package com.ms.security.permissions;

import com.ibm.ISecurityUtilityImpl.SecConstants;
import com.ibm.hats.common.HHostSimulator;
import com.ms.security.EncodeFormats;
import com.ms.security.IEncodablePermission;
import com.ms.security.IPermission;
import com.ms.security.PermissionID;
import com.ms.security.PermissionTreeOutput;
import com.ms.security.PermissionUtils;
import com.ms.security.PolicyEngine;
import com.ms.security.SecurityExceptionEx;
import com.ms.util.IncludeExcludeWildcards;
import com.ms.util.WildcardExpression;
import com.ms.util.ini.IniFile;
import com.ms.util.ini.IniSection;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.PrintStream;
import java.util.StringTokenizer;
import java.util.Vector;

/* loaded from: input_file:lib/applet/JSInteraction.zip:com/ms/security/permissions/PropertyPermission.class */
public class PropertyPermission implements IPermission, IEncodablePermission {
    private static final String asnTag = "1.3.6.1.4.1.311.4.4";
    private static final String displayTextTag = "displayTextV1";
    private static final String describeTag = "describePermissionV1";
    private static final String displayNameTag = "displayNameV1";
    private static final String iniTag = "iniFileV1";
    boolean unrestrictedAccess;
    Vector allowSuffixes;
    WildcardExpression allowNames;
    WildcardExpression denyNames;
    private static final int DISP_HEADER = 0;
    private static final int DISP_NORESTRICT = 1;
    private static final int DISP_INCLNAMES = 2;
    private static final int DISP_EXCLNAMES = 3;
    private static final int DISP_INCLSUFFIX = 4;
    private static final int DISP_NONE = 5;
    private static final int[] labelIDs = {223, 224, 225, 226, 227, 228};
    private static final String UNRESTRICTED_NAME = "Unrestricted";
    private static final String SUFFIXES_NAME = "AllowedSuffixes";
    private static final String INCLUDE_NAME = "IncludedProperties";
    private static final String EXCLUDE_NAME = "ExcludedProperties";
    private static final String VERSION_NAME = "Version";
    private static final int currentIniVersion = 2;
    static final boolean debug = false;

    @Override // com.ms.security.IEncodablePermission
    public String[] supportedFormats() {
        return new String[]{EncodeFormats.ASN1, EncodeFormats.DISPLAY, "DESCRIPTION", EncodeFormats.DISPLAYNAME, EncodeFormats.INI, EncodeFormats.DISPLAYTREE};
    }

    public void excludeProperties(String str) {
        if (this.unrestrictedAccess) {
            return;
        }
        if (this.denyNames == null) {
            this.denyNames = new WildcardExpression();
        }
        this.denyNames.append(str, WildcardExpression.ESCAPED);
    }

    public WildcardExpression getIncludedProperties() {
        return this.allowNames;
    }

    public WildcardExpression getExcludedProperties() {
        return this.denyNames;
    }

    private boolean DecodeIni(InputStream inputStream) {
        try {
            IniSection section = new IniFile(inputStream).getSection(getClass().getName());
            if (section == null) {
                return false;
            }
            String value = section.getValue(VERSION_NAME);
            if (value == null) {
                return DecodeIniV1(section);
            }
            switch (Integer.parseInt(value)) {
                case 1:
                    return DecodeIniV1(section);
                case 2:
                    return DecodeIniV2(section);
                default:
                    return false;
            }
        } catch (Exception e) {
            return false;
        }
    }

    private native byte[] pEncodeAsn();

