package org.globus.purse.registration.certificateGeneration;

import java.io.File;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.globus.purse.exceptions.CertificateGenerationException;
import org.globus.purse.exceptions.RegistrationException;
import org.globus.purse.registration.RegisterUtil;

/* loaded from: input_file:org/globus/purse/registration/certificateGeneration/UserCertificateGeneration.class */
public class UserCertificateGeneration {
    static Log logger;
    private static String CERT_REQUEST;
    private static String CERT_SIGN;
    private static String CERT_INFO;
    private static String CERT_TO_SIGN;
    private static String SIGNED_CERT;
    static CertificateGenerationOptions certOptions;
    static boolean initialized;
    static Class class$org$globus$purse$registration$certificateGeneration$UserCertificateGeneration;

    public static void initialize(CertificateGenerationOptions certificateGenerationOptions) {
        if (initialized) {
            return;
        }
        certOptions = certificateGenerationOptions;
        initialized = true;
    }

    public static String generate(String str, String str2, String str3) throws CertificateGenerationException {
        String stringBuffer = new StringBuffer().append(str).append("/Email=").append(str2).toString();
        if (!initialized) {
            logger.error("Initialize method needs to be called prior to other method invocations");
            throw new CertificateGenerationException("Initialize method needs to be called prior to other method invocations");
        }
        logger.debug(new StringBuffer().append("Generate certificate ").append(stringBuffer).toString());
        File file = new File(certOptions.getTmpDirectory());
        if (!file.exists()) {
            logger.debug("tmp dir does not exist, create");
            file.mkdirs();
        }
        String stringBuffer2 = new StringBuffer().append(certOptions.getTmpDirectory()).append(File.separator).append(str).toString();
        if (new File(stringBuffer2).exists()) {
            logger.info(new StringBuffer().append("Certificates appear to have already been generated since ").append(stringBuffer2).append(" exists. Not generating").toString());
            return stringBuffer2;
        }
        String[] strArr = certOptions.getCaHash() == null ? new String[6] : new String[8];
        strArr[0] = new StringBuffer().append(certOptions.getBinDirectory()).append(File.separator).append(CERT_REQUEST).toString();
        strArr[1] = "-dir";
        strArr[2] = stringBuffer2;
        strArr[3] = "-cn";
        strArr[4] = stringBuffer;
        strArr[5] = "-nopassphrase";
        if (certOptions.getCaHash() == null) {
            logger.debug("CA hash is null, hence using default CA");
        } else {
            strArr[6] = "-ca";
            strArr[7] = certOptions.getCaHash();
        }
        try {
            RegisterUtil.runCommand(strArr, "Error generating certificate");
            if (str3 != null) {
                RegisterUtil.runCommand(new String[]{"openssl", "rsa", "-des3", "-in", new StringBuffer().append(stringBuffer2).append("/userkey.pem").toString(), "-out", new StringBuffer().append(stringBuffer2).append("/userkeytemp.pem").toString(), "-passout", new StringBuffer().append("pass:").append(str3).toString()}, "error using openssl to change the password");
                RegisterUtil.runCommand(new String[]{"mv", new StringBuffer().append(stringBuffer2).append("/userkeytemp.pem").toString(), new StringBuffer().append(stringBuffer2).append("/userkey.pem").toString()}, "");
            }
            return stringBuffer2;
        } catch (RegistrationException e) {
            throw new CertificateGenerationException("Command exec failed", e);
        }
    }

    public static void signCerts(String str, String str2) throws CertificateGenerationException {
        if (!initialized) {
            logger.error("Initialize method needs to be called prior to other method invocations");
            throw new CertificateGenerationException("Initialize method needs to be called prior to other method invocations");
        }
        logger.debug(new StringBuffer().append("Sign certificates for ").append(str).toString());
        File file = new File(new StringBuffer().append(str).append(File.separator).append(SIGNED_CERT).toString());
        if (file.exists() && file.length() > 0) {
            logger.info(new StringBuffer().append("Certificate appears to have been signed. ").append(str).append(File.separator).append(SIGNED_CERT).toString());
            return;
        }
        String stringBuffer = new StringBuffer().append(str).append(File.separator).append(CERT_TO_SIGN).toString();
        if (!new File(stringBuffer).exists()) {
            String stringBuffer2 = new StringBuffer().append("Certificate to sign does not exist at ").append(stringBuffer).toString();
            logger.error(stringBuffer2);
            throw new CertificateGenerationException(stringBuffer2);
        }
        String[] strArr = certOptions.getCaDirectory() != null ? new String[9] : new String[7];
        strArr[0] = new StringBuffer().append(certOptions.getBinDirectory()).append(File.separator).append(CERT_SIGN).toString();
        strArr[1] = "-in";
        strArr[2] = stringBuffer;
        strArr[3] = "-out";
        strArr[4] = new StringBuffer().append(str).append(File.separator).append(SIGNED_CERT).toString();
        strArr[5] = "-key";
        strArr[6] = str2;
        if (certOptions.getCaDirectory() != null) {
            strArr[7] = "-dir";
            strArr[8] = certOptions.getCaDirectory();
        }
        try {
            RegisterUtil.runCommand(strArr, "Error signing certificate");
            logger.debug("Done signing certificate");
        } catch (RegistrationException e) {
            throw new CertificateGenerationException("Command exec failed", e);
        }
    }

    public static String getDN(String str) throws CertificateGenerationException {
        if (!initialized) {
            logger.error("Initialize method needs to be called prior to other method invocations");
            throw new CertificateGenerationException("Initialize method needs to be called prior to other method invocations");
        }
        try {
            String runCommand = RegisterUtil.runCommand(new String[]{new StringBuffer().append(certOptions.getBinDirectory()).append(File.separator).append(CERT_INFO).toString(), "-subject", "-f", new StringBuffer().append(str).append(File.separator).append(SIGNED_CERT).toString()}, "Could not retrieve user DN");
            logger.debug(new StringBuffer().append("DN is ").append(runCommand).toString());
            return runCommand;
        } catch (RegistrationException e) {
            throw new CertificateGenerationException("Command exec failed", e);
        }
    }

    public static String getUsreCertLocation(String str) {
        return new StringBuffer().append(certOptions.getTmpDirectory()).append("/").append(str).toString();
    }

    public static CertificateGenerationOptions getCertOptions() {
        return certOptions;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$globus$purse$registration$certificateGeneration$UserCertificateGeneration == null) {
            cls = class$("org.globus.purse.registration.certificateGeneration.UserCertificateGeneration");
            class$org$globus$purse$registration$certificateGeneration$UserCertificateGeneration = cls;
        } else {
            cls = class$org$globus$purse$registration$certificateGeneration$UserCertificateGeneration;
        }
        logger = LogFactory.getLog(cls.getName());
        CERT_REQUEST = "grid-cert-request";
        CERT_SIGN = "grid-ca-sign";
        CERT_INFO = "grid-cert-info";
        CERT_TO_SIGN = "usercert_request.pem";
        SIGNED_CERT = "usercert.pem";
        certOptions = null;
        initialized = false;
    }
}
