package sun.plugin.liveconnect;

import java.io.FilePermission;
import java.lang.reflect.Constructor;
import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.net.InetAddress;
import java.net.MalformedURLException;
import java.net.SocketPermission;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.AllPermission;
import java.security.CodeSource;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.security.Policy;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.ProtectionDomain;
import org.apache.tomcat.request.StaticInterceptor;
import sun.plugin.usability.Trace;
import sun.security.tools.ToolDialog;

/* loaded from: input_file:jdk/jre/lib/jaws.jar:sun/plugin/liveconnect/SecureInvocation.class */
public class SecureInvocation {
    public static Object ConstructObject(Constructor constructor, Object[] objArr, int i) throws Exception {
        ProtectionDomain[] protectionDomainArr = new ProtectionDomain[1];
        if (i == 0) {
            protectionDomainArr[0] = getDefaultProtectionDomain(null);
        } else {
            protectionDomainArr[0] = getTrustedProtectionDomain();
        }
        try {
            return AccessController.doPrivileged(new PrivilegedConstructObjectAction(constructor, objArr), new AccessControlContext(protectionDomainArr));
        } catch (PrivilegedActionException e) {
            throw e;
        }
    }

    public static Object CallMethod(Object obj, Method method, Object[] objArr, int i) throws Exception {
        ProtectionDomain[] protectionDomainArr = new ProtectionDomain[1];
        if (i == 0) {
            protectionDomainArr[0] = getDefaultProtectionDomain(null);
        } else {
            protectionDomainArr[0] = getTrustedProtectionDomain();
        }
        try {
            return AccessController.doPrivileged(new PrivilegedCallMethodAction(method, obj, objArr), new AccessControlContext(protectionDomainArr));
        } catch (PrivilegedActionException e) {
            throw e;
        }
    }

    public static Object GetField(Object obj, Field field, int i) throws Exception {
        ProtectionDomain[] protectionDomainArr = new ProtectionDomain[1];
        if (i == 0) {
            protectionDomainArr[0] = getDefaultProtectionDomain(null);
        } else {
            protectionDomainArr[0] = getTrustedProtectionDomain();
        }
        try {
            return AccessController.doPrivileged(new PrivilegedGetFieldAction(field, obj), new AccessControlContext(protectionDomainArr));
        } catch (PrivilegedActionException e) {
            throw e;
        }
    }

    public static void SetField(Object obj, Field field, Object obj2, int i) throws Exception {
        ProtectionDomain[] protectionDomainArr = new ProtectionDomain[1];
        if (i == 0) {
            protectionDomainArr[0] = getDefaultProtectionDomain(null);
        } else {
            protectionDomainArr[0] = getTrustedProtectionDomain();
        }
        try {
            AccessController.doPrivileged(new PrivilegedSetFieldAction(field, obj, obj2), new AccessControlContext(protectionDomainArr));
        } catch (PrivilegedActionException e) {
            throw e;
        }
    }

    public static Object ConstructObject(Class cls, Constructor constructor, Object[] objArr, String str, boolean z, boolean z2) throws Exception {
        try {
            checkLiveConnectCaller(cls, str, z);
            ProtectionDomain[] protectionDomainArr = new ProtectionDomain[1];
            if (z2) {
                protectionDomainArr[0] = getTrustedProtectionDomain();
            } else {
                protectionDomainArr[0] = getDefaultProtectionDomain(str);
            }
            return AccessController.doPrivileged(new PrivilegedConstructObjectAction(constructor, objArr), new AccessControlContext(protectionDomainArr));
        } catch (Exception e) {
            Trace.liveConnectPrintException(e);
            throw e;
        }
    }

    public static Object CallMethod(Class cls, Object obj, Method method, Object[] objArr, String str, boolean z, boolean z2) throws Exception {
        try {
            checkLiveConnectCaller(cls, str, z);
            ProtectionDomain[] protectionDomainArr = new ProtectionDomain[1];
            if (z2) {
                protectionDomainArr[0] = getTrustedProtectionDomain();
            } else {
                protectionDomainArr[0] = getDefaultProtectionDomain(str);
            }
            return AccessController.doPrivileged(new PrivilegedCallMethodAction(method, obj, objArr), new AccessControlContext(protectionDomainArr));
        } catch (Exception e) {
            Trace.liveConnectPrintException(e);
            throw e;
        }
    }

