package me.escoffier.certs;

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import java.util.Base64;
import java.util.Date;
import java.util.List;
import java.util.Map;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemWriter;
import org.bouncycastle.x509.X509V3CertificateGenerator;

/* loaded from: input_file:me/escoffier/certs/CertificateUtils.class */
class CertificateUtils {
    CertificateUtils() {
    }

    public static X509Certificate generateCertificate(KeyPair keyPair, String str, Duration duration) throws Exception {
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.setSerialNumber(BigInteger.valueOf(System.nanoTime()));
        x509V3CertificateGenerator.setSubjectDN(new X509Principal("CN=" + str));
        x509V3CertificateGenerator.setIssuerDN(new X509Principal("CN=" + str));
        Instant minus = Instant.now().minus(2L, (TemporalUnit) ChronoUnit.DAYS);
        Instant plus = Instant.now().plus(duration.toDays(), (TemporalUnit) ChronoUnit.DAYS);
        x509V3CertificateGenerator.setNotBefore(new Date(minus.toEpochMilli()));
        x509V3CertificateGenerator.setNotAfter(new Date(plus.toEpochMilli()));
        x509V3CertificateGenerator.setPublicKey(keyPair.getPublic());
        x509V3CertificateGenerator.setSignatureAlgorithm("SHA256WithRSAEncryption");
        return x509V3CertificateGenerator.generate(keyPair.getPrivate());
    }

    public static void writePrivateKeyToPEM(PrivateKey privateKey, File file) throws IOException {
        PemObject pemObject = new PemObject("PRIVATE KEY", privateKey.getEncoded());
        FileWriter fileWriter = new FileWriter(file);
        try {
            PemWriter pemWriter = new PemWriter(fileWriter);
            try {
                pemWriter.writeObject(pemObject);
                pemWriter.close();
                fileWriter.close();
            } finally {
            }
        } catch (Throwable th) {
            try {
                fileWriter.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public static void writePublicKeyToPEM(PublicKey publicKey, File file) throws IOException {
        PemObject pemObject = new PemObject("PUBLIC KEY", publicKey.getEncoded());
        FileWriter fileWriter = new FileWriter(file);
        try {
            PemWriter pemWriter = new PemWriter(fileWriter);
            try {
                pemWriter.writeObject(pemObject);
                pemWriter.close();
                fileWriter.close();
            } finally {
            }
        } catch (Throwable th) {
            try {
                fileWriter.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public static void writeCertificateToDER(X509Certificate x509Certificate, File file) throws IOException, CertificateEncodingException {
        byte[] encoded = x509Certificate.getEncoded();
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        try {
            fileOutputStream.write(encoded);
            fileOutputStream.close();
        } catch (Throwable th) {
            try {
                fileOutputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public static void writeCertificateToPEM(X509Certificate x509Certificate, File file) throws IOException, CertificateEncodingException {
        PemObject pemObject = new PemObject("CERTIFICATE", x509Certificate.getEncoded());
        FileWriter fileWriter = new FileWriter(file);
        try {
            PemWriter pemWriter = new PemWriter(fileWriter);
            try {
                pemWriter.writeObject(pemObject);
                pemWriter.close();
                fileWriter.close();
            } finally {
            }
        } catch (Throwable th) {
            try {
                fileWriter.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public static void writePrivateKeyToPem(PrivateKey privateKey, File file) throws Exception {
        FileWriter fileWriter = new FileWriter(file);
        try {
            JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(fileWriter);
            try {
                jcaPEMWriter.writeObject(privateKey);
                jcaPEMWriter.close();
                fileWriter.close();
            } finally {
            }
        } catch (Throwable th) {
            try {
                fileWriter.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public static void writeTruststoreToPem(List<X509Certificate> list, File file) throws Exception {
        FileWriter fileWriter = new FileWriter(file);
        try {
            BufferedWriter bufferedWriter = new BufferedWriter(fileWriter);
            try {
                for (X509Certificate x509Certificate : list) {
                    bufferedWriter.write("-----BEGIN CERTIFICATE-----\n");
                    bufferedWriter.write(Base64.getEncoder().encodeToString(x509Certificate.getEncoded()));
                    bufferedWriter.write("\n-----END CERTIFICATE-----\n\n");
                }
                bufferedWriter.close();
                fileWriter.close();
            } finally {
            }
        } catch (Throwable th) {
            try {
                fileWriter.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public static void writePrivateKeyAndCertificateToJKS(X509Certificate x509Certificate, KeyPair keyPair, File file, char[] cArr, String str) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        keyStore.setKeyEntry(str, keyPair.getPrivate(), cArr, new Certificate[]{x509Certificate});
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        keyStore.store(fileOutputStream, cArr);
        fileOutputStream.close();
    }

    public static void writeTrustStoreToJKS(Map<String, X509Certificate> map, File file, char[] cArr) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        for (Map.Entry<String, X509Certificate> entry : map.entrySet()) {
            keyStore.setCertificateEntry(entry.getKey(), entry.getValue());
        }
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        keyStore.store(fileOutputStream, cArr);
        fileOutputStream.close();
    }

    public static void writePrivateKeyAndCertificateToPKCS12(X509Certificate x509Certificate, KeyPair keyPair, File file, char[] cArr, String str) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(null, null);
        keyStore.setKeyEntry(str, keyPair.getPrivate(), cArr, new Certificate[]{x509Certificate});
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        keyStore.store(fileOutputStream, cArr);
        fileOutputStream.close();
    }

    public static void writeTrustStoreToPKCS12(Map<String, X509Certificate> map, File file, char[] cArr) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(null, null);
        for (Map.Entry<String, X509Certificate> entry : map.entrySet()) {
            keyStore.setCertificateEntry(entry.getKey(), entry.getValue());
        }
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        keyStore.store(fileOutputStream, cArr);
        fileOutputStream.close();
    }

    public static KeyPair loadPrivateKey(File file) throws Exception {
        BufferedReader bufferedReader = new BufferedReader(new FileReader(file));
        try {
            PEMParser pEMParser = new PEMParser(bufferedReader);
            try {
                Object readObject = pEMParser.readObject();
                if (!(readObject instanceof KeyPair)) {
                    throw new IllegalArgumentException("Invalid PEM file format");
                }
                KeyPair keyPair = (KeyPair) readObject;
                pEMParser.close();
                bufferedReader.close();
                return keyPair;
            } finally {
            }
        } catch (Throwable th) {
            try {
                bufferedReader.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public static X509Certificate loadCertificate(File file) throws Exception {
        if (file.getName().endsWith(".der")) {
            FileInputStream fileInputStream = new FileInputStream(file);
            try {
                X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(fileInputStream.readAllBytes()));
                fileInputStream.close();
                return x509Certificate;
            } catch (Throwable th) {
                try {
                    fileInputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        }
        if (!file.getName().endsWith(".pem")) {
            throw new IllegalArgumentException("Unsupported certificate format. Only DER and PEM are supported.");
        }
        BufferedReader bufferedReader = new BufferedReader(new FileReader(file));
        try {
            PEMParser pEMParser = new PEMParser(bufferedReader);
            try {
                Object readObject = pEMParser.readObject();
                if (!(readObject instanceof X509Certificate)) {
                    throw new IllegalArgumentException("Invalid PEM file format");
                }
                X509Certificate x509Certificate2 = (X509Certificate) readObject;
                pEMParser.close();
                bufferedReader.close();
                return x509Certificate2;
            } finally {
            }
        } catch (Throwable th3) {
            try {
                bufferedReader.close();
            } catch (Throwable th4) {
                th3.addSuppressed(th4);
            }
            throw th3;
        }
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
