package org.globus.wsrf.impl.security.authentication;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Properties;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.CredentialException;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.xml.security.keys.content.x509.XMLX509Certificate;
import org.apache.xml.security.keys.content.x509.XMLX509SKI;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DEREncodableVector;
import org.bouncycastle.asn1.DERSequence;
import org.globus.gsi.CertUtil;
import org.globus.gsi.bc.BouncyCastleUtil;
import org.globus.gsi.gssapi.GlobusGSSCredentialImpl;
import org.globus.util.I18n;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/ghn-core-runtime-1.0.0.jar:org/globus/wsrf/impl/security/authentication/ContextCrypto.class
 */
/* loaded from: input_file:WEB-INF/lib/wsrf-core-4.0.4.jar:org/globus/wsrf/impl/security/authentication/ContextCrypto.class */
public class ContextCrypto implements Crypto {
    private static I18n i18n;
    private static Log log;
    private static final String ALIAS = "ContextCrypto";
    private static final String[] ALIASES;
    private Properties properties;
    private CertificateFactory certFact;
    private static ContextCrypto crypto;
    static String SKI_OID;
    static Class class$org$globus$wsrf$impl$security$authentication$ContextCrypto;

    public static ContextCrypto getInstance() {
        return crypto;
    }

    public ContextCrypto() {
        this(null);
    }

    public ContextCrypto(Properties properties) {
        this.certFact = null;
        if (properties == null) {
            this.properties = System.getProperties();
        } else {
            this.properties = properties;
        }
    }

    @Override // org.apache.ws.security.components.crypto.Crypto
    public PrivateKey getPrivateKey(String str, String str2) throws Exception {
        GlobusGSSCredentialImpl globusGSSCredentialImpl = (GlobusGSSCredentialImpl) ContextCredential.getCurrent();
        if (globusGSSCredentialImpl == null) {
            return null;
        }
        return globusGSSCredentialImpl.getPrivateKey();
    }

    @Override // org.apache.ws.security.components.crypto.Crypto
    public X509Certificate loadCertificate(InputStream inputStream) throws WSSecurityException {
        try {
            return (X509Certificate) getCertificateFactory().generateCertificate(inputStream);
        } catch (Exception e) {
            throw new WSSecurityException(7, "parseError");
        }
    }

    @Override // org.apache.ws.security.components.crypto.Crypto
    public X509Certificate[] getX509Certificates(byte[] bArr, boolean z) throws WSSecurityException {
        int i;
        if (bArr == null) {
            return null;
        }
        try {
            ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(BouncyCastleUtil.toDERObject(bArr));
            int size = aSN1Sequence.size();
            X509Certificate[] x509CertificateArr = new X509Certificate[size];
            for (int i2 = 0; i2 < size; i2++) {
                try {
                    ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(BouncyCastleUtil.toByteArray(aSN1Sequence.getObjectAt(i2).getDERObject()));
                    if (z) {
                        i = i2;
                    } else {
                        try {
                            i = (size - 1) - i2;
                        } catch (GeneralSecurityException e) {
                            log.error("", e);
                            throw new WSSecurityException(7, "parseError");
                        }
                    }
                    x509CertificateArr[i] = CertUtil.loadCertificate(byteArrayInputStream);
                } catch (IOException e2) {
                    log.error("", e2);
                    throw new WSSecurityException(7, "parseError");
                }
            }
            return x509CertificateArr;
        } catch (IOException e3) {
            log.error("", e3);
            throw new WSSecurityException(7, "parseError");
        }
    }

    @Override // org.apache.ws.security.components.crypto.Crypto
    public String getAliasForX509Cert(String str) throws WSSecurityException {
        return ALIAS;
    }

    @Override // org.apache.ws.security.components.crypto.Crypto
    public String getAliasForX509Cert(String str, BigInteger bigInteger) throws WSSecurityException {
        return ALIAS;
    }

    @Override // org.apache.ws.security.components.crypto.Crypto
    public String getAliasForX509Cert(byte[] bArr) throws WSSecurityException {
        return ALIAS;
    }

    @Override // org.apache.ws.security.components.crypto.Crypto
    public String getAliasForX509Cert(Certificate certificate) throws WSSecurityException {
        return ALIAS;
    }

    @Override // org.apache.ws.security.components.crypto.Crypto
    public String getDefaultX509Alias() {
        return ALIAS;
    }

    @Override // org.apache.ws.security.components.crypto.Crypto
    public X509Certificate[] getCertificates(String str) throws WSSecurityException {
        GlobusGSSCredentialImpl globusGSSCredentialImpl = (GlobusGSSCredentialImpl) ContextCredential.getCurrent();
        if (globusGSSCredentialImpl == null) {
            return null;
        }
        return globusGSSCredentialImpl.getCertificateChain();
    }

    public void setKeyStore(KeyStore keyStore) {
    }

    public void load(InputStream inputStream) throws CredentialException {
    }

    @Override // org.apache.ws.security.components.crypto.Crypto
    public KeyStore getKeyStore() {
        return null;
    }

