package com.sun.identity.log.secure;

import com.sun.identity.log.LogConstants;
import com.sun.identity.log.LogManagerUtil;
import com.sun.identity.log.LogReader;
import com.sun.identity.log.Logger;
import com.sun.identity.log.handlers.SecureFileHandler;
import com.sun.identity.log.spi.CMSAuthorizer;
import com.sun.identity.log.spi.Debug;
import com.sun.identity.log.spi.IVerifierOutput;
import com.sun.identity.log.spi.Token;
import com.sun.identity.log.spi.VerifierAction;
import java.util.ArrayList;
import java.util.Timer;
import java.util.TimerTask;
import java.util.Vector;
import java.util.logging.LogManager;
import org.mozilla.jss.util.Password;

/* loaded from: input_file:115766-08/SUNWamsdk/reloc/SUNWam/lib/am_logging.jar:com/sun/identity/log/secure/LogVerifier.class */
public class LogVerifier {
    private static String PREFIX = "_secure.";
    private Timer verifyTimer;
    private IVerifierOutput result;
    private SecureLogHelper helper;
    private Password logPassword;
    private Password verPassword;
    private String name;
    private Logger logger;
    private String curMAC = null;
    private String prevSignature = null;
    private boolean verified = true;
    private LogManager manager = LogManagerUtil.getLogManager();
    private boolean verificationOn = false;

    /* loaded from: input_file:115766-08/SUNWamsdk/reloc/SUNWam/lib/am_logging.jar:com/sun/identity/log/secure/LogVerifier$VerifyTask.class */
    class VerifyTask extends TimerTask {
        private final LogVerifier this$0;

        VerifyTask(LogVerifier logVerifier) {
            this.this$0 = logVerifier;
        }

        @Override // java.util.TimerTask, java.lang.Runnable
        public void run() {
            try {
                this.this$0.verify();
            } catch (Exception e) {
                Debug.error(new StringBuffer().append(this.this$0.name).append(":Error running verifier thread").toString(), e);
            }
            this.this$0.verificationOn = false;
        }
    }

    public LogVerifier(String str, Password password, Password password2) {
        this.name = str;
        this.logPassword = password;
        this.verPassword = password2;
    }

    public boolean getVerificationFlag() {
        return this.verificationOn;
    }

    public void startLogVerifier() {
        String property = this.manager.getProperty(LogConstants.LOGVERIFY_PERIODINSECONDS);
        long parseLong = ((property == null && property.length() == 0) ? 3600L : Long.parseLong(property)) * 1000;
        if (this.verifyTimer == null) {
            this.verifyTimer = new Timer();
            this.verifyTimer.scheduleAtFixedRate(new VerifyTask(this), parseLong, parseLong);
            if (Debug.messageEnabled()) {
                Debug.message(new StringBuffer().append(this.name).append(":Verifier Thread Started").toString());
            }
        }
    }

    public void stopLogVerifier() {
        if (this.verifyTimer != null) {
            this.verifyTimer.cancel();
        }
    }

    private boolean verifyLogRecord(String[] strArr, int i) throws Exception {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i2 = 0; i2 < strArr.length - 2; i2++) {
            stringBuffer.append(strArr[i2]);
        }
        this.curMAC = new String(strArr[i]);
        this.verified = this.helper.verifyMAC(stringBuffer.toString(), SecureLogHelper.toByteArray(this.curMAC));
        return this.verified;
    }

    private boolean verifySignature(String[] strArr, int i, int i2) throws Exception {
        byte[] bArr;
        String str = new String(strArr[i]);
        byte[] byteArray = SecureLogHelper.toByteArray(this.curMAC);
        if (this.prevSignature == null || this.prevSignature.equals("")) {
            bArr = new byte[byteArray.length];
            System.arraycopy(byteArray, 0, bArr, 0, byteArray.length);
        } else {
            bArr = new byte[byteArray.length + SecureLogHelper.toByteArray(this.prevSignature).length];
            System.arraycopy(byteArray, 0, bArr, 0, byteArray.length);
            System.arraycopy(SecureLogHelper.toByteArray(this.prevSignature), 0, bArr, byteArray.length, SecureLogHelper.toByteArray(this.prevSignature).length);
        }
        if (i2 != 0) {
            this.prevSignature = str;
        }
        this.verified = this.helper.verifySignature(SecureLogHelper.toByteArray(str), bArr);
        return this.verified;
    }

