package org.globus.gsi;

import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.EOFException;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.OutputStream;
import java.io.Serializable;
import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.util.Date;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.globus.common.ChainedIOException;
import org.globus.common.CoGProperties;
import org.globus.gsi.bc.BouncyCastleOpenSSLKey;
import org.globus.gsi.bc.BouncyCastleUtil;
import org.globus.gsi.gssapi.SSLUtil;
import org.globus.util.Base64;
import org.globus.util.PEMUtils;

/* loaded from: input_file:org/globus/gsi/GlobusCredential.class */
public class GlobusCredential implements Serializable {
    private static Log logger;
    private static GlobusCredential defaultCred;
    private static boolean credentialSet;
    private PrivateKey key;
    private X509Certificate[] certs;
    static Class class$org$globus$gsi$GlobusCredential;

    public GlobusCredential(PrivateKey privateKey, X509Certificate[] x509CertificateArr) {
        this.key = privateKey;
        this.certs = x509CertificateArr;
    }

    public GlobusCredential(String str) throws GlobusCredentialException {
        if (str == null) {
            throw new IllegalArgumentException("proxyFile == null");
        }
        logger.debug(new StringBuffer().append("Loading proxy file: ").append(str).toString());
        try {
            load(new FileInputStream(str));
        } catch (FileNotFoundException e) {
            throw new GlobusCredentialException(3, "proxyNotFound", new Object[]{str});
        }
    }

    public GlobusCredential(String str, String str2) throws GlobusCredentialException {
        if (str == null || str2 == null) {
            throw new IllegalArgumentException();
        }
        try {
            this.certs = CertUtil.loadCertificates(str);
            BouncyCastleOpenSSLKey bouncyCastleOpenSSLKey = new BouncyCastleOpenSSLKey(str2);
            if (bouncyCastleOpenSSLKey.isEncrypted()) {
                throw new GlobusCredentialException(2, "encPrivKey", new Object[]{str2});
            }
            this.key = bouncyCastleOpenSSLKey.getPrivateKey();
        } catch (IOException e) {
            throw new GlobusCredentialException(3, "ioError00", e);
        } catch (GeneralSecurityException e2) {
            throw new GlobusCredentialException(3, "secError00", e2);
        } catch (Exception e3) {
            throw new GlobusCredentialException(-1, "error00", e3);
        }
    }

    public GlobusCredential(InputStream inputStream) throws GlobusCredentialException {
        load(inputStream);
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:19:0x00d5
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    protected void load(java.io.InputStream r7) throws org.globus.gsi.GlobusCredentialException {
        /*
            Method dump skipped, instructions count: 287
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.globus.gsi.GlobusCredential.load(java.io.InputStream):void");
    }

    private static final byte[] getDecodedPEMObject(BufferedReader bufferedReader) throws IOException {
        StringBuffer stringBuffer = new StringBuffer();
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                throw new EOFException("PEM footer missing");
            }
            if (readLine.indexOf("--END") != -1) {
                return Base64.decode(stringBuffer.toString().getBytes());
            }
            stringBuffer.append(readLine);
        }
    }

    public void save(OutputStream outputStream) throws IOException {
        try {
            writePEM(outputStream, this.certs[0]);
            new BouncyCastleOpenSSLKey(this.key).writeTo(outputStream);
            for (int i = 1; i < this.certs.length; i++) {
                if (!this.certs[i].getSubjectDN().equals(this.certs[i].getIssuerDN())) {
                    writePEM(outputStream, this.certs[i]);
                }
            }
            outputStream.flush();
        } catch (CertificateEncodingException e) {
            throw new ChainedIOException(e.getMessage(), e);
        }
    }

    private static final void writePEM(OutputStream outputStream, X509Certificate x509Certificate) throws IOException, CertificateEncodingException {
        PEMUtils.writeBase64(outputStream, "-----BEGIN CERTIFICATE-----", Base64.encode(x509Certificate.getEncoded()), "-----END CERTIFICATE-----");
    }

    public void verify() throws GlobusCredentialException {
        for (int i = 0; i < this.certs.length; i++) {
            try {
                this.certs[i].checkValidity();
            } catch (CertificateExpiredException e) {
                throw new GlobusCredentialException(1, "expired00", new Object[]{this.certs[i].getSubjectDN().getName()});
            } catch (GeneralSecurityException e2) {
                throw new GlobusCredentialException(3, "secError00", e2);
            }
        }
    }

    public X509Certificate getIdentityCertificate() {
        try {
            return BouncyCastleUtil.getIdentityCertificate(this.certs);
        } catch (CertificateException e) {
            logger.debug("Error getting certificate identity", e);
            return null;
        }
    }

