package net.jini.security;

import com.sun.jini.collection.WeakIdentityMap;
import com.sun.jini.logging.Levels;
import com.sun.jini.resource.Service;
import java.lang.ref.SoftReference;
import java.net.MalformedURLException;
import java.net.URL;
import java.rmi.RemoteException;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.DomainCombiner;
import java.security.Permission;
import java.security.Policy;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.ProtectionDomain;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.WeakHashMap;
import java.util.logging.Level;
import java.util.logging.LogRecord;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import net.jini.security.TrustVerifier;
import net.jini.security.policy.DynamicPolicy;
import net.jini.security.policy.SecurityContextSource;

/* JADX WARN: Classes with same name are omitted:
  input_file:lib/ptolemy.jar:ptolemy/distributed/jini/jar/jini-ext.jar:net/jini/security/Security.class
 */
/* loaded from: input_file:lib/ptolemy.jar:ptolemy/distributed/jini/jar/jsk-platform.jar:net/jini/security/Security.class */
public final class Security {
    private static final Logger trustLogger = Logger.getLogger("net.jini.security.trust");
    private static final Logger integrityLogger = Logger.getLogger("net.jini.security.integrity");
    private static final Logger policyLogger = Logger.getLogger("net.jini.security.policy");
    private static Map pathToURLsCache = new WeakHashMap(5);
    private static final WeakIdentityMap integrityMap = new WeakIdentityMap();
    private static final ClassContextAccess ctxAccess = (ClassContextAccess) AccessController.doPrivileged(new PrivilegedAction() { // from class: net.jini.security.Security.1
        @Override // java.security.PrivilegedAction
        public Object run() {
            return new ClassContextAccess(null);
        }
    });
    static Class class$net$jini$security$Security;
    static Class class$net$jini$security$IntegrityVerifier;
    static Class class$net$jini$security$TrustVerifier;

    /* JADX WARN: Classes with same name are omitted:
      input_file:lib/ptolemy.jar:ptolemy/distributed/jini/jar/jini-ext.jar:net/jini/security/Security$ClassContextAccess.class
     */
    /* loaded from: input_file:lib/ptolemy.jar:ptolemy/distributed/jini/jar/jsk-platform.jar:net/jini/security/Security$ClassContextAccess.class */
    private static class ClassContextAccess extends SecurityManager {
        private ClassContextAccess() {
        }

        Class getCaller() {
            return getClassContext()[2];
        }

        ClassContextAccess(AnonymousClass1 anonymousClass1) {
            this();
        }
    }

    /* JADX WARN: Classes with same name are omitted:
      input_file:lib/ptolemy.jar:ptolemy/distributed/jini/jar/jini-ext.jar:net/jini/security/Security$Context.class
     */
    /* loaded from: input_file:lib/ptolemy.jar:ptolemy/distributed/jini/jar/jsk-platform.jar:net/jini/security/Security$Context.class */
    private static class Context implements TrustVerifier.Context {
        private final TrustVerifier[] verifiers;
        private final ClassLoader cl;
        private final Collection context;
        private static final WeakIdentityMap map = new WeakIdentityMap();

        Context(ClassLoader classLoader, Collection collection) {
            SoftReference softReference;
            Class cls;
            this.cl = classLoader;
            classLoader = classLoader == null ? Thread.currentThread().getContextClassLoader() : classLoader;
            synchronized (map) {
                softReference = (SoftReference) map.get(classLoader);
            }
            TrustVerifier[] trustVerifierArr = softReference != null ? (TrustVerifier[]) softReference.get() : null;
            if (trustVerifierArr == null) {
                ArrayList arrayList = new ArrayList(1);
                AccessController.doPrivileged(new PrivilegedAction(this, classLoader, arrayList) { // from class: net.jini.security.Security.8
                    private final ClassLoader val$scl;
                    private final ArrayList val$list;
                    private final Context this$0;

                    {
                        this.this$0 = this;
                        this.val$scl = classLoader;
                        this.val$list = arrayList;
                    }

