package org.owasp.esapi.reference;

import com.resolution.atlasplugins.samlsso.Defaults;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import org.owasp.esapi.ESAPI;
import org.owasp.esapi.Logger;
import org.owasp.esapi.SecurityConfiguration;
import org.owasp.esapi.errors.ConfigurationException;

/* loaded from: input_file:org/owasp/esapi/reference/DefaultSecurityConfiguration.class */
public class DefaultSecurityConfiguration implements SecurityConfiguration {
    private static volatile SecurityConfiguration instance;
    private Properties properties;
    private String cipherXformFromESAPIProp;
    private String cipherXformCurrent;
    public static final String RESOURCE_FILE = "ESAPI.properties";
    public static final String REMEMBER_TOKEN_DURATION = "Authenticator.RememberTokenDuration";
    public static final String IDLE_TIMEOUT_DURATION = "Authenticator.IdleTimeoutDuration";
    public static final String ABSOLUTE_TIMEOUT_DURATION = "Authenticator.AbsoluteTimeoutDuration";
    public static final String ALLOWED_LOGIN_ATTEMPTS = "Authenticator.AllowedLoginAttempts";
    public static final String USERNAME_PARAMETER_NAME = "Authenticator.UsernameParameterName";
    public static final String PASSWORD_PARAMETER_NAME = "Authenticator.PasswordParameterName";
    public static final String MAX_OLD_PASSWORD_HASHES = "Authenticator.MaxOldPasswordHashes";
    public static final String ALLOW_MULTIPLE_ENCODING = "Encoder.AllowMultipleEncoding";
    public static final String ALLOW_MIXED_ENCODING = "Encoder.AllowMixedEncoding";
    public static final String CANONICALIZATION_CODECS = "Encoder.DefaultCodecList";
    public static final String DISABLE_INTRUSION_DETECTION = "IntrusionDetector.Disable";
    public static final String MASTER_KEY = "Encryptor.MasterKey";
    public static final String MASTER_SALT = "Encryptor.MasterSalt";
    public static final String KEY_LENGTH = "Encryptor.EncryptionKeyLength";
    public static final String ENCRYPTION_ALGORITHM = "Encryptor.EncryptionAlgorithm";
    public static final String HASH_ALGORITHM = "Encryptor.HashAlgorithm";
    public static final String HASH_ITERATIONS = "Encryptor.HashIterations";
    public static final String CHARACTER_ENCODING = "Encryptor.CharacterEncoding";
    public static final String RANDOM_ALGORITHM = "Encryptor.RandomAlgorithm";
    public static final String DIGITAL_SIGNATURE_ALGORITHM = "Encryptor.DigitalSignatureAlgorithm";
    public static final String DIGITAL_SIGNATURE_KEY_LENGTH = "Encryptor.DigitalSignatureKeyLength";
    public static final String PREFERRED_JCE_PROVIDER = "Encryptor.PreferredJCEProvider";
    public static final String CIPHER_TRANSFORMATION_IMPLEMENTATION = "Encryptor.CipherTransformation";
    public static final String CIPHERTEXT_USE_MAC = "Encryptor.CipherText.useMAC";
    public static final String PLAINTEXT_OVERWRITE = "Encryptor.PlainText.overwrite";
    public static final String IV_TYPE = "Encryptor.ChooseIVMethod";
    public static final String FIXED_IV = "Encryptor.fixedIV";
    public static final String COMBINED_CIPHER_MODES = "Encryptor.cipher_modes.combined_modes";
    public static final String ADDITIONAL_ALLOWED_CIPHER_MODES = "Encryptor.cipher_modes.additional_allowed";
    public static final String KDF_PRF_ALG = "Encryptor.KDF.PRF";
    public static final String PRINT_PROPERTIES_WHEN_LOADED = "ESAPI.printProperties";
    public static final String WORKING_DIRECTORY = "Executor.WorkingDirectory";
    public static final String APPROVED_EXECUTABLES = "Executor.ApprovedExecutables";
    public static final String FORCE_HTTPONLYSESSION = "HttpUtilities.ForceHttpOnlySession";
    public static final String FORCE_SECURESESSION = "HttpUtilities.SecureSession";
    public static final String FORCE_HTTPONLYCOOKIES = "HttpUtilities.ForceHttpOnlyCookies";
