package net.named_data.jndn.security.policy;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import net.named_data.jndn.Data;
import net.named_data.jndn.Interest;
import net.named_data.jndn.KeyLocator;
import net.named_data.jndn.KeyLocatorType;
import net.named_data.jndn.Name;
import net.named_data.jndn.Signature;
import net.named_data.jndn.encoding.EncodingException;
import net.named_data.jndn.encoding.WireFormat;
import net.named_data.jndn.encoding.der.DerDecodingException;
import net.named_data.jndn.security.OnDataValidationFailed;
import net.named_data.jndn.security.OnInterestValidationFailed;
import net.named_data.jndn.security.OnVerified;
import net.named_data.jndn.security.OnVerifiedInterest;
import net.named_data.jndn.security.SecurityException;
import net.named_data.jndn.security.ValidationRequest;
import net.named_data.jndn.security.certificate.IdentityCertificate;
import net.named_data.jndn.security.v2.CertificateCacheV2;
import net.named_data.jndn.security.v2.CertificateV2;
import net.named_data.jndn.util.Blob;
import net.named_data.jndn.util.BoostInfoParser;
import net.named_data.jndn.util.BoostInfoTree;
import net.named_data.jndn.util.Common;
import net.named_data.jndn.util.SignedBlob;
import net.named_data.jndn.util.regex.NdnRegexMatcherBase;
import net.named_data.jndn.util.regex.NdnRegexTopMatcher;

/* loaded from: input_file:net/named_data/jndn/security/policy/ConfigPolicyManager.class */
public class ConfigPolicyManager extends PolicyManager {
    private final boolean isSecurityV1_;
    private CertificateCache certificateCache_;
    private CertificateCacheV2 certificateCacheV2_;
    private int maxDepth_;
    private double keyGraceInterval_;
    private double keyTimestampTtl_;
    private int maxTrackedKeys_;
    private final HashMap fixedCertificateCache_;
    private final HashMap keyTimestamps_;
    private BoostInfoParser config_;
    private boolean requiresVerification_;
    private TrustAnchorRefreshManager refreshManager_;
    private static final Logger logger_ = Logger.getLogger(ConfigPolicyManager.class.getName());

    /* loaded from: input_file:net/named_data/jndn/security/policy/ConfigPolicyManager$Friend.class */
    public interface Friend {
        void setConfigPolicyManagerFriendAccess(FriendAccess friendAccess);
    }

    /* loaded from: input_file:net/named_data/jndn/security/policy/ConfigPolicyManager$FriendAccess.class */
    public static abstract class FriendAccess {
        public abstract BoostInfoTree findMatchingRule(ConfigPolicyManager configPolicyManager, Name name, String str) throws NdnRegexMatcherBase.Error;

        public abstract boolean checkSignatureMatch(ConfigPolicyManager configPolicyManager, Name name, Name name2, BoostInfoTree boostInfoTree, String[] strArr) throws SecurityException, NdnRegexMatcherBase.Error, CertificateV2.Error;
    }

    /* loaded from: input_file:net/named_data/jndn/security/policy/ConfigPolicyManager$FriendAccessImpl.class */
    private static class FriendAccessImpl extends FriendAccess {
        private FriendAccessImpl() {
        }

        @Override // net.named_data.jndn.security.policy.ConfigPolicyManager.FriendAccess
        public BoostInfoTree findMatchingRule(ConfigPolicyManager configPolicyManager, Name name, String str) throws NdnRegexMatcherBase.Error {
            return configPolicyManager.findMatchingRule(name, str);
        }

        @Override // net.named_data.jndn.security.policy.ConfigPolicyManager.FriendAccess
        public boolean checkSignatureMatch(ConfigPolicyManager configPolicyManager, Name name, Name name2, BoostInfoTree boostInfoTree, String[] strArr) throws SecurityException, NdnRegexMatcherBase.Error, CertificateV2.Error {
            return configPolicyManager.checkSignatureMatch(name, name2, boostInfoTree, strArr);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/named_data/jndn/security/policy/ConfigPolicyManager$OnCertificateDownloadComplete.class */
    public class OnCertificateDownloadComplete implements OnVerified {
        private final Data originalData_;
        private final int stepCount_;
        private final OnVerified onVerified_;
        private final OnDataValidationFailed onValidationFailed_;

        public OnCertificateDownloadComplete(Data data, int i, OnVerified onVerified, OnDataValidationFailed onDataValidationFailed) {
            this.originalData_ = data;
            this.stepCount_ = i;
            this.onVerified_ = onVerified;
            this.onValidationFailed_ = onDataValidationFailed;
        }

        @Override // net.named_data.jndn.security.OnVerified
        public final void onVerified(Data data) {
            if (ConfigPolicyManager.this.isSecurityV1_) {
                try {
                    ConfigPolicyManager.this.certificateCache_.insertCertificate(new IdentityCertificate(data));
                } catch (DerDecodingException e) {
                    try {
                        this.onValidationFailed_.onDataValidationFailed(this.originalData_, "Cannot decode certificate " + data.getName().toUri());
                        return;
                    } catch (Throwable th) {
                        ConfigPolicyManager.logger_.log(Level.SEVERE, "Error in onDataValidationFailed", th);
                        return;
                    }
                }
            } else {
                try {
                    try {
                        ConfigPolicyManager.this.certificateCacheV2_.insert(new CertificateV2(data));
                    } catch (CertificateV2.Error e2) {
                        try {
                            this.onValidationFailed_.onDataValidationFailed(this.originalData_, "Cannot insert certificate " + data.getName().toUri());
                            return;
                        } catch (Throwable th2) {
                            ConfigPolicyManager.logger_.log(Level.SEVERE, "Error in onDataValidationFailed", th2);
                            return;
                        }
                    }
                } catch (CertificateV2.Error e3) {
                    try {
                        this.onValidationFailed_.onDataValidationFailed(this.originalData_, "Cannot decode certificate " + data.getName().toUri());
                        return;
                    } catch (Throwable th3) {
                        ConfigPolicyManager.logger_.log(Level.SEVERE, "Error in onDataValidationFailed", th3);
                        return;
                    }
                }
            }
            try {
                ConfigPolicyManager.this.checkVerificationPolicy(this.originalData_, this.stepCount_ + 1, this.onVerified_, this.onValidationFailed_);
            } catch (Exception e4) {
                try {
                    this.onValidationFailed_.onDataValidationFailed(this.originalData_, "Error in checkVerificationPolicy: " + e4);
                } catch (Throwable th4) {
                    ConfigPolicyManager.logger_.log(Level.SEVERE, "Error in onDataValidationFailed", th4);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/named_data/jndn/security/policy/ConfigPolicyManager$OnCertificateDownloadCompleteForInterest.class */
    public class OnCertificateDownloadCompleteForInterest implements OnVerified {
        private final Interest originalInterest_;
        private final int stepCount_;
        private final OnVerifiedInterest onVerified_;
        private final OnInterestValidationFailed onValidationFailed_;
        private final WireFormat wireFormat_;

        public OnCertificateDownloadCompleteForInterest(Interest interest, int i, OnVerifiedInterest onVerifiedInterest, OnInterestValidationFailed onInterestValidationFailed, WireFormat wireFormat) {
            this.originalInterest_ = interest;
            this.stepCount_ = i;
            this.onVerified_ = onVerifiedInterest;
            this.onValidationFailed_ = onInterestValidationFailed;
            this.wireFormat_ = wireFormat;
        }

