package sun.security.provider;

import com.ibm.jvm.io.LocalizedInputStream;
import com.ibm.security.auth.PrincipalComparator;
import com.ibm.security.util.PropertyExpander;
import java.io.File;
import java.io.FileInputStream;
import java.io.FilePermission;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.lang.reflect.InvocationTargetException;
import java.net.MalformedURLException;
import java.net.SocketPermission;
import java.net.URI;
import java.net.URL;
import java.security.AccessController;
import java.security.AllPermission;
import java.security.CodeSource;
import java.security.Identity;
import java.security.IdentityScope;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.security.Policy;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.ProtectionDomain;
import java.security.Security;
import java.security.UnresolvedPermission;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.ListIterator;
import java.util.PropertyPermission;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.security.auth.Subject;
import org.apache.xerces.impl.xs.SchemaSymbols;
import sun.net.www.ParseUtil;
import sun.security.provider.PolicyParser;
import sun.security.tools.ToolDialog;
import sun.security.util.Debug;
import sun.security.util.ResourcesMgr;
import sun.tools.java.RuntimeConstants;

/* loaded from: input_file:efixes/PK00114_linux_i386/components/prereq.jdk/update.jar:/java/jre/lib/security.jar:sun/security/provider/PolicyFile.class */
public class PolicyFile extends Policy {
    private static final String SELF = "${{self}}";
    private static final String X500PRINCIPAL = "javax.security.auth.x500.X500Principal";
    private static final String POLICY = "java.security.policy";
    private static final String SECURITY_MANAGER = "java.security.manager";
    private static final String POLICY_URL = "policy.url.";
    private static final String AUTH_POLICY = "java.security.auth.policy";
    private static final String AUTH_POLICY_URL = "auth.policy.url.";
    private PolicyInfo policyInfo;
    private boolean constructed = false;
    private boolean expandProperties = true;
    private boolean ignoreIdentityScope = false;
    private static final Class[] PARAMS1;
    private static final Class[] PARAMS2;
    static Class class$java$lang$String;
    static Class class$sun$security$provider$PolicyFile;
    private static final Debug debug = Debug.getInstance("policy");
    private static int instanceCount = 0;
    private static IdentityScope scope = null;
    private static final Class[] PARAMS0 = new Class[0];

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:efixes/PK00114_linux_i386/components/prereq.jdk/update.jar:/java/jre/lib/security.jar:sun/security/provider/PolicyFile$PolicyEntry.class */
    public static class PolicyEntry {
        CodeSource codesource;
        Vector permissions;
        LinkedList principals;

        PolicyEntry(CodeSource codeSource, LinkedList linkedList) {
            this.codesource = codeSource;
            this.permissions = new Vector();
            if (linkedList == null) {
                this.principals = new LinkedList();
            } else {
                this.principals = linkedList;
            }
        }

        PolicyEntry(CodeSource codeSource) {
            this(codeSource, null);
        }

        LinkedList getPrincipals() {
            return this.principals;
        }

        void add(Permission permission) {
            this.permissions.addElement(permission);
        }

        CodeSource getCodeSource() {
            return this.codesource;
        }

        public String toString() {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(ResourcesMgr.getString(RuntimeConstants.SIG_METHOD));
            stringBuffer.append(getCodeSource());
            stringBuffer.append("\n");
            for (int i = 0; i < this.permissions.size(); i++) {
                Permission permission = (Permission) this.permissions.elementAt(i);
                stringBuffer.append(ResourcesMgr.getString(" "));
                stringBuffer.append(ResourcesMgr.getString(" "));
                stringBuffer.append(permission);
                stringBuffer.append(ResourcesMgr.getString("\n"));
            }
            stringBuffer.append(ResourcesMgr.getString(RuntimeConstants.SIG_ENDMETHOD));
            stringBuffer.append(ResourcesMgr.getString("\n"));
            return stringBuffer.toString();
        }
    }

    public PolicyFile() {
        init();
    }

    private void init() {
        PolicyInfo policyInfo = new PolicyInfo();
        instanceCount++;
        initPolicyFile(policyInfo);
        instanceCount--;
        this.policyInfo = policyInfo;
    }

    private void initPolicyFile(PolicyInfo policyInfo) {
        boolean initPolicyFile = false | initPolicyFile(POLICY, POLICY_URL, policyInfo);
        if (!initPolicyFile) {
            initStaticPolicy(policyInfo);
        }
        boolean initPolicyFile2 = initPolicyFile | initPolicyFile(AUTH_POLICY, AUTH_POLICY_URL, policyInfo);
    }

    private boolean initPolicyFile(String str, String str2, PolicyInfo policyInfo) {
        return ((Boolean) AccessController.doPrivileged(new PrivilegedAction(this, str, policyInfo, str2) { // from class: sun.security.provider.PolicyFile.1
            private final String val$propname;
            private final PolicyInfo val$newInfo;
            private final String val$urlname;
            private final PolicyFile this$0;

