package net.corda.nodeapi.internal;

import java.nio.file.Path;
import java.nio.file.attribute.FileAttribute;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.NotImplementedError;
import kotlin.Unit;
import kotlin.collections.CollectionsKt;
import kotlin.collections.IntIterator;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.Intrinsics;
import kotlin.ranges.IntRange;
import net.corda.core.crypto.CompositeKey;
import net.corda.core.crypto.CryptoUtils;
import net.corda.core.identity.CordaX500Name;
import net.corda.core.identity.Party;
import net.corda.core.internal.InternalUtils;
import net.corda.nodeapi.internal.config.NodeSSLConfiguration;
import net.corda.nodeapi.internal.crypto.CertificateType;
import net.corda.nodeapi.internal.crypto.X509KeyStore;
import net.corda.nodeapi.internal.crypto.X509Utilities;
import net.corda.nodeapi.internal.protonwrapper.netty.AMQPClient;
import net.corda.nodeapi.internal.serialization.amqp.CorDappCustomSerializerKt;
import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* compiled from: DevIdentityGenerator.kt */
@Metadata(mv = {CorDappCustomSerializerKt.PROXY_TYPE, CorDappCustomSerializerKt.PROXY_TYPE, 8}, bv = {CorDappCustomSerializerKt.PROXY_TYPE, CorDappCustomSerializerKt.CORDAPP_TYPE, AMQPClient.NUM_CLIENT_THREADS}, k = CorDappCustomSerializerKt.PROXY_TYPE, d1 = {"��N\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010 \n��\n\u0002\u0010\b\n\u0002\b\u0004\bÆ\u0002\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J(\u0010\t\u001a\u00020\n2\u0006\u0010\u000b\u001a\u00020\f2\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010\u000f\u001a\u00020\u00102\u0006\u0010\u0011\u001a\u00020\u0012H\u0002J&\u0010\u0013\u001a\u00020\u00142\f\u0010\u0015\u001a\b\u0012\u0004\u0012\u00020\u00120\u00162\u0006\u0010\u000f\u001a\u00020\u00102\b\b\u0002\u0010\u0017\u001a\u00020\u0018J\u001c\u0010\u0019\u001a\u00020\u00142\f\u0010\u0015\u001a\b\u0012\u0004\u0012\u00020\u00120\u00162\u0006\u0010\u000f\u001a\u00020\u0010J\u0016\u0010\u001a\u001a\u00020\u00142\u0006\u0010\u0011\u001a\u00020\u00122\u0006\u0010\u001b\u001a\u00020\u0010R\u000e\u0010\u0003\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n��R\u000e\u0010\u0005\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n��R\u0016\u0010\u0006\u001a\n \b*\u0004\u0018\u00010\u00070\u0007X\u0082\u0004¢\u0006\u0002\n��¨\u0006\u001c"}, d2 = {"Lnet/corda/nodeapi/internal/DevIdentityGenerator;", "", "()V", "DISTRIBUTED_NOTARY_ALIAS_PREFIX", "", "NODE_IDENTITY_ALIAS_PREFIX", "log", "Lorg/slf4j/Logger;", "kotlin.jvm.PlatformType", "generateCertificates", "", "keyPair", "Ljava/security/KeyPair;", "notaryKey", "Ljava/security/PublicKey;", "notaryName", "Lnet/corda/core/identity/CordaX500Name;", "nodeDir", "Ljava/nio/file/Path;", "generateDistributedNotaryCompositeIdentity", "Lnet/corda/core/identity/Party;", "dirs", "", "threshold", "", "generateDistributedNotarySingularIdentity", "installKeyStoreWithNodeIdentity", "legalName", "node-api"})
/* loaded from: input_file:net/corda/nodeapi/internal/DevIdentityGenerator.class */
public final class DevIdentityGenerator {
    private static final Logger log = null;

    @NotNull
    public static final String NODE_IDENTITY_ALIAS_PREFIX = "identity";

    @NotNull
    public static final String DISTRIBUTED_NOTARY_ALIAS_PREFIX = "distributed-notary";
    public static final DevIdentityGenerator INSTANCE = null;

    @NotNull
    public final Party installKeyStoreWithNodeIdentity(@NotNull final Path path, @NotNull CordaX500Name cordaX500Name) {
        Intrinsics.checkParameterIsNotNull(path, "nodeDir");
        Intrinsics.checkParameterIsNotNull(cordaX500Name, "legalName");
        NodeSSLConfiguration nodeSSLConfiguration = new NodeSSLConfiguration(path) { // from class: net.corda.nodeapi.internal.DevIdentityGenerator$installKeyStoreWithNodeIdentity$nodeSslConfig$1

            @NotNull
            private final Path baseDirectory;

            @NotNull
            private final String keyStorePassword = "cordacadevpass";
            final /* synthetic */ Path $nodeDir;

            @Override // net.corda.nodeapi.internal.config.NodeSSLConfiguration
            @NotNull
            public Path getBaseDirectory() {
                return this.baseDirectory;
            }