    private void EncodeDisplay(OutputStream outputStream) {
        try {
            if (outputStream instanceof PermissionTreeOutput) {
                EncodeDisplay((PermissionTreeOutput) outputStream);
                return;
            }
            PermissionTreeOutput permissionTreeOutput = new PermissionTreeOutput();
            EncodeDisplay(permissionTreeOutput);
            new DataOutputStream(outputStream).writeChars(permissionTreeOutput.toString());
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    private void EncodeDisplay(PermissionTreeOutput permissionTreeOutput) {
        try {
            String[] strings = EncodeResource.getStrings(labelIDs, permissionTreeOutput.getLCID());
            if (strings == null) {
                return;
            }
            permissionTreeOutput.writePermission(strings[0], 0, this);
            if (this.unrestrictedAccess) {
                permissionTreeOutput.writeField(strings[1]);
                return;
            }
            if (this.allowNames != null) {
                permissionTreeOutput.writeNode(strings[2], 1);
                permissionTreeOutput.writeField(this.allowNames.toString());
            }
            if (this.denyNames != null) {
                permissionTreeOutput.writeNode(strings[3], 1);
                permissionTreeOutput.writeField(this.denyNames.toString());
            }
            if (this.allowSuffixes == null || this.allowSuffixes.size() <= 0) {
                return;
            }
            permissionTreeOutput.writeNode(strings[4], 1);
            permissionTreeOutput.write((String) this.allowSuffixes.elementAt(0));
            for (int i = 1; i < this.allowSuffixes.size(); i++) {
                permissionTreeOutput.write(new StringBuffer().append(", ").append((String) this.allowSuffixes.elementAt(i)).toString());
            }
            permissionTreeOutput.addField();
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    private boolean DecodeIniV2(IniSection iniSection) {
        boolean booleanValue = new Boolean(iniSection.getValue(UNRESTRICTED_NAME)).booleanValue();
        allowUnrestrictedAccess(booleanValue);
        if (booleanValue) {
            return true;
        }
        String value = iniSection.getValue(SUFFIXES_NAME);
        if (value != null) {
            addAllowedSuffixes(parseSuffixesString(PermissionUtils.escapeString(value)));
        }
        String value2 = iniSection.getValue(INCLUDE_NAME);
        if (value2 != null) {
            includeProperties(PermissionUtils.escapeString(value2));
        }
        String value3 = iniSection.getValue(EXCLUDE_NAME);
        if (value3 == null) {
            return true;
        }
        excludeProperties(PermissionUtils.escapeString(value3));
        return true;
    }

    private void EncodeIni(OutputStream outputStream) {
        IniSection iniSection = new IniSection();
        iniSection.setName(getClass().getName());
        iniSection.addNamePair(VERSION_NAME, new StringBuffer().append("").append(2).toString());
        Boolean bool = new Boolean(allowsUnrestrictedAccess());
        iniSection.addNamePair(UNRESTRICTED_NAME, bool.toString());
        String str = "";
        String str2 = "";
        String str3 = "";
        if (!bool.booleanValue()) {
            WildcardExpression includedProperties = getIncludedProperties();
            str2 = includedProperties == null ? "" : PermissionUtils.unescapeString(includedProperties.toString(true));
            WildcardExpression excludedProperties = getExcludedProperties();
            str3 = excludedProperties == null ? "" : PermissionUtils.unescapeString(excludedProperties.toString(true));
            str = PermissionUtils.unescapeString(getSuffixesString(getAllowedSuffixes()));
        }
        iniSection.addNamePair(SUFFIXES_NAME, str);
        iniSection.addNamePair(INCLUDE_NAME, str2);
        iniSection.addNamePair(EXCLUDE_NAME, str3);
        iniSection.writeContents(new PrintStream(outputStream));
    }

    private void EncodeDescribe(OutputStream outputStream) {
        EncodeResource.appendString(outputStream, 222);
    }

    private native boolean pDecodeAsn(byte[] bArr);

    public void includeProperties(String str) {
        if (this.unrestrictedAccess) {
            return;
        }
        if (this.allowNames == null) {
            this.allowNames = new WildcardExpression();
        }
        this.allowNames.append(str, WildcardExpression.ESCAPED);
    }

    @Override // com.ms.security.IPermission
    public void check(Object obj) {
        if (!(obj instanceof PropertyAccessRequest)) {
            throw new IllegalArgumentException("No way.");
        }
        PropertyAccessRequest propertyAccessRequest = (PropertyAccessRequest) obj;
        if (this.unrestrictedAccess) {
            return;
        }
        if (propertyAccessRequest.type == 0) {
            throw new SecurityExceptionEx("Unable to access system properties.");
        }
        if (propertyAccessRequest.type != 1) {
            throw new IllegalArgumentException(new StringBuffer().append("Invalid property access type ").append(propertyAccessRequest.type).toString());
        }
        String str = propertyAccessRequest.property;
        boolean z = false;
        if (this.allowNames != null) {
            z = this.allowNames.match(str);
        }
        if (!z && this.allowSuffixes != null) {
            PolicyEngine.assertPermission(PermissionID.PROPERTY);
            int i = 0;
            while (true) {
                if (i >= this.allowSuffixes.size()) {
                    break;
                }
                if (Boolean.getBoolean(new StringBuffer().append(str).append(SecConstants.STRING_HOSTNAME_DELIMITER).append((String) this.allowSuffixes.elementAt(i)).toString())) {
                    z = true;
                    break;
                }
                i++;
            }
        }
        if (z && this.denyNames != null) {
            z = !this.denyNames.match(str);
        }
        if (!z) {
            throw new SecurityExceptionEx(new StringBuffer().append("Unable to access system property: ").append(str).toString());
        }
    }

    private void addAllowedSuffixes(String[] strArr) {
        if (this.unrestrictedAccess) {
            return;
        }
        if (this.allowSuffixes == null) {
            this.allowSuffixes = new Vector();
        }
        if (strArr != null) {
            for (String str : strArr) {
                this.allowSuffixes.addElement(str);
            }
        }
    }

