package sun.security.provider;

import com.aires.mobile.util.AppConstants;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStreamReader;
import java.lang.reflect.InvocationTargetException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.AccessController;
import java.security.AllPermission;
import java.security.CodeSource;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.Security;
import java.security.UnresolvedPermission;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.ResourceBundle;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.security.auth.AuthPermission;
import javax.security.auth.Policy;
import javax.security.auth.PrivateCredentialPermission;
import javax.security.auth.Subject;
import sun.security.provider.PolicyParser;
import sun.security.util.Debug;
import sun.security.util.PolicyUtil;
import sun.security.util.PropertyExpander;

@Deprecated
/* loaded from: input_file:assets/storage/jvm/rt.jar:sun/security/provider/AuthPolicyFile.class */
public class AuthPolicyFile extends Policy {
    private static final String AUTH_POLICY = "java.security.auth.policy";
    private static final String SECURITY_MANAGER = "java.security.manager";
    private static final String AUTH_POLICY_URL = "auth.policy.url.";
    private Vector<PolicyEntry> policyEntries;
    private Hashtable<Object, Object> aliasMapping;
    private boolean initialized = false;
    private boolean expandProperties = true;
    private boolean ignoreIdentityScope = true;
    static final ResourceBundle rb = (ResourceBundle) AccessController.doPrivileged(new PrivilegedAction<ResourceBundle>() { // from class: sun.security.provider.AuthPolicyFile.1
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.security.PrivilegedAction
        /* renamed from: run */
        public ResourceBundle run2() {
            return ResourceBundle.getBundle("sun.security.util.AuthResources");
        }
    });
    private static final Debug debug = Debug.getInstance(AppConstants.POLICY, "\t[Auth Policy]");
    private static final Class<?>[] PARAMS = {String.class, String.class};

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:assets/storage/jvm/rt.jar:sun/security/provider/AuthPolicyFile$PolicyEntry.class */
    public static class PolicyEntry {
        CodeSource codesource;
        Vector<Permission> permissions = new Vector<>();

        PolicyEntry(CodeSource codeSource) {
            this.codesource = codeSource;
        }

        void add(Permission permission) {
            this.permissions.addElement(permission);
        }

        CodeSource getCodeSource() {
            return this.codesource;
        }

        public String toString() {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(AuthPolicyFile.rb.getString("LPARAM"));
            stringBuffer.append((Object) getCodeSource());
            stringBuffer.append("\n");
            for (int i = 0; i < this.permissions.size(); i++) {
                Permission elementAt = this.permissions.elementAt(i);
                stringBuffer.append(AuthPolicyFile.rb.getString("SPACE"));
                stringBuffer.append(AuthPolicyFile.rb.getString("SPACE"));
                stringBuffer.append((Object) elementAt);
                stringBuffer.append(AuthPolicyFile.rb.getString("NEWLINE"));
            }
            stringBuffer.append(AuthPolicyFile.rb.getString("RPARAM"));
            stringBuffer.append(AuthPolicyFile.rb.getString("NEWLINE"));
            return stringBuffer.toString();
        }
    }

    public AuthPolicyFile() {
        String property = System.getProperty(AUTH_POLICY);
        if ((property == null ? System.getProperty(SECURITY_MANAGER) : property) != null) {
            init();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized void init() {
        if (this.initialized) {
            return;
        }
        this.policyEntries = new Vector<>();
        this.aliasMapping = new Hashtable<>(11);
        initPolicyFile();
        this.initialized = true;
    }