    @Override // org.apache.ws.security.components.crypto.Crypto
    public String[] getAliasesForDN(String str) throws WSSecurityException {
        return ALIASES;
    }

    @Override // org.apache.ws.security.components.crypto.Crypto
    public byte[] getCertificateData(boolean z, X509Certificate[] x509CertificateArr) throws WSSecurityException {
        if (x509CertificateArr == null) {
            throw new IllegalArgumentException(i18n.getMessage("certsNull"));
        }
        DEREncodableVector dEREncodableVector = new DEREncodableVector();
        try {
            if (z) {
                for (X509Certificate x509Certificate : x509CertificateArr) {
                    dEREncodableVector.add(BouncyCastleUtil.toDERObject(x509Certificate.getEncoded()));
                }
            } else {
                for (int length = x509CertificateArr.length - 1; length >= 0; length--) {
                    dEREncodableVector.add(BouncyCastleUtil.toDERObject(x509CertificateArr[length].getEncoded()));
                }
            }
            try {
                return BouncyCastleUtil.toByteArray(new DERSequence(dEREncodableVector));
            } catch (IOException e) {
                log.error("", e);
                throw new WSSecurityException(7, "parseError");
            }
        } catch (IOException e2) {
            log.error("", e2);
            throw new WSSecurityException(7, "parseError");
        } catch (CertificateEncodingException e3) {
            log.error("", e3);
            throw new WSSecurityException(7, "encodeError");
        }
    }

    @Override // org.apache.ws.security.components.crypto.Crypto
    public byte[] getSKIBytesFromCert(X509Certificate x509Certificate) throws WSSecurityException {
        if (x509Certificate.getVersion() < 3) {
            throw new WSSecurityException(1, "noSKIHandling", new Object[]{"Wrong certificate version (<3)"});
        }
        byte[] extensionValue = x509Certificate.getExtensionValue(SKI_OID);
        if (extensionValue == null) {
            throw new WSSecurityException(1, "noSKIHandling", new Object[]{"No extension data"});
        }
        try {
            byte[] extensionValue2 = BouncyCastleUtil.getExtensionValue(extensionValue);
            byte[] bArr = new byte[extensionValue2.length - 2];
            System.arraycopy(extensionValue2, 2, bArr, 0, bArr.length);
            return bArr;
        } catch (IOException e) {
            throw new WSSecurityException(1, "noSKIHandling", new Object[]{"cannot read SKI value as octet data"});
        }
    }

    @Override // org.apache.ws.security.components.crypto.Crypto
    public synchronized CertificateFactory getCertificateFactory() throws WSSecurityException {
        if (this.certFact == null) {
            try {
                String property = this.properties.getProperty("org.apache.ws.security.crypto.merlin.cert.provider");
                if (property == null || property.length() == 0) {
                    this.certFact = CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID, "BC");
                } else {
                    this.certFact = CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID, property);
                }
            } catch (NoSuchProviderException e) {
                throw new WSSecurityException(7, "noSecProvider");
            } catch (CertificateException e2) {
                throw new WSSecurityException(7, "unsupportedCertType");
            }
        }
        return this.certFact;
    }

    @Override // org.apache.ws.security.components.crypto.Crypto
    public boolean validateCertPath(X509Certificate[] x509CertificateArr) throws WSSecurityException {
        throw new WSSecurityException(0);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        Class cls2;
        if (class$org$globus$wsrf$impl$security$authentication$ContextCrypto == null) {
            cls = class$("org.globus.wsrf.impl.security.authentication.ContextCrypto");
            class$org$globus$wsrf$impl$security$authentication$ContextCrypto = cls;
        } else {
            cls = class$org$globus$wsrf$impl$security$authentication$ContextCrypto;
        }
        i18n = I18n.getI18n("org.globus.wsrf.impl.security.error", cls.getClassLoader());
        if (class$org$globus$wsrf$impl$security$authentication$ContextCrypto == null) {
            cls2 = class$("org.globus.wsrf.impl.security.authentication.ContextCrypto");
            class$org$globus$wsrf$impl$security$authentication$ContextCrypto = cls2;
        } else {
            cls2 = class$org$globus$wsrf$impl$security$authentication$ContextCrypto;
        }
        log = LogFactory.getLog(cls2);
        ALIASES = new String[]{ALIAS};
        crypto = new ContextCrypto();
        SKI_OID = XMLX509SKI.SKI_OID;
    }
}
