package sun.security.provider;

import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FilePermission;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.lang.reflect.InvocationTargetException;
import java.net.MalformedURLException;
import java.net.SocketPermission;
import java.net.URL;
import java.security.AccessController;
import java.security.AllPermission;
import java.security.CodeSource;
import java.security.Identity;
import java.security.IdentityScope;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.security.Policy;
import java.security.PrivilegedAction;
import java.security.Security;
import java.security.UnresolvedPermission;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.PropertyPermission;
import java.util.StringTokenizer;
import java.util.Vector;
import sun.net.www.ParseUtil;
import sun.security.action.GetPropertyAction;
import sun.security.provider.PolicyParser;
import sun.security.tools.ToolDialog;
import sun.security.util.Debug;
import sun.security.util.PropertyExpander;
import sun.tools.java.RuntimeConstants;

/* loaded from: input_file:efixes/PK14534_Hpux_PaRISC/components/prereq.jdk/update.jar:/java/jre/lib/rt.jar:sun/security/provider/PolicyFile.class */
public class PolicyFile extends Policy {
    private static final Debug debug = Debug.getInstance("policy");
    private Vector policyEntries;
    private Hashtable aliasMapping;
    private boolean initialized = false;
    private boolean expandProperties = true;
    private boolean ignoreIdentityScope = false;
    private static final Class[] PARAMS;
    private static IdentityScope scope;
    static Class class$java$lang$String;
    static Class class$sun$security$provider$PolicyFile;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:efixes/PK14534_Hpux_PaRISC/components/prereq.jdk/update.jar:/java/jre/lib/rt.jar:sun/security/provider/PolicyFile$PolicyEntry.class */
    public static class PolicyEntry {
        CodeSource codesource;
        Vector permissions = new Vector();

        PolicyEntry(CodeSource codeSource) {
            this.codesource = codeSource;
        }

        void add(Permission permission) {
            this.permissions.addElement(permission);
        }

        CodeSource getCodeSource() {
            return this.codesource;
        }

        public String toString() {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(RuntimeConstants.SIG_METHOD);
            stringBuffer.append(getCodeSource());
            stringBuffer.append("\n");
            for (int i = 0; i < this.permissions.size(); i++) {
                Permission permission = (Permission) this.permissions.elementAt(i);
                stringBuffer.append("  ");
                stringBuffer.append(permission);
                stringBuffer.append("\n");
            }
            stringBuffer.append(")\n");
            return stringBuffer.toString();
        }
    }

    static {
        Class class$;
        Class class$2;
        Class[] clsArr = new Class[2];
        if (class$java$lang$String != null) {
            class$ = class$java$lang$String;
        } else {
            class$ = class$("java.lang.String");
            class$java$lang$String = class$;
        }
        clsArr[0] = class$;
        if (class$java$lang$String != null) {
            class$2 = class$java$lang$String;
        } else {
            class$2 = class$("java.lang.String");
            class$java$lang$String = class$2;
        }
        clsArr[1] = class$2;
        PARAMS = clsArr;
        scope = null;
    }

    public PolicyFile() {
        String str = (String) AccessController.doPrivileged(new GetPropertyAction("java.security.policy"));
        if ((str == null ? (String) AccessController.doPrivileged(new GetPropertyAction("java.security.manager")) : str) != null) {
            init();
        }
    }

