package org.globus.tools;

import java.io.File;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import org.globus.common.CoGProperties;
import org.globus.common.Version;
import org.globus.gsi.CertUtil;
import org.globus.gsi.OpenSSLKey;
import org.globus.gsi.bc.BouncyCastleCertProcessingFactory;
import org.globus.gsi.bc.BouncyCastleOpenSSLKey;
import org.globus.gsi.gssapi.GlobusGSSCredentialImpl;
import org.globus.gsi.gssapi.auth.IdentityAuthorization;
import org.globus.myproxy.ChangePasswordParams;
import org.globus.myproxy.CredentialInfo;
import org.globus.myproxy.DestroyParams;
import org.globus.myproxy.GetTrustrootsParams;
import org.globus.myproxy.InfoParams;
import org.globus.myproxy.InitParams;
import org.globus.myproxy.StoreParams;
import org.globus.util.Util;
import org.gridforum.jgss.ExtendedGSSManager;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;

/* loaded from: input_file:org/globus/tools/MyProxy.class */
public class MyProxy {
    public static final int MYPROXY_SERVER_PORT = 7512;
    public static final int PORTAL_LIFETIME_HOURS = 12;
    public static final int CRED_LIFETIME_HOURS = 168;
    public static final int MATCH_CN_ONLY = 0;
    public static final int REGULAR_EXP = 1;
    private static final String commonOptions = "\tCommon Options:\n\t-help\n\t\tDisplays usage\n\t-v | -version\n\t\tDisplays version\n\n\t-h <host> | -host <host>\n\t\tHostname of the myproxy-server\n\t-p <port> | -port <port>\n\t\tPort of the myproxy-server\n\t\t(default 7512)\n\t-s <subject> | -subject <subject>\n\t\tPerforms subject authorization\n\t-l <username> | -username <username>\n\t\tUsername for the delegated proxy\n\t-d | -dn_as_username\n\t\tUse the proxy certificate subject (DN) as the default\n\t\tusername instead of the \"user.name\" system property.\n\t-S | -stdin_pass\n\t\tAllows passphrase from stdin.\n";
    private static final String message = "\nSyntax: java MyProxy [common options] command [command options]\n        java MyProxy -version\n        java MyProxy -help\n\n\tCommon Options:\n\t-help\n\t\tDisplays usage\n\t-v | -version\n\t\tDisplays version\n\n\t-h <host> | -host <host>\n\t\tHostname of the myproxy-server\n\t-p <port> | -port <port>\n\t\tPort of the myproxy-server\n\t\t(default 7512)\n\t-s <subject> | -subject <subject>\n\t\tPerforms subject authorization\n\t-l <username> | -username <username>\n\t\tUsername for the delegated proxy\n\t-d | -dn_as_username\n\t\tUse the proxy certificate subject (DN) as the default\n\t\tusername instead of the \"user.name\" system property.\n\t-S | -stdin_pass\n\t\tAllows passphrase from stdin.\n\n\tCommands:\n\t put            - put proxy\n\t store          - store credentials\n\t get            - get proxy\n\t anonget        - get proxy without local credentials\n\t get-trustroots - get trustroots information\n\t destroy        - remove proxy\n\t info           - credential information\n\t pwd            - change credential password\n\n\tSpecify -help after a command name for command-specific help.\n";
    private static final String destroyMessage = "\nSyntax: java MyProxy [common options] destroy [command options]\n\n\tCommon Options:\n\t-help\n\t\tDisplays usage\n\t-v | -version\n\t\tDisplays version\n\n\t-h <host> | -host <host>\n\t\tHostname of the myproxy-server\n\t-p <port> | -port <port>\n\t\tPort of the myproxy-server\n\t\t(default 7512)\n\t-s <subject> | -subject <subject>\n\t\tPerforms subject authorization\n\t-l <username> | -username <username>\n\t\tUsername for the delegated proxy\n\t-d | -dn_as_username\n\t\tUse the proxy certificate subject (DN) as the default\n\t\tusername instead of the \"user.name\" system property.\n\t-S | -stdin_pass\n\t\tAllows passphrase from stdin.\n\n\tCommand Options:\n\t-help\n\t\tDisplays usage\n\t-k | -credname <name>\n\t\tSpecifies credential name\n";