                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        Class cls2;
                        if (Security.class$net$jini$security$TrustVerifier == null) {
                            cls2 = Security.class$("net.jini.security.TrustVerifier");
                            Security.class$net$jini$security$TrustVerifier = cls2;
                        } else {
                            cls2 = Security.class$net$jini$security$TrustVerifier;
                        }
                        Iterator providers = Service.providers(cls2, this.val$scl);
                        while (providers.hasNext()) {
                            this.val$list.add(providers.next());
                        }
                        return null;
                    }
                });
                if (Security.trustLogger.isLoggable(Level.FINE)) {
                    Logger logger = Security.trustLogger;
                    Level level = Level.FINE;
                    if (Security.class$net$jini$security$Security == null) {
                        cls = Security.class$("net.jini.security.Security");
                        Security.class$net$jini$security$Security = cls;
                    } else {
                        cls = Security.class$net$jini$security$Security;
                    }
                    logger.logp(level, cls.getName(), "verifyObjectTrust", "trust verifiers {0}", arrayList);
                }
                trustVerifierArr = (TrustVerifier[]) arrayList.toArray(new TrustVerifier[arrayList.size()]);
                synchronized (map) {
                    map.put(classLoader, new SoftReference(trustVerifierArr));
                }
            }
            this.verifiers = trustVerifierArr;
            this.context = collection;
        }

        @Override // net.jini.security.TrustVerifier.Context
        public boolean isTrustedObject(Object obj) throws RemoteException {
            if (obj == null) {
                return true;
            }
            Exception exc = null;
            for (int i = 0; i < this.verifiers.length; i++) {
                try {
                } catch (Exception e) {
                    boolean z = (e instanceof RuntimeException) && !(e instanceof SecurityException);
                    Level level = z ? Levels.FAILED : Levels.HANDLED;
                    if (Security.trustLogger.isLoggable(level)) {
                        Security.logThrow(Security.trustLogger, level, getClass().getName(), "isTrustedObject", "{0} checking {1} throws", new Object[]{this.verifiers[i], obj}, e);
                    }
                    if (z) {
                        throw ((RuntimeException) e);
                    }
                    exc = e;
                }
                if (this.verifiers[i].isTrustedObject(obj, this)) {
                    if (!Security.trustLogger.isLoggable(Level.FINE)) {
                        return true;
                    }
                    Security.trustLogger.log(Level.FINE, "{0} trusts {1}", new Object[]{this.verifiers[i], obj});
                    return true;
                }
                continue;
            }
            if (exc == null) {
                if (!Security.trustLogger.isLoggable(Levels.FAILED)) {
                    return false;
                }
                Security.trustLogger.log(Levels.FAILED, "no verifier trusts {0}", obj);
                return false;
            }
            if (Security.trustLogger.isLoggable(Levels.FAILED)) {
                Security.logThrow(Security.trustLogger, Levels.FAILED, getClass().getName(), "isTrustedObject", "checking {0} throws", new Object[]{obj}, exc);
            }
            if (exc instanceof RemoteException) {
                throw ((RemoteException) exc);
            }
            throw ((SecurityException) exc);
        }

        @Override // net.jini.security.TrustVerifier.Context
        public ClassLoader getClassLoader() {
            return this.cl;
        }

        @Override // net.jini.security.TrustVerifier.Context
        public Collection getCallerContext() {
            return this.context;
        }
    }

    private Security() {
    }

    public static void verifyObjectTrust(Object obj, ClassLoader classLoader, Collection collection) throws RemoteException {
        Class cls;
        if (collection == null) {
            throw new NullPointerException("collection cannot be null");
        }
        if (new Context(classLoader, collection).isTrustedObject(obj)) {
            return;
        }
        SecurityException securityException = new SecurityException(new StringBuffer().append("object is not trusted: ").append(obj).toString());
        if (trustLogger.isLoggable(Levels.FAILED)) {
            Logger logger = trustLogger;
            Level level = Levels.FAILED;
            if (class$net$jini$security$Security == null) {
                cls = class$("net.jini.security.Security");
                class$net$jini$security$Security = cls;
            } else {
                cls = class$net$jini$security$Security;
            }
            logThrow(logger, level, cls.getName(), "verifyObjectTrust", "no verifier trusts {0}", new Object[]{obj}, securityException);
        }
        throw securityException;
    }

