package com.sun.javaws.security;

import com.sun.deploy.config.Config;
import com.sun.deploy.security.BadCertificateDialog;
import com.sun.deploy.security.CeilingPolicy;
import com.sun.deploy.security.TrustDecider;
import com.sun.deploy.util.Trace;
import com.sun.deploy.util.TraceLevel;
import com.sun.javaws.Globals;
import com.sun.javaws.Main;
import com.sun.javaws.jnl.JARDesc;
import com.sun.javaws.jnl.LaunchDesc;
import com.sun.jnlp.JNLPClassLoader;
import java.awt.AWTPermission;
import java.io.File;
import java.io.FilePermission;
import java.net.SocketPermission;
import java.security.AccessControlException;
import java.security.AllPermission;
import java.security.CodeSource;
import java.security.PermissionCollection;
import java.util.Enumeration;
import java.util.Properties;
import java.util.PropertyPermission;
import sun.security.util.SecurityConstants;

/* loaded from: input_file:118666-03/SUNWj5rt/reloc/jdk/instances/jdk1.5.0/jre/lib/javaws.jar:com/sun/javaws/security/AppPolicy.class */
public class AppPolicy {
    private String _host;
    private File _extensionDir;
    private static AppPolicy _instance = null;

    public static AppPolicy getInstance() {
        return _instance;
    }

    public static AppPolicy createInstance(String str) {
        if (_instance == null) {
            _instance = new AppPolicy(str);
        }
        return _instance;
    }

    private AppPolicy(String str) {
        this._host = null;
        this._extensionDir = null;
        this._host = str;
        this._extensionDir = new File(new StringBuffer().append(System.getProperty("java.home")).append(File.separator).append("lib").append(File.separator).append("ext").toString());
    }

    public void addPermissions(PermissionCollection permissionCollection, CodeSource codeSource) {
        Trace.println(new StringBuffer().append("Permission requested for: ").append((Object) codeSource.getLocation()).toString(), TraceLevel.SECURITY);
        JARDesc jarDescFromFileURL = JNLPClassLoader.getInstance().getJarDescFromFileURL(codeSource.getLocation());
        if (jarDescFromFileURL == null) {
            return;
        }
        LaunchDesc parent = jarDescFromFileURL.getParent().getParent();
        int securityModel = parent.getSecurityModel();
        if (securityModel != 0) {
            grantUnrestrictedAccess(parent, codeSource);
            if (securityModel == 1) {
                CeilingPolicy.addTrustedPermissions(permissionCollection);
            } else {
                addJ2EEApplicationClientPermissionsObject(permissionCollection);
            }
        }
        if (!permissionCollection.implies(new AllPermission())) {
            addSandboxPermissionsObject(permissionCollection, parent.getLaunchType() == 2);
        }
        if (parent.arePropsSet()) {
            return;
        }
        Properties resourceProperties = parent.getResources().getResourceProperties();
        Enumeration<Object> keys = resourceProperties.keys();
        while (keys.hasMoreElements()) {
            String str = (String) keys.nextElement2();
            String property = resourceProperties.getProperty(str);
            PropertyPermission propertyPermission = new PropertyPermission(str, "write");
            if (permissionCollection.implies(propertyPermission)) {
                System.setProperty(str, property);
            } else {
                Trace.ignoredException(new AccessControlException(new StringBuffer().append("access denied ").append((Object) propertyPermission).toString(), propertyPermission));
            }
        }
        parent.setPropsSet(true);
    }

    private void setUnrestrictedProps(LaunchDesc launchDesc) {
        if (launchDesc.arePropsSet()) {
            return;
        }
        Properties resourceProperties = launchDesc.getResources().getResourceProperties();
        Enumeration<Object> keys = resourceProperties.keys();
        while (keys.hasMoreElements()) {
            String str = (String) keys.nextElement2();
            System.setProperty(str, resourceProperties.getProperty(str));
        }
        launchDesc.setPropsSet(true);
    }