    private void addGrantEntry(PolicyParser.GrantEntry grantEntry, KeyStore keyStore) {
        CodeSource codeSource;
        if (debug != null) {
            debug.println("Adding policy entry: ");
            debug.println(new StringBuffer("  signedBy ").append(grantEntry.signedBy).toString());
            debug.println(new StringBuffer("  codeBase ").append(grantEntry.codeBase).toString());
            debug.println();
        }
        try {
            codeSource = getCodeSource(grantEntry, keyStore);
        } catch (Exception e) {
            System.err.println(new StringBuffer("java.security.Policy: error adding Entry ").append(grantEntry).append(" ").append(e).toString());
        }
        if (codeSource == null) {
            return;
        }
        PolicyEntry policyEntry = new PolicyEntry(codeSource);
        Enumeration permissionElements = grantEntry.permissionElements();
        while (permissionElements.hasMoreElements()) {
            PolicyParser.PermissionEntry permissionEntry = (PolicyParser.PermissionEntry) permissionElements.nextElement();
            try {
                try {
                    try {
                        Permission policyFile = getInstance(permissionEntry.permission, permissionEntry.name, permissionEntry.action);
                        policyEntry.add(policyFile);
                        if (debug != null) {
                            debug.println(new StringBuffer("  ").append(policyFile).toString());
                        }
                    } catch (InvocationTargetException e2) {
                        System.err.println(new StringBuffer("java.security.Policy: error adding Permission ").append(permissionEntry.permission).append(" ").append(e2.getTargetException()).toString());
                    }
                } catch (ClassNotFoundException unused) {
                    Certificate[] certificates = permissionEntry.signedBy != null ? getCertificates(keyStore, permissionEntry.signedBy) : null;
                    if (certificates != null || permissionEntry.signedBy == null) {
                        UnresolvedPermission unresolvedPermission = new UnresolvedPermission(permissionEntry.permission, permissionEntry.name, permissionEntry.action, certificates);
                        policyEntry.add(unresolvedPermission);
                        if (debug != null) {
                            debug.println(new StringBuffer("  ").append(unresolvedPermission).toString());
                        }
                    }
                }
            } catch (Exception e3) {
                System.err.println(new StringBuffer("java.security.Policy: error adding Permission ").append(permissionEntry.permission).append(" ").append(e3).toString());
            }
        }
        this.policyEntries.addElement(policyEntry);
        if (debug != null) {
            debug.println();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public CodeSource canonicalizeCodebase(CodeSource codeSource, boolean z) {
        Permission permission;
        String canonicalPath;
        String str = null;
        CodeSource codeSource2 = codeSource;
        URL location = codeSource.getLocation();
        if (location != null) {
            try {
                permission = location.openConnection().getPermission();
            } catch (IOException unused) {
                permission = null;
            }
            if (permission instanceof FilePermission) {
                str = permission.getName();
            } else if (permission == null && location.getProtocol().equals("file")) {
                str = ParseUtil.decode(location.getFile().replace('/', File.separatorChar));
            }
        }
        if (str != null) {
            try {
                if (str.endsWith("*")) {
                    String substring = str.substring(0, str.length() - 1);
                    boolean z2 = false;
                    if (substring.endsWith(File.separator)) {
                        z2 = true;
                    }
                    if (substring.equals("")) {
                        substring = (String) AccessController.doPrivileged(new GetPropertyAction("user.dir"));
                    }
                    File file = new File(substring);
                    String canonicalPath2 = file.getCanonicalPath();
                    StringBuffer stringBuffer = new StringBuffer(canonicalPath2);
                    if (!canonicalPath2.endsWith(File.separator) && (z2 || file.isDirectory())) {
                        stringBuffer.append(File.separatorChar);
                    }
                    stringBuffer.append('*');
                    canonicalPath = stringBuffer.toString();
                } else {
                    canonicalPath = new File(str).getCanonicalPath();
                }
                URL url = new File(canonicalPath).toURL();
                codeSource2 = z ? new CodeSource(url, getSignerCertificates(codeSource)) : new CodeSource(url, codeSource.getCertificates());
            } catch (IOException unused2) {
                if (z) {
                    codeSource2 = new CodeSource(codeSource.getLocation(), getSignerCertificates(codeSource));
                }
            }
        } else if (z) {
            codeSource2 = new CodeSource(codeSource.getLocation(), getSignerCertificates(codeSource));
        }
        return codeSource2;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v32 */
    /* JADX WARN: Type inference failed for: r0v33, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v41, types: [java.security.IdentityScope] */
    private boolean checkForTrustedIdentity(Certificate certificate) {
        Class class$;
        if (certificate == null || this.ignoreIdentityScope) {
            return false;
        }
        if (scope == null) {
            if (class$sun$security$provider$PolicyFile != null) {
                class$ = class$sun$security$provider$PolicyFile;
            } else {
                class$ = class$("sun.security.provider.PolicyFile");
                class$sun$security$provider$PolicyFile = class$;
            }
            Class cls = class$;
            ?? r0 = cls;
            synchronized (r0) {
                if (scope == null) {
                    IdentityScope identityScope = (IdentityScope) AccessController.doPrivileged(new PrivilegedAction() { // from class: sun.security.provider.PolicyFile.2
                        @Override // java.security.PrivilegedAction
                        public Object run() {
                            return IdentityScope.getSystemScope();
                        }
                    });
                    if (identityScope instanceof IdentityDatabase) {
                        r0 = identityScope;
                        scope = r0;
                    }
                }
            }
        }
        if (scope == null) {
            this.ignoreIdentityScope = true;
            return false;
        }
        Identity identity = (Identity) AccessController.doPrivileged(new PrivilegedAction(certificate) { // from class: sun.security.provider.PolicyFile.3
            private final Certificate val$cert;

