package com.ibm.aglets.security;

import com.ibm.awb.misc.FileUtils;
import com.ibm.awb.misc.URIPattern;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FilePermission;
import java.io.FileWriter;
import java.io.IOException;
import java.net.URL;
import java.security.AccessController;
import java.security.AllPermission;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.security.Policy;
import java.security.PrivilegedAction;
import java.util.Enumeration;
import java.util.StringTokenizer;
import java.util.Vector;

/* loaded from: input_file:lib/aglets-2.0.2.jar:com/ibm/aglets/security/PolicyImpl.class */
public class PolicyImpl extends Policy {
    private Permissions _systemPermissions = null;
    private Permissions _appPermissions = null;
    private Permissions _untrustedPermissions = new Permissions();
    private PolicyDB _policyDB = null;
    private static final char CHAR_DOT = '.';
    private static final String PROPERTY_JAVA_CLASS_PATH = "java.class.path";
    private static final String JAVA_CLASS_PATH = getSystemProperty(PROPERTY_JAVA_CLASS_PATH, "");
    private static final String PROPERTY_AGLETS_CLASS_PATH = "aglets.class.path";
    private static final String AGLETS_CLASS_PATH = getSystemProperty(PROPERTY_AGLETS_CLASS_PATH, "");
    private static final String PROPERTY_USER_DIRECTORY = "user.dir";
    private static final String USER_DIRECTORY = getSystemProperty(PROPERTY_USER_DIRECTORY);
    private static final String PROPERTY_AGLETS_HOME = "aglets.home";
    private static final String AGLETS_HOME = getSystemProperty(PROPERTY_AGLETS_HOME);
    private static final String PROPERTY_JAVA_HOME = "java.home";
    private static final String JAVA_HOME = getSystemProperty(PROPERTY_JAVA_HOME);
    private static final String SEP = File.separator;
    private static final char SEPCHAR = File.separatorChar;
    private static final String PATH_SEPARATORS = new StringBuffer().append(" ").append(File.pathSeparator).toString();
    private static final String STRING_DOT = String.valueOf('.');
    private static final String CURRENT_DIRECTORY = STRING_DOT;
    private static final String[] defaultAgletsPolicy = {"//", "// Aglets Security Policy File", "//", "// This file should be placed on", "//      {user.home}/.aglets/security/aglets.policy", "//", "// ------------------------------------------------------------", "// If you wish to specify a backslash character ('\\'),", "// in the policy file (e.g. \"C:\\tmp\\ASDK\")", "// use double backslashes \"\\\\\".", "// For example,", "//   permission java.io.FilePermission \"C:\\\\tmp\\\\ASDK\", \"read\";", "// But you can substitute a slash character ('/') for backslash like this:", "//   permission java.io.FilePermission \"C:/tmp/ASDK\", \"read\";", "// ------------------------------------------------------------", "//", "//", "// ------------------------------------------------------------", "// sample", "// ------------------------------------------------------------", "//", "grant", " // codeBase \"atp://host.foo.bar:4434/-\"", " // codeBase \"atp://*.ibm.com:>=1024/\"", " // codeBase \"atp://*.ibm.com:2000-3000/\"", " // codeBase \"*://*:*/\"", " codeBase \"atp://*:*/\"", " // , signedBy \"onono,moshima\" /* code is signed by onono and moshima */", " // , ownedBy \"kosaka,mima\" /* the aglet is created by kosaka or mima */", "{", "  // aglet protections", "  protection com.ibm.aglet.security.AgletProtection", "    \"*\", \"dispatch,dispose,deactivate,activate,clone,retract\";", "", "  // message protections", "  protection com.ibm.aglet.security.MessageProtection", "    \"*\", \"*\";", "", "  // aglet", "  permission com.ibm.aglets.security.AgletPermission", "    \"*\", \"dispatch,dispose,deactivate,activate,clone,retract\";", "", "  // messages", "  permission com.ibm.aglets.security.MessagePermission", "    \"*\", \"*\";", "", "  // aglet context", "  permission com.ibm.aglets.security.ContextPermission", "    \"*\", \"multicast,subscribe\";", "  permission com.ibm.aglets.security.ContextPermission", "    \"*\", \"create,receive,retract\";", "  permission com.ibm.aglets.security.ContextPermission", "    \"property.*\", \"read,write\";", "", "  // runtime", "  permission java.lang.RuntimePermission", "    \"createClassLoader\";", "  permission java.lang.RuntimePermission", "    \"accessClassInPackage.java.*\";", "  permission java.lang.RuntimePermission", "    \"accessClassInPackage.com.ibm.aglets.util.*\";", "  permission java.lang.RuntimePermission", "    \"accessClassInPackage.com.ibm.aglets.AgletProxyImpl\";", "  permission java.lang.RuntimePermission", "    \"accessClassInPackage.com.ibm.aglet.*\";", "  permission java.lang.RuntimePermission", "    \"loadLibrary.JdbcOdbc\";         // for JDBC/ODBC", "  permission java.lang.RuntimePermission", "    \"accessClassInPackage.sun.jdbc.odbc\"; // for JDBC/ODBC", "", "  // window", "  permission java.awt.AWTPermission \"showWindowWithoutWarningBanner\";", "", "  // property", "  permission java.util.PropertyPermission \"awt.*\", \"read\";", "  permission java.util.PropertyPermission \"hotjava.*\", \"read\";", "  permission java.util.PropertyPermission \"apple.