package sun.plugin.liveconnect;

import com.ibm.security.krb5.PrincipalName;
import com.sun.deploy.security.SecureCookiePermission;
import com.sun.deploy.trace.Trace;
import java.io.FilePermission;
import java.lang.reflect.Constructor;
import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.net.InetAddress;
import java.net.MalformedURLException;
import java.net.SocketPermission;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.AllPermission;
import java.security.CodeSource;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.security.Policy;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.ProtectionDomain;
import java.security.cert.Certificate;
import java.util.PropertyPermission;
import sun.security.util.SecurityConstants;

/* loaded from: input_file:jre/lib/plugin.jar:sun/plugin/liveconnect/SecureInvocation.class */
public class SecureInvocation {
    private static Object ConstructObject(Class cls, Constructor constructor, Object[] objArr, String str, boolean z, boolean z2) throws Exception {
        try {
            return AccessController.doPrivileged(new PrivilegedExceptionAction(cls, str, z, z2, constructor, objArr) { // from class: sun.plugin.liveconnect.SecureInvocation.1
                private final Class val$clazz;
                private final String val$origin;
                private final boolean val$isUniversalBrowserRead;
                private final boolean val$isUniversalJavaPermission;
                private final Constructor val$constructor;
                private final Object[] val$args;

                {
                    this.val$clazz = cls;
                    this.val$origin = str;
                    this.val$isUniversalBrowserRead = z;
                    this.val$isUniversalJavaPermission = z2;
                    this.val$constructor = constructor;
                    this.val$args = objArr;
                }

                @Override // java.security.PrivilegedExceptionAction
                /* renamed from: run */
                public Object run2() throws Exception {
                    try {
                        boolean checkLiveConnectCaller = SecureInvocation.checkLiveConnectCaller(this.val$clazz, this.val$origin, this.val$isUniversalBrowserRead);
                        ProtectionDomain[] protectionDomainArr = new ProtectionDomain[1];
                        if (this.val$isUniversalJavaPermission) {
                            protectionDomainArr[0] = SecureInvocation.access$200();
                        } else {
                            protectionDomainArr[0] = SecureInvocation.getDefaultProtectionDomain(this.val$origin, checkLiveConnectCaller);
                        }
                        return AccessController.doPrivileged(new PrivilegedConstructObjectAction(this.val$constructor, this.val$args), new AccessControlContext(protectionDomainArr));
                    } catch (Exception e) {
                        Trace.liveConnectPrintException(e);
                        throw e;
                    }
                }
            });
        } catch (PrivilegedActionException e) {
            throw e;
        }
    }

    private static Object CallMethod(Class cls, Object obj, Method method, Object[] objArr, String str, boolean z, boolean z2) throws Exception {
        try {
            return AccessController.doPrivileged(new PrivilegedExceptionAction(cls, str, z, z2, method, obj, objArr) { // from class: sun.plugin.liveconnect.SecureInvocation.2
                private final Class val$clazz;
                private final String val$origin;
                private final boolean val$isUniversalBrowserRead;
                private final boolean val$isUniversalJavaPermission;
                private final Method val$method;
                private final Object val$obj;
                private final Object[] val$args;

                {
                    this.val$clazz = cls;
                    this.val$origin = str;
                    this.val$isUniversalBrowserRead = z;
                    this.val$isUniversalJavaPermission = z2;
                    this.val$method = method;
                    this.val$obj = obj;
                    this.val$args = objArr;
                }

                @Override // java.security.PrivilegedExceptionAction
                /* renamed from: run */
                public Object run2() throws Exception {
                    try {
                        boolean checkLiveConnectCaller = SecureInvocation.checkLiveConnectCaller(this.val$clazz, this.val$origin, this.val$isUniversalBrowserRead);
                        ProtectionDomain[] protectionDomainArr = new ProtectionDomain[1];
                        if (this.val$isUniversalJavaPermission) {
                            protectionDomainArr[0] = SecureInvocation.access$200();
                        } else {
                            protectionDomainArr[0] = SecureInvocation.getDefaultProtectionDomain(this.val$origin, checkLiveConnectCaller);
                        }
                        return AccessController.doPrivileged(new PrivilegedCallMethodAction(this.val$method, this.val$obj, this.val$args), new AccessControlContext(protectionDomainArr));
                    } catch (Exception e) {
                        Trace.liveConnectPrintException(e);
                        throw e;
                    }
                }
            });
        } catch (PrivilegedActionException e) {
            throw e;
        }
    }

    private static Object GetField(Class cls, Object obj, Field field, String str, boolean z, boolean z2) throws Exception {
        try {
            return AccessController.doPrivileged(new PrivilegedExceptionAction(cls, str, z, z2, field, obj) { // from class: sun.plugin.liveconnect.SecureInvocation.3
                private final Class val$clazz;
                private final String val$origin;
                private final boolean val$isUniversalBrowserRead;
                private final boolean val$isUniversalJavaPermission;
                private final Field val$field;
                private final Object val$obj;

