package org.gcube.vomanagement.vomsapi.impl.ssl;

import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Hashtable;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import org.apache.axis.components.net.BooleanHolder;
import org.apache.axis.components.net.DefaultSocketFactory;
import org.apache.axis.components.net.SecureSocketFactory;
import org.apache.log4j.Logger;
import org.gcube.vomanagement.vomsapi.impl.VOMSAPIConfigurationException;
import org.gcube.vomanagement.vomsapi.impl.VOMSAdminException;
import org.gcube.vomanagement.vomsapi.util.CredentialsUtil;
import org.globus.gsi.GlobusCredential;
import org.globus.gsi.gssapi.GlobusGSSCredentialImpl;
import org.gridforum.jgss.ExtendedGSSCredential;

/* loaded from: input_file:org/gcube/vomanagement/vomsapi/impl/ssl/MySSLSocketFactory.class */
public class MySSLSocketFactory extends DefaultSocketFactory implements SecureSocketFactory {
    public static final Object LOCK = new Object();
    private static Logger logger = Logger.getLogger(MySSLSocketFactory.class.getName());
    protected static SSLSocketFactory sslFactory = null;

    public MySSLSocketFactory(Hashtable hashtable) throws Exception {
        super(hashtable);
        logger.info("A MySSLSocketFactory has been created!");
    }

    public Socket create(String str, int i, StringBuffer stringBuffer, BooleanHolder booleanHolder) throws Exception {
        if (sslFactory == null) {
            throw new VOMSAdminException("A SSLSocketFactory has not been configured for the current Axis call!!");
        }
        logger.debug("create secure socket for VOMS-API to " + str + ":" + i + " using the SSLFactory " + sslFactory);
        SSLSocket sSLSocket = (SSLSocket) sslFactory.createSocket();
        sSLSocket.setEnabledProtocols(new String[]{"SSLv3"});
        String[] enabledCipherSuites = sSLSocket.getEnabledCipherSuites();
        ArrayList arrayList = new ArrayList(enabledCipherSuites.length);
        for (int i2 = 0; i2 < enabledCipherSuites.length; i2++) {
            if (enabledCipherSuites[i2].indexOf("RC4") == -1) {
                arrayList.add(enabledCipherSuites[i2]);
            }
        }
        sSLSocket.setEnabledCipherSuites((String[]) arrayList.toArray(new String[arrayList.size()]));
        sSLSocket.setUseClientMode(true);
        sSLSocket.setSoTimeout(30000);
        sSLSocket.connect(new InetSocketAddress(str, i), 3000);
        logger.debug("Socket created to " + str + ":" + i + "using the SSLFactory " + sslFactory);
        return sSLSocket;
    }

    public static SSLSocketFactory createSSLFactory(ExtendedGSSCredential extendedGSSCredential) throws VOMSAPIConfigurationException {
        logger.info("Registering MySSLSocketFactory as SecureSocketFactory in Axis");
        System.setProperty("org.apache.axis.components.net.SecureSocketFactory", MySSLSocketFactory.class.getName());
        logger.debug("The MySSLSocketFactory has been registered as SecureSocketFactory in Axis");
        logger.info("Parsing " + CredentialsUtil.stringCredentials(extendedGSSCredential) + " to get the private key, the public certificate and the trusted authorities");
        if (!(extendedGSSCredential instanceof GlobusGSSCredentialImpl)) {
            logger.error("Cannot parse credentials as the credentials object is not an instance of GlobusGSSCredentialImpl");
            throw new VOMSAPIConfigurationException("Cannot parse credentials as the credentials object is not an instance of GlobusGSSCredentialImpl");
        }
        GlobusCredential globusCredential = ((GlobusGSSCredentialImpl) extendedGSSCredential).getGlobusCredential();
        PrivateKey privateKey = globusCredential.getPrivateKey();
        X509Certificate[] certificateChain = globusCredential.getCertificateChain();
        X509Certificate[] x509CertificateArr = {certificateChain[certificateChain.length - 1]};
        logger.debug("Correctly parsed " + CredentialsUtil.stringCredentials(extendedGSSCredential));
        logger.info("Creating KeyManager and TrustManager to initialize the SSLContext");
        KeyManager[] keyManagerArr = {new MyX509KeyManager(certificateChain, privateKey)};
        try {
            TrustManager[] trustManagerArr = {new MyX509TrustManager(x509CertificateArr)};
            logger.debug("created KeyManager and TrustManager to initialize the SSLContext");
            logger.info("creating the SSLContext and SSLSocketFactory");
            try {
                SSLContext sSLContext = SSLContext.getInstance("SSL");
                sSLContext.init(keyManagerArr, trustManagerArr, null);
                SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
                logger.info("new SSLSocketFactory created");
                return socketFactory;
            } catch (Exception e) {
                logger.error("Cannot create the SSLContext", e);
                throw new VOMSAPIConfigurationException("Cannot create the SSLContext", e);
            }
        } catch (IOException e2) {
            logger.error("Cannot create the MyX509TrustManager", e2);
            throw new VOMSAPIConfigurationException("Cannot create the MyX509TrustManager", e2);
        }
    }

    public static void resetSSLFactory() {
        synchronized (LOCK) {
            sslFactory = null;
        }
    }

    public static void setCurrentSSLFactory(SSLSocketFactory sSLSocketFactory) {
        synchronized (LOCK) {
            sslFactory = sSLSocketFactory;
        }
    }
}
