package org.globus.tools;

import java.io.EOFException;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.Security;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidatorException;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import org.globus.common.CoGProperties;
import org.globus.common.Version;
import org.globus.gsi.CertUtil;
import org.globus.gsi.GSIConstants;
import org.globus.gsi.GlobusCredential;
import org.globus.gsi.X509ProxyCertPathParameters;
import org.globus.gsi.provider.GlobusProvider;
import org.globus.gsi.proxy.ProxyPolicyHandler;
import org.globus.gsi.proxy.ext.ProxyCertInfo;
import org.globus.gsi.proxy.ext.ProxyPolicy;
import org.globus.gsi.stores.Stores;
import org.globus.gsi.trustmanager.X509ProxyCertPathValidator;
import org.globus.gsi.util.CertificateUtil;
import org.globus.gsi.util.ProxyCertificateUtil;
import org.globus.util.Util;
import org.joda.time.DateTimeConstants;

/* loaded from: input_file:org/globus/tools/ProxyInit.class */
public abstract class ProxyInit {
    public static final String GENERIC_POLICY_OID = "1.3.6.1.4.1.3536.1.1.1.8";
    private static final String message = "\nSyntax: java ProxyInit [options]\n        java ProxyInit -help\n\n    Options:\n    -help | -usage\t\tDisplays usage.\n    -version\t\t\tDisplays version.\n    -debug\t\t\tEnables extra debug output.\n    -verify\t\t\tPerforms proxy verification tests (default).\n    -pwstdin\t\t\tAllows passphrase from stdin.\n    -noverify\t\t\tDisables proxy verification tests.\n    -quiet | -q\t\t\tQuiet mode, minimal output\n    -limited\t\t\tCreates a limited proxy.\n    -independent\t\tCreates a independent globus proxy.\n    -old\t\t\tCreates a legacy globus proxy.\n    -valid <seconds>\t\tProxy is valid for S seconds (default:12 hours)\n    -valid <hours:minutes>\tProxy is valid for H hours and M \n                          \tminutes. (default: 12 hours)\n    -hours <hours>\t\tProxy is valid for H hours (default:12).\n    -bits <bits>\t\tNumber of bits in key {512|1024|2048|4096}.\n    -globus\t\t\tPrints user identity in globus format.\n    -policy <policyfile>\tFile containing policy to store in the\n                        \tProxyCertInfo extension\n    -pl <oid>\t\t\tOID string for the policy language.\n    -policy-language <oid>\tused in the policy file.\n    -path-length <l>\t\tAllow a chain of at most l proxies to be \n                    \t\tgenerated from this one\n    -cert <certfile>\t\tNon-standard location of user certificate\n    -key <keyfile>\t\tNon-standard location of user key\n    -out <proxyfile>\t\tNon-standard location of new proxy cert.\n    -pkcs11\t\t\tEnables the PKCS11 support module. The\n           \t\t\t-cert and -key arguments are used as labels\n           \t\t\tto find the credentials on the device.\n    -rfc\t\t\tCreates RFC 3820 compliant proxy. (Default)\n    -draft\t\t\tCreates RFC draft compliant proxy\n";
    protected X509Certificate[] certificates;
    protected GSIConstants.CertificateType proxyType;
    protected int bits = 512;
    protected int lifetime = 43200;
    protected ProxyCertInfo proxyCertInfo = null;
    protected boolean quiet = false;
    protected boolean debug = false;
    protected boolean stdin = false;
    protected GlobusCredential proxy = null;

    public abstract void init(String[] strArr);

    public abstract void loadCertificates(String str);

    public abstract void loadKey(String str);

    public abstract void sign();

    public X509Certificate getCertificate() {
        return this.certificates[0];
    }

