package de.fenvariel.maven.certificate;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.time.LocalDate;
import java.time.ZoneId;
import java.util.Date;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.cert.CertIOException;
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.util.io.pem.PemObject;

/* loaded from: input_file:de/fenvariel/maven/certificate/CertificateService.class */
public class CertificateService {
    private PrivateKey caPrivateKey;
    private X509Certificate[] caChain;

    public CertificateService(File file, String str, char[] cArr, String str2, char[] cArr2) throws IOException, GeneralSecurityException {
        KeyStore keyStore = KeyStore.getInstance(str);
        keyStore.load(new FileInputStream(file), cArr);
        this.caPrivateKey = (PrivateKey) keyStore.getKey(str2, cArr2);
        Certificate[] certificateChain = keyStore.getCertificateChain(str2);
        this.caChain = new X509Certificate[certificateChain.length];
        for (int i = 0; i < certificateChain.length; i++) {
            this.caChain[i] = (X509Certificate) certificateChain[i];
        }
    }

    public void generateServerCertificate(CertificateParameters certificateParameters, KeyStoreParameters keyStoreParameters) throws NoSuchAlgorithmException, NoSuchProviderException, GeneralSecurityException, CertIOException, OperatorCreationException, IOException, Exception {
        CertificateFactory certificateFactory = new CertificateFactory(this.caPrivateKey, this.caChain);
        KeyPair generateKeyPair = CryptoUtil.generateKeyPair(certificateParameters.getKeySize());
        X500Principal build = new X500PrincipalBuilder().setCommonName(certificateParameters.getCommonName()).setCountry(certificateParameters.getCountryCode()).setLocality(certificateParameters.getLocality()).setOrganisation(certificateParameters.getOrganisation()).setOrganisationalUnit(certificateParameters.getOrganisationalUnit()).setState(certificateParameters.getState()).setEmailAddress(certificateParameters.getMailAddress()).setUID(certificateParameters.getUid()).build();
        ZoneId of = ZoneId.of("Z");
        X509Certificate[] createServerCertificateChain = certificateFactory.createServerCertificateChain(Date.from(LocalDate.now(of).minusDays(2L).atStartOfDay(of).toInstant()), certificateParameters.getValidityDuration(), build, generateKeyPair.getPublic(), certificateParameters.getAlternativeName());
        writeJKS(keyStoreParameters, generateKeyPair.getPrivate(), createServerCertificateChain);
        writePKCS(keyStoreParameters, generateKeyPair.getPrivate(), createServerCertificateChain);
        writePEM(keyStoreParameters, generateKeyPair.getPrivate(), createServerCertificateChain);
    }

    private void writePEM(KeyStoreParameters keyStoreParameters, PrivateKey privateKey, X509Certificate[] x509CertificateArr) throws CertificateEncodingException, IOException {
        JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(new FileWriter(new File(keyStoreParameters.getOutputDirectory(), keyStoreParameters.getKeyStoreName() + ".crt")));
        Throwable th = null;
        try {
            try {
                for (X509Certificate x509Certificate : x509CertificateArr) {
                    jcaPEMWriter.writeObject(new PemObject("CERTIFICATE", x509Certificate.getEncoded()));
                }
                jcaPEMWriter.flush();
                jcaPEMWriter.close();
                if (jcaPEMWriter != null) {
                    if (0 != 0) {
                        try {
                            jcaPEMWriter.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        jcaPEMWriter.close();
                    }
                }
                JcaPEMWriter jcaPEMWriter2 = new JcaPEMWriter(new FileWriter(new File(keyStoreParameters.getOutputDirectory(), keyStoreParameters.getKeyStoreName() + ".key")));
                Throwable th3 = null;
                try {
                    jcaPEMWriter2.writeObject(new PemObject("PRIVATE KEY", privateKey.getEncoded()));
                    jcaPEMWriter2.flush();
                    jcaPEMWriter2.close();
                    if (jcaPEMWriter2 != null) {
                        if (0 == 0) {
                            jcaPEMWriter2.close();
                            return;
                        }
                        try {
                            jcaPEMWriter2.close();
                        } catch (Throwable th4) {
                            th3.addSuppressed(th4);
                        }
                    }
                } catch (Throwable th5) {
                    if (jcaPEMWriter2 != null) {
                        if (0 != 0) {
                            try {
                                jcaPEMWriter2.close();
                            } catch (Throwable th6) {
                                th3.addSuppressed(th6);
                            }
                        } else {
                            jcaPEMWriter2.close();
                        }
                    }
                    throw th5;
                }
            } catch (Throwable th7) {
                th = th7;
                throw th7;
            }
        } catch (Throwable th8) {
            if (jcaPEMWriter != null) {
                if (th != null) {
                    try {
                        jcaPEMWriter.close();
                    } catch (Throwable th9) {
                        th.addSuppressed(th9);
                    }
                } else {
                    jcaPEMWriter.close();
                }
            }
            throw th8;
        }
    }

    private void writeJKS(KeyStoreParameters keyStoreParameters, PrivateKey privateKey, X509Certificate[] x509CertificateArr) throws GeneralSecurityException, IOException, Exception {
        write(new KeyStoreBuilder("BKS"), keyStoreParameters, privateKey, x509CertificateArr, new File(keyStoreParameters.getOutputDirectory(), keyStoreParameters.getKeyStoreName() + ".jks"));
    }

    private void writePKCS(KeyStoreParameters keyStoreParameters, PrivateKey privateKey, X509Certificate[] x509CertificateArr) throws GeneralSecurityException, IOException, Exception {
        write(new KeyStoreBuilder(KeyStoreBuilder.TYPE_PKCS12), keyStoreParameters, privateKey, x509CertificateArr, new File(keyStoreParameters.getOutputDirectory(), keyStoreParameters.getKeyStoreName() + ".p12"));
    }

    private void write(KeyStoreBuilder keyStoreBuilder, KeyStoreParameters keyStoreParameters, PrivateKey privateKey, X509Certificate[] x509CertificateArr, File file) throws Exception {
        keyStoreBuilder.addPrivateKey(keyStoreParameters.getAlias(), privateKey, x509CertificateArr, keyStoreParameters.getKeyPassword().toCharArray());
        byte[] buildBlob = keyStoreBuilder.buildBlob(keyStoreParameters.getStorePassword().toCharArray());
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        fileOutputStream.write(buildBlob);
        fileOutputStream.flush();
        fileOutputStream.close();
    }
}