    private static final String pwdMessage = "\nSyntax: java MyProxy [common options] pwd [command options]\n\n\tCommon Options:\n\t-help\n\t\tDisplays usage\n\t-v | -version\n\t\tDisplays version\n\n\t-h <host> | -host <host>\n\t\tHostname of the myproxy-server\n\t-p <port> | -port <port>\n\t\tPort of the myproxy-server\n\t\t(default 7512)\n\t-s <subject> | -subject <subject>\n\t\tPerforms subject authorization\n\t-l <username> | -username <username>\n\t\tUsername for the delegated proxy\n\t-d | -dn_as_username\n\t\tUse the proxy certificate subject (DN) as the default\n\t\tusername instead of the \"user.name\" system property.\n\t-S | -stdin_pass\n\t\tAllows passphrase from stdin.\n\n\tCommand Options:\n\t-help\n\t\tDisplays usage\n\t-k | -credname <name>\n\t\tSpecifies credential name\n";
    private static final String infoMessage = "\nSyntax: java MyProxy [common options] info [command options]\n\n\tCommon Options:\n\t-help\n\t\tDisplays usage\n\t-v | -version\n\t\tDisplays version\n\n\t-h <host> | -host <host>\n\t\tHostname of the myproxy-server\n\t-p <port> | -port <port>\n\t\tPort of the myproxy-server\n\t\t(default 7512)\n\t-s <subject> | -subject <subject>\n\t\tPerforms subject authorization\n\t-l <username> | -username <username>\n\t\tUsername for the delegated proxy\n\t-d | -dn_as_username\n\t\tUse the proxy certificate subject (DN) as the default\n\t\tusername instead of the \"user.name\" system property.\n\t-S | -stdin_pass\n\t\tAllows passphrase from stdin.\n\n\tCommand Options:\n\t-help\n\t\tDisplays usage\n";
    private static final String getMessage = "\nSyntax: java MyProxy [common options] [get|anonget] [command options]\n\n\tCommon Options:\n\t-help\n\t\tDisplays usage\n\t-v | -version\n\t\tDisplays version\n\n\t-h <host> | -host <host>\n\t\tHostname of the myproxy-server\n\t-p <port> | -port <port>\n\t\tPort of the myproxy-server\n\t\t(default 7512)\n\t-s <subject> | -subject <subject>\n\t\tPerforms subject authorization\n\t-l <username> | -username <username>\n\t\tUsername for the delegated proxy\n\t-d | -dn_as_username\n\t\tUse the proxy certificate subject (DN) as the default\n\t\tusername instead of the \"user.name\" system property.\n\t-S | -stdin_pass\n\t\tAllows passphrase from stdin.\n\n\tCommand Options:\n\t-help\n\t\tDisplays usage\n\t-t <hours> | -portal_lifetime <hours>\n\t\tLifetime of delegated proxy on\n\t\tthe portal (default 12 hours)\n\t-o | -out <path>\n\t\tLocation of delegated proxy\n\t-T | -trustroots\n\t\tManage trust roots\n\t-k | -credname <name>\n\t\tSpecifies credential name\n\t-a | -authorization <path>\n\t\tSpecifies path to credentials to renew\n";
    private static final String putMessage = "\nSyntax: java MyProxy [common options] put [command options]\n\n\tCommon Options:\n\t-help\n\t\tDisplays usage\n\t-v | -version\n\t\tDisplays version\n\n\t-h <host> | -host <host>\n\t\tHostname of the myproxy-server\n\t-p <port> | -port <port>\n\t\tPort of the myproxy-server\n\t\t(default 7512)\n\t-s <subject> | -subject <subject>\n\t\tPerforms subject authorization\n\t-l <username> | -username <username>\n\t\tUsername for the delegated proxy\n\t-d | -dn_as_username\n\t\tUse the proxy certificate subject (DN) as the default\n\t\tusername instead of the \"user.name\" system property.\n\t-S | -stdin_pass\n\t\tAllows passphrase from stdin.