package com.firenio.baseio.component;

import com.firenio.baseio.common.BASE64Util;
import com.firenio.baseio.common.Encoding;
import com.firenio.baseio.common.FileUtil;
import com.firenio.baseio.common.Util;
import com.firenio.baseio.log.Logger;
import com.firenio.baseio.log.LoggerFactory;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Date;
import sun.security.x509.AlgorithmId;
import sun.security.x509.CertificateAlgorithmId;
import sun.security.x509.CertificateIssuerName;
import sun.security.x509.CertificateSerialNumber;
import sun.security.x509.CertificateSubjectName;
import sun.security.x509.CertificateValidity;
import sun.security.x509.CertificateVersion;
import sun.security.x509.CertificateX509Key;
import sun.security.x509.X500Name;
import sun.security.x509.X509CertImpl;
import sun.security.x509.X509CertInfo;

/* loaded from: input_file:com/firenio/baseio/component/SelfSignedCertificate.class */
public final class SelfSignedCertificate {
    private static final Date DEFAULT_NOT_AFTER = new Date(253402300799000L);
    private static final Date DEFAULT_NOT_BEFORE = new Date(System.currentTimeMillis() - 31536000000L);
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) SelfSignedCertificate.class);
    private X509Certificate cert;
    private File certificate;
    private String fqdn;
    private PrivateKey key;
    private Date notAfter;
    private Date notBefore;
    private File privateKey;
    private SecureRandom random;

    public SelfSignedCertificate() {
        this(DEFAULT_NOT_BEFORE, DEFAULT_NOT_AFTER);
    }

    public SelfSignedCertificate(Date date, Date date2) {
        this("example.com", date, date2);
    }

    public SelfSignedCertificate(String str) {
        this(str, DEFAULT_NOT_BEFORE, DEFAULT_NOT_AFTER);
    }

    public SelfSignedCertificate(String str, Date date, Date date2) {
        this(str, new SecureRandom(), date, date2);
    }

    public SelfSignedCertificate(String str, SecureRandom secureRandom) {
        this(str, secureRandom, DEFAULT_NOT_BEFORE, DEFAULT_NOT_AFTER);
    }

    public SelfSignedCertificate(String str, SecureRandom secureRandom, Date date, Date date2) {
        this.random = secureRandom;
        this.fqdn = str;
        this.notBefore = date;
        this.notAfter = date2;
    }

    public X509Certificate cert() {
        return this.cert;
    }

    public File certificate() {
        return this.certificate;
    }

    public void generate() throws CertificateEncodingException {
        generate(null, 1024);
    }

    public void generate(String str) throws CertificateEncodingException {
        generate(str, 1024);
    }

    public void generate(String str, int i) throws CertificateEncodingException {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(i, this.random);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            try {
                File[] generate = generate(str, this.fqdn, generateKeyPair, this.random, this.notBefore, this.notAfter);
                this.certificate = generate[0];
                this.privateKey = generate[1];
                this.key = generateKeyPair.getPrivate();
                FileInputStream fileInputStream = null;
                try {
                    try {
                        fileInputStream = new FileInputStream(this.certificate);
                        this.cert = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(fileInputStream);
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                            } catch (IOException e) {
                                logger.error("Failed to close a file: " + this.certificate, (Throwable) e);
                            }
                        }
                    } catch (Throwable th) {
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                            } catch (IOException e2) {
                                logger.error("Failed to close a file: " + this.certificate, (Throwable) e2);
                            }
                        }
                        throw th;
                    }
                } catch (Exception e3) {
                    throw new CertificateEncodingException(e3);
                }
            } catch (Exception e4) {
                logger.debug("Failed to generate a self-signed X.509 certificate using sun.security.x509:", (Throwable) e4);
                throw new Error(e4);
            }
        } catch (NoSuchAlgorithmException e5) {
            throw new Error(e5);
        }
    }

    private File[] generate(String str, String str2, KeyPair keyPair, SecureRandom secureRandom, Date date, Date date2) throws Exception {
        PrivateKey privateKey = keyPair.getPrivate();
        X509CertInfo x509CertInfo = new X509CertInfo();
        X500Name x500Name = new X500Name("CN=" + str2);
        x509CertInfo.set("version", new CertificateVersion(2));
        x509CertInfo.set("serialNumber", new CertificateSerialNumber(new BigInteger(64, secureRandom)));
        try {
            x509CertInfo.set("subject", new CertificateSubjectName(x500Name));
        } catch (CertificateException e) {
            x509CertInfo.set("subject", x500Name);
        }
        try {
            x509CertInfo.set("issuer", new CertificateIssuerName(x500Name));
        } catch (CertificateException e2) {
            x509CertInfo.set("issuer", x500Name);
        }
        x509CertInfo.set("validity", new CertificateValidity(date, date2));
        x509CertInfo.set("key", new CertificateX509Key(keyPair.getPublic()));
        x509CertInfo.set("algorithmID", new CertificateAlgorithmId(new AlgorithmId(AlgorithmId.sha1WithRSAEncryption_oid)));
        X509CertImpl x509CertImpl = new X509CertImpl(x509CertInfo);
        x509CertImpl.sign(privateKey, "SHA1withRSA");
        x509CertInfo.set("algorithmID.algorithm", x509CertImpl.get("x509.algorithm"));
        X509CertImpl x509CertImpl2 = new X509CertImpl(x509CertInfo);
        x509CertImpl2.sign(privateKey, "SHA1withRSA");
        x509CertImpl2.verify(keyPair.getPublic());
        return newSelfSignedCertificate(str, str2, privateKey, x509CertImpl2);
    }

    public PrivateKey key() {
        return this.key;
    }

    protected File[] newSelfSignedCertificate(String str, String str2, PrivateKey privateKey, X509Certificate x509Certificate) throws IOException, CertificateEncodingException {
        return new File[]{write2file(str, "keyutil_" + str2, ".crt", "-----BEGIN CERTIFICATE-----\n" + BASE64Util.byteArrayToBase64(x509Certificate.getEncoded()) + "\n-----END CERTIFICATE-----\n", Encoding.UTF8), write2file(str, "keyutil_" + str2, ".key", "-----BEGIN PRIVATE KEY-----\n" + BASE64Util.byteArrayToBase64(privateKey.getEncoded()) + "\n-----END PRIVATE KEY-----\n", Encoding.UTF8)};
    }

    public File privateKey() {
        return this.privateKey;
    }

    private void safeDelete(File file) {
        if (file.exists() && !file.delete()) {
            logger.error("Failed to delete a file: " + file);
        }
    }

    private File write2file(String str, String str2, String str3, String str4, Charset charset) throws IOException {
        File createTempFile = Util.isNullOrBlank(str) ? File.createTempFile(str2 + "_", str3) : new File(str + File.separator + str2 + str3);
        safeDelete(createTempFile);
        FileUtil.writeByFile(createTempFile, str4.getBytes(charset));
        logger.info("file generated:{}", createTempFile.getCanonicalPath());
        return createTempFile;
    }
}