*\", \"read\";", "  permission java.util.PropertyPermission \"file.*\", \"read\";", "  permission java.util.PropertyPermission \"line.separator\", \"read\";", "  permission java.util.PropertyPermission \"path.separator\", \"read\";", "  permission java.util.PropertyPermission \"http.maxConnections\", \"read\";", "  permission java.util.PropertyPermission \"user.timezone\", \"read\";", "  permission java.util.PropertyPermission \"socksProxyHost\", \"read\";", "  permission java.util.PropertyPermission \"socksProxyPort\", \"read\";", "  // for JDBC/ODBC", "  permission java.util.PropertyPermission \"browser\", \"read\";", "  // for RMI", "  permission java.util.PropertyPermission \"java.rmi.*\", \"read\";", "  permission java.util.PropertyPermission \"sun.rmi.*\", \"read\";", "  permission java.util.PropertyPermission \"http.proxyHost\", \"read\";", "  permission java.util.PropertyPermission \"proxyHost\", \"read\";", "  // for examples.patterns.Finger, examples.patterns.Writer", "  permission java.util.PropertyPermission \"user.*\", \"read\";", "  permission java.util.PropertyPermission \"os.*\", \"read\";", "  permission java.util.PropertyPermission \"java.*\", \"read\";", "", "  // socket", "  permission java.net.SocketPermission \"localhost:*\", \"listen,resolve\";", "  permission java.net.SocketPermission \"codebase:*\", \"connect\";", "", "  // file", "  permission java.io.FilePermission \"codebase\", \"read\";", "};", "", "grant", " codeBase \"http://*:*/\"", "{", "  // aglet protections", "  protection com.ibm.aglet.security.AgletProtection", "    \"*\", \"dispatch,dispose,deactivate,activate,clone,retract\";", "", "  // message protections", "  protection com.ibm.aglet.security.MessageProtection", "    \"*\", \"*\";", "", "  // aglet", "  permission com.ibm.aglets.security.AgletPermission", "    \"*\", \"dispatch,dispose,deactivate,activate,clone,retract\";", "", "  // messages", "  permission com.ibm.aglets.security.MessagePermission", "    \"*\", \"*\";", "", "  // aglet context", "  permission com.ibm.aglets.security.ContextPermission", "    \"*\", \"multicast,subscribe\";", "  permission com.ibm.aglets.security.ContextPermission", "    \"*\", \"create,receive,retract\";", "  permission com.ibm.aglets.security.ContextPermission", "    \"property.*\", \"read,write\";", "", "  // runtime", "  permission java.lang.RuntimePermission", "    \"createClassLoader\";", "  permission java.lang.RuntimePermission", "    \"accessClassInPackage.java.*\";", "  permission java.lang.RuntimePermission", "    \"accessClassInPackage.com.ibm.aglets.util.*\";", "  permission java.lang.RuntimePermission", "    \"accessClassInPackage.com.ibm.aglets.AgletProxyImpl\";", "  permission java.lang.RuntimePermission", "    \"accessClassInPackage.com.ibm.aglet.*\";", "  permission java.lang.RuntimePermission", "    \"loadLibrary.JdbcOdbc\";         // for JDBC/ODBC", "  permission java.lang.RuntimePermission", "    \"accessClassInPackage.sun.jdbc.odbc\"; // for JDBC/ODBC", "", "  // window", "  permission java.awt.AWTPermission \"showWindowWithoutWarningBanner\";", "", "  // property", "  permission java.util.PropertyPermission \"awt.*\", \"read\";", "  permission java.util.PropertyPermission \"hotjava.*\", \"read\";", "  permission java.util.PropertyPermission \"apple.*\", \"read\";", "  permission java.util.PropertyPermission \"file.*\", \"read\";", "  permission java.util.PropertyPermission \"line.separator\", \"read\";", "  permission java.util.PropertyPermission \"path.separator\", \"read\";", "  permission java.util.PropertyPermission \"http.maxConnections\", \"read\";", "  permission java.util.PropertyPermission \"user.timezone\", \"read\";", "  permission java.util.PropertyPermission \"socksProxyHost\", \"read\";", "  permission java.util.PropertyPermission \"socksProxyPort\", \"read\";", "  // for JDBC/ODBC", "  permission java.util.PropertyPermission \"browser\", \"read\";", "  // for RMI", "  permission java.util.PropertyPermission \"java.rmi.*\", \"read\";", "  permission java.util.PropertyPermission \"sun.rmi.*\", \"read\";", "  permission java.util.PropertyPermission \"http.proxyHost\", \"read\";", "  permission java.util.PropertyPermission \"proxyHost\", \"read\";", "  // for examples.patterns.Finger, examples.patterns.Writer", "  permission java.util.PropertyPermission \"user.*\", \"read\";", "  permission java.util.PropertyPermission \"os.*\", \"read\";", "  permission java.util.PropertyPermission \"java.*\", \"read\";", "", "  // socket", "  permission java.net.SocketPermission \"localhost:*\", \"listen,resolve\";", "  permission java.net.SocketPermission \"codebase:*\", \"connect\";", "", "  // file", "  permission java.io.FilePermission \"codebase\", \"read\";", "};", "", "grant", " codeBase \"file:///-/\"", "{", "  // aglet protections", "  protection com.ibm.aglet.security.AgletProtection", "    \"*\", \"dispatch,dispose,deactivate,activate,clone,retract\";", "", "  // message protections", "  protection com.ibm.aglet.security.MessageProtection", "    \"*\", \"*\";", "", "  // can do anything", "  permission java.security.AllPermission \"*\", \"*\";", "};"};

