package com.sun.deploy.security;

import com.sun.deploy.config.Platform;
import com.sun.deploy.resources.ResourceManager;
import com.sun.deploy.trace.Trace;
import com.sun.deploy.ui.AppInfo;
import com.sun.deploy.uitoolkit.ToolkitStore;
import java.net.URL;
import java.security.Principal;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/sun/deploy/security/TrustDeciderDialog.class */
public class TrustDeciderDialog {
    private static final String RISK_MESSAGE = getString("security.dialog.unverified.signed.sub.new");
    private static final String MORE_CANCEL_MESSAGE = getString("sandbox.security.info.cancel");
    private static final String MORE_RUN_MESSAGE = getString("security.dialog.signed.moreinfo.generic");
    private static final String MORE_TRUSTED_MESSAGE = getString("sandbox.security.info.trusted");

    TrustDeciderDialog() {
    }

    public static int showDialog(Certificate[] certificateArr, URL url, int i, int i2, boolean z, int i3, Date date, AppInfo appInfo, boolean z2) throws CertificateException {
        return showDialog(certificateArr, url, i, i2, z, i3, date, appInfo, z2, null, false);
    }

    public static int showDialog(Certificate[] certificateArr, URL url, int i, int i2, boolean z, int i3, Date date, AppInfo appInfo, boolean z2, String str) throws CertificateException {
        return showDialog(certificateArr, url, i, i2, z, i3, date, appInfo, z2, str, false);
    }

    public static int showDialog(Certificate[] certificateArr, URL url, int i, int i2, boolean z, int i3, Date date, AppInfo appInfo, boolean z2, String str, boolean z3) throws CertificateException {
        try {
            URLClassPathControl.disable();
            if (!(certificateArr[i] instanceof X509Certificate) || !(certificateArr[i2 - 1] instanceof X509Certificate)) {
                URLClassPathControl.enable();
                return -1;
            }
            X509Certificate x509Certificate = (X509Certificate) certificateArr[i];
            X509Certificate x509Certificate2 = (X509Certificate) certificateArr[i2 - 1];
            boolean z4 = (str == null || CertUtils.checkWildcardDomainList(str, CertUtils.getServername(x509Certificate))) ? false : true;
            Principal subjectDN = x509Certificate.getSubjectDN();
            int doShowDialog = doShowDialog(certificateArr, url, i, i2, z, i3, date, appInfo, z2, str, extractIssuerName(x509Certificate2.getIssuerDN().getName()), extractSubjectName(subjectDN.getName()), z4, z3, x509Certificate2.getIssuerX500Principal().equals(x509Certificate2.getSubjectX500Principal()));
            URLClassPathControl.enable();
            return doShowDialog;
        } catch (Throwable th) {
            URLClassPathControl.enable();
            throw th;
        }
    }

    private static String extractSubjectName(String str) {
        String extractField = extractField(str, "CN=");
        if (extractField == null) {
            String extractField2 = extractField(str, "O=");
            String extractField3 = extractField(str, "OU=");
            if (extractField2 != null || extractField3 != null) {
                Object[] objArr = new Object[2];
                objArr[0] = extractField2 == null ? "" : extractField2;
                objArr[1] = extractField3 == null ? "" : extractField3;
                extractField = ResourceManager.getString("security.dialog.certShowOOUName", objArr);
            }
        }
        if (extractField == null) {
            extractField = getString("security.dialog.unknown.subject");
        }
        return extractField;
    }

    private static String extractIssuerName(String str) {
        String extractField = extractField(str, "O=");
        if (extractField == null) {
            extractField = getString("security.dialog.unknown.issuer");
        }
        return extractField;
    }