\n\n\tCommand Options:\n\t-help\n\t\tDisplays usage\n\t-cert <certfile>\n\t\tNon-standard location of user certificate\n\t-key <keyfile>\n\t\tNon-standard location of user key\n\t-t <hours> | -portal_lifetime <hours>\n\t\tLifetime of delegated proxy on\n\t\tthe portal (default 12 hours)\n\t-c <hours> | -cred_lifetime <hours> \n\t\tLifetime of delegated proxy\n\t\t(default 1 week - 168 hours)\n\t-a | -allow_anonymous_retrievers\n\t\tAllow credentials to be retrieved with just username/passphrase\n\t-A | -allow_anonymous_renewers\n\t\tAllow credentials to be renewed by any client (not recommended)\n\t-r | -retrievable_by <dn>\n\t\tAllow specified entity to retrieve credential\n\t-R | -renewable_by <dn>\n\t\tAllow specified entity to renew credential\n\t-x | -regex_dn_match\n\t\tSpecifies that the DN used by  options -r and -R\n\t\twill be matched as a regular expression\n \t-X | -match_cn_only\n\t\tSpecifies  that  the  DN  used by options -r and -R\n\t\twill be matched against the Common Name (CN) of the\n\t\tsubject\n\t-n | -no_passphrase\n\t\tDisable passphrase authentication\n\t-k | -credname <name>\n\t\tSpecifies credential name\n\t-K | -creddesc <desc>\n\t\tSpecifies credential description\n";
    private static final String storeMessage = "\nSyntax: java MyProxy [common options] store [command options]\n\n\tCommon Options:\n\t-help\n\t\tDisplays usage\n\t-v | -version\n\t\tDisplays version\n\n\t-h <host> | -host <host>\n\t\tHostname of the myproxy-server\n\t-p <port> | -port <port>\n\t\tPort of the myproxy-server\n\t\t(default 7512)\n\t-s <subject> | -subject <subject>\n\t\tPerforms subject authorization\n\t-l <username> | -username <username>\n\t\tUsername for the delegated proxy\n\t-d | -dn_as_username\n\t\tUse the proxy certificate subject (DN) as the default\n\t\tusername instead of the \"user.name\" system property.\n\t-S | -stdin_pass\n\t\tAllows passphrase from stdin.\n\n\tCommand Options:\n\t-help\n\t\tDisplays usage\n\t-cert <certfile>\n\t\tNon-standard location of user certificate\n\t-key <keyfile>\n\t\tNon-standard location of user key\n\t-t <hours> | -portal_lifetime <hours>\n\t\tLifetime of delegated proxy on\n\t\tthe portal (default 12 hours)\n\t-a | -allow_anonymous_retrievers\n\t\tAllow credentials to be retrieved with just username/passphrase\n\t-A | -allow_anonymous_renewers\n\t\tAllow credentials to be renewed by any client (not recommended)\n\t-r | -retrievable_by <dn>\n\t\tAllow specified entity to retrieve credential\n\t-R | -renewable_by <dn>\n\t\tAllow specified entity to renew credential\n\t-x | -regex_dn_match\n\t\tSpecifies that the DN used by  options -r and -R\n\t\twill be matched as a regular expression\n \t-X | -match_cn_only\n\t\tSpecifies  that  the  DN  used by options -r and -R\n\t\twill be matched against the Common Name (CN) of the\n\t\tsubject\n\t-k | -credname <name>\n\t\tSpecifies credential name\n\t-K | -creddesc <desc>\n\t\tSpecifies credential description\n";
    private static final String getTrustrootsMessage = "\nSyntax: java MyProxy [common options] get-trustroots [command options]\n\n\tCommon Options:\n\t-help\n\t\tDisplays usage\n\t-v | -version\n\t\tDisplays version\n\n\t-h <host> | -host <host>\n\t\tHostname of the myproxy-server\n\t-p <port> | -port <port>\n\t\tPort of the myproxy-server\n\t\t(default 7512)\n\t-s <subject> | -subject <subject>\n\t\tPerforms subject authorization\n\t-l <username> | -username <username>\n\t\tUsername for the delegated proxy\n\t-d | -dn_as_username\n\t\tUse the proxy certificate subject (DN) as the default\n\t\tusername instead of the \"user.name\" system property.\n\t-S | -stdin_pass\n\t\tAllows passphrase from stdin.\n\n\tCommand Options:\n\t-help\n\t\tDisplays usage\n";
    private String hostname;
    private String username;
    private String subjectDN;
    private int port = 7512;
    private boolean debug = false;
    private boolean dnAsUsername = false;
    private boolean stdin = false;
    private boolean wantTrustroots = false;