    @Override // javax.security.auth.Policy
    public synchronized void refresh() {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(new AuthPermission("refreshPolicy"));
        }
        this.initialized = false;
        AccessController.doPrivileged(new PrivilegedAction<Void>() { // from class: sun.security.provider.AuthPolicyFile.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            /* renamed from: run */
            public Void run2() {
                AuthPolicyFile.this.init();
                return null;
            }
        });
    }

    private KeyStore initKeyStore(URL url, String str, String str2) {
        URL url2;
        if (str == null) {
            return null;
        }
        try {
            try {
                url2 = new URL(str);
            } catch (MalformedURLException e) {
                url2 = new URL(url, str);
            }
            if (debug != null) {
                debug.println("reading keystore" + ((Object) url2));
            }
            BufferedInputStream bufferedInputStream = new BufferedInputStream(PolicyUtil.getInputStream(url2));
            KeyStore keyStore = str2 != null ? KeyStore.getInstance(str2) : KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(bufferedInputStream, null);
            bufferedInputStream.close();
            return keyStore;
        } catch (Exception e2) {
            if (debug == null) {
                return null;
            }
            debug.println("Debug info only. No keystore.");
            e2.printStackTrace();
            return null;
        }
    }

    private void initPolicyFile() {
        String property = Security.getProperty("policy.expandProperties");
        if (property != null) {
            this.expandProperties = property.equalsIgnoreCase("true");
        }
        String property2 = Security.getProperty("policy.ignoreIdentityScope");
        if (property2 != null) {
            this.ignoreIdentityScope = property2.equalsIgnoreCase("true");
        }
        String property3 = Security.getProperty("policy.allowSystemProperty");
        if (property3 != null && property3.equalsIgnoreCase("true")) {
            String property4 = System.getProperty(AUTH_POLICY);
            if (property4 != null) {
                boolean z = false;
                if (property4.startsWith("=")) {
                    z = true;
                    property4 = property4.substring(1);
                }
                try {
                    String expand = PropertyExpander.expand(property4);
                    File file = new File(expand);
                    URL url = file.exists() ? new URL("file:" + file.getCanonicalPath()) : new URL(expand);
                    if (debug != null) {
                        debug.println("reading " + ((Object) url));
                    }
                    init(url);
                } catch (Exception e) {
                    if (debug != null) {
                        debug.println("caught exception: " + ((Object) e));
                    }
                }
                if (z) {
                    if (debug != null) {
                        debug.println("overriding other policies!");
                        return;
                    }
                    return;
                }
            }
        }
        int i = 1;
        boolean z2 = false;
        while (true) {
            String property5 = Security.getProperty(AUTH_POLICY_URL + i);
            if (property5 == null) {
                if (!z2) {
                }
                return;
            }
            try {
                String replace = PropertyExpander.expand(property5).replace(File.separatorChar, '/');
                if (debug != null) {
                    debug.println("reading " + replace);
                }
                init(new URL(replace));
                z2 = true;
            } catch (Exception e2) {
                if (debug != null) {
                    debug.println("Debug info only. Error reading policy " + ((Object) e2));
                    e2.printStackTrace();
                }
            }
            i++;
        }
    }

    private boolean checkForTrustedIdentity(Certificate certificate) {
        return false;
    }

    private void init(URL url) {
        PolicyParser policyParser = new PolicyParser(this.expandProperties);
        try {
            InputStreamReader inputStreamReader = new InputStreamReader(PolicyUtil.getInputStream(url));
            Throwable th = null;
            try {
                policyParser.read(inputStreamReader);
                KeyStore initKeyStore = initKeyStore(url, policyParser.getKeyStoreUrl(), policyParser.getKeyStoreType());
                Enumeration<PolicyParser.GrantEntry> grantElements = policyParser.grantElements();
                while (grantElements.hasMoreElements()) {
                    addGrantEntry(grantElements.nextElement2(), initKeyStore);
                }
                if (inputStreamReader != null) {
                    if (0 != 0) {
                        try {
                            inputStreamReader.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        inputStreamReader.close();
                    }
                }
            } finally {
            }
        } catch (PolicyParser.ParsingException e) {
            System.err.println(AUTH_POLICY + rb.getString(".error.parsing.") + ((Object) url));
            System.err.println(AUTH_POLICY + rb.getString("COLON") + e.getMessage());
            if (debug != null) {
                e.printStackTrace();
            }
        } catch (Exception e2) {
            if (debug != null) {
                debug.println("error parsing " + ((Object) url));
                debug.println(e2.toString());
                e2.printStackTrace();
            }
        }
    }