    public static final String FORCE_SECURECOOKIES = "HttpUtilities.ForceSecureCookies";
    public static final String MAX_HTTP_HEADER_SIZE = "HttpUtilities.MaxHeaderSize";
    public static final String UPLOAD_DIRECTORY = "HttpUtilities.UploadDir";
    public static final String UPLOAD_TEMP_DIRECTORY = "HttpUtilities.UploadTempDir";
    public static final String APPROVED_UPLOAD_EXTENSIONS = "HttpUtilities.ApprovedUploadExtensions";
    public static final String MAX_UPLOAD_FILE_BYTES = "HttpUtilities.MaxUploadFileBytes";
    public static final String RESPONSE_CONTENT_TYPE = "HttpUtilities.ResponseContentType";
    public static final String HTTP_SESSION_ID_NAME = "HttpUtilities.HttpSessionIdName";
    public static final String APPLICATION_NAME = "Logger.ApplicationName";
    public static final String LOG_LEVEL = "Logger.LogLevel";
    public static final String LOG_FILE_NAME = "Logger.LogFileName";
    public static final String MAX_LOG_FILE_SIZE = "Logger.MaxLogFileSize";
    public static final String LOG_ENCODING_REQUIRED = "Logger.LogEncodingRequired";
    public static final String LOG_APPLICATION_NAME = "Logger.LogApplicationName";
    public static final String LOG_SERVER_IP = "Logger.LogServerIP";
    public static final String VALIDATION_PROPERTIES = "Validator.ConfigurationFile";
    public static final String ACCEPT_LENIENT_DATES = "Validator.AcceptLenientDates";
    public static final int DEFAULT_MAX_LOG_FILE_SIZE = 10000000;
    protected final int MAX_REDIRECT_LOCATION = 1000;
    protected final int MAX_FILE_NAME_LENGTH = 1000;
    public static final String LOG_IMPLEMENTATION = "ESAPI.Logger";
    public static final String AUTHENTICATION_IMPLEMENTATION = "ESAPI.Authenticator";
    public static final String ENCODER_IMPLEMENTATION = "ESAPI.Encoder";
    public static final String ACCESS_CONTROL_IMPLEMENTATION = "ESAPI.AccessControl";
    public static final String ENCRYPTION_IMPLEMENTATION = "ESAPI.Encryptor";
    public static final String INTRUSION_DETECTION_IMPLEMENTATION = "ESAPI.IntrusionDetector";
    public static final String RANDOMIZER_IMPLEMENTATION = "ESAPI.Randomizer";
    public static final String EXECUTOR_IMPLEMENTATION = "ESAPI.Executor";
    public static final String VALIDATOR_IMPLEMENTATION = "ESAPI.Validator";
    public static final String HTTP_UTILITIES_IMPLEMENTATION = "ESAPI.HTTPUtilities";
    public static final String DEFAULT_LOG_IMPLEMENTATION = "org.owasp.esapi.reference.JavaLogFactory";
    public static final String DEFAULT_AUTHENTICATION_IMPLEMENTATION = "org.owasp.esapi.reference.FileBasedAuthenticator";
    public static final String DEFAULT_ENCODER_IMPLEMENTATION = "org.owasp.esapi.reference.DefaultEncoder";
    public static final String DEFAULT_ACCESS_CONTROL_IMPLEMENTATION = "org.owasp.esapi.reference.accesscontrol.DefaultAccessController";
    public static final String DEFAULT_ENCRYPTION_IMPLEMENTATION = "org.owasp.esapi.reference.crypto.JavaEncryptor";
    public static final String DEFAULT_INTRUSION_DETECTION_IMPLEMENTATION = "org.owasp.esapi.reference.DefaultIntrusionDetector";
    public static final String DEFAULT_RANDOMIZER_IMPLEMENTATION = "org.owasp.esapi.reference.DefaultRandomizer";
    public static final String DEFAULT_EXECUTOR_IMPLEMENTATION = "org.owasp.esapi.reference.DefaultExecutor";
    public static final String DEFAULT_HTTP_UTILITIES_IMPLEMENTATION = "org.owasp.esapi.reference.DefaultHTTPUtilities";
    public static final String DEFAULT_VALIDATOR_IMPLEMENTATION = "org.owasp.esapi.reference.DefaultValidator";
    private static final Map<String, Pattern> patternCache;
    private static final String userHome;
    private static String customDirectory;
    private String resourceDirectory;
    static final /* synthetic */ boolean $assertionsDisabled;