    public void dispose() {
    }

    public void verify() throws Exception {
        HashMap hashMap = null;
        if (this.proxyCertInfo != null) {
            String id = this.proxyCertInfo.getProxyPolicy().getPolicyLanguage().getId();
            hashMap = new HashMap();
            hashMap.put(id, new ProxyPolicyHandler() { // from class: org.globus.tools.ProxyInit.1
                @Override // org.globus.gsi.proxy.ProxyPolicyHandler
                public void validate(ProxyCertInfo proxyCertInfo, CertPath certPath, int i) throws CertPathValidatorException {
                    System.out.println("Proxy verify: Ignoring proxy policy");
                    if (ProxyInit.this.debug) {
                        String str = new String(proxyCertInfo.getProxyPolicy().getPolicy());
                        System.out.println("Policy:");
                        System.out.println(str);
                    }
                }
            });
        }
        new X509ProxyCertPathValidator().engineValidate(CertificateUtil.getCertPath(this.proxy.getCertificateChain()), new X509ProxyCertPathParameters(Stores.getDefaultTrustStore(), Stores.getDefaultCRLStore(), Stores.getDefaultSigningPolicyStore(), false, hashMap));
    }

    public void setBits(int i) {
        this.bits = i;
    }

    public void setLifetime(int i) {
        this.lifetime = i;
    }

    public void setProxyType(int i) {
        this.proxyType = GSIConstants.CertificateType.get(i);
    }

    public void setProxyType(GSIConstants.CertificateType certificateType) {
        this.proxyType = certificateType;
    }

    public void setProxyCertInfo(ProxyCertInfo proxyCertInfo) {
        this.proxyCertInfo = proxyCertInfo;
    }