    CodeSource getCodeSource(PolicyParser.GrantEntry grantEntry, KeyStore keyStore) throws MalformedURLException {
        Certificate[] certificateArr = null;
        if (grantEntry.signedBy != null) {
            certificateArr = getCertificates(keyStore, grantEntry.signedBy);
            if (certificateArr == null) {
                if (debug == null) {
                    return null;
                }
                debug.println(" no certs for alias " + grantEntry.signedBy + ", ignoring.");
                return null;
            }
        }
        URL url = grantEntry.codeBase != null ? new URL(grantEntry.codeBase) : null;
        return (grantEntry.principals == null || grantEntry.principals.size() == 0) ? canonicalizeCodebase(new CodeSource(url, certificateArr), false) : canonicalizeCodebase(new SubjectCodeSource(null, grantEntry.principals, url, certificateArr), false);
    }

    private void addGrantEntry(PolicyParser.GrantEntry grantEntry, KeyStore keyStore) {
        CodeSource codeSource;
        if (debug != null) {
            debug.println("Adding policy entry: ");
            debug.println("  signedBy " + grantEntry.signedBy);
            debug.println("  codeBase " + grantEntry.codeBase);
            if (grantEntry.principals != null) {
                Iterator<PolicyParser.PrincipalEntry> it = grantEntry.principals.iterator();
                while (it.getHasNext()) {
                    PolicyParser.PrincipalEntry next = it.next();
                    debug.println("  " + next.getPrincipalClass() + " " + next.getPrincipalName());
                }
            }
            debug.println();
        }
        try {
            codeSource = getCodeSource(grantEntry, keyStore);
        } catch (Exception e) {
            System.err.println(AUTH_POLICY + rb.getString(".error.adding.Entry.") + ((Object) grantEntry) + rb.getString("SPACE") + ((Object) e));
        }
        if (codeSource == null) {
            return;
        }
        PolicyEntry policyEntry = new PolicyEntry(codeSource);
        Enumeration<PolicyParser.PermissionEntry> permissionElements = grantEntry.permissionElements();
        while (permissionElements.hasMoreElements()) {
            PolicyParser.PermissionEntry nextElement2 = permissionElements.nextElement2();
            try {
                Permission authPolicyFile = (nextElement2.permission.equals("javax.security.auth.PrivateCredentialPermission") && nextElement2.name.endsWith(" self")) ? getInstance(nextElement2.permission, nextElement2.name + " \"self\"", nextElement2.action) : getInstance(nextElement2.permission, nextElement2.name, nextElement2.action);
                policyEntry.add(authPolicyFile);
                if (debug != null) {
                    debug.println("  " + ((Object) authPolicyFile));
                }
            } catch (ClassNotFoundException e2) {
                Certificate[] certificates = nextElement2.signedBy != null ? getCertificates(keyStore, nextElement2.signedBy) : null;
                if (certificates != null || nextElement2.signedBy == null) {
                    UnresolvedPermission unresolvedPermission = new UnresolvedPermission(nextElement2.permission, nextElement2.name, nextElement2.action, certificates);
                    policyEntry.add(unresolvedPermission);
                    if (debug != null) {
                        debug.println("  " + ((Object) unresolvedPermission));
                    }
                }
            } catch (InvocationTargetException e3) {
                System.err.println(AUTH_POLICY + rb.getString(".error.adding.Permission.") + nextElement2.permission + rb.getString("SPACE") + ((Object) e3.getTargetException()));
            } catch (Exception e4) {
                System.err.println(AUTH_POLICY + rb.getString(".error.adding.Permission.") + nextElement2.permission + rb.getString("SPACE") + ((Object) e4));
            }
        }
        this.policyEntries.addElement(policyEntry);
        if (debug != null) {
            debug.println();
        }
    }

    private static final Permission getInstance(String str, String str2, String str3) throws ClassNotFoundException, InstantiationException, IllegalAccessException, NoSuchMethodException, InvocationTargetException {
        return (Permission) Class.forName(str).getConstructor(PARAMS).newInstance(str2, str3);
    }