    public static SecurityConfiguration getInstance() {
        if (instance == null) {
            synchronized (DefaultSecurityConfiguration.class) {
                if (instance == null) {
                    instance = new DefaultSecurityConfiguration();
                }
            }
        }
        return instance;
    }

    public DefaultSecurityConfiguration() {
        this.properties = null;
        this.cipherXformFromESAPIProp = null;
        this.cipherXformCurrent = null;
        this.MAX_REDIRECT_LOCATION = Logger.FATAL;
        this.MAX_FILE_NAME_LENGTH = Logger.FATAL;
        this.resourceDirectory = ".esapi";
        try {
            loadConfiguration();
            setCipherXProperties();
        } catch (IOException e) {
            logSpecial("Failed to load security configuration", e);
            throw new ConfigurationException("Failed to load security configuration", e);
        }
    }

    public DefaultSecurityConfiguration(Properties properties) {
        this.properties = null;
        this.cipherXformFromESAPIProp = null;
        this.cipherXformCurrent = null;
        this.MAX_REDIRECT_LOCATION = Logger.FATAL;
        this.MAX_FILE_NAME_LENGTH = Logger.FATAL;
        this.resourceDirectory = ".esapi";
        this.properties = properties;
        setCipherXProperties();
    }

    private void setCipherXProperties() {
        this.cipherXformFromESAPIProp = getESAPIProperty(CIPHER_TRANSFORMATION_IMPLEMENTATION, "AES/CBC/PKCS5Padding");
        this.cipherXformCurrent = this.cipherXformFromESAPIProp;
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getApplicationName() {
        return getESAPIProperty(APPLICATION_NAME, "DefaultName");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getLogImplementation() {
        return getESAPIProperty(LOG_IMPLEMENTATION, DEFAULT_LOG_IMPLEMENTATION);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getAuthenticationImplementation() {
        return getESAPIProperty(AUTHENTICATION_IMPLEMENTATION, DEFAULT_AUTHENTICATION_IMPLEMENTATION);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getEncoderImplementation() {
        return getESAPIProperty(ENCODER_IMPLEMENTATION, DEFAULT_ENCODER_IMPLEMENTATION);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getAccessControlImplementation() {
        return getESAPIProperty(ACCESS_CONTROL_IMPLEMENTATION, DEFAULT_ACCESS_CONTROL_IMPLEMENTATION);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getEncryptionImplementation() {
        return getESAPIProperty(ENCRYPTION_IMPLEMENTATION, DEFAULT_ENCRYPTION_IMPLEMENTATION);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getIntrusionDetectionImplementation() {
        return getESAPIProperty(INTRUSION_DETECTION_IMPLEMENTATION, DEFAULT_INTRUSION_DETECTION_IMPLEMENTATION);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getRandomizerImplementation() {
        return getESAPIProperty(RANDOMIZER_IMPLEMENTATION, DEFAULT_RANDOMIZER_IMPLEMENTATION);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getExecutorImplementation() {
        return getESAPIProperty(EXECUTOR_IMPLEMENTATION, DEFAULT_EXECUTOR_IMPLEMENTATION);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getHTTPUtilitiesImplementation() {
        return getESAPIProperty(HTTP_UTILITIES_IMPLEMENTATION, DEFAULT_HTTP_UTILITIES_IMPLEMENTATION);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getValidationImplementation() {
        return getESAPIProperty(VALIDATOR_IMPLEMENTATION, DEFAULT_VALIDATOR_IMPLEMENTATION);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public byte[] getMasterKey() {
        byte[] eSAPIPropertyEncoded = getESAPIPropertyEncoded(MASTER_KEY, null);
        if (eSAPIPropertyEncoded == null || eSAPIPropertyEncoded.length == 0) {