    public static Object GetField(Class cls, Object obj, Field field, String str, boolean z, boolean z2) throws Exception {
        try {
            checkLiveConnectCaller(cls, str, z);
            ProtectionDomain[] protectionDomainArr = new ProtectionDomain[1];
            if (z2) {
                protectionDomainArr[0] = getTrustedProtectionDomain();
            } else {
                protectionDomainArr[0] = getDefaultProtectionDomain(str);
            }
            return AccessController.doPrivileged(new PrivilegedGetFieldAction(field, obj), new AccessControlContext(protectionDomainArr));
        } catch (Exception e) {
            Trace.liveConnectPrintException(e);
            throw e;
        }
    }

    public static void SetField(Class cls, Object obj, Field field, Object obj2, String str, boolean z, boolean z2) throws Exception {
        try {
            checkLiveConnectCaller(cls, str, z);
            ProtectionDomain[] protectionDomainArr = new ProtectionDomain[1];
            if (z2) {
                protectionDomainArr[0] = getTrustedProtectionDomain();
            } else {
                protectionDomainArr[0] = getDefaultProtectionDomain(str);
            }
            AccessController.doPrivileged(new PrivilegedSetFieldAction(field, obj, obj2), new AccessControlContext(protectionDomainArr));
        } catch (Exception e) {
            Trace.liveConnectPrintException(e);
            throw e;
        }
    }

    private static ProtectionDomain getProtectionDomain(Class cls, String str, boolean z, boolean z2) throws OriginNotAllowedException, MalformedURLException {
        checkLiveConnectCaller(cls, str, z);
        return z2 ? getTrustedProtectionDomain() : getDefaultProtectionDomain(str);
    }

    private static void checkLiveConnectCaller(Class cls, String str, boolean z) throws OriginNotAllowedException, MalformedURLException {
        if (z) {
            Trace.liveConnectPrintln("JavaScript: UniversalBrowserRead enabled");
            return;
        }
        CodeSource codeSource = cls.getProtectionDomain().getCodeSource();
        if (codeSource == null) {
            Trace.liveConnectPrintln("JavaScript: calling Java system code");
            return;
        }
        URL location = codeSource.getLocation();
        URL url = null;
        if (str != null) {
            try {
                url = new URL(str);
            } catch (MalformedURLException e) {
                e.printStackTrace();
                return;
            }
        }
        if (location == null || url == null || !location.getProtocol().equalsIgnoreCase(url.getProtocol()) || !location.getHost().equalsIgnoreCase(url.getHost()) || location.getPort() != url.getPort()) {
            throw new OriginNotAllowedException(new StringBuffer().append("JavaScript is not from the same origin as the Java code, caller=").append(url).append(", callee=").append(location).toString());
        }
        Trace.liveConnectPrintln("JavaScript: caller and callee have same origin");
    }

    private static ProtectionDomain getDefaultProtectionDomain(String str) throws MalformedURLException {
        Trace.liveConnectPrintln(new StringBuffer().append("JavaScript: default security policy = ").append(str).toString());
        URL url = null;
        if (str != null) {
            try {
                url = new URL(str);
            } catch (MalformedURLException e) {
            }
        }
        PermissionCollection permissions = Policy.getPolicy().getPermissions(new CodeSource(url, null));
        if (url.getProtocol().equals(StaticInterceptor.FILE_LOCALIZATION)) {
            permissions.add(new FilePermission(ToolDialog.FILE_ALL_FILES, "read"));
            permissions.add(new SocketPermission("localhost", "connect,accept"));
            AccessController.doPrivileged(new PrivilegedAction(permissions) { // from class: sun.plugin.liveconnect.SecureInvocation.1
                private final PermissionCollection val$pc;

                {
                    this.val$pc = permissions;
                }

                @Override // java.security.PrivilegedAction
                public Object run() {
                    try {
                        this.val$pc.add(new SocketPermission(InetAddress.getLocalHost().getHostName(), "connect,accept"));
                        return null;
                    } catch (UnknownHostException e2) {
                        return null;
                    }
                }
            });
        }
        return new JavaScriptProtectionDomain(permissions);
    }

    private static ProtectionDomain getTrustedProtectionDomain() {
        Trace.liveConnectPrintln("JavaScript: UniversalJavaPermission enabled");
        Permissions permissions = new Permissions();
        permissions.add(new AllPermission());
        return new JavaScriptProtectionDomain(permissions);
    }
}