        @Override // net.named_data.jndn.security.OnVerified
        public final void onVerified(Data data) {
            if (ConfigPolicyManager.this.isSecurityV1_) {
                try {
                    ConfigPolicyManager.this.certificateCache_.insertCertificate(new IdentityCertificate(data));
                } catch (DerDecodingException e) {
                    try {
                        this.onValidationFailed_.onInterestValidationFailed(this.originalInterest_, "Cannot decode certificate " + data.getName().toUri());
                        return;
                    } catch (Throwable th) {
                        ConfigPolicyManager.logger_.log(Level.SEVERE, "Error in onInterestValidationFailed", th);
                        return;
                    }
                }
            } else {
                try {
                    try {
                        ConfigPolicyManager.this.certificateCacheV2_.insert(new CertificateV2(data));
                    } catch (CertificateV2.Error e2) {
                        try {
                            this.onValidationFailed_.onInterestValidationFailed(this.originalInterest_, "Cannot insert certificate " + data.getName().toUri());
                            return;
                        } catch (Throwable th2) {
                            ConfigPolicyManager.logger_.log(Level.SEVERE, "Error in onDataValidationFailed", th2);
                            return;
                        }
                    }
                } catch (CertificateV2.Error e3) {
                    try {
                        this.onValidationFailed_.onInterestValidationFailed(this.originalInterest_, "Cannot decode certificate " + data.getName().toUri());
                        return;
                    } catch (Throwable th3) {
                        ConfigPolicyManager.logger_.log(Level.SEVERE, "Error in onInterestValidationFailed", th3);
                        return;
                    }
                }
            }
            try {
                ConfigPolicyManager.this.checkVerificationPolicy(this.originalInterest_, this.stepCount_ + 1, this.onVerified_, this.onValidationFailed_, this.wireFormat_);
            } catch (Exception e4) {
                try {
                    this.onValidationFailed_.onInterestValidationFailed(this.originalInterest_, "Error in checkVerificationPolicy: " + e4);
                } catch (Throwable th4) {
                    ConfigPolicyManager.logger_.log(Level.SEVERE, "Error in onInterestValidationFailed", th4);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/named_data/jndn/security/policy/ConfigPolicyManager$OnVerifyInterestFailedWrapper.class */
    public class OnVerifyInterestFailedWrapper implements OnDataValidationFailed {
        private final OnInterestValidationFailed onValidationFailed_;
        private final Interest interest_;

        public OnVerifyInterestFailedWrapper(OnInterestValidationFailed onInterestValidationFailed, Interest interest) {
            this.onValidationFailed_ = onInterestValidationFailed;
            this.interest_ = interest;
        }

        @Override // net.named_data.jndn.security.OnDataValidationFailed
        public final void onDataValidationFailed(Data data, String str) {
            this.onValidationFailed_.onInterestValidationFailed(this.interest_, str);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/named_data/jndn/security/policy/ConfigPolicyManager$TrustAnchorRefreshManager.class */
    public static class TrustAnchorRefreshManager {
        private final boolean isSecurityV1_;
        private final CertificateCache certificateCache_ = new CertificateCache();
        private final CertificateCacheV2 certificateCacheV2_ = new CertificateCacheV2();
        private final HashMap refreshDirectories_ = new HashMap();

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:net/named_data/jndn/security/policy/ConfigPolicyManager$TrustAnchorRefreshManager$DirectoryInfo.class */
        public static class DirectoryInfo {
            ArrayList certificateNames_;
            double nextRefresh_;
            double refreshPeriod_;

            public DirectoryInfo(ArrayList arrayList, double d, double d2) {
                this.certificateNames_ = arrayList;
                this.nextRefresh_ = d;
                this.refreshPeriod_ = d2;
            }
        }

        public TrustAnchorRefreshManager(boolean z) {
            this.isSecurityV1_ = z;
        }

        /* JADX WARN: Finally extract failed */
        public static IdentityCertificate loadIdentityCertificateFromFile(String str) throws SecurityException {
            StringBuilder sb = new StringBuilder();
            try {
                BufferedReader bufferedReader = new BufferedReader(new FileReader(str));
                while (true) {
                    try {
                        String readLine = bufferedReader.readLine();
                        if (readLine == null) {
                            bufferedReader.close();
                            byte[] base64Decode = Common.base64Decode(sb.toString());
                            IdentityCertificate identityCertificate = new IdentityCertificate();
                            try {
                                identityCertificate.wireDecode(new Blob(base64Decode, false));
                                return identityCertificate;
                            } catch (EncodingException e) {
                                throw new SecurityException("Can't decode the IdentityCertificate from file " + str + ": " + e.getMessage());
                            }
                        }
                        sb.append(readLine);
                    } catch (Throwable th) {
                        bufferedReader.close();
                        throw th;
                    }
                }
            } catch (FileNotFoundException e2) {
                throw new SecurityException("Can't find IdentityCertificate file " + str + ": " + e2.getMessage());
            } catch (IOException e3) {
                throw new SecurityException("Error reading IdentityCertificate file " + str + ": " + e3.getMessage());
            }
        }