    public void setDebug(boolean z) {
        this.debug = z;
    }

    public void setQuiet(boolean z) {
        this.quiet = z;
    }

    public void setStdin(boolean z) {
        this.stdin = z;
    }

    public void createProxy(String str, String str2, boolean z, boolean z2, String str3) {
        init(new String[]{str, str2});
        loadCertificates(str);
        if (!this.quiet) {
            System.out.println("Your identity: " + (z2 ? CertificateUtil.toGlobusID(getCertificate().getSubjectDN()) : getCertificate().getSubjectDN().getName()));
        }
        loadKey(str2);
        if (this.debug) {
            System.out.println("Using " + this.bits + " bits for private key");
        }
        if (!this.quiet) {
            System.out.println("Creating proxy, please wait...");
        }
        sign();
        if (z) {
            try {
                verify();
                System.out.println("Proxy verify OK");
            } catch (Exception e) {
                System.out.println("Proxy verify failed: " + e.getMessage());
                if (this.debug) {
                    e.printStackTrace();
                }
                System.exit(-1);
            }
        }
        if (this.debug) {
            System.out.println("Saving proxy to: " + str3);
        }
        if (!this.quiet) {
            System.out.println("Your proxy is valid until " + this.proxy.getCertificateChain()[0].getNotAfter());
        }
        FileOutputStream fileOutputStream = null;
        try {
            try {
                File createFile = Util.createFile(str3);
                if (!Util.setOwnerAccessOnly(str3)) {
                    System.err.println("Warning: Please check file permissions for your proxy file.");
                }
                fileOutputStream = new FileOutputStream(createFile);
                this.proxy.save(fileOutputStream);
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (Exception e2) {
                    }
                }
            } catch (Exception e3) {
                System.err.println("Failed to save proxy to a file: " + e3.getMessage());
                System.exit(-1);
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (Exception e4) {
                    }
                }
            }
            dispose();
        } catch (Throwable th) {
            if (fileOutputStream != null) {
                try {
                    fileOutputStream.close();
                } catch (Exception e5) {
                }
            }
            throw th;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v103 */
    /* JADX WARN: Type inference failed for: r0v97, types: [org.globus.tools.ProxyInit] */
    public static void main(String[] strArr) {
        ProxyPolicy proxyPolicy;
        int i = 512;
        int i2 = 43200;
        boolean z = false;
        boolean z2 = false;
        boolean z3 = true;
        boolean z4 = false;
        boolean z5 = false;
        int i3 = -1;
        GSIConstants.CertificateType certificateType = GSIConstants.CertificateType.UNDEFINED;
        boolean z6 = 2;
        String str = null;
        String str2 = null;
        boolean z7 = false;
        boolean z8 = false;
        CoGProperties coGProperties = CoGProperties.getDefault();
        boolean z9 = false;
        String proxyFile = coGProperties.getProxyFile();
        String str3 = null;
        String str4 = null;
        int i4 = 0;
        while (true) {
            if (i4 >= strArr.length) {
                break;
            }
            if (!strArr[i4].equalsIgnoreCase("-hours")) {
                if (!strArr[i4].equalsIgnoreCase("-bits")) {
                    if (!strArr[i4].equalsIgnoreCase("-pwstdin")) {
                        if (!strArr[i4].equalsIgnoreCase("-limited")) {
                            if (!strArr[i4].equalsIgnoreCase("-independent")) {
                                if (!strArr[i4].equalsIgnoreCase("-old")) {
                                    if (!strArr[i4].equalsIgnoreCase("-path-length")) {
                                        if (!strArr[i4].equalsIgnoreCase("-pl") && !strArr[i4].equalsIgnoreCase("-policy-language")) {
                                            if (!strArr[i4].equalsIgnoreCase("-policy")) {
                                                if (!strArr[i4].equalsIgnoreCase("-debug")) {
                                                    if (!strArr[i4].equalsIgnoreCase("-verify")) {
                                                        if (!strArr[i4].equalsIgnoreCase("-noverify")) {
                                                            if (!strArr[i4].equalsIgnoreCase("-out")) {
                                                                if (!strArr[i4].equals("-q") && !strArr[i4].equalsIgnoreCase("-quiet")) {
                                                                    if (!strArr[i4].equalsIgnoreCase("-globus")) {
                                                                        if (!strArr[i4].equalsIgnoreCase("-pkcs11")) {
                                                                            if (!strArr[i4].equalsIgnoreCase("-key")) {
                                                                                if (!strArr[i4].equalsIgnoreCase("-cert")) {
                                                                                    if (!strArr[i4].equalsIgnoreCase("-valid")) {
                                                                                        if (!strArr[i4].equalsIgnoreCase("-version")) {
                                                                                            if (!strArr[i4].equalsIgnoreCase("-help") && !strArr[i4].equalsIgnoreCase("-usage")) {
                                                                                                if (!strArr[i4].equalsIgnoreCase("-draft")) {
                                                                                                    if (!strArr[i4].equalsIgnoreCase("-rfc")) {
                                                                                                        argError("Argument not recognized: " + strArr[i4]);
                                                                                                        break;
                                                                                                    }
                                                                                                    z6 = 2;
                                                                                                } else {
                                                                                                    z6 = true;
                                                                                                }
                                                                                            } else {
