package net.handle.hdllib.trust;

import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import net.handle.hdllib.GsonUtility;
import net.handle.hdllib.HandleValue;
import net.handle.hdllib.Util;
import net.handle.hdllib.trust.DigestedHandleValues;

/* loaded from: input_file:net/handle/hdllib/trust/HandleVerifier.class */
public class HandleVerifier {
    private static HandleVerifier INSTANCE = new HandleVerifier();

    public static HandleVerifier getInstance() {
        return INSTANCE;
    }

    public ValuesSignatureVerificationReport verifyValues(String str, List<HandleValue> list, JsonWebSignature jsonWebSignature, PublicKey publicKey) {
        ValuesSignatureVerificationReport valuesSignatureVerificationReport = new ValuesSignatureVerificationReport();
        verifyHandleClaimsSetAndSetReportProperties(valuesSignatureVerificationReport, jsonWebSignature, publicKey);
        HandleClaimsSet handleClaimsSet = getHandleClaimsSet(jsonWebSignature);
        if (handleClaimsSet == null) {
            return valuesSignatureVerificationReport;
        }
        valuesSignatureVerificationReport.correctHandle = Util.equalsPrefixCI(str, handleClaimsSet.sub);
        if (handleClaimsSet.digests == null || handleClaimsSet.digests.alg == null) {
            valuesSignatureVerificationReport.validPayload = false;
            return valuesSignatureVerificationReport;
        }
        try {
            DigestedHandleValues digest = new HandleValueDigester().digest(list, handleClaimsSet.digests.alg);
            valuesSignatureVerificationReport.verifiedValues = getVerifiedValues(digest.digests, handleClaimsSet.digests.digests);
            valuesSignatureVerificationReport.unsignedValues = getUnsignedValues(digest.digests, handleClaimsSet.digests.digests);
            valuesSignatureVerificationReport.badDigestValues = getBadDigestValues(digest.digests, handleClaimsSet.digests.digests);
            valuesSignatureVerificationReport.missingValues = getMissingValues(digest.digests, handleClaimsSet.digests.digests);
            valuesSignatureVerificationReport.iss = handleClaimsSet.iss;
            valuesSignatureVerificationReport.sub = handleClaimsSet.sub;
            return valuesSignatureVerificationReport;
        } catch (NoSuchAlgorithmException e) {
            valuesSignatureVerificationReport.validPayload = false;
            valuesSignatureVerificationReport.exceptions.add(e);
            return valuesSignatureVerificationReport;
        }
    }

    public HandleClaimsSet getHandleClaimsSet(JsonWebSignature jsonWebSignature) {
        try {
            return (HandleClaimsSet) GsonUtility.getGson().fromJson(jsonWebSignature.getPayloadAsString(), HandleClaimsSet.class);
        } catch (Exception e) {
            return null;
        }
    }

    public void verifyHandleClaimsSetAndSetReportProperties(SignatureVerificationReport signatureVerificationReport, JsonWebSignature jsonWebSignature, PublicKey publicKey) {
        try {
            signatureVerificationReport.signatureVerifies = jsonWebSignature.validates(publicKey);
        } catch (Exception e) {
            signatureVerificationReport.signatureVerifies = false;
            signatureVerificationReport.exceptions.add(e);
        }
        try {
            HandleClaimsSet handleClaimsSet = (HandleClaimsSet) GsonUtility.getGson().fromJson(jsonWebSignature.getPayloadAsString(), HandleClaimsSet.class);
            signatureVerificationReport.validPayload = true;
            signatureVerificationReport.dateInRange = handleClaimsSet.isDateInRange(System.currentTimeMillis() / 1000);
        } catch (Exception e2) {
            signatureVerificationReport.validPayload = false;
            signatureVerificationReport.exceptions.add(e2);
        }
    }

    List<Integer> getBadDigestValues(List<DigestedHandleValues.DigestedHandleValue> list, List<DigestedHandleValues.DigestedHandleValue> list2) {
        ArrayList arrayList = new ArrayList();
        if (list2 == null) {
            return arrayList;
        }
        for (DigestedHandleValues.DigestedHandleValue digestedHandleValue : list) {
            Iterator<DigestedHandleValues.DigestedHandleValue> it = list2.iterator();
            while (true) {
                if (it.hasNext()) {
                    DigestedHandleValues.DigestedHandleValue next = it.next();
                    if (digestedHandleValue.index == next.index && !digestedHandleValue.digest.equals(next.digest)) {
                        arrayList.add(Integer.valueOf(digestedHandleValue.index));
                        break;
                    }
                }
            }
        }
        return arrayList;
    }