        /* JADX WARN: Finally extract failed */
        public static CertificateV2 loadCertificateV2FromFile(String str) throws SecurityException {
            StringBuilder sb = new StringBuilder();
            try {
                BufferedReader bufferedReader = new BufferedReader(new FileReader(str));
                while (true) {
                    try {
                        String readLine = bufferedReader.readLine();
                        if (readLine == null) {
                            bufferedReader.close();
                            byte[] base64Decode = Common.base64Decode(sb.toString());
                            CertificateV2 certificateV2 = new CertificateV2();
                            try {
                                certificateV2.wireDecode(new Blob(base64Decode, false));
                                return certificateV2;
                            } catch (EncodingException e) {
                                throw new SecurityException("Can't decode the certificate from file " + str + ": " + e.getMessage());
                            }
                        }
                        sb.append(readLine);
                    } catch (Throwable th) {
                        bufferedReader.close();
                        throw th;
                    }
                }
            } catch (FileNotFoundException e2) {
                throw new SecurityException("Can't find the certificate file " + str + ": " + e2.getMessage());
            } catch (IOException e3) {
                throw new SecurityException("Error reading the certificate file " + str + ": " + e3.getMessage());
            }
        }

        public IdentityCertificate getCertificate(Name name) throws SecurityException {
            if (this.isSecurityV1_) {
                return this.certificateCache_.getCertificate(name);
            }
            throw new SecurityException("getCertificate: For security v2, use getCertificateV2()");
        }

        public CertificateV2 getCertificateV2(Name name) throws SecurityException {
            if (this.isSecurityV1_) {
                throw new SecurityException("getCertificateV2: For security v1, use getCertificate()");
            }
            return this.certificateCacheV2_.find(name);
        }

        public void addDirectory(String str, double d) throws SecurityException, CertificateV2.Error {
            File[] listFiles = new File(str).listFiles();
            if (listFiles == null) {
                throw new SecurityException("Cannot find files in directory " + str);
            }
            ArrayList arrayList = new ArrayList();
            for (File file : listFiles) {
                if (this.isSecurityV1_) {
                    try {
                        IdentityCertificate loadIdentityCertificateFromFile = loadIdentityCertificateFromFile(file.getAbsolutePath());
                        String uri = loadIdentityCertificateFromFile.getName().getPrefix(-1).toUri();
                        this.certificateCache_.insertCertificate(loadIdentityCertificateFromFile);
                        arrayList.add(uri);
                    } catch (Exception e) {
                    }
                } else {
                    try {
                        CertificateV2 loadCertificateV2FromFile = loadCertificateV2FromFile(file.getAbsolutePath());
                        String uri2 = CertificateV2.extractKeyNameFromCertName(loadCertificateV2FromFile.getName()).toUri();
                        this.certificateCacheV2_.insert(loadCertificateV2FromFile);
                        arrayList.add(uri2);
                    } catch (Exception e2) {
                    }
                }
            }
            this.refreshDirectories_.put(str, new DirectoryInfo(arrayList, Common.getNowMilliseconds() + d, d));
        }

        public void refreshAnchors() throws SecurityException, CertificateV2.Error {
            double nowMilliseconds = Common.getNowMilliseconds();
            for (Object obj : this.refreshDirectories_.keySet().toArray()) {
                String str = (String) obj;
                DirectoryInfo directoryInfo = (DirectoryInfo) this.refreshDirectories_.get(str);
                if (directoryInfo.nextRefresh_ <= nowMilliseconds) {
                    ArrayList arrayList = (ArrayList) directoryInfo.certificateNames_.clone();
                    for (int i = 0; i < arrayList.size(); i++) {
                        if (this.isSecurityV1_) {
                            this.certificateCache_.deleteCertificate(new Name((String) arrayList.get(i)));
                        } else {
                            CertificateV2 find = this.certificateCacheV2_.find(new Name((String) arrayList.get(i)));
                            if (find != null) {
                                this.certificateCacheV2_.deleteCertificate(find.getName());
                            }
                        }
                    }
                    addDirectory(str, directoryInfo.refreshPeriod_);
                }
            }
        }
    }

    public ConfigPolicyManager(String str, CertificateCache certificateCache, int i, double d, double d2, int i2) throws IOException, SecurityException, CertificateV2.Error {
        this.certificateCache_ = new CertificateCache();
        this.certificateCacheV2_ = new CertificateCacheV2();
        this.maxDepth_ = 5;
        this.keyGraceInterval_ = 3000.0d;
        this.keyTimestampTtl_ = 3600000.0d;
        this.maxTrackedKeys_ = 1000;
        this.fixedCertificateCache_ = new HashMap();
        this.keyTimestamps_ = new HashMap();
        this.config_ = new BoostInfoParser();
        this.requiresVerification_ = true;
        this.isSecurityV1_ = true;
        this.certificateCache_ = certificateCache;
        this.maxDepth_ = i;
        this.keyGraceInterval_ = d;
        this.keyTimestampTtl_ = d2;
        this.maxTrackedKeys_ = i2;
        reset();
        if (str == null || str.equals("")) {
            return;
        }
        load(str);
    }

    public ConfigPolicyManager(String str, CertificateCache certificateCache, int i, double d, double d2) throws IOException, SecurityException, CertificateV2.Error {
        this.certificateCache_ = new CertificateCache();
        this.certificateCacheV2_ = new CertificateCacheV2();
        this.maxDepth_ = 5;
        this.keyGraceInterval_ = 3000.0d;
        this.keyTimestampTtl_ = 3600000.0d;
        this.maxTrackedKeys_ = 1000;
        this.fixedCertificateCache_ = new HashMap();
        this.keyTimestamps_ = new HashMap();
        this.config_ = new BoostInfoParser();
        this.requiresVerification_ = true;
        this.isSecurityV1_ = true;
        this.certificateCache_ = certificateCache;
        this.maxDepth_ = i;
        this.keyGraceInterval_ = d;
        this.keyTimestampTtl_ = d2;
        reset();
        if (str == null || str.equals("")) {
            return;
        }
        load(str);
    }

    public ConfigPolicyManager(String str, CertificateCache certificateCache, int i, double d) throws IOException, SecurityException, CertificateV2.Error {
        this.certificateCache_ = new CertificateCache();
        this.certificateCacheV2_ = new CertificateCacheV2();
        this.maxDepth_ = 5;
        this.keyGraceInterval_ = 3000.0d;
        this.keyTimestampTtl_ = 3600000.0d;
        this.maxTrackedKeys_ = 1000;
        this.fixedCertificateCache_ = new HashMap();
        this.keyTimestamps_ = new HashMap();
        this.config_ = new BoostInfoParser();
        this.requiresVerification_ = true;
        this.isSecurityV1_ = true;
        this.certificateCache_ = certificateCache;
        this.maxDepth_ = i;
        this.keyGraceInterval_ = d;
        reset();
        if (str == null || str.equals("")) {
            return;
        }
        load(str);
    }

