package com.sun.javaws.security;

import com.sun.deploy.config.Config;
import com.sun.deploy.security.CeilingPolicy;
import com.sun.deploy.trace.Trace;
import com.sun.deploy.trace.TraceLevel;
import com.sun.javaws.Globals;
import com.sun.javaws.exceptions.ExitException;
import com.sun.javaws.jnl.JARDesc;
import com.sun.javaws.jnl.LaunchDesc;
import com.sun.jnlp.JNLPClassLoader;
import com.sun.jnlp.JNLPClassLoaderIf;
import com.sun.jnlp.JNLPClassLoaderUtil;
import java.awt.AWTPermission;
import java.io.File;
import java.io.FilePermission;
import java.net.SocketPermission;
import java.security.AccessControlException;
import java.security.AllPermission;
import java.security.CodeSource;
import java.security.PermissionCollection;
import java.security.Policy;
import java.util.Enumeration;
import java.util.Properties;
import java.util.PropertyPermission;
import org.hibernate.secure.HibernatePermission;

/* loaded from: input_file:com/sun/javaws/security/AppPolicy.class */
public class AppPolicy {
    private String _host;
    private File _extensionDir;
    private static AppPolicy _instance = null;

    public static AppPolicy getInstance() {
        return _instance;
    }

    public static AppPolicy createInstance(String str) {
        if (_instance == null) {
            _instance = new AppPolicy(str);
        }
        return _instance;
    }

    private AppPolicy(String str) {
        this._host = null;
        this._extensionDir = null;
        this._host = str;
        this._extensionDir = new File(new StringBuffer().append(System.getProperty("java.home")).append(File.separator).append("lib").append(File.separator).append("ext").toString());
    }

    public boolean addPermissions(JNLPClassLoaderIf jNLPClassLoaderIf, PermissionCollection permissionCollection, CodeSource codeSource, boolean z) throws ExitException {
        Trace.println(new StringBuffer().append("JAVAWS AppPolicy Permission requested for: ").append(codeSource.getLocation()).toString(), TraceLevel.SECURITY);
        JARDesc jarDescFromURL = jNLPClassLoaderIf.getJarDescFromURL(codeSource.getLocation());
        if (jarDescFromURL == null) {
            return false;
        }
        LaunchDesc launchDesc = null;
        int i = 0;
        boolean z2 = false;
        if (jarDescFromURL.getParent() != null) {
            launchDesc = jarDescFromURL.getParent().getParent();
            i = launchDesc.getSecurityModel();
        }
        if (z && i != 0) {
            grantUnrestrictedAccess(launchDesc, codeSource, jNLPClassLoaderIf.getPreloader());
            z2 = true;
            if (i == 1) {
                CeilingPolicy.addTrustedPermissions(permissionCollection);
            } else {
                addJ2EEApplicationClientPermissionsObject(permissionCollection);
            }
        }
        if (!permissionCollection.implies(new AllPermission())) {
            addSandboxPermissionsObject(permissionCollection, launchDesc != null && launchDesc.getLaunchType() == 2);
        }
        if (launchDesc != null && !launchDesc.arePropsSet()) {
            Properties resourceProperties = launchDesc.getResources().getResourceProperties();
            Enumeration keys = resourceProperties.keys();
            while (keys.hasMoreElements()) {
                String str = (String) keys.nextElement();
                String property = resourceProperties.getProperty(str);
                PropertyPermission propertyPermission = new PropertyPermission(str, "write");
                PermissionCollection permissions = Policy.getPolicy().getPermissions(codeSource);
                if (permissionCollection.implies(propertyPermission) || permissions.implies(propertyPermission)) {
                    System.setProperty(str, property);
                } else {
                    Trace.ignoredException(new AccessControlException(new StringBuffer().append("access denied ").append(propertyPermission).toString(), propertyPermission));
                }
            }
            launchDesc.setPropsSet(true);
        }
        return z2;
    }

    private boolean isSuspiciousProperty(String str) {
        if (!"javaplugin.user.profile".equals(str)) {
            return false;
        }
        Trace.println("Property javaplugin.user.profile can not be set as trusted", TraceLevel.SECURITY);
        return true;
    }

    private void setUnrestrictedProps(LaunchDesc launchDesc) {
        if (launchDesc.arePropsSet()) {
            return;
        }
        Properties resourceProperties = launchDesc.getResources().getResourceProperties();
        Enumeration keys = resourceProperties.keys();
        while (keys.hasMoreElements()) {
            String str = (String) keys.nextElement();
            if (!isSuspiciousProperty(str)) {
                System.setProperty(str, resourceProperties.getProperty(str));
            }
        }
        launchDesc.setPropsSet(true);
    }