    public PolicyImpl() {
        refresh();
    }

    private void addAppClassPath() {
        addClassPath(JAVA_CLASS_PATH);
        addClassPath(AGLETS_CLASS_PATH);
    }

    private void addAppPermission(Permission permission) {
        if (this._appPermissions == null) {
            this._appPermissions = new Permissions();
        }
        this._appPermissions.add(permission);
    }

    private void addClassPath(String[] strArr) {
        if (strArr == null) {
            return;
        }
        for (String str : strArr) {
            String canonicalFilename = URIPattern.canonicalFilename(str);
            if (new File(canonicalFilename).isDirectory()) {
                canonicalFilename = canonicalFilename.charAt(canonicalFilename.length() - 1) != SEPCHAR ? new StringBuffer().append(canonicalFilename).append(SEP).append("-").toString() : new StringBuffer().append(canonicalFilename).append("-").toString();
            }
            addAppPermission(new FilePermission(canonicalFilename, "read"));
        }
    }

    private void addClassPath(String str) {
        if (str == null) {
            return;
        }
        addClassPath(strToPathList(str));
    }

    private void addClassPath(Enumeration enumeration) {
        if (enumeration == null) {
            return;
        }
        while (enumeration.hasMoreElements()) {
            String str = (String) enumeration.nextElement();
            if (CURRENT_DIRECTORY.equals(str)) {
                str = USER_DIRECTORY;
            }
            String canonicalFilename = URIPattern.canonicalFilename(str);
            if (new File(canonicalFilename).isDirectory()) {
                canonicalFilename = canonicalFilename.charAt(canonicalFilename.length() - 1) != SEPCHAR ? new StringBuffer().append(canonicalFilename).append(SEP).append("-").toString() : new StringBuffer().append(canonicalFilename).append("-").toString();
            }
            addAppPermission(new FilePermission(canonicalFilename, "read"));
        }
    }

    private void addSystemPermission(Permission permission) {
        if (this._systemPermissions == null) {
            this._systemPermissions = new Permissions();
        }
        this._systemPermissions.add(permission);
    }

    private void checkAgletsPolicyFile() {
        checkAgletsPolicyFile(PolicyFileReader.getUserPolicyFilename());
    }

    private void checkAgletsPolicyFile(String str) {
        File file = new File(str);
        if (file == null || !file.exists()) {
            System.out.println("Aglets Policy File does not exist.");
            makeDefaultAgletsPolicyFile(str);
            System.out.println("Aglets Policy File is created.");
        }
        int lastIndexOf = str.lastIndexOf(SEP);
        String stringBuffer = new StringBuffer().append(lastIndexOf >= 0 ? str.substring(0, lastIndexOf) : "").append(SEP).append("sample.policy").toString();
        File file2 = new File(stringBuffer);
        if (file2 == null || !file2.exists()) {
            makeDefaultAgletsPolicyFile(stringBuffer);
        }
    }