    public static void verifyCodebaseIntegrity(String str, ClassLoader classLoader) throws MalformedURLException {
        Class cls;
        if (str == null) {
            return;
        }
        if (classLoader == null) {
            classLoader = Thread.currentThread().getContextClassLoader();
        }
        URL[] pathToURLs = pathToURLs(str);
        IntegrityVerifier[] integrityVerifiers = getIntegrityVerifiers(classLoader);
        int length = pathToURLs.length;
        while (true) {
            length--;
            if (length < 0) {
                return;
            }
            for (int i = 0; i < integrityVerifiers.length; i++) {
                if (integrityVerifiers[i].providesIntegrity(pathToURLs[length])) {
                    if (integrityLogger.isLoggable(Level.FINE)) {
                        integrityLogger.log(Level.FINE, "{0} verifies {1}", new Object[]{integrityVerifiers[i], pathToURLs[length]});
                    }
                }
            }
            SecurityException securityException = new SecurityException(new StringBuffer().append("URL does not provide integrity: ").append(pathToURLs[length]).toString());
            if (integrityLogger.isLoggable(Levels.FAILED)) {
                Logger logger = integrityLogger;
                Level level = Levels.FAILED;
                if (class$net$jini$security$Security == null) {
                    cls = class$("net.jini.security.Security");
                    class$net$jini$security$Security = cls;
                } else {
                    cls = class$net$jini$security$Security;
                }
                logThrow(logger, level, cls.getName(), "verifyCodebaseIntegrity", "no verifier verifies {0}", new Object[]{pathToURLs[length]}, securityException);
            }
            throw securityException;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void logThrow(Logger logger, Level level, String str, String str2, String str3, Object[] objArr, Throwable th) {
        LogRecord logRecord = new LogRecord(level, str3);
        logRecord.setLoggerName(logger.getName());
        logRecord.setSourceClassName(str);
        logRecord.setSourceMethodName(str2);
        logRecord.setParameters(objArr);
        logRecord.setThrown(th);
        logger.log(logRecord);
    }

    private static URL[] pathToURLs(String str) throws MalformedURLException {
        synchronized (pathToURLsCache) {
            Object[] objArr = (Object[]) pathToURLsCache.get(str);
            if (objArr != null) {
                return (URL[]) objArr[0];
            }
            StringTokenizer stringTokenizer = new StringTokenizer(str);
            URL[] urlArr = new URL[stringTokenizer.countTokens()];
            int i = 0;
            while (stringTokenizer.hasMoreTokens()) {
                urlArr[i] = new URL(stringTokenizer.nextToken());
                i++;
            }
            synchronized (pathToURLsCache) {
                pathToURLsCache.put(str, new Object[]{urlArr, new SoftReference(str)});
            }
            return urlArr;
        }
    }

    private static IntegrityVerifier[] getIntegrityVerifiers(ClassLoader classLoader) {
        SoftReference softReference;
        Class cls;
        synchronized (integrityMap) {
            softReference = (SoftReference) integrityMap.get(classLoader);
        }
        IntegrityVerifier[] integrityVerifierArr = null;
        if (softReference != null) {
            integrityVerifierArr = (IntegrityVerifier[]) softReference.get();
        }
        if (integrityVerifierArr == null) {
            ArrayList arrayList = new ArrayList(1);
            AccessController.doPrivileged(new PrivilegedAction(classLoader, arrayList) { // from class: net.jini.security.Security.2
                private final ClassLoader val$cl;
                private final ArrayList val$list;

                {
                    this.val$cl = classLoader;
                    this.val$list = arrayList;
                }