            throw new ConfigurationException("Property 'Encryptor.MasterKey' missing or empty in ESAPI.properties file.");
        }
        return eSAPIPropertyEncoded;
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public void setResourceDirectory(String str) {
        this.resourceDirectory = str;
        logSpecial("Reset resource directory to: " + str, null);
        try {
            loadConfiguration();
        } catch (IOException e) {
            logSpecial("Failed to load security configuration from " + str, e);
        }
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getEncryptionKeyLength() {
        return getESAPIProperty(KEY_LENGTH, 128);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public byte[] getMasterSalt() {
        byte[] eSAPIPropertyEncoded = getESAPIPropertyEncoded(MASTER_SALT, null);
        if (eSAPIPropertyEncoded == null || eSAPIPropertyEncoded.length == 0) {
            throw new ConfigurationException("Property 'Encryptor.MasterSalt' missing or empty in ESAPI.properties file.");
        }
        return eSAPIPropertyEncoded;
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public List<String> getAllowedExecutables() {
        return Arrays.asList(getESAPIProperty(APPROVED_EXECUTABLES, "").split(Defaults.LIST_SEPARATOR));
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public List<String> getAllowedFileExtensions() {
        return Arrays.asList(getESAPIProperty(APPROVED_UPLOAD_EXTENSIONS, ".zip,.pdf,.tar,.gz,.xls,.properties,.txt,.xml").split(Defaults.LIST_SEPARATOR));
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getAllowedFileUploadSize() {
        return getESAPIProperty(MAX_UPLOAD_FILE_BYTES, 5000000);
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:6:0x0045
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    private java.util.Properties loadPropertiesFromStream(java.io.InputStream r5, java.lang.String r6) throws java.io.IOException {
        /*
            r4 = this;
            java.util.Properties r0 = new java.util.Properties
            r1 = r0
            r1.<init>()
            r7 = r0
            r0 = r7
            r1 = r5
            r0.load(r1)     // Catch: java.lang.Throwable -> L30
            r0 = r4
            java.lang.StringBuilder r1 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L30
            r2 = r1
            r2.<init>()     // Catch: java.lang.Throwable -> L30
            java.lang.String r2 = "Loaded '"
            java.lang.StringBuilder r1 = r1.append(r2)     // Catch: java.lang.Throwable -> L30
            r2 = r6
            java.lang.StringBuilder r1 = r1.append(r2)     // Catch: java.lang.Throwable -> L30
            java.lang.String r2 = "' properties file"
            java.lang.StringBuilder r1 = r1.append(r2)     // Catch: java.lang.Throwable -> L30
            java.lang.String r1 = r1.toString()     // Catch: java.lang.Throwable -> L30
            r2 = 0
            r0.logSpecial(r1, r2)     // Catch: java.lang.Throwable -> L30
            r0 = jsr -> L38
        L2d:
            goto L49
        L30:
            r8 = move-exception
            r0 = jsr -> L38
        L35:
            r1 = r8
            throw r1
        L38:
            r9 = r0
            r0 = r5
            if (r0 == 0) goto L47
            r0 = r5
            r0.close()     // Catch: java.lang.Exception -> L45
            goto L47
        L45:
            r10 = move-exception
        L47:
            ret r9
        L49:
            r1 = r7
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: org.owasp.esapi.reference.DefaultSecurityConfiguration.loadPropertiesFromStream(java.io.InputStream, java.lang.String):java.util.Properties");
    }

