package org.astrogrid.security.myproxy;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.URI;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import org.astrogrid.security.SecurityGuard;
import org.astrogrid.security.SignOnClient;
import org.astrogrid.security.delegation.CertificateSigningRequest;
import org.astrogrid.security.ssl.GullibleX509TrustManager;
import org.globus.myproxy.MyProxyConstants;

/* loaded from: input_file:org/astrogrid/security/myproxy/MyProxyClient.class */
public class MyProxyClient implements SignOnClient {
    private KeyPairGenerator keyGenerator;
    private CertificateFactory certificateFactory;
    private String serviceHost;
    private int servicePort;
    static final /* synthetic */ boolean $assertionsDisabled;

    public MyProxyClient(URI uri) {
        this.serviceHost = uri.getHost();
        this.servicePort = uri.getPort();
        try {
            this.keyGenerator = KeyPairGenerator.getInstance("RSA");
            try {
                this.certificateFactory = CertificateFactory.getInstance("X509");
            } catch (CertificateException e) {
                throw new RuntimeException("Configuration failure in the MyProxy client", e);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException("Configuration failure in the MyProxy client", e2);
        }
    }

    @Override // org.astrogrid.security.SignOnClient
    public void authenticate(String str, String str2, int i, SecurityGuard securityGuard) throws IOException, GeneralSecurityException {
        SSLSocket sSLSocket = (SSLSocket) getSocketFactory(null).createSocket(this.serviceHost, this.servicePort);
        sSLSocket.setEnabledProtocols(new String[]{"SSLv3"});
        sSLSocket.setUseClientMode(true);
        sSLSocket.startHandshake();
        try {
            get(str, str2, i, securityGuard, sSLSocket.getOutputStream(), sSLSocket.getInputStream());
            sSLSocket.close();
        } catch (Throwable th) {
            sSLSocket.close();
            throw th;
        }
    }

    @Override // org.astrogrid.security.SignOnClient
    public void home(String str, SecurityGuard securityGuard) {
    }

    @Override // org.astrogrid.security.SignOnClient
    public void changePassword(String str, String str2, String str3, SecurityGuard securityGuard) throws GeneralSecurityException, IOException {
        SSLSocket sSLSocket = (SSLSocket) getSocketFactory(new KeyManager[]{securityGuard}).createSocket(this.serviceHost, this.servicePort);
        sSLSocket.setEnabledProtocols(new String[]{"SSLv3"});
        sSLSocket.setUseClientMode(true);
        sSLSocket.startHandshake();
        try {
            setPassword(str, str2, str3, securityGuard, sSLSocket.getOutputStream(), sSLSocket.getInputStream());
            sSLSocket.close();
        } catch (Throwable th) {
            sSLSocket.close();
            throw th;
        }
    }

    protected void get(String str, String str2, int i, SecurityGuard securityGuard, OutputStream outputStream, InputStream inputStream) throws IOException, GeneralSecurityException {
        MyProxyOutputStream myProxyOutputStream = new MyProxyOutputStream(outputStream);
        MyProxyInputStream myProxyInputStream = new MyProxyInputStream(inputStream);
        myProxyOutputStream.startCommand();
        myProxyOutputStream.write(MyProxyConstants.VERSION);
        myProxyOutputStream.endLine();
        myProxyOutputStream.write("COMMAND=0");
        myProxyOutputStream.endLine();
        myProxyOutputStream.write(MyProxyConstants.USERNAME);
        myProxyOutputStream.write(str);
        myProxyOutputStream.endLine();
        myProxyOutputStream.write(MyProxyConstants.PASSPHRASE);
        myProxyOutputStream.write(str2);
        myProxyOutputStream.endLine();
        myProxyOutputStream.write(MyProxyConstants.LIFETIME);
        myProxyOutputStream.write(Integer.toString(i));
        myProxyOutputStream.endCommand();
        myProxyInputStream.checkCommandStatus();
        System.out.println("Command is accepted, now sending CSR.");
        KeyPair generateKeyPair = this.keyGenerator.generateKeyPair();
        myProxyOutputStream.write(new CertificateSigningRequest("CN=irrelevant", generateKeyPair).getEncoded());
        myProxyOutputStream.endCommand();
        int read = myProxyInputStream.read();
        System.out.println("Number of certificates: " + read);
        ArrayList arrayList = new ArrayList(read);
        for (int i2 = 0; i2 < read; i2++) {
            arrayList.add((X509Certificate) this.certificateFactory.generateCertificate(myProxyInputStream));
        }
        securityGuard.setCertificateChain(this.certificateFactory.generateCertPath(arrayList));
        securityGuard.setPrivateKey(generateKeyPair.getPrivate());
        myProxyInputStream.checkCommandStatus();
    }

    protected void setPassword(String str, String str2, String str3, SecurityGuard securityGuard, OutputStream outputStream, InputStream inputStream) throws IOException, GeneralSecurityException {
        if (!$assertionsDisabled && outputStream == null) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && inputStream == null) {
            throw new AssertionError();
        }
        MyProxyOutputStream myProxyOutputStream = new MyProxyOutputStream(outputStream);
        MyProxyInputStream myProxyInputStream = new MyProxyInputStream(inputStream);
        myProxyOutputStream.startCommand();
        myProxyOutputStream.write(MyProxyConstants.VERSION);
        myProxyOutputStream.endLine();
        myProxyOutputStream.write("COMMAND=4");
        myProxyOutputStream.endLine();
        myProxyOutputStream.write(MyProxyConstants.USERNAME);
        myProxyOutputStream.write(str);
        myProxyOutputStream.endLine();
        myProxyOutputStream.write(MyProxyConstants.PASSPHRASE);
        myProxyOutputStream.write(str2);
        myProxyOutputStream.endLine();
        myProxyOutputStream.write(MyProxyConstants.NEW_PHRASE);
        myProxyOutputStream.write(str3);
        myProxyOutputStream.write("LIFETIME=0");
        myProxyOutputStream.endCommand();
        myProxyInputStream.checkCommandStatus();
    }

    protected SSLSocketFactory getSocketFactory(KeyManager[] keyManagerArr) {
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSLv3");
            sSLContext.init(keyManagerArr, new TrustManager[]{new GullibleX509TrustManager()}, null);
            return sSLContext.getSocketFactory();
        } catch (Exception e) {
            throw new RuntimeException("Failed to configure SSLv3", e);
        }
    }

    static {
        $assertionsDisabled = !MyProxyClient.class.desiredAssertionStatus();
    }
}
