package org.gcube.vomanagement.vomsapi.util;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.Security;
import org.apache.log4j.Logger;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.globus.gsi.CertUtil;
import org.globus.gsi.GlobusCredential;
import org.globus.gsi.bc.BouncyCastleOpenSSLKey;
import org.globus.gsi.gssapi.GlobusGSSCredentialImpl;
import org.gridforum.jgss.ExtendedGSSCredential;
import org.ietf.jgss.GSSException;

/* loaded from: input_file:org/gcube/vomanagement/vomsapi/util/CredentialsUtil.class */
public class CredentialsUtil {
    private static Logger logger = Logger.getLogger(CredentialsUtil.class.getName());

    public static String stringCredentials(ExtendedGSSCredential extendedGSSCredential) {
        if (extendedGSSCredential == null) {
            return "Null credentials!!!";
        }
        try {
            return "Credentials[DN='" + getIdentityDN(extendedGSSCredential) + ", CA='" + getIssuerDN(extendedGSSCredential) + "', lifetime " + (extendedGSSCredential.getRemainingLifetime() / 3600) + " hours]";
        } catch (GSSException e) {
            logger.error("Not parsable credentials!!!", e);
            return "Not parsable credentials!!!";
        }
    }

    public static String getIssuerDN(ExtendedGSSCredential extendedGSSCredential) {
        if (extendedGSSCredential == null) {
            return "Null Credentials!!!";
        }
        if (extendedGSSCredential instanceof GlobusGSSCredentialImpl) {
            return CertUtil.toGlobusID(((GlobusGSSCredentialImpl) extendedGSSCredential).getGlobusCredential().getIssuer());
        }
        return null;
    }

    public static String getIdentityDN(ExtendedGSSCredential extendedGSSCredential) {
        if (extendedGSSCredential == null) {
            throw new NullPointerException("Credentials cannot be null");
        }
        if (extendedGSSCredential instanceof GlobusGSSCredentialImpl) {
            return ((GlobusGSSCredentialImpl) extendedGSSCredential).getGlobusCredential().getIdentity();
        }
        return null;
    }

    public static boolean isExpired(ExtendedGSSCredential extendedGSSCredential) {
        if (extendedGSSCredential == null) {
            throw new NullPointerException("Credentials cannot be null");
        }
        try {
            return extendedGSSCredential.getRemainingLifetime() == 0;
        } catch (GSSException e) {
            logger.error("Cannot verify lifetime of " + stringCredentials(extendedGSSCredential), e);
            return true;
        }
    }

    public static ExtendedGSSCredential loadEndEntityCredentials(String str, String str2, String str3) throws IOException, GeneralSecurityException, GSSException {
        BouncyCastleOpenSSLKey bouncyCastleOpenSSLKey = new BouncyCastleOpenSSLKey(str2);
        if (bouncyCastleOpenSSLKey.isEncrypted()) {
            bouncyCastleOpenSSLKey.decrypt(str3);
        }
        return new GlobusGSSCredentialImpl(new GlobusCredential(bouncyCastleOpenSSLKey.getPrivateKey(), CertUtil.loadCertificates(str)), 0);
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