                                                                                                System.err.println(message);
                                                                                                System.exit(1);
                                                                                            }
                                                                                        } else {
                                                                                            System.err.println(Version.getVersion());
                                                                                            System.exit(1);
                                                                                        }
                                                                                    } else {
                                                                                        i4++;
                                                                                        String str5 = strArr[i4];
                                                                                        int indexOf = str5.indexOf(":");
                                                                                        if (indexOf == -1) {
                                                                                            i2 = Integer.parseInt(str5);
                                                                                        } else {
                                                                                            i2 = (Integer.parseInt(str5.substring(indexOf + 1, str5.length())) * 60) + (Integer.parseInt(str5.substring(0, indexOf)) * 60 * 60);
                                                                                        }
                                                                                    }
                                                                                } else {
                                                                                    if (i4 + 1 >= strArr.length) {
                                                                                        argError("-cert argument missing");
                                                                                    }
                                                                                    i4++;
                                                                                    str4 = strArr[i4];
                                                                                }
                                                                            } else {
                                                                                if (i4 + 1 >= strArr.length) {
                                                                                    argError("-key argument missing");
                                                                                }
                                                                                i4++;
                                                                                str3 = strArr[i4];
                                                                            }
                                                                        } else {
                                                                            z4 = true;
                                                                        }
                                                                    } else {
                                                                        z9 = true;
                                                                    }
                                                                } else {
                                                                    z2 = true;
                                                                }
                                                            } else {
                                                                if (i4 + 1 >= strArr.length) {
                                                                    argError("-out argument missing");
                                                                }
                                                                i4++;
                                                                proxyFile = strArr[i4];
                                                            }
                                                        } else {
                                                            z3 = false;
                                                        }
                                                    } else {
                                                        z3 = true;
                                                    }
                                                } else {
                                                    z = true;
                                                }
                                            } else {
                                                if (i4 + 1 >= strArr.length) {
                                                    argError("-policy argument missing");
                                                }
                                                i4++;
                                                str2 = strArr[i4];
                                            }
                                        } else {
                                            if (i4 + 1 >= strArr.length) {
                                                argError("-policy-language argument missing");
                                            }
                                            i4++;
                                            str = strArr[i4];
                                        }
                                    } else {
                                        if (i4 + 1 >= strArr.length) {
                                            argError("-path-length argument missing");
                                        }
                                        i4++;
                                        i3 = Integer.parseInt(strArr[i4]);
                                    }
                                } else {
                                    z6 = false;
                                }
                            } else {
                                z8 = true;
                            }
                        } else {
                            z5 = true;
                        }
                    } else {
                        z7 = true;
                    }
                } else {
                    if (i4 + 1 >= strArr.length) {
                        argError("-bits argument missing");
                    }
                    i4++;
