package org.eclipse.osgi.internal.service.security;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.util.Properties;
import org.eclipse.core.runtime.adaptor.LocationManager;
import org.eclipse.osgi.baseadaptor.BaseData;
import org.eclipse.osgi.framework.internal.core.AbstractBundle;
import org.eclipse.osgi.framework.internal.core.FrameworkProperties;
import org.eclipse.osgi.internal.baseadaptor.DevClassPathHelper;
import org.eclipse.osgi.internal.provisional.service.security.AuthorizationEngine;
import org.eclipse.osgi.internal.provisional.service.security.AuthorizationEvent;
import org.eclipse.osgi.internal.signedcontent.SignedBundleHook;
import org.eclipse.osgi.internal.signedcontent.SignedStorageHook;
import org.eclipse.osgi.service.resolver.BundleDescription;
import org.eclipse.osgi.service.resolver.DisabledInfo;
import org.eclipse.osgi.service.resolver.State;
import org.eclipse.osgi.signedcontent.SignedContent;
import org.eclipse.osgi.signedcontent.SignerInfo;
import org.osgi.framework.Bundle;
import org.osgi.framework.BundleContext;
import org.osgi.framework.Version;

/* JADX WARN: Classes with same name are omitted:
  input_file:targets/cics42/org.eclipse.osgi.jar:org/eclipse/osgi/internal/service/security/DefaultAuthorizationEngine.class
 */
/* loaded from: input_file:targets/cics51/org.eclipse.osgi.jar:org/eclipse/osgi/internal/service/security/DefaultAuthorizationEngine.class */
public class DefaultAuthorizationEngine extends AuthorizationEngine {
    private static final String VERSION_PROP = "Version";
    private static final String VERSION_NUM = "1.0";
    private final State systemState;
    private final BundleContext bundleContext;
    public static final int ENFORCE_NONE = 0;
    public static final int ENFORCE_SIGNED = 1;
    public static final int ENFORCE_TRUSTED = 2;
    public static final int ENFORCE_VALIDITY = 4;
    private static final String STR_ENFORCE_NONE = "any";
    private static final String STR_ENFORCE_SIGNED = "signed";
    private static final String STR_ENFORCE_TRUSTED = "trusted";
    private static final String STR_ENFORCE_VALIDITY = "validity";
    private static final String POLICY_NAME = "org.eclipse.equinox.security";
    private static final String POLICY_PROP = "osgi.signedcontent.authorization.engine.policy";
    private static int enforceFlags;
    private static final Version VERSION_MAX = new Version(2, 0, 0);
    private static final String FILE_LOAD_POLICY = ".loadpolicy";
    private static final File policyFile = new File(new StringBuffer(String.valueOf(LocationManager.getOSGiConfigurationDir().getPath())).append(File.separatorChar).append(FILE_LOAD_POLICY).toString());

    static {
        String property;
        enforceFlags = 0;
        Properties properties = null;
        if (policyFile.exists()) {
            try {
                properties = new Properties();
                properties.load(new FileInputStream(policyFile));
            } catch (IOException e) {
                SignedBundleHook.log("Error loading policy file", 4, e);
            }
        }
        if (properties != null) {
            Version version = new Version(0, 0, 0);
            String property2 = properties.getProperty(VERSION_PROP);
            if (property2 != null) {
                try {
                    version = new Version(property2);
                } catch (IllegalArgumentException unused) {
                }
            }
            if (VERSION_MAX.compareTo2(version) <= 0 || (property = properties.getProperty(POLICY_PROP)) == null) {
                return;
            }
            try {
                enforceFlags = Integer.parseInt(property);
                return;
            } catch (NumberFormatException unused2) {
                return;
            }
        }
        String property3 = FrameworkProperties.getProperty(POLICY_PROP);
        if (property3 == null || STR_ENFORCE_NONE.equals(property3)) {
            enforceFlags = 0;
            return;
        }
        if (STR_ENFORCE_TRUSTED.equals(property3)) {
            enforceFlags = 3;
        } else if (STR_ENFORCE_SIGNED.equals(property3)) {
            enforceFlags = 1;
        } else if (STR_ENFORCE_VALIDITY.equals(property3)) {
            enforceFlags = 7;
        }
    }

    public DefaultAuthorizationEngine(BundleContext bundleContext, State state) {
        super(bundleContext);
        this.bundleContext = bundleContext;
        this.systemState = state;
    }