    private String[] stringVectorToArray(Vector vector) {
        if (vector == null) {
            return null;
        }
        String[] strArr = new String[vector.size()];
        vector.copyInto(strArr);
        return strArr;
    }

    private String[] parseSuffixesString(String str) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, ";");
        int countTokens = stringTokenizer.countTokens();
        if (countTokens <= 0) {
            return null;
        }
        String[] strArr = new String[countTokens];
        for (int i = 0; i < countTokens; i++) {
            strArr[i] = stringTokenizer.nextToken();
        }
        return strArr;
    }

    public void reset() {
        this.unrestrictedAccess = false;
        this.allowSuffixes = null;
        this.allowNames = null;
        this.denyNames = null;
    }

    private String getSuffixesString(String[] strArr) {
        StringBuffer stringBuffer = new StringBuffer();
        if (strArr != null && strArr.length > 0) {
            stringBuffer.append(strArr[0]);
            for (int i = 1; i < strArr.length; i++) {
                stringBuffer.append(";");
                stringBuffer.append(strArr[i]);
            }
        }
        return stringBuffer.toString();
    }

    @Override // com.ms.security.IPermission
    public IPermission combine(IPermission iPermission) {
        if (!(iPermission instanceof PropertyPermission)) {
            throw new IllegalArgumentException();
        }
        PropertyPermission propertyPermission = (PropertyPermission) iPermission;
        PropertyPermission propertyPermission2 = new PropertyPermission();
        propertyPermission2.unrestrictedAccess = this.unrestrictedAccess | propertyPermission.unrestrictedAccess;
        propertyPermission2.allowSuffixes = PermissionUtils.concatVectors(this.allowSuffixes, propertyPermission.allowSuffixes);
        propertyPermission2.allowNames = PermissionUtils.combinePatterns(this.allowNames, propertyPermission.allowNames);
        propertyPermission2.denyNames = PermissionUtils.combinePatterns(this.denyNames, propertyPermission.denyNames);
        return propertyPermission2;
    }

    @Override // com.ms.security.IEncodablePermission
    public boolean encode(String str, OutputStream outputStream) {
        if (str != null) {
            try {
                if (!str.equals(asnTag)) {
                    if (str.equals(displayTextTag)) {
                        EncodeDisplay(outputStream);
                        return true;
                    }
                    if (str.equals(describeTag)) {
                        EncodeDescribe(outputStream);
                        return true;
                    }
                    if (str.equals(displayNameTag)) {
                        EncodeDisplayName(outputStream);
                        return true;
                    }
                    if (!str.equals(iniTag)) {
                        return false;
                    }
                    EncodeIni(outputStream);
                    return true;
                }
            } catch (Throwable th) {
                return false;
            }
        }
        byte[] pEncodeAsn = pEncodeAsn();
        if (pEncodeAsn == null) {
            return true;
        }
        outputStream.write(pEncodeAsn, 0, pEncodeAsn.length);
        return true;
    }

    public PropertyPermission() {
        reset();
    }

    private Vector stringArrayToVector(String[] strArr) {
        if (strArr == null) {
            return null;
        }
        Vector vector = new Vector(strArr.length);
        for (String str : strArr) {
            vector.addElement(str);
        }
        return vector;
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("PropertyPermission:\n[\n");
        stringBuffer.append(new StringBuffer().append("   unrestricted                 = ").append(this.unrestrictedAccess).append(HHostSimulator.NEW_LINE).toString());
        stringBuffer.append(new StringBuffer().append("   allowed properties           = ").append(PermissionUtils.PatterntoString(this.allowNames)).append(HHostSimulator.NEW_LINE).toString());
        stringBuffer.append(new StringBuffer().append("    denied properties           = ").append(PermissionUtils.PatterntoString(this.denyNames)).append(HHostSimulator.NEW_LINE).toString());
        stringBuffer.append("   allowed suffixes             = ");
        if (this.allowSuffixes == null) {
            stringBuffer.append("none");
        } else {
            for (int i = 0; i < this.allowSuffixes.size(); i++) {
                stringBuffer.append(new StringBuffer().append((String) this.allowSuffixes.elementAt(i)).append(" ").toString());
            }
        }
        stringBuffer.append("\n]");
        return stringBuffer.toString();
    }

    public String[] getAllowedSuffixes() {
        if (this.allowSuffixes == null) {
            return null;
        }
        String[] strArr = new String[this.allowSuffixes.size()];
        this.allowSuffixes.copyInto(strArr);
        return strArr;
    }

