package com.sun.javacard.validator;

import java.io.File;
import java.io.FileInputStream;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Vector;
import java.util.jar.Manifest;

/* loaded from: input_file:com/sun/javacard/validator/ModuleJCRD.class */
public abstract class ModuleJCRD extends AttributedItem {
    protected static final String MAPPED_TO_AUTH_URI = "-Mapped-To-Auth-URI";
    protected Module module;
    protected File file;
    protected String oncardClientsCredentialAuthType;
    protected String oncardClientsCredentialAuthDuration;
    protected String applicationType;
    private String runtimeDescriptorVersion;
    protected static final String MAPPED_TO_CLIENT_URI = "-Mapped-To-Client-URI";
    protected static final String MAPPED_TO_DOMAIN_NAME = "-Mapped-To-Domain-Name";
    protected static final String MAPPED_TO_AUTH_CREDENTIAL = "-Mapped-To-Auth-Credential";
    protected static final String CLIENT_CREDENTIAL_AUTH_TYPE = "-Credential-Auth-Type";
    protected static final String CLIENT_CREDENTIAL_AUTH_DURATION = "-Credential-Auth-Duration";
    protected static final String[] CLIENT_MAPPING_ATTRIBUTES_LIST = {MAPPED_TO_CLIENT_URI, MAPPED_TO_DOMAIN_NAME, MAPPED_TO_AUTH_CREDENTIAL, CLIENT_CREDENTIAL_AUTH_TYPE, CLIENT_CREDENTIAL_AUTH_DURATION};
    protected Vector<String> oncardClientRoleList = new Vector<>();
    protected Vector<String> userRoleList = new Vector<>();
    protected Hashtable<String, Vector<String>> clientRoleMappedToClientURI = new Hashtable<>();
    protected Hashtable<String, Vector<String>> clientRoleMappedToDomainName = new Hashtable<>();
    protected Hashtable<String, Vector<String>> clientRoleMappedToAuthCredential = new Hashtable<>();
    protected Hashtable<String, String> clientRoleCredentialAuthType = new Hashtable<>();
    protected Hashtable<String, String> clientRoleCredentialAuthDuration = new Hashtable<>();
    protected Hashtable<String, Vector<String>> userRoleMappedToAuthURI = new Hashtable<>();

    public ModuleJCRD(Module module, File file) {
        this.module = module;
        this.file = file;
    }

    @Override // com.sun.javacard.validator.PackageItem
    public void initialize() {
        if (!this.file.exists()) {
            addError(ErrorKey.DoesNotExists, this.file.getAbsolutePath());
            this.proceed = false;
            return;
        }
        try {
            FileInputStream fileInputStream = new FileInputStream(this.file);
            Manifest manifest = new Manifest(fileInputStream);
            fileInputStream.close();
            this.attributes = manifest.getMainAttributes();
            for (Object obj : this.attributes.keySet().toArray()) {
                this.jcrdKeyList.add(obj.toString());
            }
            this.runtimeDescriptorVersion = getAttributeValue("Runtime-Descriptor-Version");
            if (this.runtimeDescriptorVersion == null) {
                addError(ErrorKey.MissingAttribute, "Runtime-Descriptor-Version");
            }
            this.applicationType = getAttributeValue("Application-Type");
            if (this.applicationType == null || this.applicationType.trim().length() <= 0) {
                addError(ErrorKey.MissingAttribute, "Application-Type");
            }
            this.oncardClientsCredentialAuthType = getAttributeValue("On-Card-Clients-Credential-Auth-Type", false);
            if (this.oncardClientsCredentialAuthType == null) {
                this.oncardClientsCredentialAuthType = "client-only";
            } else if (!ValidValues.isValidCredentialAuthType(this.oncardClientsCredentialAuthType)) {
                addError(ErrorKey.InvalidAttributeValue, this.oncardClientsCredentialAuthType, "On-Card-Clients-Credential-Auth-Type");
                this.oncardClientsCredentialAuthType = "client-only";
            }
            this.oncardClientsCredentialAuthDuration = getAttributeValue("On-Card-Clients-Credential-Auth-Duration", false);
            if (this.oncardClientsCredentialAuthDuration == null) {
                this.oncardClientsCredentialAuthDuration = "card-session";
            } else if (!ValidValues.isValidCredentialAuthDuration(this.oncardClientsCredentialAuthDuration)) {
                addError(ErrorKey.InvalidAttributeValue, this.oncardClientsCredentialAuthDuration, "On-Card-Clients-Credential-Auth-Duration");
                this.oncardClientsCredentialAuthDuration = "card-session";
            }
            String attributeValue = getAttributeValue("On-Card-Client-Role-List");
            if (attributeValue != null) {
                this.oncardClientRoleList = splitNames(attributeValue);
            }
            String attributeValue2 = getAttributeValue("User-Role-List");
            if (attributeValue2 != null) {
                this.userRoleList = splitNames(attributeValue2);
            }
            StringBuffer stringBuffer = new StringBuffer();
            Iterator<String> it = this.userRoleList.iterator();
            while (it.hasNext()) {
                String next = it.next();
                if (this.oncardClientRoleList.contains(next)) {
                    if (stringBuffer.length() > 0) {
                        stringBuffer.append(", ");
                    }
                    stringBuffer.append(next);
                }
            }
            if (stringBuffer.length() > 0) {
                addError(ErrorKey.DuplicateRoleNames, stringBuffer);
            }
            Iterator<String> it2 = this.oncardClientRoleList.iterator();
            while (it2.hasNext()) {
                String next2 = it2.next();
                String attributeValue3 = getAttributeValue(next2 + MAPPED_TO_CLIENT_URI);
                if (attributeValue3 != null && !isClientRoleALreadyMapped(next2)) {
                    this.clientRoleMappedToClientURI.put(next2, splitNames(attributeValue3));
                }
                String attributeValue4 = getAttributeValue(next2 + MAPPED_TO_DOMAIN_NAME);
                if (attributeValue4 != null && !isClientRoleALreadyMapped(next2)) {
                    this.clientRoleMappedToDomainName.put(next2, splitNames(attributeValue4));
                }
                String attributeValue5 = getAttributeValue(next2 + MAPPED_TO_AUTH_CREDENTIAL);
                if (attributeValue5 != null && !isClientRoleALreadyMapped(next2)) {
                    this.clientRoleMappedToAuthCredential.put(next2, splitNames(attributeValue5));
                }
                String attributeValue6 = getAttributeValue(next2 + CLIENT_CREDENTIAL_AUTH_TYPE);
                if (attributeValue6 == null) {
                    this.clientRoleCredentialAuthType.put(next2, this.oncardClientsCredentialAuthType);
                } else {
                    this.clientRoleCredentialAuthType.put(next2, attributeValue6);
                }
                String attributeValue7 = getAttributeValue(next2 + CLIENT_CREDENTIAL_AUTH_DURATION);
                if (attributeValue7 == null) {
                    this.clientRoleCredentialAuthDuration.put(next2, this.oncardClientsCredentialAuthDuration);
                } else {
                    this.clientRoleCredentialAuthDuration.put(next2, attributeValue7);
                }
            }
            Iterator<String> it3 = this.userRoleList.iterator();
            while (it3.hasNext()) {
                String next3 = it3.next();
                String attributeValue8 = getAttributeValue(next3 + MAPPED_TO_AUTH_URI);
                if (attributeValue8 != null) {
                    this.userRoleMappedToAuthURI.put(next3, splitNames(attributeValue8));
                }
            }
        } catch (Exception e) {
            addError(ErrorKey.UnableToParseManifestFile, new Object[0]);
            this.proceed = false;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:66:0x0260 A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:77:0x011b A[SYNTHETIC] */
    @Override // com.sun.javacard.validator.PackageItem
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void processInternal() {
        /*
            Method dump skipped, instructions count: 659
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.javacard.validator.ModuleJCRD.processInternal():void");
    }

