package net.named_data.jndn.security.policy;

import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import net.named_data.jndn.Data;
import net.named_data.jndn.DigestSha256Signature;
import net.named_data.jndn.Interest;
import net.named_data.jndn.Name;
import net.named_data.jndn.Sha256WithEcdsaSignature;
import net.named_data.jndn.Sha256WithRsaSignature;
import net.named_data.jndn.Signature;
import net.named_data.jndn.encoding.WireFormat;
import net.named_data.jndn.security.OnVerified;
import net.named_data.jndn.security.OnVerifiedInterest;
import net.named_data.jndn.security.OnVerifyFailed;
import net.named_data.jndn.security.OnVerifyInterestFailed;
import net.named_data.jndn.security.SecurityException;
import net.named_data.jndn.security.ValidationRequest;
import net.named_data.jndn.util.Blob;
import net.named_data.jndn.util.Common;
import net.named_data.jndn.util.SignedBlob;

/* loaded from: input_file:net/named_data/jndn/security/policy/PolicyManager.class */
public abstract class PolicyManager {
    public abstract boolean skipVerifyAndTrust(Data data);

    public abstract boolean skipVerifyAndTrust(Interest interest);

    public abstract boolean requireVerify(Data data);

    public abstract boolean requireVerify(Interest interest);

    public abstract ValidationRequest checkVerificationPolicy(Data data, int i, OnVerified onVerified, OnVerifyFailed onVerifyFailed) throws SecurityException;

    public abstract ValidationRequest checkVerificationPolicy(Interest interest, int i, OnVerifiedInterest onVerifiedInterest, OnVerifyInterestFailed onVerifyInterestFailed, WireFormat wireFormat) throws SecurityException;

    public ValidationRequest checkVerificationPolicy(Interest interest, int i, OnVerifiedInterest onVerifiedInterest, OnVerifyInterestFailed onVerifyInterestFailed) throws SecurityException {
        return checkVerificationPolicy(interest, i, onVerifiedInterest, onVerifyInterestFailed, WireFormat.getDefaultWireFormat());
    }

    public abstract boolean checkSigningPolicy(Name name, Name name2);

    public abstract Name inferSigningIdentity(Name name);

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean verifySignature(Signature signature, SignedBlob signedBlob, Blob blob) throws SecurityException {
        if (signature instanceof Sha256WithRsaSignature) {
            if (blob.isNull()) {
                return false;
            }
            return verifySha256WithRsaSignature(signature.getSignature(), signedBlob, blob);
        }
        if (signature instanceof Sha256WithEcdsaSignature) {
            if (blob.isNull()) {
                return false;
            }
            return verifySha256WithEcdsaSignature(signature.getSignature(), signedBlob, blob);
        }
        if (signature instanceof DigestSha256Signature) {
            return verifyDigestSha256Signature(signature.getSignature(), signedBlob);
        }
        throw new SecurityException("PolicyManager.verify: Signature type is unknown");
    }

    protected static boolean verifySha256WithRsaSignature(Blob blob, SignedBlob signedBlob, Blob blob2) throws SecurityException {
        try {
            try {
                PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(blob2.getImmutableArray()));
                try {
                    java.security.Signature signature = java.security.Signature.getInstance("SHA256withRSA");
                    try {
                        signature.initVerify(generatePublic);
                        try {
                            signature.update(signedBlob.signedBuf());
                            return signature.verify(blob.getImmutableArray());
                        } catch (SignatureException e) {
                            throw new SecurityException("SignatureException: " + e.getMessage());
                        }
                    } catch (InvalidKeyException e2) {
                        throw new SecurityException("InvalidKeyException: " + e2.getMessage());
                    }
                } catch (NoSuchAlgorithmException e3) {
                    throw new SecurityException("SHA256withRSA algorithm is not supported");
                }
            } catch (InvalidKeySpecException e4) {
                throw new SecurityException("X509EncodedKeySpec is not supported: " + e4.getMessage());
            }
        } catch (NoSuchAlgorithmException e5) {
            throw new SecurityException("RSA is not supported: " + e5.getMessage());
        }
    }

    protected static boolean verifySha256WithEcdsaSignature(Blob blob, SignedBlob signedBlob, Blob blob2) throws SecurityException {
        try {
            try {
                PublicKey generatePublic = KeyFactory.getInstance("EC").generatePublic(new X509EncodedKeySpec(blob2.getImmutableArray()));
                try {
                    java.security.Signature signature = java.security.Signature.getInstance("SHA256withECDSA");
                    try {
                        signature.initVerify(generatePublic);
                        try {
                            signature.update(signedBlob.signedBuf());
                            return signature.verify(blob.getImmutableArray());
                        } catch (SignatureException e) {
                            throw new SecurityException("SignatureException: " + e.getMessage());
                        }
                    } catch (InvalidKeyException e2) {
                        throw new SecurityException("InvalidKeyException: " + e2.getMessage());
                    }
                } catch (NoSuchAlgorithmException e3) {
                    throw new SecurityException("SHA256withECDSA algorithm is not supported");
                }
            } catch (InvalidKeySpecException e4) {
                throw new SecurityException("X509EncodedKeySpec is not supported: " + e4.getMessage());
            }
        } catch (NoSuchAlgorithmException e5) {
            throw new SecurityException("EC is not supported: " + e5.getMessage());
        }
    }

    protected static boolean verifyDigestSha256Signature(Blob blob, SignedBlob signedBlob) {
        return Arrays.equals(Common.digestSha256(signedBlob.signedBuf()), blob.getImmutableArray());
    }
}
