package org.eclipse.jetty.policy.entry;

import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Permission;
import java.security.cert.Certificate;
import java.util.HashSet;
import java.util.StringTokenizer;
import org.eclipse.jetty.policy.PolicyContext;
import org.eclipse.jetty.policy.PolicyException;
import org.eclipse.jetty.util.URIUtil;

/* loaded from: input_file:org/eclipse/jetty/policy/entry/PermissionEntry.class */
public class PermissionEntry extends AbstractEntry {
    private String klass;
    private String name;
    private String actions;
    private String signers;
    private Certificate[] signerArray;

    public Permission toPermission() throws PolicyException {
        try {
            Class<?> cls = Class.forName(this.klass);
            if (this.signerArray != null && !validate(this.signerArray, (Certificate[]) cls.getSigners())) {
                throw new PolicyException("Unvalidated Permissions: " + this.klass + URIUtil.SLASH + this.name);
            }
            Permission permission = null;
            if (this.name == null && this.actions == null) {
                permission = (Permission) cls.newInstance();
            } else if (this.name != null && this.actions == null) {
                permission = (Permission) cls.getConstructor(String.class).newInstance(this.name);
            } else if (this.name != null && this.actions != null) {
                permission = (Permission) cls.getConstructor(String.class, String.class).newInstance(this.name, this.actions);
            }
            return permission;
        } catch (Exception e) {
            throw new PolicyException(e);
        }
    }

    @Override // org.eclipse.jetty.policy.entry.AbstractEntry
    public void expand(PolicyContext policyContext) throws PolicyException {
        if (this.name != null) {
            this.name = policyContext.evaluate(this.name).trim();
        }
        if (this.actions != null) {
            this.actions = policyContext.evaluate(this.actions).trim();
        }
        if (this.signers != null) {
            this.signerArray = resolveCertificates(policyContext.getKeystore(), this.signers);
        }
        setExpanded(true);
    }

    private static boolean validate(Certificate[] certificateArr, Certificate[] certificateArr2) {
        if (certificateArr2 == null) {
            return false;
        }
        for (Certificate certificate : certificateArr) {
            boolean z = false;
            int i = 0;
            while (true) {
                if (i >= certificateArr2.length) {
                    break;
                }
                if (certificate.equals(certificateArr2[i])) {
                    z = true;
                    break;
                }
                i++;
            }
            if (!z) {
                return false;
            }
        }
        return true;
    }

    private static Certificate[] resolveCertificates(KeyStore keyStore, String str) throws PolicyException {
        if (keyStore == null) {
            return null;
        }
        HashSet hashSet = new HashSet();
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        int i = 0;
        while (stringTokenizer.hasMoreTokens()) {
            try {
                Certificate certificate = keyStore.getCertificate(stringTokenizer.nextToken().trim());
                if (certificate != null) {
                    hashSet.add(certificate);
                }
                i++;
            } catch (KeyStoreException e) {
                throw new PolicyException(e);
            }
        }
        return (Certificate[]) hashSet.toArray(new Certificate[hashSet.size()]);
    }

    public String getKlass() {
        return this.klass;
    }

    public void setKlass(String str) {
        this.klass = str;
    }

    public String getName() {
        return this.name;
    }

    public void setName(String str) {
        this.name = str;
    }

    public String getActions() {
        return this.actions;
    }

    public void setActions(String str) {
        this.actions = str;
    }

    public String getSigners() {
        return this.signers;
    }

    public void setSigners(String str) {
        this.signers = str;
    }
}