    protected void parseCmdLine(String[] strArr) {
        int i = 0;
        while (i < strArr.length) {
            if (strArr[i].charAt(0) != '-') {
                CertUtil.init();
                if (strArr[i].equalsIgnoreCase("get")) {
                    doGet(strArr, i + 1, false);
                } else if (strArr[i].equalsIgnoreCase("anonget")) {
                    doGet(strArr, i + 1, true);
                } else if (strArr[i].equalsIgnoreCase("get-trustroots")) {
                    doGetTrustroots(strArr, i + 1, true);
                } else if (strArr[i].equalsIgnoreCase("put")) {
                    doPut(strArr, i + 1);
                } else if (strArr[i].equalsIgnoreCase("store")) {
                    doStore(strArr, i + 1);
                } else if (strArr[i].equalsIgnoreCase("destroy")) {
                    doDestroy(strArr, i + 1);
                } else if (strArr[i].equalsIgnoreCase("info")) {
                    doInfo(strArr, i + 1);
                } else if (strArr[i].equalsIgnoreCase("pwd")) {
                    doChangePassword(strArr, i + 1);
                } else {
                    error(new StringBuffer().append("Error: unknown command (").append(strArr[i]).append(")").toString());
                }
            } else if (strArr[i].equals("-h") || strArr[i].equalsIgnoreCase("-host")) {
                i++;
                if (i == strArr.length) {
                    error("Error: -h requires hostname");
                } else {
                    this.hostname = strArr[i];
                }
            } else if (strArr[i].equals("-p") || strArr[i].equalsIgnoreCase("-port")) {
                i++;
                if (i == strArr.length) {
                    error("Error: -p requires port number");
                } else {
                    this.port = Integer.parseInt(strArr[i]);
                }
            } else if (strArr[i].equals("-l") || strArr[i].equalsIgnoreCase("-username")) {
                i++;
                if (i == strArr.length) {
                    error("Error: -l requires username");
                } else {
                    this.username = strArr[i];
                }
            } else if (strArr[i].equals("-d") || strArr[i].equalsIgnoreCase("-dn_as_username")) {
                this.dnAsUsername = true;
            } else if (strArr[i].equalsIgnoreCase("-debug")) {
                this.debug = true;
            } else if (strArr[i].equals("-S") || strArr[i].equalsIgnoreCase("-stdin_pass")) {
                this.stdin = true;
            } else if (strArr[i].equals("-s") || strArr[i].equalsIgnoreCase("-subject")) {
                i++;
                if (i == strArr.length) {
                    error("Error: -subject requires an argument");
                } else {
                    this.subjectDN = strArr[i];
                }
            } else if (strArr[i].equals("-v") || strArr[i].equalsIgnoreCase("-version")) {
                System.out.println(Version.getVersion());
                System.exit(1);
            } else if (strArr[i].equalsIgnoreCase("-help") || strArr[i].equalsIgnoreCase("-usage")) {
                System.err.println(message);
                System.exit(1);
            } else {
                error(new StringBuffer().append("Error: argument #").append(i).append(" (").append(strArr[i]).append(") : unknown").toString());
            }
            i++;
        }
        error("Error: No command specified");
    }