    @Override // com.ms.util.SetComparison
    public int compareSet(Object obj) {
        if (!(obj instanceof PropertyPermission)) {
            return 2;
        }
        PropertyPermission propertyPermission = (PropertyPermission) obj;
        int compareBooleans = PermissionUtils.compareBooleans(this.unrestrictedAccess, propertyPermission.unrestrictedAccess, 8);
        if (compareBooleans == 8) {
            int compareArraysOfStrings = PermissionUtils.compareArraysOfStrings(stringVectorToArray(this.allowSuffixes), stringVectorToArray(propertyPermission.allowSuffixes), compareBooleans);
            if (compareArraysOfStrings == 1) {
                return 1;
            }
            return PermissionUtils.compareIncludeExcludePatterns(this.allowNames, this.denyNames, propertyPermission.allowNames, propertyPermission.denyNames, compareArraysOfStrings);
        }
        if (!this.unrestrictedAccess || propertyPermission.unrestrictedAccess) {
            if (!this.unrestrictedAccess && propertyPermission.unrestrictedAccess) {
                if (this.allowSuffixes != null) {
                    compareBooleans = 3;
                } else {
                    IncludeExcludeWildcards includeExcludeWildcards = new IncludeExcludeWildcards(this.allowNames, this.denyNames);
                    includeExcludeWildcards.validate();
                    if (includeExcludeWildcards.getIncludeExpression() != null) {
                        compareBooleans = 3;
                    }
                }
            }
        } else if (propertyPermission.allowSuffixes != null) {
            compareBooleans = 5;
        } else {
            IncludeExcludeWildcards includeExcludeWildcards2 = new IncludeExcludeWildcards(propertyPermission.allowNames, propertyPermission.denyNames);
            includeExcludeWildcards2.validate();
            if (includeExcludeWildcards2.getIncludeExpression() != null) {
                compareBooleans = 5;
            }
        }
        return compareBooleans;
    }

    @Override // com.ms.security.IEncodablePermission
    public boolean decode(String str, InputStream inputStream) {
        if (str != null) {
            try {
                if (!str.equals(asnTag)) {
                    if (str.equals(iniTag)) {
                        return DecodeIni(inputStream);
                    }
                    return false;
                }
            } catch (Throwable th) {
                return false;
            }
        }
        return pDecodeAsn(PermissionUtils.toByteArray(inputStream));
    }

    @Override // com.ms.security.IPermission
    public IPermission copy() {
        PropertyPermission propertyPermission = new PropertyPermission();
        propertyPermission.unrestrictedAccess = this.unrestrictedAccess;
        if (this.allowSuffixes != null) {
            propertyPermission.allowSuffixes = (Vector) this.allowSuffixes.clone();
        }
        if (this.allowNames != null) {
            propertyPermission.allowNames = this.allowNames.copy();
        }
        if (this.denyNames != null) {
            propertyPermission.denyNames = this.denyNames.copy();
        }
        return propertyPermission;
    }

    private boolean DecodeIniV1(IniSection iniSection) {
        boolean booleanValue = new Boolean(iniSection.getValue(UNRESTRICTED_NAME)).booleanValue();
        allowUnrestrictedAccess(booleanValue);
        if (booleanValue) {
            return true;
        }
        String value = iniSection.getValue(SUFFIXES_NAME);
        if (value != null) {
            addAllowedSuffixes(parseSuffixesString(value));
        }
        String value2 = iniSection.getValue(INCLUDE_NAME);
        if (value2 != null) {
            includeProperties(value2);
        }
        String value3 = iniSection.getValue(EXCLUDE_NAME);
        if (value3 == null) {
            return true;
        }
        excludeProperties(value3);
        return true;
    }

    public boolean allowsUnrestrictedAccess() {
        return this.unrestrictedAccess;
    }

    @Override // com.ms.security.IEncodablePermission
    public String mapFormat(String str) {
        if (str == null || str == EncodeFormats.ASN1) {
            return asnTag;
        }
        if (str == EncodeFormats.DISPLAY || str == EncodeFormats.DISPLAYTREE) {
            return displayTextTag;
        }
        if (str == "DESCRIPTION") {
            return describeTag;
        }
        if (str == EncodeFormats.DISPLAYNAME) {
            return displayNameTag;
        }
        if (str == EncodeFormats.INI) {
            return iniTag;
        }
        return null;
    }

    public void addAllowedSuffix(String str) {
        if (this.unrestrictedAccess) {
            return;
        }
        if (this.allowSuffixes == null) {
            this.allowSuffixes = new Vector();
        }
        if (str != null) {
            this.allowSuffixes.addElement(str);
        }
    }

    public void allowUnrestrictedAccess(boolean z) {
        if (z) {
            reset();
        }
        this.unrestrictedAccess = z;
    }

    private void EncodeDisplayName(OutputStream outputStream) {
        EncodeResource.appendString(outputStream, 221);
    }
}