    static String extractField(String str, String str2) {
        int indexOf;
        String str3 = null;
        int indexOf2 = str.indexOf(str2);
        if (indexOf2 >= 0) {
            try {
                int length = indexOf2 + str2.length();
                if (str.charAt(length) == '\"') {
                    length++;
                    indexOf = str.indexOf(34, length);
                } else {
                    indexOf = str.indexOf(44, length);
                }
                str3 = indexOf < 0 ? str.substring(length) : str.substring(length, indexOf);
            } catch (IndexOutOfBoundsException e) {
                Trace.ignored(e);
            }
        }
        return str3;
    }

    protected static int doShowDialog(Certificate[] certificateArr, URL url, int i, int i2, boolean z, int i3, Date date, AppInfo appInfo, boolean z2, String str, String str2, String str3, boolean z3, boolean z4, boolean z5) throws CertificateException {
        int i4;
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        boolean z6 = false;
        String str4 = null;
        String str5 = null;
        boolean z7 = false;
        String str6 = z2 ? "security.dialog.https.buttonContinue" : "security.dialog.signed.buttonContinue";
        String string = z2 ? getString("security.dialog.https.buttonCancel") : getString("security.dialog.signed.buttonCancel");
        boolean z8 = false;
        boolean z9 = false;
        if (url != null) {
            appInfo.setFrom(url);
        }
        if (z || z3 || i3 != 0 || z4) {
            if (z) {
                z6 = true;
                if (z2) {
                    str4 = getString("security.dialog.unverified.https.caption");
                    arrayList.add(getString("security.dialog.unverified.https.generic"));
                    z7 = true;
                    if (z5) {
                        arrayList.add(getString("security.dialog.selfsigned.https.sub"));
                    } else {
                        arrayList.add(getString("security.dialog.unverified.https.sub"));
                    }
                } else {
                    str4 = getString("security.dialog.signed.caption");
                    arrayList.add(RISK_MESSAGE);
                    String string2 = getString("security.dialog.notverified.subject");
                    arrayList.add(getString("security.info.publisher.unknown").replaceAll(string2, string2.toUpperCase()));
                    arrayList.add(getString("security.dialog.unverified.signed.publisher"));
                }
            } else if (!z3) {
                if (z2) {
                    str4 = getString("security.dialog.unverified.https.caption");
                } else {
                    str4 = getString("security.dialog.signed.caption");
                    arrayList2.add(getString("security.dialog.verified.signed.publisher"));
                }
            }
            switch (i3) {
                case -1:
                    if (z2) {
                        if (!z7) {
                            arrayList.add(getString("security.dialog.unverified.https.generic"));
                        }
                        arrayList.add(getString("security.dialog.expired.https.time"));
                        break;
                    } else {
                        if (arrayList.isEmpty()) {
                            z6 = true;
                            arrayList.add(combineMessage(RISK_MESSAGE, getString("sandbox.security.dialog.expired.signed.label")));
                            arrayList2.clear();
                            if (!z4) {
                                if (!appInfo.isMultiHost()) {
                                    z8 = true;
                                } else if (DeployManifestChecker.verifyApplicationLibraryAllowableCodebase(url, appInfo)) {
                                    z8 = true;
                                    z9 = true;
                                }
                            }
                        }
                        if (z) {
                            arrayList.add(getString("sandbox.security.dialog.expired.signed.label"));
                            break;
                        } else {
                            arrayList.add(getString("sandbox.security.info.expired.state"));
                            break;
                        }
                    }
                case 0:
                default:
                    if (!z2 && !z) {
                        arrayList2.add(getString("sandbox.security.info.trusted.state"));
                        break;
                    }
                    break;
                case 1:
                    if (z2) {
                        if (!z7) {