            @Override // net.corda.nodeapi.internal.config.SSLConfiguration
            @NotNull
            public String getKeyStorePassword() {
                return this.keyStorePassword;
            }

            @NotNull
            public Void getTrustStorePassword() {
                throw new NotImplementedError("Not expected to be called");
            }

            @Override // net.corda.nodeapi.internal.config.SSLConfiguration
            /* renamed from: getTrustStorePassword, reason: collision with other method in class */
            public /* bridge */ /* synthetic */ String mo24getTrustStorePassword() {
                return (String) getTrustStorePassword();
            }

            /* JADX INFO: Access modifiers changed from: package-private */
            {
                this.$nodeDir = path;
                this.baseDirectory = path;
            }

            @Override // net.corda.nodeapi.internal.config.NodeSSLConfiguration, net.corda.nodeapi.internal.config.SSLConfiguration
            @NotNull
            public Path getCertificatesDirectory() {
                return NodeSSLConfiguration.DefaultImpls.getCertificatesDirectory(this);
            }

            @Override // net.corda.nodeapi.internal.config.SSLConfiguration
            @NotNull
            public Path getSslKeystore() {
                return NodeSSLConfiguration.DefaultImpls.getSslKeystore(this);
            }

            @Override // net.corda.nodeapi.internal.config.SSLConfiguration
            @NotNull
            public Path getNodeKeystore() {
                return NodeSSLConfiguration.DefaultImpls.getNodeKeystore(this);
            }

            @Override // net.corda.nodeapi.internal.config.SSLConfiguration
            @NotNull
            public Path getTrustStoreFile() {
                return NodeSSLConfiguration.DefaultImpls.getTrustStoreFile(this);
            }

            @Override // net.corda.nodeapi.internal.config.SSLConfiguration
            @NotNull
            public X509KeyStore loadTrustStore(boolean z) {
                return NodeSSLConfiguration.DefaultImpls.loadTrustStore(this, z);
            }

            @Override // net.corda.nodeapi.internal.config.SSLConfiguration
            @NotNull
            public X509KeyStore loadNodeKeyStore(boolean z) {
                return NodeSSLConfiguration.DefaultImpls.loadNodeKeyStore(this, z);
            }

            @Override // net.corda.nodeapi.internal.config.SSLConfiguration
            @NotNull
            public X509KeyStore loadSslKeyStore(boolean z) {
                return NodeSSLConfiguration.DefaultImpls.loadSslKeyStore(this, z);
            }
        };
        InternalUtils.createDirectories(nodeSSLConfiguration.getCertificatesDirectory(), new FileAttribute[0]);
        return KeyStoreConfigHelpersKt.storeLegalIdentity$default((X509KeyStore) KeyStoreConfigHelpersKt.createDevKeyStores$default(nodeSSLConfiguration, cordaX500Name, null, null, 6, null).component1(), "identity-private-key", null, 2, null).getParty();
    }

    @NotNull
    public final Party generateDistributedNotaryCompositeIdentity(@NotNull List<? extends Path> list, @NotNull CordaX500Name cordaX500Name, int i) {
        Intrinsics.checkParameterIsNotNull(list, "dirs");
        Intrinsics.checkParameterIsNotNull(cordaX500Name, "notaryName");
        if (!(!list.isEmpty())) {
            throw new IllegalArgumentException("Failed requirement.".toString());
        }
        Logger logger = log;
        if (logger.isTraceEnabled()) {
            logger.trace("Generating composite identity \"" + cordaX500Name + "\" for nodes: " + CollectionsKt.joinToString$default(list, (CharSequence) null, (CharSequence) null, (CharSequence) null, 0, (CharSequence) null, (Function1) null, 63, (Object) null));
        }
        Iterable intRange = new IntRange(1, list.size());
        ArrayList arrayList = new ArrayList(CollectionsKt.collectionSizeOrDefault(intRange, 10));
        IntIterator it = intRange.iterator();
        while (it.hasNext()) {
            it.nextInt();
            arrayList.add(CryptoUtils.generateKeyPair());
        }
        ArrayList arrayList2 = arrayList;
        CompositeKey.Builder builder = new CompositeKey.Builder();
        ArrayList arrayList3 = arrayList2;
        ArrayList arrayList4 = new ArrayList(CollectionsKt.collectionSizeOrDefault(arrayList3, 10));
        Iterator it2 = arrayList3.iterator();
        while (it2.hasNext()) {
            arrayList4.add(((KeyPair) it2.next()).getPublic());
        }
        PublicKey build = builder.addKeys(arrayList4).build(Integer.valueOf(i));
        ArrayList arrayList5 = arrayList2;
        Iterator it3 = arrayList5.iterator();
        Iterator<T> it4 = list.iterator();
        ArrayList arrayList6 = new ArrayList(Math.min(CollectionsKt.collectionSizeOrDefault(arrayList5, 10), CollectionsKt.collectionSizeOrDefault(list, 10)));
        while (it3.hasNext() && it4.hasNext()) {
            INSTANCE.generateCertificates((KeyPair) it3.next(), build, cordaX500Name, (Path) it4.next());
            arrayList6.add(Unit.INSTANCE);
        }
        return new Party(cordaX500Name, build);
    }

