package org.eclipse.jetty.keystore;

import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.Date;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.eclipse.jetty.util.security.Password;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/jetty/keystore/KeystoreGenerator.class */
public class KeystoreGenerator {
    private static final Logger LOG = LoggerFactory.getLogger(KeystoreGenerator.class);

    public static File generateTestKeystore(String str, String str2) throws Exception {
        LOG.warn("Generating Test Keystore: DO NOT USE IN PRODUCTION!");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        Instant minus = Instant.now().minus((TemporalAmount) Duration.ofDays(1L));
        Date from = Date.from(minus);
        Date from2 = Date.from(minus.plus((TemporalAmount) Duration.ofDays(365L)));
        BigInteger valueOf = BigInteger.valueOf(new SecureRandom().nextLong());
        X500Name x500Name = new X500Name("C=US,ST=NE,L=Omaha,O=Webtide,OU=Jetty,CN=localhost");
        X509Certificate certificate = new JcaX509CertificateConverter().setProvider(new BouncyCastleProvider()).getCertificate(new JcaX509v3CertificateBuilder(x500Name, valueOf, from, from2, x500Name, generateKeyPair.getPublic()).build(new JcaContentSignerBuilder("SHA256withRSA").build(generateKeyPair.getPrivate())));
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        char[] charArray = new Password(str2).toString().toCharArray();
        keyStore.load(null, charArray);
        keyStore.setKeyEntry("jetty-test-keystore", generateKeyPair.getPrivate(), charArray, new Certificate[]{certificate});
        File file = new File(str);
        file.deleteOnExit();
        File parentFile = file.getAbsoluteFile().getParentFile();
        if (!parentFile.exists() && !parentFile.mkdirs()) {
            throw new IOException("Could not create directory for test keystore file");
        }
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        try {
            keyStore.store(fileOutputStream, charArray);
            fileOutputStream.close();
            return file;
        } catch (Throwable th) {
            try {
                fileOutputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }
}