                @Override // java.security.PrivilegedAction
                public Object run() {
                    Class cls2;
                    if (Security.class$net$jini$security$IntegrityVerifier == null) {
                        cls2 = Security.class$("net.jini.security.IntegrityVerifier");
                        Security.class$net$jini$security$IntegrityVerifier = cls2;
                    } else {
                        cls2 = Security.class$net$jini$security$IntegrityVerifier;
                    }
                    Iterator providers = Service.providers(cls2, this.val$cl);
                    while (providers.hasNext()) {
                        this.val$list.add(providers.next());
                    }
                    return null;
                }
            });
            if (integrityLogger.isLoggable(Level.FINE)) {
                Logger logger = integrityLogger;
                Level level = Level.FINE;
                if (class$net$jini$security$Security == null) {
                    cls = class$("net.jini.security.Security");
                    class$net$jini$security$Security = cls;
                } else {
                    cls = class$net$jini$security$Security;
                }
                logger.logp(level, cls.getName(), "verifyCodebaseIntegrity", "integrity verifiers {0}", new Object[]{arrayList});
            }
            integrityVerifierArr = (IntegrityVerifier[]) arrayList.toArray(new IntegrityVerifier[arrayList.size()]);
            synchronized (integrityMap) {
                integrityMap.put(classLoader, new SoftReference(integrityVerifierArr));
            }
        }
        return integrityVerifierArr;
    }

    public static SecurityContext getContext() {
        Object securityManager = System.getSecurityManager();
        if (securityManager instanceof SecurityContextSource) {
            return ((SecurityContextSource) securityManager).getContext();
        }
        Object policy = getPolicy();
        return policy instanceof SecurityContextSource ? ((SecurityContextSource) policy).getContext() : new SecurityContext(AccessController.getContext()) { // from class: net.jini.security.Security.3
            private final AccessControlContext val$acc;

            {
                this.val$acc = r4;
            }

            @Override // net.jini.security.SecurityContext
            public PrivilegedAction wrap(PrivilegedAction privilegedAction) {
                if (privilegedAction == null) {
                    throw new NullPointerException();
                }
                return privilegedAction;
            }

            @Override // net.jini.security.SecurityContext
            public PrivilegedExceptionAction wrap(PrivilegedExceptionAction privilegedExceptionAction) {
                if (privilegedExceptionAction == null) {
                    throw new NullPointerException();
                }
                return privilegedExceptionAction;
            }

            @Override // net.jini.security.SecurityContext
            public AccessControlContext getAccessControlContext() {
                return this.val$acc;
            }
        };
    }

    public static Object doPrivileged(PrivilegedAction privilegedAction) {
        return AccessController.doPrivileged(new PrivilegedAction(privilegedAction, ctxAccess.getCaller(), AccessController.getContext()) { // from class: net.jini.security.Security.4
            private final PrivilegedAction val$action;
            private final Class val$caller;
            private final AccessControlContext val$acc;

            {
                this.val$action = privilegedAction;
                this.val$caller = r5;
                this.val$acc = r6;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return AccessController.doPrivileged(this.val$action, Security.createPrivilegedContext(this.val$caller, this.val$acc));
            }
        });
    }

    public static Object doPrivileged(PrivilegedExceptionAction privilegedExceptionAction) throws PrivilegedActionException {
        return AccessController.doPrivileged(new PrivilegedExceptionAction(privilegedExceptionAction, ctxAccess.getCaller(), AccessController.getContext()) { // from class: net.jini.security.Security.5
            private final PrivilegedExceptionAction val$action;
            private final Class val$caller;
            private final AccessControlContext val$acc;

            {
                this.val$action = privilegedExceptionAction;
                this.val$caller = r5;
                this.val$acc = r6;
            }

            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                try {
                    return AccessController.doPrivileged(this.val$action, Security.createPrivilegedContext(this.val$caller, this.val$acc));
                } catch (PrivilegedActionException e) {
                    throw e.getException();
                }
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static AccessControlContext createPrivilegedContext(Class cls, AccessControlContext accessControlContext) {
        DomainCombiner domainCombiner = accessControlContext.getDomainCombiner();
        ProtectionDomain protectionDomain = cls.getProtectionDomain();
        ProtectionDomain[] protectionDomainArr = protectionDomain != null ? new ProtectionDomain[]{protectionDomain} : null;
        if (domainCombiner != null) {
            protectionDomainArr = domainCombiner.combine(protectionDomainArr, null);
        }
        if (protectionDomainArr == null) {
            protectionDomainArr = new ProtectionDomain[0];
        }
        return new AccessControlContext(new AccessControlContext(protectionDomainArr), domainCombiner);
    }

