package com.ibm.aglets.security;

import com.ibm.aglets.AgletRuntime;
import com.ibm.awb.misc.MalformedURIPatternException;
import com.ibm.awb.misc.URIPattern;
import java.net.URL;
import java.security.AccessController;
import java.security.CodeSource;
import java.security.Permissions;
import java.security.PrivilegedAction;
import java.security.cert.Certificate;
import java.util.Enumeration;
import java.util.StringTokenizer;
import java.util.Vector;

/* loaded from: input_file:lib/aglets-2.0.2.jar:com/ibm/aglets/security/PolicyGrant.class */
public class PolicyGrant {
    private static final String QUOTE = String.valueOf('\"');
    private static final String COMMA = String.valueOf(',');
    private static final String BEGIN_BLOCK = String.valueOf('{');
    private static final String END_BLOCK = String.valueOf('}');
    private static final String TERMINATOR = String.valueOf(';');
    private static final String NAME_SEPARATOR = COMMA;
    private String _signerNames = null;
    private Vector _signers = null;
    private URIPattern _codeBase = null;
    private String _ownerNames = null;
    private Vector _owners = null;
    private Vector _permissions = new Vector();
    private static final String ANYBODY = "*";
    private static final String PROPERTY_CRLF = "line.separator";
    private static final String DEFAULT_CRLF = "\r\n";
    private static String crlf;

    public void addPermission(PolicyPermission policyPermission) {
        this._permissions.addElement(policyPermission);
    }

    public boolean equals(Vector vector, URIPattern uRIPattern, Vector vector2) {
        if (PolicyPermission.equalsSigners(vector, this._signers)) {
            return (uRIPattern == null || uRIPattern.equals(this._codeBase)) && PolicyPermission.equalsSigners(vector2, this._owners);
        }
        return false;
    }

    public URIPattern getCodeBase() {
        return this._codeBase;
    }

    public String getOwnerNames() {
        return this._ownerNames;
    }

    public Enumeration getOwners() {
        if (this._owners != null) {
            return this._owners.elements();
        }
        return null;
    }

    public Enumeration getPermissions() {
        return this._permissions.elements();
    }

    public Enumeration getPermissions(String str) {
        Vector vector = new Vector();
        int size = this._permissions.size();
        for (int i = 0; i < size; i++) {
            Object elementAt = this._permissions.elementAt(i);
            if (elementAt instanceof PolicyPermission) {
                PolicyPermission policyPermission = (PolicyPermission) elementAt;
                if (policyPermission.equalsClassName(str)) {
                    vector.addElement(policyPermission);
                }
            }
        }
        return vector.elements();
    }

    public Permissions getPermissions(CodeSource codeSource) {
        int size;
        if (codeSource == null) {
            return null;
        }
        URL location = codeSource.getLocation();
        Certificate[] certificates = codeSource.getCertificates();
        if (!isCodeBase(location) || !isOwnedByAndSignedBy(certificates) || (size = this._permissions.size()) == 0) {
            return null;
        }
        Permissions permissions = new Permissions();
        for (int i = 0; i < size; i++) {
            Object elementAt = this._permissions.elementAt(i);
            if (elementAt instanceof PolicyPermission) {
                permissions.add(((PolicyPermission) elementAt).getPermission());
            }
        }
        return permissions;
    }

    public String getSignerNames() {
        return this._signerNames;
    }

    public Enumeration getSigners() {
        if (this._signers != null) {
            return this._signers.elements();
        }
        return null;
    }

    private final String getUsername(Certificate certificate) {
        String str = null;
        try {
            str = (String) AccessController.doPrivileged(new PrivilegedAction(this, certificate) { // from class: com.ibm.aglets.security.PolicyGrant.1
                private final Certificate val$fCert;
                private final PolicyGrant this$0;

                {
                    this.this$0 = this;
                    this.val$fCert = certificate;
                }

                @Override // java.security.PrivilegedAction
                public Object run() {
                    return AgletRuntime.getCertificateAlias(this.val$fCert);
                }
            });
        } catch (Exception e) {
            e.printStackTrace();
        }
        return str;
    }

    protected boolean isCodeBase(URL url) {
        URIPattern uRIPattern = this._codeBase;
        if (this._codeBase == null) {
            return true;
        }
        return ((Boolean) AccessController.doPrivileged(new PrivilegedAction(this, uRIPattern, url) { // from class: com.ibm.aglets.security.PolicyGrant.2
            private final URIPattern val$myCB;
            private final URL val$cb;
            private final PolicyGrant this$0;

            {
                this.this$0 = this;
                this.val$myCB = uRIPattern;
                this.val$cb = url;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return this.val$myCB == null ? new Boolean(true) : new Boolean(this.val$myCB.isMatch(this.val$cb));
            }
        })).booleanValue();
    }

    protected boolean isOwnedBy(Certificate certificate) {
        String username;
        if (this._owners == null || this._owners.size() == 0) {
            return true;
        }
        if (certificate == null || (username = getUsername(certificate)) == null || username.equals("")) {
            return false;
        }
        int size = this._owners.size();
        for (int i = 0; i < size; i++) {
            Object elementAt = this._owners.elementAt(i);
            if ((elementAt instanceof String) && username.equals((String) elementAt)) {
                return true;
            }
        }
        return false;
    }