    public String getIdentity() {
        try {
            return BouncyCastleUtil.getIdentity(this.certs);
        } catch (CertificateException e) {
            logger.debug("Error getting certificate identity", e);
            return null;
        }
    }

    public PrivateKey getPrivateKey() {
        return this.key;
    }

    public X509Certificate[] getCertificateChain() {
        return this.certs;
    }

    public int getCertNum() {
        for (int length = this.certs.length - 1; length >= 0; length--) {
            if (!this.certs[length].getSubjectDN().equals(this.certs[length].getIssuerDN())) {
                return length + 1;
            }
        }
        return this.certs.length;
    }

    public int getStrength() {
        if (this.key == null) {
            return -1;
        }
        return ((RSAPrivateKey) this.key).getModulus().bitLength();
    }

    public String getSubject() {
        return this.certs[0].getSubjectDN().getName();
    }

    public String getIssuer() {
        return this.certs[0].getIssuerDN().getName();
    }

    public int getProxyType() {
        try {
            return BouncyCastleUtil.getCertificateType(this.certs[0]);
        } catch (CertificateException e) {
            logger.debug("Error getting certificate type", e);
            return -1;
        }
    }

    public long getTimeLeft() {
        Date date = null;
        for (int i = 0; i < this.certs.length; i++) {
            Date notAfter = this.certs[i].getNotAfter();
            if (date == null || notAfter.before(date)) {
                date = notAfter;
            }
        }
        long time = (date.getTime() - System.currentTimeMillis()) / 1000;
        if (time < 0) {
            return 0L;
        }
        return time;
    }

    private void writeObject(ObjectOutputStream objectOutputStream) throws IOException {
        byte[] encoded = new BouncyCastleOpenSSLKey(this.key).getEncoded();
        objectOutputStream.writeInt(encoded.length);
        objectOutputStream.write(encoded);
        objectOutputStream.writeInt(this.certs.length);
        for (int i = 0; i < this.certs.length; i++) {
            try {
                byte[] encoded2 = this.certs[i].getEncoded();
                objectOutputStream.writeInt(encoded2.length);
                objectOutputStream.write(encoded2);
            } catch (Exception e) {
                throw new ChainedIOException("", e);
            }
        }
    }

    private static byte[] readData(ObjectInputStream objectInputStream) throws IOException {
        int readInt = objectInputStream.readInt();
        byte[] bArr = new byte[readInt];
        SSLUtil.readFully(objectInputStream, bArr, 0, readInt);
        return bArr;
    }

    private void readObject(ObjectInputStream objectInputStream) throws IOException, ClassNotFoundException {
        try {
            this.key = new BouncyCastleOpenSSLKey("RSA", readData(objectInputStream)).getPrivateKey();
            int readInt = objectInputStream.readInt();
            this.certs = new X509Certificate[readInt];
            for (int i = 0; i < readInt; i++) {
                try {
                    this.certs[i] = CertUtil.loadCertificate(new ByteArrayInputStream(readData(objectInputStream)));
                } catch (IOException e) {
                    throw e;
                } catch (Exception e2) {
                    throw new ChainedIOException("", e2);
                }
            }
        } catch (IOException e3) {
            throw e3;
        } catch (Exception e4) {
            throw new ChainedIOException("", e4);
        }
    }

    public static synchronized GlobusCredential getDefaultCredential() throws GlobusCredentialException {
        if (defaultCred == null || (!credentialSet && defaultCred.getTimeLeft() <= 0)) {
            defaultCred = new GlobusCredential(CoGProperties.getDefault().getProxyFile());
            defaultCred.verify();
        }
        return defaultCred;
    }

    public static synchronized void setDefaultCredential(GlobusCredential globusCredential) {
        defaultCred = globusCredential;
        credentialSet = globusCredential != null;
    }

    public String toString() {
        String property = System.getProperty("line.separator");
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("subject    : ").append(getSubject()).append(property);
        stringBuffer.append("issuer     : ").append(getIssuer()).append(property);
        stringBuffer.append("strength   : ").append(new StringBuffer().append(getStrength()).append(" bits").toString()).append(property);
        stringBuffer.append("timeleft   : ").append(new StringBuffer().append(getTimeLeft()).append(" sec").toString()).append(property);
        stringBuffer.append("proxy type : ").append(CertUtil.getProxyTypeAsString(getProxyType()));
        return stringBuffer.toString();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$globus$gsi$GlobusCredential == null) {
            cls = class$("org.globus.gsi.GlobusCredential");
            class$org$globus$gsi$GlobusCredential = cls;
        } else {
            cls = class$org$globus$gsi$GlobusCredential;
        }
        logger = LogFactory.getLog(cls.getName());
        defaultCred = null;
        credentialSet = false;
    }
}