    private String getUsername() {
        if (this.dnAsUsername) {
            try {
                return getDefaultCredential().getName().toString();
            } catch (Exception e) {
                exit(new StringBuffer().append("Failed to get credential name: ").append(e.getMessage()).toString(), e);
            }
        }
        return this.username == null ? System.getProperty("user.name") : this.username;
    }

    private void verifyCommonCmdLine() {
        if (this.hostname == null) {
            error("Error: myproxy-server hostname not specified");
        }
    }

    private org.globus.myproxy.MyProxy getMyProxy() {
        org.globus.myproxy.MyProxy myProxy = new org.globus.myproxy.MyProxy(this.hostname, this.port);
        if (this.subjectDN != null) {
            myProxy.setAuthorization(new IdentityAuthorization(this.subjectDN));
        }
        return myProxy;
    }

    protected void doInfo(String[] strArr, int i) {
        for (int i2 = i; i2 < strArr.length; i2++) {
            if (strArr[i2].equalsIgnoreCase("-help") || strArr[i2].equalsIgnoreCase("-usage")) {
                System.err.println(infoMessage);
                System.exit(1);
            } else {
                error(new StringBuffer().append("Error: info argument #").append(i2).append(" (").append(strArr[i2]).append(") : unknown").toString());
            }
        }
        verifyCommonCmdLine();
        GSSCredential defaultCredential = getDefaultCredential();
        InfoParams infoParams = new InfoParams();
        infoParams.setUserName(getUsername());
        infoParams.setPassphrase("DUMMY-PASSPHRASE");
        try {
            CredentialInfo[] info = getMyProxy().info(defaultCredential, infoParams);
            System.out.println(new StringBuffer().append("Owner: ").append(info[0].getOwner()).toString());
            for (int i3 = 0; i3 < info.length; i3++) {
                String name = info[i3].getName();
                System.out.println(name == null ? "default:" : new StringBuffer().append(name).append(":").toString());
                System.out.println(new StringBuffer().append("\tStart Time  : ").append(info[i3].getStartTime()).toString());
                System.out.println(new StringBuffer().append("\tEnd Time    : ").append(info[i3].getEndTime()).toString());
                long currentTimeMillis = System.currentTimeMillis();
                if (info[i3].getEndTime() > currentTimeMillis) {
                    System.out.println(new StringBuffer().append("\tTime left   : ").append(Util.formatTimeSec((info[i3].getEndTime() - currentTimeMillis) / 1000)).toString());
                } else {
                    System.out.println("\tTime left   : expired");
                }
                String retrievers = info[i3].getRetrievers();
                if (retrievers != null) {
                    System.out.println(new StringBuffer().append("\tRetrievers  : ").append(retrievers).toString());
                }
                String renewers = info[i3].getRenewers();
                if (renewers != null) {
                    System.out.println(new StringBuffer().append("\tRenewers    : ").append(renewers).toString());
                }
                String description = info[i3].getDescription();
                if (description != null) {
                    System.out.println(new StringBuffer().append("\tDescription : ").append(description).toString());
                }
            }
        } catch (Exception e) {
            exit(new StringBuffer().append("Error: ").append(e.getMessage()).toString(), e);
        }
        exit();
    }

    protected void doDestroy(String[] strArr, int i) {
        String str = null;
        int i2 = i;
        while (i2 < strArr.length) {
            if (strArr[i2].equals("-k") || strArr[i2].equalsIgnoreCase("-credname")) {
                i2++;
                if (i2 == strArr.length) {
                    error("Error: -k requires credential name");
                } else {
                    str = strArr[i2];
                }
            } else if (strArr[i2].equalsIgnoreCase("-help") || strArr[i2].equalsIgnoreCase("-usage")) {
                System.err.println(destroyMessage);
                System.exit(1);
            } else {
                error(new StringBuffer().append("Error: destroy argument #").append(i2).append(" (").append(strArr[i2]).append(") : unknown").toString());
            }
            i2++;
        }
        verifyCommonCmdLine();
        GSSCredential defaultCredential = getDefaultCredential();
        DestroyParams destroyParams = new DestroyParams();
        destroyParams.setUserName(getUsername());
        destroyParams.setCredentialName(str);
        destroyParams.setPassphrase("DUMMY-PASSPHRASE");
        try {
            getMyProxy().destroy(defaultCredential, destroyParams);
            System.out.println(new StringBuffer().append("A proxy was succesfully destroyed for user ").append(getUsername()).append(".").toString());
        } catch (Exception e) {
            exit(new StringBuffer().append("Error: ").append(e.getMessage()).toString(), e);
        }
        exit();
    }

    protected void doChangePassword(String[] strArr, int i) {
        String str = null;
        int i2 = i;
        while (i2 < strArr.length) {
            if (strArr[i2].equals("-k") || strArr[i2].equalsIgnoreCase("-credname")) {
                i2++;
                if (i2 == strArr.length) {
                    error("Error: -k requires credential name");
                } else {
                    str = strArr[i2];
                }
            } else if (strArr[i2].equalsIgnoreCase("-help") || strArr[i2].equalsIgnoreCase("-usage")) {
                System.err.println(pwdMessage);
                System.exit(1);
            } else {
                error(new StringBuffer().append("Error: pwd argument #").append(i2).append(" (").append(strArr[i2]).append(") : unknown").toString());
            }
            i2++;
        }
        verifyCommonCmdLine();
        GSSCredential defaultCredential = getDefaultCredential();
        ChangePasswordParams changePasswordParams = new ChangePasswordParams();
        changePasswordParams.setUserName(getUsername());
        changePasswordParams.setCredentialName(str);
        String input = this.stdin ? Util.getInput("Enter credential pass phrase: ") : Util.getPrivateInput("Enter credential pass phrase: ");
        if (input == null) {
            return;
        }
        changePasswordParams.setPassphrase(input);
        String input2 = this.stdin ? Util.getInput("Enter new pass phrase: ") : Util.getPrivateInput("Enter new pass phrase: ");
        if (input2 == null) {
            return;
        }
        changePasswordParams.setNewPassphrase(input2);
        try {
            getMyProxy().changePassword(defaultCredential, changePasswordParams);
            System.out.println("Password changed successfully.");
        } catch (Exception e) {
            exit(new StringBuffer().append("Error: ").append(e.getMessage()).toString(), e);
        }
        exit();
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:80:0x02df
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    protected void doGet(java.lang.String[] r7, int r8, boolean r9) {
        /*
            Method dump skipped, instructions count: 877
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.globus.tools.MyProxy.doGet(java.lang.String[], int, boolean):void");
    }