    void verifyUserRolesMapping() {
        Iterator<String> it = this.userRoleList.iterator();
        while (it.hasNext()) {
            String next = it.next();
            Vector<String> vector = this.userRoleMappedToAuthURI.get(next);
            if (vector == null) {
                addError(ErrorKey.UserRoleNotMappedToAuthURI, next);
            } else {
                Iterator<String> it2 = vector.iterator();
                while (it2.hasNext()) {
                    validateAuthenticatorURI(it2.next(), next);
                }
            }
        }
    }

    boolean isClientRoleALreadyMapped(String str) {
        if (this.clientRoleMappedToClientURI.containsKey(str) || this.clientRoleMappedToDomainName.containsKey(str) || this.clientRoleMappedToAuthCredential.containsKey(str)) {
            addError(ErrorKey.ClientRoleMappedMoreThanOnce, str);
            return true;
        }
        if (!this.clientRoleMappedToDomainName.containsKey(str)) {
            return false;
        }
        addError(ErrorKey.ClientRoleMappedMoreThanOnce, str);
        return true;
    }

    void verifyClientRolesMapping() {
        Iterator<String> it = this.oncardClientRoleList.iterator();
        while (it.hasNext()) {
            String next = it.next();
            if (!this.jcrdKeyList.contains(next + MAPPED_TO_CLIENT_URI) && !this.jcrdKeyList.contains(next + MAPPED_TO_DOMAIN_NAME) && !this.jcrdKeyList.contains(next + MAPPED_TO_AUTH_CREDENTIAL)) {
                addError(ErrorKey.ClientNotMappedtoAnyAttributes, next);
            }
        }
    }

    void validateAuthenticatorURI(String str, String str2) {
        int length;
        if (str.startsWith("sio:///standard/auth/holder/global/")) {
            length = "sio:///standard/auth/holder/global/".length();
        } else if (str.startsWith("sio:///standard/auth/holder/session/")) {
            length = "sio:///standard/auth/holder/session/".length();
        } else {
            if (!str.startsWith("sio:///standard/auth/user/session/")) {
                addError(ErrorKey.InvalidAuthURIStart, str);
                return;
            }
            length = "sio:///standard/auth/user/session/".length();
        }
        String substring = str.substring(length);
        int lastIndexOf = substring.lastIndexOf("/");
        if (lastIndexOf == -1) {
            addError(ErrorKey.InvalidAuthURIMissingScheme, str);
            return;
        }
        if (substring.substring(lastIndexOf + 1).trim().equals("")) {
            addError(ErrorKey.InvalidAuthURIMissingScheme, str);
            return;
        }
        String substring2 = substring.substring(0, lastIndexOf);
        int lastIndexOf2 = substring2.lastIndexOf("/");
        if (lastIndexOf2 > -1) {
            substring2.substring(lastIndexOf2 + 1);
        }
    }

    @Override // com.sun.javacard.validator.PackageItem
    public String getItemDisplayName() {
        return "JCRD";
    }

    public Vector<String> getOncardClientRoleList() {
        return this.oncardClientRoleList;
    }

    public Vector<String> getUserRoleList() {
        return this.userRoleList;
    }

    public Hashtable<String, Vector<String>> getUserRoleAuthURIMappings() {
        return this.userRoleMappedToAuthURI;
    }
}