    public boolean verify() throws Exception {
        Logger logger = (Logger) Logger.getLogger(this.name);
        new ArrayList();
        String[][] strArr = new String[1][1];
        new Object();
        synchronized (logger) {
            this.verificationOn = true;
            System.currentTimeMillis();
            this.helper = SecureFileHandler.getSecureLogHelper(this.name);
            ArrayList currentFileList = SecureFileHandler.getCurrentFileList(this.name);
            if (currentFileList == null) {
                Debug.error("No fileList found in handler.");
                return VerifierAction.doVerifierAction(this.name, this.verified);
            }
            Object createToken = Token.createToken(CMSAuthorizer.AUDITOR, new String(this.verPassword.getCharCopy()));
            String[][] read = LogReader.read((String) currentFileList.get(currentFileList.size() - 1), createToken);
            for (int i = 0; i < currentFileList.size() - 1; i++) {
                String[][] strArr2 = new String[1][1];
                try {
                    strArr2 = LogReader.read((String) currentFileList.get(i), createToken);
                } catch (Exception e) {
                    Debug.error(new StringBuffer().append("Error in reading File : ").append(currentFileList.get(i)).toString());
                }
                if (strArr2 == null || strArr2.length == 0) {
                    if (Debug.messageEnabled()) {
                        Debug.message(new StringBuffer().append("LogVerifier::verify::Empty return from read of ").append((String) currentFileList.get(i)).append(":").append(currentFileList.get(i)).toString());
                    }
                    this.verified = false;
                } else {
                    Vector vector = new Vector(strArr2[0].length);
                    for (int i2 = 0; i2 < strArr2[0].length; i2++) {
                        vector.add(strArr2[0][i2]);
                    }
                    int i3 = -1;
                    int i4 = -1;
                    int i5 = 0;
                    while (true) {
                        if (i5 >= vector.size()) {
                            break;
                        }
                        if (((String) vector.get(i5)).equalsIgnoreCase("Signature")) {
                            i3 = i5;
                            break;
                        }
                        i5++;
                    }
                    int i6 = 0;
                    while (true) {
                        if (i6 >= vector.size()) {
                            break;
                        }
                        if (((String) vector.get(i6)).equalsIgnoreCase(LogConstants.MAC_FIELDNAME)) {
                            i4 = i6;
                            break;
                        }
                        i6++;
                    }
                    if (i3 == -1 || i4 == -1) {
                        Debug.error("Could not locate mac and sign header");
                        return VerifierAction.doVerifierAction(this.name, this.verified);
                    }
                    int i7 = 1;
                    while (true) {
                        if (i7 >= strArr2.length) {
                            break;
                        }
                        if (Debug.messageEnabled()) {
                            Debug.message(new StringBuffer().append(this.name).append(":Start checking records ").append(strArr2.length).append(":").append(currentFileList.get(i)).toString());
                        }
                        if (strArr2[i7][i3].equals("-")) {
                            this.verified = verifyLogRecord(strArr2[i7], i4);
                            if (!this.verified) {
                                Debug.error(new StringBuffer().append("Log Record Verification Failed in file:").append((String) currentFileList.get(i)).append(" at record no. ").append(i7).toString());
                                break;
                            }
                            if (Debug.messageEnabled()) {
                                Debug.message(new StringBuffer().append(this.name).append(":Log Record Verification Succeeded in file:").append((String) currentFileList.get(i)).append("at record no.").append(i7).toString());
                            }
                            i7++;
                        } else {
                            this.verified = verifySignature(strArr2[i7], i3, (strArr2.length - 1) - i7);
                            if (!this.verified) {
                                Debug.error(new StringBuffer().append("Log Signature Verification Failed in file:").append((String) currentFileList.get(i)).append(" at record no. ").append(i7).toString());
                                break;
                            }
                            if (Debug.messageEnabled()) {
                                Debug.message(new StringBuffer().append("Log Signature Verification Succeeded in file:").append((String) currentFileList.get(i)).append("at record no.").append(i7).toString());
                            }