    public ConfigPolicyManager(String str, CertificateCache certificateCache, int i) throws IOException, SecurityException, CertificateV2.Error {
        this.certificateCache_ = new CertificateCache();
        this.certificateCacheV2_ = new CertificateCacheV2();
        this.maxDepth_ = 5;
        this.keyGraceInterval_ = 3000.0d;
        this.keyTimestampTtl_ = 3600000.0d;
        this.maxTrackedKeys_ = 1000;
        this.fixedCertificateCache_ = new HashMap();
        this.keyTimestamps_ = new HashMap();
        this.config_ = new BoostInfoParser();
        this.requiresVerification_ = true;
        this.isSecurityV1_ = true;
        this.certificateCache_ = certificateCache;
        this.maxDepth_ = i;
        reset();
        if (str == null || str.equals("")) {
            return;
        }
        load(str);
    }

    public ConfigPolicyManager(String str, CertificateCache certificateCache) throws IOException, SecurityException, CertificateV2.Error {
        this.certificateCache_ = new CertificateCache();
        this.certificateCacheV2_ = new CertificateCacheV2();
        this.maxDepth_ = 5;
        this.keyGraceInterval_ = 3000.0d;
        this.keyTimestampTtl_ = 3600000.0d;
        this.maxTrackedKeys_ = 1000;
        this.fixedCertificateCache_ = new HashMap();
        this.keyTimestamps_ = new HashMap();
        this.config_ = new BoostInfoParser();
        this.requiresVerification_ = true;
        this.isSecurityV1_ = true;
        this.certificateCache_ = certificateCache;
        reset();
        if (str == null || str.equals("")) {
            return;
        }
        load(str);
    }

    public ConfigPolicyManager(String str) throws IOException, SecurityException, CertificateV2.Error {
        this.certificateCache_ = new CertificateCache();
        this.certificateCacheV2_ = new CertificateCacheV2();
        this.maxDepth_ = 5;
        this.keyGraceInterval_ = 3000.0d;
        this.keyTimestampTtl_ = 3600000.0d;
        this.maxTrackedKeys_ = 1000;
        this.fixedCertificateCache_ = new HashMap();
        this.keyTimestamps_ = new HashMap();
        this.config_ = new BoostInfoParser();
        this.requiresVerification_ = true;
        this.isSecurityV1_ = true;
        reset();
        if (str == null || str.equals("")) {
            return;
        }
        load(str);
    }

    public ConfigPolicyManager() {
        this.certificateCache_ = new CertificateCache();
        this.certificateCacheV2_ = new CertificateCacheV2();
        this.maxDepth_ = 5;
        this.keyGraceInterval_ = 3000.0d;
        this.keyTimestampTtl_ = 3600000.0d;
        this.maxTrackedKeys_ = 1000;
        this.fixedCertificateCache_ = new HashMap();
        this.keyTimestamps_ = new HashMap();
        this.config_ = new BoostInfoParser();
        this.requiresVerification_ = true;
        this.isSecurityV1_ = true;
        reset();
    }

    public ConfigPolicyManager(String str, CertificateCacheV2 certificateCacheV2, int i, double d, double d2, int i2) throws IOException, SecurityException, CertificateV2.Error {
        this.certificateCache_ = new CertificateCache();
        this.certificateCacheV2_ = new CertificateCacheV2();
        this.maxDepth_ = 5;
        this.keyGraceInterval_ = 3000.0d;
        this.keyTimestampTtl_ = 3600000.0d;
        this.maxTrackedKeys_ = 1000;
        this.fixedCertificateCache_ = new HashMap();
        this.keyTimestamps_ = new HashMap();
        this.config_ = new BoostInfoParser();
        this.requiresVerification_ = true;
        this.isSecurityV1_ = false;
        this.certificateCacheV2_ = certificateCacheV2;
        this.maxDepth_ = i;
        this.keyGraceInterval_ = d;
        this.keyTimestampTtl_ = d2;
        this.maxTrackedKeys_ = i2;
        reset();
        if (str == null || str.equals("")) {
            return;
        }
        load(str);
    }

    public ConfigPolicyManager(String str, CertificateCacheV2 certificateCacheV2, int i, double d, double d2) throws IOException, SecurityException, CertificateV2.Error {
        this.certificateCache_ = new CertificateCache();
        this.certificateCacheV2_ = new CertificateCacheV2();
        this.maxDepth_ = 5;
        this.keyGraceInterval_ = 3000.0d;
        this.keyTimestampTtl_ = 3600000.0d;
        this.maxTrackedKeys_ = 1000;
        this.fixedCertificateCache_ = new HashMap();
        this.keyTimestamps_ = new HashMap();
        this.config_ = new BoostInfoParser();
        this.requiresVerification_ = true;
        this.isSecurityV1_ = false;
        this.certificateCacheV2_ = certificateCacheV2;
        this.maxDepth_ = i;
        this.keyGraceInterval_ = d;
        this.keyTimestampTtl_ = d2;
        reset();
        if (str == null || str.equals("")) {
            return;
        }
        load(str);
    }

    public ConfigPolicyManager(String str, CertificateCacheV2 certificateCacheV2, int i, double d) throws IOException, SecurityException, CertificateV2.Error {
        this.certificateCache_ = new CertificateCache();
        this.certificateCacheV2_ = new CertificateCacheV2();
        this.maxDepth_ = 5;
        this.keyGraceInterval_ = 3000.0d;
        this.keyTimestampTtl_ = 3600000.0d;
        this.maxTrackedKeys_ = 1000;
        this.fixedCertificateCache_ = new HashMap();
        this.keyTimestamps_ = new HashMap();
        this.config_ = new BoostInfoParser();
        this.requiresVerification_ = true;
        this.isSecurityV1_ = false;
        this.certificateCacheV2_ = certificateCacheV2;
        this.maxDepth_ = i;
        this.keyGraceInterval_ = d;
        reset();
        if (str == null || str.equals("")) {
            return;
        }
        load(str);
    }

    public ConfigPolicyManager(String str, CertificateCacheV2 certificateCacheV2, int i) throws IOException, SecurityException, CertificateV2.Error {
        this.certificateCache_ = new CertificateCache();
        this.certificateCacheV2_ = new CertificateCacheV2();
        this.maxDepth_ = 5;
        this.keyGraceInterval_ = 3000.0d;
        this.keyTimestampTtl_ = 3600000.0d;
        this.maxTrackedKeys_ = 1000;
        this.fixedCertificateCache_ = new HashMap();
        this.keyTimestamps_ = new HashMap();
        this.config_ = new BoostInfoParser();
        this.requiresVerification_ = true;
        this.isSecurityV1_ = false;
        this.certificateCacheV2_ = certificateCacheV2;
        this.maxDepth_ = i;
        reset();
        if (str == null || str.equals("")) {
            return;
        }
        load(str);
    }