    @Override // org.eclipse.osgi.internal.provisional.service.security.AuthorizationEngine
    protected AuthorizationEvent doAuthorize(SignedContent signedContent, Object obj) {
        boolean isEnabled = isEnabled(signedContent, obj);
        AuthorizationEvent authorizationEvent = null;
        if (obj instanceof Bundle) {
            BundleDescription bundle = this.systemState.getBundle(((Bundle) obj).getBundleId());
            if (isEnabled) {
                DisabledInfo disabledInfo = this.systemState.getDisabledInfo(bundle, POLICY_NAME);
                if (disabledInfo != null) {
                    this.systemState.removeDisabledInfo(disabledInfo);
                }
                authorizationEvent = new AuthorizationEvent(0, signedContent, obj, 0);
            } else {
                this.systemState.addDisabledInfo(new DisabledInfo(POLICY_NAME, null, bundle));
                authorizationEvent = new AuthorizationEvent(1, signedContent, obj, 0);
            }
        }
        return authorizationEvent;
    }

    private boolean isEnabled(SignedContent signedContent, Object obj) {
        String[] devClassPath;
        if ((obj instanceof Bundle) && DevClassPathHelper.inDevelopmentMode() && (devClassPath = DevClassPathHelper.getDevClassPath(((Bundle) obj).getSymbolicName())) != null && devClassPath.length > 0) {
            return true;
        }
        if ((enforceFlags & 1) != 0 && (signedContent == null || !signedContent.isSigned())) {
            return false;
        }
        SignerInfo[] signerInfos = signedContent == null ? new SignerInfo[0] : signedContent.getSignerInfos();
        for (int i = 0; i < signerInfos.length; i++) {
            if ((enforceFlags & 2) != 0 && !signerInfos[i].isTrusted()) {
                return false;
            }
            if ((enforceFlags & 4) != 0) {
                try {
                    signedContent.checkValidity(signerInfos[i]);
                } catch (CertificateException unused) {
                    return false;
                }
            }
        }
        return true;
    }

    @Override // org.eclipse.osgi.internal.provisional.service.security.AuthorizationEngine
    public int getStatus() {
        return this.systemState.getDisabledBundles().length != 0 ? 1 : 0;
    }

    public void processInstalledBundles() {
        Bundle[] bundles = this.bundleContext.getBundles();
        for (int i = 0; i < bundles.length; i++) {
            SignedStorageHook signedStorageHook = (SignedStorageHook) ((BaseData) ((AbstractBundle) bundles[i]).getBundleData()).getStorageHook(SignedStorageHook.KEY);
            authorize(signedStorageHook != null ? signedStorageHook.getSignedContent() : null, bundles[i]);
        }
    }

    public void setLoadPolicy(int i) {
        if ((i | 1 | 2 | 4) != 7) {
            throw new IllegalArgumentException(new StringBuffer("Invalid policy: ").append(i).toString());
        }
        enforceFlags = i;
        Properties properties = new Properties();
        properties.setProperty(POLICY_PROP, Integer.toString(i));
        properties.setProperty(VERSION_PROP, VERSION_NUM);
        try {
            properties.store(new FileOutputStream(policyFile), (String) null);
        } catch (IOException e) {
            SignedBundleHook.log("Error saving load policy file", 4, e);
        }
    }

    public int getLoadPolicy() {
        return enforceFlags;
    }
}