            {
                this.val$cert = certificate;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return PolicyFile.scope.getIdentity(this.val$cert.getPublicKey());
            }
        });
        if (!isTrusted(identity)) {
            return false;
        }
        if (debug != null) {
            debug.println("Adding policy entry for trusted Identity: ");
            AccessController.doPrivileged(new PrivilegedAction(identity) { // from class: sun.security.provider.PolicyFile.4
                private final Identity val$id;

                {
                    this.val$id = identity;
                }

                @Override // java.security.PrivilegedAction
                public Object run() {
                    PolicyFile.debug.println(new StringBuffer("  identity = ").append(this.val$id).toString());
                    return null;
                }
            });
            debug.println("");
        }
        PolicyEntry policyEntry = new PolicyEntry(new CodeSource(null, new Certificate[]{certificate}));
        policyEntry.add(new AllPermission());
        this.policyEntries.addElement(policyEntry);
        this.aliasMapping.put(certificate, identity.getName());
        return true;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    private final synchronized Enumeration elements() {
        return this.policyEntries.elements();
    }

    Certificate[] getCertificates(KeyStore keyStore, String str) {
        Vector vector = null;
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        int i = 0;
        while (stringTokenizer.hasMoreTokens()) {
            String trim = stringTokenizer.nextToken().trim();
            i++;
            Certificate certificate = (Certificate) this.aliasMapping.get(trim);
            if (certificate == null && keyStore != null) {
                try {
                    certificate = keyStore.getCertificate(trim);
                } catch (KeyStoreException unused) {
                }
                if (certificate != null) {
                    this.aliasMapping.put(trim, certificate);
                    this.aliasMapping.put(certificate, trim);
                }
            }
            if (certificate != null) {
                if (vector == null) {
                    vector = new Vector();
                }
                vector.addElement(certificate);
            }
        }
        if (vector == null || i != vector.size()) {
            return null;
        }
        Certificate[] certificateArr = new Certificate[vector.size()];
        vector.copyInto(certificateArr);
        return certificateArr;
    }

    CodeSource getCodeSource(PolicyParser.GrantEntry grantEntry, KeyStore keyStore) throws MalformedURLException {
        Certificate[] certificateArr = null;
        if (grantEntry.signedBy != null) {
            certificateArr = getCertificates(keyStore, grantEntry.signedBy);
            if (certificateArr == null) {
                if (debug == null) {
                    return null;
                }
                debug.println(new StringBuffer(" no certs for alias ").append(grantEntry.signedBy).append(", ignoring.").toString());
                return null;
            }
        }
        return canonicalizeCodebase(new CodeSource(grantEntry.codeBase != null ? new URL(grantEntry.codeBase) : null, certificateArr), false);
    }

    private InputStream getInputStream(URL url) throws IOException {
        return "file".equals(url.getProtocol()) ? new FileInputStream(url.getFile().replace('/', File.separatorChar)) : url.openStream();
    }

    private static final Permission getInstance(String str, String str2, String str3) throws ClassNotFoundException, InstantiationException, IllegalAccessException, NoSuchMethodException, InvocationTargetException {
        return (Permission) Class.forName(str).getConstructor(PARAMS).newInstance(new Object[]{str2, str3});
    }

    @Override // java.security.Policy
    public PermissionCollection getPermissions(CodeSource codeSource) {
        return this.initialized ? getPermissions(new Permissions(), codeSource) : new PolicyPermissions(this, codeSource);
    }

    public Permissions getPermissions(Permissions permissions, CodeSource codeSource) {
        Certificate[] certificates;
        if (!this.initialized) {
            init();
        }
        CodeSource[] codeSourceArr = {null};
        AccessController.doPrivileged(new PrivilegedAction(codeSourceArr, codeSource, permissions, this) { // from class: sun.security.provider.PolicyFile.5
            private final Permissions val$perms;
            private final PolicyFile this$0;
            private final CodeSource val$cs;
            private final CodeSource[] val$codesource;