    protected boolean isOwnedByAndSignedBy(Certificate[] certificateArr) {
        Certificate certificate = null;
        if (certificateArr != null) {
            certificate = certificateArr[0];
        }
        return isOwnedBy(certificate);
    }

    private final boolean isRegisteredUser(String str) {
        return AgletRuntime.getRegisteredCertificate(str) != null;
    }

    protected boolean isSignedBy(Certificate[] certificateArr) {
        if (this._signers == null || this._signers.size() == 0) {
            return true;
        }
        if (certificateArr == null || certificateArr.length == 0) {
            return false;
        }
        int size = this._signers.size();
        for (int i = 0; i < size; i++) {
            Object elementAt = this._signers.elementAt(i);
            if ((elementAt instanceof String) && !isSignedBy((String) elementAt, certificateArr)) {
                return false;
            }
        }
        return true;
    }

    protected boolean isSignedBy(String str, Certificate[] certificateArr) {
        if (str == null || str.equals("")) {
            return true;
        }
        if (certificateArr == null || certificateArr.length == 0) {
            return false;
        }
        for (Certificate certificate : certificateArr) {
            if (str.equals(getUsername(certificate))) {
                return true;
            }
        }
        return false;
    }

    public void setCodeBase(String str) throws MalformedURIPatternException {
        this._codeBase = new URIPattern(str);
    }

    public void setCodeBase(URL url) throws MalformedURIPatternException {
        this._codeBase = new URIPattern(url);
    }

    public void setOwnerNames(String str) {
        Vector vector = null;
        StringBuffer stringBuffer = null;
        if (str != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(str, NAME_SEPARATOR);
            while (stringTokenizer.hasMoreTokens()) {
                String trim = stringTokenizer.nextToken().trim();
                if ("".equals(trim) || "*".equals(trim)) {
                    this._owners = null;
                    this._ownerNames = "*";
                    return;
                } else if (isRegisteredUser(trim)) {
                    if (vector == null) {
                        vector = new Vector();
                    }
                    if (stringBuffer == null) {
                        stringBuffer = new StringBuffer();
                    } else {
                        stringBuffer.append(NAME_SEPARATOR);
                    }
                    vector.addElement(trim);
                    stringBuffer.append(trim);
                } else {
                    System.err.println(new StringBuffer().append("Unknown owner name '").append(trim).append("' is specified in aglets policy file. Ignore the owner name.").toString());
                }
            }
        }
        this._owners = vector;
        if (stringBuffer == null) {
            this._ownerNames = null;
        } else {
            this._ownerNames = stringBuffer.toString();
        }
    }

    public void setSignerNames(String str) {
        Vector vector = null;
        StringBuffer stringBuffer = null;
        if (str != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(str, NAME_SEPARATOR);
            while (stringTokenizer.hasMoreTokens()) {
                String trim = stringTokenizer.nextToken().trim();
                if ("".equals(trim) || "*".equals(trim)) {
                    this._signers = null;
                    this._signerNames = "*";
                    return;
                } else if (isRegisteredUser(trim)) {
                    if (vector == null) {
                        vector = new Vector();
                    }
                    if (stringBuffer == null) {
                        stringBuffer = new StringBuffer();
                    } else {
                        stringBuffer.append(NAME_SEPARATOR);
                    }
                    vector.addElement(trim);
                    stringBuffer.append(trim);
                } else {
                    System.err.println(new StringBuffer().append("Unknown signer name '").append(trim).append("' is specified in aglets policy file. Ignore the signer name.").toString());
                }
            }
        }
        this._signers = vector;
        if (stringBuffer == null) {
            this._signerNames = null;
        } else {
            this._signerNames = stringBuffer.toString();
        }
    }

    public String toString() {
        Vector vector = toVector();
        String str = "";
        int size = vector.size();
        for (int i = 0; i < size; i++) {
            str = new StringBuffer().append(str).append((String) vector.elementAt(i)).append(crlf).toString();
        }
        return str;
    }

    public Vector toVector() {
        Vector vector = new Vector();
        String str = "grant";
        if (this._signerNames != null && !this._signerNames.equals("")) {
            str = new StringBuffer().append(str).append(" signedBy ").append(QUOTE).append(this._signerNames).append(QUOTE).toString();
        }
        if (this._codeBase != null) {
            if (this._signerNames != null) {
                str = new StringBuffer().append(str).append(COMMA).toString();
            }
            str = new StringBuffer().append(str).append(" codeBase ").append(QUOTE).append(this._codeBase.toString()).append(QUOTE).toString();
        }
        if (this._ownerNames != null && !this._ownerNames.equals("")) {
            if (this._signerNames != null || this._codeBase != null) {
                str = new StringBuffer().append(str).append(COMMA).toString();
            }
            str = new StringBuffer().append(str).append(" ownedBy ").append(QUOTE).append(this._ownerNames).append(QUOTE).toString();
        }
        vector.addElement(new StringBuffer().append(str).append(" ").append(BEGIN_BLOCK).toString());
        int size = this._permissions.size();
        for (int i = 0; i < size; i++) {
            vector.addElement(new StringBuffer().append("  ").append(this._permissions.elementAt(i).toString()).toString());
        }
        vector.addElement(new StringBuffer().append(END_BLOCK).append(TERMINATOR).toString());
        return vector;
    }

    static {
        crlf = null;
        crlf = PolicyImpl.getSystemProperty(PROPERTY_CRLF, "\r\n");
    }
}