    protected void loadConfiguration() throws IOException {
        try {
            logSpecial("Attempting to load ESAPI.properties via file I/O.");
            this.properties = loadPropertiesFromStream(getResourceStream(RESOURCE_FILE), RESOURCE_FILE);
        } catch (Exception e) {
            logSpecial("Loading ESAPI.properties via file I/O failed. Exception was: " + e);
            logSpecial("Attempting to load ESAPI.properties via the classpath.");
            try {
                this.properties = loadConfigurationFromClasspath(RESOURCE_FILE);
            } catch (Exception e2) {
                logSpecial("ESAPI.properties could not be loaded by any means. Fail.", e2);
                throw new ConfigurationException("ESAPI.properties could not be loaded by any means. Fail.", e2);
            }
        }
        if (this.properties != null) {
            String eSAPIProperty = getESAPIProperty(VALIDATION_PROPERTIES, "validation.properties");
            Properties properties = null;
            patternCache.clear();
            try {
                logSpecial("Attempting to load " + eSAPIProperty + " via file I/O.");
                properties = loadPropertiesFromStream(getResourceStream(eSAPIProperty), eSAPIProperty);
            } catch (Exception e3) {
                logSpecial("Loading " + eSAPIProperty + " via file I/O failed.");
                logSpecial("Attempting to load " + eSAPIProperty + " via the classpath.");
                try {
                    properties = loadConfigurationFromClasspath(eSAPIProperty);
                } catch (Exception e4) {
                    logSpecial(eSAPIProperty + " could not be loaded by any means. fail.", e4);
                }
            }
            if (properties != null) {
                for (String str : properties.keySet()) {
                    this.properties.put(str, properties.getProperty(str));
                }
            }
            if (shouldPrintProperties()) {
            }
        }
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public InputStream getResourceStream(String str) throws IOException {
        if (str == null) {
            return null;
        }
        try {
            File resourceFile = getResourceFile(str);
            if (resourceFile != null && resourceFile.exists()) {
                return new FileInputStream(resourceFile);
            }
        } catch (Exception e) {
        }
        throw new FileNotFoundException();
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public File getResourceFile(String str) {
        logSpecial("Attempting to load " + str + " as resource file via file I/O.");
        if (str == null) {
            logSpecial("Failed to load properties via FileIO. Filename is null.");
            return null;
        }
        File file = new File(customDirectory, str);
        if (customDirectory != null && file.canRead()) {
            logSpecial("Found in 'org.owasp.esapi.resources' directory: " + file.getAbsolutePath());
            return file;
        }
        logSpecial("Not found in 'org.owasp.esapi.resources' directory or file not readable: " + file.getAbsolutePath());
        URL systemResource = ClassLoader.getSystemResource(this.resourceDirectory + Defaults.DEFAULT_REDIRECT_URL + str);
        if (systemResource == null) {
            systemResource = ClassLoader.getSystemResource("esapi/" + str);
        }
        if (systemResource != null) {
            File file2 = new File(systemResource.getFile());
            if (file2.exists()) {
                logSpecial("Found in SystemResource Directory/resourceDirectory: " + file2.getAbsolutePath());
                return file2;
            }
            logSpecial("Not found in SystemResource Directory/resourceDirectory (this should never happen): " + file2.getAbsolutePath());
        } else {
            logSpecial("Not found in SystemResource Directory/resourceDirectory: " + this.resourceDirectory + File.separator + str);
        }
        String str2 = userHome;
        if (str2 == null) {
            str2 = "";
        }
        File file3 = new File(str2 + "/.esapi", str);
        if (file3.canRead()) {
            logSpecial("[Compatibility] Found in 'user.home' directory: " + file3.getAbsolutePath());
            return file3;
        }
        File file4 = new File(str2 + "/esapi", str);
        if (file4.canRead()) {
            logSpecial("Found in 'user.home' directory: " + file4.getAbsolutePath());
            return file4;
        }
        logSpecial("Not found in 'user.home' (" + str2 + ") directory: " + file4.getAbsolutePath());
        return null;
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:25:0x016d
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    private java.util.Properties loadConfigurationFromClasspath(java.lang.String r6) throws java.lang.IllegalArgumentException {
        /*
            Method dump skipped, instructions count: 391
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.owasp.esapi.reference.DefaultSecurityConfiguration.loadConfigurationFromClasspath(java.lang.String):java.util.Properties");
    }

    private void logSpecial(String str, Throwable th) {
        StringBuffer stringBuffer = new StringBuffer(str);
        if (th != null) {
            stringBuffer.append(" Exception was: ").append(th.toString());
        }
        System.out.println(stringBuffer.toString());
    }