            {
                this.val$codesource = codeSourceArr;
                this.val$cs = codeSource;
                this.val$perms = permissions;
                this.this$0 = this;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                this.val$codesource[0] = this.this$0.canonicalizeCodebase(this.val$cs, true);
                if (PolicyFile.debug != null) {
                    PolicyFile.debug.println(new StringBuffer("evaluate(").append(this.val$codesource[0]).append(RuntimeConstants.SIG_ENDMETHOD).toString());
                }
                for (int i = 0; i < this.this$0.policyEntries.size(); i++) {
                    PolicyEntry policyEntry = (PolicyEntry) this.this$0.policyEntries.elementAt(i);
                    if (policyEntry.codesource.implies(this.val$codesource[0])) {
                        for (int i2 = 0; i2 < policyEntry.permissions.size(); i2++) {
                            Permission permission = (Permission) policyEntry.permissions.elementAt(i2);
                            if (PolicyFile.debug != null) {
                                PolicyFile.debug.println(new StringBuffer("  granting ").append(permission).toString());
                            }
                            this.val$perms.add(permission);
                        }
                    }
                }
                return null;
            }
        });
        if (!this.ignoreIdentityScope && (certificates = codeSourceArr[0].getCertificates()) != null) {
            for (int i = 0; i < certificates.length; i++) {
                if (this.aliasMapping.get(certificates[i]) == null && checkForTrustedIdentity(certificates[i])) {
                    permissions.add(new AllPermission());
                }
            }
        }
        return permissions;
    }

    protected Certificate[] getSignerCertificates(CodeSource codeSource) {
        Certificate[] certificates = codeSource.getCertificates();
        if (certificates == null) {
            return null;
        }
        for (Certificate certificate : certificates) {
            if (!(certificate instanceof X509Certificate)) {
                return codeSource.getCertificates();
            }
        }
        int i = 0;
        int i2 = 0;
        while (i < certificates.length) {
            i2++;
            while (i + 1 < certificates.length && ((X509Certificate) certificates[i]).getIssuerDN().equals(((X509Certificate) certificates[i + 1]).getSubjectDN())) {
                i++;
            }
            i++;
        }
        if (i2 == certificates.length) {
            return certificates;
        }
        ArrayList arrayList = new ArrayList();
        int i3 = 0;
        while (i3 < certificates.length) {
            arrayList.add(certificates[i3]);
            while (i3 + 1 < certificates.length && ((X509Certificate) certificates[i3]).getIssuerDN().equals(((X509Certificate) certificates[i3 + 1]).getSubjectDN())) {
                i3++;
            }
            i3++;
        }
        Certificate[] certificateArr = new Certificate[arrayList.size()];
        arrayList.toArray(certificateArr);
        return certificateArr;
    }

    private synchronized void init() {
        if (this.initialized) {
            return;
        }
        this.policyEntries = new Vector();
        this.aliasMapping = new Hashtable(11);
        AccessController.doPrivileged(new PrivilegedAction(this) { // from class: sun.security.provider.PolicyFile.1
            private final PolicyFile this$0;

            {
                this.this$0 = this;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                this.this$0.initPolicyFile();
                this.this$0.initialized = true;
                return null;
            }
        });
    }

    private boolean init(URL url) {
        boolean z = false;
        PolicyParser policyParser = new PolicyParser(this.expandProperties);
        try {
            InputStreamReader inputStreamReader = new InputStreamReader(getInputStream(url));
            policyParser.read(inputStreamReader);
            inputStreamReader.close();
            KeyStore initKeyStore = initKeyStore(url, policyParser.getKeyStoreUrl(), policyParser.getKeyStoreType());
            Enumeration grantElements = policyParser.grantElements();
            while (grantElements.hasMoreElements()) {
                addGrantEntry((PolicyParser.GrantEntry) grantElements.nextElement(), initKeyStore);
            }
            z = true;
        } catch (PolicyParser.ParsingException e) {
            System.err.println(new StringBuffer("java.security.Policy: error parsing ").append(url).toString());
            System.err.println(new StringBuffer("java.security.Policy: ").append(e.getMessage()).toString());
            if (debug != null) {
                e.printStackTrace();
            }
        } catch (Exception e2) {
            if (debug != null) {
                debug.println(new StringBuffer("error parsing ").append(url).toString());
                debug.println(e2.toString());
                e2.printStackTrace();
            }
        }
        return z;
    }