    public ConfigPolicyManager(String str, CertificateCacheV2 certificateCacheV2) throws IOException, SecurityException, CertificateV2.Error {
        this.certificateCache_ = new CertificateCache();
        this.certificateCacheV2_ = new CertificateCacheV2();
        this.maxDepth_ = 5;
        this.keyGraceInterval_ = 3000.0d;
        this.keyTimestampTtl_ = 3600000.0d;
        this.maxTrackedKeys_ = 1000;
        this.fixedCertificateCache_ = new HashMap();
        this.keyTimestamps_ = new HashMap();
        this.config_ = new BoostInfoParser();
        this.requiresVerification_ = true;
        this.isSecurityV1_ = false;
        this.certificateCacheV2_ = certificateCacheV2;
        reset();
        if (str == null || str.equals("")) {
            return;
        }
        load(str);
    }

    public final void reset() {
        if (this.isSecurityV1_) {
            this.certificateCache_.reset();
        } else {
            this.certificateCacheV2_.clear();
        }
        this.fixedCertificateCache_.clear();
        this.keyTimestamps_.clear();
        this.requiresVerification_ = true;
        this.config_ = new BoostInfoParser();
        this.refreshManager_ = new TrustAnchorRefreshManager(this.isSecurityV1_);
    }

    public final void load(String str) throws IOException, SecurityException, CertificateV2.Error {
        reset();
        this.config_.read(str);
        loadTrustAnchorCertificates();
    }

    public void load(String str, String str2) throws IOException, SecurityException, CertificateV2.Error {
        reset();
        this.config_.read(str, str2);
        loadTrustAnchorCertificates();
    }

    @Override // net.named_data.jndn.security.policy.PolicyManager
    public final boolean skipVerifyAndTrust(Data data) {
        return !this.requiresVerification_;
    }

    @Override // net.named_data.jndn.security.policy.PolicyManager
    public final boolean skipVerifyAndTrust(Interest interest) {
        return !this.requiresVerification_;
    }

    @Override // net.named_data.jndn.security.policy.PolicyManager
    public final boolean requireVerify(Data data) {
        return this.requiresVerification_;
    }

    @Override // net.named_data.jndn.security.policy.PolicyManager
    public final boolean requireVerify(Interest interest) {
        return this.requiresVerification_;
    }

    @Override // net.named_data.jndn.security.policy.PolicyManager
    public final ValidationRequest checkVerificationPolicy(Data data, int i, OnVerified onVerified, OnDataValidationFailed onDataValidationFailed) throws SecurityException {
        String[] strArr = {"unknown"};
        try {
            Interest certificateInterest = getCertificateInterest(i, "data", data.getName(), data.getSignature(), strArr);
            if (certificateInterest == null) {
                try {
                    onDataValidationFailed.onDataValidationFailed(data, strArr[0]);
                    return null;
                } catch (Throwable th) {
                    logger_.log(Level.SEVERE, "Error in onDataValidationFailed", th);
                    return null;
                }
            }
            if (certificateInterest.getName().size() > 0) {
                return new ValidationRequest(certificateInterest, new OnCertificateDownloadComplete(data, i, onVerified, onDataValidationFailed), onDataValidationFailed, 2, i + 1);
            }
            if (verify(data.getSignature(), data.wireEncode(), strArr)) {
                try {
                    onVerified.onVerified(data);
                    return null;
                } catch (Throwable th2) {
                    logger_.log(Level.SEVERE, "Error in onVerified", th2);
                    return null;
                }
            }
            try {
                onDataValidationFailed.onDataValidationFailed(data, strArr[0]);
                return null;
            } catch (Throwable th3) {
                logger_.log(Level.SEVERE, "Error in onDataValidationFailed", th3);
                return null;
            }
        } catch (CertificateV2.Error e) {
            throw new SecurityException(e.getMessage());
        } catch (NdnRegexMatcherBase.Error e2) {
            throw new SecurityException("ConfigPolicyManager: Error in getCertificateInterest:" + e2);
        }
    }

    @Override // net.named_data.jndn.security.policy.PolicyManager
    public final ValidationRequest checkVerificationPolicy(Interest interest, int i, OnVerifiedInterest onVerifiedInterest, OnInterestValidationFailed onInterestValidationFailed, WireFormat wireFormat) throws SecurityException {
        String[] strArr = {"unknown"};
        Signature extractSignature = extractSignature(interest, wireFormat, strArr);
        if (extractSignature == null) {
            try {
                onInterestValidationFailed.onInterestValidationFailed(interest, strArr[0]);
                return null;
            } catch (Throwable th) {
                logger_.log(Level.SEVERE, "Error in onInterestValidationFailed", th);
                return null;
            }
        }
        try {
            Interest certificateInterest = getCertificateInterest(i, "interest", interest.getName().getPrefix(-4), extractSignature, strArr);
            if (certificateInterest == null) {
                try {
                    onInterestValidationFailed.onInterestValidationFailed(interest, strArr[0]);
                    return null;
                } catch (Throwable th2) {
                    logger_.log(Level.SEVERE, "Error in onInterestValidationFailed", th2);
                    return null;
                }
            }
            if (certificateInterest.getName().size() > 0) {
                return new ValidationRequest(certificateInterest, new OnCertificateDownloadCompleteForInterest(interest, i, onVerifiedInterest, onInterestValidationFailed, wireFormat), new OnVerifyInterestFailedWrapper(onInterestValidationFailed, interest), 2, i + 1);
            }
            Name keyName = KeyLocator.getFromSignature(extractSignature).getKeyName();
            Name certificateNameToPublicKeyName = this.isSecurityV1_ ? IdentityCertificate.certificateNameToPublicKeyName(keyName) : keyName;
            double number = interest.getName().get(-4).toNumber();
            if (!interestTimestampIsFresh(certificateNameToPublicKeyName, number, strArr)) {
                try {
                    onInterestValidationFailed.onInterestValidationFailed(interest, strArr[0]);
                    return null;
                } catch (Throwable th3) {
                    logger_.log(Level.SEVERE, "Error in onInterestValidationFailed", th3);
                    return null;
                }
            }
            if (verify(extractSignature, interest.wireEncode(), strArr)) {
                try {
                    onVerifiedInterest.onVerifiedInterest(interest);
                } catch (Throwable th4) {
                    logger_.log(Level.SEVERE, "Error in onVerifiedInterest", th4);
                }
                updateTimestampForKey(certificateNameToPublicKeyName, number);
                return null;
            }
            try {
                onInterestValidationFailed.onInterestValidationFailed(interest, strArr[0]);
                return null;
            } catch (Throwable th5) {
                logger_.log(Level.SEVERE, "Error in onInterestValidationFailed", th5);
                return null;
            }
        } catch (CertificateV2.Error e) {
            throw new SecurityException(e.getMessage());
        } catch (NdnRegexMatcherBase.Error e2) {
            throw new SecurityException("ConfigPolicyManager: Error in getCertificateInterest:" + e2);
        }
    }