                {
                    this.val$clazz = cls;
                    this.val$origin = str;
                    this.val$isUniversalBrowserRead = z;
                    this.val$isUniversalJavaPermission = z2;
                    this.val$field = field;
                    this.val$obj = obj;
                }

                @Override // java.security.PrivilegedExceptionAction
                /* renamed from: run */
                public Object run2() throws Exception {
                    try {
                        SecureInvocation.checkLiveConnectCaller(this.val$clazz, this.val$origin, this.val$isUniversalBrowserRead);
                        ProtectionDomain[] protectionDomainArr = new ProtectionDomain[1];
                        if (this.val$isUniversalJavaPermission) {
                            protectionDomainArr[0] = SecureInvocation.access$200();
                        } else {
                            protectionDomainArr[0] = SecureInvocation.getDefaultProtectionDomain(this.val$origin);
                        }
                        return AccessController.doPrivileged(new PrivilegedGetFieldAction(this.val$field, this.val$obj), new AccessControlContext(protectionDomainArr));
                    } catch (Exception e) {
                        Trace.liveConnectPrintException(e);
                        throw e;
                    }
                }
            });
        } catch (PrivilegedActionException e) {
            throw e;
        }
    }

    private static void SetField(Class cls, Object obj, Field field, Object obj2, String str, boolean z, boolean z2) throws Exception {
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction(cls, str, z, z2, field, obj, obj2) { // from class: sun.plugin.liveconnect.SecureInvocation.4
                private final Class val$clazz;
                private final String val$origin;
                private final boolean val$isUniversalBrowserRead;
                private final boolean val$isUniversalJavaPermission;
                private final Field val$field;
                private final Object val$obj;
                private final Object val$val;

                {
                    this.val$clazz = cls;
                    this.val$origin = str;
                    this.val$isUniversalBrowserRead = z;
                    this.val$isUniversalJavaPermission = z2;
                    this.val$field = field;
                    this.val$obj = obj;
                    this.val$val = obj2;
                }

