package fr.in2p3.lavoisier.connector.impl;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.security.cert.X509Certificate;
import sun.misc.BASE64Encoder;

/* loaded from: input_file:fr/in2p3/lavoisier/connector/impl/X509Downloader.class */
public class X509Downloader {
    private static final boolean AUTHENTICATE = false;

    public static X509Certificate authenticateAndGet(URL url) throws IOException {
        String property = System.getProperty("keystore.file");
        String str = property != null ? property : System.getProperty("user.home") + "/.keystore";
        String property2 = System.getProperty("keystore.passwd");
        String str2 = property2 != null ? property2 : "changeit";
        System.setProperty("javax.net.ssl.trustStore", str);
        System.setProperty("javax.net.ssl.trustStorePassword", str2);
        System.setProperty("javax.net.ssl.keyStore", str);
        System.setProperty("javax.net.ssl.keyStorePassword", str2);
        return ((SSLSocket) ((SSLSocketFactory) SSLSocketFactory.getDefault()).createSocket(url.getHost(), url.getPort() > 0 ? url.getPort() : 443)).getSession().getPeerCertificateChain()[AUTHENTICATE];
    }

    public static java.security.cert.X509Certificate get(URL url) throws IOException, NoSuchAlgorithmException, KeyManagementException {
        String host = url.getHost();
        int port = url.getPort();
        InetAddress byName = InetAddress.getByName(host);
        TrustManagerPeerCertCollector trustManagerPeerCertCollector = new TrustManagerPeerCertCollector();
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{trustManagerPeerCertCollector}, null);
        Socket createSocket = sSLContext.getSocketFactory().createSocket();
        createSocket.bind(new InetSocketAddress((InetAddress) null, AUTHENTICATE));
        createSocket.connect(new InetSocketAddress(byName, port), 3000);
        OutputStream outputStream = createSocket.getOutputStream();
        try {
            outputStream.write(new byte[]{13, 10});
        } catch (IOException e) {
            System.err.println(e);
        }
        outputStream.close();
        createSocket.close();
        java.security.cert.X509Certificate[] peerChain = trustManagerPeerCertCollector.getPeerChain();
        if (peerChain == null || peerChain.length <= 0) {
            return null;
        }
        return peerChain[AUTHENTICATE];
    }

    public static String toString(java.security.cert.X509Certificate x509Certificate) throws IOException, CertificateEncodingException {
        String replaceAll = new BASE64Encoder().encodeBuffer(x509Certificate.getEncoded()).replaceAll("\\r\\n", "\n");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write("-----BEGIN CERTIFICATE-----\n".getBytes());
        byteArrayOutputStream.write(replaceAll.getBytes());
        byteArrayOutputStream.write("-----END CERTIFICATE-----\n".getBytes());
        byteArrayOutputStream.close();
        return byteArrayOutputStream.toString();
    }

    public static void main(String[] strArr) throws Exception {
        java.security.cert.X509Certificate x509Certificate = get(new URL("https://voms.cern.ch:8443"));
        System.out.println(x509Certificate.getSubjectDN().toString());
        System.out.println(toString(x509Certificate));
    }
}