    protected void doPut(String[] strArr, int i) {
        doPutOrStore(strArr, i, false);
    }

    protected void doStore(String[] strArr, int i) {
        doPutOrStore(strArr, i, true);
    }

    protected void doPutOrStore(String[] strArr, int i, boolean z) {
        String str = null;
        String str2 = null;
        String str3 = null;
        String str4 = null;
        int i2 = 43200;
        int i3 = 604800;
        boolean z2 = false;
        String str5 = null;
        String str6 = null;
        boolean z3 = false;
        boolean z4 = false;
        boolean z5 = false;
        X509Certificate[] x509CertificateArr = null;
        OpenSSLKey openSSLKey = null;
        int i4 = i;
        while (i4 < strArr.length) {
            if (strArr[i4].equals("-k") || strArr[i4].equalsIgnoreCase("-credname")) {
                i4++;
                if (i4 == strArr.length) {
                    error("Error: -k requires credential name");
                } else {
                    str3 = strArr[i4];
                }
            } else if (strArr[i4].equals("-K") || strArr[i4].equalsIgnoreCase("-creddesc")) {
                i4++;
                if (i4 == strArr.length) {
                    error("Error: -K requires credential description");
                } else {
                    str4 = strArr[i4];
                }
            } else if (strArr[i4].equalsIgnoreCase("-cert")) {
                i4++;
                if (i4 == strArr.length) {
                    error("Error: -cert requires filename argument");
                } else {
                    str = strArr[i4];
                }
            } else if (strArr[i4].equalsIgnoreCase("-key")) {
                i4++;
                if (i4 == strArr.length) {
                    error("Error: -key requires filename argument");
                } else {
                    str2 = strArr[i4];
                }
            } else if (strArr[i4].equals("-t") || strArr[i4].equalsIgnoreCase("-portal_lifetime")) {
                i4++;
                if (i4 == strArr.length) {
                    error("Error: -t requires time argument in hours");
                } else {
                    i2 = Integer.parseInt(strArr[i4]) * 3600;
                }
            } else if (!z && (strArr[i4].equals("-c") || strArr[i4].equalsIgnoreCase("-cred_lifetime"))) {
                i4++;
                if (i4 == strArr.length) {
                    error("Error: -c requires time argument in hours");
                } else {
                    i3 = Integer.parseInt(strArr[i4]) * 3600;
                }
            } else if (strArr[i4].equals("-x") || strArr[i4].equalsIgnoreCase("-regex_dn_match")) {
                z2 = true;
            } else if (strArr[i4].equals("-X") || strArr[i4].equalsIgnoreCase("-match_cn_only")) {
                z2 = false;
            } else if (strArr[i4].equals("-A") || strArr[i4].equalsIgnoreCase("-allow_anonymous_renewers")) {
                z4 = true;
            } else if (strArr[i4].equals("-a") || strArr[i4].equalsIgnoreCase("-allow_anonymous_retrievers")) {
                z3 = true;
            } else if (strArr[i4].equals("-r") || strArr[i4].equalsIgnoreCase("-retrievable_by")) {
                i4++;
                if (i4 == strArr.length) {
                    error("Error: -r requires dn argument");
                } else if (str5 == null) {
                    str5 = strArr[i4];
                    z5 = true;
                } else {
                    error("-r already specified.");
                }
            } else if (strArr[i4].equals("-R") || strArr[i4].equalsIgnoreCase("-renewable_by")) {
                i4++;
                if (i4 == strArr.length) {
                    error("Error: -R requires dn argument");
                } else if (str6 == null) {
                    str6 = strArr[i4];
                } else {
                    error("-R already specified.");
                }
            } else if (!z && (strArr[i4].equals("-n") || strArr[i4].equalsIgnoreCase("-no_passphrase"))) {
                z5 = true;
            } else if (strArr[i4].equalsIgnoreCase("-help") || strArr[i4].equalsIgnoreCase("-usage")) {
                if (z) {
                    System.err.println(storeMessage);
                } else {
                    System.err.println(putMessage);
                }
                System.exit(1);
            } else {
                error(new StringBuffer().append("Error: put argument #").append(i4).append(" (").append(strArr[i4]).append(") : unknown").toString());
            }
            i4++;
        }