    Certificate[] getCertificates(KeyStore keyStore, String str) {
        Vector vector = null;
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        int i = 0;
        while (stringTokenizer.hasMoreTokens()) {
            String trim = stringTokenizer.nextToken().trim();
            i++;
            Certificate certificate = (Certificate) this.aliasMapping.get(trim);
            if (certificate == null && keyStore != null) {
                try {
                    certificate = keyStore.getCertificate(trim);
                } catch (KeyStoreException e) {
                }
                if (certificate != null) {
                    this.aliasMapping.put(trim, certificate);
                    this.aliasMapping.put(certificate, trim);
                }
            }
            if (certificate != null) {
                if (vector == null) {
                    vector = new Vector();
                }
                vector.addElement(certificate);
            }
        }
        if (vector == null || i != vector.size()) {
            return null;
        }
        Certificate[] certificateArr = new Certificate[vector.size()];
        vector.copyInto(certificateArr);
        return certificateArr;
    }

    private final synchronized Enumeration<PolicyEntry> elements() {
        return this.policyEntries.elements();
    }

    @Override // javax.security.auth.Policy
    public PermissionCollection getPermissions(final Subject subject, final CodeSource codeSource) {
        return (PermissionCollection) AccessController.doPrivileged(new PrivilegedAction<PermissionCollection>() { // from class: sun.security.provider.AuthPolicyFile.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            /* renamed from: run */
            public PermissionCollection run2() {
                SubjectCodeSource subjectCodeSource = new SubjectCodeSource(subject, null, codeSource == null ? null : codeSource.getLocation(), codeSource == null ? null : codeSource.getCertificates());
                return AuthPolicyFile.this.initialized ? AuthPolicyFile.this.getPermissions(new Permissions(), subjectCodeSource) : new PolicyPermissions(AuthPolicyFile.this, subjectCodeSource);
            }
        });
    }

    PermissionCollection getPermissions(CodeSource codeSource) {
        return this.initialized ? getPermissions(new Permissions(), codeSource) : new PolicyPermissions(this, codeSource);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Permissions getPermissions(Permissions permissions, CodeSource codeSource) {
        Certificate[] certificates;
        if (!this.initialized) {
            init();
        }
        CodeSource[] codeSourceArr = {null};
        codeSourceArr[0] = canonicalizeCodebase(codeSource, true);
        if (debug != null) {
            debug.println("evaluate(" + ((Object) codeSourceArr[0]) + ")\n");
        }
        for (int i = 0; i < this.policyEntries.size(); i++) {
            PolicyEntry elementAt = this.policyEntries.elementAt(i);
            if (debug != null) {
                debug.println("PolicyFile CodeSource implies: " + elementAt.codesource.toString() + "\n\n\t" + codeSourceArr[0].toString() + "\n\n");
            }
            if (elementAt.codesource.implies(codeSourceArr[0])) {
                for (int i2 = 0; i2 < elementAt.permissions.size(); i2++) {
                    Permission elementAt2 = elementAt.permissions.elementAt(i2);
                    if (debug != null) {
                        debug.println("  granting " + ((Object) elementAt2));
                    }
                    if (!addSelfPermissions(elementAt2, elementAt.codesource, codeSourceArr[0], permissions)) {
                        permissions.add(elementAt2);
                    }
                }
            }
        }
        if (!this.ignoreIdentityScope && (certificates = codeSourceArr[0].getCertificates()) != null) {
            for (int i3 = 0; i3 < certificates.length; i3++) {
                if (this.aliasMapping.get(certificates[i3]) == null && checkForTrustedIdentity(certificates[i3])) {
                    permissions.add(new AllPermission());
                }
            }
        }
        return permissions;
    }