            {
                this.this$0 = this;
                this.val$propname = str;
                this.val$newInfo = policyInfo;
                this.val$urlname = str2;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                boolean z = false;
                this.this$0.expandProperties = SchemaSymbols.ATTVAL_TRUE.equalsIgnoreCase(Security.getProperty("policy.expandProperties"));
                this.this$0.ignoreIdentityScope = SchemaSymbols.ATTVAL_TRUE.equalsIgnoreCase(Security.getProperty("policy.ignoreIdentityScope"));
                if (SchemaSymbols.ATTVAL_TRUE.equalsIgnoreCase(Security.getProperty("policy.allowSystemProperty"))) {
                    String property = System.getProperty(this.val$propname);
                    if (property != null) {
                        boolean z2 = false;
                        if (property.startsWith("=")) {
                            z2 = true;
                            property = property.substring(1);
                        }
                        try {
                            String expand = PropertyExpander.expand(property);
                            File file = new File(expand);
                            URL fileToEncodedURL = file.exists() ? ParseUtil.fileToEncodedURL(new File(file.getCanonicalPath())) : new URL(expand);
                            if (PolicyFile.debug != null) {
                                PolicyFile.debug.println(new StringBuffer().append("reading ").append(fileToEncodedURL).toString());
                            }
                            if (this.this$0.init(fileToEncodedURL, this.val$newInfo)) {
                                z = true;
                            }
                        } catch (Exception e) {
                            if (PolicyFile.debug != null) {
                                PolicyFile.debug.println(new StringBuffer().append("caught exception: ").append(e).toString());
                            }
                        }
                        if (z2) {
                            if (PolicyFile.debug != null) {
                                PolicyFile.debug.println("overriding other policies!");
                            }
                            return Boolean.valueOf(z);
                        }
                    }
                }
                int i = 1;
                while (true) {
                    String property2 = Security.getProperty(new StringBuffer().append(this.val$urlname).append(i).toString());
                    if (property2 == null) {
                        return Boolean.valueOf(z);
                    }
                    try {
                        URL url = (property2.startsWith("file:${java.home}/") || property2.startsWith("file:${user.home}/")) ? new File(PropertyExpander.expand(property2).replace(File.separatorChar, '/').substring(5)).toURI().toURL() : new URI(PropertyExpander.expand(property2, true).replace(File.separatorChar, '/')).toURL();
                        if (PolicyFile.debug != null) {
                            PolicyFile.debug.println(new StringBuffer().append("reading ").append(url).toString());
                        }
                        if (this.this$0.init(url, this.val$newInfo)) {
                            z = true;
                        }
                    } catch (Exception e2) {
                        if (PolicyFile.debug != null) {
                            PolicyFile.debug.println(new StringBuffer().append("error reading policy ").append(e2).toString());
                            e2.printStackTrace();
                        }
                    }
                    i++;
                }
            }
        })).booleanValue();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean init(URL url, PolicyInfo policyInfo) {
        InputStream inputStream;
        boolean z = false;
        PolicyParser policyParser = new PolicyParser(this.expandProperties);
        try {
            inputStream = getInputStream(url);
        } catch (PolicyParser.ParsingException e) {
            System.err.println(new MessageFormat(ResourcesMgr.getString("java.security.policy: error parsing policy:\n\tmessage")).format(new Object[]{url, e.getLocalizedMessage()}));
            if (debug != null) {
                e.printStackTrace();
            }
        } catch (Exception e2) {
            if (debug != null) {
                debug.println(new StringBuffer().append("error parsing ").append(url).toString());
                debug.println(e2.toString());
                e2.printStackTrace();
            }
        }
        if (inputStream == null) {
            return false;
        }
        InputStream localize = LocalizedInputStream.localize(inputStream);
        LocalizedInputStream.dontUnwrap(localize);
        InputStreamReader inputStreamReader = new InputStreamReader(localize, "UTF-8");
        policyParser.read(inputStreamReader);
        inputStreamReader.close();
        KeyStore initKeyStore = initKeyStore(url, policyParser.getKeyStoreUrl(), policyParser.getKeyStoreType());
        Enumeration grantElements = policyParser.grantElements();
        while (grantElements.hasMoreElements()) {
            addGrantEntry((PolicyParser.GrantEntry) grantElements.nextElement(), initKeyStore, policyInfo);
        }
        z = true;
        return z;
    }

    private void initStaticPolicy(PolicyInfo policyInfo) {
        AccessController.doPrivileged(new PrivilegedAction(this, policyInfo) { // from class: sun.security.provider.PolicyFile.2
            private final PolicyInfo val$newInfo;
            private final PolicyFile this$0;

            {
                this.this$0 = this;
                this.val$newInfo = policyInfo;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                PolicyEntry policyEntry = new PolicyEntry(new CodeSource(null, null));
                policyEntry.add(new SocketPermission("localhost:1024-", ToolDialog.SOCKET_PERM_LISTEN));
                policyEntry.add(new PropertyPermission("java.version", "read"));
                policyEntry.add(new PropertyPermission("java.vendor", "read"));
                policyEntry.add(new PropertyPermission("java.vendor.url", "read"));
                policyEntry.add(new PropertyPermission("java.class.version", "read"));
                policyEntry.add(new PropertyPermission("os.name", "read"));
                policyEntry.add(new PropertyPermission("os.version", "read"));
                policyEntry.add(new PropertyPermission("os.arch", "read"));
                policyEntry.add(new PropertyPermission("file.separator", "read"));
                policyEntry.add(new PropertyPermission("path.separator", "read"));
                policyEntry.add(new PropertyPermission("line.separator", "read"));
                policyEntry.add(new PropertyPermission("java.specification.version", "read"));
                policyEntry.add(new PropertyPermission("java.specification.vendor", "read"));
                policyEntry.add(new PropertyPermission("java.specification.name", "read"));
                policyEntry.add(new PropertyPermission("java.vm.specification.version", "read"));
                policyEntry.add(new PropertyPermission("java.vm.specification.vendor", "read"));
                policyEntry.add(new PropertyPermission("java.vm.specification.name", "read"));
                policyEntry.add(new PropertyPermission("java.vm.version", "read"));
                policyEntry.add(new PropertyPermission("java.vm.vendor", "read"));
                policyEntry.add(new PropertyPermission("java.vm.name", "read"));
                this.val$newInfo.policyEntries.addElement(policyEntry);
                try {
                    PolicyEntry policyEntry2 = new PolicyEntry(new CodeSource(ParseUtil.fileToEncodedURL(new File(PropertyExpander.expand("${java.home}/lib/ext/*"))), null));
                    policyEntry2.add(new AllPermission());
                    this.val$newInfo.policyEntries.addElement(policyEntry2);
                    return null;
                } catch (Exception e) {
                    return null;
                }
            }
        });
    }