    @Override // net.named_data.jndn.security.policy.PolicyManager
    public final boolean checkSigningPolicy(Name name, Name name2) {
        return true;
    }

    @Override // net.named_data.jndn.security.policy.PolicyManager
    public final Name inferSigningIdentity(Name name) {
        throw new UnsupportedOperationException("ConfigPolicyManager.inferSigningIdentity is not implemented");
    }

    private void loadTrustAnchorCertificates() throws SecurityException, CertificateV2.Error {
        ArrayList<BoostInfoTree> arrayList = this.config_.getRoot().get("validator/trust-anchor");
        for (int i = 0; i < arrayList.size(); i++) {
            BoostInfoTree boostInfoTree = arrayList.get(i);
            String firstValue = boostInfoTree.getFirstValue("type");
            boolean z = false;
            String str = null;
            if (firstValue.equals("file")) {
                str = boostInfoTree.getFirstValue("file-name");
                z = true;
            } else if (firstValue.equals("base64")) {
                str = boostInfoTree.getFirstValue("base64-string");
                z = false;
            } else if (firstValue.equals("dir")) {
                String firstValue2 = boostInfoTree.getFirstValue("dir");
                double d = 0.0d;
                ArrayList<BoostInfoTree> arrayList2 = boostInfoTree.get("refresh");
                if (arrayList2.size() >= 1) {
                    Matcher matcher = Pattern.compile("(\\d+)([hms])").matcher(arrayList2.get(0).getValue());
                    if (matcher.find()) {
                        d = Integer.parseInt(matcher.group(1));
                        if (!matcher.group(2).equals("s")) {
                            d *= 60.0d;
                            if (!matcher.group(2).equals("m")) {
                                d *= 60.0d;
                            }
                        }
                    } else {
                        d = 0.0d;
                    }
                }
                this.refreshManager_.addDirectory(firstValue2, d * 1000.0d);
            } else if (firstValue.equals("any")) {
                this.requiresVerification_ = false;
                return;
            }
            if (this.isSecurityV1_) {
                lookupCertificate(str, z);
            } else {
                lookupCertificateV2(str, z);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean checkSignatureMatch(Name name, Name name2, BoostInfoTree boostInfoTree, String[] strArr) throws SecurityException, NdnRegexMatcherBase.Error, CertificateV2.Error {
        Name name3;
        BoostInfoTree boostInfoTree2 = boostInfoTree.get("checker").get(0);
        String firstValue = boostInfoTree2.getFirstValue("type");
        if (firstValue.equals("fixed-signer")) {
            BoostInfoTree boostInfoTree3 = boostInfoTree2.get("signer").get(0);
            String firstValue2 = boostInfoTree3.getFirstValue("type");
            if (firstValue2.equals("file")) {
                if (this.isSecurityV1_) {
                    IdentityCertificate lookupCertificate = lookupCertificate(boostInfoTree3.getFirstValue("file-name"), true);
                    if (lookupCertificate == null) {
                        strArr[0] = "Can't find fixed-signer certificate file: " + boostInfoTree3.getFirstValue("file-name");
                        return false;
                    }
                    name3 = lookupCertificate.getName();
                } else {
                    CertificateV2 lookupCertificateV2 = lookupCertificateV2(boostInfoTree3.getFirstValue("file-name"), true);
                    if (lookupCertificateV2 == null) {
                        strArr[0] = "Can't find fixed-signer certificate file: " + boostInfoTree3.getFirstValue("file-name");
                        return false;
                    }
                    name3 = lookupCertificateV2.getName();
                }
            } else {
                if (!firstValue2.equals("base64")) {
                    strArr[0] = "Unrecognized fixed-signer signerType: " + firstValue2;
                    return false;
                }
                if (this.isSecurityV1_) {
                    IdentityCertificate lookupCertificate2 = lookupCertificate(boostInfoTree3.getFirstValue("base64-string"), false);
                    if (lookupCertificate2 == null) {
                        strArr[0] = "Can't find fixed-signer certificate base64: " + boostInfoTree3.getFirstValue("base64-string");
                        return false;
                    }
                    name3 = lookupCertificate2.getName();
                } else {
                    CertificateV2 lookupCertificateV22 = lookupCertificateV2(boostInfoTree3.getFirstValue("base64-string"), false);
                    if (lookupCertificateV22 == null) {
                        strArr[0] = "Can't find fixed-signer certificate base64: " + boostInfoTree3.getFirstValue("base64-string");
                        return false;
                    }
                    name3 = lookupCertificateV22.getName();
                }
            }
            if (name3.equals(name)) {
                return true;
            }
            strArr[0] = "fixed-signer cert name \"" + name3.toUri() + "\" does not equal signatureName \"" + name.toUri() + "\"";
            return false;
        }
        if (firstValue.equals("hierarchical")) {
            NdnRegexTopMatcher ndnRegexTopMatcher = new NdnRegexTopMatcher("^([^<KEY>]*)<KEY>(<>*)<ksk-.+><ID-CERT>");
            if (!ndnRegexTopMatcher.match(name)) {
                strArr[0] = "The hierarchical identityRegex \"^([^<KEY>]*)<KEY>(<>*)<ksk-.+><ID-CERT>\" does not match signatureName \"" + name.toUri() + "\"";
                return false;
            }
            Name append = ndnRegexTopMatcher.expand("\\1").append(ndnRegexTopMatcher.expand("\\2"));
            if (matchesRelation(name2, append, "is-prefix-of")) {
                return true;
            }
            strArr[0] = "The hierarchical objectName \"" + name2.toUri() + "\" is not a prefix of \"" + append + "\"";
            return false;
        }
        if (firstValue.equals("customized")) {
            BoostInfoTree boostInfoTree4 = boostInfoTree2.get("key-locator").get(0);
            String firstValue3 = boostInfoTree4.getFirstValue("relation");
            if (firstValue3 != null) {
                Name name4 = new Name(boostInfoTree4.getFirstValue("name"));
                if (matchesRelation(name, name4, firstValue3)) {
                    return true;
                }
                strArr[0] = "The custom signatureName \"" + name.toUri() + "\" does not match matchName \"" + name4.toUri() + "\" using relation " + firstValue3;
                return false;
            }
            String firstValue4 = boostInfoTree4.getFirstValue("regex");
            if (firstValue4 != null) {
                if (new NdnRegexTopMatcher(firstValue4).match(name)) {
                    return true;
                }
                strArr[0] = "The custom signatureName \"" + name.toUri() + "\" does not regex match simpleKeyRegex \"" + firstValue4 + "\"";
                return false;
            }
            ArrayList<BoostInfoTree> arrayList = boostInfoTree4.get("hyper-relation");
            if (arrayList.size() >= 1) {
                BoostInfoTree boostInfoTree5 = arrayList.get(0);
                String firstValue5 = boostInfoTree5.getFirstValue("k-regex");
                String firstValue6 = boostInfoTree5.getFirstValue("k-expand");
                String firstValue7 = boostInfoTree5.getFirstValue("p-regex");
                String firstValue8 = boostInfoTree5.getFirstValue("p-expand");
                String firstValue9 = boostInfoTree5.getFirstValue("h-relation");
                if (firstValue5 != null && firstValue6 != null && firstValue7 != null && firstValue8 != null && firstValue9 != null) {
                    NdnRegexTopMatcher ndnRegexTopMatcher2 = new NdnRegexTopMatcher(firstValue5);
                    if (!ndnRegexTopMatcher2.match(name)) {
                        strArr[0] = "The custom hyper-relation signatureName \"" + name.toUri() + "\" does not match the keyRegex \"" + firstValue5 + "\"";
                        return false;
                    }
                    Name expand = ndnRegexTopMatcher2.expand(firstValue6);
                    NdnRegexTopMatcher ndnRegexTopMatcher3 = new NdnRegexTopMatcher(firstValue7);
                    if (!ndnRegexTopMatcher3.match(name2)) {
                        strArr[0] = "The custom hyper-relation objectName \"" + name2.toUri() + "\" does not match the nameRegex \"" + firstValue7 + "\"";
                        return false;
                    }
                    Name expand2 = ndnRegexTopMatcher3.expand(firstValue8);
                    if (matchesRelation(expand2, expand, firstValue9)) {
                        return true;
                    }
                    strArr[0] = "The custom hyper-relation nameMatch \"" + expand2.toUri() + "\" does not match the keyMatchPrefix \"" + expand + "\" using relation " + firstValue9;
                    return false;
                }
            }
        }
        strArr[0] = "Unrecognized checkerType: " + firstValue;
        return false;
    }