    private KeyStore initKeyStore(URL url, String str, String str2) {
        URL url2;
        if (str == null) {
            return null;
        }
        try {
            try {
                url2 = new URL(str);
            } catch (MalformedURLException unused) {
                url2 = new URL(url, str);
            }
            if (debug != null) {
                debug.println(new StringBuffer("reading keystore").append(url2).toString());
            }
            BufferedInputStream bufferedInputStream = new BufferedInputStream(getInputStream(url2));
            KeyStore keyStore = str2 != null ? KeyStore.getInstance(str2) : KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(bufferedInputStream, null);
            bufferedInputStream.close();
            return keyStore;
        } catch (Exception e) {
            if (debug == null) {
                return null;
            }
            e.printStackTrace();
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void initPolicyFile() {
        String property = Security.getProperty("policy.expandProperties");
        if (property != null) {
            this.expandProperties = property.equalsIgnoreCase("true");
        }
        String property2 = Security.getProperty("policy.ignoreIdentityScope");
        if (property2 != null) {
            this.ignoreIdentityScope = property2.equalsIgnoreCase("true");
        }
        String property3 = Security.getProperty("policy.allowSystemProperty");
        if (property3 != null && property3.equalsIgnoreCase("true")) {
            String property4 = System.getProperty("java.security.policy");
            if (property4 != null) {
                boolean z = false;
                if (property4.startsWith("=")) {
                    z = true;
                    property4 = property4.substring(1);
                }
                try {
                    String expand = PropertyExpander.expand(property4);
                    File file = new File(expand);
                    URL url = file.exists() ? new URL(new StringBuffer("file:").append(file.getCanonicalPath()).toString()) : new URL(expand);
                    if (debug != null) {
                        debug.println(new StringBuffer("reading ").append(url).toString());
                    }
                    init(url);
                } catch (Exception e) {
                    if (debug != null) {
                        debug.println(new StringBuffer("caught exception: ").append(e).toString());
                    }
                }
                if (z) {
                    if (debug != null) {
                        debug.println("overriding other policies!");
                        return;
                    }
                    return;
                }
            }
        }
        int i = 1;
        boolean z2 = false;
        while (true) {
            String property5 = Security.getProperty(new StringBuffer("policy.url.").append(i).toString());
            if (property5 == null) {
                break;
            }
            try {
                String replace = PropertyExpander.expand(property5).replace(File.separatorChar, '/');
                if (debug != null) {
                    debug.println(new StringBuffer("reading ").append(replace).toString());
                }
                if (init(new URL(replace))) {
                    z2 = true;
                }
            } catch (Exception e2) {
                if (debug != null) {
                    debug.println(new StringBuffer("error reading policy ").append(e2).toString());
                    e2.printStackTrace();
                }
            }
            i++;
        }
        if (z2) {
            return;
        }
        initStaticPolicy();
    }

    private void initStaticPolicy() {
        PolicyEntry policyEntry = new PolicyEntry(new CodeSource(null, null));
        policyEntry.add(new SocketPermission("localhost:1024-", ToolDialog.SOCKET_PERM_LISTEN));
        policyEntry.add(new PropertyPermission("java.version", "read"));
        policyEntry.add(new PropertyPermission("java.vendor", "read"));
        policyEntry.add(new PropertyPermission("java.vendor.url", "read"));
        policyEntry.add(new PropertyPermission("java.class.version", "read"));
        policyEntry.add(new PropertyPermission("os.name", "read"));
        policyEntry.add(new PropertyPermission("os.version", "read"));
        policyEntry.add(new PropertyPermission("os.arch", "read"));
        policyEntry.add(new PropertyPermission("file.separator", "read"));
        policyEntry.add(new PropertyPermission("path.separator", "read"));
        policyEntry.add(new PropertyPermission("line.separator", "read"));
        policyEntry.add(new PropertyPermission("java.specification.version", "read"));
        policyEntry.add(new PropertyPermission("java.specification.vendor", "read"));
        policyEntry.add(new PropertyPermission("java.specification.name", "read"));
        policyEntry.add(new PropertyPermission("java.vm.specification.version", "read"));
        policyEntry.add(new PropertyPermission("java.vm.specification.vendor", "read"));
        policyEntry.add(new PropertyPermission("java.vm.specification.name", "read"));
        policyEntry.add(new PropertyPermission("java.vm.version", "read"));
        policyEntry.add(new PropertyPermission("java.vm.vendor", "read"));
        policyEntry.add(new PropertyPermission("java.vm.name", "read"));
        this.policyEntries.addElement(policyEntry);
        try {
            PolicyEntry policyEntry2 = new PolicyEntry(new CodeSource(new File(PropertyExpander.expand("${java.home}/lib/ext/*")).toURL(), null));
            policyEntry2.add(new AllPermission());
            this.policyEntries.addElement(policyEntry2);
        } catch (Exception unused) {
        }
    }

    private boolean isTrusted(Identity identity) {
        return identity instanceof SystemIdentity ? ((SystemIdentity) identity).isTrusted() : (identity instanceof SystemSigner) && ((SystemSigner) identity).isTrusted();
    }

    @Override // java.security.Policy
    public synchronized void refresh() {
        this.initialized = false;
        init();
    }
}