    private KeyStore initKeyStore(URL url, String str, String str2) {
        URL url2;
        if (str == null || instanceCount >= 2) {
            return null;
        }
        try {
            try {
                url2 = new URL(str);
            } catch (MalformedURLException e) {
                url2 = new URL(url, str);
            }
            if (debug != null) {
                debug.println(new StringBuffer().append("reading keystore ").append(url2).toString());
            }
            InputStream inputStream = getInputStream(url2);
            if (inputStream == null) {
                return null;
            }
            if (str2 == null) {
                str2 = KeyStore.getDefaultType();
            }
            KeyStore keyStore = KeyStore.getInstance(str2);
            keyStore.load(inputStream, null);
            inputStream.close();
            return keyStore;
        } catch (Exception e2) {
            if (debug == null) {
                return null;
            }
            e2.printStackTrace();
            return null;
        }
    }

    private InputStream getInputStream(URL url) throws IOException {
        if (!url.getProtocol().equals("file")) {
            return url.openStream();
        }
        File file = new File(ParseUtil.decode(url.getFile().replace('/', File.separatorChar)));
        if (file.canRead()) {
            return new FileInputStream(file);
        }
        if (debug == null) {
            return null;
        }
        debug.println(new StringBuffer().append("unable to read ").append(url).toString());
        debug.println();
        return null;
    }

    CodeSource getCodeSource(PolicyParser.GrantEntry grantEntry, KeyStore keyStore, PolicyInfo policyInfo) throws MalformedURLException {
        Certificate[] certificateArr = null;
        if (grantEntry.signedBy != null && instanceCount < 2) {
            certificateArr = getCertificates(keyStore, grantEntry.signedBy, policyInfo);
            if (certificateArr == null) {
                if (debug == null) {
                    return null;
                }
                debug.println(new StringBuffer().append("  -- No certs for alias '").append(grantEntry.signedBy).append("' - ignoring entry").toString());
                return null;
            }
        }
        return canonicalizeCodebase(new CodeSource(grantEntry.codeBase != null ? new URL(grantEntry.codeBase) : null, certificateArr), false);
    }

    private void addGrantEntry(PolicyParser.GrantEntry grantEntry, KeyStore keyStore, PolicyInfo policyInfo) {
        CodeSource codeSource;
        Permission policyFile;
        if (debug != null) {
            debug.println("Adding policy entry: ");
            debug.println(new StringBuffer().append("  signedBy ").append(grantEntry.signedBy).toString());
            debug.println(new StringBuffer().append("  codeBase ").append(grantEntry.codeBase).toString());
            if (grantEntry.principals != null && grantEntry.principals.size() > 0) {
                ListIterator listIterator = grantEntry.principals.listIterator();
                while (listIterator.hasNext()) {
                    debug.println(new StringBuffer().append("  ").append(((PolicyParser.PrincipalEntry) listIterator.next()).toString()).toString());
                }
            }
        }
        try {
            codeSource = getCodeSource(grantEntry, keyStore, policyInfo);
        } catch (Exception e) {
            System.err.println(new MessageFormat(ResourcesMgr.getString("java.security.policy: error adding Entry:\n\tmessage")).format(new Object[]{e.toString()}));
        }
        if (codeSource != null && replacePrincipals(grantEntry.principals, keyStore)) {
            PolicyEntry policyEntry = new PolicyEntry(codeSource, grantEntry.principals);
            Enumeration permissionElements = grantEntry.permissionElements();
            while (permissionElements.hasMoreElements()) {
                PolicyParser.PermissionEntry permissionEntry = (PolicyParser.PermissionEntry) permissionElements.nextElement();
                try {
                    try {
                        try {
                            expandPermissionName(permissionEntry, keyStore);
                            if (permissionEntry.permission.equals(ToolDialog.PRIVCRED_PERM_CLASS) && permissionEntry.name.endsWith(" self")) {
                                permissionEntry.name = new StringBuffer().append(permissionEntry.name.substring(0, permissionEntry.name.indexOf("self"))).append(SELF).toString();
                            }
                            if (permissionEntry.name == null || permissionEntry.name.indexOf(SELF) == -1) {
                                policyFile = getInstance(permissionEntry.permission, permissionEntry.name, permissionEntry.action);
                            } else {
                                policyFile = new SelfPermission(permissionEntry.permission, permissionEntry.name, permissionEntry.action, permissionEntry.signedBy != null ? getCertificates(keyStore, permissionEntry.signedBy, policyInfo) : null);
                            }
                            policyEntry.add(policyFile);
                            if (debug != null) {
                                debug.println(new StringBuffer().append("  ").append(policyFile).toString());
                            }
                        } catch (InvocationTargetException e2) {
                            System.err.println(new MessageFormat(ResourcesMgr.getString("java.security.policy: error adding Permission, perm:\n\tmessage")).format(new Object[]{permissionEntry.permission, e2.getTargetException().toString()}));
                        }
                    } catch (Exception e3) {
                        System.err.println(new MessageFormat(ResourcesMgr.getString("java.security.policy: error adding Permission, perm:\n\tmessage")).format(new Object[]{permissionEntry.permission, e3.toString()}));
                    }
                } catch (ClassNotFoundException e4) {
                    Certificate[] certificates = permissionEntry.signedBy != null ? getCertificates(keyStore, permissionEntry.signedBy, policyInfo) : null;
                    if (certificates != null || permissionEntry.signedBy == null) {
                        UnresolvedPermission unresolvedPermission = new UnresolvedPermission(permissionEntry.permission, permissionEntry.name, permissionEntry.action, certificates);
                        policyEntry.add(unresolvedPermission);
                        if (debug != null) {
                            debug.println(new StringBuffer().append("  ").append(unresolvedPermission).toString());
                        }
                    }
                }
            }
            policyInfo.policyEntries.addElement(policyEntry);
            if (debug != null) {
                debug.println();
            }
        }
    }

