package org.eclipse.equinox.internal.p2.engine.phases;

import java.io.File;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import org.eclipse.core.runtime.IStatus;
import org.eclipse.core.runtime.Status;
import org.eclipse.equinox.internal.p2.engine.EngineActivator;
import org.eclipse.equinox.internal.p2.engine.Messages;
import org.eclipse.equinox.p2.core.IProvisioningAgent;
import org.eclipse.equinox.p2.core.UIServices;
import org.eclipse.osgi.signedcontent.SignedContent;
import org.eclipse.osgi.signedcontent.SignedContentFactory;
import org.eclipse.osgi.signedcontent.SignerInfo;
import org.eclipse.osgi.util.NLS;
import org.osgi.framework.ServiceReference;

/* loaded from: input_file:WEB-INF/plugins/org.eclipse.equinox.p2.engine_2.1.0.v20110511.jar:org/eclipse/equinox/internal/p2/engine/phases/CertificateChecker.class */
public class CertificateChecker {
    private ArrayList<File> artifacts;
    private final IProvisioningAgent agent;
    static Class class$0;
    static Class class$1;

    public CertificateChecker() {
        this(null);
    }

    public CertificateChecker(IProvisioningAgent iProvisioningAgent) {
        this.agent = iProvisioningAgent;
        this.artifacts = new ArrayList<>();
    }

    /* JADX WARN: Type inference failed for: r0v0, types: [java.lang.Throwable, org.osgi.framework.BundleContext] */
    public IStatus start() {
        ?? context = EngineActivator.getContext();
        Class<?> cls = class$0;
        if (cls == null) {
            try {
                cls = Class.forName("org.eclipse.osgi.signedcontent.SignedContentFactory");
                class$0 = cls;
            } catch (ClassNotFoundException unused) {
                throw new NoClassDefFoundError(context.getMessage());
            }
        }
        ServiceReference serviceReference = context.getServiceReference(cls);
        try {
            return checkCertificates((SignedContentFactory) context.getService(serviceReference));
        } finally {
            context.ungetService(serviceReference);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v33, types: [java.security.cert.Certificate[]] */
    private IStatus checkCertificates(SignedContentFactory signedContentFactory) {
        String[] strArr;
        Certificate[][] certificateArr;
        UIServices uIServices = (UIServices) this.agent.getService(UIServices.SERVICE_NAME);
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        ArrayList arrayList3 = new ArrayList();
        IStatus iStatus = Status.OK_STATUS;
        if (this.artifacts.size() == 0 || uIServices == null) {
            return iStatus;
        }
        Iterator<File> it = this.artifacts.iterator();
        while (it.hasNext()) {
            File next = it.next();
            try {
                SignedContent signedContent = signedContentFactory.getSignedContent(next);
                if (signedContent.isSigned()) {
                    SignerInfo[] signerInfos = signedContent.getSignerInfos();
                    for (int i = 0; i < signerInfos.length; i++) {
                        if (!signerInfos[i].isTrusted()) {
                            Certificate[] certificateChain = signerInfos[i].getCertificateChain();
                            if (!arrayList.contains(certificateChain[0])) {
                                arrayList.add(certificateChain[0]);
                                arrayList3.add(certificateChain);
                            }
                        }
                    }
                } else {
                    arrayList2.add(next);
                }
            } catch (IOException e) {
                return new Status(4, EngineActivator.ID, Messages.CertificateChecker_SignedContentIOError, e);
            } catch (GeneralSecurityException e2) {
                return new Status(4, EngineActivator.ID, Messages.CertificateChecker_SignedContentError, e2);
            }
        }
        String unsignedContentPolicy = getUnsignedContentPolicy();
        if (!arrayList2.isEmpty() && "fail".equals(unsignedContentPolicy)) {
            return new Status(4, EngineActivator.ID, NLS.bind(Messages.CertificateChecker_UnsignedNotAllowed, arrayList2));
        }
        if ("allow".equals(unsignedContentPolicy) || arrayList2.isEmpty()) {
            strArr = (String[]) null;
        } else {
            strArr = new String[arrayList2.size()];
            for (int i2 = 0; i2 < strArr.length; i2++) {
                strArr[i2] = ((File) arrayList2.get(i2)).toString();
            }
        }
        if (arrayList.isEmpty()) {
            certificateArr = (Certificate[][]) null;
        } else {
            certificateArr = new Certificate[arrayList3.size()];
            for (int i3 = 0; i3 < arrayList3.size(); i3++) {
                certificateArr[i3] = (Certificate[]) arrayList3.get(i3);
            }
        }
        if (strArr == null && certificateArr == null) {
            return iStatus;
        }
        UIServices.TrustInfo trustInfo = uIServices.getTrustInfo(certificateArr, strArr);
        if (!trustInfo.trustUnsignedContent()) {
            return Status.CANCEL_STATUS;
        }
        Certificate[] trustedCertificates = trustInfo.getTrustedCertificates();
        if (certificateArr != null && trustedCertificates == null) {
            return new Status(8, EngineActivator.ID, Messages.CertificateChecker_CertificateRejected);
        }
        if (trustedCertificates != null) {
            for (Certificate certificate : trustedCertificates) {
                arrayList.remove(certificate);
            }
        }
        return arrayList.size() > 0 ? new Status(8, EngineActivator.ID, Messages.CertificateChecker_CertificateRejected) : trustInfo.persistTrust() ? persistTrustedCertificates(trustedCertificates) : iStatus;
    }

    /* JADX WARN: Code restructure failed: missing block: B:26:0x008c, code lost:
    
        r0.addTrustAnchor(r0, r0.toString());
     */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Throwable, org.osgi.util.tracker.ServiceTracker] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private org.eclipse.core.runtime.IStatus persistTrustedCertificates(java.security.cert.Certificate[] r8) {
        /*
            Method dump skipped, instructions count: 248
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.eclipse.equinox.internal.p2.engine.phases.CertificateChecker.persistTrustedCertificates(java.security.cert.Certificate[]):org.eclipse.core.runtime.IStatus");
    }

    private String getUnsignedContentPolicy() {
        String property = EngineActivator.getContext().getProperty(EngineActivator.PROP_UNSIGNED_POLICY);
        if (property == null) {
            property = "prompt";
        }
        return property;
    }

    public void add(File file) {
        this.artifacts.add(file);
    }

    public void add(Object[] objArr) {
        for (int i = 0; i < objArr.length; i++) {
            if (objArr[i] instanceof File) {
                add((File) objArr[i]);
            }
        }
    }
}