    private boolean addSelfPermissions(Permission permission, CodeSource codeSource, CodeSource codeSource2, Permissions permissions) {
        if (!(permission instanceof PrivateCredentialPermission) || !(codeSource instanceof SubjectCodeSource)) {
            return false;
        }
        PrivateCredentialPermission privateCredentialPermission = (PrivateCredentialPermission) permission;
        SubjectCodeSource subjectCodeSource = (SubjectCodeSource) codeSource;
        String[][] principals = privateCredentialPermission.getPrincipals();
        if (principals.length <= 0 || !principals[0][0].equalsIgnoreCase("self") || !principals[0][1].equalsIgnoreCase("self")) {
            return false;
        }
        if (subjectCodeSource.getPrincipals() == null) {
            return true;
        }
        Iterator<PolicyParser.PrincipalEntry> it = subjectCodeSource.getPrincipals().iterator();
        while (it.getHasNext()) {
            String[][] principalInfo = getPrincipalInfo(it.next(), codeSource2);
            for (int i = 0; i < principalInfo.length; i++) {
                PrivateCredentialPermission privateCredentialPermission2 = new PrivateCredentialPermission(privateCredentialPermission.getCredentialClass() + " " + principalInfo[i][0] + " \"" + principalInfo[i][1] + "\"", "read");
                if (debug != null) {
                    debug.println("adding SELF permission: " + privateCredentialPermission2.toString());
                }
                permissions.add(privateCredentialPermission2);
            }
        }
        return true;
    }

    private String[][] getPrincipalInfo(PolicyParser.PrincipalEntry principalEntry, CodeSource codeSource) {
        if (!principalEntry.getPrincipalClass().equals(PolicyParser.PrincipalEntry.WILDCARD_CLASS) && !principalEntry.getPrincipalName().equals(PolicyParser.PrincipalEntry.WILDCARD_NAME)) {
            String[][] strArr = new String[1][2];
            strArr[0][0] = principalEntry.getPrincipalClass();
            strArr[0][1] = principalEntry.getPrincipalName();
            return strArr;
        }
        if (principalEntry.getPrincipalClass().equals(PolicyParser.PrincipalEntry.WILDCARD_CLASS) || !principalEntry.getPrincipalName().equals(PolicyParser.PrincipalEntry.WILDCARD_NAME)) {
            Set<Principal> principals = ((SubjectCodeSource) codeSource).getSubject().getPrincipals();
            String[][] strArr2 = new String[principals.size()][2];
            int i = 0;
            for (Principal principal : principals) {
                strArr2[i][0] = principal.getClass().getName();
                strArr2[i][1] = principal.getName();
                i++;
            }
            return strArr2;
        }
        Set<Principal> set = null;
        try {
            set = ((SubjectCodeSource) codeSource).getSubject().getPrincipals(Class.forName(principalEntry.getPrincipalClass(), false, ClassLoader.getSystemClassLoader()));
        } catch (Exception e) {
            if (debug != null) {
                debug.println("problem finding Principal Class when expanding SELF permission: " + e.toString());
            }
        }
        if (set == null) {
            return new String[0][0];
        }
        String[][] strArr3 = new String[set.size()][2];
        int i2 = 0;
        for (Principal principal2 : set) {
            strArr3[i2][0] = principal2.getClass().getName();
            strArr3[i2][1] = principal2.getName();
            i2++;
        }
        return strArr3;
    }