    private static final Permission getInstance(String str, String str2, String str3) throws ClassNotFoundException, InstantiationException, IllegalAccessException, NoSuchMethodException, InvocationTargetException {
        Class cls = Class.forName(str);
        if (str2 == null && str3 == null) {
            try {
                return (Permission) cls.getConstructor(PARAMS0).newInstance(new Object[0]);
            } catch (NoSuchMethodException e) {
                try {
                    return (Permission) cls.getConstructor(PARAMS1).newInstance(new Object[]{str2});
                } catch (NoSuchMethodException e2) {
                    return (Permission) cls.getConstructor(PARAMS2).newInstance(new Object[]{str2, str3});
                }
            }
        }
        if (str2 == null || str3 != null) {
            return (Permission) cls.getConstructor(PARAMS2).newInstance(new Object[]{str2, str3});
        }
        try {
            return (Permission) cls.getConstructor(PARAMS1).newInstance(new Object[]{str2});
        } catch (NoSuchMethodException e3) {
            return (Permission) cls.getConstructor(PARAMS2).newInstance(new Object[]{str2, str3});
        }
    }

    Certificate[] getCertificates(KeyStore keyStore, String str, PolicyInfo policyInfo) {
        Vector vector = null;
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        int i = 0;
        while (stringTokenizer.hasMoreTokens()) {
            String trim = stringTokenizer.nextToken().trim();
            i++;
            Certificate certificate = (Certificate) policyInfo.aliasMapping.get(trim);
            if (certificate == null && keyStore != null) {
                try {
                    certificate = keyStore.getCertificate(trim);
                } catch (KeyStoreException e) {
                }
                if (certificate != null) {
                    policyInfo.aliasMapping.put(trim, certificate);
                    policyInfo.aliasMapping.put(certificate, trim);
                }
            }
            if (certificate != null) {
                if (vector == null) {
                    vector = new Vector();
                }
                vector.addElement(certificate);
            }
        }
        if (vector == null || i != vector.size()) {
            return null;
        }
        Certificate[] certificateArr = new Certificate[vector.size()];
        vector.copyInto(certificateArr);
        return certificateArr;
    }

    @Override // java.security.Policy
    public void refresh() {
        init();
    }

    @Override // java.security.Policy
    public boolean implies(ProtectionDomain protectionDomain, Permission permission) {
        PermissionCollection permissionCollection;
        PolicyInfo policyInfo = this.policyInfo;
        synchronized (policyInfo) {
            permissionCollection = (PermissionCollection) policyInfo.pdMapping.get(protectionDomain);
        }
        if (permissionCollection != null) {
            return permissionCollection.implies(permission);
        }
        PermissionCollection permissions = getPermissions(protectionDomain);
        if (permissions == null) {
            return false;
        }
        synchronized (policyInfo) {
            policyInfo.pdMapping.put(protectionDomain, permissions);
        }
        return permissions.implies(permission);
    }

    @Override // java.security.Policy
    public PermissionCollection getPermissions(ProtectionDomain protectionDomain) {
        Permissions permissions = new Permissions();
        if (protectionDomain == null) {
            return permissions;
        }
        getPermissions(permissions, protectionDomain);
        PermissionCollection permissions2 = protectionDomain.getPermissions();
        if (permissions2 != null) {
            Enumeration elements = permissions2.elements();
            while (elements.hasMoreElements()) {
                permissions.add((Permission) elements.nextElement());
            }
        }
        return permissions;
    }

    @Override // java.security.Policy
    public PermissionCollection getPermissions(CodeSource codeSource) {
        return getPermissions(new Permissions(), codeSource);
    }

    private PermissionCollection getPermissions(Permissions permissions, ProtectionDomain protectionDomain) {
        if (debug != null) {
            debug.println(new StringBuffer().append("getPermissions:\n\t").append(printPD(protectionDomain)).toString());
        }
        CodeSource codeSource = protectionDomain.getCodeSource();
        return codeSource == null ? permissions : getPermissions(permissions, (CodeSource) AccessController.doPrivileged(new PrivilegedAction(this, codeSource) { // from class: sun.security.provider.PolicyFile.3
            private final CodeSource val$cs;
            private final PolicyFile this$0;

            {
                this.this$0 = this;
                this.val$cs = codeSource;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return this.this$0.canonicalizeCodebase(this.val$cs, true);
            }
        }), protectionDomain.getPrincipals());
    }

    private PermissionCollection getPermissions(Permissions permissions, CodeSource codeSource) {
        return getPermissions(permissions, (CodeSource) AccessController.doPrivileged(new PrivilegedAction(this, codeSource) { // from class: sun.security.provider.PolicyFile.4
            private final CodeSource val$cs;
            private final PolicyFile this$0;