    private static String expand(Matcher matcher, String str) {
        String str2 = "";
        int i = 0;
        Matcher matcher2 = Pattern.compile("\\\\(\\d)").matcher(str);
        while (matcher2.find()) {
            str2 = (str2 + str.substring(i, matcher2.start())) + matcher.group(Integer.parseInt(matcher2.group(1)));
            i = matcher2.end();
        }
        return str2 + str.substring(i, str.length());
    }

    private IdentityCertificate lookupCertificate(String str, boolean z) throws SecurityException {
        IdentityCertificate certificate;
        if (!this.isSecurityV1_) {
            throw new SecurityException("lookupCertificate: For security v2, use lookupCertificateV2()");
        }
        if (this.fixedCertificateCache_.containsKey(str)) {
            certificate = this.certificateCache_.getCertificate(new Name((String) this.fixedCertificateCache_.get(str)));
        } else {
            if (z) {
                certificate = TrustAnchorRefreshManager.loadIdentityCertificateFromFile(str);
            } else {
                byte[] base64Decode = Common.base64Decode(str);
                certificate = new IdentityCertificate();
                try {
                    certificate.wireDecode(new Blob(base64Decode, false));
                } catch (EncodingException e) {
                    throw new SecurityException("Cannot base64 decode the cert data: " + e.getMessage());
                }
            }
            this.fixedCertificateCache_.put(str, certificate.getName().getPrefix(-1).toUri());
            this.certificateCache_.insertCertificate(certificate);
        }
        return certificate;
    }

    private CertificateV2 lookupCertificateV2(String str, boolean z) throws SecurityException, CertificateV2.Error {
        CertificateV2 find;
        if (this.isSecurityV1_) {
            throw new SecurityException("lookupCertificateV2: For security v1, use lookupCertificate()");
        }
        if (this.fixedCertificateCache_.containsKey(str)) {
            find = this.certificateCacheV2_.find(new Name((String) this.fixedCertificateCache_.get(str)));
        } else {
            if (z) {
                find = TrustAnchorRefreshManager.loadCertificateV2FromFile(str);
            } else {
                byte[] base64Decode = Common.base64Decode(str);
                find = new CertificateV2();
                try {
                    find.wireDecode(new Blob(base64Decode, false));
                } catch (EncodingException e) {
                    throw new SecurityException("Cannot base64 decode the cert data: " + e.getMessage());
                }
            }
            this.fixedCertificateCache_.put(str, find.getName().getPrefix(-1).toUri());
            this.certificateCacheV2_.insert(find);
        }
        return find;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public BoostInfoTree findMatchingRule(Name name, String str) throws NdnRegexMatcherBase.Error {
        ArrayList<BoostInfoTree> arrayList = this.config_.getRoot().get("validator/rule");
        for (int i = 0; i < arrayList.size(); i++) {
            BoostInfoTree boostInfoTree = arrayList.get(i);
            if (boostInfoTree.getFirstValue("for").equals(str)) {
                boolean z = true;
                ArrayList<BoostInfoTree> arrayList2 = boostInfoTree.get("filter");
                if (arrayList2.isEmpty()) {
                    return boostInfoTree;
                }
                for (int i2 = 0; i2 < arrayList2.size(); i2++) {
                    BoostInfoTree boostInfoTree2 = arrayList2.get(i2);
                    String firstValue = boostInfoTree2.getFirstValue("regex");
                    z = firstValue == null ? matchesRelation(name, new Name(boostInfoTree2.getFirstValue("name")), boostInfoTree2.getFirstValue("relation")) : new NdnRegexTopMatcher(firstValue).match(name);
                    if (!z) {
                        break;
                    }
                }
                if (z) {
                    return boostInfoTree;
                }
            }
        }
        return null;
    }