    private void logSpecial(String str) {
        System.out.println(str);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getPasswordParameterName() {
        return getESAPIProperty(PASSWORD_PARAMETER_NAME, "password");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getUsernameParameterName() {
        return getESAPIProperty(USERNAME_PARAMETER_NAME, "username");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getEncryptionAlgorithm() {
        return getESAPIProperty(ENCRYPTION_ALGORITHM, "AES");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getCipherTransformation() {
        if ($assertionsDisabled || this.cipherXformCurrent != null) {
            return this.cipherXformCurrent;
        }
        throw new AssertionError("Current cipher transformation is null");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String setCipherTransformation(String str) {
        String cipherTransformation = getCipherTransformation();
        if (str == null) {
            this.cipherXformCurrent = this.cipherXformFromESAPIProp;
        } else {
            if (!$assertionsDisabled && str.trim().equals("")) {
                throw new AssertionError("Cipher transformation cannot be just white space or empty string");
            }
            this.cipherXformCurrent = str;
        }
        return cipherTransformation;
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public boolean useMACforCipherText() {
        return getESAPIProperty(CIPHERTEXT_USE_MAC, true);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public boolean overwritePlainText() {
        return getESAPIProperty(PLAINTEXT_OVERWRITE, true);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getIVType() {
        String eSAPIProperty = getESAPIProperty(IV_TYPE, "random");
        if (eSAPIProperty.equalsIgnoreCase("fixed") || eSAPIProperty.equalsIgnoreCase("random")) {
            return eSAPIProperty;
        }
        if (eSAPIProperty.equalsIgnoreCase("specified")) {
            throw new ConfigurationException("'Encryptor.ChooseIVMethod=specified' is not yet implemented. Use 'fixed' or 'random'");
        }
        throw new ConfigurationException(eSAPIProperty + " is illegal value for " + IV_TYPE + ". Use 'random' (preferred) or 'fixed'.");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getFixedIV() {
        if (!getIVType().equalsIgnoreCase("fixed")) {
            throw new ConfigurationException("IV type not 'fixed' (set to '" + getIVType() + "'), so no fixed IV applicable.");
        }
        String eSAPIProperty = getESAPIProperty(FIXED_IV, "");
        if (eSAPIProperty == null || eSAPIProperty.trim().equals("")) {
            throw new ConfigurationException("Fixed IV requires property Encryptor.fixedIV to be set, but it is not.");
        }
        return eSAPIProperty;
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getHashAlgorithm() {
        return getESAPIProperty(HASH_ALGORITHM, "SHA-512");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getHashIterations() {
        return getESAPIProperty(HASH_ITERATIONS, 1024);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getKDFPseudoRandomFunction() {
        return getESAPIProperty(KDF_PRF_ALG, "HmacSHA256");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getCharacterEncoding() {
        return getESAPIProperty(CHARACTER_ENCODING, "UTF-8");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public boolean getAllowMultipleEncoding() {
        return getESAPIProperty(ALLOW_MULTIPLE_ENCODING, false);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public boolean getAllowMixedEncoding() {
        return getESAPIProperty(ALLOW_MIXED_ENCODING, false);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public List<String> getDefaultCanonicalizationCodecs() {
        ArrayList arrayList = new ArrayList();
        arrayList.add("org.owasp.esapi.codecs.HTMLEntityCodec");
        arrayList.add("org.owasp.esapi.codecs.PercentCodec");
        arrayList.add("org.owasp.esapi.codecs.JavaScriptCodec");
        return getESAPIProperty(CANONICALIZATION_CODECS, arrayList);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getDigitalSignatureAlgorithm() {
        return getESAPIProperty(DIGITAL_SIGNATURE_ALGORITHM, "SHAwithDSA");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getDigitalSignatureKeyLength() {
        return getESAPIProperty(DIGITAL_SIGNATURE_KEY_LENGTH, 1024);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getRandomAlgorithm() {
        return getESAPIProperty(RANDOM_ALGORITHM, "SHA1PRNG");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getAllowedLoginAttempts() {
        return getESAPIProperty(ALLOWED_LOGIN_ATTEMPTS, 5);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getMaxOldPasswordHashes() {
        return getESAPIProperty(MAX_OLD_PASSWORD_HASHES, 12);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public File getUploadDirectory() {
        return new File(getESAPIProperty(UPLOAD_DIRECTORY, "UploadDir"));
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public File getUploadTempDirectory() {
        return new File(getESAPIProperty(UPLOAD_TEMP_DIRECTORY, System.getProperty("java.io.tmpdir", "UploadTempDir")));
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public boolean getDisableIntrusionDetection() {
        return "true".equalsIgnoreCase(this.properties.getProperty(DISABLE_INTRUSION_DETECTION));
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v19, types: [java.util.List] */
    @Override // org.owasp.esapi.SecurityConfiguration
    public SecurityConfiguration.Threshold getQuota(String str) {
        int eSAPIProperty = getESAPIProperty("IntrusionDetector." + str + ".count", 0);