    /* JADX WARN: Code restructure failed: missing block: B:26:0x00a5, code lost:
    
        if (r0 == null) goto L35;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public long grantUnrestrictedAccess(com.sun.javaws.jnl.LaunchDesc r6, java.security.CodeSource r7, com.sun.applet2.preloader.Preloader r8) throws com.sun.javaws.exceptions.ExitException {
        /*
            Method dump skipped, instructions count: 347
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.javaws.security.AppPolicy.grantUnrestrictedAccess(com.sun.javaws.jnl.LaunchDesc, java.security.CodeSource, com.sun.applet2.preloader.Preloader):long");
    }

    private void addJ2EEApplicationClientPermissionsObject(PermissionCollection permissionCollection) {
        Trace.println("Creating J2EE-application-client-permisisons object", TraceLevel.SECURITY);
        permissionCollection.add(new AWTPermission("accessClipboard"));
        permissionCollection.add(new AWTPermission("accessEventQueue"));
        permissionCollection.add(new AWTPermission("showWindowWithoutWarningBanner"));
        permissionCollection.add(new RuntimePermission("exitVM"));
        permissionCollection.add(new RuntimePermission("loadLibrary"));
        permissionCollection.add(new RuntimePermission("queuePrintJob"));
        permissionCollection.add(new SocketPermission("*", "connect"));
        permissionCollection.add(new SocketPermission("localhost:1024-", "accept,listen"));
        permissionCollection.add(new FilePermission("*", "read,write"));
        permissionCollection.add(new PropertyPermission("*", HibernatePermission.READ));
    }

    private void addSandboxPermissionsObject(PermissionCollection permissionCollection, boolean z) {
        Trace.println("Add sandbox permissions", TraceLevel.SECURITY);
        permissionCollection.add(new PropertyPermission("java.version", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("java.vendor", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("java.vendor.url", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("java.class.version", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("os.name", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("os.arch", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("os.version", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("file.separator", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("path.separator", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("line.separator", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("java.specification.version", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("java.specification.vendor", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("java.specification.name", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("java.vm.specification.version", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("java.vm.specification.vendor", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("java.vm.specification.name", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("java.vm.version", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("java.vm.vendor", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("java.vm.name", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("mrj.version", HibernatePermission.READ));
        permissionCollection.add(new PropertyPermission("javawebstart.version", HibernatePermission.READ));
        if (JNLPClassLoaderUtil.getInstance() instanceof JNLPClassLoader) {
            permissionCollection.add(new RuntimePermission("exitVM"));
            permissionCollection.add(new RuntimePermission("stopThread"));
        }
        String stringBuffer = new StringBuffer().append("Java ").append(z ? "Applet" : "Application").append(" Window").toString();
        if (Config.getBooleanProperty(Config.SEC_AWT_WARN_WINDOW_KEY)) {
            System.setProperty("awt.appletWarning", stringBuffer);
        } else {
            permissionCollection.add(new AWTPermission("showWindowWithoutWarningBanner"));
        }
        permissionCollection.add(new SocketPermission("localhost:1024-", "listen"));
        permissionCollection.add(new PropertyPermission("jnlp.*", "read,write"));
        permissionCollection.add(new PropertyPermission("javaws.*", "read,write"));
        permissionCollection.add(new PropertyPermission("javapi.*", "read,write"));
        for (String str : Config.getSecureProperties()) {
            permissionCollection.add(new PropertyPermission(str, "read,write"));
        }
        String[] applicationArgs = Globals.getApplicationArgs();
        if (applicationArgs == null || applicationArgs.length != 2) {
            return;
        }
        if (applicationArgs[0].equals("-open")) {
            permissionCollection.add(new FilePermission(applicationArgs[1], "read, write"));
        } else if (applicationArgs[0].equals("-print")) {
            permissionCollection.add(new FilePermission(applicationArgs[1], "read, write"));
            permissionCollection.add(new RuntimePermission("queuePrintJob"));
        }
    }
}
