package org.globus.gsi;

import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.Principal;
import java.security.Provider;
import java.security.Security;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.StringTokenizer;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.bouncycastle.asn1.x509.X509Name;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.globus.common.CoGProperties;
import org.globus.ftp.HostPort6;
import org.globus.gsi.bc.X509NameHelper;
import org.globus.util.Base64;
import org.globus.util.I18n;
import org.globus.util.PEMUtils;

/* loaded from: input_file:org/globus/gsi/CertUtil.class */
public class CertUtil {
    private static Log logger;
    private static I18n i18n;
    private static String provider;
    static Class class$org$globus$gsi$CertUtil;

    public static void init() {
    }

    public static void setProvider(String str) {
        provider = str;
        if (logger.isDebugEnabled()) {
            logger.debug(new StringBuffer().append("Provider set to : ").append(str).toString());
        }
    }

    protected static CertificateFactory getCertificateFactory() throws GeneralSecurityException {
        return provider == null ? CertificateFactory.getInstance("X.509") : CertificateFactory.getInstance("X.509", provider);
    }

    public static X509Certificate loadCertificate(InputStream inputStream) throws GeneralSecurityException {
        return (X509Certificate) getCertificateFactory().generateCertificate(inputStream);
    }

    public static X509Certificate loadCertificate(String str) throws IOException, GeneralSecurityException {
        if (str == null) {
            throw new IllegalArgumentException(i18n.getMessage("certFileNull"));
        }
        BufferedReader bufferedReader = new BufferedReader(new FileReader(str));
        try {
            X509Certificate readCertificate = readCertificate(bufferedReader);
            bufferedReader.close();
            if (readCertificate == null) {
                throw new GeneralSecurityException(i18n.getMessage("noCertData"));
            }
            return readCertificate;
        } catch (Throwable th) {
            bufferedReader.close();
            throw th;
        }
    }

    public static X509Certificate[] loadCertificates(String str) throws IOException, GeneralSecurityException {
        if (str == null) {
            throw new IllegalArgumentException(i18n.getMessage("certFileNull"));
        }
        ArrayList arrayList = new ArrayList();
        BufferedReader bufferedReader = new BufferedReader(new FileReader(str));
        while (true) {
            try {
                X509Certificate readCertificate = readCertificate(bufferedReader);
                if (readCertificate == null) {
                    break;
                }
                arrayList.add(readCertificate);
            } finally {
                bufferedReader.close();
            }
        }
        if (arrayList.isEmpty()) {
            throw new GeneralSecurityException(i18n.getMessage("noCertData"));
        }
        return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
    }

    public static X509Certificate readCertificate(BufferedReader bufferedReader) throws IOException, GeneralSecurityException {
        StringBuffer stringBuffer = new StringBuffer();
        boolean z = false;
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                return null;
            }
            if (readLine.indexOf("BEGIN CERTIFICATE") != -1) {
                z = true;
            } else {
                if (z && readLine.indexOf("END CERTIFICATE") != -1) {
                    return loadCertificate(new ByteArrayInputStream(Base64.decode(stringBuffer.toString().getBytes())));
                }
                if (z) {
                    stringBuffer.append(readLine);
                }
            }
        }
    }

    public static void writeCertificate(OutputStream outputStream, X509Certificate x509Certificate) throws IOException, CertificateEncodingException {
        PEMUtils.writeBase64(outputStream, "-----BEGIN CERTIFICATE-----", Base64.encode(x509Certificate.getEncoded()), "-----END CERTIFICATE-----");
    }

    public static String toGlobusID(String str) {
        return toGlobusID(str, true);
    }

    public static String toGlobusID(String str, boolean z) {
        if (str == null) {
            return null;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        StringBuffer stringBuffer = new StringBuffer();
        while (stringTokenizer.hasMoreTokens()) {
            String trim = stringTokenizer.nextToken().trim();
            if (z) {
                stringBuffer.append("/");
                stringBuffer.append(trim);
            } else {
                stringBuffer.insert(0, trim);
                stringBuffer.insert(0, "/");
            }
        }
        return stringBuffer.toString();
    }

    public static String toGlobusID(Principal principal) {
        return principal instanceof X509Name ? X509NameHelper.toString((X509Name) principal) : toGlobusID(principal.getName());
    }