            {
                this.this$0 = this;
                this.val$cs = codeSource;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return this.this$0.canonicalizeCodebase(this.val$cs, true);
            }
        }), null);
    }

    private Permissions getPermissions(Permissions permissions, CodeSource codeSource, Principal[] principalArr) {
        int size;
        Certificate[] certificates;
        Object obj;
        PolicyEntry policyEntry;
        boolean implies;
        PolicyInfo policyInfo = this.policyInfo;
        synchronized (policyInfo) {
            size = policyInfo.policyEntries.size();
        }
        for (int i = 0; i < size; i++) {
            synchronized (policyInfo) {
                policyEntry = (PolicyEntry) policyInfo.policyEntries.elementAt(i);
            }
            if (debug != null) {
                debug.println(new StringBuffer().append("evaluate codesources:\n\tPolicy CodeSource: ").append(policyEntry.codesource).append("\n").append("\tActive CodeSource: ").append(codeSource).toString());
            }
            if (((Boolean) AccessController.doPrivileged(new PrivilegedAction(this, policyEntry, codeSource) { // from class: sun.security.provider.PolicyFile.5
                private final PolicyEntry val$entryCopy;
                private final CodeSource val$csCopy;
                private final PolicyFile this$0;

                {
                    this.this$0 = this;
                    this.val$entryCopy = policyEntry;
                    this.val$csCopy = codeSource;
                }

                @Override // java.security.PrivilegedAction
                public Object run() {
                    return new Boolean(this.val$entryCopy.codesource.implies(this.val$csCopy));
                }
            })).booleanValue()) {
                LinkedList principals = policyEntry.getPrincipals();
                LinkedList linkedList = new LinkedList();
                if (principalArr != null && principalArr.length != 0) {
                    for (int i2 = 0; i2 < principalArr.length; i2++) {
                        linkedList.add(new PolicyParser.PrincipalEntry(principalArr[i2].getClass().getName(), principalArr[i2].getName()));
                    }
                }
                if (debug != null) {
                    debug.println(new StringBuffer().append("evaluate principals:\n\tPolicy Principals: ").append(principals).append("\n").append("\tActive Principals: ").append(linkedList).toString());
                }
                boolean z = principals.size() == 0;
                if (principals.size() != 0 && linkedList.size() != 0) {
                    ListIterator listIterator = principals.listIterator(0);
                    while (listIterator.hasNext()) {
                        PolicyParser.PrincipalEntry principalEntry = (PolicyParser.PrincipalEntry) listIterator.next();
                        try {
                            PrincipalComparator principalComparator = (PrincipalComparator) Class.forName(principalEntry.principalClass, true, Thread.currentThread().getContextClassLoader()).getConstructor(PARAMS1).newInstance(new Object[]{principalEntry.principalName});
                            if (debug != null) {
                                debug.println(new StringBuffer().append("found PrincipalComparator ").append(principalComparator.getClass().getName()).toString());
                            }
                            Subject subject = new Subject();
                            AccessController.doPrivileged(new PrivilegedAction(this, subject, principalArr) { // from class: sun.security.provider.PolicyFile.6
                                private final Subject val$subject;
                                private final Principal[] val$pdp;
                                private final PolicyFile this$0;

                                {
                                    this.this$0 = this;
                                    this.val$subject = subject;
                                    this.val$pdp = principalArr;
                                }

                                @Override // java.security.PrivilegedAction
                                public Object run() {
                                    Set principals2 = this.val$subject.getPrincipals();
                                    for (int i3 = 0; i3 < this.val$pdp.length; i3++) {
                                        principals2.add(this.val$pdp[i3]);
                                    }
                                    return null;
                                }
                            });
                            implies = principalComparator.implies(subject);
                            z = implies;
                        } catch (Exception e) {
                            if (debug != null) {
                                debug.println("Exception while attempting to construct PrincipalComparator");
                                e.printStackTrace();
                            }
                            boolean subjectListImpliesPrincipalEntry = subjectListImpliesPrincipalEntry(linkedList, principalEntry);
                            z = subjectListImpliesPrincipalEntry;
                            if (!subjectListImpliesPrincipalEntry) {
                                break;
                            }
                        }
                        if (!implies) {
                            break;
                        }
                    }
                }
                if (z) {
                    if (debug != null) {
                        debug.println("evaluation (codesource/principals) passed");
                    }
                    for (int i3 = 0; i3 < policyEntry.permissions.size(); i3++) {
                        Permission permission = (Permission) policyEntry.permissions.elementAt(i3);
                        if (debug != null) {
                            debug.println(new StringBuffer().append("  granting ").append(permission).toString());
                        }
                        if (permission instanceof SelfPermission) {
                            expandSelf((SelfPermission) permission, principals, principalArr, permissions);
                        } else {
                            permissions.add(permission);
                        }
                    }
                } else if (debug != null) {
                    debug.println("evaluation failed");
                }
            } else if (debug != null) {
                debug.println("evaluation (codesource) failed");
            }
        }
        if (!this.ignoreIdentityScope && (certificates = codeSource.getCertificates()) != null) {
            for (int i4 = 0; i4 < certificates.length; i4++) {
                synchronized (policyInfo) {
                    obj = policyInfo.aliasMapping.get(certificates[i4]);
                }
                if (obj == null && checkForTrustedIdentity(certificates[i4], policyInfo)) {
                    permissions.add(new AllPermission());
                }
            }
        }
        return permissions;
    }

    private boolean subjectListImpliesPrincipalEntry(LinkedList linkedList, PolicyParser.PrincipalEntry principalEntry) {
        ListIterator listIterator = linkedList.listIterator(0);
        while (listIterator.hasNext()) {
            PolicyParser.PrincipalEntry principalEntry2 = (PolicyParser.PrincipalEntry) listIterator.next();
            if (principalEntry.principalClass.equals(PolicyParser.PrincipalEntry.WILDCARD_CLASS) || principalEntry.principalClass.equals(principalEntry2.principalClass)) {
                if (principalEntry.principalName.equals(PolicyParser.PrincipalEntry.WILDCARD_NAME) || principalEntry.principalName.equals(principalEntry2.principalName)) {
                    return true;
                }
            }
        }
        return false;
    }

