package blended.security.ssl;

import java.math.BigInteger;
import java.security.KeyPair;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Date;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.asn1.x509.KeyUsage;
import org.bouncycastle.asn1.x509.X509Extension;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.Serializable;
import scala.Some;
import scala.StringContext;
import scala.collection.TraversableOnce;
import scala.collection.immutable.List$;
import scala.reflect.ClassTag$;
import scala.runtime.AbstractFunction0;
import scala.runtime.BoxedUnit;

/* compiled from: SelfSignedCertificateProvider.scala */
/* loaded from: input_file:blended/security/ssl/SelfSignedCertificateProvider$$anonfun$refreshCertificate$1.class */
public final class SelfSignedCertificateProvider$$anonfun$refreshCertificate$1 extends AbstractFunction0<ServerCertificate> implements Serializable {
    public static final long serialVersionUID = 0;
    private final /* synthetic */ SelfSignedCertificateProvider $outer;
    private final Option existing$1;

    /* renamed from: apply, reason: merged with bridge method [inline-methods] */
    public final ServerCertificate m0apply() {
        BigInteger bigInteger;
        if (this.$outer.blended$security$ssl$SelfSignedCertificateProvider$$log.isInfoEnabled()) {
            this.$outer.blended$security$ssl$SelfSignedCertificateProvider$$log.info(new StringContext(Predef$.MODULE$.wrapRefArray(new String[]{"Using ", ""})).s(Predef$.MODULE$.genericWrapArray(new Object[]{this.$outer.blended$security$ssl$SelfSignedCertificateProvider$$cfg.commonNameProvider()})));
        }
        Some map = this.existing$1.map(new SelfSignedCertificateProvider$$anonfun$refreshCertificate$1$$anonfun$1(this));
        KeyPair blended$security$ssl$SelfSignedCertificateProvider$$generateKeyPair = this.$outer.blended$security$ssl$SelfSignedCertificateProvider$$generateKeyPair();
        X500Principal x500Principal = new X500Principal(this.$outer.blended$security$ssl$SelfSignedCertificateProvider$$cfg.commonNameProvider().commonName());
        if (map instanceof Some) {
            bigInteger = ((X509Certificate) map.x()).getSerialNumber().add(BigInteger.ONE);
        } else {
            if (!None$.MODULE$.equals(map)) {
                throw new MatchError(map);
            }
            bigInteger = BigInteger.ONE;
        }
        Calendar calendar = Calendar.getInstance();
        calendar.add(5, -1);
        Date time = calendar.getTime();
        calendar.add(5, 1 + this.$outer.blended$security$ssl$SelfSignedCertificateProvider$$cfg.validDays());
        JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder = new JcaX509v3CertificateBuilder(x500Principal, bigInteger, time, calendar.getTime(), x500Principal, blended$security$ssl$SelfSignedCertificateProvider$$generateKeyPair.getPublic());
        if (this.$outer.blended$security$ssl$SelfSignedCertificateProvider$$cfg.commonNameProvider().alternativeNames().nonEmpty()) {
            GeneralNames generalNames = new GeneralNames((GeneralName[]) ((TraversableOnce) this.$outer.blended$security$ssl$SelfSignedCertificateProvider$$cfg.commonNameProvider().alternativeNames().map(new SelfSignedCertificateProvider$$anonfun$refreshCertificate$1$$anonfun$2(this), List$.MODULE$.canBuildFrom())).toArray(ClassTag$.MODULE$.apply(GeneralName.class)));
            if (this.$outer.blended$security$ssl$SelfSignedCertificateProvider$$log.isDebugEnabled()) {
                this.$outer.blended$security$ssl$SelfSignedCertificateProvider$$log.debug(new StringContext(Predef$.MODULE$.wrapRefArray(new String[]{"General Names : ", ""})).s(Predef$.MODULE$.genericWrapArray(new Object[]{generalNames})));
            }
            jcaX509v3CertificateBuilder.addExtension(X509Extension.subjectAlternativeName, false, (ASN1Encodable) generalNames);
        } else {
            BoxedUnit boxedUnit = BoxedUnit.UNIT;
        }
        jcaX509v3CertificateBuilder.addExtension(X509Extension.keyUsage, false, (ASN1Encodable) new KeyUsage(128));
        X509Certificate certificate = new JcaX509CertificateConverter().getCertificate(jcaX509v3CertificateBuilder.build(new JcaContentSignerBuilder(this.$outer.blended$security$ssl$SelfSignedCertificateProvider$$cfg.sigAlg()).build(blended$security$ssl$SelfSignedCertificateProvider$$generateKeyPair.getPrivate())));
        if (this.$outer.blended$security$ssl$SelfSignedCertificateProvider$$log.isDebugEnabled()) {
            this.$outer.blended$security$ssl$SelfSignedCertificateProvider$$log.debug(new StringContext(Predef$.MODULE$.wrapRefArray(new String[]{"Generated certificate ", ""})).s(Predef$.MODULE$.genericWrapArray(new Object[]{X509CertificateInfo$.MODULE$.apply(certificate)})));
        }
        return ServerCertificate$.MODULE$.apply(blended$security$ssl$SelfSignedCertificateProvider$$generateKeyPair, List$.MODULE$.apply(Predef$.MODULE$.wrapRefArray(new X509Certificate[]{certificate})));
    }

    public /* synthetic */ SelfSignedCertificateProvider blended$security$ssl$SelfSignedCertificateProvider$$anonfun$$$outer() {
        return this.$outer;
    }

    public SelfSignedCertificateProvider$$anonfun$refreshCertificate$1(SelfSignedCertificateProvider selfSignedCertificateProvider, Option option) {
        if (selfSignedCertificateProvider == null) {
            throw null;
        }
        this.$outer = selfSignedCertificateProvider;
        this.existing$1 = option;
    }
}