    private static boolean matchesRelation(Name name, Name name2, String str) {
        boolean z = false;
        if (str.equals("is-strict-prefix-of")) {
            if (name2.size() == name.size()) {
                z = false;
            } else if (name2.match(name)) {
                z = true;
            }
        } else if (str.equals("is-prefix-of")) {
            if (name2.match(name)) {
                z = true;
            }
        } else if (str.equals("equal") && name2.equals(name)) {
            z = true;
        }
        return z;
    }

    private static Signature extractSignature(Interest interest, WireFormat wireFormat, String[] strArr) {
        if (interest.getName().size() < 2) {
            strArr[0] = "The signed interest has less than 2 components: " + interest.getName().toUri();
            return null;
        }
        try {
            return wireFormat.decodeSignatureInfoAndValue(interest.getName().get(-2).getValue().buf(), interest.getName().get(-1).getValue().buf(), false);
        } catch (EncodingException e) {
            strArr[0] = "Error decoding the signed interest signature: " + e;
            return null;
        }
    }

    private boolean interestTimestampIsFresh(Name name, double d, String[] strArr) {
        String uri = name.toUri();
        if (this.keyTimestamps_.containsKey(uri)) {
            if (d > ((Double) this.keyTimestamps_.get(uri)).doubleValue()) {
                return true;
            }
            strArr[0] = "The command interest timestamp is not newer than the previous timestamp";
            return false;
        }
        double nowMilliseconds = Common.getNowMilliseconds();
        double d2 = nowMilliseconds - this.keyGraceInterval_;
        double d3 = nowMilliseconds + this.keyGraceInterval_;
        if (d > d2 && d < d3) {
            return true;
        }
        strArr[0] = "The command interest timestamp is not within the first use grace period of " + this.keyGraceInterval_ + " milliseconds.";
        return false;
    }

    private void updateTimestampForKey(Name name, double d) {
        this.keyTimestamps_.put(name.toUri(), Double.valueOf(d));
        if (this.keyTimestamps_.size() >= this.maxTrackedKeys_) {
            double nowMilliseconds = Common.getNowMilliseconds();
            double d2 = nowMilliseconds;
            String str = "";
            ArrayList arrayList = new ArrayList();
            for (Object obj : this.keyTimestamps_.keySet().toArray()) {
                String str2 = (String) obj;
                double doubleValue = ((Double) this.keyTimestamps_.get(str2)).doubleValue();
                if (nowMilliseconds - doubleValue > this.keyTimestampTtl_) {
                    arrayList.add(str2);
                } else if (doubleValue < d2) {
                    d2 = doubleValue;
                    str = str2;
                }
            }
            for (int i = 0; i < arrayList.size(); i++) {
                this.keyTimestamps_.remove(arrayList.get(i));
            }
            if (this.keyTimestamps_.size() <= this.maxTrackedKeys_ || str.length() == 0) {
                return;
            }
            this.keyTimestamps_.remove(str);
        }
    }

    private boolean verify(Signature signature, SignedBlob signedBlob, String[] strArr) throws SecurityException {
        Blob publicKey;
        KeyLocator fromSignature = KeyLocator.getFromSignature(signature);
        if (fromSignature.getType() != KeyLocatorType.KEYNAME) {
            strArr[0] = "The KeyLocator does not have a key name";
            return false;
        }
        Name keyName = fromSignature.getKeyName();
        if (this.isSecurityV1_) {
            IdentityCertificate certificate = this.refreshManager_.getCertificate(keyName);
            if (certificate == null) {
                certificate = this.certificateCache_.getCertificate(keyName);
            }
            if (certificate == null) {
                strArr[0] = "Cannot find a certificate with name " + keyName.toUri();
                return false;
            }
            publicKey = certificate.getPublicKeyInfo().getKeyDer();
            if (publicKey.isNull()) {
                strArr[0] = "There is no public key in the certificate with name " + certificate.getName().toUri();
                return false;
            }
        } else {
            CertificateV2 certificateV2 = this.refreshManager_.getCertificateV2(keyName);
            if (certificateV2 == null) {
                certificateV2 = this.certificateCacheV2_.find(keyName);
            }
            if (certificateV2 == null) {
                strArr[0] = "Cannot find a certificate with name " + keyName.toUri();
                return false;
            }
            try {
                publicKey = certificateV2.getPublicKey();
            } catch (CertificateV2.Error e) {
                strArr[0] = "There is no public key in the certificate with name " + certificateV2.getName().toUri();
                return false;
            }
        }
        if (verifySignature(signature, signedBlob, publicKey)) {
            return true;
        }
        strArr[0] = "The signature did not verify with the given public key";
        return false;
    }

    private Interest getCertificateInterest(int i, String str, Name name, Signature signature, String[] strArr) throws SecurityException, NdnRegexMatcherBase.Error, CertificateV2.Error {
        if (i > this.maxDepth_) {
            strArr[0] = "The verification stepCount " + i + " exceeded the maxDepth " + this.maxDepth_;
            return null;
        }
        BoostInfoTree findMatchingRule = findMatchingRule(name, str);
        if (findMatchingRule == null) {
            strArr[0] = "No matching rule found for " + name.toUri();
            return null;
        }
        if (!KeyLocator.canGetFromSignature(signature)) {
            strArr[0] = "The signature type does not support a KeyLocator";
            return null;
        }
        Name keyName = KeyLocator.getFromSignature(signature).getKeyName();
        if (keyName.size() == 0) {
            strArr[0] = "The signature KeyLocator doesn't have a key name";
            return null;
        }
        if (!checkSignatureMatch(keyName, name, findMatchingRule, strArr)) {
            return null;
        }
        this.refreshManager_.refreshAnchors();
        if (this.isSecurityV1_) {
            IdentityCertificate certificate = this.refreshManager_.getCertificate(keyName);
            if (certificate == null) {
                certificate = this.certificateCache_.getCertificate(keyName);
            }
            if (certificate == null) {
                return new Interest(keyName);
            }
        } else {
            CertificateV2 certificateV2 = this.refreshManager_.getCertificateV2(keyName);
            if (certificateV2 == null) {
                certificateV2 = this.certificateCacheV2_.find(keyName);
            }
            if (certificateV2 == null) {
                return new Interest(keyName);
            }
        }
        return new Interest();
    }

    public static void setFriendAccess(Friend friend) {
        if (friend.getClass().getName().endsWith("net.named_data.jndn.tests.integration_tests.TestPolicyManager") || friend.getClass().getName().endsWith("net.named_data.jndn.tests.integration_tests.TestVerificationRules")) {
            friend.setConfigPolicyManagerFriendAccess(new FriendAccessImpl());
        }
    }
}
