package org.gcube.common.core.security.utils;

import org.gcube.common.core.utils.logging.GCUBELog;
import org.globus.gsi.jaas.JaasGssUtil;
import org.globus.wsrf.security.SecurityException;
import org.globus.wsrf.security.SecurityManager;
import org.gridforum.jgss.ExtendedGSSCredential;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;

/* loaded from: input_file:org/gcube/common/core/security/utils/HostCertificateReader.class */
public class HostCertificateReader {
    static GCUBELog logger = new GCUBELog(HostCertificateReader.class);

    /* loaded from: input_file:org/gcube/common/core/security/utils/HostCertificateReader$ExpiredCredentialsException.class */
    public static class ExpiredCredentialsException extends Exception {
        private static final long serialVersionUID = 1;
    }

    /* loaded from: input_file:org/gcube/common/core/security/utils/HostCertificateReader$IndefiniteLifetimeCredentialsException.class */
    public static class IndefiniteLifetimeCredentialsException extends Exception {
        private static final long serialVersionUID = 1;
    }

    public static int getHostCertificateLifetime() throws SecurityException, GSSException, ExpiredCredentialsException, IndefiniteLifetimeCredentialsException {
        try {
            GSSCredential credential = JaasGssUtil.getCredential(SecurityManager.getManager().getSystemSubject());
            if (credential == null) {
                throw new GSSException(0);
            }
            int remainingLifetime = credential.getRemainingLifetime();
            if (remainingLifetime == 0) {
                throw new ExpiredCredentialsException();
            }
            if (remainingLifetime == Integer.MAX_VALUE) {
                throw new IndefiniteLifetimeCredentialsException();
            }
            return remainingLifetime;
        } catch (GSSException e) {
            logger.error("Unable to detect the host credentials", e);
            throw e;
        } catch (SecurityException e2) {
            logger.error("Unable to access the host credentials", e2);
            throw e2;
        }
    }

    public static String getHostCertificateDN() throws SecurityException, GSSException, ExpiredCredentialsException {
        try {
            GSSCredential credential = JaasGssUtil.getCredential(SecurityManager.getManager().getSystemSubject());
            if (credential != null) {
                return credential.getName().toString().trim();
            }
            throw new GSSException(0);
        } catch (GSSException e) {
            logger.error("Unable to detect the host credentials", e);
            throw e;
        } catch (SecurityException e2) {
            logger.error("Unable to access the host credentials", e2);
            throw e2;
        }
    }

    public static String getHostCertificateCA() throws SecurityException, GSSException, Exception {
        try {
            ExtendedGSSCredential credential = JaasGssUtil.getCredential(SecurityManager.getManager().getSystemSubject());
            if (credential != null) {
                return ProxyUtil.getCA(credential).trim();
            }
            throw new GSSException(0);
        } catch (SecurityException e) {
            logger.error("Unable to access the host credentials", e);
            throw e;
        } catch (GSSException e2) {
            logger.error("Unable to detect the host credentials", e2);
            throw e2;
        }
    }
}