    private void expandSelf(SelfPermission selfPermission, LinkedList linkedList, Principal[] principalArr, Permissions permissions) {
        if (linkedList == null || linkedList.size() == 0) {
            if (debug != null) {
                debug.println(new StringBuffer().append("Ignoring permission ").append(selfPermission.getSelfType()).append(" with target name (").append(selfPermission.getSelfName()).append(").  ").append("No Principal(s) specified ").append("in the grant clause.  ").append("SELF-based target names are ").append("only valid in the context ").append("of a Principal-based grant entry.").toString());
                return;
            }
            return;
        }
        int i = 0;
        StringBuffer stringBuffer = new StringBuffer();
        while (true) {
            int indexOf = selfPermission.getSelfName().indexOf(SELF, i);
            if (indexOf == -1) {
                break;
            }
            stringBuffer.append(selfPermission.getSelfName().substring(i, indexOf));
            ListIterator listIterator = linkedList.listIterator();
            while (listIterator.hasNext()) {
                String[][] principalInfo = getPrincipalInfo((PolicyParser.PrincipalEntry) listIterator.next(), principalArr);
                for (int i2 = 0; i2 < principalInfo.length; i2++) {
                    if (i2 != 0) {
                        stringBuffer.append(", ");
                    }
                    stringBuffer.append(new StringBuffer().append(principalInfo[i2][0]).append(" ").append("\"").append(principalInfo[i2][1]).append("\"").toString());
                }
                if (listIterator.hasNext()) {
                    stringBuffer.append(", ");
                }
            }
            i = indexOf + SELF.length();
        }
        stringBuffer.append(selfPermission.getSelfName().substring(i));
        if (debug != null) {
            debug.println(new StringBuffer().append("  expanded:\n\t").append(selfPermission.getSelfName()).append("\n  into:\n\t").append(stringBuffer.toString()).toString());
        }
        try {
            permissions.add(getInstance(selfPermission.getSelfType(), stringBuffer.toString(), selfPermission.getSelfActions()));
        } catch (ClassNotFoundException e) {
            Enumeration elements = permissions.elements();
            Class cls = null;
            while (true) {
                if (!elements.hasMoreElements()) {
                    break;
                }
                Permission permission = (Permission) elements.nextElement();
                if (permission.getClass().getName().equals(selfPermission.getSelfType())) {
                    cls = permission.getClass();
                    break;
                }
            }
            if (cls == null) {
                permissions.add(new UnresolvedPermission(selfPermission.getSelfType(), stringBuffer.toString(), selfPermission.getSelfActions(), selfPermission.getCerts()));
                return;
            }
            try {
                if (selfPermission.getSelfActions() == null) {
                    try {
                        permissions.add((Permission) cls.getConstructor(PARAMS1).newInstance(new Object[]{stringBuffer.toString()}));
                    } catch (NoSuchMethodException e2) {
                        permissions.add((Permission) cls.getConstructor(PARAMS2).newInstance(new Object[]{stringBuffer.toString(), selfPermission.getSelfActions()}));
                    }
                } else {
                    permissions.add((Permission) cls.getConstructor(PARAMS2).newInstance(new Object[]{stringBuffer.toString(), selfPermission.getSelfActions()}));
                }
            } catch (Exception e3) {
                if (debug != null) {
                    debug.println(new StringBuffer().append("self entry expansion  instantiation failed: ").append(e3.toString()).toString());
                }
            }
        } catch (Exception e4) {
            if (debug != null) {
                debug.println(e4.toString());
            }
        }
    }

    private String[][] getPrincipalInfo(PolicyParser.PrincipalEntry principalEntry, Principal[] principalArr) {
        if (!principalEntry.principalClass.equals(PolicyParser.PrincipalEntry.WILDCARD_CLASS) && !principalEntry.principalName.equals(PolicyParser.PrincipalEntry.WILDCARD_NAME)) {
            String[][] strArr = new String[1][2];
            strArr[0][0] = principalEntry.principalClass;
            strArr[0][1] = principalEntry.principalName;
            return strArr;
        }
        if (principalEntry.principalClass.equals(PolicyParser.PrincipalEntry.WILDCARD_CLASS) || !principalEntry.principalName.equals(PolicyParser.PrincipalEntry.WILDCARD_NAME)) {
            String[][] strArr2 = new String[principalArr.length][2];
            for (int i = 0; i < principalArr.length; i++) {
                strArr2[i][0] = principalArr[i].getClass().getName();
                strArr2[i][1] = principalArr[i].getName();
            }
            return strArr2;
        }
        LinkedList linkedList = new LinkedList();
        for (int i2 = 0; i2 < principalArr.length; i2++) {
            if (principalEntry.principalClass.equals(principalArr[i2].getClass().getName())) {
                linkedList.add(principalArr[i2]);
            }
        }
        String[][] strArr3 = new String[linkedList.size()][2];
        int i3 = 0;
        Iterator it = linkedList.iterator();
        while (it.hasNext()) {
            Principal principal = (Principal) it.next();
            strArr3[i3][0] = principal.getClass().getName();
            strArr3[i3][1] = principal.getName();
            i3++;
        }
        return strArr3;
    }