                            i7++;
                        }
                    }
                    if (!this.verified) {
                        break;
                    }
                }
            }
            if (read == null || read.length == 0) {
                if (Debug.messageEnabled()) {
                    Debug.message(new StringBuffer().append("LogVerifier::verify::Empty return from read of ").append((String) currentFileList.get(currentFileList.size() - 1)).append(":").append(currentFileList.get(currentFileList.size() - 1)).toString());
                }
                this.verified = false;
            } else {
                Vector vector2 = new Vector(read[0].length);
                for (int i8 = 0; i8 < read[0].length; i8++) {
                    vector2.add(read[0][i8]);
                }
                int i9 = -1;
                int i10 = -1;
                int i11 = 0;
                while (true) {
                    if (i11 >= vector2.size()) {
                        break;
                    }
                    if (((String) vector2.get(i11)).equalsIgnoreCase("Signature")) {
                        i9 = i11;
                        break;
                    }
                    i11++;
                }
                int i12 = 0;
                while (true) {
                    if (i12 >= vector2.size()) {
                        break;
                    }
                    if (((String) vector2.get(i12)).equalsIgnoreCase(LogConstants.MAC_FIELDNAME)) {
                        i10 = i12;
                        break;
                    }
                    i12++;
                }
                if (i9 == -1 || i10 == -1) {
                    Debug.error("Could not locate mac and sign header");
                    return VerifierAction.doVerifierAction(this.name, this.verified);
                }
                int i13 = 1;
                while (true) {
                    if (i13 >= read.length) {
                        break;
                    }
                    if (Debug.messageEnabled()) {
                        Debug.message(new StringBuffer().append(this.name).append(":Start checking records ").append(read.length).append(":").append(currentFileList.get(currentFileList.size() - 1)).toString());
                    }
                    if (read[i13][i9].equals("-")) {
                        this.verified = verifyLogRecord(read[i13], i10);
                        if (!this.verified) {
                            Debug.error(new StringBuffer().append("Log Record Verification Failed in file:").append((String) currentFileList.get(currentFileList.size() - 1)).append(" at record no. ").append(i13).toString());
                            break;
                        }
                        if (Debug.messageEnabled()) {
                            Debug.message(new StringBuffer().append(this.name).append(":Log Record Verification Succeeded in file:").append((String) currentFileList.get(currentFileList.size() - 1)).append("at record no.").append(i13).toString());
                        }
                        i13++;
                    } else {
                        this.verified = verifySignature(read[i13], i9, (read.length - 1) - i13);
                        if (!this.verified) {
                            Debug.error(new StringBuffer().append("Log Signature Verification Failed in file:").append((String) currentFileList.get(currentFileList.size() - 1)).append(" at record no. ").append(i13).toString());
                            break;
                        }
                        if (Debug.messageEnabled()) {
                            Debug.message(new StringBuffer().append("Log Signature Verification Succeeded in file:").append((String) currentFileList.get(currentFileList.size() - 1)).append("at record no.").append(i13).toString());
                        }
                        i13++;
                    }
                }
            }
            this.prevSignature = null;
            this.curMAC = null;
            String property = this.manager.getProperty(LogConstants.LOG_LOCATION);
            if (!property.endsWith("/")) {
                property = new StringBuffer().append(property).append("/").toString();
            }
            String stringBuffer = new StringBuffer().append(property).append(PREFIX).append("ver.").append(this.name).toString();
            this.helper.setLastLineforVerifier(true);
            if (this.helper.isIntrusionTrue()) {
                Debug.error(new StringBuffer().append(this.name).append(" Last Line check in Verifier failed.").append(" Possible intrusion detected").toString());
                this.verified = false;
            }
            this.helper.setLastLineforVerifier(false);
            this.helper.reinitializeVerifier(stringBuffer, this.verPassword);
            if (Debug.messageEnabled()) {
                Debug.message(new StringBuffer().append(this.name).append(":Done Verifying").toString());
            }
            return VerifierAction.doVerifierAction(this.name, this.verified);
        }
    }
}