    List<Integer> getVerifiedValues(List<DigestedHandleValues.DigestedHandleValue> list, List<DigestedHandleValues.DigestedHandleValue> list2) {
        ArrayList arrayList = new ArrayList();
        if (list2 == null) {
            return arrayList;
        }
        for (DigestedHandleValues.DigestedHandleValue digestedHandleValue : list) {
            Iterator<DigestedHandleValues.DigestedHandleValue> it = list2.iterator();
            while (true) {
                if (it.hasNext()) {
                    DigestedHandleValues.DigestedHandleValue next = it.next();
                    if (digestedHandleValue.index == next.index && digestedHandleValue.digest.equals(next.digest)) {
                        arrayList.add(Integer.valueOf(digestedHandleValue.index));
                        break;
                    }
                }
            }
        }
        return arrayList;
    }

    List<Integer> getUnsignedValues(List<DigestedHandleValues.DigestedHandleValue> list, List<DigestedHandleValues.DigestedHandleValue> list2) {
        ArrayList arrayList = new ArrayList();
        if (list2 == null) {
            Iterator<DigestedHandleValues.DigestedHandleValue> it = list.iterator();
            while (it.hasNext()) {
                arrayList.add(Integer.valueOf(it.next().index));
            }
            return arrayList;
        }
        for (DigestedHandleValues.DigestedHandleValue digestedHandleValue : list) {
            boolean z = false;
            Iterator<DigestedHandleValues.DigestedHandleValue> it2 = list2.iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                if (digestedHandleValue.index == it2.next().index) {
                    z = true;
                    break;
                }
            }
            if (!z) {
                arrayList.add(Integer.valueOf(digestedHandleValue.index));
            }
        }
        return arrayList;
    }

    List<Integer> getMissingValues(List<DigestedHandleValues.DigestedHandleValue> list, List<DigestedHandleValues.DigestedHandleValue> list2) {
        ArrayList arrayList = new ArrayList();
        if (list2 == null) {
            return arrayList;
        }
        for (DigestedHandleValues.DigestedHandleValue digestedHandleValue : list2) {
            boolean z = false;
            Iterator<DigestedHandleValues.DigestedHandleValue> it = list.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (it.next().index == digestedHandleValue.index) {
                    z = true;
                    break;
                }
            }
            if (!z) {
                arrayList.add(Integer.valueOf(digestedHandleValue.index));
            }
        }
        return arrayList;
    }

    public void verifyIssuedSignatureIsValid(IssuedSignature issuedSignature, SignatureVerificationReport signatureVerificationReport) {
        verifyHandleClaimsSetAndSetReportProperties(signatureVerificationReport, issuedSignature.jws, issuedSignature.issuerPublicKey);
    }

    public boolean verifyPermissionsAreAuthorizedOverHandle(String str, List<Permission> list) {
        if (list == null || list.isEmpty()) {
            return false;
        }
        for (Permission permission : list) {
            if (Permission.EVERYTHING.equals(permission.perm)) {
                return true;
            }
            if (Permission.THIS_HANDLE.equals(permission.perm)) {
                if (Util.equalsPrefixCI(str, permission.handle) || Util.isHandleUnderPrefix(str, permission.handle)) {
                    return true;
                }
            } else if (Permission.DERIVED_PREFIXES.equals(permission.perm)) {
                if (Util.isDerivedFrom(str, permission.handle) || Util.isDerivedFrom(Util.getZeroNAHandle(str), permission.handle)) {
                    return true;
                }
            } else if (Permission.HANDLES_UNDER_THIS_PREFIX.equals(permission.perm) && Util.isHandleUnderPrefix(str, permission.handle)) {
                return true;
            }
        }
        return false;
    }

    public void verifyIssuedSignatureIsAuthorizedOverHandle(String str, IssuedSignature issuedSignature, IssuedSignatureVerificationReport issuedSignatureVerificationReport) {
        issuedSignatureVerificationReport.authorized = Boolean.valueOf(verifyPermissionsAreAuthorizedOverHandle(str, issuedSignature.issuerPermissions));
    }

    public IssuedSignatureVerificationReport verifyIssuedSignature(String str, IssuedSignature issuedSignature) {
        IssuedSignatureVerificationReport issuedSignatureVerificationReport = new IssuedSignatureVerificationReport();
        HandleClaimsSet handleClaimsSet = getHandleClaimsSet(issuedSignature.jws);
        issuedSignatureVerificationReport.iss = handleClaimsSet.iss;
        issuedSignatureVerificationReport.sub = handleClaimsSet.sub;
        verifyIssuedSignatureIsValid(issuedSignature, issuedSignatureVerificationReport);
        if (str != null) {
            verifyIssuedSignatureIsAuthorizedOverHandle(str, issuedSignature, issuedSignatureVerificationReport);
        }
        return issuedSignatureVerificationReport;
    }
}
