interestRules_.clear();
            this.validator_.resetAnchors();
            this.validator_.resetVerifiedCertificates();
        }
        this.isConfigured_ = true;
        ArrayList<BoostInfoTree> arrayList = boostInfoTree.get("validator");
        if (arrayList.size() != 1) {
            throw new ValidatorConfigError("ValidationPolicyConfig: Expected one validator section");
        }
        BoostInfoTree boostInfoTree2 = arrayList.get(0);
        ArrayList<BoostInfoTree> arrayList2 = boostInfoTree2.get("rule");
        for (int i = 0; i < arrayList2.size(); i++) {
            ConfigRule create = ConfigRule.create(arrayList2.get(i));
            if (create.getIsForInterest()) {
                this.interestRules_.add(create);
            } else {
                this.dataRules_.add(create);
            }
        }
        ArrayList<BoostInfoTree> arrayList3 = boostInfoTree2.get("trust-anchor");
        for (int i2 = 0; i2 < arrayList3.size(); i2++) {
            processConfigTrustAnchor(arrayList3.get(i2), str);
        }
    }

    @Override // net.named_data.jndn.security.v2.ValidationPolicy
    public void checkPolicy(Data data, ValidationState validationState, ValidationPolicy.ValidationContinuation validationContinuation) throws CertificateV2.Error, ValidatorConfigError {
        if (hasInnerPolicy()) {
            throw new ValidatorConfigError("ValidationPolicyConfig must be a terminal inner policy");
        }
        if (this.shouldBypass_) {
            validationContinuation.continueValidation(null, validationState);
            return;
        }
        Name keyLocatorName = getKeyLocatorName(data, validationState);
        if (validationState.isOutcomeFailed()) {
            return;
        }
        for (int i = 0; i < this.dataRules_.size(); i++) {
            ConfigRule configRule = this.dataRules_.get(i);
            if (configRule.match(false, data.getName())) {
                if (configRule.check(false, data.getName(), keyLocatorName, validationState)) {
                    validationContinuation.continueValidation(new CertificateRequest(new Interest(keyLocatorName)), validationState);
                    return;
                }
                return;
            }
        }
        validationState.fail(new ValidationError(9, "No rule matched for data `" + data.getName().toUri() + "`"));
    }

    @Override // net.named_data.jndn.security.v2.ValidationPolicy
    public void checkPolicy(Interest interest, ValidationState validationState, ValidationPolicy.ValidationContinuation validationContinuation) throws CertificateV2.Error, ValidatorConfigError {
        if (hasInnerPolicy()) {
            throw new ValidatorConfigError("ValidationPolicyConfig must be a terminal inner policy");
        }
        if (this.shouldBypass_) {
            validationContinuation.continueValidation(null, validationState);
            return;
        }
        Name keyLocatorName = getKeyLocatorName(interest, validationState);
        if (validationState.isOutcomeFailed()) {
            return;
        }
        for (int i = 0; i < this.interestRules_.size(); i++) {
            ConfigRule configRule = this.interestRules_.get(i);
            if (configRule.match(true, interest.getName())) {
                if (configRule.check(true, interest.getName(), keyLocatorName, validationState)) {
                    validationContinuation.continueValidation(new CertificateRequest(new Interest(keyLocatorName)), validationState);
                    return;
                }
                return;
            }
        }
        validationState.fail(new ValidationError(9, "No rule matched for interest `" + interest.getName().toUri() + "`"));
    }

    private void processConfigTrustAnchor(BoostInfoTree boostInfoTree, String str) throws ValidatorConfigError {
        String firstValue = boostInfoTree.getFirstValue("type");
        if (firstValue == null) {
            throw new ValidatorConfigError("Expected <trust-anchor.type>");
        }
        if (firstValue.equalsIgnoreCase("file")) {
            String firstValue2 = boostInfoTree.getFirstValue("file-name");
            if (firstValue2 == null) {
                throw new ValidatorConfigError("Expected <trust-anchor.file-name>");
            }
            try {
                this.validator_.loadAnchor(firstValue2, firstValue2, getRefreshPeriod(boostInfoTree), false);
                return;
            } catch (TrustAnchorContainer.Error e) {
                throw new ValidatorConfigError("Error in loadAnchor: " + e);
            }
        }
        if (firstValue.equalsIgnoreCase("base64")) {
            String firstValue3 = boostInfoTree.getFirstValue("base64-string");
            if (firstValue3 == null) {
                throw new ValidatorConfigError("Expected <trust-anchor.base64-string>");
            }
            byte[] base64Decode = Common.base64Decode(firstValue3);
            CertificateV2 certificateV2 = new CertificateV2();
            try {
                certificateV2.wireDecode(new Blob(base64Decode));
                try {
                    this.validator_.loadAnchor("", certificateV2);
                    return;
                } catch (TrustAnchorContainer.Error e2) {
                    throw new ValidatorConfigError("Error in loadAnchor: " + e2);
                }
            } catch (Exception e3) {
                throw new ValidatorConfigError("Cannot decode certificate from base64-string: " + e3);
            }
        }
        if (!firstValue.equalsIgnoreCase("dir")) {
            if (!firstValue.equalsIgnoreCase("any")) {
                throw new ValidatorConfigError("Unsupported trust-anchor.type");
            }
            this.shouldBypass_ = true;
            return;
        }
        String firstValue4 = boostInfoTree.getFirstValue("dir");
        if (firstValue4 == null) {
            throw new ValidatorConfigError("Expected <trust-anchor.dir>");
        }
        try {
            this.validator_.loadAnchor(firstValue4, firstValue4, getRefreshPeriod(boostInfoTree), true);
        } catch (TrustAnchorContainer.Error e4) {
            throw new ValidatorConfigError("Error in loadAnchor: " + e4);
        }
    }

    private static double getRefreshPeriod(BoostInfoTree boostInfoTree) {
        String firstValue = boostInfoTree.getFirstValue("refresh");
        if (firstValue == null) {
            return 1.0E14d;
        }
        double d = 0.0d;
        Matcher matcher = Pattern.compile("(\\d+)([hms])").matcher(firstValue);
        if (matcher.find()) {
            d = Integer.parseInt(matcher.group(1));
            if (!matcher.group(2).equals("s")) {
                d *= 60.0d;
                if (!matcher.group(2).equals("m")) {
                    d *= 60.0d;
                }
            }
        }
        if (d == 0.0d) {
            return 3600000.0d;
        }
        return d * 1000.0d;
    }
}