        int eSAPIProperty2 = getESAPIProperty("IntrusionDetector." + str + ".interval", 0);
        ArrayList arrayList = new ArrayList();
        String eSAPIProperty3 = getESAPIProperty("IntrusionDetector." + str + ".actions", "");
        if (eSAPIProperty3 != null) {
            arrayList = Arrays.asList(eSAPIProperty3.split(Defaults.LIST_SEPARATOR));
        }
        if (eSAPIProperty <= 0 || eSAPIProperty2 <= 0 || arrayList.size() <= 0) {
            return null;
        }
        return new SecurityConfiguration.Threshold(str, eSAPIProperty, eSAPIProperty2, arrayList);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getLogLevel() {
        String eSAPIProperty = getESAPIProperty(LOG_LEVEL, "WARNING");
        if (eSAPIProperty.equalsIgnoreCase("OFF")) {
            return Logger.OFF;
        }
        if (eSAPIProperty.equalsIgnoreCase("FATAL")) {
            return Logger.FATAL;
        }
        if (eSAPIProperty.equalsIgnoreCase("ERROR")) {
            return Logger.ERROR;
        }
        if (eSAPIProperty.equalsIgnoreCase("WARNING")) {
            return Logger.WARNING;
        }
        if (eSAPIProperty.equalsIgnoreCase("INFO")) {
            return Logger.INFO;
        }
        if (eSAPIProperty.equalsIgnoreCase("DEBUG")) {
            return 200;
        }
        if (eSAPIProperty.equalsIgnoreCase("TRACE")) {
            return 100;
        }
        if (eSAPIProperty.equalsIgnoreCase("ALL")) {
            return Integer.MIN_VALUE;
        }
        logSpecial("The LOG-LEVEL property in the ESAPI properties file has the unrecognized value: " + eSAPIProperty + ". Using default: WARNING", null);
        return Logger.WARNING;
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getLogFileName() {
        return getESAPIProperty(LOG_FILE_NAME, "ESAPI_logging_file");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getMaxLogFileSize() {
        return getESAPIProperty(MAX_LOG_FILE_SIZE, DEFAULT_MAX_LOG_FILE_SIZE);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public boolean getLogEncodingRequired() {
        return getESAPIProperty(LOG_ENCODING_REQUIRED, false);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public boolean getLogApplicationName() {
        return getESAPIProperty(LOG_APPLICATION_NAME, true);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public boolean getLogServerIP() {
        return getESAPIProperty(LOG_SERVER_IP, true);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public boolean getForceHttpOnlySession() {
        return getESAPIProperty(FORCE_HTTPONLYSESSION, true);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public boolean getForceSecureSession() {
        return getESAPIProperty(FORCE_SECURESESSION, true);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public boolean getForceHttpOnlyCookies() {
        return getESAPIProperty(FORCE_HTTPONLYCOOKIES, true);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public boolean getForceSecureCookies() {
        return getESAPIProperty(FORCE_SECURECOOKIES, true);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getMaxHttpHeaderSize() {
        return getESAPIProperty(MAX_HTTP_HEADER_SIZE, 4096);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getResponseContentType() {
        return getESAPIProperty(RESPONSE_CONTENT_TYPE, "text/html; charset=UTF-8");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getHttpSessionIdName() {
        return getESAPIProperty(HTTP_SESSION_ID_NAME, "JSESSIONID");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public long getRememberTokenDuration() {
        return 86400000 * getESAPIProperty(REMEMBER_TOKEN_DURATION, 14);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getSessionIdleTimeoutLength() {
        return 60000 * getESAPIProperty(IDLE_TIMEOUT_DURATION, 20);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getSessionAbsoluteTimeoutLength() {
        return 60000 * getESAPIProperty(ABSOLUTE_TIMEOUT_DURATION, 20);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public Pattern getValidationPattern(String str) {
        String eSAPIProperty = getESAPIProperty("Validator." + str, "");
        Pattern pattern = patternCache.get(eSAPIProperty);
        if (pattern != null) {
            return pattern;
        }
        if (eSAPIProperty == null || eSAPIProperty.equals("")) {
            return null;
        }
        try {
            Pattern compile = Pattern.compile(eSAPIProperty);
            patternCache.put(eSAPIProperty, compile);
            return compile;
        } catch (PatternSyntaxException e) {
            logSpecial("SecurityConfiguration for " + str + " not a valid regex in ESAPI.properties. Returning null", null);
            return null;
        }
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public File getWorkingDirectory() {
        String eSAPIProperty = getESAPIProperty(WORKING_DIRECTORY, System.getProperty("user.dir"));
        if (eSAPIProperty != null) {
            return new File(eSAPIProperty);
        }
        return null;
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getPreferredJCEProvider() {
        return this.properties.getProperty(PREFERRED_JCE_PROVIDER);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public List<String> getCombinedCipherModes() {
        return getESAPIProperty(COMBINED_CIPHER_MODES, new ArrayList());
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public List<String> getAdditionalAllowedCipherModes() {
        return getESAPIProperty(ADDITIONAL_ALLOWED_CIPHER_MODES, new ArrayList());
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public boolean getLenientDatesAccepted() {
        return getESAPIProperty(ACCEPT_LENIENT_DATES, false);
    }