    @NotNull
    public static /* bridge */ /* synthetic */ Party generateDistributedNotaryCompositeIdentity$default(DevIdentityGenerator devIdentityGenerator, List list, CordaX500Name cordaX500Name, int i, int i2, Object obj) {
        if ((i2 & 4) != 0) {
            i = 1;
        }
        return devIdentityGenerator.generateDistributedNotaryCompositeIdentity(list, cordaX500Name, i);
    }

    @NotNull
    public final Party generateDistributedNotarySingularIdentity(@NotNull List<? extends Path> list, @NotNull CordaX500Name cordaX500Name) {
        Intrinsics.checkParameterIsNotNull(list, "dirs");
        Intrinsics.checkParameterIsNotNull(cordaX500Name, "notaryName");
        if (!(!list.isEmpty())) {
            throw new IllegalArgumentException("Failed requirement.".toString());
        }
        Logger logger = log;
        if (logger.isTraceEnabled()) {
            logger.trace("Generating singular identity \"" + cordaX500Name + "\" for nodes: " + CollectionsKt.joinToString$default(list, (CharSequence) null, (CharSequence) null, (CharSequence) null, 0, (CharSequence) null, (Function1) null, 63, (Object) null));
        }
        KeyPair generateKeyPair = CryptoUtils.generateKeyPair();
        PublicKey publicKey = generateKeyPair.getPublic();
        for (Path path : list) {
            DevIdentityGenerator devIdentityGenerator = INSTANCE;
            Intrinsics.checkExpressionValueIsNotNull(publicKey, "notaryKey");
            devIdentityGenerator.generateCertificates(generateKeyPair, publicKey, cordaX500Name, path);
        }
        Intrinsics.checkExpressionValueIsNotNull(publicKey, "notaryKey");
        return new Party(cordaX500Name, publicKey);
    }

    private final void generateCertificates(final KeyPair keyPair, PublicKey publicKey, CordaX500Name cordaX500Name, Path path) {
        List<PublicKey> listOf = CollectionsKt.listOf(new PublicKey[]{keyPair.getPublic(), publicKey});
        ArrayList arrayList = new ArrayList(CollectionsKt.collectionSizeOrDefault(listOf, 10));
        for (PublicKey publicKey2 : listOf) {
            CertificateType certificateType = CertificateType.SERVICE_IDENTITY;
            X509Certificate certificate = KeyStoreConfigHelpersKt.getDEV_INTERMEDIATE_CA().getCertificate();
            KeyPair keyPair2 = KeyStoreConfigHelpersKt.getDEV_INTERMEDIATE_CA().getKeyPair();
            X500Principal x500Principal = cordaX500Name.getX500Principal();
            Intrinsics.checkExpressionValueIsNotNull(publicKey2, "publicKey");
            arrayList.add(X509Utilities.createCertificate$default(certificateType, certificate, keyPair2, x500Principal, publicKey2, null, null, 96, null));
        }
        ArrayList arrayList2 = arrayList;
        final X509Certificate x509Certificate = (X509Certificate) arrayList2.get(0);
        final X509Certificate x509Certificate2 = (X509Certificate) arrayList2.get(1);
        X509KeyStore.Companion.fromFile(InternalUtils.div(InternalUtils.createDirectories(InternalUtils.div(path, "certificates"), new FileAttribute[0]), "distributedService.jks"), "cordacadevpass", true).update(new Function1<X509KeyStore, Unit>() { // from class: net.corda.nodeapi.internal.DevIdentityGenerator$generateCertificates$2
            public /* bridge */ /* synthetic */ Object invoke(Object obj) {
                invoke((X509KeyStore) obj);
                return Unit.INSTANCE;
            }

            public final void invoke(@NotNull X509KeyStore x509KeyStore) {
                Intrinsics.checkParameterIsNotNull(x509KeyStore, "$receiver");
                x509KeyStore.setCertificate("distributed-notary-composite-key", x509Certificate2);
                PrivateKey privateKey = keyPair.getPrivate();
                Intrinsics.checkExpressionValueIsNotNull(privateKey, "keyPair.private");
                x509KeyStore.setPrivateKey("distributed-notary-private-key", privateKey, CollectionsKt.listOf(new X509Certificate[]{x509Certificate, KeyStoreConfigHelpersKt.getDEV_INTERMEDIATE_CA().getCertificate(), KeyStoreConfigHelpersKt.getDEV_ROOT_CA().getCertificate()}), "cordacadevkeypass");
            }

            /* JADX INFO: Access modifiers changed from: package-private */
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(1);
            }
        });
    }

    private DevIdentityGenerator() {
        INSTANCE = this;
        log = LoggerFactory.getLogger(getClass());
    }

    static {
        new DevIdentityGenerator();
    }
}