                @Override // java.security.PrivilegedExceptionAction
                /* renamed from: run */
                public Object run2() throws Exception {
                    try {
                        SecureInvocation.checkLiveConnectCaller(this.val$clazz, this.val$origin, this.val$isUniversalBrowserRead);
                        ProtectionDomain[] protectionDomainArr = new ProtectionDomain[1];
                        if (this.val$isUniversalJavaPermission) {
                            protectionDomainArr[0] = SecureInvocation.access$200();
                        } else {
                            protectionDomainArr[0] = SecureInvocation.getDefaultProtectionDomain(this.val$origin);
                        }
                        AccessController.doPrivileged(new PrivilegedSetFieldAction(this.val$field, this.val$obj, this.val$val), new AccessControlContext(protectionDomainArr));
                        return null;
                    } catch (Exception e) {
                        Trace.liveConnectPrintException(e);
                        throw e;
                    }
                }
            });
        } catch (PrivilegedActionException e) {
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean checkLiveConnectCaller(Class cls, String str, boolean z) throws OriginNotAllowedException, MalformedURLException {
        CodeSource codeSource = cls.getProtectionDomain().getCodeSource();
        if (codeSource == null) {
            Trace.msgLiveConnectPrintln("liveconnect.java.system");
            return true;
        }
        if (z) {
            Trace.msgLiveConnectPrintln("liveconnect.UniversalBrowserRead.enabled");
            return false;
        }
        URL location = codeSource.getLocation();
        URL url = null;
        if (str != null) {
            try {
                url = new URL(str);
            } catch (MalformedURLException e) {
                e.printStackTrace();
                return false;
            }
        }
        if (location == null || url == null || !location.getProtocol().equalsIgnoreCase(url.getProtocol()) || !location.getHost().equalsIgnoreCase(url.getHost()) || location.getPort() != url.getPort()) {
            throw new OriginNotAllowedException(new StringBuffer().append("JavaScript is not from the same origin as the Java code, caller=").append(url).append(", callee=").append(location).toString());
        }
        Trace.msgLiveConnectPrintln("liveconnect.same.origin");
        return false;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static ProtectionDomain getDefaultProtectionDomain(String str) throws MalformedURLException {
        return getDefaultProtectionDomain(str, false);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static ProtectionDomain getDefaultProtectionDomain(String str, boolean z) throws MalformedURLException {
        Trace.msgLiveConnectPrintln("liveconnect.default.policy", new Object[]{str});
        URL url = null;
        if (str != null) {
            try {
                url = new URL(str);
            } catch (MalformedURLException e) {
            }
        }
        PermissionCollection permissions = Policy.getPolicy().getPermissions(new CodeSource(url, (Certificate[]) null));
        permissions.add(new PropertyPermission("http.agent", "read"));
        if (url == null || url.getProtocol().equals("file")) {
            permissions.add(new FilePermission("<<ALL FILES>>", "read"));
        } else {
            String host = url.getHost();
            int port = url.getPort();
            if (host == null || host.equals("")) {
                try {
                    URL url2 = new URL(url.getFile());
                    host = url2.getHost();
                    port = url2.getPort();
                } catch (Exception e2) {
                }
            }
            InetAddress inetAddress = null;
            try {
                inetAddress = InetAddress.getByName(host);
            } catch (UnknownHostException e3) {
                Trace.ignoredException(e3);
            }
            String hostName = inetAddress != null ? inetAddress.getHostName() : host;
            if (port == -1) {
                port = url.getDefaultPort();
            }
            if (hostName != null && !hostName.equals("")) {
                SocketPermission socketPermission = hostName.equals("localhost") ? new SocketPermission(new StringBuffer().append(hostName).append(PrincipalName.DOMAIN_PORT_SEPARATOR_STR).append(port).toString(), SecurityConstants.SOCKET_CONNECT_ACCEPT_ACTION) : new SocketPermission(hostName, SecurityConstants.SOCKET_CONNECT_ACCEPT_ACTION);
                SecureCookiePermission secureCookiePermission = new SecureCookiePermission(SecureCookiePermission.getURLOriginString(url));
                if (z) {
                    try {
                        Method method = null;
                        try {
                            method = Class.forName("java.net.SocketPermission").getDeclaredMethod("setDeny", new Class[0]);
                        } catch (NoSuchMethodException e4) {
                        }
                        Method method2 = method;
                        AccessController.doPrivileged(new PrivilegedAction(method2) { // from class: sun.plugin.liveconnect.SecureInvocation.5
                            private final Method val$lookupMethod;

                            {
                                this.val$lookupMethod = method2;
                            }

                            @Override // java.security.PrivilegedAction
                            /* renamed from: run */
                            public Object run2() {
                                if (this.val$lookupMethod == null) {
                                    return null;
                                }
                                this.val$lookupMethod.setAccessible(true);
                                return null;
                            }
                        });
                        if (method2 != null) {
                            try {
                                method2.invoke(socketPermission, new Object[0]);
                            } catch (IllegalAccessException e5) {
                            } catch (InvocationTargetException e6) {
                            }
                        }
                    } catch (ClassNotFoundException e7) {
                        return null;
                    }
                }
                AccessController.doPrivileged(new PrivilegedAction(permissions, socketPermission, secureCookiePermission) { // from class: sun.plugin.liveconnect.SecureInvocation.6
                    private final PermissionCollection val$pc;
                    private final SocketPermission val$socketPerm;
                    private final SecureCookiePermission val$cookiePerm;

                    {
                        this.val$pc = permissions;
                        this.val$socketPerm = socketPermission;
                        this.val$cookiePerm = secureCookiePermission;
                    }

                    @Override // java.security.PrivilegedAction
                    /* renamed from: run */
                    public Object run2() {
                        this.val$pc.add(this.val$socketPerm);
                        this.val$pc.add(this.val$cookiePerm);
                        return null;
                    }
                });
            }
        }
        return new JavaScriptProtectionDomain(permissions);
    }

    private static ProtectionDomain getTrustedProtectionDomain() {
        Trace.msgLiveConnectPrintln("liveconnect.UniversalJavaPermission.enabled");
        Permissions permissions = new Permissions();
        permissions.add(new AllPermission());
        return new JavaScriptProtectionDomain(permissions);
    }

    static ProtectionDomain access$200() {
        return getTrustedProtectionDomain();
    }
}