        verifyCommonCmdLine();
        CoGProperties coGProperties = CoGProperties.getDefault();
        if (str2 == null) {
            str2 = coGProperties.getUserKeyFile();
        }
        if (str == null) {
            str = coGProperties.getUserCertFile();
        }
        if (str6 != null) {
            if (str5 != null || z3) {
                error("Error: -R in incompatible with -a and -r.");
            }
            if (z4) {
                error("Error: Only one -A or -R option may be specified.");
            }
        }
        if (str5 != null) {
            if (str6 != null || z4) {
                error("Error: -r is incompatible with -A and -R.");
            }
            if (z3) {
                error("Error: Only one -a or -r option may be specified.");
            }
            if (z5) {
                error("Error: -r in incompatible with -n. A passphrase is required for credential retrieval.");
            }
        }
        if (z3) {
            if (z4 || str6 != null) {
                error("Error: -a is incompatible with -A and -R.");
            }
            if (z5) {
                error("Error: -a is incompatible with -n. A passphrase is required for credential retrieval.");
            }
        }
        if (z4 && (z3 || str5 != null)) {
            error("Error: -A is incompatible with -a and -r.");
        }
        if (str5 != null && !z2) {
            str5 = new StringBuffer().append("*/CN=").append(str5).toString();
        } else if (z3) {
            str5 = "*";
        }
        if (str6 != null && !z2) {
            str6 = new StringBuffer().append("*/CN=").append(str6).toString();
        } else if (z4) {
            str6 = "*";
        }
        if (z) {
            StoreParams storeParams = new StoreParams();
            storeParams.setUserName(getUsername());
            storeParams.setLifetime(i2);
            storeParams.setCredentialName(str3);
            storeParams.setCredentialDescription(str4);
            storeParams.setRenewer(str6);
            storeParams.setRetriever(str5);
            try {
                openSSLKey = new BouncyCastleOpenSSLKey(str2);
            } catch (IOException e) {
                exit(new StringBuffer().append("Error: Failed to load key: ").append(str2).toString(), e);
            } catch (GeneralSecurityException e2) {
                exit(new StringBuffer().append("Error: Unable to load key: ").append(e2.getMessage()).toString(), e2);
            }
            try {
                x509CertificateArr = CertUtil.loadCertificates(str);
            } catch (IOException e3) {
                exit(new StringBuffer().append("Error: Failed to load certificate: ").append(str).toString(), e3);
            } catch (GeneralSecurityException e4) {
                exit(new StringBuffer().append("Error: Unable to load certificate: ").append(e4.getMessage()).toString(), e4);
            }
            try {
                getMyProxy().store(getDefaultCredential(), x509CertificateArr, openSSLKey, storeParams);
                System.out.println(new StringBuffer().append("Credentials saved to MyProxy server on ").append(this.hostname).append(".").toString());
            } catch (Exception e5) {
                exit(new StringBuffer().append("Error: ").append(e5.getMessage()).toString(), e5);
            }
        } else {
            GSSCredential createNewProxy = createNewProxy(str, str2, i3, this.stdin);
            InitParams initParams = new InitParams();
            initParams.setUserName(getUsername());
            initParams.setLifetime(i2);
            initParams.setCredentialName(str3);
            initParams.setCredentialDescription(str4);
            initParams.setRenewer(str6);
            initParams.setRetriever(str5);
            if (!z5) {
                String input = this.stdin ? Util.getInput("Enter MyProxy Pass Phrase: ") : Util.getPrivateInput("Enter MyProxy Pass Phrase: ");
                if (input == null) {
                    return;
                } else {
                    initParams.setPassphrase(input);
                }
            }
            try {
                getMyProxy().put(createNewProxy, initParams);
                System.out.println(new StringBuffer().append("A proxy valid for ").append(i3 / 3600).append(" hours (").append(i3 / 86400).append(" days) for user ").append(getUsername()).append(" now exists on ").append(this.hostname).append(".").toString());
            } catch (Exception e6) {
                exit(new StringBuffer().append("Error: ").append(e6.getMessage()).toString(), e6);
            }
        }
        exit();
    }