                    i = Integer.parseInt(strArr[i4]);
                }
            } else {
                if (i4 + 1 >= strArr.length) {
                    argError("-hours argument missing");
                }
                i4++;
                i2 = DateTimeConstants.SECONDS_PER_HOUR * Integer.parseInt(strArr[i4]);
            }
            i4++;
        }
        if (proxyFile == null) {
            error("Proxy file not specified.");
        }
        boolean z10 = (str2 == null && str == null) ? false : true;
        if (z8) {
            if (!z6) {
                error("-old and -independent are exclusive");
            }
            if (z5) {
                error("-limited and -independent are exclusive");
            }
            if (z10) {
                error("-indepedent and -policy or -pl are exclusive");
            }
            certificateType = z6 ? GSIConstants.CertificateType.GSI_3_INDEPENDENT_PROXY : GSIConstants.CertificateType.GSI_4_INDEPENDENT_PROXY;
        }
        if (z10) {
            if (!z6) {
                error("-old and -policy or -pl are exclusive");
            }
            if (z5) {
                error("-limited and -policy or -pl are exclusive");
            }
            certificateType = z6 ? GSIConstants.CertificateType.GSI_3_RESTRICTED_PROXY : GSIConstants.CertificateType.GSI_4_RESTRICTED_PROXY;
        }
        if (certificateType == GSIConstants.CertificateType.UNDEFINED) {
            if (z6) {
                certificateType = z5 ? GSIConstants.CertificateType.GSI_3_LIMITED_PROXY : GSIConstants.CertificateType.GSI_3_IMPERSONATION_PROXY;
            } else if (z6 == 2) {
                certificateType = z5 ? GSIConstants.CertificateType.GSI_4_LIMITED_PROXY : GSIConstants.CertificateType.GSI_4_IMPERSONATION_PROXY;
            } else {
                certificateType = z5 ? GSIConstants.CertificateType.GSI_2_LIMITED_PROXY : GSIConstants.CertificateType.GSI_2_PROXY;
            }
        }
        DefaultProxyInit defaultProxyInit = null;
        if (z4) {
            if (str3 == null) {
                if (str4 == null) {
                    String defaultPKCS11Handle = coGProperties.getDefaultPKCS11Handle();
                    str4 = defaultPKCS11Handle;
                    str3 = defaultPKCS11Handle;
                } else {
                    str3 = str4;
                }
            } else if (str4 == null) {
                str4 = str3;
            }
            try {
                defaultProxyInit = (ProxyInit) Class.forName("org.globus.pkcs11.tools.PKCS11ProxyInit").newInstance();
            } catch (ClassNotFoundException e) {
                System.err.println("Error: Failed to load PKCS11 module.");
                System.exit(-1);
            } catch (IllegalAccessException e2) {
                System.err.println("Error: Failed to initialize PKCS11 module: " + e2.getMessage());
                System.exit(-1);
            } catch (InstantiationException e3) {
                System.err.println("Error: Failed to instantiate PKCS11 module: " + e3.getMessage());
                System.exit(-1);
            }
        } else {
            if (str3 == null) {
                str3 = coGProperties.getUserKeyFile();
            }
            if (str4 == null) {
                str4 = coGProperties.getUserCertFile();
            }
            defaultProxyInit = new DefaultProxyInit();
        }
        if (z) {
            System.err.println("Files used: ");
            System.err.println("  proxy     : " + (proxyFile == null ? "none" : proxyFile));
            System.err.println("  user key  : " + (str3 == null ? "none" : str3));
            System.err.println("  user cert : " + (str4 == null ? "none" : str4));
        }
        CertUtil.init();
        ProxyCertInfo proxyCertInfo = null;
        if (ProxyCertificateUtil.isGsi3Proxy(certificateType) || ProxyCertificateUtil.isGsi4Proxy(certificateType)) {
            if (ProxyCertificateUtil.isLimitedProxy(certificateType)) {
                proxyPolicy = new ProxyPolicy(ProxyPolicy.LIMITED);
            } else if (ProxyCertificateUtil.isIndependentProxy(certificateType)) {
                proxyPolicy = new ProxyPolicy(ProxyPolicy.INDEPENDENT);
            } else if (ProxyCertificateUtil.isImpersonationProxy(certificateType)) {
                proxyPolicy = new ProxyPolicy(ProxyPolicy.IMPERSONATION);
            } else {
                if (certificateType != GSIConstants.CertificateType.GSI_3_RESTRICTED_PROXY && certificateType != GSIConstants.CertificateType.GSI_4_RESTRICTED_PROXY) {
                    throw new IllegalArgumentException("Invalid proxyType");
                }
                if (str2 == null) {
                    error("Policy file required.");
                }
                if (str == null) {
                    str = GENERIC_POLICY_OID;
                }
                byte[] bArr = null;
                try {
                    bArr = readPolicyFile(str2);
                } catch (IOException e4) {
                    error("Failed to load policy file: " + e4.getMessage());
                }
                proxyPolicy = new ProxyPolicy(str, bArr);
            }
            proxyCertInfo = i3 >= 0 ? new ProxyCertInfo(i3, proxyPolicy) : new ProxyCertInfo(proxyPolicy);
        }
        defaultProxyInit.setBits(i);
        defaultProxyInit.setLifetime(i2);
        defaultProxyInit.setProxyType(certificateType);
        defaultProxyInit.setProxyCertInfo(proxyCertInfo);
        defaultProxyInit.setDebug(z);
        defaultProxyInit.setQuiet(z2);
        defaultProxyInit.setStdin(z7);
        defaultProxyInit.createProxy(str4, str3, z3, z9, proxyFile);
    }

    private static void argError(String str) {
        System.err.println("Error: " + str);
        System.err.println();
        System.err.println("Usage: java ProxyInit [-help][-limited][-hours H] ...");
        System.err.println();
        System.err.println("Use -help to display full usage");
        System.exit(1);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void error(String str) {
        System.err.println("Error: " + str);
        System.exit(1);
    }

    private static byte[] readPolicyFile(String str) throws IOException {
        File file = new File(str);
        FileInputStream fileInputStream = new FileInputStream(file);
        byte[] bArr = new byte[(int) file.length()];
        int length = bArr.length;
        int i = 0;
        while (length > 0) {
            try {
                int read = fileInputStream.read(bArr, i, length);
                if (read == -1) {
                    throw new EOFException();
                }
                i += read;
                length -= read;
            } finally {
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
            }
        }
        return bArr;
    }

    static {
        Security.addProvider(new GlobusProvider());
    }
}