    public static boolean grantSupported() {
        Object policy = getPolicy();
        return (policy instanceof DynamicPolicy) && ((DynamicPolicy) policy).grantSupported();
    }

    public static void grant(Class cls, Permission[] permissionArr) {
        grant(cls, getCurrentPrincipals(), permissionArr);
    }

    public static void grant(Class cls, Principal[] principalArr, Permission[] permissionArr) {
        Object policy = getPolicy();
        if (!(policy instanceof DynamicPolicy)) {
            throw new UnsupportedOperationException("grants not supported");
        }
        ((DynamicPolicy) policy).grant(cls, principalArr, permissionArr);
        if (policyLogger.isLoggable(Level.FINER)) {
            Logger logger = policyLogger;
            Level level = Level.FINER;
            Object[] objArr = new Object[3];
            objArr[0] = permissionArr != null ? Arrays.asList(permissionArr) : null;
            objArr[1] = cls != null ? cls.getName() : null;
            objArr[2] = principalArr != null ? Arrays.asList(principalArr) : null;
            logger.log(level, "granted {0} to {1}, {2}", objArr);
        }
    }

    public static void grant(Class cls, Class cls2) {
        if (cls == null || cls2 == null) {
            throw new NullPointerException();
        }
        Object policy = getPolicy();
        if (!(policy instanceof DynamicPolicy)) {
            throw new UnsupportedOperationException("grants not supported");
        }
        DynamicPolicy dynamicPolicy = (DynamicPolicy) policy;
        Principal[] currentPrincipals = getCurrentPrincipals();
        Permission[] grantablePermissions = grantablePermissions(dynamicPolicy.getGrants(cls, currentPrincipals));
        dynamicPolicy.grant(cls2, currentPrincipals, grantablePermissions);
        if (policyLogger.isLoggable(Level.FINER)) {
            Logger logger = policyLogger;
            Level level = Level.FINER;
            Object[] objArr = new Object[4];
            objArr[0] = grantablePermissions != null ? Arrays.asList(grantablePermissions) : null;
            objArr[1] = cls.getName();
            objArr[2] = cls2.getName();
            objArr[3] = currentPrincipals != null ? Arrays.asList(currentPrincipals) : null;
            logger.log(level, "granted {0} from {1} to {2}, {3}", objArr);
        }
    }

    private static Policy getPolicy() {
        return (Policy) AccessController.doPrivileged(new PrivilegedAction() { // from class: net.jini.security.Security.6
            @Override // java.security.PrivilegedAction
            public Object run() {
                return Policy.getPolicy();
            }
        });
    }

    private static Permission[] grantablePermissions(Permission[] permissionArr) {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager == null || permissionArr.length == 0) {
            return permissionArr;
        }
        try {
            securityManager.checkPermission(new GrantPermission(permissionArr));
            return permissionArr;
        } catch (SecurityException e) {
            ArrayList arrayList = new ArrayList(permissionArr.length);
            for (Permission permission : permissionArr) {
                try {
                    securityManager.checkPermission(new GrantPermission(permission));
                    arrayList.add(permission);
                } catch (SecurityException e2) {
                }
            }
            return (Permission[]) arrayList.toArray(new Permission[arrayList.size()]);
        }
    }

    private static Principal[] getCurrentPrincipals() {
        Subject subject = (Subject) AccessController.doPrivileged(new PrivilegedAction(AccessController.getContext()) { // from class: net.jini.security.Security.7
            private final AccessControlContext val$acc;

            {
                this.val$acc = r4;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                return Subject.getSubject(this.val$acc);
            }
        });
        if (subject == null) {
            return null;
        }
        Set<Principal> principals = subject.getPrincipals();
        return (Principal[]) principals.toArray(new Principal[principals.size()]);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }
}