    Certificate[] getSignerCertificates(CodeSource codeSource) {
        Certificate[] certificates = codeSource.getCertificates();
        if (certificates == null) {
            return null;
        }
        for (Certificate certificate : certificates) {
            if (!(certificate instanceof X509Certificate)) {
                return codeSource.getCertificates();
            }
        }
        int i = 0;
        int i2 = 0;
        while (i < certificates.length) {
            i2++;
            while (i + 1 < certificates.length && ((X509Certificate) certificates[i]).getIssuerDN().equals(((X509Certificate) certificates[i + 1]).getSubjectDN())) {
                i++;
            }
            i++;
        }
        if (i2 == certificates.length) {
            return certificates;
        }
        ArrayList arrayList = new ArrayList();
        int i3 = 0;
        while (i3 < certificates.length) {
            arrayList.add(certificates[i3]);
            while (i3 + 1 < certificates.length && ((X509Certificate) certificates[i3]).getIssuerDN().equals(((X509Certificate) certificates[i3 + 1]).getSubjectDN())) {
                i3++;
            }
            i3++;
        }
        Certificate[] certificateArr = new Certificate[arrayList.size()];
        arrayList.toArray(certificateArr);
        return certificateArr;
    }

    private CodeSource canonicalizeCodebase(CodeSource codeSource, boolean z) {
        String canonicalPath;
        CodeSource codeSource2 = codeSource;
        if (codeSource.getLocation() != null && codeSource.getLocation().getProtocol().equalsIgnoreCase("file")) {
            try {
                String replace = codeSource.getLocation().getFile().replace('/', File.separatorChar);
                if (replace.endsWith("*")) {
                    String substring = replace.substring(0, replace.length() - 1);
                    boolean z2 = false;
                    if (substring.endsWith(File.separator)) {
                        z2 = true;
                    }
                    if (substring.equals("")) {
                        substring = System.getProperty("user.dir");
                    }
                    File file = new File(substring);
                    String canonicalPath2 = file.getCanonicalPath();
                    StringBuffer stringBuffer = new StringBuffer(canonicalPath2);
                    if (!canonicalPath2.endsWith(File.separator) && (z2 || file.isDirectory())) {
                        stringBuffer.append(File.separatorChar);
                    }
                    stringBuffer.append('*');
                    canonicalPath = stringBuffer.toString();
                } else {
                    canonicalPath = new File(replace).getCanonicalPath();
                }
                URL url = new File(canonicalPath).toURL();
                if (codeSource instanceof SubjectCodeSource) {
                    SubjectCodeSource subjectCodeSource = (SubjectCodeSource) codeSource;
                    codeSource2 = z ? new SubjectCodeSource(subjectCodeSource.getSubject(), subjectCodeSource.getPrincipals(), url, getSignerCertificates(subjectCodeSource)) : new SubjectCodeSource(subjectCodeSource.getSubject(), subjectCodeSource.getPrincipals(), url, subjectCodeSource.getCertificates());
                } else {
                    codeSource2 = z ? new CodeSource(url, getSignerCertificates(codeSource)) : new CodeSource(url, codeSource.getCertificates());
                }
            } catch (IOException e) {
                if (z) {
                    if (codeSource instanceof SubjectCodeSource) {
                        SubjectCodeSource subjectCodeSource2 = (SubjectCodeSource) codeSource;
                        codeSource2 = new SubjectCodeSource(subjectCodeSource2.getSubject(), subjectCodeSource2.getPrincipals(), subjectCodeSource2.getLocation(), getSignerCertificates(subjectCodeSource2));
                    } else {
                        codeSource2 = new CodeSource(codeSource.getLocation(), getSignerCertificates(codeSource));
                    }
                }
            }
        } else if (z) {
            if (codeSource instanceof SubjectCodeSource) {
                SubjectCodeSource subjectCodeSource3 = (SubjectCodeSource) codeSource;
                codeSource2 = new SubjectCodeSource(subjectCodeSource3.getSubject(), subjectCodeSource3.getPrincipals(), subjectCodeSource3.getLocation(), getSignerCertificates(subjectCodeSource3));
            } else {
                codeSource2 = new CodeSource(codeSource.getLocation(), getSignerCertificates(codeSource));
            }
        }
        return codeSource2;
    }
}