    @Override // java.security.Policy
    public PermissionCollection getPermissions(CodeSource codeSource) {
        return this._policyDB == null ? this._untrustedPermissions : this._policyDB.getPermissions(codeSource);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final String getSystemProperty(String str) {
        String str2 = null;
        try {
            str2 = (String) AccessController.doPrivileged(new PrivilegedAction(str) { // from class: com.ibm.aglets.security.PolicyImpl.1
                private final String val$fkey;

                {
                    this.val$fkey = str;
                }

                @Override // java.security.PrivilegedAction
                public Object run() {
                    return System.getProperty(this.val$fkey);
                }
            });
        } catch (Exception e) {
            e.printStackTrace();
        }
        return str2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final String getSystemProperty(String str, String str2) {
        String str3 = null;
        try {
            str3 = (String) AccessController.doPrivileged(new PrivilegedAction(str, str2) { // from class: com.ibm.aglets.security.PolicyImpl.2
                private final String val$fkey;
                private final String val$defval;

                {
                    this.val$fkey = str;
                    this.val$defval = str2;
                }

                @Override // java.security.PrivilegedAction
                public Object run() {
                    return System.getProperty(this.val$fkey, this.val$defval);
                }
            });
        } catch (Exception e) {
            e.printStackTrace();
        }
        return str3;
    }

    private void initAppPermissions() {
        this._appPermissions = new Permissions();
        addAppPermission(new AllPermission());
    }

    private void initSystemPermissions() {
        this._systemPermissions = new Permissions();
        addSystemPermission(new AllPermission());
    }

    private void makeAgletsPolicyFile(FileWriter fileWriter, String[] strArr) throws IOException {
        BufferedWriter bufferedWriter = new BufferedWriter(fileWriter);
        for (String str : strArr) {
            writeLine(bufferedWriter, str);
        }
        bufferedWriter.close();
    }

    private void makeDefaultAgletsPolicyFile(FileWriter fileWriter) throws IOException {
        makeAgletsPolicyFile(fileWriter, defaultAgletsPolicy);
    }

    private void makeDefaultAgletsPolicyFile(String str) {
        try {
            if (FileUtils.ensureDirectory(str)) {
                makeDefaultAgletsPolicyFile(new FileWriter(str));
            } else {
                System.out.println("Aglets Policy File initialization failed.");
            }
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    @Override // java.security.Policy
    public void refresh() {
        initSystemPermissions();
        initAppPermissions();
        checkAgletsPolicyFile();
        this._policyDB = PolicyFileReader.getAllPolicyDB();
    }

    public void setPublicRoot(String str) {
        this._policyDB.setPublicRoot(str);
    }

    public void setSystemCodeBase(String str) {
        this._policyDB.setSystemCodeBase(str);
    }

    public void setSystemCodeBase(URL url) {
        this._policyDB.setSystemCodeBase(url);
    }

    private static final String[] strToPathList(String str) {
        if (str == null) {
            return null;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str, PATH_SEPARATORS);
        Vector vector = new Vector();
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            if (CURRENT_DIRECTORY.equals(nextToken)) {
                nextToken = USER_DIRECTORY;
            }
            if (nextToken != null && !nextToken.equals("")) {
                vector.addElement(nextToken);
            }
        }
        int size = vector.size();
        String[] strArr = new String[size];
        int i = 0;
        for (int i2 = 0; i2 < size; i2++) {
            Object elementAt = vector.elementAt(i2);
            if (elementAt instanceof String) {
                strArr[i] = (String) elementAt;
                i++;
            }
        }
        return strArr;
    }

    private void writeLine(BufferedWriter bufferedWriter, String str) throws IOException {
        if (bufferedWriter == null) {
            throw new IOException("no BufferedWriter");
        }
        bufferedWriter.write(str);
        bufferedWriter.newLine();
    }
}