    public void grantUnrestrictedAccess(LaunchDesc launchDesc, CodeSource codeSource) {
        String str;
        switch (launchDesc.getLaunchType()) {
            case 1:
            default:
                str = "trustdecider.code.type.application";
                break;
            case 2:
                str = "trustdecider.code.type.applet";
                break;
            case 3:
                str = "trustdecider.code.type.extension";
                break;
            case 4:
                str = "trustdecider.code.type.installer";
                break;
        }
        try {
        } catch (Exception e) {
            BadCertificateDialog.show(codeSource, str, e);
        }
        if (Globals.isSecureMode() || TrustDecider.isAllPermissionGranted(codeSource, str)) {
            setUnrestrictedProps(launchDesc);
        } else {
            Trace.println("We were not granted permission, exiting", TraceLevel.SECURITY);
            Main.systemExit(-1);
        }
    }

    private void addJ2EEApplicationClientPermissionsObject(PermissionCollection permissionCollection) {
        Trace.println("Creating J2EE-application-client-permisisons object", TraceLevel.SECURITY);
        permissionCollection.add(new AWTPermission("accessClipboard"));
        permissionCollection.add(new AWTPermission("accessEventQueue"));
        permissionCollection.add(new AWTPermission("showWindowWithoutWarningBanner"));
        permissionCollection.add(new RuntimePermission("exitVM"));
        permissionCollection.add(new RuntimePermission("loadLibrary"));
        permissionCollection.add(new RuntimePermission("queuePrintJob"));
        permissionCollection.add(new SocketPermission("*", "connect"));
        permissionCollection.add(new SocketPermission("localhost:1024-", "accept,listen"));
        permissionCollection.add(new FilePermission("*", SecurityConstants.PROPERTY_RW_ACTION));
        permissionCollection.add(new PropertyPermission("*", "read"));
    }

    private void addSandboxPermissionsObject(PermissionCollection permissionCollection, boolean z) {
        Trace.println("Add sandbox permissions", TraceLevel.SECURITY);
        permissionCollection.add(new PropertyPermission("java.version", "read"));
        permissionCollection.add(new PropertyPermission("java.vendor", "read"));
        permissionCollection.add(new PropertyPermission("java.vendor.url", "read"));
        permissionCollection.add(new PropertyPermission("java.class.version", "read"));
        permissionCollection.add(new PropertyPermission("os.name", "read"));
        permissionCollection.add(new PropertyPermission("os.arch", "read"));
        permissionCollection.add(new PropertyPermission("os.version", "read"));
        permissionCollection.add(new PropertyPermission("file.separator", "read"));
        permissionCollection.add(new PropertyPermission("path.separator", "read"));
        permissionCollection.add(new PropertyPermission("line.separator", "read"));
        permissionCollection.add(new PropertyPermission("java.specification.version", "read"));
        permissionCollection.add(new PropertyPermission("java.specification.vendor", "read"));
        permissionCollection.add(new PropertyPermission("java.specification.name", "read"));
        permissionCollection.add(new PropertyPermission("java.vm.specification.version", "read"));
        permissionCollection.add(new PropertyPermission("java.vm.specification.vendor", "read"));
        permissionCollection.add(new PropertyPermission("java.vm.specification.name", "read"));
        permissionCollection.add(new PropertyPermission("java.vm.version", "read"));
        permissionCollection.add(new PropertyPermission("java.vm.vendor", "read"));
        permissionCollection.add(new PropertyPermission("java.vm.name", "read"));
        permissionCollection.add(new PropertyPermission("javawebstart.version", "read"));
        permissionCollection.add(new RuntimePermission("exitVM"));
        permissionCollection.add(new RuntimePermission("stopThread"));
        String stringBuffer = new StringBuffer().append("Java ").append(z ? "Applet" : "Application").append(" Window").toString();
        if (Config.getBooleanProperty(Config.SEC_AWT_WARN_WINDOW_KEY)) {
            System.setProperty("awt.appletWarning", stringBuffer);
        } else {
            permissionCollection.add(new AWTPermission("showWindowWithoutWarningBanner"));
        }
        permissionCollection.add(new SocketPermission("localhost:1024-", "listen"));
        permissionCollection.add(new SocketPermission(this._host, "connect, accept"));
        permissionCollection.add(new PropertyPermission("jnlp.*", SecurityConstants.PROPERTY_RW_ACTION));
        permissionCollection.add(new PropertyPermission("javaws.*", SecurityConstants.PROPERTY_RW_ACTION));
        for (String str : Config.getSecureProperties()) {
            permissionCollection.add(new PropertyPermission(str, SecurityConstants.PROPERTY_RW_ACTION));
        }
    }
}