                            arrayList.add(getString("security.dialog.unverified.https.generic"));
                        }
                        arrayList.add(getString("security.dialog.notyetvalid.https.time"));
                        break;
                    } else {
                        if (arrayList.isEmpty() && !z) {
                            z6 = true;
                            arrayList.add(combineMessage(RISK_MESSAGE, getString("security.dialog.notyet.signed.sub")));
                            arrayList2.clear();
                        }
                        arrayList.add(getString("security.dialog.notyetvalid.signed.time"));
                        break;
                    }
                    break;
            }
            if (z4) {
                z6 = true;
                if (!z2 && arrayList.isEmpty()) {
                    arrayList.add(combineMessage(RISK_MESSAGE, getString("sandbox.security.info.selfsigned.revocation.unknown")));
                }
                arrayList.add(getString("sandbox.security.info.revocation.unsure.state"));
                arrayList2.clear();
            }
        } else {
            str5 = z2 ? getString("security.dialog.verified.valid.https.caption") : getString("security.dialog.signed.caption");
            if (z2) {
                arrayList2.add(getString("security.dialog.verified.valid.https.sub"));
            }
            if (!appInfo.isMultiHost()) {
                z8 = true;
            } else if (DeployManifestChecker.verifyApplicationLibraryAllowableCodebase(url, appInfo)) {
                z8 = true;
                z9 = true;
            } else if (appInfo.isJNLPSourceUnknown()) {
                z8 = true;
            }
            if (!z2) {
                arrayList2.add(getString("sandbox.security.info.trusted.state"));
            }
        }
        if (z3) {
            if (str4 == null) {
                str4 = ResourceManager.getString("security.dialog.unverified.https.caption");
            }
            if (arrayList.isEmpty()) {
                arrayList.add(getString("security.dialog.unverified.https.generic"));
            }
            arrayList.add(ResourceManager.getString("security.dialog.hostname.mismatch.moreinfo", str, str3));
        }
        if (!z2) {
            ArrayList arrayList3 = arrayList2;
            int i5 = 0;
            if (!arrayList.isEmpty()) {
                i5 = 1;
                arrayList3 = arrayList;
            }
            int i6 = i5;
            int i7 = i5 + 1;
            arrayList3.add(i6, MORE_RUN_MESSAGE);
            int i8 = i7 + 1;
            arrayList3.add(i7, MORE_CANCEL_MESSAGE);
            if (!z) {
                int i9 = i8 + 1;
                arrayList3.add(i8, MORE_TRUSTED_MESSAGE);
            }
        } else if (str != null) {
            appInfo.setTitle(str);
        } else {
            appInfo.setTitle(str3);
        }
        String str7 = str4 != null ? str4 : str5;
        String[] strArr = null;
        String[] strArr2 = null;
        if (!arrayList.isEmpty()) {
            strArr = new String[arrayList.size()];
            for (int i10 = 0; i10 < arrayList.size(); i10++) {
                strArr[i10] = ((String) arrayList.get(i10)).toString();
            }
        }
        if (!arrayList2.isEmpty()) {
            strArr2 = new String[arrayList2.size()];
            for (int i11 = 0; i11 < arrayList2.size(); i11++) {
                strArr2[i11] = ((String) arrayList2.get(i11)).toString();
            }
        }
        if (arrayList.isEmpty() && arrayList2.isEmpty()) {
            throw new CertificateException(getString("security.dialog.exception.message"));
        }
        if (Platform.get().isNativeSandbox()) {
            z8 = false;
        }
        if (Trace.isAutomationEnabled()) {
            Trace.msgSecurityPrintln("trustdecider.automation.trustcert");
            i4 = 0;
        } else {
            if (z) {
                str3 = getString("security.dialog.notverified.subject").toUpperCase();
            }
            String string3 = strArr == null ? getString("security.dialog.valid.caption") : getString("security.dialog.caption");
            DeployManifestChecker.printWarningsIfRequired(url, appInfo);
            i4 = ToolkitStore.getUI().showSecurityDialog(z9 ? AppInfo.createSingleHostAppInfo(appInfo) : appInfo, string3, str7, str3, url, z8, false, str6, string, strArr, strArr2, true, certificateArr, i, i2, z6, z2, z);
        }
        return i4;
    }

    private static String combineMessage(String str, String str2) {
        return str + "\n\n" + str2;
    }

    private static String getString(String str) {
        return ResourceManager.getString(str);
    }
}
