package org.glite.security.trustmanager.tomcat;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.security.Principal;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Iterator;
import java.util.ListIterator;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509KeyManager;
import org.apache.log4j.ConsoleAppender;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;
import org.apache.log4j.PatternLayout;
import org.bouncycastle.openssl.PasswordFinder;
import org.glite.security.SecurityContext;
import org.glite.security.trustmanager.ContextWrapper;
import org.glite.security.util.CaseInsensitiveProperties;
import org.glite.security.util.DNHandler;

/* loaded from: input_file:org/glite/security/trustmanager/tomcat/TryAuthentication.class */
public class TryAuthentication implements PasswordFinder {
    public char[] getPassword() {
        try {
            return new BufferedReader(new InputStreamReader(System.in)).readLine().toCharArray();
        } catch (IOException e) {
            System.out.println("Error while reading password, error was: " + e.getMessage());
            return null;
        }
    }

    public static void main(String[] strArr) {
        PatternLayout patternLayout = new PatternLayout("%d{ISO8601} %-5p [%t] %c{2} %x - %m%n");
        Logger logger = Logger.getLogger("org.glite.security");
        logger.setLevel(Level.WARN);
        logger.addAppender(new ConsoleAppender(patternLayout));
        Logger.getLogger("org.glite.security.util").setLevel(Level.WARN);
        SSLSocket sSLSocket = null;
        String str = null;
        String str2 = null;
        int i = 0;
        if (strArr.length < 2) {
            System.out.println("Not enought arguments given ");
            System.out.println("Usage: java org.glite.security.trustamanager.tomcat.TestAuthentication server port [path]");
            System.exit(-1);
        } else {
            str = strArr[0];
            i = Integer.parseInt(strArr[1]);
            if (strArr.length >= 3) {
                str2 = strArr[2];
            }
        }
        System.out.println("Connecting server " + str + " port " + i + " using SSL");
        CaseInsensitiveProperties caseInsensitiveProperties = new CaseInsensitiveProperties(System.getProperties());
        System.out.println("\nThe java environment variables are:");
        System.out.println(caseInsensitiveProperties);
        try {
            ContextWrapper contextWrapper = new ContextWrapper(caseInsensitiveProperties);
            X509KeyManager keyManager = contextWrapper.getKeyManager();
            String[] clientAliases = keyManager.getClientAliases("RSA", null);
            if (clientAliases == null || clientAliases.length == 0) {
                System.out.println("\nThe user credentials loading failed");
                System.exit(1);
            }
            X509Certificate[] certificateChain = keyManager.getCertificateChain(clientAliases[0]);
            System.out.println("\nThe user credentials cert chain contains the certificates:");
            for (X509Certificate x509Certificate : certificateChain) {
                System.out.println(DNHandler.getSubject(x509Certificate));
            }
            try {
                if (contextWrapper.trustManager != null) {
                    contextWrapper.trustManager.checkClientTrusted(certificateChain, (String) null);
                } else {
                    contextWrapper.m_trustmanager.checkClientTrusted(certificateChain, (String) null);
                }
            } catch (Exception e) {
                System.out.println("Warning the user credentials would not be accepted in this machine, reason: " + e.getMessage());
                e.printStackTrace(System.out);
            }
            SecurityContext.getCurrentContext();
            SecurityContext.clearCurrentContext();
            if (contextWrapper.trustAnchors == null && contextWrapper.trustManager != null) {
                System.out.println("\nError, no CA certificates could be found from: " + caseInsensitiveProperties.getProperty("sslCAFiles", "/etc/grid-security/certificates/*.0"));
            } else if (contextWrapper.trustAnchors != null) {
                Iterator it = contextWrapper.trustAnchors.iterator();
                System.out.println("\nThe CAs this client accepts are:");
                while (it.hasNext()) {
                    System.out.println(((TrustAnchor) it.next()).getTrustedCert().getSubjectDN().toString());
                }
                if (contextWrapper.crls == null) {
                    System.out.println("\nWarning, no CRLs could be found from: " + caseInsensitiveProperties.getProperty("crlFiles", "undefined"));
                } else {
                    Iterator it2 = contextWrapper.crls.iterator();
                    System.out.println("\nThe CRLs this client is aware of are:");
                    while (it2.hasNext()) {
                        System.out.println(((TrustAnchor) it2.next()).getTrustedCert().getSubjectDN().toString());
                    }
                }
            } else if (contextWrapper.m_trustmanager != null) {
                System.out.println("\nThe CAs this client is aware of are:");
                X509Certificate[] acceptedIssuers = contextWrapper.m_trustmanager.getAcceptedIssuers();
                for (int i2 = 0; i2 < acceptedIssuers.length; i2++) {
                    System.out.println(i2 + ": " + acceptedIssuers[i2].getSubjectDN());
                }
            }
            SSLSocketFactory socketFactory = contextWrapper.getSocketFactory();
            System.out.println("\nThe default cipher suites are:");
            for (String str3 : socketFactory.getDefaultCipherSuites()) {
                System.out.println(str3);
            }
            sSLSocket = (SSLSocket) socketFactory.createSocket(str, i);
            String[] supportedProtocols = sSLSocket.getSupportedProtocols();