    protected void doGetTrustroots(String[] strArr, int i, boolean z) {
        for (int i2 = i; i2 < strArr.length; i2++) {
            if (strArr[i2].equalsIgnoreCase("-help") || strArr[i2].equalsIgnoreCase("-usage")) {
                System.err.println(getTrustrootsMessage);
                System.exit(1);
            } else {
                error(new StringBuffer().append("Error: get argument #").append(i2).append(" (").append(strArr[i2]).append(") : unknown").toString());
            }
        }
        verifyCommonCmdLine();
        GSSCredential defaultCredential = z ? null : getDefaultCredential();
        GetTrustrootsParams getTrustrootsParams = new GetTrustrootsParams();
        try {
            org.globus.myproxy.MyProxy myProxy = getMyProxy();
            bootstrapIfNeeded(myProxy);
            myProxy.getTrustroots(defaultCredential, getTrustrootsParams);
            if (myProxy.writeTrustRoots()) {
                System.out.println(new StringBuffer().append("Wrote trust roots to ").append(org.globus.myproxy.MyProxy.getTrustRootPath()).append(".").toString());
            } else {
                System.out.println("Received no trust roots from MyProxy server.");
            }
        } catch (Exception e) {
            exit(new StringBuffer().append("Error: ").append(e.getMessage()).toString(), e);
        }
        exit();
    }

    private void bootstrapIfNeeded(org.globus.myproxy.MyProxy myProxy) {
        if (new File(org.globus.myproxy.MyProxy.getTrustRootPath()).exists()) {
            return;
        }
        System.out.println("Bootstrapping MyProxy server root of trust.");
        try {
            myProxy.bootstrapTrust();
        } catch (Exception e) {
            System.err.println(new StringBuffer().append("MyProxy bootstrapTrust failed: ").append(e).toString());
        }
    }

    private void exit() {
        System.exit(0);
    }

    private void exit(String str, Exception exc) {
        System.err.println(str);
        if (this.debug) {
            exc.printStackTrace();
        }
        System.exit(-1);
    }

    private static void error(String str) {
        System.err.println(str);
        displaySyntax();
    }

    private static void displaySyntax() {
        System.err.println("\nSyntax : java MyProxy [-help] command [-help]");
        System.err.println();
        System.err.println("Use -help to display full usage.");
        System.exit(1);
    }

    public static void main(String[] strArr) {
        new MyProxy().parseCmdLine(strArr);
    }

    private static GSSCredential getDefaultCredential() {
        try {
            return ExtendedGSSManager.getInstance().createCredential(1);
        } catch (GSSException e) {
            System.err.println(new StringBuffer().append("Failed to load default credentials: ").append(e.getMessage()).toString());
            System.exit(-1);
            return null;
        }
    }

    private static GSSCredential createNewProxy(String str, String str2, int i, boolean z) {
        X509Certificate[] x509CertificateArr = null;
        PrivateKey privateKey = null;
        try {
            BouncyCastleOpenSSLKey bouncyCastleOpenSSLKey = new BouncyCastleOpenSSLKey(str2);
            if (bouncyCastleOpenSSLKey.isEncrypted()) {
                String input = z ? Util.getInput("Enter GRID pass phrase: ") : Util.getPrivateInput("Enter GRID pass phrase: ");
                if (input == null) {
                    System.exit(-1);
                }
                bouncyCastleOpenSSLKey.decrypt(input);
            }
            privateKey = bouncyCastleOpenSSLKey.getPrivateKey();
        } catch (IOException e) {
            System.err.println(new StringBuffer().append("Error: Failed to load key: ").append(str2).toString());
            System.exit(-1);
        } catch (GeneralSecurityException e2) {
            System.err.println("Error: Wrong pass phrase");
            System.exit(-1);
        }
        try {
            x509CertificateArr = CertUtil.loadCertificates(str);
        } catch (IOException e3) {
            System.err.println(new StringBuffer().append("Error: Failed to load cert: ").append(str).toString());
            System.exit(-1);
        } catch (GeneralSecurityException e4) {
            System.err.println(new StringBuffer().append("Error: Unable to load user certificate: ").append(e4.getMessage()).toString());
            System.exit(-1);
        }
        try {
            return new GlobusGSSCredentialImpl(BouncyCastleCertProcessingFactory.getDefault().createCredential(x509CertificateArr, privateKey, 1024, i, 0 != 0 ? 2 : 3), 1);
        } catch (Exception e5) {
            System.err.println(new StringBuffer().append("Failed to create a proxy: ").append(e5.getMessage()).toString());
            System.exit(-1);
            return null;
        }
    }
}