    public static void installSecureRandomProvider() {
        String secureRandomProvider = CoGProperties.getDefault().getSecureRandomProvider();
        try {
            logger.debug(new StringBuffer().append("Loading SecureRandom provider: ").append(secureRandomProvider).toString());
            Security.insertProviderAt((Provider) Class.forName(secureRandomProvider).newInstance(), 1);
        } catch (Exception e) {
            logger.debug("Unable to install PRNG. Using default PRNG.", e);
        }
    }

    public static KeyPair generateKeyPair(String str, int i) throws GeneralSecurityException {
        KeyPairGenerator keyPairGenerator = provider == null ? KeyPairGenerator.getInstance(str) : KeyPairGenerator.getInstance(str, provider);
        keyPairGenerator.initialize(i);
        return keyPairGenerator.generateKeyPair();
    }

    public static boolean isProxy(int i) {
        return isGsi2Proxy(i) || isGsi3Proxy(i) || isGsi4Proxy(i);
    }

    public static boolean isGsi4Proxy(int i) {
        return i == 18 || i == 17 || i == 16 || i == 19;
    }

    public static boolean isGsi3Proxy(int i) {
        return i == 14 || i == 13 || i == 12 || i == 15;
    }

    public static boolean isGsi2Proxy(int i) {
        return i == 10 || i == 11;
    }

    public static boolean isLimitedProxy(int i) {
        return i == 15 || i == 11 || i == 19;
    }

    public static boolean isIndependentProxy(int i) {
        return i == 13 || i == 17;
    }

    public static boolean isImpersonationProxy(int i) {
        return i == 14 || i == 15 || i == 18 || i == 19 || i == 11 || i == 10;
    }

    public static String getProxyTypeAsString(int i) {
        switch (i) {
            case 10:
                return "full legacy globus proxy";
            case 11:
                return "limited legacy globus proxy";
            case 12:
                return "Proxy draft compliant restricted proxy";
            case 13:
                return "Proxy draft compliant independent proxy";
            case 14:
                return "Proxy draft compliant impersonation proxy";
            case 15:
                return "Proxy draft compliant limited proxy";
            case 16:
                return "RFC 3820 compliant restricted proxy";
            case 17:
                return "RFC 3820 compliant independent proxy";
            case 18:
                return "RFC 3820 compliant impersonation proxy";
            case 19:
                return "RFC 3820 compliant limited proxy";
            default:
                return "not a proxy";
        }
    }

    public static boolean isGsi3Enabled() {
        String property = System.getProperty("org.globus.gsi.version");
        return property != null && property.equals("3");
    }

    public static boolean isGsi2Enabled() {
        String property = System.getProperty("org.globus.gsi.version");
        return property != null && property.equals(HostPort6.IPv6);
    }

    public static X509CRL loadCrl(String str) throws IOException, GeneralSecurityException {
        if (str == null) {
            throw new IllegalArgumentException(i18n.getMessage("crlFileNull"));
        }
        boolean z = false;
        X509CRL x509crl = null;
        StringBuffer stringBuffer = new StringBuffer();
        BufferedReader bufferedReader = new BufferedReader(new FileReader(str));
        while (true) {
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                if (readLine.indexOf("BEGIN X509 CRL") != -1) {
                    z = true;
                } else if (z && readLine.indexOf("END X509 CRL") != -1) {
                    x509crl = loadCrl(new ByteArrayInputStream(Base64.decode(stringBuffer.toString().getBytes())));
                } else if (z) {
                    stringBuffer.append(readLine);
                }
            } finally {
                bufferedReader.close();
            }
        }
        if (x509crl == null) {
            throw new GeneralSecurityException(i18n.getMessage("noCrlData"));
        }
        return x509crl;
    }

    public static X509CRL loadCrl(InputStream inputStream) throws GeneralSecurityException {
        return (X509CRL) getCertificateFactory().generateCRL(inputStream);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        Class cls2;
        if (class$org$globus$gsi$CertUtil == null) {
            cls = class$("org.globus.gsi.CertUtil");
            class$org$globus$gsi$CertUtil = cls;
        } else {
            cls = class$org$globus$gsi$CertUtil;
        }
        logger = LogFactory.getLog(cls.getName());
        if (class$org$globus$gsi$CertUtil == null) {
            cls2 = class$("org.globus.gsi.CertUtil");
            class$org$globus$gsi$CertUtil = cls2;
        } else {
            cls2 = class$org$globus$gsi$CertUtil;
        }
        i18n = I18n.getI18n("org.globus.gsi.errors", cls2.getClassLoader());
        Security.addProvider(new BouncyCastleProvider());
        setProvider("BC");
        installSecureRandomProvider();
    }
}