    protected Certificate[] getSignerCertificates(CodeSource codeSource) {
        Certificate[] certificates = codeSource.getCertificates();
        if (certificates == null) {
            return null;
        }
        for (Certificate certificate : certificates) {
            if (!(certificate instanceof X509Certificate)) {
                return codeSource.getCertificates();
            }
        }
        int i = 0;
        int i2 = 0;
        while (i < certificates.length) {
            i2++;
            while (i + 1 < certificates.length && ((X509Certificate) certificates[i]).getIssuerDN().equals(((X509Certificate) certificates[i + 1]).getSubjectDN())) {
                i++;
            }
            i++;
        }
        if (i2 == certificates.length) {
            return certificates;
        }
        ArrayList arrayList = new ArrayList();
        int i3 = 0;
        while (i3 < certificates.length) {
            arrayList.add(certificates[i3]);
            while (i3 + 1 < certificates.length && ((X509Certificate) certificates[i3]).getIssuerDN().equals(((X509Certificate) certificates[i3 + 1]).getSubjectDN())) {
                i3++;
            }
            i3++;
        }
        Certificate[] certificateArr = new Certificate[arrayList.size()];
        arrayList.toArray(certificateArr);
        return certificateArr;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public CodeSource canonicalizeCodebase(CodeSource codeSource, boolean z) {
        Permission permission;
        String canonicalPath;
        String str = null;
        CodeSource codeSource2 = codeSource;
        URL location = codeSource.getLocation();
        if (location != null) {
            try {
                permission = location.openConnection().getPermission();
            } catch (IOException e) {
                permission = null;
            }
            if (permission instanceof FilePermission) {
                str = permission.getName();
            } else if (permission == null && location.getProtocol().equals("file")) {
                str = ParseUtil.decode(location.getFile().replace('/', File.separatorChar));
            }
        }
        if (str != null) {
            try {
                if (str.endsWith("*")) {
                    String substring = str.substring(0, str.length() - 1);
                    boolean z2 = false;
                    if (substring.endsWith(File.separator)) {
                        z2 = true;
                    }
                    if (substring.equals("")) {
                        substring = System.getProperty("user.dir");
                    }
                    File file = new File(substring);
                    String canonicalPath2 = file.getCanonicalPath();
                    StringBuffer stringBuffer = new StringBuffer(canonicalPath2);
                    if (!canonicalPath2.endsWith(File.separator) && (z2 || file.isDirectory())) {
                        stringBuffer.append(File.separatorChar);
                    }
                    stringBuffer.append('*');
                    canonicalPath = stringBuffer.toString();
                } else {
                    canonicalPath = new File(str).getCanonicalPath();
                }
                URL fileToEncodedURL = ParseUtil.fileToEncodedURL(new File(canonicalPath));
                codeSource2 = z ? new CodeSource(fileToEncodedURL, getSignerCertificates(codeSource)) : new CodeSource(fileToEncodedURL, codeSource.getCertificates());
            } catch (IOException e2) {
                if (z) {
                    codeSource2 = new CodeSource(codeSource.getLocation(), getSignerCertificates(codeSource));
                }
            }
        } else if (z) {
            codeSource2 = new CodeSource(codeSource.getLocation(), getSignerCertificates(codeSource));
        }
        return codeSource2;
    }

    private String printPD(ProtectionDomain protectionDomain) {
        Principal[] principals = protectionDomain.getPrincipals();
        String str = "<no principals>";
        if (principals != null && principals.length > 0) {
            StringBuffer stringBuffer = new StringBuffer("(principals ");
            for (int i = 0; i < principals.length; i++) {
                stringBuffer.append(new StringBuffer().append(principals[i].getClass().getName()).append(" \"").append(principals[i].getName()).append("\"").toString());
                if (i < principals.length - 1) {
                    stringBuffer.append(", ");
                } else {
                    stringBuffer.append(RuntimeConstants.SIG_ENDMETHOD);
                }
            }
            str = stringBuffer.toString();
        }
        return new StringBuffer().append("PD CodeSource: ").append(protectionDomain.getCodeSource()).append("\n\t").append("PD ClassLoader: ").append(protectionDomain.getClassLoader()).append("\n\t").append("PD Principals: ").append(str).toString();
    }

    private boolean replacePrincipals(LinkedList linkedList, KeyStore keyStore) {
        if (linkedList == null || linkedList.size() == 0 || keyStore == null) {
            return true;
        }
        ListIterator listIterator = linkedList.listIterator();
        while (listIterator.hasNext()) {
            PolicyParser.PrincipalEntry principalEntry = (PolicyParser.PrincipalEntry) listIterator.next();
            if (principalEntry.principalClass.equals(PolicyParser.REPLACE_NAME)) {
                String dn = getDN(principalEntry.principalName, keyStore);
                if (dn == null) {
                    return false;
                }
                if (debug != null) {
                    debug.println(new StringBuffer().append("  Replacing \"").append(principalEntry.principalName).append("\" with ").append(X500PRINCIPAL).append("/\"").append(dn).append("\"").toString());
                }
                principalEntry.principalClass = X500PRINCIPAL;
                principalEntry.principalName = dn;
            }
        }
        return true;
    }

