package com.intuit.karate.http.cert;

import com.intuit.karate.Logger;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Date;
import karate.com.linecorp.armeria.internal.shaded.bouncycastle.asn1.x500.X500Name;
import karate.com.linecorp.armeria.internal.shaded.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import karate.com.linecorp.armeria.internal.shaded.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import karate.com.linecorp.armeria.internal.shaded.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import karate.io.netty.buffer.ByteBuf;
import karate.io.netty.buffer.Unpooled;
import karate.io.netty.handler.codec.base64.Base64;
import karate.io.netty.util.CharsetUtil;
import karate.io.netty.util.internal.PlatformDependent;
import karate.io.netty.util.internal.SystemPropertyUtil;
import karate.io.netty.util.internal.ThrowableUtil;

/* loaded from: input_file:com/intuit/karate/http/cert/SelfSignedCertGenerator.class */
public final class SelfSignedCertGenerator {
    private static final String DEFAULT_FQDN = "localhost";
    private static final String ALGORITHM = "RSA";
    private File certificate;
    private File privateKey;
    private X509Certificate cert;
    private PrivateKey key;
    private static final Logger logger = new Logger();
    private static final Provider PROVIDER = Security.getProvider("SUN");
    private static final Date DEFAULT_NOT_BEFORE = new Date(SystemPropertyUtil.getLong("karate.io.netty.selfSignedCertificate.defaultNotBefore", System.currentTimeMillis() - 31536000000L));
    private static final Date DEFAULT_NOT_AFTER = new Date(SystemPropertyUtil.getLong("karate.io.netty.selfSignedCertificate.defaultNotAfter", 253402300799000L));
    private static final int DEFAULT_KEY_LENGTH_BITS = SystemPropertyUtil.getInt("karate.io.netty.handler.ssl.util.selfSignedKeyStrength", 2048);

    public SelfSignedCertGenerator() throws CertificateException {
        SecureRandom current = ThreadLocalInsecureRandom.current();
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ALGORITHM);
            keyPairGenerator.initialize(DEFAULT_KEY_LENGTH_BITS, current);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            try {
                String[] generate = generate(DEFAULT_FQDN, generateKeyPair, current, DEFAULT_NOT_BEFORE, DEFAULT_NOT_AFTER);
                this.certificate = new File(generate[0]);
                this.privateKey = new File(generate[1]);
                this.key = generateKeyPair.getPrivate();
                FileInputStream fileInputStream = null;
                try {
                    try {
                        fileInputStream = new FileInputStream(this.certificate);
                        this.cert = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(fileInputStream);
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                            } catch (IOException e) {
                                logger.warn("Failed to close a file: " + this.certificate, e);
                            }
                        }
                    } catch (Exception e2) {
                        throw new CertificateEncodingException(e2);
                    }
                } catch (Throwable th) {
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException e3) {
                            logger.warn("Failed to close a file: " + this.certificate, e3);
                        }
                    }
                    throw th;
                }
            } catch (Throwable th2) {
                logger.debug("Failed to generate a self-signed X.509 certificate:", th2);
                CertificateException certificateException = new CertificateException("No provider succeeded to generate a self-signed certificate. See debug log for the root cause.", th2);
                ThrowableUtil.addSuppressed(certificateException, th2);
                throw certificateException;
            }
        } catch (NoSuchAlgorithmException e4) {
            throw new Error(e4);
        }
    }

    public File getCertificate() {
        return this.certificate;
    }

    public File getPrivateKey() {
        return this.privateKey;
    }

    private String[] generate(String str, KeyPair keyPair, SecureRandom secureRandom, Date date, Date date2) throws Exception {
        PrivateKey privateKey = keyPair.getPrivate();
        X500Name x500Name = new X500Name("CN=" + str);
        X509Certificate certificate = new JcaX509CertificateConverter().setProvider(PROVIDER).getCertificate(new JcaX509v3CertificateBuilder(x500Name, new BigInteger(64, secureRandom), date, date2, x500Name, keyPair.getPublic()).build(new JcaContentSignerBuilder("SHA256WithRSAEncryption").build(privateKey)));
        certificate.verify(keyPair.getPublic());
        return newSelfSignedCertificate(str, privateKey, certificate);
    }

    /* JADX WARN: Finally extract failed */
    private String[] newSelfSignedCertificate(String str, PrivateKey privateKey, X509Certificate x509Certificate) throws IOException, CertificateEncodingException {
        try {
            ByteBuf encode = Base64.encode(Unpooled.wrappedBuffer(privateKey.getEncoded()), true);
            try {
                String str2 = "-----BEGIN PRIVATE KEY-----\n" + encode.toString(CharsetUtil.US_ASCII) + "\n-----END PRIVATE KEY-----\n";
                encode.release();
                String replaceAll = str.replaceAll("[^\\w.-]", "x");
                File createTempFile = PlatformDependent.createTempFile("keyutil_" + replaceAll + "_", ".key", (File) null);
                createTempFile.deleteOnExit();
                FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
                try {
                    fileOutputStream.write(str2.getBytes(CharsetUtil.US_ASCII));
                    fileOutputStream.close();
                    fileOutputStream = null;
                    if (0 != 0) {
                        safeClose(createTempFile, null);
                        safeDelete(createTempFile);
                    }
                    ByteBuf wrappedBuffer = Unpooled.wrappedBuffer(x509Certificate.getEncoded());
                    try {
                        encode = Base64.encode(wrappedBuffer, true);
                        try {
                            String str3 = "-----BEGIN CERTIFICATE-----\n" + encode.toString(CharsetUtil.US_ASCII) + "\n-----END CERTIFICATE-----\n";
                            encode.release();
                            wrappedBuffer.release();
                            File createTempFile2 = PlatformDependent.createTempFile("keyutil_" + replaceAll + "_", ".crt", (File) null);
                            createTempFile2.deleteOnExit();
                            FileOutputStream fileOutputStream2 = new FileOutputStream(createTempFile2);
                            try {
                                fileOutputStream2.write(str3.getBytes(CharsetUtil.US_ASCII));
                                fileOutputStream2.close();
                                fileOutputStream2 = null;
                                if (0 != 0) {
                                    safeClose(createTempFile2, null);
                                    safeDelete(createTempFile2);
                                    safeDelete(createTempFile);
                                }
                                return new String[]{createTempFile2.getPath(), createTempFile.getPath()};
                            } catch (Throwable th) {
                                if (fileOutputStream2 != null) {
                                    safeClose(createTempFile2, fileOutputStream2);
                                    safeDelete(createTempFile2);
                                    safeDelete(createTempFile);
                                }
                                throw th;
                            }
                        } finally {
                        }
                    } finally {
                        wrappedBuffer.release();
                    }
                } catch (Throwable th2) {
                    if (fileOutputStream != null) {
                        safeClose(createTempFile, fileOutputStream);
                        safeDelete(createTempFile);
                    }
                    throw th2;
                }
            } finally {
            }
        } finally {
        }
    }

    private static void safeDelete(File file) {
        if (file.delete()) {
            return;
        }
        logger.warn("Failed to delete a file: " + file, new Object[0]);
    }

    private static void safeClose(File file, OutputStream outputStream) {
        try {
            outputStream.close();
        } catch (IOException e) {
            logger.warn("Failed to close a file: " + file, e);
        }
    }
}