    protected String getESAPIProperty(String str, String str2) {
        String property = this.properties.getProperty(str);
        if (property != null) {
            return property;
        }
        logSpecial("SecurityConfiguration for " + str + " not found in ESAPI.properties. Using default: " + str2, null);
        return str2;
    }

    protected boolean getESAPIProperty(String str, boolean z) {
        String property = this.properties.getProperty(str);
        if (property == null) {
            logSpecial("SecurityConfiguration for " + str + " not found in ESAPI.properties. Using default: " + z, null);
            return z;
        }
        if (property.equalsIgnoreCase("true") || property.equalsIgnoreCase("yes")) {
            return true;
        }
        if (property.equalsIgnoreCase("false") || property.equalsIgnoreCase("no")) {
            return false;
        }
        logSpecial("SecurityConfiguration for " + str + " not either \"true\" or \"false\" in ESAPI.properties. Using default: " + z, null);
        return z;
    }

    protected byte[] getESAPIPropertyEncoded(String str, byte[] bArr) {
        String property = this.properties.getProperty(str);
        if (property == null) {
            logSpecial("SecurityConfiguration for " + str + " not found in ESAPI.properties. Using default: " + bArr, null);
            return bArr;
        }
        try {
            return ESAPI.encoder().decodeFromBase64(property);
        } catch (IOException e) {
            logSpecial("SecurityConfiguration for " + str + " not properly Base64 encoded in ESAPI.properties. Using default: " + bArr, null);
            return null;
        }
    }

    protected int getESAPIProperty(String str, int i) {
        String property = this.properties.getProperty(str);
        if (property == null) {
            logSpecial("SecurityConfiguration for " + str + " not found in ESAPI.properties. Using default: " + i, null);
            return i;
        }
        try {
            return Integer.parseInt(property);
        } catch (NumberFormatException e) {
            logSpecial("SecurityConfiguration for " + str + " not an integer in ESAPI.properties. Using default: " + i, null);
            return i;
        }
    }

    protected List<String> getESAPIProperty(String str, List<String> list) {
        String property = this.properties.getProperty(str);
        if (property != null) {
            return Arrays.asList(property.split(Defaults.LIST_SEPARATOR));
        }
        logSpecial("SecurityConfiguration for " + str + " not found in ESAPI.properties. Using default: " + list, null);
        return list;
    }

    protected boolean shouldPrintProperties() {
        return getESAPIProperty(PRINT_PROPERTIES_WHEN_LOADED, false);
    }

    protected Properties getESAPIProperties() {
        return this.properties;
    }

    static {
        $assertionsDisabled = !DefaultSecurityConfiguration.class.desiredAssertionStatus();
        instance = null;
        patternCache = new HashMap();
        userHome = System.getProperty("user.home");
        customDirectory = System.getProperty("org.owasp.esapi.resources");
    }
}