    private void expandPermissionName(PolicyParser.PermissionEntry permissionEntry, KeyStore keyStore) throws Exception {
        int indexOf;
        if (permissionEntry.name == null || permissionEntry.name.indexOf("${{", 0) == -1) {
            return;
        }
        int i = 0;
        StringBuffer stringBuffer = new StringBuffer();
        while (true) {
            int indexOf2 = permissionEntry.name.indexOf("${{", i);
            if (indexOf2 != -1 && (indexOf = permissionEntry.name.indexOf("}}", indexOf2)) >= 1) {
                stringBuffer.append(permissionEntry.name.substring(i, indexOf2));
                String substring = permissionEntry.name.substring(indexOf2 + 3, indexOf);
                String str = substring;
                int indexOf3 = substring.indexOf(":");
                if (indexOf3 != -1) {
                    str = substring.substring(0, indexOf3);
                }
                if (str.equalsIgnoreCase("self")) {
                    stringBuffer.append(permissionEntry.name.substring(indexOf2, indexOf + 2));
                    i = indexOf + 2;
                } else {
                    if (!str.equalsIgnoreCase("alias")) {
                        throw new Exception(new MessageFormat(ResourcesMgr.getString("substitution value, prefix, unsupported")).format(new Object[]{str}));
                    }
                    if (indexOf3 == -1) {
                        throw new Exception(new MessageFormat(ResourcesMgr.getString("alias name not provided (pe.name)")).format(new Object[]{permissionEntry.name}));
                    }
                    String dn = getDN(substring.substring(indexOf3 + 1), keyStore);
                    if (dn == null) {
                        throw new Exception(new MessageFormat(ResourcesMgr.getString("unable to perform substitution on alias, suffix")).format(new Object[]{substring.substring(indexOf3 + 1)}));
                    }
                    stringBuffer.append(new StringBuffer().append("javax.security.auth.x500.X500Principal \"").append(dn).append("\"").toString());
                    i = indexOf + 2;
                }
            }
        }
        stringBuffer.append(permissionEntry.name.substring(i));
        if (debug != null) {
            debug.println(new StringBuffer().append("  Permission name expanded from:\n\t").append(permissionEntry.name).append("\nto\n\t").append(stringBuffer.toString()).toString());
        }
        permissionEntry.name = stringBuffer.toString();
    }

    private String getDN(String str, KeyStore keyStore) {
        try {
            Certificate certificate = keyStore.getCertificate(str);
            if (certificate != null && (certificate instanceof X509Certificate)) {
                return ((X509Certificate) certificate).getSubjectX500Principal().getName();
            }
            if (debug == null) {
                return null;
            }
            debug.println(new StringBuffer().append("  -- No certificate for '").append(str).append("' - ignoring entry").toString());
            return null;
        } catch (Exception e) {
            if (debug == null) {
                return null;
            }
            debug.println(new StringBuffer().append("  Error retrieving certificate for '").append(str).append("': ").append(e.toString()).toString());
            return null;
        }
    }

    private boolean checkForTrustedIdentity(Certificate certificate, PolicyInfo policyInfo) {
        Class cls;
        if (certificate == null || this.ignoreIdentityScope) {
            return false;
        }
        if (class$sun$security$provider$PolicyFile == null) {
            cls = class$("sun.security.provider.PolicyFile");
            class$sun$security$provider$PolicyFile = cls;
        } else {
            cls = class$sun$security$provider$PolicyFile;
        }
        Class cls2 = cls;
        synchronized (cls) {
            if (scope == null) {
                IdentityScope identityScope = (IdentityScope) AccessController.doPrivileged(new PrivilegedAction(this) { // from class: sun.security.provider.PolicyFile.7
                    private final PolicyFile this$0;

                    {
                        this.this$0 = this;
                    }

                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        return IdentityScope.getSystemScope();
                    }
                });
                if (identityScope instanceof IdentityDatabase) {
                    scope = identityScope;
                }
            }
            if (scope == null) {
                this.ignoreIdentityScope = true;
                return false;
            }
            Identity identity = (Identity) AccessController.doPrivileged(new PrivilegedAction(this, certificate) { // from class: sun.security.provider.PolicyFile.8
                private final Certificate val$cert;
                private final PolicyFile this$0;

                {
                    this.this$0 = this;
                    this.val$cert = certificate;
                }

                @Override // java.security.PrivilegedAction
                public Object run() {
                    return PolicyFile.scope.getIdentity(this.val$cert.getPublicKey());
                }
            });
            if (!isTrusted(identity)) {
                return false;
            }
            if (debug != null) {
                debug.println("Adding policy entry for trusted Identity: ");
                AccessController.doPrivileged(new PrivilegedAction(this, identity) { // from class: sun.security.provider.PolicyFile.9
                    private final Identity val$id;
                    private final PolicyFile this$0;

                    {
                        this.this$0 = this;
                        this.val$id = identity;
                    }

                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        PolicyFile.debug.println(new StringBuffer().append("  identity = ").append(this.val$id).toString());
                        return null;
                    }
                });
                debug.println("");
            }
            PolicyEntry policyEntry = new PolicyEntry(new CodeSource(null, new Certificate[]{certificate}));
            policyEntry.add(new AllPermission());
            synchronized (policyInfo) {
                policyInfo.policyEntries.addElement(policyEntry);
                policyInfo.aliasMapping.put(certificate, identity.getName());
            }
            return true;
        }
    }

    private boolean isTrusted(Identity identity) {
        return identity instanceof SystemIdentity ? ((SystemIdentity) identity).isTrusted() : (identity instanceof SystemSigner) && ((SystemSigner) identity).isTrusted();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        Class cls2;
        Class cls3;
        Class[] clsArr = new Class[1];
        if (class$java$lang$String == null) {
            cls = class$("java.lang.String");
            class$java$lang$String = cls;
        } else {
            cls = class$java$lang$String;
        }
        clsArr[0] = cls;
        PARAMS1 = clsArr;
        Class[] clsArr2 = new Class[2];
        if (class$java$lang$String == null) {
            cls2 = class$("java.lang.String");
            class$java$lang$String = cls2;
        } else {
            cls2 = class$java$lang$String;
        }
        clsArr2[0] = cls2;
        if (class$java$lang$String == null) {
            cls3 = class$("java.lang.String");
            class$java$lang$String = cls3;
        } else {
            cls3 = class$java$lang$String;
        }
        clsArr2[1] = cls3;
        PARAMS2 = clsArr2;
    }
}