            System.out.println("\nSupported protocols are:");
            for (String str4 : supportedProtocols) {
                System.out.println("\n" + str4);
            }
            String[] enabledProtocols = sSLSocket.getEnabledProtocols();
            System.out.println("\nEnabled protocols are:");
            for (String str5 : enabledProtocols) {
                System.out.println("\n" + str5);
            }
            System.out.println("\nSLLContext protocol is: " + contextWrapper.getContext().getProtocol());
            sSLSocket.startHandshake();
            SSLSession session = sSLSocket.getSession();
            System.out.println("\nCipher being used = " + session.getCipherSuite());
            javax.security.cert.X509Certificate[] peerCertificateChain = session.getPeerCertificateChain();
            System.out.println("\nThe server credentials cert chain contains the certificates:");
            for (javax.security.cert.X509Certificate x509Certificate2 : peerCertificateChain) {
                System.out.println(x509Certificate2.getSubjectDN().toString());
            }
            SecurityContext currentContext = SecurityContext.getCurrentContext();
            if (currentContext == null) {
                System.out.println("\nThe SSL handshake did not proceed to the point of server sending a certificate");
            } else {
                Principal[] peerCas = currentContext.getPeerCas();
                if (peerCas == null) {
                    System.out.println("\nDid not receive any CA names for handshake");
                } else {
                    System.out.println("\nServer accepts certificates signed by:");
                    for (Principal principal : peerCas) {
                        System.out.println(DNHandler.getDN(principal));
                    }
                }
            }
            System.out.println("\nHandshake succesful");
            connectPlain(sSLSocket, str2);
        } catch (Exception e2) {
            e2.printStackTrace(System.out);
            System.out.println("\nSSL handshake failed, reason: " + e2.getMessage());
            System.out.println("\nTrying to find more info...");
            try {
                SecurityContext currentContext2 = SecurityContext.getCurrentContext();
                if (currentContext2 == null) {
                    System.out.println("\nDid SSL handshake did not proceed to the point of server sending a certificate");
                } else {
                    X509Certificate[] unverifiedCertChain = currentContext2.getUnverifiedCertChain();
                    if (unverifiedCertChain == null) {
                        System.out.println("\nDid not receive any cert chain for handshake");
                    } else {
                        System.out.println("\nServer sent cert chain:");
                        for (X509Certificate x509Certificate3 : unverifiedCertChain) {
                            System.out.println(DNHandler.getSubject(x509Certificate3));
                        }
                    }
                    Principal[] peerCas2 = currentContext2.getPeerCas();
                    if (peerCas2 == null) {
                        System.out.println("\nDid not receive any CA names for handshake");
                    } else {
                        System.out.println("\nServer accepts certificates signed by:");
                        for (Principal principal2 : peerCas2) {
                            System.out.println(DNHandler.getDN(principal2));
                        }
                    }
                }
                SSLSession session2 = sSLSocket.getSession();
                System.out.println("\nCipher being used = " + session2.getCipherSuite());
                javax.security.cert.X509Certificate[] peerCertificateChain2 = session2.getPeerCertificateChain();
                System.out.println("\nThe server credentials cert chain contains the certificates:");
                for (javax.security.cert.X509Certificate x509Certificate4 : peerCertificateChain2) {
                    System.out.println(x509Certificate4.getSubjectDN().toString());
                }
            } catch (Exception e3) {
                System.out.println("\nInfo finding failed, reason: " + e3.getMessage());
                e3.printStackTrace(System.out);
            }
        }
    }

    static boolean connectPlain(SSLSocket sSLSocket, String str) throws IOException {
        try {
            OutputStream outputStream = sSLSocket.getOutputStream();
            String canonicalHostName = sSLSocket.getInetAddress().getCanonicalHostName();
            ListIterator listIterator = Arrays.asList(sSLSocket.getSession().getPeerCertificates()).listIterator();
            while (listIterator.hasNext()) {
                System.out.println("server cert chain is " + listIterator.next());
            }
            System.out.println("Host: " + canonicalHostName);
            if (str != null) {
                outputStream.write(("GET " + str + " HTTP/1.1\n").getBytes());
            } else {
                outputStream.write("GET /index.html HTTP/1.1\n".getBytes());
            }
            outputStream.write(("Host: " + canonicalHostName + "\n\n").getBytes());
            outputStream.flush();
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(sSLSocket.getInputStream()));
            for (String readLine = bufferedReader.readLine(); readLine != null; readLine = bufferedReader.readLine()) {
                System.out.println("> " + readLine);
                if (!bufferedReader.ready()) {
                    break;
                }
            }
            bufferedReader.close();
            System.out.println("Success");
            return true;
        } catch (IOException e) {
            e.printStackTrace(System.out);
            throw e;
        }
    }
}
